Nomos Native Zones Proof of Concept v0.2 (Private Atomic Transfer)

Objective

This protocol describes how to execute a private atomic asset transfer between two zones (Zone A and Zone B), ensuring that:

• The transaction happens atomically (withdrawal and deposit are completed together).
• The transaction remains private, such that the value, owner, and data of the note remain hidden from the executors. Only the zones involved in the transaction are known.
• Commitments are tracked in a Merkle Mountain Range (MMR), and nullifiers are tracked using an Indexed Merkle Tree.

Key Structures and Tools

1. Commitments: Represent ownership, value, and metadata of a note, stored in a Merkle Mountain Range (MMR).
2. Nullifiers: Ensure notes cannot be spent twice, stored in an Indexed Merkle Tree (non-membership proofs).
3. Nonce Evolution: Ensures commitments are unlinkable between zones by updating nonces during cross-zone transfers.
4. zk-SNARK Proofs: Used for validating the transaction without revealing sensitive information about the note.

Detailed Protocol Steps

Commitment Creation

Each note (note) is represented by a commitment (note_cm), which hides its value, owner, zone, and nonce. The commitment is added to the MMR for the zone in which the note exists (e.g., Zone A).

• Commitment formula:

note_cm = hash(NOMOS_CL_NOTE_COMMIT || value || owner_pk || zone_id || nonce)

Where:

• value: The value of the note (e.g., 50 NMO).
• owner_pk: The public key of the note’s owner.