Refactor spec to put instantiations in their own section #27
Comments
daira
changed the title
|
+1, this will make interactions between the primitives easier to spot, since they'll all be defined near each other. It will also force us to be explicit about the requirements of things like hSig. |
|
Data point: I probably wouldn't have found the InternalH collision attack if the instantiations were separated. If I had been asked (and given time) to specifically check if that commitment scheme was binding I might have noticed it, but seeing a bunch of important protocol values (rather than an opaque message to be committed to) going into an 128-bit hash was an important motivator to get me thinking about the potential problems. That said, since we have zcash/zcash#792 I'm still happy about the separation. |
|
Yes, I'm concerned that the separation in the Zerocash paper might have been a contributing factor to it having been missed by the authors. I want to see how this change looks in practice before committing to making it for the final spec. |
|
@defuse and I made a start on this; the work-in-progress is on the https://github.com/zcash/zips/tree/zips27.reorganisation.0 branch. |
|
Fixed in 2016.0-beta-1. |
This PR adds missing indices over sums. It also fixes and makes improvements to the burn mechanism description. --------- Co-authored-by: Vivek Arte <46618816+vivek-arte@users.noreply.github.com>
This PR adds missing indices over sums. It also fixes and makes improvements to the burn mechanism description. Co-authored-by: Vivek Arte <46618816+vivek-arte@users.noreply.github.com>
As requested by 7S. This would go just before the "Encoding" section.
The text was updated successfully, but these errors were encountered: