Introduction of the Cryptographic Primitives Applied in this Platform

Challenges of Blockchain Technology

However, DLT adoption faces a dilemma between data privacy-preserving and public sharing that can be described by two limitations: 1) participants will lose data privacy if they are to share data in the public ledger (such as loan-level data); 2) encrypting loan level data will keep privacy but will therefore not support data analytics at the asset pool-level. As security issuers do not have the incentive to reveal sensitive proprietary loan-level data to investors and third-parties1, current blockchain applications cannot scale at industry level. In order for blockchain applications to scale, there is a need for flexible privacy settings that can reflect the subtleties of current market interactions

Zero knowledge Proofs

The Pedersen commitment scheme is perfectly hiding, computationally strongly binding and additively homomorphic under the discrete logarithmic assumptions. The key generation algorithm outputs a description of a cyclic group G of prime order p and random generators g and h. The commitment key is π‘π‘˜ = (𝐺,𝑝,𝑔,h).

To commit to m ∈ Zq the committer picks randomness r ∈ Zp and computes Comck(m;r)=gmhrComck(m;r)=g^m h^r

The Pedersen commitment scheme can be generalized for multiple messages, i.e. given messages m1,m2,.....,mnm_1, m_2, ....., m_n , one can create a single commitment of the form:


Bulletproofs are zero-knowledge argument of knowledge, which enables a party (prover) to prove that certain statement is correct to another party (verifier) without ever revealing any information to support the statement. In contrast to other zero- knowledge schemes such as zk-SNARKS, bulletproofs does not require trusted setup and rely only on the standard cryptography assumption (discrete logarithm assumption). Further, the scheme has been made non-interactive via application of the Fiat-Shamir heuristic.

Formally, let v ∈ Zp and let V ∈ G be a Pedersen commitment to v using randomness Ξ³. Then the proof system will convince the verifier that v ∈ [0,2n βˆ’ 1]. In other words, the proof system proves the following relation.

In different applications (such as health care data) the prover may need to conduct several range proofs at the time (such as proving the results for different tests). The bulletproof preset a great way to aggregate all these m range proofs in the computationally more efficient operation than the m individual range proofs. It is achieved via the modification of the proof system.

Schnorr OR Proofs

Schnorr’s method is one of the widest applied zero knowledge schemes in practice and is well known for its efficiency

The scheme can be applied to prove that π‘₯ ∈ {0,1} , without providing any other information whether x is 0 or 1. The proof data consist of the five values [C,r1,r2,c1,c2][C, r_1, r_2, c_1, c_2] such that c1+c2=hash(a1,a2)(modq)c_1 + c_2 = hash( a_1, a_2) (mod q) where