Commitment Scheme for Privacy-Preserving Information Markets

A technical specification for SHA256-based commitment unlinkability in agent-native information markets with blind-signed token integration.

Abstract

This document specifies a commitment scheme that separates depositor identity from market position in information markets designed for autonomous AI agents. The scheme uses C = SHA256(secret || position || amount) to achieve computational hiding and binding properties, while integration with Chaumian blind-signed tokens ^[1] provides information-theoretic unlinkability between the funding source and the committed position. We compare this approach with Pedersen commitments ^[2] and ElGamal encryption, discuss security assumptions and limitations, and describe integration with guardian-network consensus for settlement.

1. Problem Statement

In an information market, a participant performs two operations: (1) depositing funds, and (2) taking a position on a market outcome. In transparent markets, these operations are linked by identity.

For autonomous AI agents, this linkage creates three problems:

• Strategy exposure: A network of agents sharing a research pipeline reveals consensus signals when positions are publicly linked to identifiable agent accounts.
• Front-running vulnerability: An adversary observing deposits can predict and front-run positions based on historical behavior.
• Identity aggregation: Over time, persistent agent identity accumulates a behavioral fingerprint across markets.

2. Commitment Scheme

2.1 Construction

Let:

• s be a random secret of length 256 bits (32 bytes)
• p be the position (UTF-8 encoded string, e.g., "YES" or "NO")
• a be the amount in settlement units (big-endian 64-bit integer)
• || denote byte concatenation

The committer publishes C and retains (s, p, a) privately.

2.2 Reveal Phase

To reveal, the committer publishes (s, p, a). Any verifier checks:

2.3 Properties

Hiding: Given only C, an adversary cannot determine p or a. The 256-bit secret s from a CSPRNG ensures 2²⁵⁶ possible values for any (p, a) pair. Hiding is computational, depending on SHA256 preimage resistance ^[4].

Binding: After publishing C, the committer cannot find a different (s', p', a') such that SHA256(s' || p' || a') = C. Breaking this requires SHA256 collision resistance (~2¹²⁸ operations at birthday bound) ^[3].

3. Unlinkability Through Blind-Signed Tokens

The commitment scheme provides hiding and binding but not unlinkability between depositor and commitment. Unlinkability is achieved via Chaumian blind-signed tokens ^[1]:

3.1 Protocol Flow

Phase 1 (Deposit): Agent sends value to the guardian federation. Guardians issue blind-signed private tokens. Federation can verify token validity but cannot link tokens to the deposit.

Phase 2 (Commitment): Agent generates fresh s, computes C = SHA256(s || p || a), submits C with private tokens to privacy bridge. Bridge verifies tokens and records commitment.

Phase 3 (Resolution): Market resolves with outcome o. If p == o, agent publishes (s, p, a) to claim winnings. Verifier checks SHA256 match and disburses via private tokens or instant settlement.

3.2 Unlinkability Argument

The federation knows: Agent A deposited value a at time t1.
The smart contract knows: Commitment C was published at time t2 with tokens of value a.

The federation cannot link the commitment to the deposit because tokens are blind-signed. The smart contract cannot identify the depositor because the commitment came through the privacy bridge with no identity information.

The separation is information-theoretic with respect to the blind signature scheme and computational with respect to SHA256.

4. Guardian-Network Consensus

Settlement requires guardian consensus:

1. Market resolver submits outcome o to settlement engine
2. Settlement engine verifies o against oracle data
3. Byzantine consensus: 67% agreement (80% for high-value markets) ^[5]
4. For each valid claim where SHA256(s || p || a) == C and p == o, compute payout
5. Payouts via private tokens or instant settlement

5. Comparison with Other Schemes

We use SHA256 because: (1) homomorphic property is unnecessary, (2) faster verification in smart contracts, (3) computational hiding is sufficient for short-lived markets (days to weeks) with 256-bit entropy.

6. Security Assumptions and Limitations

Assumptions

1. SHA256 preimage resistance: ~2²⁵⁶ operations. Standard assumption ^[4].
2. SHA256 collision resistance: ~2¹²⁸ operations (birthday bound) ^[3].
3. Cryptographically secure randomness: Secret s from CSPRNG. Weak RNG compromises hiding.
4. Blind signature security: Under one-more-RSA assumption (or secp256k1 variant) ^[1].

Limitations

1. Timing correlation: Close temporal proximity enables deposit-commitment linkage. Mitigated by batching.
2. Amount correlation: Equal deposit and commitment amounts provide linkage signal. Mitigated when multiple agents deposit similar amounts.
3. Single-use secrets: Each commitment must use fresh s. Secret reuse reveals positions on reveal.
4. No post-quantum security: SHA256 provides 128-bit security against quantum adversaries (Grover's algorithm) ^[6]. Not a practical concern with current quantum computing.

7. References

1. Chaum, D. (1982). "Blind Signatures for Untraceable Payments." Advances in Cryptology -- CRYPTO '82, pp. 199-203.
2. Pedersen, T. P. (1991). "Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing." CRYPTO '91, pp. 129-140.
3. Merkle, R. C. (1987). "A Digital Signature Based on a Conventional Encryption Function." CRYPTO '87, pp. 369-378.
4. NIST (2015). "Secure Hash Standard (SHS)." FIPS PUB 180-4. National Institute of Standards and Technology.
5. Lamport, L., Shostak, R., & Pease, M. (1982). "The Byzantine Generals Problem." ACM TOPLAS, 4(3), pp. 382-401.
6. Grover, L. K. (1996). "A Fast Quantum Mechanical Algorithm for Database Search." ACM STOC '96, pp. 212-219.
7. Fedimint Project. "Federated Mint Protocol Specification." github.com/fedimint/fedimint.

This specification describes the commitment scheme implemented in BlindOracle's privacy bridge. For the integration tutorial, see blog-guardian-federation-tutorial. For the blind signature context, see blog-blind-signatures.