diff options
author | Jeff Burdges <burdges@gnunet.org> | 2018-04-21 16:13:34 +0200 |
---|---|---|
committer | Jeff Burdges <burdges@gnunet.org> | 2018-04-21 16:13:34 +0200 |
commit | 8ddbde43970df19fea6534fa765f69aefad2dca6 (patch) | |
tree | f9737cc9d51925b9418d54a52588a0eb57a73bc0 /games | |
parent | 46f85c88d70c468bd879968aaae6b5cc5beaa035 (diff) | |
download | papers-8ddbde43970df19fea6534fa765f69aefad2dca6.tar.gz papers-8ddbde43970df19fea6534fa765f69aefad2dca6.tar.bz2 papers-8ddbde43970df19fea6534fa765f69aefad2dca6.zip |
Try again on fairness game
Diffstat (limited to 'games')
-rw-r--r-- | games/games.tex | 16 |
1 files changed, 5 insertions, 11 deletions
diff --git a/games/games.tex b/games/games.tex index c2d2b41..496ae02 100644 --- a/games/games.tex +++ b/games/games.tex @@ -425,20 +425,14 @@ Let \oraSet{Fair} stand for access to the oracles \item $C_0 \leftarrow {\cal A}^{\oraSet{Fair}}(pkExchange)$ \item If $C_0$ is not a coin public key, return 0. Also let $U$ be the user that has $C_0$ in their wallet. If no such $U$ exists, return 0. - \item Let $C_0, \dots, C_n$ be the coins reachable via \algo{Link} from $C_0$. + \item Let $C_0, \dots, C_n$ be the coins reachable via \algo{Link} from $C_0$. + We note the user obtains unlinkable change through refreshes, which merely extend this list. \item Return 0 if either $U$ was corrupted or \ora{Share} was called with any of $C_0, \dots, C_n$. \item For each $C \in \{C_0, \dots, C_n\}$, do the following: \begin{enumerate}[label*=\arabic*.] - \item Let $v$ denote the residual value of $C$ expected by $U$, meaning - the value not consumed by contracts in $contractHashes[U]$ or - refreshed into coins in $C_0,\ldots, C_n$. - Let $v'$ be the closest under-approximation to $v$ reachable by denominations in $\V{pkE}$. - \item $R \leftarrow \algo{Refresh}(\prt{B}(skE, pkE), \prt{U}(U, C))$. \\ - $R$ yields either new coins totaling $v'$, or error responses favoring the adversary. - \item Return 1 if $R$ indicates $C$ was spent on some contract $h \notin contractHashes[U]$ not known to $C$. - \item Return 1 if $R$ indicates existing refreshes (failed or succeeded) into coins not in $C_0, \dots, C_n$. - \comment{Discuss failed or succeeded} - \end{enumerate} + \item Return 1 if $\V{deposited}[C]$ contains a contract $h$ not appearing in the wallet's database $\V{acceptedContracts}[U]$. + \item Return 1 if the total value $r_E$ of attempted refreshes in $\V{refreshed}[C]$ exceeds the total value $r_U$ of coins in $C_0, \dots, C_n$ directly reachable in one link from $C$. We note $r_E$ includes refreshes that failed due to dishonesty, but not refreshes that failed to authenticate as $C$. + \end{enumerate} \item Return 0 if this step is reached without an earlier return. \end{enumerate} |