ZIP: 209 Title: Prohibit Negative Shielded Value Pool Owners: Sean Bowe <firstname.lastname@example.org> Status: Final Category: Consensus Created: 2019-02-25 License: MIT
The key words "MUST", "SHOULD", "SHOULD NOT", and "MAY" in this document are to be interpreted as described in RFC 2119. 1
The term "block chain" and "network upgrade" are to be interpreted as defined in 3.
The "Sprout value pool balance" for a given block chain, as implied by section 4.11 of the Zcash Protocol Specification 2, is the sum of all
vpub_old fields for transactions in the block chain, minus the sum of all
vpub_new fields for transactions in the block chain.
The "Sapling value pool balance" for a given block chain, as implied by section 4.12 of Zcash Protocol Specification 2, is the negation of the sum of all
valueBalance fields for transactions in the block chain.
This proposal defines how the consensus rules are altered such that blocks which produce negative shielded value pools are prohibited.
It is possible for nodes to monitor the total value of notes that are shielded to, or unshielded from, each of the Sprout or Sapling value pools. If the total value that is unshielded exceeds the total value that was shielded for a given pool, a balance violation has occurred in the corresponding shielded transaction protocol.
It would be preferable for the network to reject blocks that result in the aforementioned balance violation. However, nodes do not currently react to such an event. Remediation may therefore require chain rollbacks and other disruption.
If the "Sprout value pool balance" or "Sapling value pool balance" would become negative in the block chain created as a result of accepting a block, then all nodes MUST reject the block as invalid.
Nodes MAY relay transactions even if one or more of them cannot be mined due to the aforementioned restriction.
This consensus rule is not deployed as part of a network upgrade as defined in ZIP-200 3 and there is no mechanism by which the network will synchronize to enforce this rule. Rather, all nodes should begin enforcing this consensus rule upon acceptance of this proposal.
There is a risk that before all nodes on the network begin enforcing this consensus rule that block(s) will be produced that violate it, potentially leading to network fragmentation. This is considered sufficiently unlikely that the benefits of enforcing this consensus rule sooner are overwhelming.
|1||Key words for use in RFCs to Indicate Requirement Levels|
|2||Zcash Protocol Specification, Version 2019.0-beta-37 [Overwinter+Sapling]|
|3||ZIP 200: Network Upgrade Mechanism|