Dreaming of Cashu-Pedersen – an Ecash implementation with blinded amounts ("confidential transactions", i.e., Pedersen commitment + Range Proofs).

Properties:

- Mint does not know input and output amounts for an ecash swap

- Mint has only a single pubkey, not one pubkey per amount

- Users store only one single nut, not multiple nuts per amount

- Anon set of all ecash tokens is maximal, not per amount

So many great properties but also hard af to build. We'll get there.