Expand description
Various constants used by the Sapling protocol.
Structs§
- PEDERSEN_
HASH_ EXP_ TABLE - The exp table for
PEDERSEN_HASH_GENERATORS.
Constants§
- CRH_
IVK_ PERSONALIZATION - BLAKE2s Personalization for CRH^ivk = BLAKE2s(ak | nk)
- GH_
FIRST_ BLOCK - First 64 bytes of the BLAKE2s input during group hash. This is chosen to be some random string that we couldn’t have anticipated when we designed the algorithm, for rigidity purposes. We deliberately use an ASCII hex string of 32 bytes here.
- KEY_
DIVERSIFICATION_ PERSONALIZATION - BLAKE2s Personalization for the group hash for key diversification
- NOTE_
COMMITMENT_ RANDOMNESS_ GENERATOR - The note commitment is randomized over this generator.
- NULLIFIER_
POSITION_ GENERATOR - The node commitment is randomized again by the position in order to supply the nullifier computation with a unique input w.r.t. the note being spent, to prevent Faerie gold attacks.
- NULLIFIER_
POSITION_ IN_ TREE_ GENERATOR_ PERSONALIZATION - BLAKE2s Personalization for the nullifier position generator (for computing rho)
- PEDERSEN_
HASH_ CHUNKS_ PER_ GENERATOR - The maximum number of chunks per segment of the Pedersen hash.
- PEDERSEN_
HASH_ EXP_ WINDOW_ SIZE - The window size for exponentiation of Pedersen hash generators outside the circuit.
- PEDERSEN_
HASH_ GENERATORS - The generators (for each segment) used in all Pedersen commitments.
- PEDERSEN_
HASH_ GENERATORS_ PERSONALIZATION - BLAKE2s Personalization for Pedersen hash generators.
- PRF_
NF_ PERSONALIZATION - BLAKE2s Personalization for PRF^nf = BLAKE2s(nk | rho)
- PROOF_
GENERATION_ KEY_ BASE_ GENERATOR_ PERSONALIZATION - BLAKE2s Personalization for the proof generation key base point
- PROOF_
GENERATION_ KEY_ GENERATOR - The prover will demonstrate knowledge of discrete log with respect to this base when they are constructing a proof, in order to authorize proof construction.
- SPENDING_
KEY_ GENERATOR - The spender proves discrete log with respect to this base at spend time.
- SPENDING_
KEY_ GENERATOR_ PERSONALIZATION - BLAKE2s Personalization for the spending key base point
- VALUE_
COMMITMENT_ GENERATOR_ PERSONALIZATION - BLAKE2s Personalization for the value commitment generator for the value
- VALUE_
COMMITMENT_ RANDOMNESS_ GENERATOR - The value commitment is randomized over this generator, for privacy.
- VALUE_
COMMITMENT_ VALUE_ GENERATOR - The value commitment is used to check balance between inputs and outputs. The value is placed over this generator.