BLSCT Protocol¶
Deep dive into Navio's confidential transaction protocol. Start with Concepts → BLSCT privacy model for the high-level picture; this section covers the cryptographic details and on-wire byte layouts.
| Page | Topic |
|---|---|
| BLS12-381 curve | Pairing-friendly curve used for signatures, commitments, proofs |
| Key derivation | EIP-2333, view keys, spend keys, token keys, sub-address derivation |
| Double public key | 96-byte bundled (view, spend) public key that defines a BLSCT address |
| Output construction | Ephemeral keys, commitments, view tags, blinding, memo encryption |
| Output detection | How wallets scan for outputs addressed to them |
| Amount recovery | Nonce-based decryption of committed amounts |
| Range proofs | Bulletproofs++ layout and verification |
| Signatures | Balance signature, input signatures, token signatures, aggregation |
| Proof-of-Private-Stake (PoPS) | Consensus algorithm — set-membership proof + range proof over committed stake |
| Slashing (future work) | Why automatic slashing is not yet live; reserved primitives for later activation |
| Token format | Token / NFT outputs, collection vs. item ids, metadata encoding |
| Transaction format | On-wire BLSCT transaction layout |
| Block format | BLSCT-aware block layout, coinstake, coinbase |