Skip to content

Refactor of ZIP 228 #128

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
vivek-arte merged 5 commits into from
Nov 20, 2025
Merged

Refactor of ZIP 228 #128

vivek-arte merged 5 commits into from
Nov 20, 2025

Conversation

@vivek-arte
Copy link

@vivek-arte vivek-arte commented Nov 15, 2025

This PR goes through ZIP 228, and makes changes to reconcile the ZIP with the updates made in ZIP 226, ZIP 227, ZIP 230 and ZIP 246, for the NU7 protocol upgrade

@netlify
Copy link

netlify bot commented Nov 15, 2025
edited
Loading

Deploy Preview for zcash-zips-qedit ready!

Name Link
🔨 Latest commit 4a3f11c
🔍 Latest deploy log https://app.netlify.com/projects/zcash-zips-qedit/deploys/691f663f51c8c300089450d0
😎 Deploy Preview https://deploy-preview-128--zcash-zips-qedit.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@vivek-arte vivek-arte mentioned this pull request Nov 19, 2025
Draft
PaulLaux
PaulLaux approved these changes Nov 20, 2025
View reviewed changes
Copy link

@PaulLaux PaulLaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good work. Minor comments

zips/zip-0228.rst Outdated

We protect against the malleation of the ``timeLimit`` field by a malicious matching party by including the time limit inside the Action Group Hash that is signed using the Spend Authorization Signature (see more details in `Rationale for Time Limit`_).
The security of the Spend Authorization Signature and the collision resistance of the BLAKE2b-256 hash then ensures that the time limit remains the same as the one mandated by the creator of the Swap Order.
We protect against the malleation of the ``nAGExpiryHeight`` field by a malicious matching party by including the expiry height inside the Action Group Hash that is signed using the Spend Authorization Signature (see more details in `Rationale for Expiry Height`_).
Copy link

@PaulLaux PaulLaux Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is it actually done for ZSA?

Copy link
Author

@vivek-arte vivek-arte Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, see ZIP 246: T.4a.v in the spec, and this line in the orchard implementation:
https://github.com/QED-it/orchard/blob/a02fdf1f873d58167887abe23a8a7e0b9c1a0a36/src/primitives/orchard_primitives_zsa.rs#L108

Copy link
Author

@vivek-arte vivek-arte Nov 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I noticed there is a change needed in the sentence though, need to replace Action Group Hash with v1 Signature Digest. Made this change

@vivek-arte vivek-arte merged commit 65e446b into asset_swaps Nov 20, 2025
4 of 5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PaulLaux PaulLaux PaulLaux approved these changes

Assignees

No one assigned

Labels

Swaps

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vivek-arte @PaulLaux