FHE Meeting #4: Pedersen Commitment Scheme

Date: 02.11.23
Time: 4pm CEST
Reading materials:


1 Like

Great initiative would love to join the meeting where i can get the invite.

Hey! You can read more about how the kindergarten works and find the instructions here

1 Like

For ZEXE paper, do we need to read through a specific section?

Can’t give you the exact section numbers, that is why I put it in the optional reading materials.

Take a look at the abstract, introduction, and conclusion to get the idea of the paper and then just skim through the rest of the paper, paying extra attention to the parts that mention what the commitment scheme is used for and how the homomorphic properties are helpful there

UPD: the homomorphic properties are not used anywhere explicitly actually, the example in section 6.1 could use it for value checks. It is pretty similar to zcash so you can just skip it

A short overview

We talked about commitment schemes in general, Pedersen commitment and how it is used in Zcash, the MASP, and Taiga. In all three examples it is used to check the transaction balance of created and consumed notes; Zcash β€” single asset case, Taiga and the MASP β€” multiple assets. Pedersen commitment is used to commit to the note values and sum them together in a privacy-preserving way, and the actual balance check is performed with the help of the binding signature

Another example of a homomorphic commitment scheme is KZG, which is also additively homomorphic

Unrelated but cool:
Terence shared with us some cool cartoons about WebAssembly (and probably more):