Insight from the transparent VM implementation track:
We assume to the VM, shielded Resources and (P)TXs are ByteString with limited amounts of introspection (like looking at the commitment and hints).
In addition to this, the VM can call Taiga, e.g. to generate commitments and nullifiers for shielded and transparent TXs.
Note: I’m not sure if we can (or need to) generate zk-proofs via Taiga from transparent TXs without shielding the Resources first, but maybe it doesn’t matter if we can just include 1k-proofs into a zk-chain.
Using the above and a plaintext executable of type tx -> tx + access to state of e.g. the consensus provider KVS, we can unify the transparent and shielded post ordering execution models.
This would be compatible with 1. or 2. since the state update could be performed by the VM in a replicated setting, or just have the proofs provided. Once we figure out how to do 3. we can add that as a special case.