Coins

    The Concept of an Ethereum Nullifier

    AuthorBy Updated:No Comments4 Mins Read

    The concept of an Ethereum nullifier is derived from the concept of a revealed commitment.
    There is a nullifier computed for every input note.     Moreover, the nullifier of any output note
    cannot collide with any other nullifier. However, there are several methods to compute the
    nullifier for an input note. This article will discuss some of these methods. Also, you will learn
    about Commitment-nullifier scheme and Transaction reversal.
    RSA accumulators
    To create a public proof of message authenticity, cryptographic accumulators can be used.
    Each of these accumulators is based on a hashing function. The hash function takes the input
    as a sequence of prime numbers, and maps it to a set. The prime representative of b_i is
    H(b_i), and it can be computed in O(n) exponentiations in the Hash function $Gho$. This
    process can also be performed on a witness, which is an accumulator of set $T setminus b_i$.
    RSA accumulators can be used for the same purpose. As with a hash function, a cryptographic
    accumulator has interesting properties that make it a good candidate for decentralized
    systems. RSA accumulators are essentially hash functions for sets, and they can take any size
    message as input and output a fixed-size value. In cryptographic systems, these functions are
    an efficient way to generate proofs of integrity.
    A sentee can also send a RSA accumulator to a’smart contract’. A smart contract requires the
    sender to provide a nullifier before sending or receiving a combination of assets. The smart
    contract also requires that the sentee nullify the combined asset token commitment Z once,
    because Z’ is already present in the token commitments data structure. If nullifier N exists,
    then the recipient is unable to send or receive funds from him.
    A pre-nullifier is generated from a set of created records. The recipient of the transaction can
    generate and submit proofs of the pre-nullifier and the entire transaction. In order to reveal a
    pre-nullifier, the transaction creator must first create a set of commitments. These
    commitments must be anonymous. If the inputs are not, they are equivalent to the
    commitments that are created in a nullifier transaction. Further anonymity can be achieved by
    generating a dummy transaction spending or creating an identical record.
    Quadratic arithmetic program (QAP)
    The Pinocchio protocol implements QAP as its proof algorithm. QAP is a zero-knowledge proof
    algorithm. A well-known theorem guarantees that the probability of incorrectly accepting any
    polynomial is low. Gabizon discusses two methods to make QAP’s more reliable: blinding the
    Verifier and restricting the Prover’s polynomials.
    Commitment-nullifier scheme
    The Commitment-nullifier scheme is a new privacy mechanism introduced in the Ethereum
    blockchain. The scheme consists of a set of created records, each with a pre-nullifier.     In
    exchange for the pre-nullifier, a transaction creator can disclose the transaction’s entire proof

    to the recipient. The recipient then uses the proof to generate the post-nullifier. The pre-
    nullifier is a unique string of 32 bytes, which is encrypted by the network, while the post-
    nullifier proves that the transaction was created. This privacy scheme is effective, but has one

    major drawback.
    The Commitment-nullifier scheme uses a hash function to determine the owner of an UTXO. It
    also includes the hash function Poseidon, which is the lowest-cost hash in SNARK. The sender
    must have a private key to generate a Zkopru transaction, but it will need to have a nullifier
    seed to prove ownership.
    The Commitment-nullifier scheme uses a random number, or a binding factor, to prevent
    multiple ‘guessing’ attempts. The nullifier is stored in the contract. If someone has more than
    one ‘number’, they can spend a note with two different nullifiers, or commit to another note. A
    committer must have a zero-knowledge proof of authorization before spending a note, or else
    they’ll lose their investment.

    The RSA-based commitment scheme has a homomorphic property with respect to the
    multiplication operation. Therefore, the commitment can be proved if a fraction of the value
    committed is revealed. However, in some cases, the secret value X is a vector of separable
    values. For this reason, the Commitment-nullifier scheme in Ethereum is not perfect. Its
    efficiency is based on the small space of the values in the transaction.
    Transaction reversal
    Ethereum Nullifier is a feature that allows you to undo a transaction after it has been sent. The
    vulnerability in Ethereum occurred during the fund transfer process, where the recipient could
    have added infinite ethers to his/her account. The reversal of a transaction in Ethereum is a
    powerful way to protect coins and minimize the risk of losing them. This feature has also
    enabled traders to invest in the cryptocurrency.
    Anonymity property
    The Anonymity property of the Ethereum nullifier is a key component of the Bitcoin protocol.
    Anonymity refers to the ability of a recipient to not identify or link the contents of a message.
    While it may not be possible to fully eliminate the threat of tampering, it is a useful feature for
    centralized and decentralized environments. In this article, we will discuss the various aspects
    of anonymity and how it works in the Ethereum protocol.

    Share.

    Related Posts

    Leave A Reply