diff options
| -rw-r--r-- | design-documents/024-age-restriction.rst | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/design-documents/024-age-restriction.rst b/design-documents/024-age-restriction.rst index 725d172b..efa140c2 100644 --- a/design-documents/024-age-restriction.rst +++ b/design-documents/024-age-restriction.rst @@ -320,7 +320,41 @@ and compares them to the one in ``.old_age_commitment``. Deposit ~~~~~~~ -TODO: Add opaque hash value of the commitments to the protocol +As always, the merchant has to provide the public key of a coin during a POST +to ``/coins/$COIN_PUB/deposit``. However, for coins with age restriction, the +signature check requires the hash of the age commitment. Therefore the request +object ``DepositRequest`` is extended by an optional field +``age_commitment_hash`` which MUST be set (with the SHA512 hash of the age +commitment), iff the corresponding denomination had support for age restriction +enabled. The merchant has received this value prior from the customer during +purchase. + +.. ts:def:: DepositRequest + + interface DepositRequest { + ... + + // Iff the corresponding denomination had support for age restriction + // enabled, this field MUST contain the SHA512 value of the age commitment that + // was provided during the purchase. + age_commitment_hash?: HashCode; + + ... + } + +Again, the exchange can now check the validity of the coin by evaluating + +.. math:: + \text{FDH}_N(C_p, h_a)\; \stackrel{?}{=}\; \left(\sigma_C\right)^{e} \;\;\text{mod}N + +Also again, :math:`C_p` is the EdDSA public key of a coin, :math:`\sigma_C` is +its signature, :math:`\langle e, N \rangle` is the RSA public key of the +denomination and :math:`h_a` is the value from ``age_commitment_hash``. + +TODO: maybe rename this field into something more opaque, like +``opaque_signature_salt`` or so? + + Changes in the Merchant |