|
|
@ -386,6 +386,8 @@ |
|
|
|
\newcommand{\EdDSAs}{S} |
|
|
|
\newcommand{\EdDSAR}{\bytes{R}} |
|
|
|
\newcommand{\EdDSAS}{\bytes{S}} |
|
|
|
\newcommand{\RandomSeedLength}{\mathsf{\ell_{Seed}}} |
|
|
|
\newcommand{\RandomSeedType}{\bitseq{\mathsf{\ell_{Seed}}}} |
|
|
|
|
|
|
|
% Merkle tree |
|
|
|
\newcommand{\MerkleDepth}{\mathsf{d}} |
|
|
@ -411,6 +413,7 @@ |
|
|
|
\newcommand{\commitments}{\mathtt{commitments}} |
|
|
|
\newcommand{\ephemeralKey}{\mathtt{ephemeralKey}} |
|
|
|
\newcommand{\encCiphertexts}{\mathtt{encCiphertexts}} |
|
|
|
\newcommand{\RandomSeed}{\mathsf{randomSeed}} |
|
|
|
\newcommand{\randomSeed}{\mathtt{randomSeed}} |
|
|
|
\newcommand{\rt}{\mathsf{rt}} |
|
|
|
\newcommand{\Varies}{\textit{Varies}} |
|
|
@ -687,8 +690,10 @@ An argument to a function can determine other argument or result types. |
|
|
|
|
|
|
|
The following integer constants will be instantiated in \crossref{constants}: |
|
|
|
$\MerkleDepth$, $\NOld$, $\NNew$, $\MerkleHashLength$, $\GeneralCRHLength$, |
|
|
|
$\PRFOutputLength$, $\AuthPrivateLength$, $\NoteAddressPreRandLength$, |
|
|
|
$\MAXMONEY$. |
|
|
|
$\PRFOutputLength$, $\NoteCommitRandLength$, $\RandomSeedLength$, $\AuthPrivateLength$, |
|
|
|
$\NoteAddressPreRandLength$, $\MAXMONEY$. The bit sequence constant |
|
|
|
$\Uncommitted \typecolon \bitseq{\MerkleHashLength}$ will also be defined in |
|
|
|
that section. |
|
|
|
|
|
|
|
|
|
|
|
\nsection{Concepts} |
|
|
@ -1189,7 +1194,7 @@ Either $\vpubOld$ or $\vpubNew$ \MUST be zero. |
|
|
|
\begin{lrbox}{\hsigbox} |
|
|
|
\setchanged |
|
|
|
\begin{bytefield}[bitwidth=0.04em]{1024} |
|
|
|
\bitbox{256}{$256$-bit $\randomSeed$} |
|
|
|
\bitbox{256}{$256$-bit $\RandomSeed$} |
|
|
|
\bitbox{256}{\hfill $256$-bit $\nfOld{\mathrm{1}}$\hfill...\;} & |
|
|
|
\bitbox{256}{$256$-bit $\nfOld{\NOld}$} & |
|
|
|
\bitbox{256}{$256$-bit $\joinSplitPubKey$} |
|
|
@ -1618,6 +1623,8 @@ Define: |
|
|
|
\item[] $\MerkleHashLength = 256$ |
|
|
|
\item[] $\GeneralCRHLength = 256$ |
|
|
|
\item[] $\PRFOutputLength = 256$ |
|
|
|
\item[] $\NoteCommitRandLength = 256$ |
|
|
|
\item[] $\RandomSeedLength = 256$ |
|
|
|
\item[] $\AuthPrivateLength = 252$ |
|
|
|
\item[] $\NoteAddressPreRandLength = 252$ |
|
|
|
\item[] $\Uncommitted = \zeros{\MerkleHashLength}$ |
|
|
|