mirror of https://github.com/zcash/zips.git
Compare commits
20 Commits
de41e4b385
...
4b85e1d483
| Author | SHA1 | Date |
|---|---|---|
NerdGGuy
|
4b85e1d483 | |
Daira-Emma Hopwood
|
8124633a39 | |
str4d
|
affc145506 | |
|
Daira-Emma Hopwood
|
5d253b61d5 | |
|
Daira-Emma Hopwood
|
5273fc9c99 | |
dependabot[bot]
|
bf6c166940 | |
|
Daira-Emma Hopwood
|
7d790904cd | |
|
Daira-Emma Hopwood
|
2e9272e850 | |
|
Daira-Emma Hopwood
|
3b706de38b | |
|
Daira-Emma Hopwood
|
8cea84fcf3 | |
|
Daira-Emma Hopwood
|
870d23056a | |
|
Daira-Emma Hopwood
|
e5a24b4d94 | |
|
Daira-Emma Hopwood
|
05d4c99a55 | |
github-actions
|
6a0a93c020 | |
Andrew Arnott
|
250425e54a | |
|
Andrew Arnott
|
b8ba2282c2 | |
|
Matthew Green (@gguy)
|
159ef618ad | |
|
Matthew Green (@gguy)
|
4d6e90c4c0 | |
|
Matthew Green (@gguy)
|
c4ccdf0d54 | |
|
Matthew Green (@gguy)
|
de6ffd2a63 |
|
|
@ -1 +0,0 @@
|
|||
../../../Dockerfile
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
name: Render Zcash Protocol Specification
|
||||
description: GitHub Action to compile Zcash Protocol Specification LaTeX documents
|
||||
author: Deirdre Connolly
|
||||
runs:
|
||||
using: docker
|
||||
# Runs `make all` or something like it
|
||||
image: Dockerfile
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
name: Render ZIPs and Zcash Protocol Specification
|
||||
description: GitHub Action to compile ZIPs and Zcash Protocol Specification LaTeX documents
|
||||
author: Deirdre Connolly
|
||||
runs:
|
||||
using: docker
|
||||
# Runs `make all` or something like it
|
||||
image: ../../../Dockerfile
|
||||
|
|
@ -1,19 +1,23 @@
|
|||
name: Render pdfs
|
||||
name: Build tex and rst
|
||||
|
||||
on: workflow_dispatch
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
|
||||
jobs:
|
||||
|
||||
render:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Set up Git repository
|
||||
uses: actions/checkout@v4.1.1
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4.1.2
|
||||
|
||||
- name: Compile Zcash Protocol Specification
|
||||
uses: ./.github/actions/render-protocol-pdf
|
||||
- name: Compile ZIPs and Zcash Protocol Specification
|
||||
uses: ./.github/actions/render
|
||||
|
||||
- uses: EndBug/add-and-commit@v9.1.3
|
||||
with:
|
||||
add: '**/*.pdf'
|
||||
add: 'protocol/*.pdf *.html'
|
||||
default_author: github_actions
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
FROM debian:latest
|
||||
|
||||
RUN apt-get update \
|
||||
&& apt-get install -y \
|
||||
RUN apt-get update
|
||||
RUN apt-get install -y \
|
||||
gawk \
|
||||
perl \
|
||||
sed \
|
||||
|
|
@ -17,7 +17,10 @@ RUN apt-get update \
|
|||
texlive-plain-generic \
|
||||
texlive-bibtex-extra
|
||||
|
||||
RUN pip3 install rst2html5
|
||||
RUN rm /usr/lib/python3.11/EXTERNALLY-MANAGED
|
||||
RUN pip install rst2html5
|
||||
|
||||
ENV PATH=${PATH}:/root/.local/bin
|
||||
|
||||
WORKDIR "/zips"
|
||||
ENTRYPOINT ["make", "all"]
|
||||
|
|
|
|||
Binary file not shown.
Binary file not shown.
Binary file not shown.
BIN
protocol/nu5.pdf
BIN
protocol/nu5.pdf
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
|
@ -0,0 +1,8 @@
|
|||
::
|
||||
|
||||
ZIP: 253
|
||||
Title: Deployment of the NU6 Network Upgrade
|
||||
Owners: Daira-Emma Hopwood <daira-emma@electriccoin.co>
|
||||
Status: Reserved
|
||||
Category: Consensus / Network
|
||||
Discussions-To: <https://github.com/zcash/zips/issues/806>
|
||||
280
zip-0320.html
280
zip-0320.html
|
|
@ -17,56 +17,70 @@ Category: Standards / Wallet
|
|||
Created: 2024-01-12
|
||||
License: MIT
|
||||
Discussions-To: <<a href="https://github.com/zcash/zips/issues/757">https://github.com/zcash/zips/issues/757</a>>
|
||||
<<a href="https://github.com/zcash/zips/issues/795">https://github.com/zcash/zips/issues/795</a>>
|
||||
Pull-Request: <<a href="https://github.com/zcash/zips/pull/760">https://github.com/zcash/zips/pull/760</a>>
|
||||
<<a href="https://github.com/zcash/zips/pull/766">https://github.com/zcash/zips/pull/766</a>></pre>
|
||||
<<a href="https://github.com/zcash/zips/pull/766">https://github.com/zcash/zips/pull/766</a>>
|
||||
<<a href="https://github.com/zcash/zips/pull/798">https://github.com/zcash/zips/pull/798</a>></pre>
|
||||
<section id="terminology"><h2><span class="section-heading">Terminology</span><span class="section-anchor"> <a rel="bookmark" href="#terminology"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<p>The key words "MUST", "SHOULD", "NOT RECOMMENDED", and "MAY" in this document are to be interpreted as described in BCP 14 <a id="footnote-reference-1" class="footnote_reference" href="#bcp14">1</a> when, and only when, they appear in all capitals.</p>
|
||||
<p>The terms "Recipient", "Producer", "Consumer", "Sender", "Receiver", "Item", "Metadata Item", "Typecode", "Address", "Unified Address" (UA), "Unified Viewing Key" (UVK), "Unified Full Viewing Key" (UFVK), and "Unified Incoming Viewing Key" (UIVK) are to be interpreted as described in ZIP 316 <a id="footnote-reference-2" class="footnote_reference" href="#zip-0316-terminology">5</a>.</p>
|
||||
<p>The terms "Testnet" and "Mainnet" are to be interpreted as described in section 3.12 of the Zcash Protocol Specification <a id="footnote-reference-3" class="footnote_reference" href="#protocol-networks">13</a>.</p>
|
||||
<p>The terms "Recipient", "Producer", "Consumer", "Sender", "Receiver", "Address", and "Unified Address" are to be interpreted as described in ZIP 316 <a id="footnote-reference-2" class="footnote_reference" href="#zip-0316-terminology">7</a>.</p>
|
||||
<p>The terms "Testnet" and "Mainnet" are to be interpreted as described in section 3.12 of the Zcash Protocol Specification <a id="footnote-reference-3" class="footnote_reference" href="#protocol-networks">10</a>.</p>
|
||||
</section>
|
||||
<section id="abstract"><h2><span class="section-heading">Abstract</span><span class="section-anchor"> <a rel="bookmark" href="#abstract"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<p>This ZIP defines a new encoding for transparent Zcash addresses. Wallets must ensure that no shielded notes are spent in transactions that send to a transparent address encoded in the specified fashion.</p>
|
||||
<p>This ZIP is presently in Draft status, and defines two alternate encodings for consideration. Analysis of the benefits and drawbacks of each of the proposed alternatives is presented at the end of this document.</p>
|
||||
</section>
|
||||
<section id="background"><h2><span class="section-heading">Background</span><span class="section-anchor"> <a rel="bookmark" href="#background"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<p>In November of 2023, the Zcash community received notice from the Binance cryptocurrency exchange that Zcash was at risk of being delisted from the exchange unless the community could provide a mechanism by which Binance could refuse deposits from shielded addresses and return them to the depositor. This issue was raised and discussed at length in the Zcash Community forum <a id="footnote-reference-4" class="footnote_reference" href="#binance-delisting">2</a>.</p>
|
||||
<p>In the course of that discussion thread, wallet developer and community member @hanh <a id="footnote-reference-5" class="footnote_reference" href="#hanh-profile">3</a> suggested a wallet-oriented approach <a id="footnote-reference-6" class="footnote_reference" href="#hanh-suggestion">4</a> that involved defining a new encoding for Zcash transparent P2PKH addresses. A Consumer of such an address, whether it be a wallet or an exchange, could recognize this encoding as a directive that the wallet should only spend transparent funds when creating an output to that address.</p>
|
||||
<p>In November 2023, the Zcash community received notice from the Binance cryptocurrency exchange that Zcash was at risk of being delisted from the exchange unless the community could provide a mechanism by which Binance could refuse deposits from shielded addresses and return them to the depositor. This issue was raised and discussed at length in the Zcash Community forum <a id="footnote-reference-4" class="footnote_reference" href="#binance-delisting">2</a>.</p>
|
||||
<p>In the course of that discussion thread, wallet developer and community member @hanh <a id="footnote-reference-5" class="footnote_reference" href="#hanh-profile">3</a> suggested a wallet-oriented approach <a id="footnote-reference-6" class="footnote_reference" href="#hanh-suggestion">4</a> that involved defining a new encoding for Zcash transparent P2PKH addresses. A Consumer of such an address, whether it be a wallet or an exchange, could recognize this encoding as a directive that the wallet should only spend transparent funds when creating an output to that address. This ZIP formalizes that proposal.</p>
|
||||
</section>
|
||||
<section id="motivation"><h2><span class="section-heading">Motivation</span><span class="section-anchor"> <a rel="bookmark" href="#motivation"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<p>The Binance cryptocurrency exchange requires that funds sent to their deposit addresses come from source addresses that are readily identifiable using on-chain information, such that if necessary funds may be rejected by sending them back to the source address(es). This ZIP is intended to standardize a transparent address encoding that is not yet understood by preexisting Consumers, in order to prevent inadvertent shielded spends when sending to such addresses. Then, Consumers that upgrade to support the new encoding will do so with the understanding that they must respect the restrictions on sources of funds described in this ZIP.</p>
|
||||
<p>The Binance cryptocurrency exchange requires that funds sent to their deposit addresses come from source addresses that are readily identifiable using on-chain information, such that if necessary funds may be rejected by sending them back to one of the source addresses. This ZIP is intended to standardize a transparent address encoding that is not yet understood by preexisting Consumers, in order to prevent inadvertent shielded spends when sending to such addresses. Then, Consumers that upgrade to support the new encoding will do so with the understanding that they must respect the restrictions on sources of funds described in this ZIP.</p>
|
||||
<p>It is not expected that other exchanges or Producers of Zcash addresses will generate Transparent-Source-Only Addresses unless they have a specific need to be able to identify the address or addresses from which a payment was funded. However, all Consumers of Zcash addresses should implement this specification, in order to promote interoperability across the Zcash ecosystem.</p>
|
||||
</section>
|
||||
<section id="requirements"><h2><span class="section-heading">Requirements</span><span class="section-anchor"> <a rel="bookmark" href="#requirements"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<ol type="1">
|
||||
<li>A Recipient wishing to receive funds from exclusively transparent sources must be able to generate a receiving address such that only transparent funds will be spent in transactions with an output to this address.</li>
|
||||
<li>A Recipient wishing to receive funds from exclusively transparent sources must be able to generate a receiving address such that only transparent funds will be spent in transactions with an output to this address. The purpose of this is to ensure that it is reliably possible for the Recipient to send back funds received from a Sender that conforms to this ZIP.</li>
|
||||
<li>Wallets and other Consumers that have not been upgraded to recognize the new address format cannot mistake the address for another address type or inadvertently send shielded funds to the address.</li>
|
||||
<li>No changes to Recipient infrastructure beyond changes to address encoding and decoding should be required as a consequence of this ZIP.</li>
|
||||
<li>No changes to Recipient infrastructure beyond changes to address encoding and decoding should be required as a consequence of this ZIP. In particular, conversion between a Transparent-Source-Only Address and the corresponding unrestricted transparent address should be possible using only dependencies that are available to Binance's front-end code.</li>
|
||||
</ol>
|
||||
</section>
|
||||
<section id="alternative-1"><h2><span class="section-heading">Alternative 1</span><span class="section-anchor"> <a rel="bookmark" href="#alternative-1"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<p>This alternative was suggested by @hanh in <a id="footnote-reference-7" class="footnote_reference" href="#hanh-suggestion">4</a>.</p>
|
||||
<section id="tex-addresses"><h3><span class="section-heading">TEX Addresses</span><span class="section-anchor"> <a rel="bookmark" href="#tex-addresses"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<p>A TEX Address is a Bech32m <a id="footnote-reference-8" class="footnote_reference" href="#bip-0350">18</a> reencoding of a transparent Zcash P2PKH address <a id="footnote-reference-9" class="footnote_reference" href="#protocol-transparentaddrencoding">14</a>.</p>
|
||||
<section id="non-requirements"><h2><span class="section-heading">Non-requirements</span><span class="section-anchor"> <a rel="bookmark" href="#non-requirements"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<ol type="1">
|
||||
<li>It is only required to support a Transparent-Source-Only form of P2PKH addresses; P2SH address support is not necessary.</li>
|
||||
<li>It is not required to limit the source of transparent funds sent to a Transparent-Source-Only Address to a single source address. This implies that if the Recipient chooses to send back the funds, it is acceptable for it to send them back to any of the source addresses if there is more than one.</li>
|
||||
<li>It is not necessary for the restriction on the source of funds to be enforced as a consensus rule. If a Sender fails to adhere to the restriction, it risks loss of funds, which is acceptable in the case of a non-conforming Sender implementation.</li>
|
||||
</ol>
|
||||
</section>
|
||||
<section id="specification"><h2><span class="section-heading">Specification</span><span class="section-anchor"> <a rel="bookmark" href="#specification"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<p>A TEX Address, also called a Transparent-Source-Only Address, is a Bech32m <a id="footnote-reference-7" class="footnote_reference" href="#bip-0350">15</a> reencoding of a transparent Zcash P2PKH address <a id="footnote-reference-8" class="footnote_reference" href="#protocol-transparentaddrencoding">11</a>.</p>
|
||||
<p>Wallets and other Senders sending to a TEX address (as any output) MUST ensure that only transparent (P2SH or P2PKH) UTXOs are spent in the creation of the transaction. For simplicity of parsing and interpreting such transactions, they also SHOULD only send to transparent outputs.</p>
|
||||
<p>A TEX address can be produced from a Mainnet Zcash P2PKH Address by executing the following steps:</p>
|
||||
<ol type="1">
|
||||
<li>Decode the address to a byte sequence using the Base58Check decoding algorithm <a id="footnote-reference-9" class="footnote_reference" href="#base58check">13</a>.</li>
|
||||
<li>If the length of the resulting byte sequence is not 22 bytes or if its two-byte address prefix is not
|
||||
<span class="math">\([\mathtt{0x1C}, \mathtt{0xB8}]\)</span>
|
||||
, return an error. Otherwise, let the <strong>validating key hash</strong> be the remaining 20 bytes of the sequence after removing the two-byte address prefix.</li>
|
||||
<li>Reencode the 20-byte <strong>validating key hash</strong> using the Bech32m encoding defined in <a id="footnote-reference-10" class="footnote_reference" href="#bip-0350">15</a> with the human-readable prefix (HRP) <code>"tex"</code>.</li>
|
||||
</ol>
|
||||
<p>For Testnet addresses, the required lead bytes of a P2PKH address in step 2 are
|
||||
<span class="math">\([\mathtt{0x1D}, \mathtt{0x25}]\)</span>
|
||||
, and the <code>"textest"</code> HRP is used when reencoding in step 3.</p>
|
||||
<p>A TEX address can be parsed by reversing this encoding, i.e.:</p>
|
||||
<ol type="1">
|
||||
<li>Decode the address to a byte sequence using Bech32m <a id="footnote-reference-11" class="footnote_reference" href="#bip-0350">15</a>, checking that the HRP is <code>"tex"</code> for a Mainnet TEX Address and <code>"textest"</code> for a Testnet TEX Address.</li>
|
||||
<li>If the length of the resulting byte sequence is not 20 bytes, return an error. Otherwise, the <strong>validating key hash</strong> is this byte sequence.</li>
|
||||
</ol>
|
||||
<section id="design-considerations-for-senders"><h3><span class="section-heading">Design considerations for Senders</span><span class="section-anchor"> <a rel="bookmark" href="#design-considerations-for-senders"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<p>For a transaction that spends only from transparent funds to a TEX Address, this specification imposes no additional requirements.</p>
|
||||
<p>If, on the other hand, a user desires to spend shielded funds to a TEX Address, a Sender supporting this ZIP MUST create two transactions: one that unshields the funds to an ephemeral transparent address, and one that spends from that ephemeral address to the destination TEX Address. This does not defeat the intent of the ZIP, because it is still possible for a Recipient to return the funds to the Sender by sending them back to the ephemeral address.</p>
|
||||
<p>Wallets MUST be able to recognize funds that have been returned in this way and spend them if desired. In order for this to be possible without use of TEX Addresses increasing the risk of loss of funds, wallets based on ZIP 32 <a id="footnote-reference-12" class="footnote_reference" href="#zip-0032">5</a> SHOULD choose ephemeral addresses in a way that allows the corresponding private keys to be recovered from a ZIP 32 master seed.</p>
|
||||
<p>However, ephemeral addresses SHOULD NOT be chosen in a way that allows them to be linked between transactions, without knowledge of the wallet seed or the relevant transparent viewing keys. This also implies that they SHOULD be chosen in a way that avoids collisions with addresses for previously generated outputs (including change outputs), such as might have been created by a transparent-only wallet using Bitcoin-derived code based on BIP 44 <a id="footnote-reference-13" class="footnote_reference" href="#bip-0044">14</a>.</p>
|
||||
<p>In order to show accurate transaction history to a user, wallets SHOULD remember when a particular transaction output was sent to a TEX Address, so that they can show that form rather than its P2PKH form. It is acceptable that this information may be lost on recovery from seed.</p>
|
||||
</section>
|
||||
<section id="motivations-for-alternative-1"><h3><span class="section-heading">Motivations for Alternative 1</span><span class="section-anchor"> <a rel="bookmark" href="#motivations-for-alternative-1"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<p>The TEX Address is the simplest possible approach to creating a new address type that indicates that only transparent sources of funds should be used.</p>
|
||||
</section>
|
||||
<section id="specification-alternative-1"><h3><span class="section-heading">Specification (Alternative 1)</span><span class="section-anchor"> <a rel="bookmark" href="#specification-alternative-1"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<p>A TEX address is produced from a Mainnet Zcash P2PKH Address by executing the following steps:</p>
|
||||
<ol type="1">
|
||||
<li>Decode the address to a byte sequence using the Base58Check decoding algorithm <a id="footnote-reference-10" class="footnote_reference" href="#base58check">16</a>.</li>
|
||||
<li>If the length of the resulting byte sequence is not 22 bytes or if its two-byte address prefix is not
|
||||
<span class="math">\([\mathtt{0x1C}, \mathtt{0xB8}]\)</span>
|
||||
, return an error. Otherwise, let the <strong>validating key hash</strong> be the remaining 20 bytes of the sequence after removing the two-byte address prefix.</li>
|
||||
<li>Reencode the 20-byte <strong>validating key hash</strong> using the Bech32m encoding defined in <a id="footnote-reference-11" class="footnote_reference" href="#bip-0350">18</a> with the human-readable prefix (HRP) <code>"tex"</code>.</li>
|
||||
</ol>
|
||||
<p>For Testnet addresses, the required lead bytes of a P2PKH address in step 2 are
|
||||
<span class="math">\([\mathtt{0x1D}, \mathtt{0x25}]\)</span>
|
||||
, and the <code>"textest"</code> HRP is used when reencoding in step 3.</p>
|
||||
<p>Wallets and other Senders sending to a TEX address (as any output) MUST ensure that only transparent UTXOs are spent in the creation of a transaction.</p>
|
||||
</section>
|
||||
<section id="reference-implementation-alternative-1"><h3><span class="section-heading">Reference Implementation (Alternative 1)</span><span class="section-anchor"> <a rel="bookmark" href="#reference-implementation-alternative-1"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<p>Javascript:</p>
|
||||
<pre>import bs58check from 'bs58check'
|
||||
</section>
|
||||
<section id="reference-implementation"><h2><span class="section-heading">Reference Implementation</span><span class="section-anchor"> <a rel="bookmark" href="#reference-implementation"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<p>Javascript:</p>
|
||||
<pre>import bs58check from 'bs58check'
|
||||
import {bech32m} from 'bech32'
|
||||
|
||||
// From t1 to tex
|
||||
|
|
@ -84,123 +98,15 @@ var pkh2 = Uint8Array.from(bech32m.fromWords(bech32decoded.words))
|
|||
console.assert(pkh2.length == 20, 'Invalid length');
|
||||
var t1 = bs58check.encode(Buffer.concat([Uint8Array.from([0x1C, 0xB8]), pkh2]))
|
||||
console.log(t1)</pre>
|
||||
</section>
|
||||
</section>
|
||||
<section id="alternative-2"><h2><span class="section-heading">Alternative 2</span><span class="section-anchor"> <a rel="bookmark" href="#alternative-2"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<section id="traceable-unified-addresses"><h3><span class="section-heading">Traceable Unified Addresses</span><span class="section-anchor"> <a rel="bookmark" href="#traceable-unified-addresses"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<p>A Traceable Unified Address is a reencoding of a transparent Zcash P2PKH address into a Unified Address <a id="footnote-reference-12" class="footnote_reference" href="#zip-0316-unified-addresses">8</a>.</p>
|
||||
</section>
|
||||
<section id="motivations-for-alternative-2"><h3><span class="section-heading">Motivations for Alternative 2</span><span class="section-anchor"> <a rel="bookmark" href="#motivations-for-alternative-2"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<p>Traceable Unified Addresses fit into the Zcash Unified Address ecosystem defined by ZIP 316, Revision 1 <a id="footnote-reference-13" class="footnote_reference" href="#zip-0316-revision-1">7</a>. Existing Consumers of Unified Addresses will not be able to send to these address unless they update their code to understand the new MUST-understand Metadata Typecode defined in this ZIP.</p>
|
||||
<p>By integrating with the Unified Address framework, it becomes possible for the addresses being generated to include extra metadata; in particular, metadata items such as an Address Expiry Height or Address Expiry Date <a id="footnote-reference-14" class="footnote_reference" href="#zip-0316-address-expiry">12</a> may be included. For exchange use cases such as Binance's, it is useful to ensure that an address provided to a user has a limited utility life, such that after expiration the user must obtain a new address in order to be able to continue to send funds <a id="footnote-reference-15" class="footnote_reference" href="#binance-address-expiry">15</a>.</p>
|
||||
</section>
|
||||
<section id="specification-alternative-2"><h3><span class="section-heading">Specification (Alternative 2)</span><span class="section-anchor"> <a rel="bookmark" href="#specification-alternative-2"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<p>Upon activation of this ZIP, the section <cite>Metadata Items</cite> of ZIP 316 <a id="footnote-reference-16" class="footnote_reference" href="#zip-0316-metadata-items">11</a> will be modified to define a new MUST-understand Metadata Item type: Source Restriction Metadata, having Typecode
|
||||
<span class="math">\(\mathtt{0xE2}\)</span>
|
||||
, the value of which MUST be a single byte:</p>
|
||||
<ul>
|
||||
<li>
|
||||
<span class="math">\(\mathtt{0x00}\)</span>
|
||||
- Transparent Source Only</li>
|
||||
</ul>
|
||||
<p>Additional Source Restriction Metadata values can be defined in the future, but a Consumer that does not recognise the value MUST reject the entire UA/UVK as invalid.</p>
|
||||
<p>Wallets and other Senders MUST ensure that only transparent UTXOs are spent in the creation of a transaction to any Unified Address containing a Source Restriction Metadata Item having value
|
||||
<span class="math">\(\mathtt{0x00}\)</span>
|
||||
.</p>
|
||||
<p>A Traceable Unified Address is produced from a Mainnet Zcash P2PKH address by executing the following steps:</p>
|
||||
<ol type="1">
|
||||
<li>Decode the address to a byte sequence using the Base58Check decoding algorithm <a id="footnote-reference-17" class="footnote_reference" href="#base58check">16</a>.</li>
|
||||
<li>If the length of the resulting byte sequence is not 22 bytes or if its two-byte address prefix is not
|
||||
<span class="math">\([\mathtt{0x1C}, \mathtt{0xB8}]\)</span>
|
||||
, return an error. Otherwise, let the <strong>validating key hash</strong> be the remaining 20 bytes of the array after removing the two-byte address prefix.</li>
|
||||
<li>Construct a new Revision 1 Unified Address using a single P2PKH Receiver
|
||||
<span class="math">\(\mathtt{0x04}\)</span>
|
||||
with the 20-byte <strong>validating key hash</strong> as its value, and a Source Restriction Metadata Item (Typecode
|
||||
<span class="math">\(\mathtt{0xE2}\)</span>
|
||||
) having value
|
||||
<span class="math">\(\mathtt{0x00}\)</span>
|
||||
(Transparent Source Only). In addition, metadata items such as an Address Expiry Height or Address Expiry Date <a id="footnote-reference-18" class="footnote_reference" href="#zip-0316-address-expiry">12</a> MAY be included.</li>
|
||||
<li>Encode the Unified Address using the “<code>ur</code>” Human Readable Part as specified for Revision 1 of ZIP 316 <a id="footnote-reference-19" class="footnote_reference" href="#zip-0316-revision-1">7</a>.</li>
|
||||
</ol>
|
||||
<p>For Testnet addresses, the required lead bytes of a P2PKH address in step 2 are
|
||||
<span class="math">\([\mathtt{0x1D}, \mathtt{0x25}]\)</span>
|
||||
.</p>
|
||||
<p>The HRP of the resulting Unified Address is the same as for any other Revision 1 Unified Address on the relevant network as specified in <a id="footnote-reference-20" class="footnote_reference" href="#zip-0316-revision-1">7</a>, i.e. <code>"ur"</code> for Mainnet and <code>"urtest"</code> for Testnet.</p>
|
||||
<p>Any Source Restriction Metadata Item MUST be preserved with the same value when deriving a UIVK from a UFVK, or a UA from a UIVK. It has no other effect on the meaning of the UFVK or UIVK.</p>
|
||||
<p>Note that it is possible for a Unified Address to include shielded Receivers and also Source Restriction Metadata with value Transparent Source Only. The semantics of such UAs are well defined: they allow a shielding transaction that only spends transparent UTXOs when sending to a shielded Receiver, and the priority order of Receivers defined by ZIP 316 is unaffected. However, this combination of requirements might result in wallet interoperability issues, and so producing such UAs is NOT RECOMMENDED.</p>
|
||||
<section id="dependencies-on-revision-1-of-zip-316"><h4><span class="section-heading">Dependencies on Revision 1 of ZIP 316</span><span class="section-anchor"> <a rel="bookmark" href="#dependencies-on-revision-1-of-zip-316"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h4>
|
||||
<p>This specification depends upon the following changes made for Revision 1 of ZIP 316 <a id="footnote-reference-21" class="footnote_reference" href="#zip-0316-revision-1">7</a>:</p>
|
||||
<ul>
|
||||
<li>A Revision 1 UA/UVK is <em>not</em> required to include a shielded Item. This is necessary for a Traceable Unified Address containing only a P2PKH Receiver to be valid. (It also has other independent motivations, as explained in <a id="footnote-reference-22" class="footnote_reference" href="#zip-0316-drop-shielded-restriction">10</a>.)</li>
|
||||
<li>The change to the HRPs for Revision 1 UAs implies that a Sender implementing the Revision 0 specification will not recognize the UA as valid, which is necessary because it may not understand the Source Restriction Metadata.</li>
|
||||
<li>A Consumer of a Revision 1 UIVK or UFVK is required to retain the Source Restriction Metadata when deriving a UA or UIVK respectively.</li>
|
||||
</ul>
|
||||
</section>
|
||||
</section>
|
||||
<section id="reference-implementation-alternative-2"><h3><span class="section-heading">Reference Implementation (Alternative 2)</span><span class="section-anchor"> <a rel="bookmark" href="#reference-implementation-alternative-2"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<p>Javascript using <cite>zcash_address_wasm</cite> <a id="footnote-reference-23" class="footnote_reference" href="#zcash-address-wasm">19</a>:</p>
|
||||
<pre>import init, { to_traceable_address, traceable_to_p2pkh, addr_expiry_time } from 'zcash_address_wasm';
|
||||
init().then(() => {
|
||||
var t_address = "t1VmmGiyjVNeCjxDZzg7vZmd99WyzVby9yC";
|
||||
console.log("original P2PKH address: " + t_address);
|
||||
|
||||
var expiry_time = new Date();
|
||||
// Add 30 days in UTC.
|
||||
expiry_time.setUTCDate(expiry_time.getUTCDate() + 30);
|
||||
// Date.getTime() returns UTC time since 1970-01-01T00:00:00Z in milliseconds.
|
||||
var expiry_unix_seconds = BigInt(Math.floor(expiry_time.getTime() / 1000));
|
||||
|
||||
var traceable_address = to_traceable_address(t_address, expiry_unix_seconds);
|
||||
console.log("Traceable Unified Address: " + traceable_address);
|
||||
|
||||
var p2pkh_addr = traceable_to_p2pkh(traceable_address);
|
||||
console.log("decoded P2PKH address: " + p2pkh_addr);
|
||||
|
||||
var expiry = addr_expiry_time(traceable_address);
|
||||
// Ignore far-future expiry times not representable as a Date.
|
||||
if (expiry !== null && expiry <= 8_640_000_000_000n) {
|
||||
console.log("expiry time: " + new Date(Number(expiry) * 1000).toUTCString());
|
||||
}
|
||||
});</pre>
|
||||
<p>Example output:</p>
|
||||
<pre>original P2PKH address: t1VmmGiyjVNeCjxDZzg7vZmd99WyzVby9yC
|
||||
Traceable Unified Address: u1p3temdfuxr6vcfr2z3n5weh652rg0hv7q44c652y3su77d0pyktt47am3tng7uxxtk553hhka75r6cvfs5j
|
||||
decoded P2PKH address: t1VmmGiyjVNeCjxDZzg7vZmd99WyzVby9yC
|
||||
expiry time: Mon Feb 13 2024 01:14:18 GMT</pre>
|
||||
</section>
|
||||
</section>
|
||||
<section id="analysis-of-alternative-1"><h2><span class="section-heading">Analysis of Alternative 1</span><span class="section-anchor"> <a rel="bookmark" href="#analysis-of-alternative-1"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<section id="pros-to-alternative-1"><h3><span class="section-heading">Pros to Alternative 1</span><span class="section-anchor"> <a rel="bookmark" href="#pros-to-alternative-1"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<ul>
|
||||
<li>The reencoding from Zcash P2PKH addresses is extremely straightforward and relies only upon widely available encoding libraries.</li>
|
||||
</ul>
|
||||
</section>
|
||||
<section id="cons-to-alternative-1"><h3><span class="section-heading">Cons to Alternative 1</span><span class="section-anchor"> <a rel="bookmark" href="#cons-to-alternative-1"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<ul>
|
||||
<li>Existing wallets and other Consumers will regard the new address type as entirely invalid, and will not automatically prompt their users that they need to upgrade in order to send to this type of address.</li>
|
||||
<li>Creation of a new fully distinct address type further fragments the Zcash address ecosystem. Avoiding such fragmentation and providing smooth upgrade paths and good error messages to users is exactly the problem that Unified Addresses <a id="footnote-reference-24" class="footnote_reference" href="#zip-0316-motivation">6</a> were intended to avoid.</li>
|
||||
<li>The TEX address type does not provide any mechanism for address expiration. One of the questions Binance has asked has been what to do about users who have stored their existing transparent deposit address in their wallets, or use them as a withdrawal address for other exchanges or services. This is a challenging problem to mitigate now because address expiration was not previously implemented. We should not further compound this problem by defining a new distinct address type that does not provide a mechanism for address expiry.</li>
|
||||
</ul>
|
||||
</section>
|
||||
</section>
|
||||
<section id="analysis-of-alternative-2"><h2><span class="section-heading">Analysis of Alternative 2</span><span class="section-anchor"> <a rel="bookmark" href="#analysis-of-alternative-2"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<section id="pros-to-alternative-2"><h3><span class="section-heading">Pros To Alternative 2</span><span class="section-anchor"> <a rel="bookmark" href="#pros-to-alternative-2"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<ul>
|
||||
<li>By integrating with the Unified Address framework, Consumers of Revision 1 Unified Addresses that have not yet been upgraded to recognize these addresses can automatically be prompted to upgrade their wallets or services to understand the unrecognized MUST-understand Metadata Typecode.</li>
|
||||
<li>It is possible to include address expiration metadata in a Traceable Unified Address, which can help to mitigate problems related to stored addresses in the future.</li>
|
||||
<li>The Source Restriction Metadata feature can easily be extended to express other kinds of source restriction, such as "Shielded Source Only" or "Fully Shielded with No Pool Crossing".</li>
|
||||
<li>Traceable Unified Addresses benefit from the robustness to errors and protection against malleation of Unified Addresses <a id="footnote-reference-25" class="footnote_reference" href="#f4jumble">17</a>.</li>
|
||||
<li>Regardless of which proposal is adopted, the Zcash Community will need to work with exchanges other than Binance to update their address parsing logic to understand the new address format. By encouraging Consumers such as exchanges to adopt parsing for Unified Addresses, this proposal furthers the original goal of Unified Addresses to reduce fragmentation in the address ecosystem.
|
||||
<p>Whenever any new feature is added, wallets have a choice whether or not to support that new feature. The point of Unified Address parsing is that wallets don’t have to upgrade to recognize a different address format as a valid Zcash address. Instead of returning a “Not a valid Zcash address” error, which could be confusing for users, they can return an error more like “This is a valid Zcash address, but this wallet does not support sending to it.” This can be used as a prompt to upgrade the wallet to a version (or alternative) that does support that feature.</p>
|
||||
</li>
|
||||
</ul>
|
||||
</section>
|
||||
<section id="cons-to-alternative-2"><h3><span class="section-heading">Cons to Alternative 2</span><span class="section-anchor"> <a rel="bookmark" href="#cons-to-alternative-2"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<ul>
|
||||
<li>Existing wallets and other Consumers of Revision 0 Unified Addresses will regard the new address type as entirely invalid, and will not automatically prompt their users that they need to upgrade in order to send to this type of address.</li>
|
||||
<li>Unified Address encoding is slightly more complex than the proposed TEX address encoding, and requires use of the F4Jumble encoding algorithm <a id="footnote-reference-26" class="footnote_reference" href="#f4jumble">17</a>. However, this can be readily mitigated by providing a purpose-built library for Traceable Unified Address encoding to Producers.</li>
|
||||
<li>A Traceable Unified Address is somewhat longer than a TEX address, although not excessively so.</li>
|
||||
</ul>
|
||||
<section id="rationale"><h2><span class="section-heading">Rationale</span><span class="section-anchor"> <a rel="bookmark" href="#rationale"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
<p>TEX addresses are the simplest possible approach to creating a new address type that indicates that only transparent sources of funds should be used.</p>
|
||||
<p>As required by Binance, it will be possible to convert between a TEX address and an unrestricted transparent P2PKH address using extremely straightforward code that depends only on Base58Check and Bech32m encoding/decoding, as shown in the above <a href="#reference-implementation">Reference Implementation</a>.</p>
|
||||
<p>An earlier version of this ZIP also described another alternative using metadata in Unified Addresses, as specified in ZIP 316 <a id="footnote-reference-14" class="footnote_reference" href="#zip-0316">6</a>. That alternative was designed to enable better integration with the Zcash Unified Address ecosystem, and had the advantage of being able to combine different types of metadata along with the Transparent-Source-Only indicator, such as an expiration block height or time <a id="footnote-reference-15" class="footnote_reference" href="#zip-0316-address-expiry">9</a> <a id="footnote-reference-16" class="footnote_reference" href="#binance-address-expiry">12</a>.</p>
|
||||
<p>However, ultimately the Unified Address-based approach did not meet all of the requirements, since it would in practice have required dependencies on address handling libraries that Binance did not want to depend on in their front-end code.</p>
|
||||
<p>Some design elements of that approach that apply to metadata in general have been incorporated into ZIP 316 Revision 1 <a id="footnote-reference-17" class="footnote_reference" href="#zip-0316-revision-1">8</a>. A more general form of Source Restriction Metadata is also under consideration.</p>
|
||||
<section id="disadvantages"><h3><span class="section-heading">Disadvantages</span><span class="section-anchor"> <a rel="bookmark" href="#disadvantages"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h3>
|
||||
<p>A disadvantage of TEX Addresses (and also of the alternative approach using Unified Addresses) is that the information that a TEX Address was used does not appear on-chain, i.e. a transaction sending to a TEX Address is indistinguishable from one sending to the underlying P2PKH address. This is inevitable given the desire not to change the underlying consensus protocol to support this functionality.</p>
|
||||
</section>
|
||||
</section>
|
||||
<section id="references"><h2><span class="section-heading">References</span><span class="section-anchor"> <a rel="bookmark" href="#references"><img width="24" height="24" class="section-anchor" src="assets/images/section-anchor.png" alt=""></a></span></h2>
|
||||
|
|
@ -236,66 +142,42 @@ expiry time: Mon Feb 13 2024 01:14:18 GMT</pre>
|
|||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table id="zip-0316-terminology" class="footnote">
|
||||
<table id="zip-0032" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>5</th>
|
||||
<td><a href="zip-0316#terminology">ZIP 316: Unified Addresses and Unified Viewing Keys — Terminology</a></td>
|
||||
<td><a href="zip-0032">ZIP 32: Shielded Hierarchical Deterministic Wallets</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table id="zip-0316-motivation" class="footnote">
|
||||
<table id="zip-0316" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>6</th>
|
||||
<td><a href="zip-0316#motivation">ZIP 316: Unified Addresses and Unified Viewing Keys — Motivation</a></td>
|
||||
<td><a href="zip-0316">ZIP 316: Unified Addresses and Unified Viewing Keys</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table id="zip-0316-terminology" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>7</th>
|
||||
<td><a href="zip-0316#terminology">ZIP 316: Unified Addresses and Unified Viewing Keys — Terminology</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table id="zip-0316-revision-1" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>7</th>
|
||||
<td><a href="zip-0316#revision-1">ZIP 316: Unified Addresses and Unified Viewing Keys — Revision 1</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table id="zip-0316-unified-addresses" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>8</th>
|
||||
<td><a href="zip-0316#encoding-of-unified-addresses">ZIP 316: Unified Addresses and Unified Viewing Keys — Encoding of Unified Addresses</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table id="zip-0316-unified-requirements" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>9</th>
|
||||
<td><a href="zip-0316#requirements-for-both-unified-addresses-and-unified-viewing-keys">ZIP 316: Unified Addresses and Unified Viewing Keys — Requirements for both Unified Addresses and Unified Viewing Keys</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table id="zip-0316-drop-shielded-restriction" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>10</th>
|
||||
<td><a href="zip-0316#rationale-for-dropping-the-at-least-one-shielded-item-restriction">ZIP 316: Unified Addresses and Unified Viewing Keys — Rationale for dropping the "at least one shielded Item" restriction</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table id="zip-0316-metadata-items" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>11</th>
|
||||
<td><a href="zip-0316#metadata-items">ZIP 316: Unified Addresses and Unified Viewing Keys — Metadata Items</a></td>
|
||||
<td><a href="zip-0316#revision-1">ZIP 316: Unified Addresses and Unified Viewing Keys — Revision 1</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table id="zip-0316-address-expiry" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>12</th>
|
||||
<th>9</th>
|
||||
<td><a href="zip-0316#address-expiration-metadata">ZIP 316: Unified Addresses and Unified Viewing Keys — Address Expiration Metadata</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
|
@ -303,7 +185,7 @@ expiry time: Mon Feb 13 2024 01:14:18 GMT</pre>
|
|||
<table id="protocol-networks" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>13</th>
|
||||
<th>10</th>
|
||||
<td><a href="protocol/protocol.pdf#networks">Zcash Protocol Specification, Version 2023.4.0. Section 3.12: Mainnet and Testnet</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
|
@ -311,7 +193,7 @@ expiry time: Mon Feb 13 2024 01:14:18 GMT</pre>
|
|||
<table id="protocol-transparentaddrencoding" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>14</th>
|
||||
<th>11</th>
|
||||
<td><a href="protocol/protocol.pdf#transparentaddrencoding">Zcash Protocol Specification, Version 2023.4.0. Section 5.6.1.1 Transparent Addresses</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
|
@ -319,7 +201,7 @@ expiry time: Mon Feb 13 2024 01:14:18 GMT</pre>
|
|||
<table id="binance-address-expiry" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>15</th>
|
||||
<th>12</th>
|
||||
<td><a href="https://forum.zcashcommunity.com/t/unified-address-expiration/46564/6">Zcash Community Forum post describing motivations for address expiry</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
|
@ -327,35 +209,27 @@ expiry time: Mon Feb 13 2024 01:14:18 GMT</pre>
|
|||
<table id="base58check" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>16</th>
|
||||
<th>13</th>
|
||||
<td><a href="https://en.bitcoin.it/wiki/Base58Check_encoding">Base58Check encoding — Bitcoin Wiki</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table id="f4jumble" class="footnote">
|
||||
<table id="bip-0044" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>17</th>
|
||||
<td><a href="zip-0316#jumbling">ZIP 316: Unified Addresses and Unified Viewing Keys — Jumbling</a></td>
|
||||
<th>14</th>
|
||||
<td><a href="https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki">BIP 44: Multi-Account Hierarchy for Deterministic Wallets</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table id="bip-0350" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>18</th>
|
||||
<th>15</th>
|
||||
<td><a href="https://github.com/bitcoin/bips/blob/master/bip-0350.mediawiki">BIP 350: Bech32m format for v1+ witness addresses</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<table id="zcash-address-wasm" class="footnote">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th>19</th>
|
||||
<td><a href="https://github.com/nuttycom/zcash_address_wasm">zcash_address_wasm: Proof-of-concept library for Traceable Unified Address Encoding</a></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</section>
|
||||
</section>
|
||||
</body>
|
||||
|
|
|
|||
373
zip-0320.rst
373
zip-0320.rst
|
|
@ -5,13 +5,15 @@
|
|||
Owners: Daira-Emma Hopwood <daira@electriccoin.co>
|
||||
Kris Nuttycombe <kris@nutty.land>
|
||||
Credits: Hanh
|
||||
Status: Draft
|
||||
Status: Proposed
|
||||
Category: Standards / Wallet
|
||||
Created: 2024-01-12
|
||||
License: MIT
|
||||
Discussions-To: <https://github.com/zcash/zips/issues/757>
|
||||
<https://github.com/zcash/zips/issues/795>
|
||||
Pull-Request: <https://github.com/zcash/zips/pull/760>
|
||||
<https://github.com/zcash/zips/pull/766>
|
||||
<https://github.com/zcash/zips/pull/798>
|
||||
|
||||
|
||||
Terminology
|
||||
|
|
@ -21,15 +23,14 @@ The key words "MUST", "SHOULD", "NOT RECOMMENDED", and "MAY" in this document
|
|||
are to be interpreted as described in BCP 14 [#BCP14]_ when, and only when,
|
||||
they appear in all capitals.
|
||||
|
||||
The terms "Recipient", "Producer", "Consumer", "Sender", "Receiver", "Item",
|
||||
"Metadata Item", "Typecode", "Address", "Unified Address" (UA), "Unified
|
||||
Viewing Key" (UVK), "Unified Full Viewing Key" (UFVK), and "Unified Incoming
|
||||
Viewing Key" (UIVK) are to be interpreted as described in ZIP 316
|
||||
The terms "Recipient", "Producer", "Consumer", "Sender", "Receiver", "Address",
|
||||
and "Unified Address" are to be interpreted as described in ZIP 316
|
||||
[#zip-0316-terminology]_.
|
||||
|
||||
The terms "Testnet" and "Mainnet" are to be interpreted as described in section
|
||||
3.12 of the Zcash Protocol Specification [#protocol-networks]_.
|
||||
|
||||
|
||||
|
||||
Abstract
|
||||
========
|
||||
|
||||
|
|
@ -37,14 +38,11 @@ This ZIP defines a new encoding for transparent Zcash addresses. Wallets must
|
|||
ensure that no shielded notes are spent in transactions that send to a
|
||||
transparent address encoded in the specified fashion.
|
||||
|
||||
This ZIP is presently in Draft status, and defines two alternate encodings for
|
||||
consideration. Analysis of the benefits and drawbacks of each of the proposed
|
||||
alternatives is presented at the end of this document.
|
||||
|
||||
Background
|
||||
==========
|
||||
|
||||
In November of 2023, the Zcash community received notice from the Binance
|
||||
In November 2023, the Zcash community received notice from the Binance
|
||||
cryptocurrency exchange that Zcash was at risk of being delisted from the
|
||||
exchange unless the community could provide a mechanism by which Binance could
|
||||
refuse deposits from shielded addresses and return them to the depositor. This
|
||||
|
|
@ -56,7 +54,9 @@ In the course of that discussion thread, wallet developer and community member
|
|||
that involved defining a new encoding for Zcash transparent P2PKH addresses. A
|
||||
Consumer of such an address, whether it be a wallet or an exchange, could
|
||||
recognize this encoding as a directive that the wallet should only spend
|
||||
transparent funds when creating an output to that address.
|
||||
transparent funds when creating an output to that address. This ZIP formalizes
|
||||
that proposal.
|
||||
|
||||
|
||||
Motivation
|
||||
==========
|
||||
|
|
@ -64,54 +64,73 @@ Motivation
|
|||
The Binance cryptocurrency exchange requires that funds sent to their deposit
|
||||
addresses come from source addresses that are readily identifiable using
|
||||
on-chain information, such that if necessary funds may be rejected by sending
|
||||
them back to the source address(es). This ZIP is intended to standardize a
|
||||
transparent address encoding that is not yet understood by preexisting
|
||||
them back to one of the source addresses. This ZIP is intended to standardize
|
||||
a transparent address encoding that is not yet understood by preexisting
|
||||
Consumers, in order to prevent inadvertent shielded spends when sending to such
|
||||
addresses. Then, Consumers that upgrade to support the new encoding will do so
|
||||
with the understanding that they must respect the restrictions on sources of
|
||||
funds described in this ZIP.
|
||||
|
||||
It is not expected that other exchanges or Producers of Zcash addresses will
|
||||
generate Transparent-Source-Only Addresses unless they have a specific need to
|
||||
be able to identify the address or addresses from which a payment was funded.
|
||||
However, all Consumers of Zcash addresses should implement this specification,
|
||||
in order to promote interoperability across the Zcash ecosystem.
|
||||
|
||||
|
||||
Requirements
|
||||
============
|
||||
|
||||
1. A Recipient wishing to receive funds from exclusively transparent sources
|
||||
must be able to generate a receiving address such that only transparent
|
||||
funds will be spent in transactions with an output to this address.
|
||||
funds will be spent in transactions with an output to this address. The
|
||||
purpose of this is to ensure that it is reliably possible for the Recipient
|
||||
to send back funds received from a Sender that conforms to this ZIP.
|
||||
2. Wallets and other Consumers that have not been upgraded to recognize the new
|
||||
address format cannot mistake the address for another address type or
|
||||
inadvertently send shielded funds to the address.
|
||||
3. No changes to Recipient infrastructure beyond changes to address encoding
|
||||
and decoding should be required as a consequence of this ZIP.
|
||||
and decoding should be required as a consequence of this ZIP. In particular,
|
||||
conversion between a Transparent-Source-Only Address and the corresponding
|
||||
unrestricted transparent address should be possible using only dependencies
|
||||
that are available to Binance's front-end code.
|
||||
|
||||
Alternative 1
|
||||
|
||||
Non-requirements
|
||||
================
|
||||
|
||||
1. It is only required to support a Transparent-Source-Only form of P2PKH
|
||||
addresses; P2SH address support is not necessary.
|
||||
2. It is not required to limit the source of transparent funds sent to a
|
||||
Transparent-Source-Only Address to a single source address. This implies that
|
||||
if the Recipient chooses to send back the funds, it is acceptable for it to
|
||||
send them back to any of the source addresses if there is more than one.
|
||||
3. It is not necessary for the restriction on the source of funds to be enforced
|
||||
as a consensus rule. If a Sender fails to adhere to the restriction, it risks
|
||||
loss of funds, which is acceptable in the case of a non-conforming Sender
|
||||
implementation.
|
||||
|
||||
|
||||
Specification
|
||||
=============
|
||||
|
||||
This alternative was suggested by @hanh in [#hanh-suggestion]_.
|
||||
A TEX Address, also called a Transparent-Source-Only Address, is a Bech32m [#bip-0350]_
|
||||
reencoding of a transparent Zcash P2PKH address [#protocol-transparentaddrencoding]_.
|
||||
|
||||
TEX Addresses
|
||||
-------------
|
||||
Wallets and other Senders sending to a TEX address (as any output) MUST ensure that
|
||||
only transparent (P2SH or P2PKH) UTXOs are spent in the creation of the transaction.
|
||||
For simplicity of parsing and interpreting such transactions, they also SHOULD only
|
||||
send to transparent outputs.
|
||||
|
||||
A TEX Address is a Bech32m [#bip-0350]_ reencoding of a transparent Zcash
|
||||
P2PKH address [#protocol-transparentaddrencoding]_.
|
||||
|
||||
Motivations for Alternative 1
|
||||
-----------------------------
|
||||
|
||||
The TEX Address is the simplest possible approach to creating a new address
|
||||
type that indicates that only transparent sources of funds should be used.
|
||||
|
||||
Specification (Alternative 1)
|
||||
-----------------------------
|
||||
|
||||
A TEX address is produced from a Mainnet Zcash P2PKH Address by executing the
|
||||
A TEX address can be produced from a Mainnet Zcash P2PKH Address by executing the
|
||||
following steps:
|
||||
|
||||
1. Decode the address to a byte sequence using the Base58Check decoding
|
||||
algorithm [#Base58Check]_.
|
||||
2. If the length of the resulting byte sequence is not 22 bytes or if its two-byte
|
||||
address prefix is not :math:`[\mathtt{0x1C}, \mathtt{0xB8}]`, return an error. Otherwise,
|
||||
let the **validating key hash** be the remaining 20 bytes of the sequence after
|
||||
removing the two-byte address prefix.
|
||||
address prefix is not :math:`[\mathtt{0x1C}, \mathtt{0xB8}]`, return an error.
|
||||
Otherwise, let the **validating key hash** be the remaining 20 bytes of the
|
||||
sequence after removing the two-byte address prefix.
|
||||
3. Reencode the 20-byte **validating key hash** using the Bech32m encoding
|
||||
defined in [#bip-0350]_ with the human-readable prefix (HRP) ``"tex"``.
|
||||
|
||||
|
|
@ -119,12 +138,48 @@ For Testnet addresses, the required lead bytes of a P2PKH address in step 2 are
|
|||
:math:`[\mathtt{0x1D}, \mathtt{0x25}]`, and the ``"textest"`` HRP is used when
|
||||
reencoding in step 3.
|
||||
|
||||
Wallets and other Senders sending to a TEX address (as any output) MUST
|
||||
ensure that only transparent UTXOs are spent in the creation of a
|
||||
transaction.
|
||||
A TEX address can be parsed by reversing this encoding, i.e.:
|
||||
|
||||
Reference Implementation (Alternative 1)
|
||||
----------------------------------------
|
||||
1. Decode the address to a byte sequence using Bech32m [#bip-0350]_, checking
|
||||
that the HRP is ``"tex"`` for a Mainnet TEX Address and ``"textest"`` for a
|
||||
Testnet TEX Address.
|
||||
2. If the length of the resulting byte sequence is not 20 bytes, return an error.
|
||||
Otherwise, the **validating key hash** is this byte sequence.
|
||||
|
||||
Design considerations for Senders
|
||||
---------------------------------
|
||||
|
||||
For a transaction that spends only from transparent funds to a TEX Address,
|
||||
this specification imposes no additional requirements.
|
||||
|
||||
If, on the other hand, a user desires to spend shielded funds to a TEX Address,
|
||||
a Sender supporting this ZIP MUST create two transactions: one that unshields
|
||||
the funds to an ephemeral transparent address, and one that spends from that
|
||||
ephemeral address to the destination TEX Address. This does not defeat the
|
||||
intent of the ZIP, because it is still possible for a Recipient to return the
|
||||
funds to the Sender by sending them back to the ephemeral address.
|
||||
|
||||
Wallets MUST be able to recognize funds that have been returned in this way
|
||||
and spend them if desired. In order for this to be possible without use of
|
||||
TEX Addresses increasing the risk of loss of funds, wallets based on ZIP 32
|
||||
[#zip-0032]_ SHOULD choose ephemeral addresses in a way that allows the
|
||||
corresponding private keys to be recovered from a ZIP 32 master seed.
|
||||
|
||||
However, ephemeral addresses SHOULD NOT be chosen in a way that allows them
|
||||
to be linked between transactions, without knowledge of the wallet seed or
|
||||
the relevant transparent viewing keys. This also implies that they SHOULD be
|
||||
chosen in a way that avoids collisions with addresses for previously generated
|
||||
outputs (including change outputs), such as might have been created by a
|
||||
transparent-only wallet using Bitcoin-derived code based on BIP 44 [#bip-0044]_.
|
||||
|
||||
In order to show accurate transaction history to a user, wallets SHOULD
|
||||
remember when a particular transaction output was sent to a TEX Address, so
|
||||
that they can show that form rather than its P2PKH form. It is acceptable that
|
||||
this information may be lost on recovery from seed.
|
||||
|
||||
|
||||
Reference Implementation
|
||||
========================
|
||||
|
||||
Javascript::
|
||||
|
||||
|
|
@ -147,215 +202,41 @@ Javascript::
|
|||
var t1 = bs58check.encode(Buffer.concat([Uint8Array.from([0x1C, 0xB8]), pkh2]))
|
||||
console.log(t1)
|
||||
|
||||
Alternative 2
|
||||
=============
|
||||
Rationale
|
||||
=========
|
||||
|
||||
Traceable Unified Addresses
|
||||
---------------------------
|
||||
TEX addresses are the simplest possible approach to creating a new address type that
|
||||
indicates that only transparent sources of funds should be used.
|
||||
|
||||
A Traceable Unified Address is a reencoding of a transparent Zcash P2PKH
|
||||
address into a Unified Address [#zip-0316-unified-addresses]_.
|
||||
As required by Binance, it will be possible to convert between a TEX address and an
|
||||
unrestricted transparent P2PKH address using extremely straightforward code that
|
||||
depends only on Base58Check and Bech32m encoding/decoding, as shown in the above
|
||||
`Reference Implementation`_.
|
||||
|
||||
Motivations for Alternative 2
|
||||
-----------------------------
|
||||
An earlier version of this ZIP also described another alternative using metadata
|
||||
in Unified Addresses, as specified in ZIP 316 [#zip-0316]_. That alternative was
|
||||
designed to enable better integration with the Zcash Unified Address ecosystem, and
|
||||
had the advantage of being able to combine different types of metadata along with
|
||||
the Transparent-Source-Only indicator, such as an expiration block height or time
|
||||
[#zip-0316-address-expiry]_ [#binance-address-expiry]_.
|
||||
|
||||
Traceable Unified Addresses fit into the Zcash Unified Address ecosystem
|
||||
defined by ZIP 316, Revision 1 [#zip-0316-revision-1]_. Existing Consumers of
|
||||
Unified Addresses will not be able to send to these address unless they update
|
||||
their code to understand the new MUST-understand Metadata Typecode defined in
|
||||
this ZIP.
|
||||
However, ultimately the Unified Address-based approach did not meet all of the
|
||||
requirements, since it would in practice have required dependencies on address
|
||||
handling libraries that Binance did not want to depend on in their front-end code.
|
||||
|
||||
By integrating with the Unified Address framework, it becomes possible for the
|
||||
addresses being generated to include extra metadata; in particular, metadata
|
||||
items such as an Address Expiry Height or Address Expiry Date
|
||||
[#zip-0316-address-expiry]_ may be included. For exchange use cases such as
|
||||
Binance's, it is useful to ensure that an address provided to a user has a
|
||||
limited utility life, such that after expiration the user must obtain a new
|
||||
address in order to be able to continue to send funds
|
||||
[#binance-address-expiry]_.
|
||||
Some design elements of that approach that apply to metadata in general have
|
||||
been incorporated into ZIP 316 Revision 1 [#zip-0316-revision-1]_. A more general
|
||||
form of Source Restriction Metadata is also under consideration.
|
||||
|
||||
Specification (Alternative 2)
|
||||
-----------------------------
|
||||
Disadvantages
|
||||
-------------
|
||||
|
||||
Upon activation of this ZIP, the section `Metadata Items` of ZIP 316
|
||||
[#zip-0316-metadata-items]_ will be modified to define a new MUST-understand
|
||||
Metadata Item type: Source Restriction Metadata, having Typecode
|
||||
:math:`\mathtt{0xE2}`, the value of which MUST be a single byte:
|
||||
A disadvantage of TEX Addresses (and also of the alternative approach using
|
||||
Unified Addresses) is that the information that a TEX Address was used does not
|
||||
appear on-chain, i.e. a transaction sending to a TEX Address is indistinguishable
|
||||
from one sending to the underlying P2PKH address. This is inevitable given the
|
||||
desire not to change the underlying consensus protocol to support this functionality.
|
||||
|
||||
* :math:`\mathtt{0x00}` - Transparent Source Only
|
||||
|
||||
Additional Source Restriction Metadata values can be defined in the future,
|
||||
but a Consumer that does not recognise the value MUST reject the entire
|
||||
UA/UVK as invalid.
|
||||
|
||||
Wallets and other Senders MUST ensure that only transparent UTXOs are spent in
|
||||
the creation of a transaction to any Unified Address containing a Source
|
||||
Restriction Metadata Item having value :math:`\mathtt{0x00}`.
|
||||
|
||||
A Traceable Unified Address is produced from a Mainnet Zcash P2PKH address by
|
||||
executing the following steps:
|
||||
|
||||
1. Decode the address to a byte sequence using the Base58Check decoding
|
||||
algorithm [#Base58Check]_.
|
||||
2. If the length of the resulting byte sequence is not 22 bytes or if its
|
||||
two-byte address prefix is not :math:`[\mathtt{0x1C}, \mathtt{0xB8}]`,
|
||||
return an error. Otherwise, let the **validating key hash** be the remaining
|
||||
20 bytes of the array after removing the two-byte address prefix.
|
||||
3. Construct a new Revision 1 Unified Address using a single P2PKH Receiver
|
||||
:math:`\mathtt{0x04}` with the 20-byte **validating key hash** as its value,
|
||||
and a Source Restriction Metadata Item (Typecode :math:`\mathtt{0xE2}`)
|
||||
having value :math:`\mathtt{0x00}` (Transparent Source Only). In addition,
|
||||
metadata items such as an Address Expiry Height or Address Expiry Date
|
||||
[#zip-0316-address-expiry]_ MAY be included.
|
||||
4. Encode the Unified Address using the “``ur``” Human Readable Part as
|
||||
specified for Revision 1 of ZIP 316 [#zip-0316-revision-1]_.
|
||||
|
||||
For Testnet addresses, the required lead bytes of a P2PKH address in step 2
|
||||
are :math:`[\mathtt{0x1D}, \mathtt{0x25}]`.
|
||||
|
||||
The HRP of the resulting Unified Address is the same as for any other Revision 1
|
||||
Unified Address on the relevant network as specified in [#zip-0316-revision-1]_,
|
||||
i.e. ``"ur"`` for Mainnet and ``"urtest"`` for Testnet.
|
||||
|
||||
Any Source Restriction Metadata Item MUST be preserved with the same value
|
||||
when deriving a UIVK from a UFVK, or a UA from a UIVK. It has no other effect
|
||||
on the meaning of the UFVK or UIVK.
|
||||
|
||||
Note that it is possible for a Unified Address to include shielded Receivers
|
||||
and also Source Restriction Metadata with value Transparent Source Only. The
|
||||
semantics of such UAs are well defined: they allow a shielding transaction
|
||||
that only spends transparent UTXOs when sending to a shielded Receiver, and
|
||||
the priority order of Receivers defined by ZIP 316 is unaffected. However,
|
||||
this combination of requirements might result in wallet interoperability
|
||||
issues, and so producing such UAs is NOT RECOMMENDED.
|
||||
|
||||
Dependencies on Revision 1 of ZIP 316
|
||||
'''''''''''''''''''''''''''''''''''''
|
||||
|
||||
This specification depends upon the following changes made for Revision 1 of
|
||||
ZIP 316 [#zip-0316-revision-1]_:
|
||||
|
||||
* A Revision 1 UA/UVK is *not* required to include a shielded Item. This is
|
||||
necessary for a Traceable Unified Address containing only a P2PKH Receiver
|
||||
to be valid. (It also has other independent motivations, as explained in
|
||||
[#zip-0316-drop-shielded-restriction]_.)
|
||||
* The change to the HRPs for Revision 1 UAs implies that a Sender implementing
|
||||
the Revision 0 specification will not recognize the UA as valid, which is
|
||||
necessary because it may not understand the Source Restriction Metadata.
|
||||
* A Consumer of a Revision 1 UIVK or UFVK is required to retain the Source
|
||||
Restriction Metadata when deriving a UA or UIVK respectively.
|
||||
|
||||
Reference Implementation (Alternative 2)
|
||||
----------------------------------------
|
||||
|
||||
Javascript using `zcash_address_wasm` [#zcash_address_wasm]_::
|
||||
|
||||
import init, { to_traceable_address, traceable_to_p2pkh, addr_expiry_time } from 'zcash_address_wasm';
|
||||
init().then(() => {
|
||||
var t_address = "t1VmmGiyjVNeCjxDZzg7vZmd99WyzVby9yC";
|
||||
console.log("original P2PKH address: " + t_address);
|
||||
|
||||
var expiry_time = new Date();
|
||||
// Add 30 days in UTC.
|
||||
expiry_time.setUTCDate(expiry_time.getUTCDate() + 30);
|
||||
// Date.getTime() returns UTC time since 1970-01-01T00:00:00Z in milliseconds.
|
||||
var expiry_unix_seconds = BigInt(Math.floor(expiry_time.getTime() / 1000));
|
||||
|
||||
var traceable_address = to_traceable_address(t_address, expiry_unix_seconds);
|
||||
console.log("Traceable Unified Address: " + traceable_address);
|
||||
|
||||
var p2pkh_addr = traceable_to_p2pkh(traceable_address);
|
||||
console.log("decoded P2PKH address: " + p2pkh_addr);
|
||||
|
||||
var expiry = addr_expiry_time(traceable_address);
|
||||
// Ignore far-future expiry times not representable as a Date.
|
||||
if (expiry !== null && expiry <= 8_640_000_000_000n) {
|
||||
console.log("expiry time: " + new Date(Number(expiry) * 1000).toUTCString());
|
||||
}
|
||||
});
|
||||
|
||||
Example output::
|
||||
|
||||
original P2PKH address: t1VmmGiyjVNeCjxDZzg7vZmd99WyzVby9yC
|
||||
Traceable Unified Address: u1p3temdfuxr6vcfr2z3n5weh652rg0hv7q44c652y3su77d0pyktt47am3tng7uxxtk553hhka75r6cvfs5j
|
||||
decoded P2PKH address: t1VmmGiyjVNeCjxDZzg7vZmd99WyzVby9yC
|
||||
expiry time: Mon Feb 13 2024 01:14:18 GMT
|
||||
|
||||
Analysis of Alternative 1
|
||||
=========================
|
||||
|
||||
Pros to Alternative 1
|
||||
---------------------
|
||||
|
||||
- The reencoding from Zcash P2PKH addresses is extremely straightforward and
|
||||
relies only upon widely available encoding libraries.
|
||||
|
||||
Cons to Alternative 1
|
||||
---------------------
|
||||
|
||||
- Existing wallets and other Consumers will regard the new address type as
|
||||
entirely invalid, and will not automatically prompt their users that they
|
||||
need to upgrade in order to send to this type of address.
|
||||
- Creation of a new fully distinct address type further fragments the Zcash
|
||||
address ecosystem. Avoiding such fragmentation and providing smooth upgrade
|
||||
paths and good error messages to users is exactly the problem that Unified
|
||||
Addresses [#zip-0316-motivation]_ were intended to avoid.
|
||||
- The TEX address type does not provide any mechanism for address expiration.
|
||||
One of the questions Binance has asked has been what to do about users who
|
||||
have stored their existing transparent deposit address in their wallets, or
|
||||
use them as a withdrawal address for other exchanges or services. This is a
|
||||
challenging problem to mitigate now because address expiration was not
|
||||
previously implemented. We should not further compound this problem by
|
||||
defining a new distinct address type that does not provide a mechanism for
|
||||
address expiry.
|
||||
|
||||
Analysis of Alternative 2
|
||||
=========================
|
||||
|
||||
Pros To Alternative 2
|
||||
---------------------
|
||||
|
||||
- By integrating with the Unified Address framework, Consumers of Revision 1
|
||||
Unified Addresses that have not yet been upgraded to recognize these
|
||||
addresses can automatically be prompted to upgrade their wallets or services
|
||||
to understand the unrecognized MUST-understand Metadata Typecode.
|
||||
- It is possible to include address expiration metadata in a Traceable Unified
|
||||
Address, which can help to mitigate problems related to stored addresses in
|
||||
the future.
|
||||
- The Source Restriction Metadata feature can easily be extended to express
|
||||
other kinds of source restriction, such as "Shielded Source Only" or
|
||||
"Fully Shielded with No Pool Crossing".
|
||||
- Traceable Unified Addresses benefit from the robustness to errors and
|
||||
protection against malleation of Unified Addresses [#F4Jumble]_.
|
||||
- Regardless of which proposal is adopted, the Zcash Community will need to
|
||||
work with exchanges other than Binance to update their address parsing logic
|
||||
to understand the new address format. By encouraging Consumers such as
|
||||
exchanges to adopt parsing for Unified Addresses, this proposal furthers the
|
||||
original goal of Unified Addresses to reduce fragmentation in the address
|
||||
ecosystem.
|
||||
|
||||
Whenever any new feature is added, wallets have a choice whether or not to
|
||||
support that new feature. The point of Unified Address parsing is that
|
||||
wallets don’t have to upgrade to recognize a different address format as a
|
||||
valid Zcash address. Instead of returning a “Not a valid Zcash address”
|
||||
error, which could be confusing for users, they can return an error more like
|
||||
“This is a valid Zcash address, but this wallet does not support sending to
|
||||
it.” This can be used as a prompt to upgrade the wallet to a version (or
|
||||
alternative) that does support that feature.
|
||||
|
||||
Cons to Alternative 2
|
||||
---------------------
|
||||
|
||||
- Existing wallets and other Consumers of Revision 0 Unified Addresses will
|
||||
regard the new address type as entirely invalid, and will not automatically
|
||||
prompt their users that they need to upgrade in order to send to this type of
|
||||
address.
|
||||
- Unified Address encoding is slightly more complex than the proposed TEX
|
||||
address encoding, and requires use of the F4Jumble encoding algorithm
|
||||
[#F4Jumble]_. However, this can be readily mitigated by providing a
|
||||
purpose-built library for Traceable Unified Address encoding to Producers.
|
||||
- A Traceable Unified Address is somewhat longer than a TEX address, although
|
||||
not excessively so.
|
||||
|
||||
References
|
||||
==========
|
||||
|
|
@ -364,18 +245,14 @@ References
|
|||
.. [#binance-delisting] `Zcash Community Forum thread "Important: Potential Binance Delisting" <https://forum.zcashcommunity.com/t/important-potential-binance-delisting/45954>`_
|
||||
.. [#hanh-profile] `Zcash Community Forum user @hanh <https://forum.zcashcommunity.com/u/hanh/summary>`_
|
||||
.. [#hanh-suggestion] `Ywallet developer @hanh's proposal <https://forum.zcashcommunity.com/t/important-potential-binance-delisting/45954/112>`_
|
||||
.. [#zip-0032] `ZIP 32: Shielded Hierarchical Deterministic Wallets <zip-0032.rst>`_
|
||||
.. [#zip-0316] `ZIP 316: Unified Addresses and Unified Viewing Keys <zip-0316.rst>`_
|
||||
.. [#zip-0316-terminology] `ZIP 316: Unified Addresses and Unified Viewing Keys — Terminology <zip-0316#terminology>`_
|
||||
.. [#zip-0316-motivation] `ZIP 316: Unified Addresses and Unified Viewing Keys — Motivation <zip-0316#motivation>`_
|
||||
.. [#zip-0316-revision-1] `ZIP 316: Unified Addresses and Unified Viewing Keys — Revision 1 <zip-0316#revision-1>`_
|
||||
.. [#zip-0316-unified-addresses] `ZIP 316: Unified Addresses and Unified Viewing Keys — Encoding of Unified Addresses <zip-0316#encoding-of-unified-addresses>`_
|
||||
.. [#zip-0316-unified-requirements] `ZIP 316: Unified Addresses and Unified Viewing Keys — Requirements for both Unified Addresses and Unified Viewing Keys <zip-0316#requirements-for-both-unified-addresses-and-unified-viewing-keys>`_
|
||||
.. [#zip-0316-drop-shielded-restriction] `ZIP 316: Unified Addresses and Unified Viewing Keys — Rationale for dropping the "at least one shielded Item" restriction <zip-0316#rationale-for-dropping-the-at-least-one-shielded-item-restriction>`_
|
||||
.. [#zip-0316-metadata-items] `ZIP 316: Unified Addresses and Unified Viewing Keys — Metadata Items <zip-0316#metadata-items>`_
|
||||
.. [#zip-0316-address-expiry] `ZIP 316: Unified Addresses and Unified Viewing Keys — Address Expiration Metadata <zip-0316#address-expiration-metadata>`_
|
||||
.. [#protocol-networks] `Zcash Protocol Specification, Version 2023.4.0. Section 3.12: Mainnet and Testnet <protocol/protocol.pdf#networks>`_
|
||||
.. [#protocol-transparentaddrencoding] `Zcash Protocol Specification, Version 2023.4.0. Section 5.6.1.1 Transparent Addresses <protocol/protocol.pdf#transparentaddrencoding>`_
|
||||
.. [#binance-address-expiry] `Zcash Community Forum post describing motivations for address expiry <https://forum.zcashcommunity.com/t/unified-address-expiration/46564/6>`_
|
||||
.. [#Base58Check] `Base58Check encoding — Bitcoin Wiki <https://en.bitcoin.it/wiki/Base58Check_encoding>`_
|
||||
.. [#F4Jumble] `ZIP 316: Unified Addresses and Unified Viewing Keys — Jumbling <zip-0316#jumbling>`_
|
||||
.. [#bip-0044] `BIP 44: Multi-Account Hierarchy for Deterministic Wallets <https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki>`_
|
||||
.. [#bip-0350] `BIP 350: Bech32m format for v1+ witness addresses <https://github.com/bitcoin/bips/blob/master/bip-0350.mediawiki>`_
|
||||
.. [#zcash_address_wasm] `zcash_address_wasm: Proof-of-concept library for Traceable Unified Address Encoding <https://github.com/nuttycom/zcash_address_wasm>`_
|
||||
|
|
|
|||
|
|
@ -103,6 +103,7 @@ Pull-Request: <<a href="https://github.com/zcash/zips/pull/308">https://githu
|
|||
</ul>
|
||||
<p>The Major Grant Review Committee's decisions relating to the allocation and disbursement of funds from the Discretionary Budget will be final, requiring no approval from the ZF Board, but are subject to veto if the Foundation judges them to violate U.S. law or the ZF's reporting requirements and other (current or future) obligations under U.S. IRS 501(c)(3).</p>
|
||||
</li>
|
||||
<li>A portion of the Discretionary Budget MAY be allocated to provide reasonable compensation to members of the Major Grant Review Committee. Committee member compensation SHALL be limited to the hours needed to successfully perform their positions and MUST align with the scope and responsibilities of their roles. The allocation and distribution of compensation to committee members SHALL be administered by the ZF. The committee members will receive compensation at a rate of $115 per hour, based on an estimated 15 hours each month, amounting to a monthly sum of $1725. Changes to the hours or rate SHALL be determined by the ZF’s Community Advisory Panel or successor process.</li>
|
||||
</ol>
|
||||
<p>ZF SHALL recognize the MG slice of the Dev Fund as a Restricted Fund donation under the above constraints (suitably formalized), and keep separate accounting of its balance and usage under its <a href="#transparency-and-accountability">Transparency and Accountability</a> obligations defined below.</p>
|
||||
<p>ZF SHALL strive to define target metrics and key performance indicators, and the Major Grant Review Committee SHOULD utilize these in its funding decisions.</p>
|
||||
|
|
|
|||
10
zip-1014.rst
10
zip-1014.rst
|
|
@ -287,6 +287,16 @@ Grants, but subject to the following additional constraints:
|
|||
judges them to violate U.S. law or the ZF's reporting requirements and other
|
||||
(current or future) obligations under U.S. IRS 501(c)(3).
|
||||
|
||||
9. A portion of the Discretionary Budget MAY be allocated to provide reasonable
|
||||
compensation to members of the Major Grant Review Committee. Committee member compensation
|
||||
SHALL be limited to the hours needed to successfully perform their positions
|
||||
and MUST align with the scope and responsibilities of their roles. The
|
||||
allocation and distribution of compensation to committee members SHALL be
|
||||
administered by the ZF. The committee members will receive compensation at a
|
||||
rate of $115 per hour, based on an estimated 15 hours each month, amounting to a
|
||||
monthly sum of $1725. Changes to the hours or rate SHALL be determined by
|
||||
the ZF’s Community Advisory Panel or successor process.
|
||||
|
||||
ZF SHALL recognize the MG slice of the Dev Fund as a Restricted Fund
|
||||
donation under the above constraints (suitably formalized), and keep separate
|
||||
accounting of its balance and usage under its `Transparency and Accountability`_
|
||||
|
|
|
|||
Loading…
Reference in New Issue