[ZSA] Issuance Key Derivation update to match with ZIP 32 #72
Conversation
✅ Deploy Preview for zcash-zips-qedit ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
vivek-arte
changed the title
|
|
||
| As in ZIP 32 for Orchard [#zip-0032-orchard-child-key-derivation]_, we only use hardened child key derivation for the issuance authorizing key. | ||
| We reuse the :math:`\mathsf{CDKsk}` function for Orchard child key derivation from ZIP 32. | ||
| - Return :math:`\mathsf{CKDh}^{\mathsf{Issuance}}((\mathsf{sk}_{par},\mathsf{c}_{par}), i)\!` |
There was a problem hiding this comment.
some inconsistency on lines 141-143: some items written with ' like account' but then ' is is omitted.
There was a problem hiding this comment.
To quote from BIP 43 (which is the notation ZIP 32 uses):
Apostrophe indicates that BIP32 hardened derivation is used.
The hardened derivation section from BIP 32 contains:
The normal child keys use indices 0 through
$$2^{31} -1$$ . The hardened child keys use indices$$2^{31}$$ through$$2^{32}-1$$ . To ease notation for hardened key indices, a number$$i_H$$ represents$$i+2^{31}$$ .
So in BIP 43,
coin_type and account are defined in their particular ways, but what is used in the path is the hardened version (with the MSB = 1). Hence the path has the apostrophe, but the definition does not.
This is consistent with the notation in ZIP 32 (see here and here).
This PR makes the changes to align with the change in notation for ZIP 32 done in zcash#908.