|
|
|
@ -119,6 +119,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg |
|
|
|
\newcommand{\nsubsubsection}[1]{\subsubsection{\nstrut{#1}}} |
|
|
|
|
|
|
|
\newcommand{\introlist}{\needspace{15ex}} |
|
|
|
\newcommand{\introsection}{\needspace{30ex}} |
|
|
|
|
|
|
|
\mathchardef\mhyphen="2D |
|
|
|
|
|
|
|
@ -1064,7 +1065,7 @@ an adversary would have to know $\TransmitPublic$ in order to exploit a |
|
|
|
hypothetical weakness in that cryptosystem. |
|
|
|
} |
|
|
|
|
|
|
|
\needspace{20ex} |
|
|
|
\introsection |
|
|
|
\nsubsection{\Notes} |
|
|
|
|
|
|
|
A \note (denoted $\NoteTuple{}$) is a tuple $\changed{(\AuthPublic, \Value, |
|
|
|
@ -1889,9 +1890,9 @@ into the \blockchain, appends to the \noteCommitmentTree with all constituent |
|
|
|
\nullifierSet of the associated \treestate. A \transaction is not valid if it |
|
|
|
attempts to add a \nullifier to the \nullifierSet that already exists in the set. |
|
|
|
|
|
|
|
\introsection |
|
|
|
\nsubsection{\JoinSplitStatement} \label{jsstatement} |
|
|
|
|
|
|
|
\introlist |
|
|
|
A valid instance of $\JoinSplitProof$ assures that given a \term{primary input}: |
|
|
|
|
|
|
|
\begin{formulae} |
|
|
|
@ -2285,7 +2286,7 @@ the number of calls to $\BlakeGeneric$ can be reduced by a factor of $\floor{\fr |
|
|
|
in the best case (which is a factor of 2 for $n = 200$). |
|
|
|
} |
|
|
|
|
|
|
|
\introlist |
|
|
|
\introsection |
|
|
|
\nsubsubsection{\PseudoRandomFunctions} \label{concreteprfs} |
|
|
|
|
|
|
|
The \changed{four} independent PRFs described in \crossref{abstractprfs} are |
|
|
|
@ -2995,7 +2996,7 @@ These parameters were obtained by a multi-party computation described in |
|
|
|
\cite{GitHub-mpc} and \cite{BGG2016}. |
|
|
|
|
|
|
|
|
|
|
|
\needspace{30ex} |
|
|
|
\introsection |
|
|
|
\nsection{Consensus Changes from \Bitcoin} |
|
|
|
|
|
|
|
\nsubsection{Encoding of \Transactions} \label{txnencoding} |
|
|
|
@ -3501,7 +3502,7 @@ $\MaxBlockSubsidy$, and $\FoundersFraction$ are instantiated in \crossref{consta |
|
|
|
\item $\MinerSubsidy(\BlockHeight) := \BlockSubsidy(\BlockHeight) - \FoundersReward(\BlockHeight)$. |
|
|
|
\end{formulae} |
|
|
|
|
|
|
|
\needspace{18ex} |
|
|
|
\introsection |
|
|
|
\nsubsection{Payment of Founders' Reward} \label{foundersreward} |
|
|
|
|
|
|
|
The \foundersReward is paid by a \transparent output in the \coinbaseTransaction, to |
|
|
|
@ -3664,7 +3665,7 @@ and would require an RFC in order to do so.) |
|
|
|
\end{comment} |
|
|
|
|
|
|
|
|
|
|
|
\needspace{18ex} |
|
|
|
\introsection |
|
|
|
\nsection{Differences from the Zerocash paper} \label{differences} |
|
|
|
|
|
|
|
\nsubsection{Transaction Structure} \label{trstructure} |
|
|
|
|
Daira Hopwood
7 years ago