State commitments/stateless validation using algebraic vector commitments


#1

Meanwhile proposing different ways to commit to state has been a hot topic lately (RSA accumulators, Sparse Merkle tree, etc), I came across this paper that proposes doing so using algebraic vector commitments that I think may be worth discussing.

The crux of the paper is that if you commit to the state using algebraic vector commitments, and you want to achieve stateless validation, then you can make it possible for Alice to send money to Bob, and only provide the proof of Alice’s balance. With a Merkle tree, you’d also need to provide proof of Bob’s balance. This may be nice, because that means everyone one needs to store their own state; Alice doesn’t need to know Bob’s state. However, it appears to require a trusted setup.

Here’s the crux of it:

image


#2

Can’t we do the same with Sparse Merkle trees? I was thinking that’s exactly how original Plasma Cash works - leafs represent all possible IDs of coins, and coins just change owners? In this model, one only needs to keep the history of his own coin(s), and that’s all that is needed for a coin to get a new owner, i.e. to be transferred?


#3

Somewhat - in pcash, you just have a bunch of nfts that get passed around whereas in this case, you have an fungible account-based model.

People ain’t super bullish on trusted setup tho, with all this research into class groups 'n such