[Done][doc] Chinese Translation (#3122)
* Create grin4bitcoiners_ZH-CN * Rename grin4bitcoiners_ZH-CN to grin4bitcoiners_ZH-CN.md * Create contract_ideas_ZH-CN.md Chinese translation * Create coinbase_maturity_ZH-CN.md * Create contracts_ZH-CN.md * Create stratum_ZH-CN.md * Create switch_commitment_ZH-CN.md * Create table_of_contents_ZH-CN.md * Update contracts_ZH-CN.md * Update contracts.md * Chinese Translation added * Update coinbase_maturity_ZH-CN.md * Update coinbase_maturity.md * Update switch_commitment_ZH-CN.md * Update switch_commitment.md * Update switch_commitment_ZH-CN.md * Update switch_commitment_ZH-CN.md * Update contracts_ZH-CN.md * Update coinbase_maturity_ZH-CN.md * Update table_of_contents_ZH-CN.md * Create table_of_contents.md * Delete table_of_contents_.md * Update switch_commitment_ZH-CN.md * Update stratum_ZH-CN.md * Update stratum.md * Update coinbase_maturity_ZH-CN.md * Update coinbase_maturity_ZH-CN.md * Update contracts_ZH-CN.md * Update switch_commitment_ZH-CN.md
This commit is contained in:
committed by
Quentin Le Sceller
parent
81a2bbd5e8
commit
a73a54a10e
@@ -1,5 +1,7 @@
|
||||
# Introduction to Switch Commitments
|
||||
|
||||
*Read this in other languages: [简体中文](switch_commitment_ZH-CN.md).*
|
||||
|
||||
## General introduction
|
||||
|
||||
In cryptography a _Commitment_ (or _commitment scheme_) refers to a concept which can be imagined
|
||||
@@ -63,12 +65,12 @@ which can be weaker or stronger, depending on the type of commitment scheme:
|
||||
- **Hidingness (or Confidentiality):** How good is the commitment scheme protecting the secret
|
||||
commitment. Or speaking in terms of our example from above: what would an attacker need to
|
||||
open the box (and learn the secret number) without having the key to unlock it?
|
||||
|
||||
|
||||
- **Bindingness:** Is it possible at all (or how hard would it be) for an attacker to somehow
|
||||
find a different secret, which would produce the same commitment, so that the attacker could
|
||||
later open the commitment to a different secret, thus breaking the _binding_ of the
|
||||
commitment.
|
||||
|
||||
|
||||
### Security of these properties:
|
||||
|
||||
For these two properties different security levels can be identified.
|
||||
@@ -229,7 +231,7 @@ and create the Pedersen Commitment:
|
||||
such that:
|
||||
|
||||
r = r' + hash( v*H + r'*G , r'*J )
|
||||
|
||||
|
||||
(using the additional third generation point `J` on the curve) then `r` still is perfectly
|
||||
valid as a blinding factor, as it's still randomly distributed, but now we see
|
||||
that the part within the brackets of the hash function (`v*H + r'*G , r'*J`) is an
|
||||
@@ -280,6 +282,7 @@ But in this case users would still have a choice:
|
||||
(but preserve their privacy, as their old transactions only validated the Pedersen commitment
|
||||
which is perfectly hiding)
|
||||
|
||||
|
||||
There are many cases where a privacy leak is much more dangerous to one's life than
|
||||
some cryptocurrency might be worth. But this is a decision that should be left up to
|
||||
the individual user and switch commitments enable this type of choice.
|
||||
|
||||
Reference in New Issue
Block a user