Daira Hopwood
05d72a4b71
Add Charles Rackoff, Rafail Ostrovsky, and Amit Sahai to the acknowledgements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-12 16:30:21 +01:00
Daira Hopwood
998cb2ff95
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-12 16:28:59 +01:00
Daira Hopwood
81598de991
Notational changes:
...
- Use a superscript (r) to mark the subgroup order, instead of a subscript.
- Use G^{(r)∗} for the set of r_G-order points in G.
(r)
- Mark the subgroup order in pairing groups, e.g. use G_1^{(r)} instead of G_1.
- Make the bit-representation indicator (five-pointed star) an affix instead of a superscript.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-12 16:24:15 +01:00
Daira Hopwood
b605fe1061
Cosmetics and minor wording improvements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-11 21:09:53 +01:00
Daira Hopwood
b2f42d987c
Macro simplifications.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-11 21:05:19 +01:00
Daira Hopwood
0a1a01513f
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 17:31:42 +01:00
Daira Hopwood
ade889eef7
Add an appendix on Groth16 batch verification.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 17:30:04 +01:00
Daira Hopwood
2e74200366
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 17:29:44 +01:00
Daira Hopwood
ef1cee8dcf
Regenerate PDFs. Also fix a Makefile problem: protocol.pdf can't be a symlink
...
because GitHub doesn't follow symlinks, so links to protocol.pdf would break.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 16:05:40 +01:00
Daira Hopwood
34cf757891
Add the hashes of parameter files for Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 10:06:52 +01:00
Daira Hopwood
af90f0c4af
Add cross references for RedDSA batch verification appendix.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 10:06:26 +01:00
Daira Hopwood
7450495335
Cosmetics: fix a warning about Unicode in headings.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 10:03:46 +01:00
Daira Hopwood
996045013e
Makefile: name the Sprout version as sprout.pdf and link protocol.pdf to the Sapling verison.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 10:02:24 +01:00
Daira Hopwood
d5c79e2592
Put the change history back in the correct order (beta-23 and -24 were reversed).
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-08-05 08:54:03 +01:00
Daira Hopwood
ff397a6aff
Add a missing consensus rule for v4 transactions: if there are no Sapling spends or outputs, valueBalance MUST be 0.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-31 03:47:26 +01:00
Daira Hopwood
854f6eddcc
Regenerate PDFs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-27 22:05:29 +01:00
Daira Hopwood
2f0c68b616
Add an appendix on RedDSA batch verification.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-27 22:05:29 +01:00
Daira Hopwood
90692541aa
Update RedDSA verification to use cofactor multiplication.
...
This is necessary in order for the output of batch verification to match unbatched verification in all cases.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-27 22:05:29 +01:00
Daira Hopwood
813a8891d1
Rename EncodeFVKParts to EncodeXFVKParts, since its input includes dk which is only part of an extended full viewing key.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 14:48:33 +01:00
Daira Hopwood
511c2eb1e0
Fix a link.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
eb60b41f20
Seeds for Sprout master keys must also be at least 32 bytes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
5cdc69196a
Factor out Sprout a_sk encoding/decoding into helper functions.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
3018efc0f3
Correct the encoding of a_sk,par for Sprout child derivation.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
777d82a26f
Factor out the encoding of extended {spending key, full viewing key} parts and make it more precise.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
6f966489b8
Correct the derivation of a Sapling child full viewing key's nk, and define the bases G and H.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
1b04d74cde
Remove unintended addition of a reference to the non-existant (yet) ZIP 173.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
6e9a79604c
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
42506f08bd
Define DiversifyHash.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
ebecd8c1ff
Clarify the encoding of a_sk in a Sprout extended spending key. Also exclude lead bytes, and swap ASK and c for consistency with Sapling formats and BIP 32.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
5881d3c211
Define depth, parent tag, and i for master keys.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
7002be59fa
Clarify the interpretation of I_L in Sprout key derivation.
...
This also fixes a cut-and-paste error (a child chain code is c_i, not c_m).
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
ba56f26b4d
Explain that some diversifiers are invalid, and correct the definition of default diversifier.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
5788c120e7
Rename s_m to sk_m.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
633436cff6
Specify that the seed MUST be at least 32 bytes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
d65629f7a1
Clarify the relation to existing use of BIPs 32 & 44.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
0034331888
Add MUST NOT to Terminology.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
918ea38834
Fix a cut-and-paste error.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
b9e6ed7e1a
Another formatting improvement.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
3e884f9579
Fix formatting.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
52eac8c2c1
Put human-readable parts in monospace.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
0fc7c704a7
Add specifications of key fingerprints, tags, and encodings.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
6f85acb9b1
Specify the range of j when generating diversifiers.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
b3c051eb4f
Say that ZIP 32 does not supplant the use of BIPs 32 & 44 for transparent addresses.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
8a49de84f6
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
de065cf344
Update another reference to the Sapling spec version.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
ff5affbc77
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
f94b9a4c67
Define r_J.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
1b3ea422fe
Reference version 2018.0-beta-21 or later of the Sapling protocol spec.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Daira Hopwood
3f2815838e
Cosmetic improvements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2018-07-25 00:32:43 +01:00
Jack Grigg
da683d31b9
Remove hardening from example public-key HD path
...
Hardened derivation is undefined for an extended FVK
2018-07-25 00:32:43 +01:00