Last updated
Was this helpful?
However, DLT adoption faces a dilemma between data privacy-preserving and public sharing that can be described by two limitations: 1) participants will lose data privacy if they are to share data in the public ledger (such as loan-level data); 2) encrypting loan level data will keep privacy but will therefore not support data analytics at the asset pool-level. As security issuers do not have the incentive to reveal sensitive proprietary loan-level data to investors and third-parties1, current blockchain applications cannot scale at industry level. In order for blockchain applications to scale, there is a need for flexible privacy settings that can reflect the subtleties of current market interactions
The Pedersen commitment scheme is perfectly hiding, computationally strongly binding and additively homomorphic under the discrete logarithmic assumptions. The key generation algorithm outputs a description of a cyclic group G of prime order p and random generators g and h. The commitment key is 𝑐𝑘 = (𝐺,𝑝,𝑔,h).
To commit to m ∈ Zq the committer picks randomness r ∈ Zp and computes
The Pedersen commitment scheme can be generalized for multiple messages, i.e. given messages , one can create a single commitment of the form:
Bulletproofs are zero-knowledge argument of knowledge, which enables a party (prover) to prove that certain statement is correct to another party (verifier) without ever revealing any information to support the statement. In contrast to other zero- knowledge schemes such as zk-SNARKS, bulletproofs does not require trusted setup and rely only on the standard cryptography assumption (discrete logarithm assumption). Further, the scheme has been made non-interactive via application of the Fiat-Shamir heuristic.
Formally, let v ∈ Zp and let V ∈ G be a Pedersen commitment to v using randomness γ. Then the proof system will convince the verifier that v ∈ [0,2n − 1]. In other words, the proof system proves the following relation.
In different applications (such as health care data) the prover may need to conduct several range proofs at the time (such as proving the results for different tests). The bulletproof preset a great way to aggregate all these m range proofs in the computationally more efficient operation than the m individual range proofs. It is achieved via the modification of the proof system.
Schnorr’s method is one of the widest applied zero knowledge schemes in practice and is well known for its efficiency
The scheme can be applied to prove that 𝑥 ∈ {0,1} , without providing any other information whether x is 0 or 1. The proof data consist of the five values such that where
