|
|
|
@ -876,7 +876,7 @@ Bytes & \heading{Name} & \heading{Data Type} & \heading{Description} \\ |
|
|
|
\Varies & $\nJoinSplit$ & \type{compactSize uint} & The number of \joinSplitDescriptions |
|
|
|
in $\vJoinSplit$. \\ \hline |
|
|
|
|
|
|
|
$1034 \times \nJoinSplit$ & $\vJoinSplit$ & |
|
|
|
$1802 \times \nJoinSplit$ & $\vJoinSplit$ & |
|
|
|
\type{JoinSplitDescription} \type{[$\nJoinSplit$]} & |
|
|
|
The \sequenceOfJoinSplitDescriptions in this \transaction. \\ \hline |
|
|
|
|
|
|
|
@ -923,9 +923,6 @@ output \notes $\cmNew{\allNew}$. \\ \hline |
|
|
|
\setchanged 32 &\setchanged $\ephemeralKey$ &\setchanged \type{char[32]} &\mbox{}\setchanged |
|
|
|
A Curve25519 public key $\EphemeralPublic$. \\ \hline |
|
|
|
|
|
|
|
434 & $\encCiphertexts$ & \type{char[217][$\NNew$]} & A sequence of ciphertext |
|
|
|
components for the encrypted output \notes, $\TransmitCiphertext{\allNew}$. \\ \hline |
|
|
|
|
|
|
|
\setchanged 32 &\setchanged $\randomSeed$ &\setchanged \type{char[32]} &\mbox{}\setchanged |
|
|
|
A 256-bit seed that must be chosen independently at random for each \joinSplitDescription. \\ \hline |
|
|
|
|
|
|
|
@ -936,6 +933,9 @@ $\joinSplitDescription$. \\ \hline |
|
|
|
296 & $\zkproof$ & \type{char[296]} & An encoding of the zero-knowledge proof $\JoinSplitProof$ |
|
|
|
(\crossref{proofencoding}). \\ \hline |
|
|
|
|
|
|
|
1202 & $\encCiphertexts$ & \type{char[601][$\NNew$]} & A sequence of ciphertext |
|
|
|
components for the encrypted output \notes, $\TransmitCiphertext{\allNew}$. \\ \hline |
|
|
|
|
|
|
|
\end{tabularx} |
|
|
|
\end{center} |
|
|
|
|
|
|
|
@ -1659,13 +1659,13 @@ Each \notePlaintext (denoted $\NotePlaintext{}$) consists of |
|
|
|
$(\Value, \NoteAddressRand, \NoteCommitRand\changed{, \Memo})$. |
|
|
|
|
|
|
|
The first three of these fields are as defined earlier. |
|
|
|
\changed{$\Memo$ is a 128-byte \memo associated with this \note. |
|
|
|
\changed{$\Memo$ is a 512-byte \memo associated with this \note. |
|
|
|
|
|
|
|
The usage of the \memo is by agreement between the sender and recipient of the |
|
|
|
\note. The \memo{} \SHOULD be encoded either as: |
|
|
|
\begin{itemize} |
|
|
|
\item a UTF-8 human-readable string \cite{Unicode}, padded by appending zero bytes; or |
|
|
|
\item an arbitrary sequence of 128 bytes starting with a byte value of $\hexint{F5}$ |
|
|
|
\item an arbitrary sequence of 512 bytes starting with a byte value of $\hexint{F5}$ |
|
|
|
or greater, which is therefore not a valid UTF-8 string. |
|
|
|
\end{itemize} |
|
|
|
|
|
|
|
@ -1688,7 +1688,7 @@ The encoding of a \notePlaintext consists of, in order: |
|
|
|
&}\bitbox{192}{$64$-bit $\Value$} & |
|
|
|
\bitbox{256}{$256$-bit $\NoteAddressRand$} & |
|
|
|
\bitbox{256}{\changed{$256$}-bit $\NoteCommitRand$} & |
|
|
|
\changed{\bitbox{800}{$\Memo$ ($128$ bytes)}} |
|
|
|
\changed{\bitbox{800}{$\Memo$ ($512$ bytes)}} |
|
|
|
\end{bytefield} |
|
|
|
\end{equation*} |
|
|
|
|
|
|
|
@ -1701,7 +1701,7 @@ The encoding of a \notePlaintext consists of, in order: |
|
|
|
\item 32 bytes specifying $\NoteAddressRand$. |
|
|
|
\item \changed{32} bytes specifying $\NoteCommitRand$. |
|
|
|
\changed{ |
|
|
|
\item 128 bytes specifying $\Memo$. |
|
|
|
\item 512 bytes specifying $\Memo$. |
|
|
|
} |
|
|
|
\end{itemize} |
|
|
|
|
|
|
|
@ -2300,6 +2300,7 @@ of $\PRFaddr{}$ was found by Daira Hopwood. |
|
|
|
\item Add a section specifying the zero-knowledge proving system and the |
|
|
|
encoding of proofs. Change the encoding of points in proofs to follow |
|
|
|
IEEE Std 1363. |
|
|
|
\item Change the length of \memos to 512 bytes. |
|
|
|
\item Switch the \joinSplitSignature scheme to Ed25519, with consequent |
|
|
|
changes to the computation of $\hSig$. |
|
|
|
\item Fix the lead bytes in \paymentAddress and \spendingKey encodings to |
|
|
|
|
Daira Hopwood
8 years ago