mirror of https://github.com/zcash/zips.git
Define how to derive diversifiers from Sapling extended keys
This commit is contained in:
parent
efd68a4474
commit
f07b6d2613
13
zip-0032.rst
13
zip-0032.rst
|
@ -177,6 +177,18 @@ CDKfvk((*ak*\ :sub:`par`\ , *nk*\ :sub:`par`\ , *ovk*\ :sub:`par`\ , *dk*\ :sub:
|
|||
- *dk*\ :sub:`i` = truncate\ :sub:`32`\ (PRF\ :sup:`expand`\ (*I*\ :sub:`L`\ , [0x16] || *dk*\ :sub:`par`\ ))
|
||||
- *c*\ :sub:`i` = *I*\ :sub:`R`
|
||||
|
||||
Diversifier derivation
|
||||
----------------------
|
||||
|
||||
The 88-bit diversifiers for a Sapling extended key are derived from its diversifier key *dk*\ :sub:`i`\ . In
|
||||
order to reach the maximum possible diversifier range without running into the birthday bound, we use the PRP
|
||||
defined in [#diversifier-prp]_ as follows:
|
||||
|
||||
- Let *j* be the index of the desired diversifier.
|
||||
- *d*\ :sub:`i,j` = PRP(*dk*\ :sub:`i`\ , I2LEOSP\ :sub:`88`\ (*j*))
|
||||
|
||||
The default diversifier for a Sapling extended key is defined to be *d*\ :sub:`i,0`\ .
|
||||
|
||||
|
||||
Specification: Sprout key derivation
|
||||
====================================
|
||||
|
@ -301,5 +313,6 @@ References
|
|||
.. [#bip-0043] `BIP 43: Purpose Field for Deterministic Wallets <https://github.com/bitcoin/bips/blob/master/bip-0043.mediawiki>`_
|
||||
.. [#bip-0044] `BIP 44: Multi-Account Hierarchy for Deterministic Wallets <https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki>`_
|
||||
.. [#slip-0044] `SLIP 44: Registered coin types for BIP-0044 <https://github.com/satoshilabs/slips/blob/master/slip-0044.md>`_
|
||||
.. [#diversifier-prp] `TODO`_
|
||||
.. [#sapling-spec] `Zcash Protocol Specification, Version 2018.0-beta-20 [Overwinter+Sapling] <https://github.com/zcash/zips/blob/master/protocol/sapling.pdf>`_
|
||||
.. [#sapling-key-components] `Section 4.2.2: Sapling Key Components. Zcash Protocol Specification, Version 2018.0-beta-20 [Overwinter+Sapling] <https://github.com/zcash/zips/blob/master/protocol/sapling.pdf>`_
|
||||
|
|
Loading…
Reference in New Issue