koe. seraphis: a privacy-preserving transaction protocol abstraction (wip).
Added by: Jack (2023-03-08 22:32)
|Resource type: Unpublished Work
BibTeX citation key: koe
View all bibliographic details
Seraphis is a privacy-focused transaction protocol abstraction for p2p electronic cash sys- tems that use the transaction output model (the e-note model in this paper). Seraphis e-notes are amount-transfer devices in the RingCT tradition, which record an ‘amount’ as a Pedersen commitment and an ‘address with transfer-authority’ as a specially-designed prime-order group point (similar to CryptoNote one-time addresses). Unlike previous protocols compatible with CT (Confidential Transactions), where e-note membership, ownership, and unspentness proofs were highly integrated into one large proving structure (such as MLSAG or CLSAG in the case of standard RingCT), Seraphis separates membership proofs from ownership and unspentness proofs. This allows the security model for membership proofs to be abstracted away from any specific proving system, which enables relatively simpler proving structures to be used and greatly simplifies the overall security model of Seraphis compared to its predecessors. Doing so also allows a linking tag (a.k.a. key image) construction with a number of favorable properties. Most notably, implementers of Seraphis can use an addressing scheme which permits wallets with three tiers of permissions (view received amounts, full balance recovery, full balance recov- ery with spend authority). The second permission tier is unique to Seraphis among protocols in the CryptoNote tradition.
This is a work in progress paper and will be updated once the final version is released
Added by: Jack Last edited by: Jack