Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ZIP 209: Prohibit Negative Shielded Value Pool #210

Merged
merged 8 commits into from Mar 26, 2019
Merged
@@ -0,0 +1,58 @@
::

ZIP: 209
Title: Prohibit Negative Shielded Value Pool
Author: Sean Bowe <sean@z.cash>
Category: Consensus
Created: 2019-02-25
License: MIT

Terminology
===========

The key words "MUST", "SHOULD", "SHOULD NOT", and "MAY" in this document are to be interpreted as described in
RFC 2119. [#RFC2119]_

The term "block chain" and "network upgrade" are to be interpreted as defined in [#zip-0200]_.

The "Sprout value pool balance" for a given block chain, as implied by section 4.11 of the Zcash Protocol Specification [#protocol]_,
is the sum of all ``vpub_old`` fields for transactions in the block chain, minus the sum of all ``vpub_new`` fields for transactions
in the block chain.

The "Sapling value pool balance" for a given block chain, as implied by section 4.12 of Zcash Protocol Specification [#protocol]_,
is the negation of the sum of all ``valueBalance`` fields for transactions in the block chain.


Abstract
========

This proposal defines how the consensus rules are altered such that blocks which produce negative shielded value pools are prohibited.

Motivation
==========

It is possible for nodes to monitor the total value of notes that are shielded to, or unshielded from,
each of the Sprout or Sapling value pools. If the total value that is unshielded exceeds the total value
that was shielded for a given pool, a balance violation has occurred in the corresponding shielded
transaction protocol.

It would be preferable for the network to reject blocks that result in the aforementioned balance violation. However, nodes do not currently react to such an event. Remediation may therefore require chain rollbacks and other disruption.

This comment has been minimized.

Copy link
@Eirik0

Eirik0 Mar 26, 2019

This is a little bit clunky, here is a suggested rewording:

Rather than allow blocks which result in such a balance violation, it would be preferable for the network to reject them. As nodes do not currently react to this, remediation to such an event may require chain rollbacks and other disruptions.

This comment has been minimized.

Copy link
@ebfull

ebfull Mar 26, 2019

Author Contributor

🤷‍♂ I am okay with the current wording. This rewording uses "them" and "this" when there are many objects (blocks, balance violations, the network, etc.)


Specification
=============

If the "Sprout value pool balance" or "Sapling value pool balance" would become negative in the block chain
created as a result of accepting a block, then all nodes MUST reject the block as invalid.

Nodes MAY relay transactions even if one or more of them cannot be mined due to the aforementioned restriction.

Deployment
==========

This consensus rule is not deployed as part of a network upgrade as defined in ZIP-200 [#zip-0200]_ and there is no mechanism by which the network will synchronize to enforce this rule. Rather, all nodes should begin enforcing this consensus rule upon acceptance of this proposal.

There is a risk that before all nodes on the network begin enforcing this consensus rule that block(s) will be produced that violate it, potentially leading to network fragmentation. This is considered sufficiently unlikely that the benefits of enforcing this consensus rule sooner are overwhelming.

.. [#RFC2119] `Key words for use in RFCs to Indicate Requirement Levels <https://tools.ietf.org/html/rfc2119>`_
.. [#protocol] `Zcash Protocol Specification, Version 2019.0-beta-37 [Overwinter+Sapling] <https://github.com/zcash/zips/blob/master/protocol/protocol.pdf>`_
.. [#zip-0200] `ZIP 200: Network Upgrade Mechanism <https://github.com/zcash/zips/blob/master/zip-0200.rst>`_
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.