Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ZIP 32] Shielded Hierarchical Deterministic Wallets #157

Merged
merged 52 commits into from Oct 5, 2018
Merged

[ZIP 32] Shielded Hierarchical Deterministic Wallets #157

merged 52 commits into from Oct 5, 2018

Commits on Jul 24, 2018

  1. ZIP 32: Shielded Hierarchical Deterministic Wallets

    @str4d @daira
    str4d authored and daira committed Jul 24, 2018
    Copy the full SHA
    9a87098 View commit details
    Browse the repository at this point in the history

  2. Address Daira's comments

    @str4d @daira
    str4d authored and daira committed Jul 24, 2018
    Copy the full SHA
    a5309ed View commit details
    Browse the repository at this point in the history

  3. Use byte sequences for constant single-byte inputs to PRF_expand

    @str4d @daira
    str4d authored and daira committed Jul 24, 2018
    Copy the full SHA
    4ed0316 View commit details
    Browse the repository at this point in the history

  4. Define a diversifier key dk

    @str4d @daira
    str4d authored and daira committed Jul 24, 2018
    Copy the full SHA
    c73733a View commit details
    Browse the repository at this point in the history

  5. Fix usage of LEOS2IP in definition of ToScalar

    @str4d @daira
    str4d authored and daira committed Jul 24, 2018
    Copy the full SHA
    aa36706 View commit details
    Browse the repository at this point in the history

  6. Define I2LEOSP_l(k) and use it to encode the child key indices 

    Note that this means they are encoded in little-endian order, which is the
opposite of BIP 32.
    @str4d @daira
    str4d authored and daira committed Jul 24, 2018
    Copy the full SHA
    efd68a4 View commit details
    Browse the repository at this point in the history

  7. Define how to derive diversifiers from Sapling extended keys

    @str4d @daira
    str4d authored and daira committed Jul 24, 2018
    Copy the full SHA
    f07b6d2 View commit details
    Browse the repository at this point in the history

  8. Note that ZIP 32 is consistently little-endian

    @str4d @daira
    str4d authored and daira committed Jul 24, 2018
    Copy the full SHA
    a01dbbb View commit details
    Browse the repository at this point in the history

  9. ZIP 32: use FF1-AES256 as the PRP. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    9596aed View commit details
    Browse the repository at this point in the history

  10. Remove hardening from example public-key HD path 

    Hardened derivation is undefined for an extended FVK
    @str4d @daira
    str4d authored and daira committed Jul 24, 2018
    Copy the full SHA
    da683d3 View commit details
    Browse the repository at this point in the history

  11. Cosmetic improvements. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    3f28158 View commit details
    Browse the repository at this point in the history

  12. Reference version 2018.0-beta-21 or later of the Sapling protocol spec. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    1b3ea42 View commit details
    Browse the repository at this point in the history

  13. Define r_J. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    f94b9a4 View commit details
    Browse the repository at this point in the history

  14. Cosmetics. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    ff5affb View commit details
    Browse the repository at this point in the history

  15. Update another reference to the Sapling spec version. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    de065cf View commit details
    Browse the repository at this point in the history

  16. Cosmetics. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    8a49de8 View commit details
    Browse the repository at this point in the history

  17. Say that ZIP 32 does not supplant the use of BIPs 32 & 44 for transpa… 

    …rent addresses.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    b3c051e View commit details
    Browse the repository at this point in the history

  18. Specify the range of j when generating diversifiers. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    6f85acb View commit details
    Browse the repository at this point in the history

  19. Add specifications of key fingerprints, tags, and encodings. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    0fc7c70 View commit details
    Browse the repository at this point in the history

  20. Put human-readable parts in monospace. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    52eac8c View commit details
    Browse the repository at this point in the history

  21. Fix formatting. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    3e884f9 View commit details
    Browse the repository at this point in the history

  22. Another formatting improvement. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    b9e6ed7 View commit details
    Browse the repository at this point in the history

  23. Fix a cut-and-paste error. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    918ea38 View commit details
    Browse the repository at this point in the history

  24. Add MUST NOT to Terminology. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    0034331 View commit details
    Browse the repository at this point in the history

  25. Clarify the relation to existing use of BIPs 32 & 44. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    d65629f View commit details
    Browse the repository at this point in the history

  26. Specify that the seed MUST be at least 32 bytes. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    633436c View commit details
    Browse the repository at this point in the history

  27. Rename s_m to sk_m. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    5788c12 View commit details
    Browse the repository at this point in the history

  28. Explain that some diversifiers are invalid, and correct the definitio… 

    …n of default diversifier.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    ba56f26 View commit details
    Browse the repository at this point in the history

  29. Clarify the interpretation of I_L in Sprout key derivation. 

    This also fixes a cut-and-paste error (a child chain code is c_i, not c_m).

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    7002be5 View commit details
    Browse the repository at this point in the history

  30. Define depth, parent tag, and i for master keys. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    5881d3c View commit details
    Browse the repository at this point in the history

  31. Clarify the encoding of a_sk in a Sprout extended spending key. Also … 

    …exclude lead bytes, and swap ASK and c for consistency with Sapling formats and BIP 32.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    ebecd8c View commit details
    Browse the repository at this point in the history

  32. Define DiversifyHash. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    42506f0 View commit details
    Browse the repository at this point in the history

  33. Cosmetics. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    6e9a796 View commit details
    Browse the repository at this point in the history

  34. Remove unintended addition of a reference to the non-existant (yet) Z… 

    …IP 173.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    1b04d74 View commit details
    Browse the repository at this point in the history

  35. Correct the derivation of a Sapling child full viewing key's nk, and … 

    …define the bases G and H.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    6f96648 View commit details
    Browse the repository at this point in the history

  36. Factor out the encoding of extended {spending key, full viewing key} … 

    …parts and make it more precise.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    777d82a View commit details
    Browse the repository at this point in the history

  37. Correct the encoding of a_sk,par for Sprout child derivation. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    3018efc View commit details
    Browse the repository at this point in the history

  38. Factor out Sprout a_sk encoding/decoding into helper functions. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    5cdc691 View commit details
    Browse the repository at this point in the history

  39. Seeds for Sprout master keys must also be at least 32 bytes. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    eb60b41 View commit details
    Browse the repository at this point in the history

  40. Fix a link. 

    Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 24, 2018
    Copy the full SHA
    511c2eb View commit details
    Browse the repository at this point in the history

Commits on Jul 25, 2018

  1. Rename EncodeFVKParts to EncodeXFVKParts, since its input includes dk… 

    … which is only part of an extended full viewing key.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
    @daira
    daira committed Jul 25, 2018
    Copy the full SHA
    813a889 View commit details
    Browse the repository at this point in the history

Commits on Sep 1, 2018

  1. Use the same notation for r_J as the spec.

    @daira
    daira committed Sep 1, 2018
    Copy the full SHA
    2aee30c View commit details
    Browse the repository at this point in the history

  2. Don't use 'X' to abbreviate 'extended', since it is ambiguous with 'e… 

    …xpanded'.
    @daira
    daira committed Sep 1, 2018
    Copy the full SHA
    08b8427 View commit details
    Browse the repository at this point in the history

  3. Add specification for seed fingerprints.

    @daira
    daira committed Sep 1, 2018
    Copy the full SHA
    2eec56d View commit details
    Browse the repository at this point in the history

Commits on Sep 18, 2018

  1. Clarify wording about default payment addresses

    @str4d
    str4d committed Sep 18, 2018
    Copy the full SHA
    55e3cd1 View commit details
    Browse the repository at this point in the history

  2. Pull in definition of hardened notation

    @str4d
    str4d committed Sep 18, 2018
    Copy the full SHA
    a414e4e View commit details
    Browse the repository at this point in the history

  3. Clarify that dk is not part of the standard Sapling derivation

    @str4d
    str4d committed Sep 18, 2018
    Copy the full SHA
    1f7b512 View commit details
    Browse the repository at this point in the history

  4. dk_i -> dk in "Diversifier derivation" section

    @str4d
    str4d committed Sep 18, 2018
    Copy the full SHA
    44e9c03 View commit details
    Browse the repository at this point in the history

  5. Be explicit about supported range for the Sapling key path

    @str4d
    str4d committed Sep 18, 2018
    Copy the full SHA
    606abd1 View commit details
    Browse the repository at this point in the history

  6. Update references to Sapling protocol spec

    @str4d
    str4d committed Sep 18, 2018
    Copy the full SHA
    888681c View commit details
    Browse the repository at this point in the history

Commits on Sep 20, 2018

  1. Improve explanation of diversifier sequence choice

    @arielgabizon
    arielgabizon committed Sep 20, 2018
    Copy the full SHA
    cb1e663 View commit details
    Browse the repository at this point in the history

  2. Formatting

    @str4d
    str4d committed Sep 20, 2018
    Copy the full SHA
    975a2aa View commit details
    Browse the repository at this point in the history