Skip to content

Stark-RQ Trustless Prototype V1

TKT-P3-68 added the first smallest trustless-family mechanics prototype under the frozen SRQ3 / PIv1 / PBv1 boundary.

TKT-P3-70 deepens that prototype toward witness-hiding semantics while keeping the same outer boundary.

TKT-P3-71 extends that deeper prototype to one coherent receiver-side construction bundle while preserving the same outer boundary.

TKT-P3-72 extends that deeper prototype to one coherent sender-change construction bundle while preserving the same outer boundary.

TKT-P3-73 extends that deeper prototype toward committed-value conservation under the same outer boundary.

TKT-P3-74 extends that deeper prototype toward transition consistency under the same outer boundary.

What this prototype is: - a transparent reduced-query trustless-family prototype - statement-bound through the same SRQ3 statement bind used by the integrated backend2 path - carried under a separate experimental SRQ3 profile so it can be compared directly against the current Groth16-backed scaffold without replacing it

What this prototype currently covers: - one coherent source-note authorization bundle under the fixed confidential-transfer statement: - note ownership - note inclusion - source nullifier relation - one coherent receiver-side construction bundle under the fixed confidential-transfer statement: - receiver owner commitment relation - receiver value commitment relation - receiver nonce relation - one coherent sender-change construction bundle under the fixed confidential-transfer statement: - sender-change leaf / note-hash context relation - sender-change value commitment relation - sender-change nonce relation - one verifier-grounded committed-value conservation layer under the fixed confidential-transfer statement: - hidden source committed value term - hidden receiver committed value term - hidden sender-change committed value term - hidden fee committed value term - fixed-statement conservation equation under the frozen fee-policy assumption - one verifier-checked deterministic adjacent two-row conservation arithmetic window plus shared carry linkage under the reduced-query trustless shape - three verifier-checked deterministic challenge-derived residual-trace endpoints across all four conservation rows and the full carry chain under the same frozen anchors - one downstream transition-consistency layer under the fixed confidential-transfer statement: - composition of the already-carried source, receiver, sender-change, and conservation bundle digests - frozen stateIn32 -> stateOut32 binding - frozen outputFingerprint32 binding - prover-side hidden source-note, receiver-note, sender-change, and committed-value witness derivation for those layers - verifier-side conservation and transition bundle checking grounded in the same frozen public anchors and the already-carried source / receiver / sender-change bundle digests - verifier-side committed-value arithmetic strengthening now includes: - one deterministic challenge-selected adjacent two-row conservation limb window - carry-vector boundary checks (carry[0]=0, carry[4]=0, bounded carries) - two linked row equations sharing the same intermediate carry: - receiver_i + senderChange_i + fee_i + carry_i = source_i + 2^16 * carry_{i+1} - receiver_{i+1} + senderChange_{i+1} + fee_{i+1} + carry_{i+1} = source_{i+1} + 2^16 * carry_{i+2} - stronger local soundness than two disconnected row samples because the shared middle carry must satisfy both checked rows - three deterministic challenge-mixed whole-table residual-trace endpoints across all four rows - three verifier-checked endpoint equations tying the full carry chain and all four rows together in aggregate - a stronger whole-table closure claim than the earlier local-window-plus-fold shape because the verifier now gets multiple independent global equations over the same residual table rather than one global summary - a reduced-query proof artifact that opens one source-bundle lane, one receiver-bundle lane, one sender-change bundle lane, one conservation bundle lane, and one transition-consistency bundle lane under the same frozen outer contract - proof-artifact-only verification under the same frozen outer contract

What this prototype does not yet cover: - broad family-selection finality beyond this fixed-statement prototype - proof-carrier optimization or wrapping decisions - full-family success for transparent reduced-query STARK/FRI-style verification - backend-family final selection

Why this is still useful: - it moves the trustless-family path beyond pure relation-public commitment/opening mechanics - it now carries three coherent hidden note packages plus one verifier-grounded hidden arithmetic layer and one downstream transition-consistency layer tied to the same fixed-statement transition context while preserving the frozen verifier boundary - it remains directly comparable to both the Groth16-backed SRQ3 scaffold and the earlier trustless mechanics prototype - it keeps witness values out of the verifier-facing artifact and leaves host/public-shell checks on the host side

Host-side responsibilities remain unchanged: - transcript binding - OFm2/v2 recomputation - tokenized continuation shell checks - malformed carrier rejection - public binding recomputation already assigned to host