NUT-12 DLEQ: 'r' refers to the mint's random nonce, and also to Alice's blinding factor. Rename one of them to avoid confusion

[SatsAndSports]

Update: 2025-11-25: instead of the note, this PR now just renames one of the variables, so that we no longer have two different variables with the same name

In NUT-00, r refers to the blinding factor which Alice's uses to blind and unblind. This is also used in this NUT-12 when Alice sends her blinding factor to Carol. This is not shared with the mint.

But the DLEQ proof here in NUT-12 also reuses r to refer to the random nonce selected by Bob the mint, and Bob doesn't share this with Alice or Carol.

Two different variables with the same name (r) is confusing

This PR rename's Bob's (the mint) r to m to ensure that this isn't confused with Alice's r

[SatsAndSports]

@SatsAndSports it's the same r. Bob doesn't decide r. Bob produces the DLEQ without it.

Bob is the mint, and here are the steps performed by Bob:

As those steps are performed by Bob the mint, then it means that this r is selected by Bob while Bob is computing the (e,s) to send to Alice

[SatsAndSports]

@SatsAndSports I don't think there is any room for confusion, because in the context of the creation of the ZK proof, Bob can't possibly refer to Alice's r as he doesn't know it. The blinding factor is not a concept for the Mint, at all. It only exists for the wallet.

So you agree that this NUT-12 uses r twice, to refer to two different variables (the mint-selected nonce for DLEQ, and also the blinding factor selected by Alice)?

If you agree with that, than I think we make it a little clearer by renaming one of them. So this PR now changes the mint-selected nonce from r to m (for mint)

Some readers, and perhaps coding agents, might be confused as they have the same name

[SatsAndSports]

Yes but i wouldn't call it m. Changing it to k would be more appropriate, or r'.

Renamed from m to k, as suggested