Commit Graph - zips - Hush: Speak And Transact Freely

Commit Graph

Select branches

Hide Pull Requests

1344-extensible-addresses

406.derive-skenc-from-avk.0

406.viewing-keys.0

406.viewing-keys.1

406.viewing-keys.2

529.change-signature-design.0

529.non-scriptable-pour-sigs.0

558.crypto-box.0

558.crypto-box.1

558.strip-viewing-keys.0

738.fix-internalh-collision.0

790.extensible-commitment.0

812.change-spec-address-prefixes.0

98.fix-faerie-gold.0

98.fix-faerie-gold.2

daira-fix-conduct-url

eli-backup

eli-comments.0

eli-comments.1

master

master.nathan-notes.0

memo-field-specification

nathan-add-readme

nathan-wip

remove-outdated-notes

restructuring01

wip-sapling

wip-sapling-1

zip400

zips101.viewing-key-format.0

zips101.viewing-key-format.1

zips115.update-testnet-fr-addresses.1

zips14.specify-merkle-tree.0

zips25.change-kdf.0

zips26.renaming.0

zips26.renaming.1

zips26.renaming.2

zips27.reorganisation.0

zips27.reorganisation.1

zips28.little-endian.0

zips36.change-hsig-hash.0

zips44.keys-are-not-public.0

zips63.specify-founders-reward.0

zips64.specify-difficulty-adjustment.0

zips98.specify-pi-B-order.0

2.0-alpha-1

2.0-alpha-2

2.0-alpha-3

2016.0-alpha-3

2016.0-alpha-3.1

2016.0-beta-1

2016.0-beta-1.1

2016.0-beta-1.2

2016.0-beta-1.3

2016.0-beta-1.4

2016.0-beta-1.5

2016.0-beta-1.6

2016.0-beta-1.7

2016.0-beta-1.8

2016.0-beta-1.9

d279728cc4 Update bestblock and typo zip400 Jonathan "Duke" Leto 2019-04-05 01:06:31 -0700
f2e0dd603d Add detail about purpose, which breaks the 'not storing transparent addresses' rule Jonathan "Duke" Leto 2018-12-28 18:06:15 -0800
ef94a065ca Size data about watchs and zkeymeta Jonathan "Duke" Leto 2018-12-28 12:32:33 -0800
ea6fe29771 Add sizes for cscript, defaultkey and key Jonathan "Duke" Leto 2018-12-28 08:06:15 -0800
cdf64cb6f5 Clarify that mkey is a master BIP32 key Jonathan "Duke" Leto 2018-12-27 08:52:17 -0800
237cae8a8f Add reference to BIP32 which defines hdseed and hdchain Jonathan "Duke" Leto 2018-12-26 09:50:24 -0800
71be5967e6 Add some detail about xtns Jonathan "Duke" Leto 2018-12-24 09:32:21 -0800
4e80337f3e Update Jonathan "Duke" Leto 2018-12-24 07:53:14 -0800
81d0582b6e Ascii for viewing keys Jonathan "Duke" Leto 2018-12-24 07:50:45 -0800
68c28cfc54 Add zkey ascii Jonathan "Duke" Leto 2018-12-24 07:46:58 -0800
beb2a5939d Literal text marker Jonathan "Duke" Leto 2018-12-24 07:45:27 -0800
44c4af88fe Category of standards seems the best fit, and see if ascii art renders nicely Jonathan "Duke" Leto 2018-12-24 07:44:05 -0800
7ad98684bc Add a few more descriptions Jonathan "Duke" Leto 2018-12-24 07:32:07 -0800
7c6e589f46 Add csapzkey to sapling list Jonathan "Duke" Leto 2018-12-24 06:29:27 -0800
fe61538a75 Update Jonathan "Duke" Leto 2018-12-24 06:27:08 -0800
f81f94b514 More details relating to sapzaddr which breaks our 'no addresses in wallet.dat' statement Jonathan "Duke" Leto 2018-12-24 06:08:07 -0800
315bf46157 Fill out details of what each key stores Jonathan "Duke" Leto 2018-12-23 11:09:56 -0800
79522bc236 Formatting and more short descriptions Jonathan "Duke" Leto 2018-12-23 08:00:26 -0800
137209a5aa More valid keys from walletdb.cpp Jonathan "Duke" Leto 2018-12-23 07:34:41 -0800
d7a533eace Add some more keys Jonathan "Duke" Leto 2018-12-23 07:26:43 -0800
1c1167beb9 Give each element type a dedicated section with details Jonathan "Duke" Leto 2018-12-22 07:09:03 -0800
658613dda4 Add more detailed data about individual wallet (k,v) pairs Jonathan "Duke" Leto 2018-12-22 06:14:15 -0800
8078ef0f6e Start writing ZIP400 about wallet.dat format Jonathan "Duke" Leto 2018-12-16 23:39:48 -0800
9515d73aac Regenerate PDFs. Daira Hopwood 2018-11-14 02:05:26 +0000
680af418cf Fill in another constraint cost. Daira Hopwood 2018-11-14 02:02:17 +0000
af17ba2485 Adjust the notation used for scalar multiplication in Appendix A to allow bit sequences as scalars. Daira Hopwood 2018-11-14 02:01:59 +0000
9aba6af281 Cosmetics. Daira Hopwood 2018-11-14 02:01:01 +0000
538d1f1eb0 Add a description of the Sapling output circuit. Daira Hopwood 2018-11-14 01:05:39 +0000
79b3d81e42 Complete the description of the Sapling spend circuit. Daira Hopwood 2018-11-13 23:15:54 +0000
5531006f08 Fix or complete various calculations of constraint costs. Daira Hopwood 2018-11-13 23:11:53 +0000
7419c0a366 Describe 2-bit window lookup with conditional negation. Daira Hopwood 2018-11-13 23:09:34 +0000
39b498fed9 Remove a todo. Daira Hopwood 2018-11-13 22:07:18 +0000
0835c3837e Modify the description of fixed-base scalar multiplication to match sapling-crypto. Daira Hopwood 2018-11-13 22:06:36 +0000
2f868aca8d Add LEBStoIP. Daira Hopwood 2018-11-13 22:00:41 +0000
c7d08a269c ZIP 205 formatting fixes. Daira Hopwood 2018-10-30 20:41:48 +0000
e4a74b9d0e

Merge pull request #191 from daira/zip-0205 Daira Hopwood 2018-10-29 01:13:22 +0000
ede1215566 Add ZIP 205. Daira Hopwood 2018-10-28 07:43:31 +0000
35478ad138

Merge pull request #189 from zcash/bitcartel-patch-1 Daira Hopwood 2018-10-25 18:28:08 +0100
43e83effb4 Regenerate PDFs. Daira Hopwood 2018-10-24 16:18:39 +0100
e24f7cede5 Clarify the description of the Merkle path check in Appendix A. Daira Hopwood 2018-10-24 16:11:40 +0100
066d424d3a Correct the input to H⊛ used to derive the nonce r in RedDSA.Sign, from T || M to T || _vk_ || M. This matches the sapling-crypto implementation; the spec was unintentionally changed in 2018.0-beta-20. Daira Hopwood 2018-10-24 16:10:57 +0100
9ed3c3d455

Update ZIP 243 with test vector for transparent tx bitcartel 2018-10-15 21:14:25 -0700
f6f47a0ecd

Merge pull request #157 from str4d/zip-0032 Daira Hopwood 2018-10-05 22:07:39 +0100
34c6a5c0d6 Regenerate PDFs. Daira Hopwood 2018-10-01 16:47:28 +0100
c04c0542e8 Cosmetics (pagination in Appendix A). Daira Hopwood 2018-10-01 16:44:31 +0100
bb52ce246c Clarify notation in the proof of A.3.3. Daira Hopwood 2018-10-01 15:44:11 +0100
223b8db3a7 Minor tweak to the statement of Theorem A.3.4 to make the contradiction clearer. Daira Hopwood 2018-10-01 11:22:49 +0100
da7c6fe190 Correct the statement and proof of Theorem A.3.2. Daira Hopwood 2018-10-01 11:21:02 +0100
25b64382e4 Clarify the notes concerning domain separation of prefixes for MerkleCRH^Sapling and NoteCommit^Sapling. Daira Hopwood 2018-10-01 11:00:45 +0100
2a7002a010 Add the QED-it report to the acknowledgements. Daira Hopwood 2018-10-01 10:45:19 +0100
bc48ebe898 Improved cross-referencing in Pedersen hash section. Daira Hopwood 2018-10-01 10:43:48 +0100
74c39f073d Correct a use of \GroupJ that should have been \MontCurve. Daira Hopwood 2018-10-01 10:34:56 +0100
691922ebd1 Cosmetics. Daira Hopwood 2018-10-01 10:16:32 +0100
dc81e21c2b Correct uses of LEOS2IP_l in RedDSAVerify and RedDSABatchVerify to ensure l is a multiple of 8. Daira Hopwood 2018-09-30 22:47:10 +0100
5524822ed5 Correct some uses of r_J that should have been r_S or q. Daira Hopwood 2018-09-30 22:44:11 +0100
dc41de37f3 Avoid clashing notation. Refer to the Montgomery form of Jubjub as \mathbb{M}. Daira Hopwood 2018-09-30 22:40:14 +0100
975a2aaa64

Formatting Jack Grigg 2018-09-20 11:03:24 +0100
cb1e663836

Improve explanation of diversifier sequence choice Ariel 2018-09-20 12:11:13 +0300
888681c0b0

Update references to Sapling protocol spec Jack Grigg 2018-09-18 11:42:29 +0100
606abd14e2

Be explicit about supported range for the Sapling key path Jack Grigg 2018-09-18 11:40:19 +0100
44e9c03d45

dk_i -> dk in "Diversifier derivation" section Jack Grigg 2018-09-18 11:39:52 +0100
1f7b5120f1

Clarify that dk is not part of the standard Sapling derivation Jack Grigg 2018-09-18 11:38:54 +0100
a414e4e7d3

Pull in definition of hardened notation Jack Grigg 2018-09-18 11:37:55 +0100
55e3cd177e

Clarify wording about default payment addresses Jack Grigg 2018-09-18 11:25:12 +0100
88e255b63f Regenerate PDFs. Daira Hopwood 2018-09-02 09:05:58 +0100
3ecbe6b903 The rest for beta-30 (sorry, I have a flight to catch). Daira Hopwood 2018-09-02 09:04:23 +0100
b909f2a482 Add dates to Change History. Daira Hopwood 2018-09-02 09:02:01 +0100
a1f90a56cf Cosmetics. Daira Hopwood 2018-09-02 09:00:29 +0100
bfc9ba5b21 Add security argument about DiversifyHash. Daira Hopwood 2018-09-02 08:52:38 +0100
5fd898adea Makefile fixes and improvements. Daira Hopwood 2018-09-02 08:50:40 +0100
5361fc591e Cosmetics (pagination in Appendix A). Daira Hopwood 2018-08-16 12:03:55 +0100
2cf4dfacef Correct the description of the N-ary AND optimization (not used in Sapling): a run of N-1 one bits in c yields an N-ary AND. Daira Hopwood 2018-08-16 12:03:34 +0100
2eec56d936 Add specification for seed fingerprints. Daira Hopwood 2018-09-01 18:39:41 +0100
08b8427e91 Don't use 'X' to abbreviate 'extended', since it is ambiguous with 'expanded'. Daira Hopwood 2018-09-01 18:39:08 +0100
2aee30ca10 Use the same notation for r_J as the spec. Daira Hopwood 2018-09-01 18:36:39 +0100
37da8b64e4

Merge pull request #171 from str4d/zip-243-updates bitcartel 2018-08-28 23:04:04 -0700
b4abd7fb9b

Fix bugs in ZIP 243 reference implementation Jack Grigg 2018-08-23 15:34:00 +0100
111d0a5cd7

ZIP 243 test vectors Jack Grigg 2018-08-23 15:26:58 +0100
58a12371d1 Regenerate PDFs. Daira Hopwood 2018-08-15 15:42:35 +0100
3049a53843 Remove a resolved TODO. Daira Hopwood 2018-08-15 15:40:35 +0100
4d1cb63baf Cosmetics. Daira Hopwood 2018-08-15 15:38:15 +0100
8364aff29c Change the description of BLAKE2s to correct the constraint count and to describe batched equality checks performed by the sapling-crypto implementation. Daira Hopwood 2018-08-15 15:07:23 +0100
ad0479ac77 Finish the description of range checks in Appendix A. Daira Hopwood 2018-08-15 14:52:50 +0100
bc6a430edc Regenerate PDFs. Daira Hopwood 2018-08-14 10:45:52 +0100
0351335662 Minor corrections to affine Edwards variable-base multiplication in Appendix A. Daira Hopwood 2018-08-14 10:43:05 +0100
3b16c62958 Finish the Appendix A description of BLAKE2s. Daira Hopwood 2018-08-14 10:41:40 +0100
5d8fe05d37 Regenerate PDFs. Daira Hopwood 2018-08-12 17:21:08 +0100
10019825e9 Cosmetics. Daira Hopwood 2018-08-12 16:57:38 +0100
324d634a29 Define "represented subgroup". Daira Hopwood 2018-08-12 16:57:23 +0100
36bcc8f3f0 Correct the Change History entry of this version for Sprout. Daira Hopwood 2018-08-12 16:57:07 +0100
745da1e36d Minor improvement to the type of z_j used in RedDSA batch verification. Daira Hopwood 2018-08-12 16:35:58 +0100
a902df4c5c Correct the description of Groth16 batch verification to explicitly take account of how verification depends on primary inputs. Daira Hopwood 2018-08-12 16:35:26 +0100
f90012ce5e Clarify order checking for proof elements. Daira Hopwood 2018-08-12 16:33:03 +0100
05d72a4b71 Add Charles Rackoff, Rafail Ostrovsky, and Amit Sahai to the acknowledgements. Daira Hopwood 2018-08-12 16:30:21 +0100
998cb2ff95 Cosmetics. Daira Hopwood 2018-08-12 16:28:59 +0100
81598de991 Notational changes: - Use a superscript (r) to mark the subgroup order, instead of a subscript. - Use G^{(r)∗} for the set of r_G-order points in G. (r) - Mark the subgroup order in pairing groups, e.g. use G_1^{(r)} instead of G_1. - Make the bit-representation indicator (five-pointed star) an affix instead of a superscript. Daira Hopwood 2018-08-12 16:24:15 +0100
b605fe1061 Cosmetics and minor wording improvements. Daira Hopwood 2018-08-11 21:09:53 +0100
b2f42d987c Macro simplifications. Daira Hopwood 2018-08-11 21:05:19 +0100
0a1a01513f Regenerate PDFs. Daira Hopwood 2018-08-05 17:31:42 +0100
ade889eef7 Add an appendix on Groth16 batch verification. Daira Hopwood 2018-08-05 17:30:04 +0100