- multinut
Discussion
Any amount meaning any denomination in a single proof??? That’d be very useful
Yes. It's the most exciting thing on that list and a huge thing.
how will that work with the mint's keysets?? very curious about it
One option are keyed-verification anonymous credentials like used in WabiSabi. There's one implementation by nostr:nprofile1qqsfuv8fgq3cek0ta0rr9qtkm4x3pxqjz22y9u4xcwrj0lrxlfl2jzspz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszrnhwden5te0dehhxtnvdakz7qgswaehxw309ahx7um5wghx6mmd9uv87spp: https://github.com/lontivero/cashabi
Yup, the any-amount ecash will be based on KVAC also used in WabiSabi and Signal! The mint only needs a single private key, and the entire wallet can be stored in just a single nut. All that while also vastly improving privacy (blinded amounts, like confidential transactions).
It's going to be so fucking beautiful 🥹
🥹
It's easily the biggest change in Cashu we ever attempted but it's worth it.
Yeah, I got that working a few months ago, but was told it was a bad idea.
What changed?
You got what working? I don't believe that.
Yeah. ‘Working’ might be a generous description, but I implemented several working methods - like keyforamount, swapforamount, mint/bolt11foramount. I stopped when I was told it was a bad idea, but it greatly simplified the proof management and payment.
I hacked it all in nutshell Cashu mint.
Proof of work is in this branch below. Bottom line, I was successful in deriving the public/private key for any arbitrary amount and issuing the promises.
Yeah but that's the easy mode with broken privacy.
I was just proving the math worked. Didn’t get as far as working on privacy implications. Could easily be addressed by a wallet by breaking an amount into the sum of two random components, etc. Anyway, very keen to see this idea is still alive.
Came here to ask that.