Paper 2022/1255

An ECDSA Nullifier Scheme for Unique Pseudonymity within Zero Knowledge Proofs

Aayush Gupta, Massachusetts Institute of Technology, 0xPARC
Kobi Gurkan, Geometry Research

ZK-SNARKs (Zero Knowledge Succinct Noninteractive ARguments of Knowledge) are one of the most promising new applied cryptography tools: proofs allow anyone to prove a property about some data, without revealing that data. Largely spurred by the adoption of cryptographic primitives in blockchain systems, ZK-SNARKs are rapidly becoming computationally practical in real-world settings, shown by i.e. and rollups. These have enabled ideation for new identity applications based on anonymous proof-of-ownership. One of the primary technologies that would enable the jump from existing apps to such systems is the development of deterministic nullifiers. Nullifiers are used as a public commitment to a specific anonymous account, to forbid actions like double spending, or allow a consistent identity between anonymous actions. We identify a new deterministic signature algorithm that both uniquely identifies the keypair, and keeps the account identity secret. In this work, we will define the full DDH-VRF construction, and prove uniqueness, secrecy, and existential unforgeability. We will also demonstrate a proof of concept of the nullifier.

Note: Edited affiliations

Available format(s)
Cryptographic protocols
Publication info
zero knowledge zero knowledge proof nullifier ddh-vrf vrf vuf pseudonymity ethereum bitcoin ecdsa secp256k1
Contact author(s)
aayushgupta @ mit edu
kobi @ geometryresearch xyz
2022-09-26: last of 3 revisions
2022-09-21: received
See all versions
Short URL
Creative Commons Attribution


      author = {Aayush Gupta and Kobi Gurkan},
      title = {An ECDSA Nullifier Scheme for Unique Pseudonymity within Zero Knowledge Proofs},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1255},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.