References
Academic papers, protocol specifications, and technical documentation referenced throughout the Specter whitepaper. Organized by category.
Zero-Knowledge Proofs
| Reference | Description |
|---|---|
| Groth, J. (2016). "On the Size of Pairing-Based Non-interactive Arguments." EUROCRYPT 2016. ePrint 2016/260 | The Groth16 proof system used in Specter. Defines the pairing-based SNARK construction with constant-size proofs (3 group elements) and fast verification. |
| Parno, B., Howell, J., Gentry, C., Raykova, M. (2013). "Pinocchio: Nearly Practical Verifiable Computation." IEEE S&P 2013. ePrint 2013/279 | Foundational work on verifiable computation using quadratic arithmetic programs (QAPs). Groth16 builds on the QAP framework introduced here. |
| Ben-Sasson, E., Chiesa, A., Tromer, E., Virza, M. (2014). "Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture." USENIX Security 2014. ePrint 2013/879 | The vnTinyRAM construction — early work on SNARKs for general computation. Informs the theoretical basis for circuit-based proof systems. |
| Gabizon, A., Williamson, Z.J., Ciobotaru, O. (2019). "PLONK: Permutations over Lagrange-bases for Oecumenical Noninteractive arguments of Knowledge." ePrint 2019/953 | The PLONK proof system with universal and updatable structured reference string. Potential future migration target to eliminate circuit-specific trusted setups. |
| Bowe, S., Grigg, J., Hopwood, D. (2019). "Recursive Proof Composition without a Trusted Setup." ePrint 2019/1021 | The Halo construction for recursive proof composition without trusted setup. Informs research into proof aggregation and transparent proof systems. |
Hash Functions
| Reference | Description |
|---|---|
| Grassi, L., Khovratovich, D., Rechberger, C., Roy, A., Schofnegger, M. (2021). "Poseidon: A New Hash Function for Zero-Knowledge Proof Systems." USENIX Security 2021. ePrint 2019/458 | The Poseidon hash function used for all commitments, nullifiers, and Merkle tree nodes in Specter. Defines the algebraic hash construction optimized for arithmetic circuits. |
| Bertoni, G., Daemen, J., Peeters, M., Van Assche, G. (2011). "The Keccak Reference." keccak.team | The Keccak sponge construction underlying SHA-3 and used in Specter's quantum commitment layer. |
Elliptic Curves
| Reference | Description |
|---|---|
| Barreto, P., Naehrig, M. (2005). "Pairing-Friendly Elliptic Curves of Prime Order." SAC 2005. | The BN curve construction. BN254 (alt-bn128) is the specific parameterization used in Specter and supported by Ethereum's ecPairing precompile. |
| Bowe, S. (2017). "BLS12-381: New zk-SNARK Elliptic Curve Construction." electriccoin.co | The BLS12-381 curve used in Ethereum 2.0 and Zcash Sapling. Potential migration target for higher security margin (~120 bits). |
| Barbulescu, R., Duquesne, S. (2018). "Updating Key Size Estimations for Pairings." Journal of Cryptology. ePrint 2017/334 | Revised security estimates for pairing-friendly curves, including the downward revision of BN254 from ~128-bit to ~100-110-bit security. |
Blockchain Infrastructure
| Reference | Description |
|---|---|
| Cosmos SDK Documentation. docs.cosmos.io | The application framework used to build Specter's blockchain. Specter uses Cosmos SDK v0.53.2. |
| CometBFT Documentation. docs.cometbft.com | The Byzantine Fault Tolerant consensus engine (formerly Tendermint) providing Specter's consensus layer. Specter uses CometBFT v0.38.17. |
| Wood, G. (2014). "Ethereum: A Secure Decentralised Generalised Transaction Ledger." (Yellow Paper). ethereum.github.io/yellowpaper | The Ethereum Virtual Machine specification. Specter's EVM layer (cosmos/evm) implements this specification for Solidity smart contract execution. |
| IBC Protocol Specification. github.com/cosmos/ibc | The Inter-Blockchain Communication protocol specification. Specter uses ibc-go v10 for cross-chain communication with other Cosmos chains. |
| Hyperlane Documentation. docs.hyperlane.xyz | The modular interoperability protocol used for Specter's bridge to Ethereum and L2 chains. |
Standards
| Reference | Description |
|---|---|
| ERC-5564: Stealth Addresses. eips.ethereum.org/EIPS/eip-5564 | The stealth address standard implemented by Specter's GhostStealthAnnouncer. Defines the meta-address format, ECDH-based stealth address derivation, and announcement mechanism. |
| EIP-1559: Fee Market Change. eips.ethereum.org/EIPS/eip-1559 | The base fee mechanism for EVM transaction fee pricing. Implemented in Specter's EVM layer. |
| ERC-20: Token Standard. eips.ethereum.org/EIPS/eip-20 | The fungible token standard. Ghost-wrapped bridge tokens (gUSDC, gWETH, gLABS) are ERC-20 compatible. |
| EIP-191: Signed Data Standard. eips.ethereum.org/EIPS/eip-191 | The signed data standard used for wallet signature authentication in Specter's relayer network. |
| EIP-196/197: Elliptic Curve Operations. eips.ethereum.org/EIPS/eip-196, eip-197 | The precompiled contracts for BN254 elliptic curve addition, scalar multiplication, and pairing checks. Required for on-chain Groth16 proof verification. |
Tooling
| Reference | Description |
|---|---|
| Circom. docs.circom.io | The domain-specific language for defining arithmetic circuits. Specter's ZK circuits (redemption.circom, accessProof.circom) are written in Circom. |
| snarkjs. github.com/iden3/snarkjs | JavaScript library for Groth16 proof generation and verification. Used by Specter's client SDK and Proof Relayer for proof computation. |
| Foundry. book.getfoundry.sh | Ethereum development toolkit (Forge, Cast, Anvil). Used for Specter's smart contract development, testing, and deployment. |
| OpenZeppelin Contracts. docs.openzeppelin.com/contracts | Audited, reusable smart contract library. Specter uses OpenZeppelin's ERC-20, access control, and reentrancy guard implementations. |
| PM2. pm2.keymetrics.io | Node.js process manager used to manage Specter's relayer services (Root Updater, Commitment Relayer, Proof Relayer, Faucet). |
Hardware
| Reference | Description |
|---|---|
| NXP NTAG 424 DNA Datasheet. nxp.com | NFC tag IC with AES-128 authentication and SUN (Secure Unique NFC) messaging. Used for physical bearer instruments — NFC cards that encode Phantom Keys and enable tap-to-authenticate interactions with Specter's data privacy protocol. |
Cryptographic Primitives
| Reference | Description |
|---|---|
| Krawczyk, H. (2010). "Cryptographic Extraction and Key Derivation: The HKDF Scheme." RFC 5869 | HMAC-based Key Derivation Function used to derive all commitment secrets (secret, nullifierSecret, blinding) from a single 128-bit seed in Phantom Keys. |
| Kaliski, B. (2000). "PKCS #5: Password-Based Cryptography Specification Version 2.0." RFC 2898 | PBKDF2 specification. Specter uses PBKDF2-SHA256 with 100,000 iterations for passphrase-based key derivation in Phantom Identity encryption. |
| Dworkin, M. (2007). "Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC." NIST SP 800-38D. nist.gov | AES-GCM authenticated encryption specification. Used for passphrase encryption of Phantom Keys and Phantom Identities. |
| Shor, P. (1994). "Algorithms for Quantum Computation: Discrete Logarithms and Factoring." FOCS 1994. | Shor's quantum algorithm that solves the discrete log problem in polynomial time. Motivates Specter's post-quantum defense-in-depth via the Keccak-256 quantum commitment layer. |
| Grover, L. (1996). "A Fast Quantum Mechanical Algorithm for Database Search." STOC 1996. | Grover's quantum search algorithm that provides a quadratic speedup for brute-force search. Reduces symmetric cipher security by half (e.g., AES-256 provides 128-bit post-quantum security). |