str4d
9c65d64012
Merge pull request #209 from str4d/zips-207-208
...
Update protocol spec with ZIPs 207 and 208
2019-03-08 17:59:17 +13:00
Daira Hopwood
ce803ea0b4
Correct generators for BLS12-381.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-24 05:59:14 +00:00
Daira Hopwood
86319cfe89
Address Daira's review comments.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-24 02:06:23 +00:00
Daira Hopwood
5cf59663d9
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-24 02:05:58 +00:00
Jack Grigg
d6ed011d5e
ZIP 207 changes
2019-02-23 19:21:19 +00:00
Jack Grigg
2fc1b8cc9c
ZIP 208 changes
...
Includes additional changes to constants in sections 7.7 and 7.8 which
are needed to compile, and not part of ZIP 208, but will be altered by
ZIP 207.
2019-02-23 19:21:17 +00:00
Daira Hopwood
5097fc7c4e
Add macros and Makefile support for building the Blossom specification.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-22 13:49:08 +00:00
Daira Hopwood
7f435cd37d
Fix a typo in appendix B.2 and clarify the costs of Groth16 batch verification.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-22 13:49:08 +00:00
Daira Hopwood
f3c5ed99e2
Remove the rule that miners SHOULD NOT mine blocks that chain to other blocks with version number > 4.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-22 13:49:08 +00:00
Daira Hopwood
06725e94b9
Correct the rule about when a transaction is permitted to have no transparent inputs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-22 13:34:25 +00:00
Daira Hopwood
95d95bc4c4
Clarify which transaction fields are added by Overwinter and Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-22 13:33:39 +00:00
Daira Hopwood
8e9171d512
Clarify that Equihash is based on a *variation* of the GBP, and cite [AR2017].
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-22 13:17:07 +00:00
Daira Hopwood
c57d51d7a0
More references and corrected description of Groth16.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-22 12:49:22 +00:00
Daira Hopwood
ba949107ab
Correct isis agora lovecruft's name.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-10 03:20:47 +00:00
Daira Hopwood
64c268fdd7
Add Eirik Ogilvie-Wigley and Benjamin Winston to acknowledgements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-09 01:00:03 +00:00
Daira Hopwood
fb9faa3835
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-09 00:37:00 +00:00
Daira Hopwood
0988966fdc
Remaining fixes and clarifications for BCTV14 vulnerability.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-09 00:37:00 +00:00
Daira Hopwood
e17905a0a3
Specify the difficulty adjustment change on testnet.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-09 00:37:00 +00:00
Daira Hopwood
d4a9158323
Say when Sapling activated, and reference ZIP 205.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-09 00:37:00 +00:00
Daira Hopwood
d18edb4abc
Rename zk-SNARK Parameters sections according to the proving system.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-08 22:59:38 +00:00
Daira Hopwood
0d8430799c
Correct [SBB2019] to [SWB2019], and note that the BCTV14 vulnerability affected Soundness.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-05 19:29:31 +00:00
Daira Hopwood
9a7ebd326e
Disclose BCTV14 vulnerability.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-02-05 16:45:09 +00:00
Daira Hopwood
680af418cf
Fill in another constraint cost.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-11-14 02:02:17 +00:00
Daira Hopwood
af17ba2485
Adjust the notation used for scalar multiplication in Appendix A to allow bit sequences as scalars.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-11-14 02:01:59 +00:00
Daira Hopwood
9aba6af281
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-11-14 02:01:01 +00:00
Daira Hopwood
538d1f1eb0
Add a description of the Sapling output circuit.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-11-14 01:05:39 +00:00
Daira Hopwood
79b3d81e42
Complete the description of the Sapling spend circuit.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-11-13 23:15:54 +00:00
Daira Hopwood
5531006f08
Fix or complete various calculations of constraint costs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-11-13 23:11:53 +00:00
Daira Hopwood
7419c0a366
Describe 2-bit window lookup with conditional negation.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-11-13 23:09:34 +00:00
Daira Hopwood
39b498fed9
Remove a todo.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-11-13 22:07:18 +00:00
Daira Hopwood
0835c3837e
Modify the description of fixed-base scalar multiplication to match sapling-crypto.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-11-13 22:06:36 +00:00
Daira Hopwood
2f868aca8d
Add LEBStoIP.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-11-13 22:00:41 +00:00
Daira Hopwood
e24f7cede5
Clarify the description of the Merkle path check in Appendix A.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-24 16:14:28 +01:00
Daira Hopwood
066d424d3a
Correct the input to H⊛ used to derive the nonce r in RedDSA.Sign, from T || M to T || _vk_ || M.
...
This matches the sapling-crypto implementation; the spec was unintentionally changed in 2018.0-beta-20.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-24 16:14:28 +01:00
Daira Hopwood
c04c0542e8
Cosmetics (pagination in Appendix A).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-01 16:44:31 +01:00
Daira Hopwood
bb52ce246c
Clarify notation in the proof of A.3.3.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-01 15:44:11 +01:00
Daira Hopwood
223b8db3a7
Minor tweak to the statement of Theorem A.3.4 to make the contradiction clearer.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-01 11:22:49 +01:00
Daira Hopwood
da7c6fe190
Correct the statement and proof of Theorem A.3.2.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-01 11:21:02 +01:00
Daira Hopwood
25b64382e4
Clarify the notes concerning domain separation of prefixes for MerkleCRH^Sapling and NoteCommit^Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-01 11:00:45 +01:00
Daira Hopwood
2a7002a010
Add the QED-it report to the acknowledgements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-01 10:45:19 +01:00
Daira Hopwood
bc48ebe898
Improved cross-referencing in Pedersen hash section.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-01 10:43:48 +01:00
Daira Hopwood
74c39f073d
Correct a use of \GroupJ that should have been \MontCurve.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-01 10:34:56 +01:00
Daira Hopwood
691922ebd1
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-01 10:27:34 +01:00
Daira Hopwood
dc81e21c2b
Correct uses of LEOS2IP_l in RedDSAVerify and RedDSABatchVerify to ensure l is a multiple of 8.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-01 10:27:34 +01:00
Daira Hopwood
5524822ed5
Correct some uses of r_J that should have been r_S or q.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-01 10:27:34 +01:00
Daira Hopwood
dc41de37f3
Avoid clashing notation. Refer to the Montgomery form of Jubjub as \mathbb{M}.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-10-01 10:27:34 +01:00
Daira Hopwood
3ecbe6b903
The rest for beta-30 (sorry, I have a flight to catch).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-09-02 09:06:22 +01:00
Daira Hopwood
b909f2a482
Add dates to Change History.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-09-02 09:06:22 +01:00
Daira Hopwood
a1f90a56cf
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-09-02 09:06:22 +01:00
Daira Hopwood
bfc9ba5b21
Add security argument about DiversifyHash.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-09-02 09:06:22 +01:00