4.3.1 Shared Cryptographic Pattern

All PXP modules share a common structure:

• Merkle commitments: compress eligibility/identity/reputation state into a Merkle root.

• Groth16 zk-SNARK verification: validate a proof with minimal on-chain cost.

• Nullifier anti-replay: prevent the same proof from being reused (one-time ticket semantics).

• On-chain events: emit canonical signals (AccessGranted, IdentityPassUsed, …) for integrators.

Shared semantic concept

A PXP proof is essentially:

“I am eligible under the current root, and I can prove it without revealing who I am.”

and the nullifier means:

“I can’t reuse this proof to claim the same access twice (anti-replay).”

Generic PXP dataflow schema

sequenceDiagram
  participant U as User
  participant W as Wallet/Signer
  participant P as Proof Generator (client/backend)
  participant C as PXP Contract (L1)
  participant I as Integrator (dApp/backend)

  U->>P: Provide inputs (private witness, Merkle path, context)
  P->>P: Generate Groth16 proof + pubSignals
  U->>W: Sign & send tx
  W->>C: Submit proof(pubSignals, proof)
  C->>C: Verify proof + check root + check nullifier unused
  C-->>C: Mark nullifier used
  C-->>I: Emit Event (AccessGranted / IdentityPassUsed)
  I->>I: Grant access without learning identity/balance