From 0e48396f7e59ef1c2ab0bc00e0a828d26d6bbc75 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 28 Sep 2015 12:05:20 +0200 Subject: [PATCH] more clarifications --- doc/paper/taler.tex | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/paper/taler.tex b/doc/paper/taler.tex index 0dc7686bc..f820aedd7 100644 --- a/doc/paper/taler.tex +++ b/doc/paper/taler.tex @@ -712,8 +712,8 @@ withdraw funds, those can also be used with Taler. A customer can spend coins at a merchant, under the condition that the merchant trusts the specific mint that minted the coin. Merchants are -identified by their public key $M := (m_s, M_p)$, which must be known -to the customer apriori. +identified by their key $M := (m_s, M_p)$ where the public key $M_p$ +must be known to the customer apriori. The following steps describe the protocol between customer, merchant and mint for a transaction involving a coin $C := (c_s, C_p)$, which was previously signed @@ -854,7 +854,7 @@ generator of the elliptic curve. \item \label{step:refresh-done} If the commitments were consistent, the mint sends the blind signature $\widetilde{C} := S_{K}(B^{(\gamma)})$ to the customer. Otherwise, the mint responds - with an error the value of $C'$. + with an error indicating the location of the failure. \end{enumerate} %\subsection{N-to-M Refreshing} @@ -1147,7 +1147,7 @@ coin first. in the form of existing \emph{deposit-permission} or lock-permission records for $\widetilde{C}$. If such records exist and indicate that insufficient funds are left, the mint sends those - records to the merchant, who can then use it prove the double + records to the merchant, who can then use the records to prove the double spending to the customer. If double spending is not found,