Surjection question

This commit is contained in:
christophersanborn 2018-07-16 11:44:17 -04:00 committed by GitHub
parent 52feaa1fc8
commit d1f7fbdbe4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -47,6 +47,10 @@ As can be seen, casual inspection of the blockchain does not reveal the unerlyin
_(TODO: QUESTION: How is it ensured that H<sub>A</sub> is a valid curve point? There must be some kind of nonce increment in the hash procedure to reject non-curve points. Find out.)_
### _Range Proofs_ and _Surjection Proofs_
(describe)
## Specifications
We propose to add the following three CA operations to the set of valid operations declared in graphene::chain::operation (chain/protocol/operations.hpp). The new CA operations are shown here side by side with their CT equivalents:
@ -74,6 +78,10 @@ The Op-Code additions and specifications provided in this document do not confli
(TODO: Check whether preceding is true, i.e. that the operation structure is independent of signature method. If it is not true, include here a discussion of what else might need to be included in the structure, so that a decision can be made as to whether the two features would be best developed in parallel, or whether ring-sigs could be implemented subsequently as an "upgrade" to CA.)
#### Asset surjection and compatibility
TODO: Question: Are Asset-Surjection Proofs compatible with a Ring-Sig scheme? I.e., can a prover who is "accusing" unrelated inputs produce the proof even not knowing the blind factors and asset tags of the unrelated inputs?
## Summary for Shareholders
## Copyright