Expand description
§Pay-to-Blinded-Key (P2BK) Implementation
This module implements NUT-28: Pay-to-Blinded-Key, a privacy enhancement for P2PK (NUT-11) that allows “silent payments” - tokens can be locked to a public key without exposing which public key they’re locked to, even to the mint.
§Key Concepts
- Ephemeral Keys: Sender generates a fresh ephemeral keypair
(e, E)for each transaction - ECDH: Both sides derive the same shared secret via Elliptic Curve Diffie-Hellman
- Blinding: Public keys are blinded before being sent to the mint
- Key Recovery: Receiver uses ECDH to recover the original blinding factor and derive signing key
§Feature Highlights
- Privacy-preserving P2PK operations
- Compatible with existing mints (no mint-side changes needed)
- BIP-340 compatibility for x-only pubkeys
- Canonical slot mapping for multi-key proofs
§Implementation Details
- Uses SHA-256 for key derivation with domain separation
- Supports rejection sampling for out-of-range blinding factors
- Properly handles SEC1 and BIP-340 key formats
See the NUT-28 specification for full details: https://github.com/cashubtc/nuts/blob/main/28.md
Enums§
- Error
- NUT-28 Error
Functions§
- blind_
public_ key - Blind a public key with a random scalar r
- derive_
signing_ key_ bip340 - Derive BIP-340 compatible signing key from private key and blinding scalar
- ecdh_
kdf - Perform ECDH and get blinding factor r