Pre-migration documentation. This site reflects the pre-migration state of the protocol. It’s mostly current, but a few edges may not match ZERA at launch. We’re finalizing the new, detailed ZERA docs now. Thanks for your patience.
Algebraic Entropy Foundation
Group‑Theoretic Entropy and Mathematical Foundations
The foundation of zero‑knowledge cash rests on rigorous group‑theoretic entropy principles, ensuring cryptographic security through mathematical guarantees.
2.1 Group‑Theoretic Entropy
Let G be a cyclic group of prime order q with generators g, h. The initial randomness pool is defined as:
S_0 = { s_i ∈ G | H_α(s_i) ≥ H_min }
Here H_α denotes the Rényi entropy of order α > 1. Sampling from S_0 produces elements indistinguishable from uniform under the discrete‑log assumption.
2.2 Entropy Bounds and Security
Formal results on random walks in groups yield asymptotic lower bounds:
H_α(S_0) ≥ log q − O(1)
This guarantees that an adversary gains negligible advantage even after observing polynomially many epochs.
Mathematical Properties
Cyclic Group Structure
G = ⟨g⟩ with |G| = q (prime) ensures every element can be written as g^k for k ∈ Z_q.
Entropy Preservation
Rényi entropy H_α captures randomness that is preserved under group operations.
Sampling Guarantees
Elements sampled from S_0 are computationally indistinguishable from uniform in G.
Security Implications
- Computational indistinguishability from uniform distribution
- Resistance to statistical attacks through high entropy
- Quantum‑resistant properties under certain group choices
- Forward secrecy through entropy evolution