Regenerate PDF.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>

protocol/Makefile

@@ -5,14 +5,15 @@ LATEX=pdflatex
 
 .PHONY: pdf
 pdf:
-	echo "\\\\renewcommand{\\\\docversion}{Version $$(git describe --tags --abbrev=6)}" |tee protocol.ver
+	printf '\\renewcommand{\\docversion}{Version %s}' "$$(git describe --tags --abbrev=6)" |tee protocol.ver
 	# If $(LATEX) fails, touch an input so that 'make' won't think it is up-to-date next time.
 	rm -f protocol.aux
-	$(LATEX) protocol.tex || touch incremental_merkle.pdf
-	bibtex protocol
-	$(LATEX) protocol.tex || touch incremental_merkle.pdf
-	$(LATEX) protocol.tex || touch incremental_merkle.pdf
+	$(LATEX) protocol.tex || touch protocol.tex
+	biber protocol
+	$(LATEX) protocol.tex || touch protocol.tex
+	$(LATEX) protocol.tex || touch protocol.tex
+	$(LATEX) protocol.tex || touch protocol.tex
 
 .PHONY: clean
 clean:
-	rm -f protocol.dvi protocol.pdf protocol.bbl protocol.blg protocol.brf protocol.toc protocol.aux protocol.log
+	rm -f protocol.dvi protocol.pdf protocol.bbl protocol.blg protocol.brf protocol.toc protocol.aux protocol.out protocol.log protocol.bcf protocol.run.xml protocol.ver

protocol/README.rst

@@ -2,8 +2,8 @@
  Zcash Protocol Specification
 ==============================
 
-Build dependencies on debian include, at least:
+Build dependencies on Debian-based systems include, at least:
 
 .. code::
 
-   apt-get install texlive texlive-science texlive-fonts-extra texlive-generic-recommended
+   apt-get install texlive texlive-science texlive-fonts-extra texlive-generic-recommended biber

protocol/protocol.ver

@@ -0,0 +1 @@
+\renewcommand{\docversion}{Version 2016.0-alpha-3.1-58-g87016f}

protocol/zcash.bib

@@ -1,142 +1,269 @@
-@inproceedings{ZerocashOakland,
+@misc{BCG+2014,
    author={Eli Ben-Sasson and Alessandro Chiesa and Christina Garman and Matthew Green and Ian Miers and Eran Tromer and Madars Virza},
-   year={2014},
-   title={Zerocash: Decentralized {A}nonymous {P}ayments from {B}itcoin},
-   booktitle={Proceedings of the IEEE Symposium on Security and Privacy (Oakland) 2014},
-   pages={459-474},
-   publisher={IEEE}
+   title={Zerocash: Decentralized {A}nonymous {P}ayments from {B}itcoin (extended version)},
+   url={http://zerocash-project.org/media/pdf/zerocash-extended-20140518.pdf},
+   urldate={2016-08-06},
+   addendum={A condensed version appeared in \textsl{Proceedings of the IEEE Symposium on Security and Privacy (Oakland) 2014},
+pages 459--474; IEEE, 2014.}
 }
 
-@misc{Base58Check,
-   key={BitcoinBase58Check},
-   title={Base58{C}heck encoding -- {B}itcoin {W}iki},
-   howpublished={\url{https://en.bitcoin.it/wiki/Base58Check_encoding}},
-   note={Accessed: \mbox{2016-01-26}}
+@misc{BCTV2015,
+   author={Eli Ben-Sasson and Alessandro Chiesa and Eran Tromer and Madars Virza},
+   title={Succinct {N}on-{I}nteractive {Z}ero {K}nowledge for a von {N}eumann {A}rchitecture},
+   url={https://eprint.iacr.org/2013/879},
+   howpublished={Cryptology ePrint Archive: Report 2013/879.
+Last revised \mbox{May 19,} 2015.}
 }
 
-@inproceedings{Curve25519,
+@misc{PGHR2013,
+   author={Bryan Parno and Craig Gentry and Jon Howell and Mariana Raykova},
+   title={Pinocchio: {N}early {P}ractical {V}erifiable {C}omputation},
+   url={https://eprint.iacr.org/2013/279},
+   howpublished={Cryptology ePrint Archive: Report 2013/279. Last revised \mbox{May 13,} 2013.}
+}
+
+@misc{Naka2008,
+   author={Satoshi Nakamoto},
+   title={Bitcoin:\, {A}\, {P}eer-to-{P}eer\, {E}lectronic\, {C}ash\, {S}ystem},
+   date={2008-10-31},
+   url={https://bitcoin.org/en/bitcoin-paper},
+   urldate={2016-08-14}
+}
+
+@inproceedings{BK2016,
+   author={Alex Biryukov and Dmitry Khovratovich},
+   title={Equihash: {A}symmetric {P}roof-of-{W}ork {B}ased on the {G}eneralized {B}irthday {P}roblem},
+   booktitle={Proceedings of NDSS '16, 21--24 February 2016, San Diego, CA, USA. ISBN 1-891562-41-X},
+   year={2016},
+   publisher={Internet Society},
+   url={https://www.internetsociety.org/sites/default/files/blogs-media/equihash-asymmetric-proof-of-work-based-generalized-birthday-problem.pdf},
+   doi={10.14722/ndss.2016.23108}
+}
+
+@misc{Bitcoin-Base58,
+   title={Base58{C}heck encoding --- {B}itcoin {W}iki},
+   url={https://en.bitcoin.it/wiki/Base58Check_encoding},
+   urldate={2016-01-26}
+}
+
+@inproceedings{Bern2006,
    author={Daniel Bernstein},
    title={Curve25519: new {D}iffie-{H}ellman speed records},
    booktitle={Public Key Cryptography - PKC 2006. Proceedings of the 9th International Conference on Theory and Practice in Public-Key Cryptography, New York, NY, USA, April 24-26},
-   year={2006},
    publisher={Springer-Verlag},
-   note={Document ID: 4230efdfa673480fc079449d90f322c0. Date: \mbox{2006-02-09}.
-\url{http://cr.yp.to/papers.html#curve25519}}
+   url={http://cr.yp.to/papers.html#curve25519},
+   date={2006-02-09},
+   urldate={2016-08-14},
+   addendum={Document ID: 4230efdfa673480fc079449d90f322c0.}
+}
+
+@article{BDL+2012,
+   author={Daniel Bernstein and Niels Duif and Tanja Lange and Peter Schwabe and Bo-Yin Yang},
+   title={High-speed high-security signatures},
+   journal={Journal of Cryptographic Engineering},
+   volume={2},
+   pages={77-89},
+   url={http://cr.yp.to/papers.html#ed25519},
+   date={2011-09-26},
+   urldate={2016-08-14},
+   addendum={Document ID: a1a62a2f76d23f65d622484ddd09caf8.}
 }
 
 @book{Unicode,
    author={The Unicode Consortium},
    publisher={The Unicode Consortium},
-   year={2015},
+   year={2016},
    title={The Unicode Standard},
-   note={\url{http://www.unicode.org/versions/latest/}}
+   url={http://www.unicode.org/versions/latest/}
 }
 
-@misc{cryptobox,
-   author={Daniel Bernstein},
-   title={Cryptography in {N}a{C}l},
-   howpublished={\url{https://nacl.cr.yp.to/valid.html}},
-   note={Accessed: \mbox{2016-02-01}}
-}
-
-@misc{cryptoboxseal,
-   key={libsodium},
+@misc{libsodium-Seal,
    title={Sealed boxes \hspace{0.4em}---\hspace{0.4em} libsodium},
-   howpublished={\url{https://download.libsodium.org/doc/public-key_cryptography/sealed_boxes.html}},
-   note={Accessed: \mbox{2016-02-01}}
+   url={https://download.libsodium.org/doc/public-key_cryptography/sealed_boxes.html},
+   urldate={2016-02-01}
 }
 
-@misc{sha2,
+@misc{NIST2015,
    author={NIST},
    title={{FIPS} 180-4: Secure {H}ash {S}tandard ({SHS})},
    month={August},
    year={2015},
-   note={DOI: 10.6028/NIST.FIPS.180-4},
-   howpublished={\url{http://csrc.nist.gov/publications/PubsFIPS.html#180-4}}
+   doi={10.6028/NIST.FIPS.180-4},
+   url={http://csrc.nist.gov/publications/PubsFIPS.html#180-4},
+   urldate={2016-08-14}
 }
 
-@misc{blake2,
-   author={Jean-Philippe Aumasson and Samuel Neves and Zooko Wilcox-O'Hearn and
-Christian Winnerlein},
-   month={January 29},
-   year={2013},
+@misc{ANWW2013,
+   author={Jean-Philippe Aumasson and \;Samuel Neves and \;Zooko Wilcox-O'Hearn and
+\;Christian Winnerlein},
+   date={2013-01-29},
    title={{BLAKE2}: simpler, smaller, fast as {MD5}},
-   howpublished={\url{https://blake2.net/#sp}}
+   url={https://blake2.net/#sp},
+   urldate={2016-08-14}
 }
 
-@misc{rfc7693,
+@misc{RFC-7693,
    author={Markku-Juhani Saarinen (ed.)},
    title={Request for {C}omments 7693: {T}he {BLAKE2} {C}ryptographic {H}ash and
 {M}essage {A}uthentication {C}ode ({MAC})},
-   howpublished={Internet Engineering Task Force (IETF).
-\url{https://tools.ietf.org/html/rfc7693}}
+   howpublished={Internet Engineering Task Force (IETF). November 2015},
+   url={https://tools.ietf.org/html/rfc7693}
 }
 
-@misc{sec2-ecdsa,
+@misc{Cert2010,
    author={Certicom Research},
    title={Standards for {E}fficient {C}ryptography 2 ({SEC} 2)},
-   month={January 27},
+   date={2010-01-27},
+   addendum={Version 2.0.},
+   url={http://www.secg.org/sec2-v2.pdf},
+   urldate={2016-08-14}
+}
+
+@inproceedings{MAEA2010,
+   author={V. Gayoso Mart{\'i}nez and F. Hern{\'a}ndez Alvarez and
+L. Hern{\'a}ndez Encinas and C. S{\'a}nchez {\'A}vila},
+   title={A {C}omparison of the {S}tandardized {V}ersions of {ECIES}},
+   booktitle={Proceedings of Sixth International Conference on Information Assurance and Security,
+23--25 August 2010, Atlanta, GA, USA. ISBN: 978-1-4244-7407-3},
    year={2010},
-   note={Version 2.0.},
-   howpublished={\url{http://www.secg.org/sec2-v2.pdf}}
+   pages={1-4},
+   publisher={IEEE},
+   doi={10.1109/ISIAS.2010.5604194},
+   url={https://digital.csic.es/bitstream/10261/32674/1/Gayoso_A%20Comparison%20of%20the%20Standardized%20Versions%20of%20ECIES.pdf},
+   urldate={2016-08-14}
+}
+
+@misc{ABR1999,
+   author={Michel Abdalla and Mihir Bellare and Phillip Rogaway},
+   title={{DHAES}: {A}n {E}ncryption {S}cheme {B}ased on the {D}iffie-{H}ellman {P}roblem},
+   url={https://eprint.iacr.org/1999/007},
+   howpublished={Cryptology ePrint Archive: Report 1999/007. \mbox{March 17,} 1999.}
 }
 
-@misc{secp256k1,
-   key={BitcoinSecp256k1},
-   title={Secp256k1 -- {B}itcoin {W}iki},
-   howpublished={\url{https://en.bitcoin.it/wiki/Secp256k1}},
-   note={Accessed: \mbox{2016-03-14}}
+@misc{DGKM2011,
+   author={Dana Dachman-Soled and Rosario Gennaro and Hugo Krawczyk and Tal Malkin},
+   title={Computational {E}xtractors and {P}seudorandomness},
+   url={https://eprint.iacr.org/2011/708},
+   howpublished={Cryptology ePrint Archive: Report 2011/708. \mbox{December 28,} 2011.}
 }
 
-@misc{rawformat,
-   key={BitcoinTransactionFormat},
-   title={Raw {T}ransaction {F}ormat -- {B}itcoin {D}eveloper {R}eference},
-   howpublished={\url{https://bitcoin.org/en/developer-reference#raw-transaction-format}},
-   note={Accessed: \mbox{2016-03-15}}
+@misc{Bitcoin-secp256k1,
+   title={Secp256k1 --- {B}itcoin {W}iki},
+   url={https://en.bitcoin.it/wiki/Secp256k1},
+   urldate={2016-03-14}
 }
 
-@book{std1363,
+@misc{Bitcoin-Format,
+   title={Raw {T}ransaction {F}ormat --- {B}itcoin {D}eveloper {R}eference},
+   url={https://bitcoin.org/en/developer-reference#raw-transaction-format},
+   urldate={2016-03-15}
+}
+
+@misc{Bitcoin-Block,
+   title={Block {H}eaders --- {B}itcoin {D}eveloper {R}eference},
+   url={https://bitcoin.org/en/developer-reference#block-headers},
+   urldate={2016-08-08}
+}
+
+@misc{Bitcoin-nBits,
+   title={Target n{B}its --- {B}itcoin {D}eveloper {R}eference},
+   url={https://bitcoin.org/en/developer-reference#target-nbits},
+   urldate={2016-08-13}
+}
+
+@book{IEEE2000,
    author={IEEE Computer Society},
    publisher={IEEE},
-   month={August 29},
-   year={2000},
+   date={2000-08-29},
    title={IEEE {S}td 1363-2000: {S}tandard {S}pecifications for {P}ublic-{K}ey {C}ryptography},
-   note={\url{http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=891000&url=http%3A%2F%2Fieeexplore.ieee.org%2Fiel5%2F7168%2F19282%2F00891000}.
-Accessed \mbox{2016-03-15}}
+   url={http://ieeexplore.ieee.org/servlet/opac?punumber=7168},
+   urldate={2016-08-03},
+   doi={10.1109/IEEESTD.2000.92292}
+}
+
+@book{IEEE2004,
+   author={IEEE Computer Society},
+   publisher={IEEE},
+   date={2004-09-02},
+   title={IEEE {S}td 1363a-2004: {S}tandard {S}pecifications for {P}ublic-{K}ey {C}ryptography --
+{A}mendment 1: {A}dditional {T}echniques},
+   url={http://ieeexplore.ieee.org/servlet/opac?punumber=9276},
+   urldate={2016-08-03},
+   doi={10.1109/IEEESTD.2004.94612}
 }
 
-@misc{libsnark,
-   key={libsnark},
-   title={libsnark: {C}++ library for {zkSNARK} proofs},
-   howpublished={\url{https://github.com/scipr-lab/libsnark}},
-   note={Accessed: \mbox{2016-03-15}}
+@misc{libsnark-fork,
+   title={libsnark: {C}++ library for {zkSNARK} proofs (Zcash fork)},
+   url={https://github.com/zcash/libsnark},
+   urldate={2016-08-14}
 }
 
-@misc{rfc7539,
+@misc{RFC-7539,
    author={Yoav Nir and Adam Langley},
    title={Request for {C}omments 7539: Cha{C}ha20 and {P}oly1305 for {IETF} {P}rotocols},
-   howpublished={Internet Research Task Force (IRTF).
-\url{https://tools.ietf.org/html/rfc7539}. As modified by verified
-errata at \url{https://www.rfc-editor.org/errata_search.php?rfc=7539}}
+   howpublished={Internet Research Task Force (IRTF)},
+   url={https://tools.ietf.org/html/rfc7539},
+   addendum={As modified by verified errata at \url{https://www.rfc-editor.org/errata_search.php?rfc=7539}.}
+}
+
+@misc{BN2007,
+   author={Mihir Bellare and Chanathip Namprempre},
+   title={Authenticated {E}ncryption: {R}elations among notions and analysis of the
+generic composition paradigm},
+   url={https://eprint.iacr.org/2000/025},
+   howpublished={Cryptology ePrint Archive: Report 2000/025. Last revised \mbox{July 14,} 2007.}
+}
+
+@misc{BBDP2001,
+   author={Mihir Bellare and Alexandra Boldyreva and Anand Desai and David Pointcheval},
+   title={Key-{P}rivacy in {P}ublic-{K}ey {E}ncryption},
+   addendum={Full version.},
+   month={September},
+   year={2001},
+   url={https://cseweb.ucsd.edu/~mihir/papers/anonenc.html},
+   urldate={2016-08-14}
 }
 
 @book{LG2004,
    author={Eddie Lenihan and Carolyn Eve Green},
    title={Meeting the {O}ther {C}rowd: {T}he {F}airy {S}tories of {H}idden {I}reland},
+   month={February},
    year={2004},
-   note={\mbox{Pages 109--110.} \mbox{ISBN: 1-58542-206-1}}
+   publisher={TarcherPerigee},
+   pages={109-110},
+   isbn={1-58542-206-1}
 }
 
 @misc{GGM2016,
-   author={Christina Garman and Matthew Green and Ian Miers},
-   title={Accountable {P}rivacy for {D}ecentralized {A}nonymous {P}ayments},
-   howpublished={Cryptology ePrint Archive: Report 2016/061.
-\url{https://eprint.iacr.org/2016/061}. Last revised \mbox{24 Jan 2016}.}
+   author={Christina Garman\; and \;Matthew Green\; and \;Ian Miers},
+   title={Accountable\, {P}rivacy\, for\, {D}ecentralized\, {A}nonymous\, {P}ayments},
+   howpublished={Cryptology ePrint Archive: Report 2016/061. Last revised \mbox{January 24,} 2016},
+   url={https://eprint.iacr.org/2016/061}
+}
+
+@misc{WG2016,
+   author={Zooko Wilcox and Jack Grigg},
+   title={Why {E}quihash?},
+   howpublished={Zcash blog},
+   date={2016-04-15},
+   url={https://z.cash/blog/why-equihash.html},
+   urldate={2016-08-05}
+}
+
+@misc{HW2016,
+   author={Taylor Hornby\; and \;Zooko Wilcox},
+   title={Fixing\, {V}ulnerabilities\, in\, the\, {Z}cash\, {P}rotocol},
+   howpublished={Zcash blog},
+   date={2016-04-25},
+   url={https://z.cash/blog/fixing-zcash-vulns.html},
+   urldate={2016-06-22}
 }
 
-@misc{ticket836,
-   key={ZcashGithubticket836},
-   title={Zcash {G}ithub ticket \#836: ({N}ot exploitable) flaw in the proof of {B}alance when {PRF}\,\textasciicircum{}\,addr is not collision-resistant},
-   howpublished={\url{https://github.com/zcash/zcash/issues/836}},
-   note={Accessed: \mbox{2016-05-06}}
+@misc{EWD-831,
+   author={Edsger W. Dijkstra},
+   title={Why\, numbering\, should\, start\, at\, zero},
+   howpublished={\;Manuscript},
+   date={1982-08-11},
+   url={https://www.cs.utexas.edu/users/EWD/transcriptions/EWD08xx/EWD831.html},
+   urldate={2016-08-09}
 }