Daira Hopwood
d713d35f54
ZIP 216: fix references to the NU5 protocol spec.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 20:00:44 +00:00
Daira Hopwood
0f427feb5b
Regenerate PDFs.
2021-03-26 19:45:47 +00:00
Daira Hopwood
f66887cdee
Fix an off-by-one error.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 19:40:57 +00:00
Daira Hopwood
3898e2f571
Regenerate PDFs.
2021-03-26 19:38:49 +00:00
Daira Hopwood
b4aac633f4
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 19:31:45 +00:00
Daira Hopwood
17a6a72974
Merge branch 'orchard-wip'
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 19:27:21 +00:00
Daira Hopwood
2f246ce24d
Other fixes to the Orchard specification, including generation of dummy notes and output notes.
...
fixes #465
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 19:17:33 +00:00
Daira Hopwood
aa86282e16
Change the specifications of note decryption to return the note and memo, rather than a note plaintext.
...
Generalize the specification of block chain scanning to support Orchard.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood
c50bdbd9ce
Delete a confusing part of the definition of concatbits that we don't rely on.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood
b27213dfd3
Move the definition of ⊥ to before its first use.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood
cd1b4de8f9
Update the hashFinalSaplingRoot/hashLightClientRoot/hashBlockCommitments field for NU5.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood
74dfa80194
Fix errors in Orchard due to cut-and-paste from Sapling.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood
4d3204b8e1
Describe the recommended way to encode a Sapling or unified payment address as a QR code.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood
bbc6131f29
Update specification of Poseidon.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood
212fdc8752
Add references for the halo2 book.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
5e55821889
NCC audit: Make the description of when fields are included in v5 transactions consistent
...
between the protocol specification and ZIP 225. Also regenerate the HTML for ZIP 225.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
55af963e53
NCC audit: Add a definition for the section symbol in \crossref{introduction}, before its first use.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
eff39611f8
ZIP 225: Correct the size of the outCiphertext field in a Sapling Output description.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
3d386eeec0
ZIP 225: Update references.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
5fef9270e2
NCC audit: Correct the sizes of SpendDescriptionV5 and OutputDescriptionV5 in the version transaction format.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
bfc6a8e33c
NCC audit: Document the limitation on the domain separation string for the group hash into Pallas/Vesta.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
a68c7d24d0
NCC audit: Document that the choice of nonsquare for λ_G in \crossref{concretegrouphashpallasandvesta} makes no difference
...
to the output of map_to_curve_simple_swu.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
fa2b1c6ce9
Correct the output type of sqrt_ratio.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
ab0e248036
NCC audit: Document that the use of k = 256 in hash_to_field is intentional,
...
despite the Pallas curve only having 126-bit conjectured security against generic attacks.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
9d62142142
NCC audit: Fix a discrepancy between \crossref{concretegrouphashpallasandvesta} and \cite{ID-hashtocurve}.
...
The zero padding in expand_message_xmd should be 128 bytes (matching the input block size of
BLAKE2b), rather than 64 bytes.
See also https://github.com/zcash/pasta/pull/2 and https://github.com/zcash/pasta_curves/issues/7
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
5d15a3d91e
NCC audit: Fix type confusion between integers and field elements (including additional cases
...
not found in the audit, involving nullifiers and cm_x).
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
7ccbf44c30
NCC audit: Define \mathbb{G} in \crossref{concretegrouphashpallasandvesta}.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
4d983aa855
NCC audit: Make the naming of enableSpends and enableOutputs consistent.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
e5336bb536
Various rationale updates for NU5.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
8f1ff76417
Add proof of collision resistance for Sinsemilla.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
591c7e45cc
NCC audit: Restrict the definition of a short Weierstrass elliptic curve
...
to base fields of characteristic greater than 3.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
2e50a09e97
NCC audit: Correct the definition of PRFnf^Orchard by changing Poseidon to PoseidonHash.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
b7d61884e1
NCC audit: Propagate \bot from the inputs of MerkleCRH^Orchard to its output, and add an explicit
...
consensus rule that rt^Orchard computed from appending a note commitment is not \bot.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
c11c329beb
NCC audit: Propagate \bot intermediate results to the output of Sinsemilla primitives.
...
Change the output types of NoteCommitAlg^Orchard and CommitIvkAlg to reflect that these can
return \bot, and change the action statement to be satisfied if they do.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
20478ae40d
Credit Eirik Ogilvie-Wigley as a designer of the Zcash protocol. Add Andre Serrano, Brad Miller,
...
Charlie O'Keefe, David Campbell, Elena Giralt, Francisco Gindre, Joseph Van~Geffen, Josh Swihart,
Kevin Gorham, Larry Ruane, Marshall Gaucher, and Ryan Taylor to the acknowledgements.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood
b14c332910
NCC audit: Correct the definition of c in \crossref{concretesinsemillahash}.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:51 +00:00
Daira Hopwood
54a0894acf
NCC audit: fix 'reasonable' typo.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:22:50 +00:00
Daira Hopwood
02db965036
Cosmetics and trivial changes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:22:50 +00:00
str4d
41afbd3c66
Merge pull request #105 from zcash/memo-field-specification
...
[ZIP 302] Standardized Memo Field Format
2021-03-25 10:22:03 +13:00
Kris Nuttycombe
7752911cb6
Generate ZIP 302 HTML
2021-03-24 15:16:26 -06:00
Kris Nuttycombe
14b975622b
Merge remote-tracking branch 'upstream/master' into memo-field-specification
2021-03-24 15:13:16 -06:00
Deirdre Connolly
2ec19b5fcc
Merge pull request #463 from zcash/dconnolly-patch-1
...
s/enableSpendsOrchard/enableOutputsOrchard/ re: no new notes
2021-03-23 17:25:25 -04:00
Daira Hopwood
44c45004df
Cosmetics and trivial changes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-23 20:01:13 +00:00
Daira Hopwood
218196f8dd
Output ciphertext -> outgoing ciphertext.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-23 19:27:47 +00:00
Daira Hopwood
e1bdfce3bc
Remove specification of memo contents, which will be in ZIP 302.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-23 19:21:56 +00:00
str4d
75b94ce063
ZIP 302: Remove remaining reference to TLV scheme
2021-03-23 13:46:14 +13:00
str4d
00864688d2
ZIP 302: Sort reserved ranges.
2021-03-23 13:42:53 +13:00
Deirdre Connolly
75a8a944d4
s/enableSpendsOrchard/enableOutputsOrchard/ re: no new notes
2021-03-19 15:14:26 +00:00
Daira Hopwood
a859014b98
Correct the description of `length` in \crossref{unifiedpaymentaddrencoding}.
...
(It is the length of `addr`, not the length of the raw encoding; they differ for t-addrs.)
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-19 15:14:25 +00:00
Daira Hopwood
781ec6896d
Correct the type signature of DiversifyHash^Orchard in \crossref{abstracthashes}.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-19 15:14:25 +00:00