cb48a537a0Acknowledge the font designers Pablo Impallari and Morris Fuller.
Daira Emma Hopwood
2023-12-18 19:32:20 +0000
a77e74ffb6Cosmetics: improve the appearance of italic bold.
Daira Emma Hopwood
2023-12-18 19:27:02 +0000
477fd91493Initial attempt at making the document work with screen readers (this doesn't work very well yet, and it may be a hopeless task).
Daira Emma Hopwood
2023-12-18 19:03:17 +0000
dcd81b5a85Document that Zooko came up with the name "Faerie Gold".
Daira Emma Hopwood
2023-12-08 14:54:12 +0000
52a7763e4bZIP 32: fix a type error in the derivation of dk_i. (The intent was clear.)
Daira Emma Hopwood
2023-12-07 15:33:08 +0000
7082f4ddf6ZIP 212: Cosmetics and minor rewording for clarity.
Daira Emma Hopwood
2023-12-07 14:13:42 +0000
95493805deSort out the mess with $\mathsf{PRF^{expand}}$ domain separators.
Daira Emma Hopwood
2023-12-07 12:50:17 +0000
2a08f7be78Add reference to my "Explaining the Security of Zcash" talk at Zcon3.
Daira Emma Hopwood
2023-12-07 12:45:29 +0000
f0457c0668Cosmetics.
Daira Emma Hopwood
2023-10-30 15:54:23 +0000
4a61f37072Explain the note decryption soft fork at block height 2121200.
Daira Emma Hopwood
2023-08-25 19:56:44 +0100
f24a4befabIn \crossref{outputstatement}, say why $\mathsf{pk★_d}$ is typed as a bit sequence rather than as a point.
Daira Emma Hopwood
2023-08-25 19:52:19 +0100
2ee72c97b7In the table of \crossref{blockheader}, clarify that `hashLightClientRoot` is used in Heartwood and Canopy, but not in NU5 or later.
Daira Emma Hopwood
2023-04-03 14:33:15 +0100
b83c7625cfMove a note about the order of arguments to NoteCommit^Orchard to a more relevant place.
Daira Emma Hopwood
2023-03-10 14:26:58 +0000
e1ae36d208Add notes in \crossref{spenddesc}, \crossref{outputdesc}, and \crossref{concretehomomorphiccommit} saying that an implementation of HomomorphicPedersenCommit^Sapling MAY resample the commitment trapdoor until the resulting commitment is not the zero point, in order to avoid it being rejected as the cv field of a Spend description or Output description.
Daira Emma Hopwood
2023-03-10 14:25:58 +0000
cd9371b0eeDelete a confusing claim in \crossref{spenddesc} that "The check that rk is not of small order is technically redundant with a check in the Spend circuit ...". The small-order check excludes the zero point, which the Spend authority check that this claim was intending to reference does not.
Daira Emma Hopwood
2023-03-10 12:59:52 +0000
d56323956bDocument that the attacks in \cite{DKLS2020} are no better than brute force key search against FF1-AES256 as specified in \crossref{concreteprps}.
Daira Emma Hopwood
2023-03-10 12:17:49 +0000
3b799127d1Acknowledge Greg Pfeil as a co-designer of the Zcash protocol.
Daira Emma Hopwood
2023-03-02 14:36:13 +0000
aa2d9a4802The abstract no longer describes the NU5 version of the specification as a draft.
Daira Emma Hopwood
2023-03-02 14:35:54 +0000
ae88944e8c* Rename the section "Note Commitments and Nullifiers" to "Computing ρ values and Nullifiers" to more accurately reflect its contents. * Split some of the content of the section "Notes" into subsections "Note Commitments" and "Nullifiers". Make the descriptions of how note commitments and nullifiers are used more precise and explicit, and add forward references where helpful. * Remove redundancy in the definition of note plaintexts between \crossref{noteptconcept} and \crossref{noteptencoding}.
Daira Emma Hopwood
2023-03-02 14:35:11 +0000
b4e3edbb8cThe uses of inputs [4] and [5] to PRF^{expand}_{rseed} (or first bytes of the input in case of Orchard), were accidentally swapped in the protocol specification relative to ZIP 212. The implementation in zcashd correctly followed ZIP 212, using [4] to derive rcm and [5] to derive esk.
Daira Emma Hopwood
2023-03-02 14:27:40 +0000
04db180f3cThe return type of $GroupHash^{\mathbb{J}^{(r)*}}$ in \crossref{concretegrouphashjubjub} was incorrectly given as $\mathbb{J}^{(r)*}$, rather than the correct $\mathbb{J}^{(r)*} \cup \{\bot\}$.
Daira Emma Hopwood
2023-03-02 14:18:07 +0000
5f0bed973eIn the discussion of partitioning oracle attacks on note encryption in \crossref{inbandrationale}, we now use the fact that g_d has order greater than the maximum value of ivk, rather than assuming that g_d is a non-zero point in the prime-order subgroup. (In the case of Sapling, the circuits only enforce that g_d is not a small-order point, not that it is in the prime-order subgroup. It is true that honestly generated addresses have prime-order g_d which would have been sufficient for the security argument against this class of attacks, but the chosen fix is more direct.)
Daira Emma Hopwood
2023-03-02 14:03:11 +0000
f0ef9cf1f1Add a Change History entry "Change Daira Emma Hopwood's name.", and change the name in bibliography entries (the changes in `protocol.tex` were made in 8ea921667d).
Daira Emma Hopwood
2023-03-02 13:59:32 +0000
1d1ec0324bZIP 321: clarify the usage of ``req-``.
Daira Emma Hopwood
2023-12-14 18:05:49 +0000
Merge pull request #723 from daira/zip-0-updates-3
Daira Emma Hopwood
2023-10-31 14:28:28 +0000
dbd852a7fcFilter out known false positive GitHub fragments that we can't check.
Daira Emma Hopwood
2023-10-28 19:02:31 +0100
85f51937aaTry to decode GitHub's bunkum. This is a partial fix for #733.
Daira Emma Hopwood
2023-10-28 18:30:35 +0100
2eb0ed8ef0Updates to reference BCP 14 rather than RFC 2119. fixes#729 Also change two "should"s in ZIP 224 to "SHOULD"s.
Daira Emma Hopwood
2023-10-28 15:34:22 +0100
bbd44929bdZIP 0: Regenerate HTML.
Daira Emma Hopwood
2023-09-15 18:16:28 +0100
f8b491ee50ZIP 0: Add paragraph on public transparency about influence or constraints.
Daira Emma Hopwood
2023-09-14 14:41:50 +0100
10bc5c8fa5ZIP 0: Add Aditya Bharadwaj as a ZIP Editor.
Daira Emma Hopwood
2023-09-14 14:41:08 +0100
0c8acb147dZIP 0 clarifications: * Remove redundancy between the list of reasons to reject an update and the "Specification of Status Workflow" section, and move things to the right section. * Define "Released". * Remove use of "proposed" (which was not intended to be the same as the status "Proposed"). * Add another reason to reject an update: it violates a conformance requirement of any Active Process ZIP (including this ZIP); * Clarify that ZIP stubs, and only ZIP stubs, MUST use Status: Reserved; * Clarify when a Released ZIP can be changed to a non-Released status; * Require that changes in status other than Draft <-> Withdrawn in general need consensus among ZIP Editors, and eliminate resulting redundancies. This is technically a strengthened requirement for changes other than to Proposed or Rejected, but reflects existing practice. * Clarify how the Owners of a ZIP change it to Withdrawn. * Active can now only be reached from Proposed. Strengthen the requirements for rough consensus in this case to say that the ZIP has been complete for at least a month and Proposed for at least a week. This will impose a bit more overhead but I think it's necessary; previously, a Process or Informational ZIP could have gone directly from Draft to Active without sufficient notice. * Require that a Consensus ZIP has an implementation merged into at least one consensus node codebase (currently zcashd and/or zebra) before it is moved to Implemented, and make the existing discussion of timing relative to a network upgrade apply only to Consensus ZIPs; * Require that if a non-editorial update is made to an Obsolete or Withdrawn ZIP, its status MUST be changed appropriately. * Allow a status transition from Implemented to Obsolete, and clarify when transitions to Obsolete occur. * Add a responsibility for the ZIP Secretary to share significant changes in ZIP status, in particular progression of a ZIP to Proposed, on the Community Forum.
Daira Emma Hopwood
2023-09-14 10:27:00 +0100
e9469a3d61ZIP 0: Formatting and typos.
Daira Emma Hopwood
2023-09-14 08:58:50 +0100
c608694157ZIP 0: Add MUST NOT to defined keywords.
Daira Emma Hopwood
2023-09-14 00:33:59 +0100
8a88f2a9e0ZIP 0: Regenerate HTML.
Daira Emma Hopwood
2023-09-14 00:05:52 +0100
3783355612ZIP 401: regenerate HTML.
Daira Emma Hopwood
2023-05-03 22:09:26 +0100
478f9f59f7ZIP 401: include actual `zcashd` and `zebrad` versions that merged changes.
Deirdre Connolly
2023-04-26 17:05:57 -0400
18fce3b4a7Bump actions/checkout from 3.5.1 to 3.5.2
dependabot[bot]
2023-04-13 16:01:56 +0000
6e817f002dZIP 401: updates to constants, rationale, and deployment.
Daira Emma Hopwood
2023-04-16 19:10:06 +0100
6b074e1626ZIP 401: allow implementations to use a different approximation of the memory size of a transaction than its serialized size.
Daira Emma Hopwood
2023-04-16 19:05:20 +0100
aca1158f4eZIP 401: the original deployment was in zcashd v2.1.0-1, not v2.1.0.
Daira Emma Hopwood
2023-04-16 18:55:53 +0100
5356c6be47ZIP 401: formatting of "zcashd" (cosmetic).
Daira Emma Hopwood
2023-04-16 18:54:59 +0100
e7d1f3e3c9Bump actions/checkout from 3.4.0 to 3.5.1
dependabot[bot]
2023-04-12 15:58:59 +0000
Daira Emma Hopwood
Conrado Gouvea
teor
str4d
dependabot[bot]
Deirdre Connolly
Andrew Arnott
Greg Pfeil
Deirdre Connolly