diff options
| author | Jon Atack <jon@atack.com> | 2024-08-13 01:12:13 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-08-13 01:12:13 +0000 |
| commit | 7c62ebea4c27fc67ca76a8d64f8f545400b38aa6 (patch) | |
| tree | fd0116a5d1d5fba493a75b4d56a82bd9a01fb799 /bip-0352.mediawiki | |
| parent | a626ad6e2a55750acd4f8807f53b4742295514d6 (diff) | |
| parent | 52fdb00b6d5844f48cb30b5c39b6fe23708281e4 (diff) | |
Merge pull request #1654 from storopoli/master
Check typos in CI
Diffstat (limited to 'bip-0352.mediawiki')
| -rw-r--r-- | bip-0352.mediawiki | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/bip-0352.mediawiki b/bip-0352.mediawiki index 634e179..4462efc 100644 --- a/bip-0352.mediawiki +++ b/bip-0352.mediawiki @@ -99,7 +99,7 @@ In our simplified example we have been referring to Alice's transactions as havi Alice performs the tweak with the sum of her input private keys in the following manner: * Let ''a = a<sub>1</sub> + a<sub>2</sub> + ... + a<sub>n</sub>'' -* Let ''input_hash = hash(outpoint<sub>L</sub> || (a·G))'', where ''outpoint<sub>L</sub>'' is the smallest outpoint lexicographically<ref name="why_smallest_outpoint">'''Why use the lexicographically smallest outpoint for the hash?''' Recall that the purpose of including the input hash is so that the sender and receiver can both come up with a deterministic nonce that ensures that a unique address is generated each time, even when reusing the same scriptPubKey as an input. Choosing the smallest outpoint lexicographically satisifes this requirement, while also ensuring that the generated output is not dependent on the final ordering of inputs in the transaction. Using a single outpoint also works well with memory constrained devices (such as hardware signing devices) as it does not require the device to have the entire transaction in memory in order to generate the silent payment output.</ref> +* Let ''input_hash = hash(outpoint<sub>L</sub> || (a·G))'', where ''outpoint<sub>L</sub>'' is the smallest outpoint lexicographically<ref name="why_smallest_outpoint">'''Why use the lexicographically smallest outpoint for the hash?''' Recall that the purpose of including the input hash is so that the sender and receiver can both come up with a deterministic nonce that ensures that a unique address is generated each time, even when reusing the same scriptPubKey as an input. Choosing the smallest outpoint lexicographically satisfies this requirement, while also ensuring that the generated output is not dependent on the final ordering of inputs in the transaction. Using a single outpoint also works well with memory constrained devices (such as hardware signing devices) as it does not require the device to have the entire transaction in memory in order to generate the silent payment output.</ref> * Let ''P<sub>0</sub> = B + hash(input_hash·a·B || 0)·G'' ''' Spend and Scan Key ''' |