From 4ebc0f76299c756fa8cdb2b0a8a63fdd340e5e90 Mon Sep 17 00:00:00 2001 From: Andrew Arnott Date: Mon, 31 Jul 2023 07:13:11 -0600 Subject: [PATCH 1/6] Fix identification of HRP for full viewing keys This was likely a copy-paste error with the section above it, which is very similar but presents the human-readable part of *incoming* viewing keys. --- protocol/protocol.tex | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/protocol/protocol.tex b/protocol/protocol.tex index 532d0c933..5b1c15610 100644 --- a/protocol/protocol.tex +++ b/protocol/protocol.tex @@ -11929,8 +11929,8 @@ for either $\AuthSignPublic$ or $\NullifierKey$, or if $\AuthSignPublic \notin \SubgroupJstar$, or if $\NullifierKey \notin \SubgroupJ$. -For \incomingViewingKeys on \Mainnet, the \humanReadablePart is \ascii{zviews}. -For \incomingViewingKeys on \Testnet, the \humanReadablePart is \ascii{zviewtestsapling}. +For \fullViewingKeys on \Mainnet, the \humanReadablePart is \ascii{zviews}. +For \fullViewingKeys on \Testnet, the \humanReadablePart is \ascii{zviewtestsapling}. } %sapling From af2f3aece441484c3947864a4850d2d12c193a77 Mon Sep 17 00:00:00 2001 From: Andrew Arnott Date: Mon, 31 Jul 2023 07:16:58 -0600 Subject: [PATCH 2/6] Fix reference to undefined LEBS2OS function The `LEBS2OS` function does not exist and isn't meant to. This reference is understood to have meant `LEBS2OSP`. See discussion at: https://forum.zcashcommunity.com/t/what-is-the-lebs2os-function-in-the-zip-32-spec/44886 --- zip-0032.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zip-0032.rst b/zip-0032.rst index fee192572..823fffa9c 100644 --- a/zip-0032.rst +++ b/zip-0032.rst @@ -177,7 +177,7 @@ Sapling helper functions Define * :math:`\mathsf{EncodeExtSKParts}(\mathsf{ask, nsk, ovk, dk}) :=`:math:`\mathsf{I2LEOSP}_{256}(\mathsf{ask})`:math:`||\,\mathsf{I2LEOSP}_{256}(\mathsf{nsk})`:math:`||\,\mathsf{ovk}`:math:`||\,\mathsf{dk}` -* :math:`\mathsf{EncodeExtFVKParts}(\mathsf{ak, nk, ovk, dk}) :=`:math:`\mathsf{LEBS2OS}_{256}(\mathsf{repr}_\mathbb{J}(\mathsf{ak}))`:math:`||\,\mathsf{LEBS2OSP}_{256}(\mathsf{repr}_\mathbb{J}(\mathsf{nk}))`:math:`||\,\mathsf{ovk}`:math:`||\,\mathsf{dk}` +* :math:`\mathsf{EncodeExtFVKParts}(\mathsf{ak, nk, ovk, dk}) :=`:math:`\mathsf{LEBS2OSP}_{256}(\mathsf{repr}_\mathbb{J}(\mathsf{ak}))`:math:`||\,\mathsf{LEBS2OSP}_{256}(\mathsf{repr}_\mathbb{J}(\mathsf{nk}))`:math:`||\,\mathsf{ovk}`:math:`||\,\mathsf{dk}` Sapling master key generation ----------------------------- From 61654491cebc6a6265997a01a16eb8dccf41a459 Mon Sep 17 00:00:00 2001 From: Andrew Arnott Date: Mon, 31 Jul 2023 07:21:04 -0600 Subject: [PATCH 3/6] Fix ZIP-316 bug in expected `dk` length The `dk` value is 256 bits long. It's the *diversifier* that is only 88 bits long. The incoming viewing key requires the diversifier key -- not the diversifier. This change also reflects the de facto standard in implementations up to this point, including YWallet and the [zcash_address crate](https://docs.rs/zcash_address/latest/src/zcash_address/kind/unified/ivk.rs.html). --- zip-0316.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zip-0316.rst b/zip-0316.rst index f5ec2e1b7..2cc8c3dff 100644 --- a/zip-0316.rst +++ b/zip-0316.rst @@ -431,7 +431,7 @@ The following FVK or IVK Encodings are used in place of the * A Sapling IVK Encoding, also with Typecode :math:`\mathtt{0x02},` is an encoding of :math:`(\mathsf{dk}, \mathsf{ivk})` given by - :math:`\mathsf{I2LEOSP}_{88}(\mathsf{dk})\,||\,\mathsf{I2LEOSP}_{256}(\mathsf{ivk}).` + :math:`\mathsf{I2LEOSP}_{256}(\mathsf{dk})\,||\,\mathsf{I2LEOSP}_{256}(\mathsf{ivk}).` * There is no defined way to represent a Viewing Key for a Transparent P2SH Address in a UFVK or UIVK (because P2SH Addresses cannot be From 236336ad2faad5cbed30b9c32c03212443fb972f Mon Sep 17 00:00:00 2001 From: Andrew Arnott Date: Thu, 17 Aug 2023 07:45:36 -0600 Subject: [PATCH 4/6] Remove stray " character from ZIP-321 --- zip-0321.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zip-0321.rst b/zip-0321.rst index f595065b7..f71ec0e4c 100644 --- a/zip-0321.rst +++ b/zip-0321.rst @@ -260,7 +260,7 @@ forbidden in ``paramindex``. zcash:?amount=1.234&amount=2.345&address=tmEZhbWHTpdKMw5it8YDspUXSMGQyFwovpU - zcash:?amount.1=1.234&amount.1=2.345&address.1=tmEZhbWHTpdKMw5it8YDspUXSMGQyFwovpU" + zcash:?amount.1=1.234&amount.1=2.345&address.1=tmEZhbWHTpdKMw5it8YDspUXSMGQyFwovpU Also invalid; duplicate ``amount=`` or ``amount.1=`` fields From 932b81d59d558eb44339df6eea6d27f8011cdc32 Mon Sep 17 00:00:00 2001 From: Daira Emma Hopwood Date: Tue, 22 Aug 2023 20:30:42 +0100 Subject: [PATCH 5/6] dk is already a byte sequence. --- zip-0316.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zip-0316.rst b/zip-0316.rst index 2cc8c3dff..d4618b050 100644 --- a/zip-0316.rst +++ b/zip-0316.rst @@ -431,7 +431,7 @@ The following FVK or IVK Encodings are used in place of the * A Sapling IVK Encoding, also with Typecode :math:`\mathtt{0x02},` is an encoding of :math:`(\mathsf{dk}, \mathsf{ivk})` given by - :math:`\mathsf{I2LEOSP}_{256}(\mathsf{dk})\,||\,\mathsf{I2LEOSP}_{256}(\mathsf{ivk}).` + :math:`\mathsf{dk}\,||\,\mathsf{I2LEOSP}_{256}(\mathsf{ivk}).` * There is no defined way to represent a Viewing Key for a Transparent P2SH Address in a UFVK or UIVK (because P2SH Addresses cannot be From 02b7ce4c8a171b304657997b077debd0307b5845 Mon Sep 17 00:00:00 2001 From: Daira Emma Hopwood Date: Fri, 25 Aug 2023 19:27:33 +0100 Subject: [PATCH 6/6] ZIPs 32, 316, and 321: regenerate HTML. Signed-off-by: Daira Emma Hopwood --- zip-0032.html | 2 +- zip-0316.html | 2 +- zip-0321.html | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/zip-0032.html b/zip-0032.html index 2fc55b813..333d780e2 100644 --- a/zip-0032.html +++ b/zip-0032.html @@ -232,7 +232,7 @@
  • \(\mathsf{EncodeExtFVKParts}(\mathsf{ak, nk, ovk, dk}) :=\) - \(\mathsf{LEBS2OS}_{256}(\mathsf{repr}_\mathbb{J}(\mathsf{ak}))\) + \(\mathsf{LEBS2OSP}_{256}(\mathsf{repr}_\mathbb{J}(\mathsf{ak}))\) \(||\,\mathsf{LEBS2OSP}_{256}(\mathsf{repr}_\mathbb{J}(\mathsf{nk}))\) \(||\,\mathsf{ovk}\) \(||\,\mathsf{dk}\) diff --git a/zip-0316.html b/zip-0316.html index 6e29c0783..96a4ad61e 100644 --- a/zip-0316.html +++ b/zip-0316.html @@ -250,7 +250,7 @@ is an encoding of \((\mathsf{dk}, \mathsf{ivk})\) given by - \(\mathsf{I2LEOSP}_{88}(\mathsf{dk})\,||\,\mathsf{I2LEOSP}_{256}(\mathsf{ivk}).\) + \(\mathsf{dk}\,||\,\mathsf{I2LEOSP}_{256}(\mathsf{ivk}).\)
  • There is no defined way to represent a Viewing Key for a Transparent P2SH Address in a UFVK or UIVK (because P2SH Addresses cannot be diversified in an unlinkable way). The Typecode \(\mathtt{0x01}\) diff --git a/zip-0321.html b/zip-0321.html index 8d95df28c..28e9753d4 100644 --- a/zip-0321.html +++ b/zip-0321.html @@ -121,7 +121,7 @@

    Also invalid; address.0= and amount.0= are not permitted as leading 0s are forbidden in paramindex.

    zcash:?amount=1.234&amount=2.345&address=tmEZhbWHTpdKMw5it8YDspUXSMGQyFwovpU
 
-zcash:?amount.1=1.234&amount.1=2.345&address.1=tmEZhbWHTpdKMw5it8YDspUXSMGQyFwovpU"
    +zcash:?amount.1=1.234&amount.1=2.345&address.1=tmEZhbWHTpdKMw5it8YDspUXSMGQyFwovpU

    Also invalid; duplicate amount= or amount.1= fields

    zcash:tmEZhbWHTpdKMw5it8YDspUXSMGQyFwovpU?amount=1%30
 zcash:tmEZhbWHTpdKMw5it8YDspUXSMGQyFwovpU?%61mount=1