Accounts

An account on the base layer is defined as a pair of pubkey and a commitment s.t.

Acc_i=(pk_i,com_i) \ \ s.t. \ \ pk_i = (g_i^{r_i},h^{r_i}_i) \

where g is the globally available generator point, r is a random scalar and h is defined as

h_i=g_i^{sk}

Note h here is not a global generator point but an elgamal public key point. Commitment is defined as an elgamal style commitment scheme s.t.

com=(g_i^{(r_i*r'_i)} ,g^vh_i^{(r_i*r'_i)})

where r' is a random scalar which updates the public key points to generate a new commitment for the key and v is the secret scalar of the balance in the account s.t. $0\leq bl<2^{32}$ .

Updatable Accounts

A public key is updated using scalar multiplication of a random scalar $r_1$ with the group elements.

Update(pk,r_1)= (g^{r_1},h^{r_1})=pk'

A commitment is updated by adding it to a new zero balance commitment, generated using $(pk,r_2)$ .

Update(com,r_2)=com \cdot Commit_{pk}(0,r_2)

Accounts are updated by updating public key $pk→ pk'$ , generating a zero balance commitment using $(pk,r_2)$ and adding the previous and new commitment $com_{pk}(v) \cdot com_{pk}(0,r_2)$ .

UpdateAcc(pk, com); r_1,r_2=Update(pk,r_1);com\cdot Commit_{pk}(0,r_2)

This construction follows the Updatable Public Key primitive introduced in QuisQuis by Mieklejohn et.al. (2018).

pageUpdatable Public Key

PreviousCore Concepts NextTransaction

Last updated 3 years ago