commit ef71452e8c0af5d73b786b69646f5dc5851f077f
parent 2a3361961c138b9e66d807466bf696e887b9997e
Author: Christian Grothoff <christian@grothoff.org>
Date: Tue, 16 May 2017 15:07:37 +0200
add sentence on double-spending detection during refresh
Diffstat:
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/doc/paper/taler.tex b/doc/paper/taler.tex
@@ -1013,7 +1013,10 @@ than the comparable use of zk-SNARKs in ZeroCash~\cite{zerocash}.
for $i \in \{1,\ldots,\kappa\}$ and sends a signed commitment
$S_{C'}(\vec{B}, \vec{T_p})$ to the exchange.
\item % [200 OK / 409 CONFLICT]
- The exchange generates a random $\gamma$ with $1 \le \gamma \le \kappa$ and
+ The exchange checks that $C'_p$ is a valid coin of sufficient balance
+ to cover the value of the fresh coins to be generated and prevent
+ double-spending. Then,
+ the exchange generates a random $\gamma$ with $1 \le \gamma \le \kappa$ and
marks $C'_p$ as spent by persisting
$\langle C', \gamma, S_{C'}(\vec{B}, \vec{T_p}) \rangle$.
Auditing processes should assure that $\gamma$ is unpredictable until
