zec
/
zips
mirror of https://github.com/zcash/zips.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,383 Commits 42 Branches 258 Tags 532 MiB
Commit Graph

1138 Commits

Author SHA1 Message Date
Daira Hopwood 404248cb92 Regenerate PDFs. 2021-04-01 02:19:32 +01:00
Daira Hopwood a0d048ed1e Update Change History entry date. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood 417076e50d Make a note in \crossref{inbandrationale} of the divergence of ivk from a uniform scalar. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood 1eec1f9832 Remove anchorSapling field when there are no Spends. 
This corresponds to e0b08fd576 in ZIP 225.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood 49f3b206f5 Fix type error in kdfinput for KDF^{Sapling,Orchard} (`ephemeralKey` is already a byte sequence). 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood 41580ec06d Cosmetics in Sapling Output statement. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood c367a22098 Explicitly note that the end of the ZIP 212 grace period precedes NU5 activation. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood 3a312dc5a9 Expand the set of ZIPs associated with NU5 in \crossref{networkupgrades}, and reference the Orchard and halo2 books there. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood 6c3099843d Add a caveat about reuse of rivk between PRF^expand and Commit^ivk. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood 3826d43930 Correct the set of inputs to PRF^expand used for ZIP 32 and Orchard in \crossref{abstractprfs}. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood de0bc97bb2 Cosmetics (page breaking). 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood bb985e039a Section \crossref{concreteorchardkdf} should be in the NU5 colour (slate blue). 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Deirdre Connolly ec6c10fc5c Add a note to the Sending Notes (Orchard) section about using a dummy note for ρ. 
Co-authored-by: Deirdre Connolly <deirdre@zfnd.org>
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood 6c8f9fb478 Update the Sprout key component diagram in \crossref{addressesandkeys} to remove magenta highlighting.Remove magenta highlighting 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood e1f105eaa1 Add note about use of big-endian order in the encoding of BLS12-381 points. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood 3a55af9b1f Cosmetics and indexing. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood 7bfdce2d6a Write caution about linkage between the abstract and concrete protocols in \crossref{cautionlinkage}. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood 1097313feb Fix errors in the Sinsemilla proofs: 
* SinsemillaHash is defined in terms of SinsemillaHashToPoint, which also takes the D argument.
* correct errors due to 1-based indexing.
* the argument for exceptional cases got the scalars and range of j wrong.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood cce172ace8 Cosmetics (page breaking). 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
Daira Hopwood f45b6b5d66 Add Action Statement ref to flags note 
This change makes it clearer that the note spend and creation
rules are implemented as part of the proof.

Co-authored-by: teor <teor@riseup.net>
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-04-01 02:11:35 +01:00
teor ecb2ccd3f4 Copy outCiphertext description to the encoding tables 2021-04-01 02:11:35 +01:00
Daira Hopwood 0f427feb5b Regenerate PDFs. 2021-03-26 19:45:47 +00:00
Daira Hopwood f66887cdee Fix an off-by-one error. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 19:40:57 +00:00
Daira Hopwood 3898e2f571 Regenerate PDFs. 2021-03-26 19:38:49 +00:00
Daira Hopwood b4aac633f4 Cosmetics. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 19:31:45 +00:00
Daira Hopwood 2f246ce24d Other fixes to the Orchard specification, including generation of dummy notes and output notes. 
fixes #465

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 19:17:33 +00:00
Daira Hopwood aa86282e16 Change the specifications of note decryption to return the note and memo, rather than a note plaintext. 
Generalize the specification of block chain scanning to support Orchard.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:58 +00:00
Daira Hopwood c50bdbd9ce Delete a confusing part of the definition of concatbits that we don't rely on. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:58 +00:00
Daira Hopwood b27213dfd3 Move the definition of ⊥ to before its first use. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:58 +00:00
Daira Hopwood cd1b4de8f9 Update the hashFinalSaplingRoot/hashLightClientRoot/hashBlockCommitments field for NU5. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:58 +00:00
Daira Hopwood 74dfa80194 Fix errors in Orchard due to cut-and-paste from Sapling. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:58 +00:00
Daira Hopwood 4d3204b8e1 Describe the recommended way to encode a Sapling or unified payment address as a QR code. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:58 +00:00
Daira Hopwood bbc6131f29 Update specification of Poseidon. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:58 +00:00
Daira Hopwood 212fdc8752 Add references for the halo2 book. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood 5e55821889 NCC audit: Make the description of when fields are included in v5 transactions consistent 
between the protocol specification and ZIP 225. Also regenerate the HTML for ZIP 225.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood 55af963e53 NCC audit: Add a definition for the section symbol in \crossref{introduction}, before its first use. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood 5fef9270e2 NCC audit: Correct the sizes of SpendDescriptionV5 and OutputDescriptionV5 in the version transaction format. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood bfc6a8e33c NCC audit: Document the limitation on the domain separation string for the group hash into Pallas/Vesta. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood a68c7d24d0 NCC audit: Document that the choice of nonsquare for λ_G in \crossref{concretegrouphashpallasandvesta} makes no difference 
to the output of map_to_curve_simple_swu.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood fa2b1c6ce9 Correct the output type of sqrt_ratio. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood ab0e248036 NCC audit: Document that the use of k = 256 in hash_to_field is intentional, 
despite the Pallas curve only having 126-bit conjectured security against generic attacks.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood 9d62142142 NCC audit: Fix a discrepancy between \crossref{concretegrouphashpallasandvesta} and \cite{ID-hashtocurve}. 
The zero padding in expand_message_xmd should be 128 bytes (matching the input block size of
BLAKE2b), rather than 64 bytes.

See also https://github.com/zcash/pasta/pull/2 and https://github.com/zcash/pasta_curves/issues/7

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood 5d15a3d91e NCC audit: Fix type confusion between integers and field elements (including additional cases 
not found in the audit, involving nullifiers and cm_x).

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood 7ccbf44c30 NCC audit: Define \mathbb{G} in \crossref{concretegrouphashpallasandvesta}. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood 4d983aa855 NCC audit: Make the naming of enableSpends and enableOutputs consistent. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood e5336bb536 Various rationale updates for NU5. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood 8f1ff76417 Add proof of collision resistance for Sinsemilla. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood 591c7e45cc NCC audit: Restrict the definition of a short Weierstrass elliptic curve 
to base fields of characteristic greater than 3.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood 2e50a09e97 NCC audit: Correct the definition of PRFnf^Orchard by changing Poseidon to PoseidonHash. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00
Daira Hopwood b7d61884e1 NCC audit: Propagate \bot from the inputs of MerkleCRH^Orchard to its output, and add an explicit 
consensus rule that rt^Orchard computed from appending a note commitment is not \bot.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-03-26 18:23:57 +00:00