Thanks, this is helpful to refresh my memory. My understanding from this document is that the one and only reason we need a nullifier key is to ensure that the creator of a resource cannot see when it is spent (nullified) - is that correct? I think that’s a point in support of the approach of treating the nullifier key as a detail that must be dealt with when creating a shielded resource (future spends of which one does not want to be detectable by the sender), but that otherwise should carry no meaningful application semantics.
1 Like
Minor detail: nullifier key exists to address the created resource to the receiver (whose key is used to nullify the resource being created?), nullifier public key exists to hide the fact of consuming the resource from the creator of the resource. But I fully agree with you about treating nullifier keys as an implementation detail only meaningful for the shielded case.
1 Like