tweaks

sietch.tex

@@ -303,7 +303,7 @@ linkability, transaction graphs, shielded transactions, blockchain analysis }
 \newcommand{\blockchain}{\term{block chain}}
 \newcommand{\blockchains}{\term{block chains}}
 \newcommand{\mempool}{\term{mempool}}
-\newcommand{\zchain}{\textbf{zchain}}
+\newcommand{\zchain}{\textbf{zchain} }
 \newcommand{\treestate}{\term{treestate}}
 \newcommand{\treestates}{\term{treestates}}
 \newcommand{\nullifier}{\term{nullifier}}
@@ -840,6 +840,10 @@ and try a new change to extract new data. This is trivially possible with virtua
 machine images, docker containers and/or Git, and is left as an exercise to the
 motivated blockchain analyst.
 
+There may be much more performant ways to launch an \ITM but currently the method
+known is quite expensive. It's only viable for a company or organization that wants
+to de-anonymize the entire blockchain, but that is indeed who we want to protect against.
+
 \nsubsection{ITM Attack: Consensus Oracle}
 
 We now analyze a specific $T: z \rightarrow z,z$ at a speficic block height $H$ which
@@ -869,7 +873,7 @@ a structure where we can remove an "inner zutxo" that other things depend on.
 The \ITM marks $z3$ as invalid via HaveShieldedRequirements() or GetSaplingAnchorAt() returning false when actually the conditions
 are valid. When $z4$ transaction is attempted, it will fail since the zk-snark proof will reveal a depedency on $z2$. ITM calls this
 a "reverse proof". There is also the possibility of a "forward proof" when z4 allows the z2 to be spent but z3 fails. In that instance, we can
-say $ t12 \rightarrow x12 \rightarrow y12 \rightarrow z12 $ with high probability.
+say $ t \rightarrow z1 \rightarrow z2 \rightarrow z3 $ with high probability.
 
 These \textbf{zchains} are the main objects of attack and study in an \ITM, where it is an iterative process. Where chains of size $N$ are studied
 and sometimes a linkage can be determined, but often it cannot. When \ITM does find a valid reverse proof, it can attempt to extend it's knowledge