From e9956a3c47d77205328b4bb3dd8f74eefc48f9b5 Mon Sep 17 00:00:00 2001 From: Özgür Kesim Date: Fri, 15 Oct 2021 11:36:32 +0200 Subject: added changes to melting phase of refresh --- design-documents/024-age-restriction.rst | 40 +++++++++++++++++++++++++++++--- 1 file changed, 37 insertions(+), 3 deletions(-) (limited to 'design-documents') diff --git a/design-documents/024-age-restriction.rst b/design-documents/024-age-restriction.rst index 06b34c7e..cc7c7254 100644 --- a/design-documents/024-age-restriction.rst +++ b/design-documents/024-age-restriction.rst @@ -193,11 +193,45 @@ can not be expressed reliably with SQL. Protocol changes ---------------- -Refresh -~~~~~~~ +Refresh - melting phase +~~~~~~~~~~~~~~~~~~~~~~~ During the melting phase of the refresh, the wallet has to present the hash -value of the age commitment (for denominations with support for age restriction). +value of the age commitment (for denominations with support for age +restriction). Therefore, in the ``/coins/$COIN_PUB/melt`` POST request, the +``MeltRequest`` object is extended with an optional field +``age_commitment_hash``: + +.. ts:def:: MeltRequest { + ... + + // SHA512 hash of the age commitment of the coin, IFF the denomination + // has age restriction support. MUST be NULL otherwise. + age_commitment_hash?: HashCode; + + ... + } + +The responses to the POST request remain the same. + +For denominations *without* support for age restriction, the calculation for +the signature check is as before (borrowing notation from Florian's thesis): + +.. math:: + \text{FDH}(N_0, C_p^{(0)})\; \stackrel{?}{=}\; \left(\sigma_C^{(0)}\right)^{e_0} \;\;\text{mod}\,N_0 + +For denominations **with** support for age restriction, the exchange takes the +hash value ``age_commitment_hash`` (abbreviated as h\ :sub:`a`) into account +when verifying the coin's signature: + +.. math:: + \text{FDH}(N_0, C_p^{(0)}, \color{blue}{\text{\textbf{h_a}}})\;\stackrel{?}{=}\; \left(\sigma_C^{(0)}\right)^{e_0} \;\;\text{mod}\,N_0 + + + + +Refresh - reveal phase +~~~~~~~~~~~~~~~~~~~~~~ TODO: Extension of the cut'n-choose-protocol. -- cgit v1.2.3