Daira Hopwood
639a554a04
Change the statement of Theorem 5.4.3 to exclude ⊥ outputs from SinsemillaHashToPoint.
...
Previously the proof did not match the statement.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 16:03:16 +01:00
Daira Hopwood
d7bd67900a
Update the list of ZIPs relevant to NU5 in \crossref{networkupgrades}.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 16:03:16 +01:00
Daira Hopwood
00c39b73e0
Delegate to ZIP 316 for the specification of unified payment addresses and unified viewing keys.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 16:03:16 +01:00
Daira Hopwood
38b740aad2
Caveat how the result of \cite{GG2015} applies to analysis of PRF^nfOrchard in \crossref{concreteprfs}.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 16:03:16 +01:00
Daira Hopwood
4804f6040e
Add a paragraph to \crossref{truncation} covering Orchard.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 16:03:16 +01:00
Daira Hopwood
748e6f8f37
Typo.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 16:03:16 +01:00
Daira Hopwood
35c8af6e47
DJB's "High-speed cryptography" book seems completely stalled.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 16:03:16 +01:00
Daira Hopwood
58add67726
* Specify that diversifier indices for Orchard should be chosen uniquely, not randomly.
...
* Vanity diversifiers are not an issue for Orchard given that it does not have its own
payment address format, and given the use of "jumbling" (ZIP 316) in unified addresses.
Remove the corresponding note from \crossref{orchardkeycomponents}.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 16:03:16 +01:00
Daira Hopwood
2cf14204ae
Clarify the definition of pad in \crossref{concretesinsemillahash} by disambiguating M^pieces from M^padded.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 16:03:16 +01:00
Daira Hopwood
ac16945288
Clarify notation by changing ℓ_rcm to ℓ^Sprout_rcm.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 16:03:16 +01:00
Daira Hopwood
3034a2a662
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 16:03:16 +01:00
Daira Hopwood
adc28d2bb1
Include ρ as an input to the derivation of ψ, esk, and rcm in Orchard.
...
This was originally intended and as described in Section 3.5 of the Orchard Book.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 16:03:16 +01:00
Daira Hopwood
c9470820b7
ZIP 221, 143, and 243: minor wording improvements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-07 15:22:56 +01:00
Kris Nuttycombe
f22a6d4151
Clarify hashes over authorizing data.
2021-05-06 16:06:03 -06:00
Kris Nuttycombe
eea56aa173
The roots of empty transaction hash subtrees are now uniformly committed to with empty hashes.
2021-05-06 15:49:50 -06:00
Daira Hopwood
419c7e4ff4
Renumber ZIP 218 stub to ZIP 220.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-05 21:44:00 +01:00
Daira Hopwood
b30e1b6568
Add stub for ZIP 416: RPC support for Unified Addresses in zcashd.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-05 12:34:24 +01:00
teor
528eb6685d
ZIP 221: fix block height description.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-04 17:25:53 +01:00
Daira Hopwood
36643173bf
Merge pull request #501 from daira/zip-0321-no-slashslash
...
ZIP 321: clarify that only URIs that parse according to the grammar are accepted
2021-05-04 15:16:37 +01:00
Daira Hopwood
b7e72d020c
ZIP 321: make the "//" invalid example clearer by ensuring it is invalid for only that reason.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-04 15:14:15 +01:00
Daira Hopwood
3246eddc69
ZIP 321: clarify that only URIs that parse according to the grammar are accepted.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-05-03 10:06:33 +01:00
Daira Hopwood
4dfd956819
zip-guide: update dependencies.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-23 23:34:10 +01:00
Daira Hopwood
4f391743ab
Update README to list NU5-relevant ZIPs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-23 23:10:23 +01:00
Daira Hopwood
76c8a4689a
Regenerate PDFs.
2021-04-23 22:39:41 +01:00
Daira Hopwood
4f590fb8cd
ZIP 225: add nConsensusBranchId field to the v5 transaction format.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-23 22:34:20 +01:00
Daira Hopwood
21d3c13d4f
Update references to the protocol spec for all NU5-related ZIPs.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-23 22:33:56 +01:00
Daira Hopwood
71a19e7484
Clarify that only an outgoing cipher key is strictly needed to decrypt an outgoing ciphertext.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-23 22:31:37 +01:00
Daira Hopwood
27aa7c484a
Remove an unused precomputation in \crossref{concretegrouphashpallasandvesta}.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-23 22:31:37 +01:00
Daira Hopwood
ecba2451bc
Include the diversifier key in an encoded Orchard Incoming Viewing Key.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-23 22:31:37 +01:00
Daira Hopwood
4dbf2f02d4
Cosmetics.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-23 22:31:37 +01:00
Daira Hopwood
710fee607a
Add the nConsensusBranchId field to v5 transactions, matching the consensus branch ID
...
used for SIGHASH transaction hashes.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-23 22:31:37 +01:00
Daira Hopwood
10710d92a6
Explicitly say that coinbase transactions MUST NOT have transparent inputs
...
(this is a consensus rule inherited from Bitcoin which has been present since launch).
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-23 22:31:37 +01:00
Daira Hopwood
9a1334a454
Merge pull request #496 from nuttycom/zip-244/fix_outputs_hash
...
Correct the description of the outputs_digest hash.
2021-04-23 16:51:16 +01:00
Daira Hopwood
89f5a20d6d
ZIP 244: regenerate HTML.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-23 16:50:22 +01:00
Kris Nuttycombe
827637cc17
Correct the description of the outputs_digest hash.
2021-04-23 08:20:20 -06:00
Daira Hopwood
1e955a803a
ZIP 316: fix link syntax in Related Work section.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-22 23:23:27 +01:00
Daira Hopwood
0168ce7ec3
ZIP 316: corrections to minimum lengths.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-22 23:18:34 +01:00
Daira Hopwood
24957b6745
ZIP 316: update protocol spec references.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-22 22:43:34 +01:00
Daira Hopwood
6caaca962d
Merge pull request #485 from daira/zip-316
...
ZIP 316: Unified Addresses
2021-04-22 22:26:06 +01:00
Daira Hopwood
cec980b004
Correct minimum length.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-22 22:23:41 +01:00
Daira Hopwood
95f596ea16
Tighten up validation requirements.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-22 22:10:41 +01:00
Daira Hopwood
fbdbead6d5
Add support for UFVKs and UIVKs.
...
Append 16 zero bytes on encoding and check them on decoding, to prevent malleability attacks.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-22 22:00:33 +01:00
Daira Hopwood
f4a3b99589
WIP
2021-04-21 00:15:05 +01:00
Daira Hopwood
3de014d33c
ZIP 316 Work in Progress.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-21 00:13:13 +01:00
Daira Hopwood
cb141ac91e
ZIP 244: regenerate HTML.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-21 00:12:46 +01:00
Deirdre Connolly
4c081eaa54
Make a note that the post-memo 'suffix' is the AEAD tag
2021-04-20 18:08:59 -04:00
teor
ef5f47ca08
ZIP-244: Clarify sapling shared anchor hashing ( #490 )
...
* ZIP-244: Clarify sapling shared anchor hashing
Unlike the orchard shared anchor, the sapling v5 transaction shared anchor
is hashed into *each* spend.
* Uppercase Sapling and Spend
Co-authored-by: Deirdre Connolly <durumcrustulum@gmail.com>
2021-04-20 18:08:12 -04:00
Daira Hopwood
2e6cdb3945
Regenerate PDFs.
2021-04-19 00:36:48 +01:00
teor
0cfeea2ecb
Use a different symbol for each v5 Sapling field cardinality rule.
...
Currently, the spec uses the double dagger symbol for both:
* present if and only if `nSpendsSapling + nOutputsSapling > 0`;
* present if and only if `nSpendsSapling > 0`.
To avoid confusion, use dagger for the first rule, and double dagger for the second rule.
Co-authored-by: teor <teor@riseup.net>
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-19 00:32:00 +01:00
Daira Hopwood
1c46e9aa5d
Add Change History entries for already committed changes.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-04-19 00:18:47 +01:00