|
|
@ -332,6 +332,8 @@ |
|
|
|
\newcommand{\PaymentAddress}{\mathsf{addr_{pk}}} |
|
|
|
\newcommand{\PaymentAddressLeadByte}{\hexint{16}} |
|
|
|
\newcommand{\PaymentAddressSecondByte}{\hexint{9A}} |
|
|
|
\newcommand{\ViewingKeyLeadByte}{\hexint{BF}} |
|
|
|
\newcommand{\ViewingKeySecondByte}{\hexint{62}} |
|
|
|
\newcommand{\SpendingKeyLeadByte}{\hexint{AB}} |
|
|
|
\newcommand{\SpendingKeySecondByte}{\hexint{36}} |
|
|
|
\newcommand{\PtoSHAddressLeadByte}{\hexint{1C}} |
|
|
@ -340,6 +342,8 @@ |
|
|
|
\newcommand{\PtoPKHAddressSecondByte}{\hexint{B8}} |
|
|
|
\newcommand{\PaymentAddressTestnetLeadByte}{\hexint{16}} |
|
|
|
\newcommand{\PaymentAddressTestnetSecondByte}{\hexint{B6}} |
|
|
|
\newcommand{\ViewingKeyTestnetLeadByte}{\hexint{C0}} |
|
|
|
\newcommand{\ViewingKeyTestnetSecondByte}{\hexint{50}} |
|
|
|
\newcommand{\SpendingKeyTestnetLeadByte}{\hexint{AC}} |
|
|
|
\newcommand{\SpendingKeyTestnetSecondByte}{\hexint{08}} |
|
|
|
\newcommand{\PtoSHAddressTestnetLeadByte}{\hexint{1C}} |
|
|
@ -2504,6 +2508,40 @@ cause the first two characters of the Base58Check encoding to be fixed as |
|
|
|
\ascii{zt}. |
|
|
|
} |
|
|
|
|
|
|
|
\nsubsubsection{Viewing Keys} \label{viewingkeyencoding} |
|
|
|
|
|
|
|
A \viewingKey consists of $\TransmitPrivate$. $\TransmitPrivate$ is a $\KAPrivate$ |
|
|
|
key (see \crossref{concretekeyagreement}), for use with the encryption scheme |
|
|
|
defined in \crossref{inband}. It is derived from a \spendingKey as described |
|
|
|
in \crossref{keycomponents}. |
|
|
|
|
|
|
|
The raw encoding of a \viewingKey consists of: |
|
|
|
|
|
|
|
\begin{equation*} |
|
|
|
\begin{bytefield}[bitwidth=0.07em]{520} |
|
|
|
\bitbox{80}{$8$-bit $\ViewingKeyLeadByte$} |
|
|
|
\bitbox{80}{$8$-bit $\ViewingKeySecondByte$} |
|
|
|
\bitbox{256}{\changed{$256$}-bit $\TransmitPrivate$} |
|
|
|
\end{bytefield} |
|
|
|
\end{equation*} |
|
|
|
|
|
|
|
\begin{itemize} |
|
|
|
\item Two bytes $[\ViewingKeyLeadByte, \ViewingKeySecondByte]$, |
|
|
|
indicating this version of the raw encoding of a \Zcash \viewingKey |
|
|
|
on the production network. (Addresses on the test network use |
|
|
|
$[\ViewingKeyTestnetLeadByte, \ViewingKeyTestnetSecondByte]$ |
|
|
|
instead.) |
|
|
|
\item \changed{256 bits} specifying $\TransmitPrivate$, \changed{using the |
|
|
|
normal encoding of a Curve25519 private key \cite{Bern2006}}. |
|
|
|
\end{itemize} |
|
|
|
|
|
|
|
\pnote{ |
|
|
|
For addresses on the production network, the lead bytes and encoded length |
|
|
|
cause the first two characters of the Base58Check encoding to be fixed as |
|
|
|
\ascii{VK}. For the test network, the first two characters are fixed as |
|
|
|
\ascii{VT}. |
|
|
|
} |
|
|
|
|
|
|
|
\nsubsubsection{Spending Keys} \label{spendingkeyencoding} |
|
|
|
|
|
|
|
A \spendingKey consists of $\AuthPrivate$, which is a sequence of \changed{252} bits |
|
|
@ -3689,6 +3727,7 @@ The errors in the proof of Ledger Indistinguishability mentioned in |
|
|
|
\subparagraph{2016.0-beta-1.13} |
|
|
|
|
|
|
|
\begin{itemize} |
|
|
|
\item Add an encoding format for \viewingKeys. |
|
|
|
\item Define $\PRFaddr{}$ in \crossref{keycomponents}. |
|
|
|
\end{itemize} |
|
|
|
|
|
|
|