The ins and outs each have amounts, so you can add that up.
Transaction
input(a1=5 XMR, random=6 XMR) output( g1=3 XMR, a3=1 XMR, keyImage_a1 )
ringSing(pub a1, pub random and private a1)
using VER and LNK everybody can verify that a1 holds 5 XMR, so I'm able to spend 4 XMR and miner can take 1 XMR fee ?
implies a1 was used (because I can't spend random)
implies a1_priv * H_p(A1_pub) = keyImage_a1
Am I missing something ?
I'm not sure of your notation here Is 'random' a foreign output used for a ring sig? In that case, that's not how it works. Each input uses a separate ring sig, with other outputs of the same same.
And what does g1 (or a3 for that matter) denote on your output?
g1(I pay for god) and a3(my new address) does not matter.
Okay well like I said, each input will have it own set of foreign outputs used for mixing. Such outputs will all be of the same size, so this doesn't change the amount of the transaction, just its possible funding sources. Perhaps you want to revise your example?
Please can you make example:
1) I have unspent output 5 XMR, I want to pay 3 XMR for goods and 1 XMR transaction fee.
2) I want obscure my payment with 1 foreign input what holds 6 XMR.
You can't do #2 with the the protocol works today. There is a modification from gmaxwell that allows using foreign outputs of different sizes but it isn't implemented anywhere AFAIK.
Your foreign ouputs need to be of the same size.
So we would have (borrowing some of your notation)
tx(input(ring(a1(5 XMR),f1(5 XMR),f2(5 XMR),f3(5 XMR)) -> output(r1(3 XMR),c1(1 XMR)))
a1 = our own upspent output
f1..f3 = foreign outputs of size equal to a1
r1 = output owned by recipient
c1 = change output owned by us
We could also include additional inputs (and generate more change) if we wanted to further obscure the amount of the transaction.
Did you forgot to add keyImage for a1 ? Or how can be this transaction verified ?