spec: fix tilde rendering

The original LaTeX works for me locally outside of mdbook, so I thought there must be an issue perhaps with mdbook-katex. I've replicated using the same version of mdbook-katex that CI is using that the `\tilde`s don't render, but the `\widetilde`s _do_ render, so I've switched to those across the protocol documentation.
penumbra-zone · Jul 21, 2023 · eb81482 · eb81482
1 parent d4a60b5
commit eb81482
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 13 deletions.
diff --git a/docs/protocol/src/crypto/flow/ideal.md b/docs/protocol/src/crypto/flow/ideal.md
@@ -52,12 +52,11 @@ the specific instantiation.
 ###### `FlowEnc/Encrypt`
 
 This an algorithm run by users. On input an encryption key $D$ and the opening
-$(v, \widetilde v)$
+$(v, \widetilde{v})$
 to a Pedersen commitment $C$, this algorithm outputs a
 ciphertext $E = \operatorname{Enc}(v)$ and a proof $\pi_{\operatorname{Enc}}$ which establishes that
 $E = \operatorname{Enc}(v)$ is well-formed and is consistent, in the sense that it
-encrypts the same value committed to by $C = \operatorname{Commit}(v, \widetilde
-v)$.
+encrypts the same value committed to by $C = \operatorname{Commit}(v, \widetilde{v})$.
 
 We assume that all ciphertexts are submitted to the ledger, which verifies 
 $\pi_{\operatorname{Enc}}$ along with any other application-specific validity

diff --git a/docs/protocol/src/protocol/action_descriptions/outputs.md b/docs/protocol/src/protocol/action_descriptions/outputs.md
@@ -15,7 +15,7 @@ The output proof demonstrates the properties enumerated below for the private wi
 * Diversified basepoint $B_d \isin \mathbb G$ corresponding to the address
 * Transmission key $pk_d \isin \mathbb G$ corresponding to the address
 * Clue key $\mathsf{ck_d} \isin \mathbb F_q$ corresponding to the address
-* Blinding factor $\tilde v \isin \mathbb F_r$ used to blind the balance commitment
+* Blinding factor $\widetilde{v} \isin \mathbb F_r$ used to blind the balance commitment
 
 And the corresponding public inputs:
 

diff --git a/docs/protocol/src/protocol/action_descriptions/swap.md b/docs/protocol/src/protocol/action_descriptions/swap.md
@@ -16,7 +16,7 @@ The swap proof demonstrates the properties enumerated below for the private witn
   * Diversified basepoint $B_d \isin \mathbb G$ corresponding to the claim address
   * Transmission key $pk_d \isin \mathbb G$ corresponding to the claim address
   * Clue key $\mathsf{ck_d} \isin \mathbb F_q$ corresponding to the claim address
-* Fee blinding factor $\tilde v_f \isin \mathbb F_r$ used to blind the fee commitment
+* Fee blinding factor $\widetilde{v_f} \isin \mathbb F_r$ used to blind the fee commitment
 
 And the corresponding public inputs:
 

diff --git a/docs/protocol/src/protocol/action_descriptions/undelegate_claim.md b/docs/protocol/src/protocol/action_descriptions/undelegate_claim.md
@@ -7,7 +7,7 @@ Each undelegate claim contains a UndelegateClaimBody and a zk-SNARK undelegate c
 The undelegate claim proof demonstrates the properties enumerated below for the private witnesses known by the prover:
 
 * Unbonding amount $v_u$ interpreted as an $\mathbb F_q$
-* Balance blinding factor $\tilde v \isin \mathbb F_r$ used to blind the balance commitment
+* Balance blinding factor $\widetilde{v} \isin \mathbb F_r$ used to blind the balance commitment
 
 And the corresponding public inputs:
 

diff --git a/docs/protocol/src/protocol/value_commitments.md b/docs/protocol/src/protocol/value_commitments.md
@@ -52,23 +52,23 @@ map-to-group method.
 
 We use the value generator associated to an asset ID to construct homomorphic
 commitments to (typed) value.  To do this, we first define the *blinding
-generator* $\tilde V$ as
+generator* $\widetilde{V}$ as
 ```
 V_tilde = decaf377_encode_to_curve(from_le_bytes(blake2b(b"decaf377-rdsa-binding")))
 ```
 
 The commitment to value $(v, \mathsf a)$, i.e., amount $v$ of asset $\mathsf a$,
-with blinding factor $\tilde v$, is the Pedersen commitment
+with blinding factor $\widetilde{v}$, is the Pedersen commitment
 $$
-\operatorname {Commit}_{\mathsf a}(v, \tilde v) = [v]V_{\mathsf a} + [\tilde v]\tilde V.
+\operatorname {Commit}_{\mathsf a}(v, \widetilde{v}) = [v]V_{\mathsf a} + [\widetilde{v}]\widetilde{V}.
 $$
 
 These commitments are homomorphic, even for different asset types, say values
 $(x, \mathsf a)$ and $(y, \mathsf b)$:
 $$
-([x]V_{\mathsf a} + [\tilde x]\tilde V) + ([y] V_{\mathsf b} + [\tilde y]\tilde V)
+([x]V_{\mathsf a} + [\widetilde{x}]\widetilde{V}) + ([y] V_{\mathsf b} + [\widetilde{y}]\widetilde{V})
 = 
-[x]V_{\mathsf a} + [y] V_{\mathsf b} + [\tilde x + \tilde y]\tilde V.
+[x]V_{\mathsf a} + [y] V_{\mathsf b} + [\widetilde{x} + \widetilde{y}]\widetilde{V}.
 $$
 Alternatively, this can be thought of as a commitment to a (sparse) vector
 recording the amount of every possible asset type, almost all of whose
@@ -78,8 +78,7 @@ coefficients are zero.
 
 Finally, we'd like to be able to prove that a certain value commitment $C$ is a
 commitment to $0$.  One way to do this would be to prove knowledge of an opening
-to the commitment, i.e., producing $\tilde v$ such that $$C = [\tilde v] \tilde
-V = \operatorname{Commit}(0, \tilde v).$$  But this is exactly what it means to
+to the commitment, i.e., producing $\widetilde{v}$ such that $$C = [\widetilde{v}] \widetilde{V} = \operatorname{Commit}(0, \widetilde{v}).$$  But this is exactly what it means to
 create a Schnorr signature for the verification key $C$, because a Schnorr
 signature is a proof of knowledge of the signing key in the context of the
 message.