Tags → #pedersen
-
SPST: a self-paying shielded transaction model
First construction in F_RP. The SPST relation, balance conservation under DLOG, double-spend resistance under collision-resistant PRF, unlinkability under DDH, simulation-extractable non-malleability.
-
The fee paradox: why every smart-contract privacy mixer needs a relayer
On account-model chains the very act of paying a transaction fee deanonymises the recipient. This post formalises the paradox, walks through three resolutions, and sets up the SPST construction that resolves it inside the ZK proof itself.
-
Range proofs in 80 lines: Pedersen commitments and a tiny Bulletproof
How a Bulletproof actually compresses a range proof to logarithmic size. Derive the inner-product argument from scratch, run a toy prover/verifier in the browser, and pick the right range-proof primitive for 2026.
-
Pedersen commitments, in production
ZERA marketing says "Pedersen Commitments" on the cryptography page. The SDK ships Poseidon. Both are right — and the gap between them is the whole story of what shipping ZK in 2026 actually looks like.