ZIP 315 work-in-progress: discussion of address management.

Signed-off-by: Daira-Emma Hopwood <[email protected]>
zcash · Feb 4, 2025 · e3167b7 · e3167b7
1 parent 998a97f
commit e3167b7
Showing 1 changed file with 26 additions and 0 deletions.
diff --git a/zips/zip-0315.rst b/zips/zip-0315.rst
@@ -170,6 +170,30 @@ in any case due to padding of the number of inputs from a given
 shielded pool.
 
 
+Address management
+------------------
+
+Zcash wallets SHOULD only use addresses generated deterministically from a
+seed as specified in ZIP 32 [#zip-0032]_. The discussion of address management
+below assumes this is the case.
+
+The general framework specified in ZIP 32 is that addresses are derived in
+a hierarchy [#zip-0032-wallet-usage]_, following a similar structure to that
+defined by BIP 44. Each `account` in the derivation path represents a distinct
+spending authority. Funds within an account are differentiated according to the
+protocol under which the TXOs that contributed to the account balance were
+created, but TXOs are not managed individually except when it is required
+to select funds from a specific shielded pool in order to reduce information
+leakage.
+
+ZIP 316 specifies that when generating a Unified Address, the same diversifier
+index MUST be used for each Receiver. [#zip-0316-deriving-a-unified-address]_
+This has the consequence that, for wallets that implement address rotation,
+care must be taken to avoid accidentally leaking information that allows an
+observer to link the ownership of addresses that are intended by the wallet
+user to be unrelated to one another.
+
+
 Trusted and untrusted TXOs
 --------------------------
 
@@ -695,7 +719,9 @@ References
 
 .. [#BCP14] `Information on BCP 14 — "RFC 2119: Key words for use in RFCs to Indicate Requirement Levels" and "RFC 8174: Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words" <https://www.rfc-editor.org/info/bcp14>`_
 .. [#zip-0032] `ZIP 32: Shielded Hierarchical Deterministic Wallets <zip-0032.rst>`_
+.. [#zip-0032-wallet-usage] `ZIP 32: Shielded Hierarchical Deterministic Wallets — Specification: Wallet usage <zip-0032#specification-wallet-usage>`_
 .. [#zip-0203] `ZIP 203: Transaction Expiry <zip-0203.rst>`_
 .. [#zip-0316] `ZIP 316: Unified Addresses and Unified Viewing Keys <zip-0316.rst>`_
+.. [#zip-0316-deriving-a-unified-address] `ZIP 316: Unified Addresses and Unified Viewing Keys — Deriving a Unified Address from a UIVK <zip-0316-deriving-a-unified-address-from-a-uivk.rst>`_
 .. [#zip-0317] `ZIP 317: Proportional Transfer Fee Mechanism <zip-0317.rst>`_
 .. [#zip-0320] `ZIP 320: Defining an Address Type to which funds can only be sent from Transparent Addresses <zip-0320.rst>`_