aljaz/nutshell
1
0
Fork 0
mirror of https://github.com/aljazceru/nutshell.git synced 2025-12-20 18:44:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3b99be52b94cb17b22a3835460443a46a4eed650
nutshell/docs
History
callebtc 3b99be52b9 update spec
2023-01-14 19:50:46 +01:00
..
specs
update spec
2023-01-14 19:50:46 +01:00
README.md
Update README.md
2022-10-20 19:29:30 -04:00

README.md

Notation

Sending user: Alice
Receiving user: Carol
Mint: Bob

Bob (mint)

  • k private key of mint (one for each supported amount)
  • K public key of mint
  • Q promise (blinded signature)

Alice (user)

  • x random string (secret message), corresponds to point Y on curve
  • r private key (blinding factor)
  • T blinded message
  • Z proof (unblinded signature)

Blind Diffie-Hellman key exchange (BDH)

  • Mint Bob publishes K = kG
  • Alice picks secret x and computes Y = hash_to_curve(x)
  • Alice sends to Bob: T = Y + rG with r being a random nonce
  • Bob sends back to Alice blinded key: Q = kT (these two steps are the DH key exchange)
  • Alice can calculate the unblinded key as Q - rK = kY + krG - krG = kY = Z
  • Alice can take the pair (x, Z) as a token and can send it to Carol.
  • Carol can send (x, Z) to Bob who then checks that k*hash_to_curve(x) == Z, and if so treats it as a valid spend of a token, adding x to the list of spent secrets.