zec
/
zips
mirror of https://github.com/zcash/zips.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,341 Commits 42 Branches 258 Tags 532 MiB
Commit Graph

758 Commits

Author SHA1 Message Date
Daira Hopwood 7419c0a366 Describe 2-bit window lookup with conditional negation. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-11-13 23:09:34 +00:00
Daira Hopwood 39b498fed9 Remove a todo. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-11-13 22:07:18 +00:00
Daira Hopwood 0835c3837e Modify the description of fixed-base scalar multiplication to match sapling-crypto. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-11-13 22:06:36 +00:00
Daira Hopwood 2f868aca8d Add LEBStoIP. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-11-13 22:00:41 +00:00
Daira Hopwood e24f7cede5 Clarify the description of the Merkle path check in Appendix A. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-24 16:14:28 +01:00
Daira Hopwood 066d424d3a Correct the input to H⊛ used to derive the nonce r in RedDSA.Sign, from T || M to T || _vk_ || M. 
This matches the sapling-crypto implementation; the spec was unintentionally changed in 2018.0-beta-20.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-24 16:14:28 +01:00
Daira Hopwood c04c0542e8 Cosmetics (pagination in Appendix A). 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-01 16:44:31 +01:00
Daira Hopwood bb52ce246c Clarify notation in the proof of A.3.3. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-01 15:44:11 +01:00
Daira Hopwood 223b8db3a7 Minor tweak to the statement of Theorem A.3.4 to make the contradiction clearer. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-01 11:22:49 +01:00
Daira Hopwood da7c6fe190 Correct the statement and proof of Theorem A.3.2. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-01 11:21:02 +01:00
Daira Hopwood 25b64382e4 Clarify the notes concerning domain separation of prefixes for MerkleCRH^Sapling and NoteCommit^Sapling. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-01 11:00:45 +01:00
Daira Hopwood 2a7002a010 Add the QED-it report to the acknowledgements. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-01 10:45:19 +01:00
Daira Hopwood bc48ebe898 Improved cross-referencing in Pedersen hash section. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-01 10:43:48 +01:00
Daira Hopwood 74c39f073d Correct a use of \GroupJ that should have been \MontCurve. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-01 10:34:56 +01:00
Daira Hopwood 691922ebd1 Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-01 10:27:34 +01:00
Daira Hopwood dc81e21c2b Correct uses of LEOS2IP_l in RedDSAVerify and RedDSABatchVerify to ensure l is a multiple of 8. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-01 10:27:34 +01:00
Daira Hopwood 5524822ed5 Correct some uses of r_J that should have been r_S or q. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-01 10:27:34 +01:00
Daira Hopwood dc41de37f3 Avoid clashing notation. Refer to the Montgomery form of Jubjub as \mathbb{M}. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-10-01 10:27:34 +01:00
Noah Vesely ace2fbe622
Add missing 'can' 2018-09-10 16:19:53 -07:00
Daira Hopwood 3ecbe6b903 The rest for beta-30 (sorry, I have a flight to catch). 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-09-02 09:06:22 +01:00
Daira Hopwood b909f2a482 Add dates to Change History. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-09-02 09:06:22 +01:00
Daira Hopwood a1f90a56cf Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-09-02 09:06:22 +01:00
Daira Hopwood bfc9ba5b21 Add security argument about DiversifyHash. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-09-02 09:06:22 +01:00
Daira Hopwood 5361fc591e Cosmetics (pagination in Appendix A). 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-09-02 09:06:22 +01:00
Daira Hopwood 2cf4dfacef Correct the description of the N-ary AND optimization (not used in Sapling): 
a run of N-1 one bits in c yields an N-ary AND.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-09-02 09:06:22 +01:00
Daira Hopwood 3049a53843 Remove a resolved TODO. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-15 15:40:35 +01:00
Daira Hopwood 4d1cb63baf Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-15 15:38:15 +01:00
Daira Hopwood 8364aff29c Change the description of BLAKE2s to correct the constraint count and to describe batched equality checks performed by the sapling-crypto implementation. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-15 15:07:23 +01:00
Daira Hopwood ad0479ac77 Finish the description of range checks in Appendix A. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-15 14:52:50 +01:00
Daira Hopwood 0351335662 Minor corrections to affine Edwards variable-base multiplication in Appendix A. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-14 10:43:05 +01:00
Daira Hopwood 3b16c62958 Finish the Appendix A description of BLAKE2s. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-14 10:41:40 +01:00
Daira Hopwood 10019825e9 Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-12 16:57:38 +01:00
Daira Hopwood 324d634a29 Define "represented subgroup". 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-12 16:57:23 +01:00
Daira Hopwood 36bcc8f3f0 Correct the Change History entry of this version for Sprout. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-12 16:57:07 +01:00
Daira Hopwood 745da1e36d Minor improvement to the type of z_j used in RedDSA batch verification. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-12 16:35:58 +01:00
Daira Hopwood a902df4c5c Correct the description of Groth16 batch verification 
to explicitly take account of how verification depends on primary inputs.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-12 16:35:26 +01:00
Daira Hopwood f90012ce5e Clarify order checking for proof elements. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-12 16:33:03 +01:00
Daira Hopwood 05d72a4b71 Add Charles Rackoff, Rafail Ostrovsky, and Amit Sahai to the acknowledgements. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-12 16:30:21 +01:00
Daira Hopwood 998cb2ff95 Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-12 16:28:59 +01:00
Daira Hopwood 81598de991 Notational changes: 
- Use a superscript (r) to mark the subgroup order, instead of a subscript.
- Use G^{(r)∗} for the set of r_G-order points in G.
(r)
- Mark the subgroup order in pairing groups, e.g. use G_1^{(r)} instead of G_1.
- Make the bit-representation indicator (five-pointed star) an affix instead of a superscript.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-12 16:24:15 +01:00
Daira Hopwood b605fe1061 Cosmetics and minor wording improvements. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-11 21:09:53 +01:00
Daira Hopwood b2f42d987c Macro simplifications. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-11 21:05:19 +01:00
Daira Hopwood ade889eef7 Add an appendix on Groth16 batch verification. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-05 17:30:04 +01:00
Daira Hopwood 2e74200366 Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-05 17:29:44 +01:00
Daira Hopwood 34cf757891 Add the hashes of parameter files for Sapling. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-05 10:06:52 +01:00
Daira Hopwood af90f0c4af Add cross references for RedDSA batch verification appendix. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-05 10:06:26 +01:00
Daira Hopwood 7450495335 Cosmetics: fix a warning about Unicode in headings. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-05 10:03:46 +01:00
Daira Hopwood 996045013e Makefile: name the Sprout version as sprout.pdf and link protocol.pdf to the Sapling verison. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-05 10:02:24 +01:00
Daira Hopwood d5c79e2592 Put the change history back in the correct order (beta-23 and -24 were reversed). 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-08-05 08:54:03 +01:00
Daira Hopwood ff397a6aff Add a missing consensus rule for v4 transactions: if there are no Sapling spends or outputs, valueBalance MUST be 0. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-31 03:47:26 +01:00
Daira Hopwood 2f0c68b616 Add an appendix on RedDSA batch verification. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-27 22:05:29 +01:00
Daira Hopwood 90692541aa Update RedDSA verification to use cofactor multiplication. 
This is necessary in order for the output of batch verification to match unbatched verification in all cases.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-27 22:05:29 +01:00
Daira Hopwood 4d8031f659 Make the Sprout version of the spec say [Sprout] in the version. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood e1ee4e615e Updates to take account that Overwinter has activated. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 89c05c0303 The recommendation for transactions without JoinSplit descriptions to be v1 
applies only before Overwinter, not before Sapling.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 71617341c9 Wording improvements for the effect of upgrades on sighash. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood c2b8ba2052 Rename nuzero macro names to overwinter. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 45f9005714 Add TODO to check whether the circuit sometimes omits curve checks. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood f11a24afc3 Delete or clarify unused optimizations in Appendix A. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 6e4a9455df Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 128a4fc862 Cross-reference PRF^ock for Sapling encryption. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 53e6f29d18 Clarify the selection of ovk in sending Sapling notes. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 699a78e749 Clarify the use of cv^new and cm^new in sending Sapling notes. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood b0b1f60cc2 Reword the conclusion from theorem A.3.4 for precision. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 0200f63ace Complete the proof of theorem A.3.4. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood dcd929291a Add note about the nonsmall-order check on rk. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood db3ea270c5 The \difference macro was not used consistently; use \setminus instead. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 92eb6c5751 Correct the conformance requirement for fOverwintered. 
This addresses a Least Authority issue.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood f3ba658772 Note which conformance requirements of BIP 173 (Bech32) apply. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood da5909bff5 Improve acknowledgements section. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood 911bc3a9ed Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood 52428befa7 Correct an error in RedDSA.Verify: vk is given, not computed from sk. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood 432e39ee4c Correct the argument that the sum of value commitments is in range. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood 001474760a Corrections related to outgoing viewing keys and ciphertexts. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood 398cc64619 Add section on signature hashing, and a note on malleability of proofs. 
Also describe the changes in sighash computation relative to Bitcoin.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood be632b4a21 P2PKH addresses use a hash of a compressed, not an uncompressed ECDSA key representation. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood d1a6e2809d Say that Sprout interstitial treestates form a tree. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood e083d27e82 Add a consensus rule that valueBalance is in the range {-MAX_MONEY..MAX_MONEY}. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:48 +01:00
Daira Hopwood 4525a1fffd Refine the caveat about the claimed security of shielded transactions. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:48 +01:00
Daira Hopwood 7aa8765dc0 Enforce stronger constraints on the types of pk_d, ak, nk, cv, epk, and rk, and ensure esk is not zero when encrypting. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:43 +01:00
Daira Hopwood 0617ca2aae Instantiate PRF^ock, and correct some types. Also enforce that esk is canonical. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:48:25 +01:00
Daira Hopwood eb6a8c7d62 Type changes for cmu in an Output description. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:14:27 +01:00
Daira Hopwood 57f16ea6da Refactoring/type changes for commitment randomness and outputs. 
This also affects the type of Sapling note plaintexts.
Includes potential consensus changes (which *should* match the implementation)!

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:14:16 +01:00
Daira Hopwood cb730f241e Wording, cross-referencing, and minor type improvements. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:11:46 +01:00
Daira Hopwood 8dd6074164 More cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:11:46 +01:00
Daira Hopwood 1f02902d6e Clarify that the square root notation refers to the positive square root. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:11:46 +01:00
Daira Hopwood 8c80decd3b Group Hash and DiversifyHash refactoring. Also fix an error in the definition of set difference. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:11:30 +01:00
Daira Hopwood f480f351b7 Generalize PRF^expand to accept an arbitrary-length input. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:08:45 +01:00
Daira Hopwood 0334dde7a2 Resolve a potential ambiguity in use of the ?: notation by adding parentheses. 
This addresses a Least Authority comment.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:08:45 +01:00
Daira Hopwood a35f4275a1 Clarify the wording of the abstract. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:08:45 +01:00
Daira Hopwood da298474ea Add Jubjub bird image to the title page and cite Carroll references. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:08:45 +01:00
Daira Hopwood 4a144dec07 Change the background for the Overwinter and Sapling spec to white, indicating that it is no longer a draft. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:08:45 +01:00
Daira Hopwood c9f6d7ae07 Change the notation for a multiplication constraint to avoid potential confusion with cartesian product. 
This addresses a Least Authority comment.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:08:45 +01:00
Daira Hopwood 51c84b7556 Cosmetics, mainly spacing. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:08:45 +01:00
Daira Hopwood 8abebf4296 Type corrections and precision improvements. Also add more cross-references. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:08:45 +01:00
Daira Hopwood 4035e4c5e0 Correct a reference. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:08:45 +01:00
Daira Hopwood 11163742b7 Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:08:45 +01:00
Daira Hopwood ce35640ec0 Remove the consensus rule "If nJoinSplit > 0, the transaction MUST NOT use SIGHASH types other than SIGHASH_ALL.", 
which was never implemented.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:08:45 +01:00
Daira Hopwood ae491d4a4b cm in an Output description encodes only the u-coordinate of the note commitment, not the full curve point. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-22 23:28:08 +01:00
Daira Hopwood 48d9fcbc79 Change the notation H^\star to H^\circledast in the description of RedDSA, to avoid confusion with the ^\star convention for representations of group elements. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-22 23:26:20 +01:00
Daira Hopwood 1c61ec5cf9 Correct a reference to RedDSA.RandomizePrivate that was intended to be RedDSA.RandomizePublic. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-22 23:26:20 +01:00
Daira Hopwood 30f4dfc545 Correct an error in the computation of generators for Pedersen hashes. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-22 23:26:20 +01:00
Daira Hopwood 62f0c6a49b Correct the statement about FindGroupHash^J never returning \bot. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-22 23:26:20 +01:00
Daira Hopwood b59e8d45b5 Minor improvements to cross-references. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-22 23:26:20 +01:00
Daira Hopwood d236700a8d Ensure \AuthSignBase (\mathcal{G}) is defined where used. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-22 23:26:13 +01:00
Daira Hopwood df02fcf9ac Make the public key prefix part of the input to the hash function in RedDSA, not part of the message. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-22 23:14:07 +01:00
Daira Hopwood 0517e2dc3a Change terminology describing constraint systems. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-22 23:14:07 +01:00
Daira Hopwood 05094f8641 Correct a type error in RedDSA.Sign. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-22 23:14:07 +01:00
Daira Hopwood 3c0198fb99 Correct a type error in the definition of GroupHash^J. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-22 23:14:06 +01:00
Daira Hopwood 5dce44d0a0 Fix the description of the Sapling balancing value. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-22 23:14:06 +01:00
Daira Hopwood 7b6df9f623 Correct the order of arguments to RedDSA.Randomize{Private,Public}. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-18 21:21:41 +01:00
Daira Hopwood f4facef8c8 Add Michael Dixon and Andrew Poelstra to acknowledgements. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-05-18 21:18:40 +01:00
Daira Hopwood 275aee328b Minor clarifications. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-23 13:28:34 +01:00
Daira Hopwood 76e1213c8b Remove redundant crossref. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-23 03:52:08 +01:00
Daira Hopwood 0481da1724 Minor corrections. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-23 03:43:14 +01:00
Daira Hopwood fdfd9a6760 Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-23 03:43:13 +01:00
Daira Hopwood a7eda35419 Clarify the security argument for balance in \Sapling. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-23 03:43:13 +01:00
Daira Hopwood 06b0a6e79f Correct a subtle problem with the type of the value input to ValueCommit. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-23 03:43:13 +01:00
Daira Hopwood b11064a39c Fix the loss of tightness in the use of PRF^nfSapling by specifying the keyspace more precisely. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-23 03:43:13 +01:00
Daira Hopwood 62429657d0 Be more careful about which notes are normative. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-23 03:43:13 +01:00
Daira Hopwood 1ad35c6a59 Correct type ambiguities for rho in Sapling. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-23 03:43:13 +01:00
Daira Hopwood df2f80f13b Specify the representation of i in group G_2 of BLS-381. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-23 01:42:16 +01:00
Daira Hopwood b5effeea70 Cosmetics (pagination). 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 11:57:38 +01:00
Daira Hopwood f41b95b72f Fix a bug in the definition of DefaultDiversifier. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 11:57:00 +01:00
Daira Hopwood 2e2200a0bc Add \maybe macro. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 11:56:12 +01:00
Daira Hopwood 8ca0f473f5 Type clarification. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 08:19:56 +01:00
Daira Hopwood 80ec1b52ce Clarify the authority obtained by a delegated prover. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 08:19:35 +01:00
Daira Hopwood ab4e2c2f7a [BLS2002] shouldn't be cited only for the Change History in Sprout version of the spec. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 07:37:53 +01:00
Daira Hopwood bf03ab51fc Specify KA^Sapling. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 07:29:14 +01:00
Daira Hopwood 7481181d43 Complete the algorithm for generating dummy Sapling input notes. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 07:29:14 +01:00
Daira Hopwood 8c0e7b85f4 8 -> h_J for Jubjub cofactor. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 07:29:07 +01:00
Daira Hopwood 31578a6f3c bellman uses combined parameter files. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 07:28:03 +01:00
Daira Hopwood 4dfdfd74d4 Corrections and clarifications. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 07:27:55 +01:00
Daira Hopwood b086930d5a Add references for BLS and BN curves. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 07:25:15 +01:00
Daira Hopwood 34714e064c Add DefaultDiversifier. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 07:25:15 +01:00
Daira Hopwood 741fb7a4be Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 07:25:15 +01:00
Daira Hopwood 60a43d3894 Acknowledge Brian Warner, Mary Maller, and Least Authority. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 07:25:14 +01:00
Daira Hopwood 65c6bef43a OutputIndex is no longer needed. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-21 07:25:14 +01:00
Daira Hopwood b447deaac8 Correct an error in the specifications of the G1/2 generators. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-20 04:44:16 +01:00
Daira Hopwood 95193a22df Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-20 04:44:16 +01:00
Daira Hopwood 25ed3f0043 Overwinter consensus cleanups. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-20 04:23:20 +01:00
Daira Hopwood 5b54c35a41 Add Sprout block chain scanning algorithm. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-20 04:23:20 +01:00
Daira Hopwood 6a5e901530 Add circuit constraint section on conditional equality. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-20 04:23:20 +01:00
Daira Hopwood 633ca00f25 Specify the randomness beacon. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-20 04:23:20 +01:00
Daira Hopwood 3909fe6897 Specify support for BIP 111 (NODE_BLOOM service bit). 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-20 04:23:20 +01:00
Daira Hopwood 49ab63e322 Correct explanation of commitments in overview to apply to Sapling. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-20 04:23:20 +01:00
Daira Hopwood 9cfe4b9243 Move the section on Sprout dummy notes. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-20 04:23:20 +01:00
Daira Hopwood 69762401ec Caveat the claim about note traceability set in the overview. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-20 04:23:20 +01:00
Daira Hopwood fa9bd00e49 Explicitly note that outputs from coinbase transactions include Founders' Reward outputs. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-20 04:22:06 +01:00
Daira Hopwood 36cfb95cec Sprout only -> Pre-Sapling. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-04-20 04:22:06 +01:00