duke
/
zips
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Clarify what a note commitment opens to in 'Omission in Zerocash security proof' section. 

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
master
Daira Hopwood 7 years ago
parent
5fe9d6d525
commit
91895ee7a7
1 changed files with 8 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      protocol/protocol.tex

9
protocol/protocol.tex
View File

@ -423,6 +423,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
\newcommand{\AuthPrivateLength}{\mathsf{\ell_{\AuthPrivate}}}
\newcommand{\AuthPublicOld}[1]{\mathsf{a^{old}_{pk,\mathnormal{#1}}}}
\newcommand{\AuthPrivateOld}[1]{\mathsf{a^{old}_{sk,\mathnormal{#1}}}}
\newcommand{\AuthEmphPublicOld}[1]{\mathsf{a^{old}_{\textsf{\textbf{pk}},\mathnormal{#1}}}}
\newcommand{\AuthPublicOldX}[1]{\mathsf{a^{old}_{pk,\mathrm{#1}}}}
\newcommand{\AuthPrivateOldX}[1]{\mathsf{a^{old}_{sk,\mathrm{#1}}}}
\newcommand{\AuthPublicNew}[1]{\mathsf{a^{new}_{pk,\mathnormal{#1}}}}
@ -495,6 +496,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
% Notes
\newcommand{\Value}{\mathsf{v}}
\newcommand{\ValueNew}[1]{\mathsf{v^{new}_\mathnormal{#1}}}
\newcommand{\ValueOld}[1]{\mathsf{v^{old}_\mathnormal{#1}}}
\newcommand{\NoteTuple}[1]{\mathbf{n}_{#1}}
\newcommand{\NoteType}{\mathsf{Note}}
\newcommand{\NotePlaintext}[1]{\mathbf{np}_{#1}}
@ -510,6 +512,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg
\newcommand{\NoteAddressPreRandLength}{\mathsf{\ell_{\NoteAddressPreRand}}}
\newcommand{\NoteCommitS}{\mathsf{s}}
\newcommand{\cm}{\mathsf{cm}}
\newcommand{\cmOld}[1]{\mathsf{{cm}^{old}_\mathnormal{#1}}}
\newcommand{\cmOldX}[1]{\mathsf{{cm}^{old}_\mathrm{#1}}}
\newcommand{\cmNew}[1]{\mathsf{{cm}^{new}_\mathnormal{#1}}}
\newcommand{\snOldX}[1]{\mathsf{{sn}^{old}_\mathrm{#1}}}
@ -4048,7 +4051,10 @@ For the ``$\Adversary$ violates Condition I'' case, the proof says:
\end{itemize}
In fact the openings do not contain $\AuthPrivateOld{i}$; they contain
$\AuthPublicOld{i}$.
$\AuthEmphPublicOld{i}$. (In \Zcash $\cmOld{i}$ opens directly to
$(\AuthEmphPublicOld{i}, \ValueOld{i}, \NoteAddressRandOld{i})$, and
in \Zerocash it opens to $(\ValueOld{i},
\Commit{\NoteCommitS}(\AuthEmphPublicOld{i}, \NoteAddressRandOld{i})$.)
A similar error occurs in the argument for the ``$\Adversary$ violates
Condition II'' case.
@ -4127,6 +4133,7 @@ The errors in the proof of Ledger Indistinguishability mentioned in
\begin{itemize}
\item Clarify the consensus rule preventing double-spends.
\item Clarify what a \noteCommitment opens to in \crossref{crprf}.
\end{itemize}
\introlist

Write Preview
Loading…
Cancel
Save