Skip to content

ZIPs 226, 227, and 230 - ZSA Protocol: Transfer, Issuance and Burn#778

Merged
daira merged 43 commits into
zcash:mainfrom
daira:zsa1
Feb 9, 2024
Merged

ZIPs 226, 227, and 230 - ZSA Protocol: Transfer, Issuance and Burn#778
daira merged 43 commits into
zcash:mainfrom
daira:zsa1

Conversation

@daira
Copy link
Copy Markdown
Collaborator

@daira daira commented Feb 7, 2024

This is a rebased version of #680 with @daira's editorial changes.

vivek-arte and others added 30 commits February 7, 2024 19:06
@vivek-arte @daniben31
@dconnolly @daira @jonmrjr @str4d @PaulLaux
Moving changes in zsa-zips to zsa1 (zcash#10)
16c8dcb 
Co-authored-by: daniben31 <danielbenarroch92@gmail.com>
Co-authored-by: Deirdre Connolly <durumcrustulum@gmail.com>
Co-authored-by: Daira-Emma Hopwood <daira@jacaranda.org>
Co-authored-by: Jonathan S. Rouach <jon@rouach.net>
Co-authored-by: str4d <thestr4d@gmail.com>
Co-authored-by: Paul <lauxpaul@protonmail.com>
@vivek-arte @daira
ZIP 226: editorial change to terminology.
5a1222b 
Co-authored-by: Daira-Emma Hopwood <daira@jacaranda.org>
@vivek-arte @daira @dconnolly
Suggestions from ZIP review: improvements to mathematical notation, a…
325c6e4 
…nd typographical edits.

Co-authored-by: Daira-Emma Hopwood <daira@jacaranda.org>
Co-authored-by: Deirdre Connolly <durumcrustulum@gmail.com>
@vivek-arte @daira
Changes to issuance key derivation details (zcash#8)
59e305e 
This covers the changes made to derive the issuance key independently of the Orchard key structure, using the techniques from [ZIP 32](https://zips.z.cash/zip-0032).
@vivek-arte @daira
Rearrangements and minor changes to the Security and Privacy Consider…
948d5dd 
…ations (zcash#13)

Minor changes to the Security and Privacy Considerations
to make it more in line with the format specified in ZIP 0.
@vivek-arte @daira
Rearranging ZIP structure (zcash#14)
01298df 
This rearranges and rewrites various sections of the ZIP to make it more in line with the suggestions in ZIP 0.
It also updates the Split Notes, Circuit Statement and Burn Mechanism sections with more information.
@vivek-arte @daira
Corrections and addition of reference links (zcash#16)
14c9f4d 
This adds in the reference links to the test vectors and reference implementations corresponding to the ZSA Protocol. Some corrections to the notation for better consistency and some updates to the formulae for syncing with the implementation are also included here.
@vivek-arte @daira
Suggestions from ZIP review: editorial changes.
9dcb234 
Co-authored-by: Daira-Emma Hopwood <daira@jacaranda.org>
@AntoineRondelet @daira
Added link to nested README for build deps (zcash#17)
e650311 
Link to the nested README in `protocol/README` to install all the dependencies needed to build ZIPs and the specs.
@vivek-arte @daira
Handling additional suggestions from PR#649 and PR#628 (zcash#19)
9c82f32 
Making updates based on pending reviews from
[PR#649](zcash#649) and
[PR#628](zcash#628).
@vivek-arte @daira
Updates to txid_digest (zcash#15)
32b7f1e 
This details the changes to the transaction digest algorithm for the
ZSA protocol.
- A new branch is added for hashing the information in a transaction
related to issuance.
- Some branches are added and modified in the orchard_digest subtree to
account for the additional Asset Base value that needs to be hashed.
@AntoineRondelet @vivek-arte @daira
First round of modifications on ZIP227 (zcash#20)
2630ffb 
Improved style and content of ZIP 227.

Co-authored-by: Vivek Arte <vivek@qed-it.com>
@vivek-arte @daira
Adding ZSA Orchard Action Description encoding details (zcash#21)
3d26c5a 
This adds details of the changes to the Orchard Action encodings and
the changes to the transaction format that occur due to the ZSA
Protocol. It also improves the formatting of existing tables for Asset
Burn.
@vivek-arte @daira
Updates to issue bundle hash personalizations (zcash#22)
b76813c 
A few of the issue bundle hash personalizations were 15 characters long
instead of the required 16. This is being fixed here.
@AntoineRondelet @daira
Fixed math boundary around purpose (zcash#23)
709874d 
As per the title, this is a tiny fix to adjust the boundary of the
math environment which wasn't properly closed and thus rendered poorly
on the html.
@vivek-arte @daira
Updates to naming conventions and table format (zcash#28)
f8936ac 
This makes the naming conventions for variables more consistent, largely with a view to using double backticks for terms that appear in the transaction format and datatype description tables.

These tables have also been reformatted to be consistent with other ZIPs in their rst form.

The `previously_finalized` set is renamed to `finalized_assets`, and this set now stores `AssetDigest` values rather than `AssetId` values for more compactness in the global state.
@AntoineRondelet @vivek-arte @daira
Removed redundant terminology in ZIP226, building on ZIP227 (zcash#26)
cd55e62 
Removed redundant terminology in ZIP226, building on ZIP227, fixed abstract and used consistent terminology to stick to issuance instead of creation of assets.

Co-authored-by: Vivek Arte <46618816+vivek-arte@users.noreply.github.com>
@vivek-arte @daira
Changing issue digest hash personalization values to match with imple…
4ec6bf6 
…mentation (zcash#29)

This makes the changes in ZIP 227 based on [this
comment](QED-it/orchard#66 (comment)).
@AntoineRondelet @vivek-arte @daira
Added missing indices over sums (zcash#27)
a7f5ffa 
This PR adds missing indices over sums. It also fixes and makes improvements to the burn mechanism description.

Co-authored-by: Vivek Arte <46618816+vivek-arte@users.noreply.github.com>
@vivek-arte @daira
Consistency changes for notation and updates to issuance key derivati…
d92ccec 
…on (zcash#30)

This PR improves the naming of variables to make them consistent with
the broader ZIPs conventions.

It also makes changes to the issuance key derivation and the terms used
for the various keys.
@ConstanceBeguier @daira
Update with circuit changes (zcash#31)
e5f03d9 
- Add the new nullifier equation for split notes
- Add a link to Orchard circuit document
- Add is_native_asset auxiliary witness
- Remove constraint (split_flag=1) => (v_old != 0)
- Add constraint (split_flag=1) => (is_native_asset=0)
@vivek-arte @dconnolly @daira
Suggestions from ZIP review: clarifications and typographical edits.
3651df5 
Co-authored-by: Deirdre Connolly <durumcrustulum@gmail.com>
@vivek-arte @daira
Guidelines to wallets regarding representing Assets to clients (zcash#32
33b23d0 
)

This adds to the specification to provide wallets instructions on displaying Asset information to users in an unambiguous way.

This addresses [this comment](zcash#680 (comment)).
@vivek-arte @daira
Adding explicit assumption for canonical encodings for the Asset Base. (
c70e0fd 
zcash#33)

This addresses [this comment](zcash#680 (comment)).
@vivek-arte @daira
Burn Mechanism Rearrangement (zcash#35)
28832be 
This rearranges the positioning of the burn mechanism in order to remove duplication of material between the burn mechanism section and the value balance verification section.
There is also some simplification of the naming convention for the Asset Base variable.
@ConstanceBeguier @daira
Add enable_zsa flag (zcash#37)
8753f71 
This PR adds enable_zsa flag into ZIP 226.
@vivek-arte @daira
Renaming idk to imk throughout ZIP 227 (zcash#41)
57aaf29 
This is a consistent renaming of the issuance derivation key to call it the issuance master key.
@vivek-arte @dconnolly
@daira @str4d @PaulLaux @AntoineRondelet @ConstanceBeguier
Move the updated transaction structure from ZIP 226 to ZIP 230 (zcash#42
9b1a0c2 
)

This removes the transaction structure fields from ZIP 226 in favour
of adding them to ZIP 230, for the v6 Transaction Format.

Co-authored-by: Deirdre Connolly <durumcrustulum@gmail.com>
Co-authored-by: Daira-Emma Hopwood <daira@jacaranda.org>
Co-authored-by: str4d <thestr4d@gmail.com>
Co-authored-by: Paul <lauxpaul@protonmail.com>
Co-authored-by: Antoine Rondelet <rondelet.antoine@gmail.com>
Co-authored-by: Constance Beguier <constance@qed-it.com>
@vivek-arte @daira
Switching the issuance authorization scheme to using Bitcoin Schnorr …
cea341e 
…over `secp256k1`, as in BIP 340. (zcash#40)

We switch the `issueAuthSig` scheme from RedPallas without
key re-randomization to the Bitcoin Schnorr signature (as described in
bip340).
We also perform notation changes of `idk` to `imk`, and adjust the
derivation of the issuance keys to fit with the updated Issuance
Authorization Signature scheme.
@vivek-arte @daira
updated burn description
7aff601 
Minor addition to burn mechanism description
vivek-arte and others added 13 commits February 7, 2024 19:18
@vivek-arte @daira
Suggestions from ZIP review: notation, typographical edits, and updat…
eed714f 
…e Daira-Emma's name.

Co-authored-by: Daira-Emma Hopwood <daira@jacaranda.org>
@vivek-arte @daira
Rename of Issuance Keys (zcash#44)
de1235c 
This performs a rename of the Issuance keys as follows:

- `imk : Issuance master key` is renamed to `isk: Issuance authorizing
key`
@vivek-arte @daira
Updates to Security and Privacy Considerations section (zcash#45)
0fbded6 
This adds some details to the ZIP 226 Security and Privacy
Considerations section to address this
[comment](zcash#680 (comment))
@vivek-arte @daira
Clarifying the encoding of ik (zcash#46)
9eb00ee 
This makes it clear that the encoding of `ik` used in the Asset Base
derivation is big-endian, as in the case of the underlying BIP 340
Schnorr signature scheme.

It also adds a clarification about the version byte used in the Asset
Base derivation.
@daira
ZIPs 226 and 227: remove trailing spaces.
a7a9c21 
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
@daira
ZIP 226: use \star instead of * for bit representations.
865469a 
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
@daira
ZIPs 226, 227, and 230: update references and key words to latest ZIP…
3b98ae5 
… conventions and protocol spec.

Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
@daira
ZIPs 226, 227, and 230: cosmetic math formatting improvements.
15118ac 
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
@daira
ZIP 226: editorial clarifications.
c67f8d0 
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
@daira
ZIP 227: minor rewording.
30bf5c9 
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
@daira
ZIP 230: reword and wrap abstract.
46a885f 
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
@daira
CSS: Improve the font weight and size of code in headings.
406b7e8 
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
@daira
ZIPs 226, 227 and 230: regenerate HTML.
21cf124 
Signed-off-by: Daira-Emma Hopwood <daira@jacaranda.org>
@daira daira added the ZSAs label Feb 7, 2024
@daira daira mentioned this pull request Feb 7, 2024
Closed
@daira
Copy link
Copy Markdown
Collaborator Author

daira commented Feb 7, 2024

The editorial changes are here:
https://github.com/zcash/zips/pull/778/files/a7a9c213db4fa19251694f2857e65be228728f72..46a885f1cda9e0ea3719c64f7372194cdb02772e?diff=split&w=0

PaulLaux
PaulLaux reviewed Feb 8, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@PaulLaux PaulLaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.
Need to re-render the html files before merging.

daira
daira commented Feb 9, 2024
View reviewed changes
Comment thread zip-0227-asset-identifier-relation.png
Copy link
Copy Markdown
Collaborator Author

@daira daira Feb 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This rendered PNG doesn't have any border. It will look fine in light mode, but in dark mode the background of images is grey (to work around the fact that black borders or standalone black text and arrows would otherwise merge into the background), and so we end up with a grey box that only just fits around the content.

Copy link
Copy Markdown
Contributor

@PaulLaux PaulLaux Feb 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see, will adjust in future updates.

@daira daira merged commit 5e33e47 into zcash:main Feb 9, 2024
@daira daira deleted the zsa1 branch February 9, 2024 20:00
@daira
Copy link
Copy Markdown
Collaborator Author

daira commented Feb 9, 2024
edited
Loading

Looks good. Need to re-render the html files before merging.

They were already re-rendered in the last commit (21cf124). I had removed all the intermediate renders as part of conflict resolution.

@vivek-arte vivek-arte mentioned this pull request Jun 11, 2024
Merged
@nuttycom nuttycom mentioned this pull request Nov 1, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@conradoplg conradoplg conradoplg approved these changes

+1 more reviewer

@PaulLaux PaulLaux PaulLaux left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

ZSAs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@daira @conradoplg @PaulLaux @vivek-arte @AntoineRondelet @ConstanceBeguier