Daira Hopwood
81598de991
Notational changes:
...
- Use a superscript (r) to mark the subgroup order, instead of a subscript.
- Use G^{(r)∗} for the set of r_G-order points in G.
(r)
- Mark the subgroup order in pairing groups, e.g. use G_1^{(r)} instead of G_1.
- Make the bit-representation indicator (five-pointed star) an affix instead of a superscript.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-12 16:24:15 +01:00
Daira Hopwood
b605fe1061
Cosmetics and minor wording improvements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-11 21:09:53 +01:00
Daira Hopwood
b2f42d987c
Macro simplifications.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-11 21:05:19 +01:00
Daira Hopwood
0a1a01513f
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 17:31:42 +01:00
Daira Hopwood
ade889eef7
Add an appendix on Groth16 batch verification.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 17:30:04 +01:00
Daira Hopwood
2e74200366
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 17:29:44 +01:00
Daira Hopwood
ef1cee8dcf
Regenerate PDFs. Also fix a Makefile problem: protocol.pdf can't be a symlink
...
because GitHub doesn't follow symlinks, so links to protocol.pdf would break.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 16:05:40 +01:00
Daira Hopwood
34cf757891
Add the hashes of parameter files for Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 10:06:52 +01:00
Daira Hopwood
af90f0c4af
Add cross references for RedDSA batch verification appendix.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 10:06:26 +01:00
Daira Hopwood
7450495335
Cosmetics: fix a warning about Unicode in headings.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 10:03:46 +01:00
Daira Hopwood
996045013e
Makefile: name the Sprout version as sprout.pdf and link protocol.pdf to the Sapling verison.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 10:02:24 +01:00
Daira Hopwood
d5c79e2592
Put the change history back in the correct order (beta-23 and -24 were reversed).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 08:54:03 +01:00
Daira Hopwood
ff397a6aff
Add a missing consensus rule for v4 transactions: if there are no Sapling spends or outputs, valueBalance MUST be 0.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-31 03:47:26 +01:00
Daira Hopwood
854f6eddcc
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-27 22:05:29 +01:00
Daira Hopwood
2f0c68b616
Add an appendix on RedDSA batch verification.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-27 22:05:29 +01:00
Daira Hopwood
90692541aa
Update RedDSA verification to use cofactor multiplication.
...
This is necessary in order for the output of batch verification to match unbatched verification in all cases.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-27 22:05:29 +01:00
Daira Hopwood
ea61325c25
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
4d8031f659
Make the Sprout version of the spec say [Sprout] in the version.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
e1ee4e615e
Updates to take account that Overwinter has activated.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
89c05c0303
The recommendation for transactions without JoinSplit descriptions to be v1
...
applies only before Overwinter, not before Sapling.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
71617341c9
Wording improvements for the effect of upgrades on sighash.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
c2b8ba2052
Rename nuzero macro names to overwinter.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
45f9005714
Add TODO to check whether the circuit sometimes omits curve checks.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
f11a24afc3
Delete or clarify unused optimizations in Appendix A.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
6e4a9455df
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
128a4fc862
Cross-reference PRF^ock for Sapling encryption.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
53e6f29d18
Clarify the selection of ovk in sending Sapling notes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
699a78e749
Clarify the use of cv^new and cm^new in sending Sapling notes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
b0b1f60cc2
Reword the conclusion from theorem A.3.4 for precision.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
0200f63ace
Complete the proof of theorem A.3.4.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
dcd929291a
Add note about the nonsmall-order check on rk.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
db3ea270c5
The \difference macro was not used consistently; use \setminus instead.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-18 11:20:32 +01:00
Daira Hopwood
45b7cc8047
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:57:30 +01:00
Daira Hopwood
92eb6c5751
Correct the conformance requirement for fOverwintered.
...
This addresses a Least Authority issue.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:49 +01:00
Daira Hopwood
f3ba658772
Note which conformance requirements of BIP 173 (Bech32) apply.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:49 +01:00
Daira Hopwood
da5909bff5
Improve acknowledgements section.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:49 +01:00
Daira Hopwood
911bc3a9ed
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:49 +01:00
Daira Hopwood
52428befa7
Correct an error in RedDSA.Verify: vk is given, not computed from sk.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:49 +01:00
Daira Hopwood
432e39ee4c
Correct the argument that the sum of value commitments is in range.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:49 +01:00
Daira Hopwood
001474760a
Corrections related to outgoing viewing keys and ciphertexts.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:49 +01:00
Daira Hopwood
398cc64619
Add section on signature hashing, and a note on malleability of proofs.
...
Also describe the changes in sighash computation relative to Bitcoin.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:49 +01:00
Daira Hopwood
be632b4a21
P2PKH addresses use a hash of a compressed, not an uncompressed ECDSA key representation.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:49 +01:00
Daira Hopwood
d1a6e2809d
Say that Sprout interstitial treestates form a tree.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:49 +01:00
Daira Hopwood
e083d27e82
Add a consensus rule that valueBalance is in the range {-MAX_MONEY..MAX_MONEY}.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:48 +01:00
Daira Hopwood
4525a1fffd
Refine the caveat about the claimed security of shielded transactions.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:48 +01:00
Daira Hopwood
7aa8765dc0
Enforce stronger constraints on the types of pk_d, ak, nk, cv, epk, and rk, and ensure esk is not zero when encrypting.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:49:43 +01:00
Daira Hopwood
0617ca2aae
Instantiate PRF^ock, and correct some types. Also enforce that esk is canonical.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:48:25 +01:00
Daira Hopwood
eb6a8c7d62
Type changes for cmu in an Output description.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:14:27 +01:00
Daira Hopwood
57f16ea6da
Refactoring/type changes for commitment randomness and outputs.
...
This also affects the type of Sapling note plaintexts.
Includes potential consensus changes (which *should* match the implementation)!
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:14:16 +01:00
Daira Hopwood
cb730f241e
Wording, cross-referencing, and minor type improvements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:11:46 +01:00
Daira Hopwood
8dd6074164
More cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:11:46 +01:00
Daira Hopwood
1f02902d6e
Clarify that the square root notation refers to the positive square root.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:11:46 +01:00
Daira Hopwood
8c80decd3b
Group Hash and DiversifyHash refactoring. Also fix an error in the definition of set difference.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:11:30 +01:00
Daira Hopwood
f480f351b7
Generalize PRF^expand to accept an arbitrary-length input.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
0334dde7a2
Resolve a potential ambiguity in use of the ?: notation by adding parentheses.
...
This addresses a Least Authority comment.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
a35f4275a1
Clarify the wording of the abstract.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
da298474ea
Add Jubjub bird image to the title page and cite Carroll references.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
4a144dec07
Change the background for the Overwinter and Sapling spec to white, indicating that it is no longer a draft.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
c9f6d7ae07
Change the notation for a multiplication constraint to avoid potential confusion with cartesian product.
...
This addresses a Least Authority comment.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
51c84b7556
Cosmetics, mainly spacing.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
6199179685
Bibliography cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
8abebf4296
Type corrections and precision improvements. Also add more cross-references.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
4035e4c5e0
Correct a reference.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
11163742b7
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
ce35640ec0
Remove the consensus rule "If nJoinSplit > 0, the transaction MUST NOT use SIGHASH types other than SIGHASH_ALL.",
...
which was never implemented.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
32b696b875
Makefile refinements (have LaTeX halt immediately on error).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-06-22 22:08:45 +01:00
Daira Hopwood
948c910987
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:30:47 +01:00
Daira Hopwood
ae491d4a4b
cm in an Output description encodes only the u-coordinate of the note commitment, not the full curve point.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:28:08 +01:00
Daira Hopwood
48d9fcbc79
Change the notation H^\star to H^\circledast in the description of RedDSA, to avoid confusion with the ^\star convention for representations of group elements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:26:20 +01:00
Daira Hopwood
1c61ec5cf9
Correct a reference to RedDSA.RandomizePrivate that was intended to be RedDSA.RandomizePublic.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:26:20 +01:00
Daira Hopwood
30f4dfc545
Correct an error in the computation of generators for Pedersen hashes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:26:20 +01:00
Daira Hopwood
62f0c6a49b
Correct the statement about FindGroupHash^J never returning \bot.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:26:20 +01:00
Daira Hopwood
b59e8d45b5
Minor improvements to cross-references.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:26:20 +01:00
Daira Hopwood
d236700a8d
Ensure \AuthSignBase (\mathcal{G}) is defined where used.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:26:13 +01:00
Daira Hopwood
df02fcf9ac
Make the public key prefix part of the input to the hash function in RedDSA, not part of the message.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:14:07 +01:00
Daira Hopwood
0517e2dc3a
Change terminology describing constraint systems.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:14:07 +01:00
Daira Hopwood
05094f8641
Correct a type error in RedDSA.Sign.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:14:07 +01:00
Daira Hopwood
3c0198fb99
Correct a type error in the definition of GroupHash^J.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:14:06 +01:00
Daira Hopwood
5dce44d0a0
Fix the description of the Sapling balancing value.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-22 23:14:06 +01:00
Daira Hopwood
7b6df9f623
Correct the order of arguments to RedDSA.Randomize{Private,Public}.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-18 21:21:41 +01:00
Daira Hopwood
f4facef8c8
Add Michael Dixon and Andrew Poelstra to acknowledgements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-05-18 21:18:40 +01:00
Daira Hopwood
7e0b51011a
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-23 13:30:20 +01:00
Daira Hopwood
275aee328b
Minor clarifications.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-23 13:28:34 +01:00
Daira Hopwood
b6bf914478
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-23 03:54:04 +01:00
Daira Hopwood
76e1213c8b
Remove redundant crossref.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-23 03:52:08 +01:00
Daira Hopwood
0481da1724
Minor corrections.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-23 03:43:14 +01:00
Daira Hopwood
fdfd9a6760
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-23 03:43:13 +01:00
Daira Hopwood
a7eda35419
Clarify the security argument for balance in \Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-23 03:43:13 +01:00
Daira Hopwood
06b0a6e79f
Correct a subtle problem with the type of the value input to ValueCommit.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-23 03:43:13 +01:00
Daira Hopwood
b11064a39c
Fix the loss of tightness in the use of PRF^nfSapling by specifying the keyspace more precisely.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-23 03:43:13 +01:00
Daira Hopwood
62429657d0
Be more careful about which notes are normative.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-23 03:43:13 +01:00
Daira Hopwood
1ad35c6a59
Correct type ambiguities for rho in Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-23 03:43:13 +01:00
Daira Hopwood
df2f80f13b
Specify the representation of i in group G_2 of BLS-381.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-23 01:42:16 +01:00
Daira Hopwood
8f445e4309
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 12:00:33 +01:00
Daira Hopwood
b5effeea70
Cosmetics (pagination).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 11:57:38 +01:00
Daira Hopwood
f41b95b72f
Fix a bug in the definition of DefaultDiversifier.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 11:57:00 +01:00
Daira Hopwood
2e2200a0bc
Add \maybe macro.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 11:56:12 +01:00
Daira Hopwood
97b3a9be51
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 08:21:46 +01:00
Daira Hopwood
8ca0f473f5
Type clarification.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 08:19:56 +01:00
Daira Hopwood
80ec1b52ce
Clarify the authority obtained by a delegated prover.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 08:19:35 +01:00
Daira Hopwood
ab4e2c2f7a
[BLS2002] shouldn't be cited only for the Change History in Sprout version of the spec.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 07:37:53 +01:00
Daira Hopwood
bf03ab51fc
Specify KA^Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 07:29:14 +01:00
Daira Hopwood
7481181d43
Complete the algorithm for generating dummy Sapling input notes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 07:29:14 +01:00
Daira Hopwood
8c0e7b85f4
8 -> h_J for Jubjub cofactor.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 07:29:07 +01:00
Daira Hopwood
31578a6f3c
bellman uses combined parameter files.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 07:28:03 +01:00
Daira Hopwood
4dfdfd74d4
Corrections and clarifications.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 07:27:55 +01:00
Daira Hopwood
b086930d5a
Add references for BLS and BN curves.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 07:25:15 +01:00
Daira Hopwood
34714e064c
Add DefaultDiversifier.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 07:25:15 +01:00
Daira Hopwood
741fb7a4be
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 07:25:15 +01:00
Daira Hopwood
60a43d3894
Acknowledge Brian Warner, Mary Maller, and Least Authority.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 07:25:14 +01:00
Daira Hopwood
65c6bef43a
OutputIndex is no longer needed.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-21 07:25:14 +01:00
Daira Hopwood
b447deaac8
Correct an error in the specifications of the G1/2 generators.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:44:16 +01:00
Daira Hopwood
95193a22df
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:44:16 +01:00
Daira Hopwood
25ed3f0043
Overwinter consensus cleanups.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:23:20 +01:00
Daira Hopwood
5b54c35a41
Add Sprout block chain scanning algorithm.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:23:20 +01:00
Daira Hopwood
6a5e901530
Add circuit constraint section on conditional equality.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:23:20 +01:00
Daira Hopwood
633ca00f25
Specify the randomness beacon.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:23:20 +01:00
Daira Hopwood
3909fe6897
Specify support for BIP 111 (NODE_BLOOM service bit).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:23:20 +01:00
Daira Hopwood
49ab63e322
Correct explanation of commitments in overview to apply to Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:23:20 +01:00
Daira Hopwood
9cfe4b9243
Move the section on Sprout dummy notes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:23:20 +01:00
Daira Hopwood
69762401ec
Caveat the claim about note traceability set in the overview.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:23:20 +01:00
Daira Hopwood
fa9bd00e49
Explicitly note that outputs from coinbase transactions include Founders' Reward outputs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:22:06 +01:00
Daira Hopwood
36cfb95cec
Sprout only -> Pre-Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:22:06 +01:00
Daira Hopwood
1a383e60f7
Sapling consensus changes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:22:06 +01:00
Daira Hopwood
6e6704411d
Curve25519 -> \KASproutCurve; Ed25519 clarifications.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-20 04:19:28 +01:00
Daira Hopwood
7234e33f21
References for optimal ate pairings.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-19 18:53:52 +01:00
Daira Hopwood
07221bc89c
Change citation keys to abbreviate fewer author names; other minor bibliography fixes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-19 18:49:29 +01:00
Daira Hopwood
2bb48c67eb
Cosmetics and minor corrections.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-19 18:03:52 +01:00
Daira Hopwood
34181a7701
Refactor signature definitions and add public-to-private key homomorphism abstraction.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-12 22:26:09 +01:00
Daira Hopwood
1fe6f0a0b1
Make the Description columns of tables ragged-right.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-11 07:46:34 +01:00
Daira Hopwood
052188d218
Move some of the LaTeX hacks around to put potentially document-independent stuff first.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-11 07:41:02 +01:00
Daira Hopwood
cda5339eba
Correct an error in the Montgomery addition formulae (the constraints were correct).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-10 21:48:35 +01:00
Daira Hopwood
2109a721e6
Cosmetics and trivial corrections.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-10 21:46:19 +01:00
Daira Hopwood
9d18ef7fe8
Bibliography cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-07 18:57:50 +01:00
Daira Hopwood
b95eaf6889
Makefile improvements to ensure optimized PDFs are only written once.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-05 16:07:36 +01:00
Daira Hopwood
a5408376bd
Tweaks to pdfsizeopt options.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-05 16:07:36 +01:00
Daira Hopwood
cfa437b3e8
Tweaks to HTML generation options and documentation.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-05 16:07:36 +01:00
Daira Hopwood
c3fae92bb4
Support for building size-optimized PDFs, and other Makefile and README improvements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-04-05 16:07:36 +01:00
Daira Hopwood
0ce9a44e66
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-19 00:03:39 +00:00
Daira Hopwood
40ec72bb46
Add specification of Output statement.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-19 00:01:25 +00:00
Daira Hopwood
d029d67779
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 23:57:09 +00:00
Daira Hopwood
fc71b29163
Minor clarifications.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 23:54:36 +00:00
Daira Hopwood
bffc16b0ee
Updates to transaction format and consensus rules for Overwinter and Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 22:02:42 +00:00
Daira Hopwood
a6245e3f68
Clarify conversions between bit and byte sequences.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 21:45:27 +00:00
Daira Hopwood
9498de38f9
Updates to Sapling construction, changing how the nullifier is computed and separating it from the randomized spend verifying key (rk).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 21:43:57 +00:00
Daira Hopwood
9d96abe629
Change MerkleDepth^Sapling from 29 to 32. Fixes #143
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 21:00:17 +00:00
Daira Hopwood
d63c0f5f0f
Clarify bit ordering of SHA-256 and SHA256Compress.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 21:00:17 +00:00
Daira Hopwood
5cac8e9b6a
The first rule of Fork Club is: We don't talk about "forks".
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 21:00:17 +00:00
Daira Hopwood
108fa4daa0
Add DiversifyHash, and change the type of diversifiers to a bit sequence.
...
Fix the generation of diversified addresses to repeatedly try diversifiers.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 21:00:17 +00:00
Daira Hopwood
752156da97
Minor corrections and improvements; add missing notation definitions.
...
Remove things from Sprout spec that shouldn't be there.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 21:00:17 +00:00
Daira Hopwood
a8052562e4
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 21:00:16 +00:00
Daira Hopwood
b19733320c
Replace \nstrut hack (for consistent spacing in table of contents) with a better, less intrusive hack.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 21:00:16 +00:00
Daira Hopwood
6995ada467
Makefile improvements to avoid a reload for each run of pdflatex (and occasional hangs due to a partially written PDF), in PDF readers that monitor files.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-18 21:00:16 +00:00
Daira Hopwood
58fe013949
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 21:46:11 +00:00
Daira Hopwood
aeab72d534
Update Change History.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 21:36:55 +00:00
Daira Hopwood
2fa37c1f1f
Improve security definitions for signatures.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 21:31:33 +00:00
Daira Hopwood
cd930a18be
Clean up diversification.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 21:31:18 +00:00
Daira Hopwood
de01f6ed18
Various minor improvements and cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 21:29:49 +00:00
Daira Hopwood
877ce30283
Simplify FindGroupHash to use a single-byte index.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 21:22:53 +00:00
Daira Hopwood
b44beb7141
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 17:44:17 +00:00
Daira Hopwood
38b460aa6f
Appendix A updates:
...
* categorize components into larger sections
* fill in the [de]compression and validation algorithm
* more precisely state the assumptions for inputs and outputs
* delete not-all-one component which is no longer needed
* factor out xor into its own component
* specify [un]packing more precisely; separate it from boolean constraints
* optimize checking for non-small order
* notation in variable-base multiplication algorithm.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 17:42:49 +00:00
Daira Hopwood
1b1acc05d7
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 17:27:43 +00:00
Daira Hopwood
4443e647ec
fixup
2018-03-11 17:09:42 +00:00
Daira Hopwood
618e6ebf37
Change Uncommitted^Sapling to be a u-coordinate for which there is no point on the curve.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 17:09:32 +00:00
Daira Hopwood
f55ad120ff
Minor corrections and improvements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 14:02:22 +00:00
Daira Hopwood
7cde004f83
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 14:00:00 +00:00
Daira Hopwood
96cfbe9232
Cosmetics: use 'Of' macros.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 12:49:42 +00:00
Daira Hopwood
03918a759c
Don't use cofactor multiplication in derivation of nf.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 12:49:42 +00:00
Daira Hopwood
757cc5b7b4
negligible -> insignificant. refs #92
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 12:49:42 +00:00
Daira Hopwood
87efd20a9c
Change PRF^nr to produce computationally uniform output.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 12:49:42 +00:00
Daira Hopwood
82d794060d
Change how (ask, rsk) are derived from sk.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-11 12:49:42 +00:00
Daira Hopwood
963987d5cd
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-10 21:06:47 +00:00
Daira Hopwood
678ec1043f
Bitbox cosmetics (use \strut to ensure consistent vertical alignment).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-10 21:00:27 +00:00
Daira Hopwood
ebd2a5964e
Macro refactoring.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-10 20:47:34 +00:00
Daira Hopwood
76f3b1d0fd
Add comments at closing braces saying which construct is being closed.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-10 04:11:23 +00:00
Daira Hopwood
2924ff85e1
Add space between bibliography entries.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-10 04:03:29 +00:00
Daira Hopwood
cda5cd5c7b
Use less distracting colours for hyperlinks.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-10 04:03:08 +00:00
Daira Hopwood
f27f528724
Update PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
19cd38b782
Update Change History for 2018.0-beta-12.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
cf0c5a47e6
Update Merkle hashes, add unused layer argument to MerkleHash^Sprout.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
39780602bf
WIP on Sapling statements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
a6b342f22e
Additions to Appendix A: packing modulo the field size, and range checks.
...
Also update some notes.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
b198e08388
Rename "raw" to "homomorphic" Pedersen commitments
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
77ee3b4fc4
Update algorithm for variable-base scalar multiplication to what is
...
implemented in sapling-crypto.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
34bae57edb
Add definition of PRF^nr.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
79c5c67906
Add re-randomizable signature section.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
e6c507c995
Cosmetic bibliography changes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
bb79519d1b
Add Overwinter ZIPs and update section on Overwinter/Sapling transitions.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
e21a090af8
Add references [FKMSSS2016] and [CDG1987].
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
63843cf2d3
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-03-06 23:09:15 +00:00
Daira Hopwood
7c3e4a765e
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-26 11:50:00 +00:00
Daira Hopwood
2b2238b0b5
Minor improvements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-26 11:44:33 +00:00
Daira Hopwood
8d9b9a00b8
Fix range of ivk.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-26 11:44:01 +00:00
Daira Hopwood
9f67a5d977
Cosmetics and trivial fixes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-26 11:42:52 +00:00
Daira Hopwood
625d35fce7
Add sections on Spend and Output descriptions.
...
Swap order of cv and rt in a Spend description for consistency.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-26 11:41:15 +00:00
Daira Hopwood
c16011243b
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-26 09:45:44 +00:00
Daira Hopwood
977d881064
Work in progress.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-26 09:44:19 +00:00
Daira Hopwood
a626f28117
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-24 03:15:09 +00:00
Daira Hopwood
59331fca67
SHA fixup
2018-02-24 02:08:14 +00:00
Daira Hopwood
bf9bd313a2
Add BLAKE2 section.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-24 02:05:09 +00:00
Daira Hopwood
9ee098adda
Add SHA-256 section; clarify the definition of SHA256Compress.
...
Rename SHA-256 and hash-box macros.
fixes #100
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-24 01:56:32 +00:00
Daira Hopwood
e1ac22992d
Add fact[s] macros.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-14 08:04:45 +00:00
Daira Hopwood
518c7da42d
Add a macro for cross-referencing theorems.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-14 08:02:10 +00:00
Daira Hopwood
efd8551ddf
Fill in Appendix A description of Pedersen hashes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-12 13:21:21 +00:00
Daira Hopwood
ce5b24f72f
WIP for commitments in Appendix A.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-12 13:21:21 +00:00
Daira Hopwood
99ad9689e9
Generalize Pedersen hash spec to make chunks per segment variable.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-12 13:21:21 +00:00
Daira Hopwood
0325aa2fd6
Generalize the distinct-x proof to allow negative indices.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-12 13:21:21 +00:00
Daira Hopwood
25fd603a7e
Notation.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-12 13:16:36 +00:00
Daira Hopwood
eefd9052d6
Nicer notation for selection of u and v.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-12 13:16:36 +00:00
Daira Hopwood
50720eadb6
Change hex integers to mathtt font (to enable length comparison).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-12 13:16:36 +00:00
Daira Hopwood
d1ead6560d
Correct an error in the Pedersen hash specification.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-12 13:16:36 +00:00
Daira Hopwood
a5759a0c04
PRF^nr must be collision-resistant.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-12 13:16:36 +00:00
Daira Hopwood
002983854a
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-10 11:32:08 +00:00
Daira Hopwood
04aa3a5350
Bibliography cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-10 11:30:52 +00:00
Daira Hopwood
28c67daf9a
Specify GroupHash and Pedersen hashes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-10 11:30:37 +00:00
Daira Hopwood
a871fc52d3
Specify coinbase constraints. fixes #81
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-08 22:24:14 +00:00
Daira Hopwood
ce66c0e31b
Lifting the 100000-byte transaction size limit is likely to be delayed to Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-08 22:23:02 +00:00
Daira Hopwood
258110f4e1
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-08 01:25:15 +00:00
Daira Hopwood
1a230efc6a
Stub for instantiation of group hash for Jubjub.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-08 01:23:26 +00:00
Daira Hopwood
02482b695a
Add note about endianness of repr_J.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-08 01:23:26 +00:00
Daira Hopwood
39bb59e4d0
Add instantiation of hash extractor for Jubjub.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-08 01:23:18 +00:00
Daira Hopwood
0dcb3d5bc8
Make the background lighter and the Sapling green darker.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-08 01:22:02 +00:00
Daira Hopwood
b9654c2823
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 15:47:05 +00:00
Daira Hopwood
8f647e0f08
Add instantiation of CRHivk.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 15:45:58 +00:00
Daira Hopwood
a91c06aa7f
Regenerate PDFs, and the PNG of the Merkle tree.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 12:07:15 +00:00
Daira Hopwood
4d245b4c4c
Remove stray Sprouts in the pre-Sprout spec.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 12:04:10 +00:00
Daira Hopwood
3f8b1c31a7
libsnark has moved in-tree.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 11:56:47 +00:00
Daira Hopwood
d82c9cf44c
Sapling work-in-progress.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 11:56:47 +00:00
Daira Hopwood
d3eeb28deb
Add PRG section and reference security definitions for PRFs and PRGs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 11:56:47 +00:00
Daira Hopwood
de60c26bb9
Specify that 0xF6 followed by zeros encodes an empty memo.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 11:56:47 +00:00
Daira Hopwood
a11f8a5fe0
Specify the 100000-byte transaction size limit (pre-Overwinter).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 11:56:47 +00:00
Daira Hopwood
137121cf30
Terminology and notation changes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 11:56:47 +00:00
Daira Hopwood
d4cf9d501e
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 11:56:47 +00:00
Daira Hopwood
d214aee5f3
More macros!
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 10:21:25 +00:00
Daira Hopwood
1f64dcd31e
LaTeX cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-02-07 10:02:05 +00:00
Daira Hopwood
0a528207c6
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-31 01:00:14 +00:00
Daira Hopwood
ef68ba8681
Sapling WIP.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-31 00:58:58 +00:00
Daira Hopwood
f3d210742e
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-31 00:52:59 +00:00
Daira Hopwood
f361159dfe
Make $v$ more distinguishable from $u$.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-31 00:48:43 +00:00
Daira Hopwood
0f27fcb181
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-30 00:43:39 +00:00
Daira Hopwood
8356e7b3b0
Specify more precisely the requirements on Ed25519 public keys and signatures.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-30 00:42:35 +00:00
Daira Hopwood
488195b804
Sapling work in progress.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-29 23:08:08 +00:00
Daira Hopwood
ca27322269
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-25 20:22:23 +00:00
Daira Hopwood
b7f565ce9e
Add history entry.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-25 20:20:53 +00:00
Daira Hopwood
893bfa3c16
Add Makefile targets for building without latexmk.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-25 20:14:28 +00:00
Daira Hopwood
44b370013f
Add details about Sapling payment addresses and keys.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-25 11:16:21 +00:00
Daira Hopwood
68bba3c692
Add latexmk to dependencies.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-25 10:34:33 +00:00
Daira Hopwood
9cf85c87c3
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-22 18:25:37 +00:00
Daira Hopwood
91056b0736
Sapling WIP.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-01-22 18:24:16 +00:00
Daira Hopwood
d4e2da7dfc
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-17 00:46:30 +00:00
Daira Hopwood
fad74d8574
Refer to NU0 as Overwinter.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-17 00:40:39 +00:00
Daira Hopwood
a04949caf3
Put zk-SNARK statements in a subsection to prepare for Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-17 00:40:38 +00:00
Daira Hopwood
8f3da545ea
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-17 00:40:38 +00:00
Daira Hopwood
179752ae57
Update viewing key encoding.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-17 00:10:09 +00:00
Daira Hopwood
2b883b7182
Terminology change: incoming viewing keys.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-17 00:08:57 +00:00
Daira Hopwood
afc82502b5
Specify that sk_enc MUST be clamped in a viewing key encoding.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-16 23:40:34 +00:00
Daira Hopwood
cfe4d4bd09
Remove "key tuple" abstraction.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-16 23:40:34 +00:00
Daira Hopwood
f565d642b4
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-16 23:40:34 +00:00
Daira Hopwood
497f295c72
Add an encoding format for viewing keys.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-16 23:40:34 +00:00
Daira Hopwood
fb456b8a38
Separate viewing keys (a_pk, sk_enc) from receiving keys sk_enc.
...
Also fix a minor error in the specification of note decryption.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-16 23:40:34 +00:00
Daira Hopwood
8a36de79df
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-02 02:11:41 +00:00
Daira Hopwood
f330c9e59b
Work in progress for Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-02 02:04:39 +00:00
Daira Hopwood
44e989f741
Add NU0 to Sapling version of spec.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-02 02:03:23 +00:00
Daira Hopwood
1b394b58fa
Add Groth16 proving system, and split Sprout and Sapling statements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-02 02:00:10 +00:00
Daira Hopwood
50cda40f7b
HTML generation.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-02 01:39:17 +00:00
Daira Hopwood
4a94c063c4
Generalization needed for Sapling: represented groups and pairings.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-12-02 01:03:17 +00:00
Daira Hopwood
2d80ec90d3
Support for subsubsubsections.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-08-03 16:07:05 +01:00
Daira Hopwood
6241003d1b
Bibliography tweaks.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-08-03 16:05:29 +01:00
Daira Hopwood
e73c7c04fd
Refine macros for Sapling version of spec.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-08-03 15:58:28 +01:00
Daira Hopwood
b1113c131c
zcash.bib: use Unicode.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-08-03 15:58:12 +01:00
Daira Hopwood
83618bd71b
Makefile changes to support latexmk and building sapling.pdf.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-07-26 11:38:26 +01:00
Daira Hopwood
2608958c59
Add Makefile/macro support for producing the Sapling version of the spec.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-07-11 07:58:57 +01:00
Daira Hopwood
fc73e03c12
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-07-10 05:38:35 +01:00
Daira Hopwood
c4d9a90ea9
Fix an off-by-one error in the specification of the Equihash algorithm binding condition.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-07-10 05:36:52 +01:00
Daira Hopwood
215aca1c15
Correct the types and consensus rules for tx and block version numbers.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-07-10 05:35:56 +01:00
Daira Hopwood
a197958131
Clarify the computation of h_i in a JoinSplit statement.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-07-09 22:13:20 +01:00
Daira Hopwood
93a8881f9b
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-05-11 07:46:23 +01:00
Daira Hopwood
0e6e7327f8
The error concerning nTime in the Bitcoin Developer Reference has been corrected.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-05-09 01:24:30 +01:00
Daira Hopwood
eb7970142f
Be more precise when talking about curve points and pairing groups.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-05-09 01:23:27 +01:00
Daira Hopwood
b2f78a33cc
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-05-09 01:17:56 +01:00
Daira Hopwood
f189fb122f
Remove unneeded bold-extra package.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-03-08 01:14:37 +00:00
Daira Hopwood
26b3c254f1
Improved (AMS) blackboard math font.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-03-08 01:14:12 +00:00
Daira Hopwood
051044253e
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-03-07 21:00:19 +00:00
Daira Hopwood
1cb178753b
Merge branch 'zips115.update-testnet-fr-addresses.1'
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-03-07 20:57:53 +00:00
Daira Hopwood
bbae605075
Cosmetics (font in subscript of Sym.{Encrypt,Decrypt}).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-03-07 20:54:12 +00:00
Daira Hopwood
248567fbcd
Correct a statement about indistinguishability of JoinSplit descriptions.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-03-07 20:53:25 +00:00
Daira Hopwood
d4bfecea9b
Correct the order of arguments to COMM in its instantiation.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-03-07 20:52:53 +00:00
Daira Hopwood
91895ee7a7
Clarify what a note commitment opens to in 'Omission in Zerocash security proof' section.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-03-07 20:52:04 +00:00
Daira Hopwood
5fe9d6d525
Clarify the consensus rule preventing double-spends.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-03-04 23:25:28 +00:00
Daira Hopwood
e81610adb4
Change the Founders' Reward addresses, for the test network only, to
...
reflect https://github.com/zcash/zcash/issues/2113 . fixes #115
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-27 20:48:47 +00:00
Daira Hopwood
b34edb5e40
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-25 06:27:07 +00:00
Daira Hopwood
6b89a6d618
Pagination.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-25 06:25:53 +00:00
Daira Hopwood
920186e24e
Generalize the description of the InternalH attack to include finding collisions on (a_pk, rho).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-25 06:25:38 +00:00
Daira Hopwood
95fa51d785
Explain a variation on the Faerie Gold attack and why it is prevented.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-25 06:24:47 +00:00
Daira Hopwood
f6da7897d8
Rename enforce to enforceMerklePath.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-25 06:23:37 +00:00
Daira Hopwood
d1adee3045
Unindent second paragraph of abstract. fixes #108
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-21 20:35:35 +00:00
Daira Hopwood
ca59a53109
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-12 05:55:33 +00:00
Daira Hopwood
6a3b4b1f8a
Explain the use of interstitial treestates in chained JoinSplits. fixes #82
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-12 05:52:59 +00:00
Daira Hopwood
63e5bba91a
Specify G_2 more precisely.
...
(We use the same notation as in [BGG2016], but explicitly give the
representation of xi as a polynomial modulo t^2 + 1, which is taken from
71883bc168/src/algebra/curves/alt_bn128/alt_bn128_init.cpp (L135)
.)
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-12 05:51:31 +00:00
Daira Hopwood
6e63920461
Specify security requirements on SHA256Compress for COMM to be a secure commitment.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-12 05:44:15 +00:00
Daira Hopwood
9641a7a0a5
CryptoNote is a protocol so should be boldfaced, like Zcash, Zerocash and Bitcoin.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-12 00:02:23 +00:00
Daira Hopwood
eb75858bc0
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-11 23:55:08 +00:00
Daira Hopwood
693b3a7708
Reference the white paper on MPC parameter generation
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-11 23:54:35 +00:00
Daira Hopwood
d6f015c1e5
Give a definition of statistical zero knowledge.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-11 23:53:38 +00:00
Daira Hopwood
8de5358871
Specify the maximum block size. fixes #91
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-06 06:30:25 +00:00
Daira Hopwood
0f87dae7a8
\ell_Merkle is a bit length, not a byte length.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-06 06:30:25 +00:00
Daira Hopwood
5b95343f4a
Cosmetics: vertical spacing and pagination.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-06 03:37:01 +00:00
Daira Hopwood
335cf44064
Clarify wording of consensus rule for transparent value pool.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-06 03:37:01 +00:00
Daira Hopwood
b123d3bd67
Add [0]^\ell to the Notation section.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-06 01:23:09 +00:00
Daira Hopwood
2307cc9d4d
Delete redundant "The notation ..." in Notation section.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-06 01:22:20 +00:00
Daira Hopwood
3133bbb04d
Delete commented-out bit/byte order examples.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-06 01:20:34 +00:00
Daira Hopwood
67868fd21c
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-04 04:39:41 +00:00
Daira Hopwood
e5e4054ddb
Cosmetics and minor wording changes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-04 04:36:12 +00:00
Daira Hopwood
b6ae95bd2c
Define how nodes select a best chain. fixes #97
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-04 04:36:12 +00:00
Daira Hopwood
91c5ec922d
Split "The Block Chain" and "Transactions and Treestates" sections.
...
Remove the concept of 'block chain views'.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-04 04:36:12 +00:00
Daira Hopwood
b96212bb6e
Fix a typo in the definition of nullifier integrity.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-04 04:04:59 +00:00
Daira Hopwood
ed38112661
Add abstract and keywords.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-02-04 04:04:13 +00:00
Daira Hopwood
739abb13f4
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-20 04:33:24 +00:00
Daira Hopwood
96b298f111
Add reference for DigiShield. (There doesn't appear to be any better reference than the source.)
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-20 04:31:45 +00:00
Daira Hopwood
43e6eb74d9
Call Nat, PosInt and Rat types rather than sets, for consistency.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-20 02:39:07 +00:00
Daira Hopwood
f6b351de4c
Zcash has been launched, so more care needs to be taken in reporting security bugs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-20 02:38:12 +00:00
Daira Hopwood
da7c5d9352
Specify difficulty adjustment.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-20 02:36:58 +00:00
Daira Hopwood
b1186b35a3
Fixes to consensus rules and block header field descriptions.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-20 02:35:11 +00:00
Daira Hopwood
c15a2f20af
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-20 02:26:22 +00:00
Daira Hopwood
963f042eb9
Improve pagination.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-20 02:24:49 +00:00
Daira Hopwood
1982700426
Improve macros for list comprehensions, case expressions, and formula blocks.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-19 22:46:40 +00:00
Daira Hopwood
90563ab376
Define PRF^addr in section 4.2.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-09 19:53:02 +00:00
Daira Hopwood
4dd33d9db6
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-09 19:12:09 +00:00
Daira Hopwood
6500e7be27
Add cross references from payment address and spending key encoding sections
...
to where the key components are specified.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-09 19:10:53 +00:00
Daira Hopwood
01a4f5141a
Update the hashes of proving and verifying keys for the final Sprout parameters. fixes #99
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-01-06 21:27:25 +00:00
Daira Hopwood
a90e3aefec
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-12-19 21:18:09 +00:00
Daira Hopwood
b60fb345df
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-12-19 21:14:17 +00:00
Daira Hopwood
31cc757c58
Note that due to an oversight, the Zcash genesis block does not follow BIP-34.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-12-19 21:14:17 +00:00
Daira Hopwood
60b787eed4
Specify a check on the order of pi_B in a zk-proof.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-12-19 21:14:17 +00:00
Daira Hopwood
939cce4562
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-30 02:07:29 +00:00
Daira Hopwood
9970c98439
Update reference to the Equihash paper.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-30 02:06:42 +00:00
Daira Hopwood
0e65f7fc9c
Clarify the discussion of proof size.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-30 02:03:51 +00:00
Daira Hopwood
30d6ea7129
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-28 04:41:49 +01:00
Daira Hopwood
2596dda01d
Add Founders' Reward addresses for the production network.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-28 04:40:46 +01:00
Daira Hopwood
a3aba45fa5
Protected -> shielded.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-28 04:39:04 +01:00
Daira Hopwood
11e373a33b
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-04 22:07:31 +01:00
Daira Hopwood
6f6847ea84
Add Contents to PDF index.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-04 22:06:26 +01:00
Daira Hopwood
af4b9a0f53
Update address prefixes again. refs zcash/zcash#812
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-04 21:11:44 +01:00
Daira Hopwood
2ccd1ac58a
Add reference to Bitcoin protocol doc.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-03 07:15:19 +01:00
Daira Hopwood
83acc60074
OP_CODESEPARATOR has been disabled, and no longer affects signature hashes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-03 07:12:56 +01:00
Daira Hopwood
488e8f443c
Correct the representation type of the block nVersion field to uint32_t.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-03 07:11:58 +01:00
Daira Hopwood
3dd475ea77
Specify lead bytes for P2SH and P2PKH addresses.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-03 07:11:04 +01:00
Daira Hopwood
891f21bac9
Add a section on which BIPs apply to Zcash. fixes #87
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-02 22:26:28 +01:00
Daira Hopwood
61aa04e01b
Change the representation type of vpubOld and vpubNew to be unsigned.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-02 18:27:30 +01:00
Daira Hopwood
63fb1c275c
Regenerate PDF.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-10-02 04:02:21 +01:00