zec
/
zips
mirror of https://github.com/zcash/zips.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,218 Commits 43 Branches 258 Tags 570 MiB
Commit Graph

1218 Commits

Author SHA1 Message Date
Daira Hopwood 8a49de84f6 Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-25 00:32:43 +01:00
Daira Hopwood de065cf344 Update another reference to the Sapling spec version. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-25 00:32:43 +01:00
Daira Hopwood ff5affbc77 Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-25 00:32:43 +01:00
Daira Hopwood f94b9a4c67 Define r_J. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-25 00:32:43 +01:00
Daira Hopwood 1b3ea422fe Reference version 2018.0-beta-21 or later of the Sapling protocol spec. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-25 00:32:43 +01:00
Daira Hopwood 3f2815838e Cosmetic improvements. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-25 00:32:43 +01:00
Jack Grigg da683d31b9 Remove hardening from example public-key HD path 
Hardened derivation is undefined for an extended FVK
 2018-07-25 00:32:43 +01:00
Daira Hopwood 9596aedaa0 ZIP 32: use FF1-AES256 as the PRP. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-25 00:32:43 +01:00
str4d a01dbbbcbc Note that ZIP 32 is consistently little-endian 2018-07-25 00:32:43 +01:00
str4d f07b6d2613 Define how to derive diversifiers from Sapling extended keys 2018-07-25 00:32:43 +01:00
str4d efd68a4474 Define I2LEOSP_l(k) and use it to encode the child key indices 
Note that this means they are encoded in little-endian order, which is the
opposite of BIP 32.
 2018-07-25 00:32:43 +01:00
str4d aa36706f38 Fix usage of LEOS2IP in definition of ToScalar 2018-07-25 00:32:43 +01:00
str4d c73733ae13 Define a diversifier key dk 2018-07-25 00:32:43 +01:00
str4d 4ed0316834 Use byte sequences for constant single-byte inputs to PRF_expand 2018-07-25 00:32:43 +01:00
str4d a5309ed60e Address Daira's comments 2018-07-25 00:32:43 +01:00
str4d 9a87098e0c ZIP 32: Shielded Hierarchical Deterministic Wallets 2018-07-25 00:32:43 +01:00
Daira Hopwood ea61325c25 Regenerate PDFs. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 4d8031f659 Make the Sprout version of the spec say [Sprout] in the version. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood e1ee4e615e Updates to take account that Overwinter has activated. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 89c05c0303 The recommendation for transactions without JoinSplit descriptions to be v1 
applies only before Overwinter, not before Sapling.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 71617341c9 Wording improvements for the effect of upgrades on sighash. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood c2b8ba2052 Rename nuzero macro names to overwinter. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 45f9005714 Add TODO to check whether the circuit sometimes omits curve checks. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood f11a24afc3 Delete or clarify unused optimizations in Appendix A. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 6e4a9455df Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 128a4fc862 Cross-reference PRF^ock for Sapling encryption. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 53e6f29d18 Clarify the selection of ovk in sending Sapling notes. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 699a78e749 Clarify the use of cv^new and cm^new in sending Sapling notes. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood b0b1f60cc2 Reword the conclusion from theorem A.3.4 for precision. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood 0200f63ace Complete the proof of theorem A.3.4. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood dcd929291a Add note about the nonsmall-order check on rk. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Daira Hopwood db3ea270c5 The \difference macro was not used consistently; use \setminus instead. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-07-18 11:20:32 +01:00
Jack Grigg 22338aa775
ZIP 143: Update test vectors to match generator output 2018-07-06 15:08:14 +01:00
Jack Grigg 868b619a2f
ZIP 143: rST bugfixes 2018-07-06 14:41:53 +01:00
Daira Hopwood a633149c5d
Merge pull request #160 from str4d/140-zip-0143-examples 
Add examples from ZIP 143 test vectors
 2018-07-06 02:18:53 +01:00
Daira Hopwood 268f9c8cba Minor fixes to ZIPs 143, 201, 203 and 243. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:58:28 +01:00
Daira Hopwood 45b7cc8047 Regenerate PDFs. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:57:30 +01:00
Daira Hopwood 92eb6c5751 Correct the conformance requirement for fOverwintered. 
This addresses a Least Authority issue.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood f3ba658772 Note which conformance requirements of BIP 173 (Bech32) apply. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood da5909bff5 Improve acknowledgements section. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood 911bc3a9ed Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood 52428befa7 Correct an error in RedDSA.Verify: vk is given, not computed from sk. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood 432e39ee4c Correct the argument that the sum of value commitments is in range. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood 001474760a Corrections related to outgoing viewing keys and ciphertexts. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood 398cc64619 Add section on signature hashing, and a note on malleability of proofs. 
Also describe the changes in sighash computation relative to Bitcoin.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood be632b4a21 P2PKH addresses use a hash of a compressed, not an uncompressed ECDSA key representation. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood d1a6e2809d Say that Sprout interstitial treestates form a tree. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:49 +01:00
Daira Hopwood e083d27e82 Add a consensus rule that valueBalance is in the range {-MAX_MONEY..MAX_MONEY}. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:48 +01:00
Daira Hopwood 4525a1fffd Refine the caveat about the claimed security of shielded transactions. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:48 +01:00
Daira Hopwood 7aa8765dc0 Enforce stronger constraints on the types of pk_d, ak, nk, cv, epk, and rk, and ensure esk is not zero when encrypting. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2018-06-22 22:49:43 +01:00