14:49:00 <slave_blocker> hello good day,
14:49:33 <slave_blocker> i just finished translating zero to Monero from english to portuguese.
14:49:35 <slave_blocker> :)
14:53:11 <slave_blocker> i dont understand the most of the things of the 2nd part of ztm v2 .
14:53:58 <slave_blocker> so i guess i will force mzself to understand them so i can translate them and expose them verbatim...
14:54:48 <slave_blocker> so i started now with the transaction proofs...
14:55:33 <slave_blocker> (besides that all this was done in lyx and i guess i should somehow merge it to overleaf)
14:56:06 <slave_blocker> so when doing transaction proofs what is a domain separator?
14:58:38 <slave_blocker> (i am mucho more interested in randomx and bulletproofs, but i guess first things first)
15:00:53 <UkoeHB> slave_blocker: I'd say only ch8 is worth translating from the second part. Multisig is way outdated now, and txtangle is pretty impractical.
15:03:42 <UkoeHB> A domain separator is a string you append/prepend to a hash transcript (i.e. string of data to be hashed) so that the hash function behaves like a unique hash function. In practice it means if two separate use-cases of a hash function just so happen to hash the same data (e.g. elliptic curve point), then the output will be different.
15:04:52 <slave_blocker> oh i see
15:05:31 <UkoeHB> It's considered modern best practice to always domain separate uses of a hash function, even if there are no known attacks/problems that can arise.
15:06:40 <UkoeHB> Some people even go beyond that and embed the transcript serialization details in the hash data (e.g. vector lengths, etc.).
15:14:56 <moneromooo> It's basically a salt.