Skip to main content
Version: 1.0.1

Epoch Key

  • Epoch keys are temporary personas which users use them to interact with others.
  • Instead of giving attestations to an identityCommitment, a random-value-like epochKey is the receiver of an attestation.
  • Epoch key is computed by
identityNullifier + nonce,
]) % BigInt(2 ** epochTreeDepth)

It would be better to be expressed as

]) % BigInt(2 ** epochTreeDepth)

But to save circuit constraints, we put identityNullifier and nonce in one input field.

where nonce and be any value between 0 and numEpochKeyNoncePerEpoch - 1, so that a user can have numEpochKeyNoncePerEpoch epoch keys per epoch.

  • Only the user knows his identityNullifier so only he knows if he is receiving an attestation, others would see an attestation attesting to a random value.
  • In the epoch key proof circuit user can prove that he knows the epochKey and can rightfully receive and process the attestations attested to this epochKey.