LNPBP-1: Formatting fixes

lnpbp-0001.md

@@ -129,21 +129,21 @@ and a protocol-specific `tag`, known to both parties, **commit procedure** runs
 as follows:
 
 1. Reduce set `P` to `P*` by removing all duplicated public keys.
-2. Compute a sum `S` of all unique public keys in set `P*`; fail the protocol if  
+2. Compute a sum `S` of all unique public keys in set `P*`; fail the protocol if
    an overflow over elliptic curve generator point order happens during the 
    procedure.
 3. Construct a byte string `lnpbp1_msg`, composed of the original message
-   prefixed with a single SHA256 hash of `LNPBP1` string and a single SHA256 
-   hash of protocol-specific tag: 
+   prefixed with a single SHA256 hash of `LNPBP1` string and a single SHA256
+   hash of protocol-specific tag:  
    `lnpbp1_msg = SHA256("LNPBP1") || SHA256(tag) || msg`
 4. Compute HMAC-SHA256 of the `lnbp1_msg` using sum of public keys `S`. The 
-   resulting value is named **tweaking factor** `f`: 
+   resulting value is named **tweaking factor** `f`:  
    `f = HMAC-SHA256(lnpbp1_msg, S)`
 5. Make sure that the tweaking factor is less than order `n` of a generator 
    point of the used elliptic curve, such that no overflow can happen when it is 
    added to the original public key. If the order is exceeded, fail the protocol
    indicating the reason of failure.
-6. Multiply the tweaking factor on the used elliptic curve generator point `G`: 
+6. Multiply the tweaking factor on the used elliptic curve generator point `G`:  
    `F = G * f`
 7. Check that the result of 5 is not equal to the point-at-infinity; otherwise 
    fail the protocol, indicating the reason of failure, such that the protocol 
@@ -155,7 +155,7 @@ as follows:
    indicating the reason of failure, such that the protocol may be run with 
    another initial public key set.
 
-The final formula for the commitment is:
+The final formula for the commitment is:  
 `T = Po + G * HMAC-SHA256(SHA256("LNPBP1") || SHA256(tag) || msg, S)`
 
 ### Verification procedure
@@ -426,9 +426,9 @@ Authors would like to thank:
    with Pegged Sidechains (commit5620e43). Appenxix A. 
    <https://blockstream.com/sidechains.pdf>.
 4. Pieter Wuille. Schnorr Signatures for secp256k1.
-   <https://github.com/sipa/bips/blob/master/bip-340.mediawiki>
+   <https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki>
 5. Pieter Wuille. Taproot: SegWit version 1 spending rules.
-   <https://github.com/sipa/bips/blob/master/bip-341.mediawiki>
+   <https://github.com/bitcoin/bips/blob/master/bip-0341.mediawiki>
 6. RGB Protocol Specification, version 0.4. "Commitment Scheme" section.
    <https://github.com/rgb-org/spec/blob/old-master/01-rgb.md#commitment-scheme>
 7. <https://github.com/rgb-org/spec/issues/61>
@@ -439,79 +439,74 @@ Authors would like to thank:
 This document is licensed under the Creative Commons CC0 1.0 Universal license.
 
 
-## Test vectors
+## Appendix A. Test vectors
 
 All tests done with protocol-specific `tag` value equal to `ProtoTag`. Values
 for public keys are given in standard compressed pre-Shorr's Bitcoin encoding 
 format; values for tweaking factors are given in little-endian byte order.
 
-### Correct test vectors
+### 1. Correct test vectors
 
-1. Zero-length message
+#### 1.1. Zero-length message
 
-  1.1. Single public key #1
-    - Original public key: 
-      `03ab1ac1872a38a2f196bed5a6047f0da2c8130fe8de49fc4d5dfb201f7611d8e2`
-    - Tweaked public key with the commitment:
-      `025d69da2890f85928cb492545a13bd6782168b39d52e69fadd1d3fcb3b1bf9268`
-    - Tweaking factor value:
-      `9ff4c975950ec102b5eb39df2f976948b2c1a6e3f92ef5bf5af0e1241380dbcf`
-
-  1.2. Single public key #2
-    - Original public key: 
-      `039729247032c0dfcf45b4841fcd72f6e9a2422631fc3466cf863e87154754dd40`
-    - Tweaked public key with the commitment:
-      `032fdf6c4023453b869294ddd28684f98fcaca604c2cd734c8dd64b8520547b0b4`
-    - Tweaking factor value:
-      `11db141cfe0143f60e9e9f9db478630033fc65eb4f682905e9044c87869459a5`
-
-  1.3. Set of five public keys
-    - Original public key: 
-      `02383b24fbea14253ac37b0d421263b716a34192516ea0837021a40b5966a06f5e`
-    - Key set: 
-      * `02383b24fbea14253ac37b0d421263b716a34192516ea0837021a40b5966a06f5e`
-      * `025b178dfaa49e959033cc2ba8b06d78b8b9242496329a574eb8e2b4fad4f88b6f`
-      * `03ec8b1cf223dc3cd8eb6d7c5fb11735e983c234b69271a3decad8bbfb2b997994`
-      * `021ce48f4b53257be01ccb237986c1b9677a9e698fb962b108d6b2fbdc836727d8`
-      * `0388a0fc8d3ba29a93ad07dbad37a6d4b87f2e2672b15d331d1f6bf4f2c9119ffe`
-    - Tweaked public key with the commitment:
-      `03c153beef57c268ee9a2a68940f2aa7b052ce14c676a27cfe5010c53b41476238`
-    - Tweaking factor value:
-      `a18417ae90cf36a45311ccc3a911a8ebb1b7afa02c6d79d1d1bd08b2abf67e94`
-
-  1.4. Set of same five public keys, using different original key from the set
-    - Original public key: 
-      `025b178dfaa49e959033cc2ba8b06d78b8b9242496329a574eb8e2b4fad4f88b6f`
-    - Key set: 
-      * `02383b24fbea14253ac37b0d421263b716a34192516ea0837021a40b5966a06f5e`
-      * `025b178dfaa49e959033cc2ba8b06d78b8b9242496329a574eb8e2b4fad4f88b6f`
-      * `03ec8b1cf223dc3cd8eb6d7c5fb11735e983c234b69271a3decad8bbfb2b997994`
-      * `021ce48f4b53257be01ccb237986c1b9677a9e698fb962b108d6b2fbdc836727d8`
-      * `0388a0fc8d3ba29a93ad07dbad37a6d4b87f2e2672b15d331d1f6bf4f2c9119ffe`
-    - Tweaked public key with the commitment:
-      `03a224242255c9a024d4e2723c17faa09082b60bf91cea23ce558c9cff3a9627bf`
-    - Tweaking factor value:
-      `a18417ae90cf36a45311ccc3a911a8ebb1b7afa02c6d79d1d1bd08b2abf67e94`
-
-2. Message consisting of a single zero byte
-
-  2.1. Single public key #1
+1) Single public key #1
+  - Original public key: 
+    `03ab1ac1872a38a2f196bed5a6047f0da2c8130fe8de49fc4d5dfb201f7611d8e2`
+  - Tweaked public key with the commitment:
+    `025d69da2890f85928cb492545a13bd6782168b39d52e69fadd1d3fcb3b1bf9268`
+  - Tweaking factor value:
+    `9ff4c975950ec102b5eb39df2f976948b2c1a6e3f92ef5bf5af0e1241380dbcf`
+2) Single public key #2
+  - Original public key: 
+    `039729247032c0dfcf45b4841fcd72f6e9a2422631fc3466cf863e87154754dd40`
+  - Tweaked public key with the commitment:
+    `032fdf6c4023453b869294ddd28684f98fcaca604c2cd734c8dd64b8520547b0b4`
+  - Tweaking factor value:
+    `11db141cfe0143f60e9e9f9db478630033fc65eb4f682905e9044c87869459a5`
+3) Set of five public keys
+  - Original public key: 
+    `02383b24fbea14253ac37b0d421263b716a34192516ea0837021a40b5966a06f5e`
+  - Key set: 
+    * `02383b24fbea14253ac37b0d421263b716a34192516ea0837021a40b5966a06f5e`
+    * `025b178dfaa49e959033cc2ba8b06d78b8b9242496329a574eb8e2b4fad4f88b6f`
+    * `03ec8b1cf223dc3cd8eb6d7c5fb11735e983c234b69271a3decad8bbfb2b997994`
+    * `021ce48f4b53257be01ccb237986c1b9677a9e698fb962b108d6b2fbdc836727d8`
+    * `0388a0fc8d3ba29a93ad07dbad37a6d4b87f2e2672b15d331d1f6bf4f2c9119ffe`
+  - Tweaked public key with the commitment:
+    `03c153beef57c268ee9a2a68940f2aa7b052ce14c676a27cfe5010c53b41476238`
+  - Tweaking factor value:
+    `a18417ae90cf36a45311ccc3a911a8ebb1b7afa02c6d79d1d1bd08b2abf67e94`
+4). Set of same five public keys, using different original key from the set
+  - Original public key: 
+    `025b178dfaa49e959033cc2ba8b06d78b8b9242496329a574eb8e2b4fad4f88b6f`
+  - Key set: 
+    * `02383b24fbea14253ac37b0d421263b716a34192516ea0837021a40b5966a06f5e`
+    * `025b178dfaa49e959033cc2ba8b06d78b8b9242496329a574eb8e2b4fad4f88b6f`
+    * `03ec8b1cf223dc3cd8eb6d7c5fb11735e983c234b69271a3decad8bbfb2b997994`
+    * `021ce48f4b53257be01ccb237986c1b9677a9e698fb962b108d6b2fbdc836727d8`
+    * `0388a0fc8d3ba29a93ad07dbad37a6d4b87f2e2672b15d331d1f6bf4f2c9119ffe`
+  - Tweaked public key with the commitment:
+    `03a224242255c9a024d4e2723c17faa09082b60bf91cea23ce558c9cff3a9627bf`
+  - Tweaking factor value:
+    `a18417ae90cf36a45311ccc3a911a8ebb1b7afa02c6d79d1d1bd08b2abf67e94`
+
+#### 1.2. Message consisting of a single zero byte
+
+1) Single public key #1
     - Original public key: 
       `032564fe9b5beef82d3703a607253f31ef8ea1b365772df434226aee642651b3fa`
     - Tweaked public key with the commitment:
       `0285f7e0a8cdd801e5fbf84602e84de46a036ba47230b2c37f7767a496aeb4e4c5`
     - Tweaking factor value:
       `5639647143cb9dc78aa5d251694fcc053f3887cf27b13750f72a42ef04f7bde1`
-
-  2.2. Single public key #2
+2) Single public key #2
     - Original public key: 
       `0289637f97580a796e050791ad5a2f27af1803645d95df021a3c2d82eb8c2ca7ff`
     - Tweaked public key with the commitment:
       `03fcd2e4c31622fcf9fef43e70dabf1daf8abae5685b15125ba6a0e444783c5f0e`
     - Tweaking factor value:
       `7551544f39a2c3a4d65c34e5915702a825ccbbb914ac581389cbbd98869b4e48`
-
-  2.3. Set of five public keys
+3) Set of five public keys
     - Original public key: 
       `03ff3d6136ffac5b0cbfc6c5c0c30dc01a7ea3d56c20bd3103b178e3d3ae180068`
     - Key set: 
@@ -525,25 +520,23 @@ format; values for tweaking factors are given in little-endian byte order.
     - Tweaking factor value:
       `87a5728772e0d14c9938c50ab29b215d5a0d9f59be7b40d16cc4bcac22e027b1`
 
-3. Message of text string `test`
+#### 1.3. Message of text string `test`
 
-  2.1. Single public key #1
+1) Single public key #1
     - Original public key: 
       `0271efa4e26a4179e112860b88fc98658a4bdbc59c7ab6d4f8057c35330c7a89ee`
     - Tweaked public key with the commitment:
       `02605b2400618ca83f563e997da456c7ae99df9b38a7939ead5bc8e5b8b29f5d45`
     - Tweaking factor value:
       `7090ad6b1c6093e025c3b2f1607f9aea65449139a08ee773c61990e9b6e966d3`
-
-  2.2. Single public key #2
+2) Single public key #2
     - Original public key: 
       `039729247032c0dfcf45b4841fcd72f6e9a2422631fc3466cf863e87154754dd40`
     - Tweaked public key with the commitment:
       `032bf20cd8539c2f3154fbae01e64ea3a492bb2431080c86c3f942571f9635ece7`
     - Tweaking factor value:
       `214570a96bf958124eea266593fd9daed3ee357283b4f89613f99a5d8ac8910a`
-
-  2.3. Set of five public keys
+3) Set of five public keys
     - Original public key: 
       `03f72a42169a0475c4a342f8da97a1c0bce830183efecd0a3d81637b05d7c0d81a`
     - Key set: 
@@ -557,26 +550,25 @@ format; values for tweaking factors are given in little-endian byte order.
     - Tweaking factor value:
       `63ea2d88f3b3969573ef530132989a9281cb499d6bfda4bfc0ade2cbd7bdf26e`
 
-4. Binary messsage, hex encoding (little-endian byte order):
-   `[0xde, 0xad, 0xbe, 0xef]`
+#### 1.4. Binary messsage, hex encoding (little-endian byte order)
+
+Original message for the all cases in this section: `[0xde, 0xad, 0xbe, 0xef]`
 
-  2.1. Single public key #1
+1) Single public key #1
     - Original public key: 
       `0352045bcc58e07124a375ea004b3508ac80e625da2106c74f5cb023498de0545f`
     - Tweaked public key with the commitment:
       `0357f2619c2805794ef65ab7ea7a349f4c1be4cc3f576584f8270f06e830f33e36`
     - Tweaking factor value:
       `14703d20ec36407889e5d7546d59edbfac4e69f211759a1bd783aa65ee1ae36c`
-
-  2.2. Single public key #2
+2) Single public key #2
     - Original public key: 
       `02a153dfe913310b0949de7976146349b95a398cb0de1047290b0f975c172ad712`
     - Tweaked public key with the commitment:
       `0388bcce7da0bc2edd2ff553134c7ae109232f30bda347b39adca6d0d379a86315`
     - Tweaking factor value:
       `627573dc2a7a57e5fe83f415d5f9d0e9ee78e51fd7990e926f09e9b8fe6a12b3`
-
-  2.3. Set of five public keys
+3) Set of five public keys
     - Original public key: 
       `03a9c44838c0ac7417497f770ebd013c91ac715665ec01e740be0e14f44cab2474`
     - Key set: 
@@ -590,12 +582,12 @@ format; values for tweaking factors are given in little-endian byte order.
     - Tweaking factor value:
       `d5218633603181303d06320365fc84d06e0c2bb36c0989ee678a57b799f457a7`
 
-5. Keyset changes
+#### 1.5. Keyset changes
 
-  Commitment creation and validation filters repeated keys and does not depend
-  on the key order (since elliptic curve addition is commutative)
+Commitment creation and validation filters repeated keys and does not depend
+on the key order (since elliptic curve addition is commutative)
 
-  5.1. Set of five public keys containing duplicated keys
+1) Set of five public keys containing duplicated keys
     - Message (binary string, little-endian byte order):
       `[0x00, 0xde, 0xad, 0xbe, 0xef]`
     - Original public key: 
@@ -612,8 +604,7 @@ format; values for tweaking factors are given in little-endian byte order.
       `027f07015596c7a3af8a1da9e4fe1de0695278f94278ce01534b7ac7a530b43399`
     - Tweaking factor value:
       `bc47cf269e70e5e654f3079f7316ddd988c529bf7d8c0efb0ec0759719afaeaa`
-
-  5.1. Set of five public keys in changed order
+2) Set of five public keys in changed order
     - Message (binary string, little-endian byte order):
       `[0x00, 0xde, 0xad, 0xbe, 0xef]`
     - Original public key: 
@@ -629,26 +620,25 @@ format; values for tweaking factors are given in little-endian byte order.
     - Tweaking factor value:
       `bc47cf269e70e5e654f3079f7316ddd988c529bf7d8c0efb0ec0759719afaeaa`
 
-
-### Invalid test vectors
+### 2. Invalid test vectors
 
 All these cases are cases for validation procedure, which must fail.
 
-1. Case #1: commitment key created with a different original public key
+1) Case #1: commitment key created with a different original public key
     - Message: zero-length
     - Original public key: 
       `03ab1ac1872a38a2f196bed5a6047f0da2c8130fe8de49fc4d5dfb201f7611d8e2`
     - Tweaked public key with the commitment:
       `02a8e7b5f006e3c96eb1e336d40a6956dd9c4889dbfb4542b50da0c90cd2ab64fd`
 
-2. Case #2: original key and commitment are valid, but the message was different
+2) Case #2: original key and commitment are valid, but the message was different
     - Message: `test*`
     - Original public key: 
       `032564fe9b5beef82d3703a607253f31ef8ea1b365772df434226aee642651b3fa`
     - Tweaked public key with the commitment:
       `0240c2f382fc5335879c3607479c491dbd9bfb47d32c375f7d99e6d210a91f8780`
 
-3. Case #3: commitment was created with correct message and original public key,
+3) Case #3: commitment was created with correct message and original public key,
    but using different protocol tag
     - Message (binary string, little-endian byte order):
       `[0xde, 0xad, 0xbe, 0xef, 0x00]`
@@ -657,7 +647,7 @@ All these cases are cases for validation procedure, which must fail.
     - Tweaked public key with the commitment:
       `0304d89459380b9d8ff2ebaaf2e20f47ce92dcf0b9dbfde9dbe866513a7819b79c`
 
-4. Case #4: one of original public keys is absent
+4) Case #4: one of original public keys is absent
     - Message: 
       `test`
     - Original public key: 
@@ -671,17 +661,17 @@ All these cases are cases for validation procedure, which must fail.
       `02da1eea3c29872e9d770efe66bfde4ad2b361f0644e81d1b4d95338eb75b813f1`
 
 
-### Edge cases: protocol failures
+### 3. Edge cases: protocol failures
 
 Keyset constructed of a key and it's own negation. 
 
-  - Expected result: 
-    must fail commitment procedure with error indicating that the operation 
-    resulted at the point-at-infinity.
-  - Message: 
-    `test`
-  - Original public key: 
-    `0218845781f631c48f1c9709e23092067d06837f30aa0cd0544ac887fe91ddd166`
-  - Key set: 
-    * `0218845781f631c48f1c9709e23092067d06837f30aa0cd0544ac887fe91ddd166`
-    * `0318845781f631c48f1c9709e23092067d06837f30aa0cd0544ac887fe91ddd166`
+- Expected result: 
+  must fail commitment procedure with error indicating that the operation 
+  resulted at the point-at-infinity.
+- Message: 
+  `test`
+- Original public key: 
+  `0218845781f631c48f1c9709e23092067d06837f30aa0cd0544ac887fe91ddd166`
+- Key set: 
+  * `0218845781f631c48f1c9709e23092067d06837f30aa0cd0544ac887fe91ddd166`
+  * `0318845781f631c48f1c9709e23092067d06837f30aa0cd0544ac887fe91ddd166`