From c7cc648ef5ebd11a913d11de3b3b709a0b92eede Mon Sep 17 00:00:00 2001
From: Florian Dold <florian.dold@gmail.com>
Date: Wed, 1 Apr 2020 13:38:38 +0530
Subject: sync

---
 taler/implementation.tex | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/taler/implementation.tex b/taler/implementation.tex
index a14fbab..4b5e3ca 100644
--- a/taler/implementation.tex
+++ b/taler/implementation.tex
@@ -1573,14 +1573,14 @@ t := \HKDF(256, s, \texttt{"t"}) \\
 T := \algo{Curve25519.GetPub}(t) \\
 x := \textrm{ECDH-EC}(t, C_p)  \\
 r := \algo{SelectSeeded}(x, \mathbb{Z}^*_{N})  \\
-c_s := \HKDF(256, x, \texttt{"c"}) \\
-C_p := \algo{Ed25519.GetPub}(c_s)  \\
-\overline{m} := r^{e}\cdot C_p \mod N \\
-\pcreturn \langle t, T, x, c_s, C_p, \overline{m} \rangle
+c_s' := \HKDF(256, x, \texttt{"c"}) \\
+C_p' := \algo{Ed25519.GetPub}(c_s')  \\
+\overline{m} := r^{e}\cdot C_p' \mod N \\
+\pcreturn \langle t, T, x, c_s', C_p', \overline{m} \rangle
 }
 }
 \caption[RefreshDerive algorithm]{The RefreshDerive algorithm running with the seed $s$ on dirty coin $C_p$ to
-   generate a fresh coin to be later signed with denomination key $pkD := \langle e,N\rangle$.}
+   generate a fresh coin $C_p'$ to be later signed with denomination key $pkD := \langle e,N\rangle$.}
 \label{fig:refresh-derive}
 \end{figure}
 
@@ -1668,7 +1668,7 @@ S := \langle s_1,\dots,s_{\gamma-1},s_{\gamma+1},\dots,s_\kappa \rangle \< \< \\
 \< \sendmessageright*{C_p^{(0)}} \< \\
 \< \< L := \algo{LookupLink}(C_p^{(0)}) \\
 \< \sendmessageleft*{L} \< \\
-\pcfor \langle \rho_{L}^{(i)}, \overline{\sigma}_L^{(i)}, \sigma_C^{(i)} \rangle \in L \< \< \\
+  \pcfor \langle \rho_{L}^{(i)}, \sigma_L^{(i)}, \overline{\sigma}_C^{(i)} \rangle \in L \< \< \\
 \t \langle \hat{C}_p^{(i)}, \V{pkD}_t^{(i)}, T_\gamma^{(i)}, \overline{m}_\gamma^{(i)} \rangle := \rho_L^{(i)} \< \< \\
 \t \langle e_t^{(i)}, N_t^{(i)} \rangle := \V{pkD}_t^{(i)} \< \< \\
 \t \pccheck \hat{C}_p^{(i)} \iseq  C_p^{(0)} \< \< \\
@@ -1677,7 +1677,7 @@ S := \langle s_1,\dots,s_{\gamma-1},s_{\gamma+1},\dots,s_\kappa \rangle \< \< \\
 \t r_i := \algo{SelectSeeded}(x_i, \mathbb{Z}^*_{N_t})  \\
 \t c_s^{(i)} := \HKDF(256, x_i, \texttt{"c"}) \\
 \t C_p^{(i)} := \algo{Ed25519.GetPub}(c_s^{(i)})  \\
-\t \sigma_C^{(i)} := (r_i)^{-1} \cdot \overline{m}_\gamma^{(i)} \\
+\t \sigma_C^{(i)} := (r_i)^{-1} \cdot \overline{\sigma}_C^{(i)} \\
 \t \pccheck (\sigma_C^{(i)})^{e_t^{(i)}} \iseqv_{N_t^{(i)}} C_p^{(i)} \\
 \t \text{(Re-)obtain coin } \langle \V{pkD}_t^{(i)}, c_s^{(i)}, C_p^{(i)}, \sigma_C^{(i)} \rangle
 }
-- 
cgit v1.2.3