|
|
@ -423,6 +423,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg |
|
|
|
\newcommand{\AuthPrivateLength}{\mathsf{\ell_{\AuthPrivate}}} |
|
|
|
\newcommand{\AuthPublicOld}[1]{\mathsf{a^{old}_{pk,\mathnormal{#1}}}} |
|
|
|
\newcommand{\AuthPrivateOld}[1]{\mathsf{a^{old}_{sk,\mathnormal{#1}}}} |
|
|
|
\newcommand{\AuthEmphPublicOld}[1]{\mathsf{a^{old}_{\textsf{\textbf{pk}},\mathnormal{#1}}}} |
|
|
|
\newcommand{\AuthPublicOldX}[1]{\mathsf{a^{old}_{pk,\mathrm{#1}}}} |
|
|
|
\newcommand{\AuthPrivateOldX}[1]{\mathsf{a^{old}_{sk,\mathrm{#1}}}} |
|
|
|
\newcommand{\AuthPublicNew}[1]{\mathsf{a^{new}_{pk,\mathnormal{#1}}}} |
|
|
@ -495,6 +496,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg |
|
|
|
% Notes |
|
|
|
\newcommand{\Value}{\mathsf{v}} |
|
|
|
\newcommand{\ValueNew}[1]{\mathsf{v^{new}_\mathnormal{#1}}} |
|
|
|
\newcommand{\ValueOld}[1]{\mathsf{v^{old}_\mathnormal{#1}}} |
|
|
|
\newcommand{\NoteTuple}[1]{\mathbf{n}_{#1}} |
|
|
|
\newcommand{\NoteType}{\mathsf{Note}} |
|
|
|
\newcommand{\NotePlaintext}[1]{\mathbf{np}_{#1}} |
|
|
@ -510,6 +512,7 @@ electronic commerce and payment, financial privacy, proof of work, zero knowledg |
|
|
|
\newcommand{\NoteAddressPreRandLength}{\mathsf{\ell_{\NoteAddressPreRand}}} |
|
|
|
\newcommand{\NoteCommitS}{\mathsf{s}} |
|
|
|
\newcommand{\cm}{\mathsf{cm}} |
|
|
|
\newcommand{\cmOld}[1]{\mathsf{{cm}^{old}_\mathnormal{#1}}} |
|
|
|
\newcommand{\cmOldX}[1]{\mathsf{{cm}^{old}_\mathrm{#1}}} |
|
|
|
\newcommand{\cmNew}[1]{\mathsf{{cm}^{new}_\mathnormal{#1}}} |
|
|
|
\newcommand{\snOldX}[1]{\mathsf{{sn}^{old}_\mathrm{#1}}} |
|
|
@ -4048,7 +4051,10 @@ For the ``$\Adversary$ violates Condition I'' case, the proof says: |
|
|
|
\end{itemize} |
|
|
|
|
|
|
|
In fact the openings do not contain $\AuthPrivateOld{i}$; they contain |
|
|
|
$\AuthPublicOld{i}$. |
|
|
|
$\AuthEmphPublicOld{i}$. (In \Zcash $\cmOld{i}$ opens directly to |
|
|
|
$(\AuthEmphPublicOld{i}, \ValueOld{i}, \NoteAddressRandOld{i})$, and |
|
|
|
in \Zerocash it opens to $(\ValueOld{i}, |
|
|
|
\Commit{\NoteCommitS}(\AuthEmphPublicOld{i}, \NoteAddressRandOld{i})$.) |
|
|
|
|
|
|
|
A similar error occurs in the argument for the ``$\Adversary$ violates |
|
|
|
Condition II'' case. |
|
|
@ -4127,6 +4133,7 @@ The errors in the proof of Ledger Indistinguishability mentioned in |
|
|
|
|
|
|
|
\begin{itemize} |
|
|
|
\item Clarify the consensus rule preventing double-spends. |
|
|
|
\item Clarify what a \noteCommitment opens to in \crossref{crprf}. |
|
|
|
\end{itemize} |
|
|
|
|
|
|
|
\introlist |
|
|
|