The concept of an Ethereum nullifier is derived from the concept of a revealed commitment.
There is a nullifier computed for every input note. Moreover, the nullifier of any output note
cannot collide with any other nullifier. However, there are several methods to compute the
nullifier for an input note. This article will discuss some of these methods. Also, you will learn
about Commitment-nullifier scheme and Transaction reversal.
To create a public proof of message authenticity, cryptographic accumulators can be used.
Each of these accumulators is based on a hashing function. The hash function takes the input
as a sequence of prime numbers, and maps it to a set. The prime representative of b_i is
H(b_i), and it can be computed in O(n) exponentiations in the Hash function $Gho$. This
process can also be performed on a witness, which is an accumulator of set $T setminus b_i$.
RSA accumulators can be used for the same purpose. As with a hash function, a cryptographic
accumulator has interesting properties that make it a good candidate for decentralized
systems. RSA accumulators are essentially hash functions for sets, and they can take any size
message as input and output a fixed-size value. In cryptographic systems, these functions are
an efficient way to generate proofs of integrity.
A sentee can also send a RSA accumulator to a’smart contract’. A smart contract requires the
sender to provide a nullifier before sending or receiving a combination of assets. The smart
contract also requires that the sentee nullify the combined asset token commitment Z once,
because Z’ is already present in the token commitments data structure. If nullifier N exists,
then the recipient is unable to send or receive funds from him.
A pre-nullifier is generated from a set of created records. The recipient of the transaction can
generate and submit proofs of the pre-nullifier and the entire transaction. In order to reveal a
pre-nullifier, the transaction creator must first create a set of commitments. These
commitments must be anonymous. If the inputs are not, they are equivalent to the
commitments that are created in a nullifier transaction. Further anonymity can be achieved by
generating a dummy transaction spending or creating an identical record.
Quadratic arithmetic program (QAP)
The Pinocchio protocol implements QAP as its proof algorithm. QAP is a zero-knowledge proof
algorithm. A well-known theorem guarantees that the probability of incorrectly accepting any
polynomial is low. Gabizon discusses two methods to make QAP’s more reliable: blinding the
Verifier and restricting the Prover’s polynomials.
The Commitment-nullifier scheme is a new privacy mechanism introduced in the Ethereum
blockchain. The scheme consists of a set of created records, each with a pre-nullifier. In
exchange for the pre-nullifier, a transaction creator can disclose the transaction’s entire proof
to the recipient. The recipient then uses the proof to generate the post-nullifier. The pre-
nullifier is a unique string of 32 bytes, which is encrypted by the network, while the post-
nullifier proves that the transaction was created. This privacy scheme is effective, but has one
The Commitment-nullifier scheme uses a hash function to determine the owner of an UTXO. It
also includes the hash function Poseidon, which is the lowest-cost hash in SNARK. The sender
must have a private key to generate a Zkopru transaction, but it will need to have a nullifier
seed to prove ownership.
The Commitment-nullifier scheme uses a random number, or a binding factor, to prevent
multiple ‘guessing’ attempts. The nullifier is stored in the contract. If someone has more than
one ‘number’, they can spend a note with two different nullifiers, or commit to another note. A
committer must have a zero-knowledge proof of authorization before spending a note, or else
they’ll lose their investment.
The RSA-based commitment scheme has a homomorphic property with respect to the
multiplication operation. Therefore, the commitment can be proved if a fraction of the value
committed is revealed. However, in some cases, the secret value X is a vector of separable
values. For this reason, the Commitment-nullifier scheme in Ethereum is not perfect. Its
efficiency is based on the small space of the values in the transaction.
Ethereum Nullifier is a feature that allows you to undo a transaction after it has been sent. The
vulnerability in Ethereum occurred during the fund transfer process, where the recipient could
have added infinite ethers to his/her account. The reversal of a transaction in Ethereum is a
powerful way to protect coins and minimize the risk of losing them. This feature has also
enabled traders to invest in the cryptocurrency.
The Anonymity property of the Ethereum nullifier is a key component of the Bitcoin protocol.
Anonymity refers to the ability of a recipient to not identify or link the contents of a message.
While it may not be possible to fully eliminate the threat of tampering, it is a useful feature for
centralized and decentralized environments. In this article, we will discuss the various aspects
of anonymity and how it works in the Ethereum protocol.