Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

zips28.little-endian.0 #29

Merged
merged 11 commits into from
Mar 28, 2016
Merged

zips28.little-endian.0 #29

merged 11 commits into from
Mar 28, 2016

Conversation

daira
Copy link
Collaborator

@daira daira commented Mar 20, 2016

Significant changes included in this branch:

  • Specify precisely the data to be signed, using a single signature covering all of the transaction except
    pourPubKey and pubSig.
  • Define types for serialized fields.
  • New terminology (coin -> note, serial number -> nullifier, and Pour -> Xref).
  • Switch to little-endian encoding, consistent with Bitcoin.
  • Use standard AEAD_CHACHA20_POLY1305 without the minor optimization.
  • Remove a_pk from note plaintexts, fixing a related security bug.

daira added 11 commits March 16, 2016 01:36
@daira
Specify precisely the data to be signed. This includes a design change
5ebe7b3 
to use a single signature covering all of the transaction except
pourPubKey and pubSig.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
@daira
WIP: Define types for serialized fields.
0e6953a 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
@daira
WIP - new terminology.
08e25a8 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
@daira
Fix some cases where macros were not used consistently.
0b0295e 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
@daira
Rename remnant (serial number) -> nullifier.
d60fda0 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
@daira
Remove "map" terminology; the spent nullifiers are a set at this leve…
5e40858 
…l of abstraction.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
@daira
Fix some macro uses, and rename rn to nf.
c55489f 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
@daira
DecryptCoin -> DecryptNote.
350c5ae 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
@daira
Switch to little-endian encoding, consistent with Bitcoin serialization.
d98c941 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
@daira
Use standard AEAD_CHACHA20_POLY1305.
5bbbb0b 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
@daira
Remove a_pk from note plaintexts. This also fixes a bug where the rec…
8b9851a 
…ipient

would incorrectly use the decrypted a_pk to check the coin commitment, rather
than its own a_pk.

(The length of encCiphertexts was already computed assuming this change.)

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
@ebfull
Copy link
Contributor

ebfull commented Mar 21, 2016

I am still convinced that pours should contain their own pourSig/pourPubKey just like we agreed upon during calgary. It is more flexible, makes verification more isolated, and requires breaking less code and tests that we've already written. We shouldn't make a change like that at this point anyway unless it's motivated by security.

@daira daira merged commit 8b9851a into master Mar 28, 2016
@daira daira deleted the zips28.little-endian.0 branch April 21, 2018 13:16
daira pushed a commit to daira/zips that referenced this pull request Nov 8, 2023
@vivek-arte @PaulLaux
Changing issue digest hash personalization values to match with imple…
69d3f77 
…mentation (zcash#29)

This makes the changes in ZIP 227 based on [this
comment](QED-it/orchard#66 (comment)).
daira pushed a commit to daira/zips that referenced this pull request Feb 7, 2024
@vivek-arte @daira
Changing issue digest hash personalization values to match with imple…
4ec6bf6 
…mentation (zcash#29)

This makes the changes in ZIP 227 based on [this
comment](QED-it/orchard#66 (comment)).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@daira @ebfull