**diff options**

author | Özgür Kesim <oec-taler@kesim.org> | 2021-10-20 12:29:27 +0200 |
---|---|---|

committer | Özgür Kesim <oec-taler@kesim.org> | 2021-10-20 12:29:27 +0200 |

commit | aff2c12576fc8a7b76bdca2b194a518426e9e7f7 (patch) | |

tree | 036931880b1fe84f98ed241c3f7db6238a2c2bb7 | |

parent | 6b4675dcae3826b51b13cd0d161b28efd610c2a8 (diff) | |

download | docs-aff2c12576fc8a7b76bdca2b194a518426e9e7f7.tar.gz docs-aff2c12576fc8a7b76bdca2b194a518426e9e7f7.tar.bz2 docs-aff2c12576fc8a7b76bdca2b194a518426e9e7f7.zip |

clarifications in the description of age groups

-rw-r--r-- | design-documents/024-age-restriction.rst | 25 |

1 files changed, 13 insertions, 12 deletions

diff --git a/design-documents/024-age-restriction.rst b/design-documents/024-age-restriction.rst index abd6d0e..74a88c5 100644 --- a/design-documents/024-age-restriction.rst +++ b/design-documents/024-age-restriction.rst @@ -67,19 +67,24 @@ Main ideas and building blocks The main ideas are simple: -#. The exchange defines and publishes M different *age groups* of increasing order: - :math:`0 < a_1 < \ldots < a_M` with :math:`a_i \in \mathbb{N}`. +#. The exchange defines and publishes M+1 different *age groups* of increasing + order: :math:`0 < a_1 < \ldots < a_M` with :math:`a_i \in \mathbb{N}`. The + zeroth age group is :math:`\{0,\ldots,a_1-1\}`. #. An **unrestricted** *age commitment* is defined as a vector of length M of pairs of EdDSA public and private keys on Curve25519. In other words: one - key pair for each age group: + key pair for each age group after the zeroth: :math:`\bigl\langle (p_1, s_1), \ldots, (p_M, s_M) \bigr\rangle` -#. A **restricted** *age commitment* **to age group m** is derived from an unrestricted age - commitment by removing all private keys for indices larger than m: - :math:`\bigl\langle (p_1, s_1), \ldots, (p_m, s_m), \, (p_{m+1}, \perp), - \ldots, (p_M, \perp )\bigr\rangle`. The act of restricting an unrestricted - age commitment is performed by the parent/ward. +#. A **restricted** *age commitment* **to age group m** (or m-th age group) is + derived from an unrestricted age commitment by removing all private keys for + indices larger than m: :math:`\bigl\langle (p_1, s_1), \ldots, (p_m, s_m), + \, (p_{m+1}, \perp), \ldots, (p_M, \perp )\bigr\rangle`. + F.e. if *none* of the private keys is provided, the age commitment would be + restricted to the zeroth age group. + +#. The act of restricting an unrestricted age commitment is performed by the + parent/ward. #. An *age commitment* (without prefix) is just the vector of public keys: :math:`\vec{Q} := \langle p_1, \ldots, p_M \rangle`. Note that from @@ -393,10 +398,6 @@ Also again, :math:`C_p` is the EdDSA public key of a coin, :math:`\sigma_C` is its signature, :math:`\langle e, N \rangle` is the RSA public key of the denomination and :math:`h_a` is the value from ``age_commitment_hash``. -TODO: maybe rename this field into something more opaque, like -``opaque_signature_salt`` or so? - - Changes in the Merchant API |