Surjection question
This commit is contained in:
parent
52feaa1fc8
commit
d1f7fbdbe4
1 changed files with 8 additions and 0 deletions

@ 47,6 +47,10 @@ As can be seen, casual inspection of the blockchain does not reveal the unerlyin




_(TODO: QUESTION: How is it ensured that H<sub>A</sub> is a valid curve point? There must be some kind of nonce increment in the hash procedure to reject noncurve points. Find out.)_




### _Range Proofs_ and _Surjection Proofs_




(describe)




## Specifications




We propose to add the following three CA operations to the set of valid operations declared in graphene::chain::operation (chain/protocol/operations.hpp). The new CA operations are shown here side by side with their CT equivalents:



@ 74,6 +78,10 @@ The OpCode additions and specifications provided in this document do not confli




(TODO: Check whether preceding is true, i.e. that the operation structure is independent of signature method. If it is not true, include here a discussion of what else might need to be included in the structure, so that a decision can be made as to whether the two features would be best developed in parallel, or whether ringsigs could be implemented subsequently as an "upgrade" to CA.)




#### Asset surjection and compatibility




TODO: Question: Are AssetSurjection Proofs compatible with a RingSig scheme? I.e., can a prover who is "accusing" unrelated inputs produce the proof even not knowing the blind factors and asset tags of the unrelated inputs?




## Summary for Shareholders


## Copyright






Loading…
Reference in a new issue