From fe7962ce09c696e22b35201bc8cd881772127384 Mon Sep 17 00:00:00 2001
From: callebtc <93376500+callebtc@users.noreply.github.com>
Date: Sat, 24 Sep 2022 09:07:12 +0300
Subject: [PATCH 1/2] notation

---
 docs/README.md | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 docs/README.md

diff --git a/docs/README.md b/docs/README.md
new file mode 100644
index 0000000..6e3f5b3
--- /dev/null
+++ b/docs/README.md
@@ -0,0 +1,25 @@
+# Notation
+
+Sending user: `Alice`
+Receivung user: `Carol`
+Mint: `Bob`
+
+## Bob (mint)
+- `k` private key of mint (one for each supported amount)
+- `K` public key of mint
+- `Q` promise (blinded signature)
+
+## Alice (user)
+- `x` random string (secret message), corresponds to point `Y` on curve
+- `r` private key (blinding factor)
+- `T` blinded message
+- `Z` proof (unblinded signature)
+
+# Blind Diffie-Hellmann key exchange (BDH)
+-   Mint `Bob` publishes `K = kG` 
+-   `Alice` picks secret `x` and computes `Y = hash_to_point(x)` 
+-   `Alice` sends to `Bob`: `T = Y + rG` with `r` being a random nonce
+-   `Bob` sends back to `Alice` blinded key: `Q = kT` (these two steps are the DH key exchange)
+-   `Alice` can calculate the unblinded key as `Q - rK = kY + krG - krG = kY = Z`
+-   Alice can take the pair `(x, Z)` as a token and can send it to `Carol`.
+-   `Carol` can send `(x, Z)` to `Bob` who then checks that `k*hash_to_point(x) == Z`, and if so treats it as a valid spend of a token, adding `x`  to the list of spent secrets.
\ No newline at end of file

From 7d97851e198aa9a846d346830a579db5a4f53628 Mon Sep 17 00:00:00 2001
From: callebtc <93376500+callebtc@users.noreply.github.com>
Date: Sat, 24 Sep 2022 09:10:26 +0300
Subject: [PATCH 2/2] docs init

---
 README.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/README.md b/README.md
index c10c895..3039bfc 100644
--- a/README.md
+++ b/README.md
@@ -6,6 +6,9 @@
 
 Cashu is an Ecash implementation based on David Wagner's variant of Chaumian blinding. Token logic based on [minicash](https://github.com/phyro/minicash) ([description](https://gist.github.com/phyro/935badc682057f418842c72961cf096c)) which implements a [Blind Diffie-Hellman Key Exchange](https://cypherpunks.venona.com/date/1996/03/msg01848.html) scheme written down by Ruben Somsen [here](https://gist.github.com/RubenSomsen/be7a4760dd4596d06963d67baf140406). The database mechanics and the Lightning backend uses parts from [LNbits](https://github.com/lnbits/lnbits-legend).
 
+## Cashu client protocol
+There are ongoing efforts to implement alternative Cashu clients that use the same protocol such as a [Cashu Javascript wallet](https://github.com/motorina0/cashu-js-wallet). If you are interested in helping with Cashu development, please see the [docs](docs/) for the notation and conventions used. 
+
 ## Easy Install
 
 The easiest way to use Cashu is to install the package it via pip: