Commit Graph

1364 Commits

Author SHA1 Message Date
Daira Hopwood b4aac633f4 Cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 19:31:45 +00:00
Daira Hopwood 2f246ce24d Other fixes to the Orchard specification, including generation of dummy notes and output notes.
fixes #465

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 19:17:33 +00:00
Daira Hopwood aa86282e16 Change the specifications of note decryption to return the note and memo, rather than a note plaintext.
Generalize the specification of block chain scanning to support Orchard.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood c50bdbd9ce Delete a confusing part of the definition of concatbits that we don't rely on.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood b27213dfd3 Move the definition of ⊥ to before its first use.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood cd1b4de8f9 Update the hashFinalSaplingRoot/hashLightClientRoot/hashBlockCommitments field for NU5.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood 74dfa80194 Fix errors in Orchard due to cut-and-paste from Sapling.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood 4d3204b8e1 Describe the recommended way to encode a Sapling or unified payment address as a QR code.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood bbc6131f29 Update specification of Poseidon.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:58 +00:00
Daira Hopwood 212fdc8752 Add references for the halo2 book.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood 5e55821889 NCC audit: Make the description of when fields are included in v5 transactions consistent
between the protocol specification and ZIP 225. Also regenerate the HTML for ZIP 225.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood 55af963e53 NCC audit: Add a definition for the section symbol in \crossref{introduction}, before its first use.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood 5fef9270e2 NCC audit: Correct the sizes of SpendDescriptionV5 and OutputDescriptionV5 in the version transaction format.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood bfc6a8e33c NCC audit: Document the limitation on the domain separation string for the group hash into Pallas/Vesta.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood a68c7d24d0 NCC audit: Document that the choice of nonsquare for λ_G in \crossref{concretegrouphashpallasandvesta} makes no difference
to the output of map_to_curve_simple_swu.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood fa2b1c6ce9 Correct the output type of sqrt_ratio.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood ab0e248036 NCC audit: Document that the use of k = 256 in hash_to_field is intentional,
despite the Pallas curve only having 126-bit conjectured security against generic attacks.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood 9d62142142 NCC audit: Fix a discrepancy between \crossref{concretegrouphashpallasandvesta} and \cite{ID-hashtocurve}.
The zero padding in expand_message_xmd should be 128 bytes (matching the input block size of
BLAKE2b), rather than 64 bytes.

See also https://github.com/zcash/pasta/pull/2 and https://github.com/zcash/pasta_curves/issues/7

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood 5d15a3d91e NCC audit: Fix type confusion between integers and field elements (including additional cases
not found in the audit, involving nullifiers and cm_x).

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood 7ccbf44c30 NCC audit: Define \mathbb{G} in \crossref{concretegrouphashpallasandvesta}.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood 4d983aa855 NCC audit: Make the naming of enableSpends and enableOutputs consistent.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood e5336bb536 Various rationale updates for NU5.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood 8f1ff76417 Add proof of collision resistance for Sinsemilla.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood 591c7e45cc NCC audit: Restrict the definition of a short Weierstrass elliptic curve
to base fields of characteristic greater than 3.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood 2e50a09e97 NCC audit: Correct the definition of PRFnf^Orchard by changing Poseidon to PoseidonHash.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood b7d61884e1 NCC audit: Propagate \bot from the inputs of MerkleCRH^Orchard to its output, and add an explicit
consensus rule that rt^Orchard computed from appending a note commitment is not \bot.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood c11c329beb NCC audit: Propagate \bot intermediate results to the output of Sinsemilla primitives.
Change the output types of NoteCommitAlg^Orchard and CommitIvkAlg to reflect that these can
return \bot, and change the action statement to be satisfied if they do.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood 20478ae40d Credit Eirik Ogilvie-Wigley as a designer of the Zcash protocol. Add Andre Serrano, Brad Miller,
Charlie O'Keefe, David Campbell, Elena Giralt, Francisco Gindre, Joseph Van~Geffen, Josh Swihart,
Kevin Gorham, Larry Ruane, Marshall Gaucher, and Ryan Taylor to the acknowledgements.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:57 +00:00
Daira Hopwood b14c332910 NCC audit: Correct the definition of c in \crossref{concretesinsemillahash}.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:23:51 +00:00
Daira Hopwood 54a0894acf NCC audit: fix 'reasonable' typo.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:22:50 +00:00
Daira Hopwood 02db965036 Cosmetics and trivial changes.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-26 18:22:50 +00:00
Daira Hopwood 44c45004df Cosmetics and trivial changes.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-23 20:01:13 +00:00
Daira Hopwood 218196f8dd Output ciphertext -> outgoing ciphertext.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-23 19:27:47 +00:00
Daira Hopwood e1bdfce3bc Remove specification of memo contents, which will be in ZIP 302.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-23 19:21:56 +00:00
Deirdre Connolly 75a8a944d4 s/enableSpendsOrchard/enableOutputsOrchard/ re: no new notes 2021-03-19 15:14:26 +00:00
Daira Hopwood a859014b98 Correct the description of `length` in \crossref{unifiedpaymentaddrencoding}.
(It is the length of `addr`, not the length of the raw encoding; they differ for t-addrs.)

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-19 15:14:25 +00:00
Daira Hopwood 781ec6896d Correct the type signature of DiversifyHash^Orchard in \crossref{abstracthashes}.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-19 15:14:25 +00:00
Daira Hopwood 3e160d6ecb 2^16 -> 2^{16}. fixes #461
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-19 15:14:25 +00:00
Daira Hopwood 9af5978852 Remove magenta highlighting of differences from Zerocash.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-19 15:14:25 +00:00
Daira Hopwood 78e3d68539 Remove support for generating the Sprout-only specification (sprout.pdf).
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-19 14:00:19 +00:00
Daira Hopwood ebe3800b2b Regenerate PDFs. 2021-03-17 20:00:51 +00:00
Daira Hopwood f0fa13761e Regenerate PDFs. 2021-03-17 19:55:50 +00:00
Daira Hopwood 3b558b2146 Set date in Change History entry for v2021.1.19.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-17 19:55:49 +00:00
Daira Hopwood c5c34cf93c Cosmetics (spacing).
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-17 19:55:49 +00:00
Daira Hopwood 0b8a4b3d90 Correct the range of input to ValueCommit^Orchard in the action statement, and the corresponding security argument in \crossref{orchardbalance}.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-17 19:55:48 +00:00
Daira Hopwood e31f33c678 Fix a type error in the non-normative note at the end of \crossref{concretesinsemillacommit}.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-17 19:55:48 +00:00
Daira Hopwood 867d0cc712 Make DiversifyHash^Orchard total, by replacing an output of the zero point with another base.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-17 19:55:48 +00:00
Daira Hopwood c9b918a654 Fix a typo: 2^16 -> 2^{16}.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-17 19:55:48 +00:00
Daira Hopwood 17518632e1 Update the consensus rules that prevent trivial transactions (with no inputs or outputs)
to take into account action transfers in the v5 transaction format.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-17 19:55:48 +00:00
Daira Hopwood cec8b904c5 Regenerate PDFs. 2021-03-17 02:11:38 +00:00
Daira Hopwood 36074af67b Version 2021.1.18:
* Define unified payment addresses in place of the Bech32 form of Orchard addresses.
* Remove Sprout-specific fields from the v5 transaction format.
* The rho value for an Orchard output note was incorrectly described as being derived from
  rseed, instead of being set to the nullifier from the same action description as intended
  (fixes #459 ).
* The psi value is now derived using the PRF^expand input [9], instead of [10] (refs #459 ).
* Correct a note about the range of the Merkle hash inputs in \crossref{actionstatement}.
* Correct the validity condition for ak in \crossref{orchardfullviewingkeyencoding}.
* Add a definition for K^Orchard in \crossref{commitmentsandnullifiers} (fixes #460 ).
* Correct the number of full and partial rounds for Poseidon.
* Add a note explaining the origin of the 2^{65} constant in the definition of PoseidonHash.
2021-03-17 02:06:38 +00:00
Daira Hopwood 27a39088d6 Regenerate PDFs. 2021-03-15 16:27:53 +00:00
Daira Hopwood ad032d456a More WIP:
* fix the use of inputs to PRF^expand in Orchard note encryption;
* rename "hash extractor" to "coordinate extractor";
* miscellaneous minor fixes;
* set date of Change History entry.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood 37d8221c4d Mainly fixes to the Action statement.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood d79de34b4a Update key components diagram.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood 7cc31111bb Yet more WIP. Nullifier derivation for Orchard is correct now.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood f6fb3c80d7 More WIP.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood 6ac5901a42 More WIP, and rename orchard.pdf to nu5.pdf.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood dae8852187 More Orchard WIP.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood e62d57959e More WIP.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood 6453611314 * More Orchard WIP;
* The definition of a represented group abstraction function incorrectly required canonicity;
* Note about non-canonical encodings in the Jubjub gave incorrect values for encodings of the point of order 2;
* Change the spec of decryption with ovk to match zcashd (by adding \bot and subgroup checks);
* Add a note saying that a node impl that checkpoints on Sapling can omit verifying BCTV14 proofs.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood 68cb4c6d5f Font hack to make sure that italic bold is not too wide.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood a81cfdb693 More WIP!
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood ad9c631ee0 More WIP for Orchard, including hashing to Pallas and Vesta.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood 6215dce577 More WIP
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood 0b6faf673d Update spec for Orchard up to and including section 3 (Concepts).
This includes the key derivation diagram in section 3.1.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood 300df42bf3 More WIP for Orchard
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood c2c4160151 WIP: Orchard
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-15 16:18:54 +00:00
Daira Hopwood 7e21ab57ac Push draft of NU5 spec.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-03-04 03:27:02 +00:00
Alessandro Coglio 08fcc0c1f0
Add a paragraph break
It seems that this should get its own paragraph, for symmetry with nearby paragraphs.
2021-01-15 18:09:09 -08:00
Daira Hopwood 4f1ce394fe Regenerate PDFs. 2021-01-11 00:15:27 +00:00
Daira Hopwood 894c979a3d protocol/Makefile: add new .pdf files if needed.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-11 00:10:37 +00:00
Daira Hopwood adced97391 Update Change History version and date.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-11 00:08:20 +00:00
Daira Hopwood 6dc375e9ec Add (experimental, unused) support for linking consensus rules with the corresponding code.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-10 23:56:30 +00:00
Daira Hopwood 9bc9823a23 Add macros and Makefile support for building the Orchard draft specification.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-10 23:56:30 +00:00
Daira Hopwood 3751c9973d QED-it changed the spelling of their company name to QEDIT.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-10 23:46:24 +00:00
Daira Hopwood a5b78961f4 Clarify the encoding of block heights for the "height in coinbase" rule.
The description of this rule has also moved from 'Block Header Encoding and Consensus' to
'Transaction Encoding and Consensus'.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-10 23:45:53 +00:00
Daira Hopwood 0bd8580d1a Include the activation dates of Heartwood and Canopy in 'Network Upgrades'.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-10 23:40:03 +00:00
Daira Hopwood 1ddc19ffaa Section links in the Heartwood and Canopy versions of the specification now go to the correct document URL.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-10 23:37:16 +00:00
Daira Hopwood 34de56533f Protocol spec: use cmap package to attempt to improve search/copy-paste on some PDF readers.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-10 23:32:54 +00:00
Daira Hopwood c136527758 Regenerate PDFs. 2020-11-06 01:09:37 +00:00
Daira Hopwood 3274aa10de Avoid undefined references when building sprout.pdf.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 9a8f72c5e3 Add release date.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 7999296d7d Minor corrections.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 6e3c173538 Update a comment about BIPs (which is not in the rendered document).
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood c278c2f93a Reserve transaction version 0x7FFFFFFF and version group ID 0xFFFFFFFF for experimental use.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 9257be1d1f Add a consensus rule that the (zero-valued) coinbase transaction output of the genesis block cannot be spent.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 917dbf5c46 Add a missing consensus rule that has always been implemented in zcashd: there must be at
least one transparent output, Sapling output, or JoinSplit in a transaction.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 94ec65564c Define Sprout/Sapling chain value pool balances, and include consensus rules from ZIP 209.
This includes updates to ZIPs 209 and 211 for consistency of terminology (also addressing
a nit from the NCC Canopy report).

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 71cee89a18 Corrections to note decryption algorithms:
* ephemeralKey is kept as a byte sequence rather than immediately converted to a curve point;
  this matters because of non-canonical encoding.
* The representation of pk_d in a note plaintext may also be non-canonical and need not be in the
  prime subgroup.
* Move checking of cm_u in decryption with ivk to the end of the algorithm, to more closely match
  the implementation.
* The note about decryption of outputs in mempool transactions should have been normative.

Also change ZIP 212 to say that it is aligned with this version of the protocol spec.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 775b5f3b5d Use "let mutable" to introduce mutable variables in algorithms.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 9c9ad74fad Acknowledge Alexandra Elbakyan for her work on Sci-Hub.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 0ed38ec775 Acknowledge Izaak Meckler, Zac Williamson, and Vitalik Buterin for discussions of the protocol.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood a5db85828c Acknowledge Jack Gavigan as a co-designer of Sapling and of the Zcash protocol.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 924fd97422 Remove a statement that the language consisting of key and address encoding possibilities is prefix-free
(the raw encodings are not).

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 85b8f1647b Include a reference to [BFIJSV2010] for batch pairing verification techniques.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-11-06 01:00:58 +00:00
Daira Hopwood 36b35dbf4a Regenerate PDFs. 2020-08-30 21:12:40 +01:00
Daira Hopwood 906838f3b6 Minor fixes to Change History.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-30 21:07:46 +01:00
Daira Hopwood 4d00112f5d Explicitly state the consensus rule that a coinbase transaction must not spend more than is available from the block subsidy and transaction fees.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-30 21:07:34 +01:00
Daira Hopwood c7180872a3 Specify where PRF^expand is used and with what inputs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-30 21:06:29 +01:00
Daira Hopwood ea59cda07f Fix a type error in the output of PRF^nfSapling; a Sapling nullifier is a sequence of 32 bytes, not a bit sequence.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-30 21:01:51 +01:00
Daira Hopwood b3da7a14ee Remove a silly comment from the LaTeX source.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-30 21:01:51 +01:00
Daira Hopwood 87a0670225 protocol/Makefile: ensure that we don't release from a branch other than master or a dirty working tree.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-30 21:01:50 +01:00
Daira Hopwood 639226dd50 Regenerate PDFs. 2020-08-19 22:03:26 +01:00
Daira Hopwood b2a7e1deb0 Fix a type error in the output of PRF^nfSapling.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-17 21:33:05 +01:00
Daira Hopwood 850e7ea019 Correct an off-by-one in an expression used in the definition of c for windowed Pedersen commitments
(this does not change the value of c).

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-17 21:32:15 +01:00
Daira Hopwood b83f2b9542 Regenerate PDFs. 2020-08-11 14:44:38 +01:00
Daira Hopwood e1cac0c48a Make the Canopy specification the default.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-11 13:56:46 +01:00
Daira Hopwood 19ba684f2c Minor wording improvement.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-11 13:56:19 +01:00
Daira Hopwood 55c51715b5 Cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-11 13:56:08 +01:00
Daira Hopwood 7032c07fb8 Make Halving(height) return 0 (rather than -1) for height < SlowStartShift.
This has no effect on consensus since the Halving function is not used in that case,
but it makes the definition match the intuitive meaning of the function.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-11 13:55:38 +01:00
Daira Hopwood d117273977 Refine the domain of HeightForHalving from N to N^+.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-11 13:54:06 +01:00
Daira Hopwood 9dbac78f29 Rename some section titles under 'Consensus Changes from Bitcoin' to use 'Encoding and Consensus'.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-11 13:52:58 +01:00
Daira Hopwood 6fbe17da59 Updates to reflect ZIP 211: add a consensus rule on v^pub_old, and a rule about node and wallet support for sending to Sprout addresses.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-11 13:49:36 +01:00
Daira Hopwood 1d71f6cb31 Rename the type of Sapling transmission keys from KA^Sapling.PublicPrimeOrder to KA^Sapling.PublicPrimeSubgroup.
This type is defined as J^(r), which reflects the implementation in zcashd (subject to the point below);
it was never enforced that a transmission key (pk_d) cannot be the zero point.

Add a non-normative note saying that zcashd does not fully conform to the requirement to treat
transmission keys not in KA^Sapling.PublicPrimeSubgroup as invalid when importing payment addresses.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-11 13:43:00 +01:00
Daira Hopwood e1037ff046 Wording improvements.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-11 01:57:49 +01:00
Daira Hopwood d11304c7d1 Add indexing for "halving".
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-11 01:54:48 +01:00
Daira Hopwood a651ad7fe7 Modify funding stream tables and notes to reflect changes in ZIP 214.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-11 01:52:06 +01:00
Daira Hopwood fd2416d9ea Set CanopyActivationHeight for Testnet.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-11 01:48:59 +01:00
Daira Hopwood fb64b2e430 Regenerate PDFs. 2020-08-03 12:19:11 +01:00
Daira Hopwood 17def33bf8 Use abstBytes_{Ed25519} and reprBytes_{Ed25519} for conversions in Ed25519 batch signature validation, and
fix a missing requirement that S_j < \ell for all signatures.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-03 12:14:34 +01:00
Daira Hopwood ff3c7c2bce Move the footnote about (x, y) notation for Ed25519 to where this notation is first used.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-03 12:11:08 +01:00
Daira Hopwood 13b6f0e120 Delete a potentially misleading Sprout-specific comment.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-03 12:10:20 +01:00
Daira Hopwood 31b844c37c Give a definition for SHA-512. Also some refactoring of hash macros.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-03 12:09:33 +01:00
Daira Hopwood 6a4b1f5f6c Add a reference to [BCCGLRT2014].
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-08-03 12:05:33 +01:00
Daira Hopwood 1e6b2f8815 Regenerate PDFs. 2020-07-13 18:54:03 +01:00
Daira Hopwood b2f033f84d Add spec changes for ZIPs 207 and 214.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-13 18:45:16 +01:00
Daira Hopwood bc809dae5d Add note about full viewing key decryption of mempool transactions.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-13 18:45:16 +01:00
Daira Hopwood 0248a44a05 Change instances of "the production network" to "Mainnet", and "the test network" to "Testnet".
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-13 18:45:16 +01:00
Daira Hopwood baad229598 Update stale references to Bitcoin documentation.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-13 18:45:16 +01:00
Daira Hopwood 5d2a48ce9d Regenerate PDFs. 2020-07-07 00:25:02 +01:00
Daira Hopwood a67b74aede Corrections to a note in section 'Ed25519'.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-07 00:21:14 +01:00
Daira Hopwood 9473b9d4af Regenerate PDFs. 2020-07-06 23:10:15 +01:00
Daira Hopwood 0bfbbd54e2 Cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-06 22:58:29 +01:00
Daira Hopwood 4d148920ae Add a missing cross reference for Jubjub.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-06 22:58:29 +01:00
Daira Hopwood 5e8ae9bb89 Precisely specify the encoding and decoding of Ed25519 points.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-06 22:58:29 +01:00
Daira Hopwood 3e3bf8a79b Add 'Mainnet and Testnet' section.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-06 22:58:29 +01:00
Daira Hopwood e87177f97f Add end comments for conditional blocks in history entries.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-06 22:58:29 +01:00
Daira Hopwood 3f41a13087 Corrections to the specification of \abstJ and the security argument for GroupHash.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-06 22:58:29 +01:00
Daira Hopwood 32a55b0939 Add Jane Lusby and Teor to acknowledgements.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-06 22:58:29 +01:00
Daira Hopwood 5504c17ab0 Make duplicate labels work as intended.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-06 22:58:29 +01:00
Daira Hopwood 9acf1b6667 Makefiles: add 'release' targets that perform a protocol spec release.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-05 17:27:20 +01:00
Daira Hopwood b398183fb0 Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-04 04:02:54 +01:00
Daira Hopwood 9321a0d9fc Arguments to PRF^expand don't need to be specified as hex.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-04 03:59:17 +01:00
Daira Hopwood 553be0f9eb In RedDSA verification, clarify that \underline{R} used as part of the input to H^\ast must be exactly as encoded in the signature.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-04 03:59:17 +01:00
Daira Hopwood cbf4cb52f1 Adjust the order of operations in Sapling decryption to more closely match the implementation, and improve the notes.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-04 03:59:17 +01:00
Daira Hopwood 47a2c78990 Correct a bug: esk is only to be checked against ToScalar(PRF^expand_rseed([4])) when the lead byte != 0x01.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-04 03:28:36 +01:00
Daira Hopwood 5689d59d32 Specify that shielded outputs of coinbase transactions MUST use v2 note plaintexts after Canopy activation.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-04 03:28:36 +01:00
Daira Hopwood 9b55332fc2 Add Ying Tong Lai and Kris Nuttycombe as Zcash protocol designers.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-04 03:18:52 +01:00
Daira Hopwood b915222d96 Cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-04 03:18:16 +01:00
Daira Hopwood 154da511c6 Specify \abstJ to be as implemented, and adjust the security argument for \GroupJHash.
Also modify \exclusivefun to take an excluded set rather than a single element.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-04 03:17:49 +01:00
Daira Hopwood a7f7befe24 Add \optsqrt macro for "arbitrary square root".
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-04 03:12:00 +01:00
Daira Hopwood e4315ad6a7 Cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-07-01 19:22:38 +01:00
Daira Hopwood 03932d2335 Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-26 21:24:41 +01:00
Daira Hopwood a333649a4e Cosmetic change to the 2020.1.6 history entry. 2020-06-26 20:57:39 +01:00
Daira Hopwood 3ce9bd9823 Replace the block interval 32256 with the constant ZIP212GracePeriod.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-26 20:57:39 +01:00
Daira Hopwood 66acf80d18 Other cosmetic changes to the batch validation equations.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-26 20:57:39 +01:00
Daira Hopwood 45c2b616e2 Fix sign errors in the fixed-base terms of the batch validation equations in Appendices B.1 and B.3.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-26 20:57:39 +01:00
Daira Hopwood 3e98e63a6c For Sprout, add an explicit lead byte field to note plaintexts.
For Sapling, define note plaintext lead bytes as just bytes (so that decoding always succeeds and error handling is more explicit).

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-26 20:47:32 +01:00
Daira Hopwood a3e4403f50 Delete some 'new' superscripts that only added notational clutter.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-26 18:58:17 +01:00
Daira Hopwood 3567634837 Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-17 23:32:25 +01:00
Daira Hopwood af41efa40c Protocol spec: ZIP 212 changes.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-17 23:28:27 +01:00
Daira Hopwood eb222b4fe0 Remove some unused macros.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-17 23:01:13 +01:00
Daira Hopwood 8ccd4e656b Add an appendix on Ed25519 batch validation.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-17 23:01:13 +01:00
Daira Hopwood 6e781c5905 Ed25519 updates. This corrects an error in the specification of valid public keys
(they are not checked against ExcludedPointEncodings), and includes changes for Canopy.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-17 23:01:13 +01:00
Daira Hopwood ec5eda1d9c Better positive square root symbol.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-17 23:01:13 +01:00
Daira Hopwood 43e4e71989 Corrections to ZIP references.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-17 23:01:13 +01:00
Daira Hopwood 4f063850d5 Cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-17 23:01:13 +01:00
Daira Hopwood 1a24d6232c Consistently use "signing key" and "validating key" for signatures.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-17 23:01:13 +01:00
Daira Hopwood f1a4631b9f protocol/Makefile: remove dependency on awk.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-15 14:04:24 +01:00
Daira Hopwood 564d7f630e Protocol spec: regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-02 18:35:15 +01:00
Daira Hopwood b9fb26f5d5 Protocol spec: fix undefined references for sprout.pdf.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-02 18:35:13 +01:00
Daira Hopwood e61e2460a0 Protocol spec: improve index; cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-02 18:35:13 +01:00
Daira Hopwood 9bac0682c3 Protocol spec: NU4 -> Canopy; ZIPs 211 and 212 are now published.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-02 18:35:13 +01:00
Daira Hopwood d53ab5fcbc Protocol spec: reference ZIP 173 instead of BIP 173.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-06-02 18:35:13 +01:00
Daira Hopwood e4d9d2cace Regenerate PDFs. Note that nufour.pdf is now canopy.pdf.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-05-27 17:28:06 +01:00
Daira Hopwood 66ba1aad3e Network Upgrade 4 is now called Canopy.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-05-27 17:24:29 +01:00
Daira Hopwood 092e6092ef Remove the claim that Discrete Logarithm Independence is stronger than collision resistance of GroupHash.
(That's not clearly true, and it's irrelevant.)

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-05-27 17:20:27 +01:00
Daira Hopwood 8d19a94716 Cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-05-27 17:18:41 +01:00
Daira Hopwood c8e08b0e96 Improve description of key structures taking into account ZIP 32. fixes #187
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-05-27 15:53:09 +01:00
Daira Hopwood 456c899627 Protocol spec: improve LaTeX portability.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-05-12 17:58:42 +01:00
Daira Hopwood 95240be273 protocol/README.rst updates.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-04-27 15:57:30 +01:00
Daira Hopwood f0ba5495d5 Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-04-22 01:35:48 +01:00
Daira Hopwood ca802490a5 Correct a wording error transposing transparent inputs and transparent outputs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-04-22 01:32:26 +01:00
Daira Hopwood df126fb35b
Merge pull request #332 from daira/zip-0251
[ZIPs 207, 214, 251] Consensus ZIPs for Zcash Development Fund
2020-04-21 23:25:23 +01:00
Daira Hopwood 604532cca1 Makefile: add dot to filename of .Makefile.uptodate
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-04-14 13:06:08 +01:00
Daira Hopwood 5fa56e83bf Protocol spec: add references for the NU4 upgrade.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-04-02 14:49:39 +01:00
Daira Hopwood edc43904c9 Protocol spec: clarify note about hashFinalSaplingRoot/hashLightClientRoot.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-04-02 14:49:39 +01:00
Daira Hopwood a8adb58654 Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:32:29 +00:00
Daira Hopwood 7fd9cc9f73 Protocol spec: add page break before appendices.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:28:41 +00:00
Daira Hopwood 4b08221dd2 Protocol spec: wording clarification about motivations for Equihash.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:10:30 +00:00
Daira Hopwood 32cb319cc7 Protocol spec: cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:10:30 +00:00
Daira Hopwood a593018417 Protocol spec: fix the Ed25519 specification mess.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:10:30 +00:00
Daira Hopwood 161c9d05f8 Protocol spec: \hexints and \hexarray macros.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:10:30 +00:00
Daira Hopwood 9d7f700c35 Protocol spec: LaTeX cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:10:29 +00:00
Daira Hopwood 2fefae9e47 Protocol spec: RFC references to www.rfc-editor.org, not tools.ietf.org.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:10:29 +00:00
Daira Hopwood 32a0709ffc Protocol spec: clarify that the transaction and header encodings should be read in the context of consensus rules in those sections.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:10:29 +00:00
Daira Hopwood 0dc531d04c Protocol spec: add Heartwood consensus rules.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:10:29 +00:00
Daira Hopwood 731ddfd9f6 Protocol spec: colour-code transaction fields that were added in Sapling.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:06:52 +00:00
Daira Hopwood 892bdfde1b Protocol spec: colour-code "pre-X" consensus rule markers according to X (since that is when the rule changed).
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:06:52 +00:00
Daira Hopwood ef78d9d94c Protocol spec: make Heartwood colour a darker orange.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:06:52 +00:00
Daira Hopwood 69562802cf Protocol spec: add macro and Makefile support for NU4.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:06:52 +00:00
Daira Hopwood 70cc1347f6 protocol/Makefile: make the Heartwood spec the default.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 16:06:52 +00:00
Daira Hopwood afae0efdb8 protocol/Makefile: silence noise about index entries.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 15:41:18 +00:00
Daira Hopwood 37277c3ef7 protocol/Makefile: remove unneeded files for `make clean` that were only generated by pvc targets.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 15:41:18 +00:00
Daira Hopwood 19bfc96a0c protocol/Makefile: remove pvc* targets.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 15:41:18 +00:00
Daira Hopwood e87feda358 Protocol spec: add \Makefile macro.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-20 15:11:00 +00:00
Daira Hopwood ef987f67b2 Ensure that changing a Makefile rebuilds everything on the next run.
Also change the default target for protocol/Makefile to not build unconditionally.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-03-10 16:43:19 +00:00
Daira Hopwood 2e5aad23a1 Regenerate PDFs for protocol spec.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-02-13 14:18:01 +00:00
Daira Hopwood 2e26bb072d Resolve conflicts in the specification of memo fields by deferring to ZIP 302.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-02-13 14:13:10 +00:00
Daira Hopwood 7af527675b Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-02-07 10:56:58 +00:00
Daira Hopwood 849d9435ae Use the term monomorphism for an injective homomorphism, in the context of a "signature scheme with key monomorphism".
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-02-06 23:03:58 +00:00
Daira Hopwood 0d582758dd Specify a retrospective soft fork implemented in zcashd v2.1.1-1 that limits the nTime field
of a block relative to its median-time-past.
Correct the definition of median-time-past for the first PoWMedianBlockSpan blocks in a chain.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-02-06 22:40:00 +00:00
Daira Hopwood ed6baf0fef Change History entry.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-02-06 22:38:15 +00:00
Daira Hopwood 0a3ef33991 Update incremental Merkle tree diagram.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-02-02 16:46:34 +00:00
Daira Hopwood 62251dc54f Change 'Payment address' to 'Shielded payment address' in key components diagrams.
Also remove obsolete key_components.{odg,pdf} files.

Co-Authored-By: Za Wilcox <zancas@protonmail.com>
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-02-02 16:45:47 +00:00
Daira Hopwood 20d506168b Add Acknowledgements to Henry de Valance, Deirdre Connolly, Chelsea Komlo, and Trail of Bits.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-02-02 15:10:19 +00:00
Daira Hopwood 8a6dc9c9fe Wording tweak: replace "it" with "the note".
I was able to read this "it" as a reference to "the transaction".
closes #174

Author: Za Wilgustus <zancas@protonmail.com>
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2020-02-02 15:10:03 +00:00
Daira Hopwood f1230509d8 Regenerate PDFs (and add heartwood.pdf).
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-12-27 11:57:21 +00:00
Daira Hopwood b2c58d414c Blossom clarifications.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-12-27 11:57:20 +00:00
Daira Hopwood 54624a8a6f Specify the height at which Blossom activated.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-12-27 11:57:20 +00:00
Daira Hopwood de0d60efff Cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-12-27 11:57:20 +00:00
Daira Hopwood 149dfcdb53 Add Makefile changes and macros for Heartwood spec.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-12-27 11:57:20 +00:00
Daira Hopwood 624aa9eaa1 Improve formatting of appendix cross-references.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-12-27 11:57:20 +00:00
Za Wilcox 62e61fd1ac
This relabeling brings the figures into closer agreement with the surrounding text. 2019-11-01 13:47:45 -06:00
Daira Hopwood 89de83447a Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-24 01:34:27 +01:00
Daira Hopwood 59aabd6fb5 Fix a typo in the generator for S_1 found by magrady.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-24 01:32:02 +01:00
Daira Hopwood a5eef5d9fc Clarify the type of v^new when sending a Sapling note. fixes #262
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-24 01:17:48 +01:00
Daira Hopwood 746bcca4b3 Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-24 00:53:05 +01:00
Taylor Hornby a4c521a96c Explain the discrepancy in the number of constraints for BLAKE2s found by QED-it.
Co-authored-by: Taylor Hornby <taylor@defuse.ca>
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-24 00:50:12 +01:00
Daira Hopwood 4326655e59 Merge branch 'can' of github.com:nvesely/zips into spec-updates 2019-09-24 00:36:58 +01:00
Daira Hopwood 07417709da Set date for change entry.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-24 00:31:52 +01:00
Daira Hopwood 080cfb00bf Fix an error in the expression for Δ in Pedersen hashing, and add acknowledgement to Kobi Gurkan.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-24 00:30:41 +01:00
Weikeng Chen 3b111df058 fix a small typo in 4.8 Merkle path validity
Similarly, let MerkleCRH be MerkleCRH^{Sprout} for Sprout, or **MerkleDepth^{Sapling}** for Sapling.

becomes

Similarly, let MerkleCRH be MerkleCRH^{Sprout} for Sprout, or **MerkleCRH^{Sapling}** for Sapling.

Co-authored-by: Weikeng Chen <w.k@berkeley.edu>
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-24 00:28:12 +01:00
Daira Hopwood d69d5e1a0c Protocol spec Makefile: 'all' is now the default target.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-03 20:51:01 +01:00
Daira Hopwood 8c6eb6c741 Protocol spec Makefile improvements to suppress unneeded output.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-03 20:51:01 +01:00
Daira Hopwood e0ddb5ed54 Remove ZIP 207 as a reference.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-03 20:51:01 +01:00
Daira Hopwood 9dfa6a981b Fix a missing reference warning for the Sprout spec.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-03 20:51:01 +01:00
Daira Hopwood 81767ac18f Update references to ZIPs and to the Electric Coin Company blog.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-09-03 20:51:01 +01:00
Daira Hopwood 485942ecdf Regenerate PDFs. Also remove protocol.ver and adjust .gitignore .
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-23 20:05:43 +01:00
Daira Hopwood b7e6c187d4 Replace dummy Blossom activation height with the testnet height, and a reference to ZIP 206.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-23 20:02:00 +01:00
Daira Hopwood a7ea92955a Regenerate PDFs, and delete blossom.pdf since Blossom is now included in protocol.pdf.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-23 15:29:52 +01:00
Daira Hopwood 0c060a7a4e Add Change History date.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-23 15:25:48 +01:00
Daira Hopwood 6a92b3459e Make the Blossom spec the default.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-23 15:25:37 +01:00
Daira Hopwood c62ebaa504 Note that zcashd uses ZIP 32 extended spending keys instead of sk.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-23 15:24:57 +01:00
Daira Hopwood ae16d11150 Cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-23 15:14:48 +01:00
Daira Hopwood f21cd8eb1b Generalize the definition of c for the Pedersen hash so that people can apply it to other curves (if they're careful!)
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-22 19:16:27 +01:00
Daira Hopwood 1c7a9abee6 Correct the packing of nf^old into input elements in the Sapling Spend circuit. fixes #264
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-22 18:20:08 +01:00
Daira Hopwood 1cea0d7786 Remove unneeded \textbnx macro.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-22 18:17:20 +01:00
Daira Hopwood 8253c352b2 Add epigraph from Hunting of the Snark.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-22 18:16:33 +01:00
Daira Hopwood 8e21be9a73 Suppress insignificant "Overfull vbox" warnings.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-08 16:38:48 +01:00
Daira Hopwood 1147fe4eff Make the label boxes link to the correct URL.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-08 16:37:46 +01:00
Daira Hopwood 588bc39a77 Protocol spec: note the change to the minimum-difficulty threshold time on the test network for Blossom.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-07 11:18:57 +01:00
Daira Hopwood ccac68b60f Protocol spec: cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-07 11:18:57 +01:00
Daira Hopwood 7ea6510a05 Protocol spec: index improvements.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-07 11:18:57 +01:00
Daira Hopwood fbacfdc358 Protocol spec: remove HTML Makefile targets.
The original intent was to allow external linking into the spec, but that never worked for
HTML, and is now possible with PDF. Also, the HTML output was very large, and typographically
unsatisfactory.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-07 11:18:57 +01:00
Daira Hopwood 7985249119 Protocol spec: remove "optimized" Makefile targets (which actually produced a larger PDF, with TeXLive 2019).
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-07 11:18:57 +01:00
Daira Hopwood cad4baf2e1 Protocol spec: silence overfull/underfull hbox warnings from the theorem list.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-07 11:18:57 +01:00
Daira Hopwood 6dc1d7fff0 Protocol spec: silence a spurious warning from imakeidx.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-08-07 11:18:57 +01:00
Daira Hopwood fa484ecbeb Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-23 15:07:29 +01:00
Daira Hopwood 8d14678190 Protocol spec: set date of Change History entry. Also fix a typo.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-23 15:04:31 +01:00
Daira Hopwood 7e8ff18f82 Protocol spec: more vertical spacing fixes.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-23 14:58:28 +01:00
Daira Hopwood 70e920e1c8 Protocol spec: minor wording changes, added cross-references, and better "changed" marking.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-23 14:14:01 +01:00
Daira Hopwood b684ce88e2 Protocol spec: cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-23 13:48:42 +01:00
Daira Hopwood 9ac2beeed8 Protocol spec: add some index macros.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-23 13:48:42 +01:00
Daira Hopwood 8e52e03761 Protocol spec: vertical spacing cosmetics.
(The new macro definitions for notes, consensus rules, etc. generally require fewer
and/or smaller spacing adjustments.)

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-22 22:34:46 +01:00
Daira Hopwood 4379eaf89c Add support for showing labels, by clicking on any title.
This will not work in all PDF readers, but it works in enough readers to be useful.

Also add a list of theorems and lemmata.
This required switching to the ntheorem package rather than amsthm.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-22 22:19:23 +01:00
Daira Hopwood 8579893230 Protocol spec: cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-11 17:57:39 +01:00
Daira Hopwood 4eed11f925 Changes needed to support TeXLive 2019.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-11 17:57:22 +01:00
Daira Hopwood 234e0faf0b Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-09 00:06:35 +01:00
Daira Hopwood 0ab4949653 Protocol spec: set date of Change History entry.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-08 22:59:16 +01:00
Daira Hopwood 8570f6f5a6 Protocol spec: use microtype package.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-08 22:58:17 +01:00
Daira Hopwood 7656d39204 Protocol spec: cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-08 22:57:50 +01:00
Daira Hopwood 76bfab70a1 Protocol spec: correct an omission in the Change History.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-08 22:56:55 +01:00
Daira Hopwood fe92918c87 Protocol spec: add labels to all sections (for external referencing).
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-08 22:56:19 +01:00
Daira Hopwood 77ebb8614a Protocol spec: improvements to indexing.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-08 22:53:39 +01:00
Daira Hopwood 6e2b8f0ebf Protocol spec: Initial index support.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-08 22:42:16 +01:00
Daira Hopwood a5e5f3e307 Protocol spec: Makefile fixes for nolatexmk targets.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-08 22:14:28 +01:00
Daira Hopwood 8adfcb5ce0 Protocol spec: Experimental LuaLaTeX and XeLaTeX support. refs #249
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-08 22:12:54 +01:00
Daira Hopwood fca48cf94f Protocol spec: README corrections.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-08 21:44:00 +01:00
Daira Hopwood 3e027d2126 Fix typos in comments about the (no longer used) newtxmath package.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-07-05 13:46:26 +01:00
Daira Hopwood 7b7eb100b4 Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-06-19 00:00:41 +01:00
Daira Hopwood ecc92df195 Correct a misstatement in the security argument for balance / binding signatures.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-06-18 23:53:35 +01:00
Daira Hopwood 8fddbe438c Protocol spec: specify which changes in this version are for Sapling, and LaTeX comment nits.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-06-18 23:52:43 +01:00
Daira Hopwood 847a002eff Clarify that Theorem 5.4.2 depends on the parameters of the Jubjub curve.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-06-18 23:52:43 +01:00
Daira Hopwood f4f4682d57 Give a definition for complete twisted Edwards elliptic curves.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-06-18 23:52:43 +01:00
Daira Hopwood 2379ba88d7 Protocol spec: cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-06-18 23:52:43 +01:00
Daira Hopwood 2766855113 Protocol spec: silence useless warnings on first latex run.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-06-18 22:34:04 +01:00
Daira Hopwood 6e3ff4364e Protocol spec: resolve bibliography warnings.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-06-18 22:33:10 +01:00
Daira Hopwood a1cb36a19a Protocol spec: fix optimization and links.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-06-18 22:32:14 +01:00
Daira Hopwood af95317ce7 Protocol spec: fix incompatibility with recent TeXLive.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-06-18 22:29:50 +01:00
Daira Hopwood d39ed004f6 Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-05-20 11:12:00 +01:00
Daira Hopwood 7152d677c8 Use IsBlossomActivated in the definition of FounderAddressAdjustedHeight for consistency.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-05-20 11:09:19 +01:00
Daira Hopwood c699bd4ba1 Minor fix to the list of integer constants in the Notation section.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-05-20 11:08:53 +01:00
Daira Hopwood 40e609444d Regenerate PDFs.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-05-01 11:21:21 +01:00
Daira Hopwood 6e32abdfaa Adjust revision date and version. (No longer beta! Wooo! :3 )
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-05-01 11:02:42 +01:00
Daira Hopwood 07334dad30 Correction to FounderAddressAdjustedHeight.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-05-01 10:59:21 +01:00
Daira Hopwood 1a00b68e7e Cosmetics.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-05-01 10:59:21 +01:00
Daira Hopwood ea346eaca8 Add type declarations for height in difficulty adjustment functions.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-05-01 10:59:21 +01:00
Daira Hopwood 65d43bfac4 Correct an error pointed out in NCC's Blossom audit affecting the first 10 blocks of the chain.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2019-05-01 10:59:07 +01:00