From ef71452e8c0af5d73b786b69646f5dc5851f077f Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 16 May 2017 15:07:37 +0200 Subject: add sentence on double-spending detection during refresh --- doc/paper/taler.tex | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/paper/taler.tex b/doc/paper/taler.tex index 6f1be8081..774300efa 100644 --- a/doc/paper/taler.tex +++ b/doc/paper/taler.tex @@ -1013,7 +1013,10 @@ than the comparable use of zk-SNARKs in ZeroCash~\cite{zerocash}. for $i \in \{1,\ldots,\kappa\}$ and sends a signed commitment $S_{C'}(\vec{B}, \vec{T_p})$ to the exchange. \item % [200 OK / 409 CONFLICT] - The exchange generates a random $\gamma$ with $1 \le \gamma \le \kappa$ and + The exchange checks that $C'_p$ is a valid coin of sufficient balance + to cover the value of the fresh coins to be generated and prevent + double-spending. Then, + the exchange generates a random $\gamma$ with $1 \le \gamma \le \kappa$ and marks $C'_p$ as spent by persisting $\langle C', \gamma, S_{C'}(\vec{B}, \vec{T_p}) \rangle$. Auditing processes should assure that $\gamma$ is unpredictable until -- cgit v1.2.3