Blind, Auditable Membership Proofs

Auditability is an important property in nancial systems and architectures Here we de ne the primitive of blind auditable mem bership proof BAMP which combines public auditability with privacy i e user anonymity In particular one can use it as an auditable alter native to a blind signature component in unconditionally anonymous payment systems and in other systems requiring anonymity We show that BAMP can be implemented quite e ciently namely without re sorting to general zero knowledge proofs of NP statements which in general merely indicates plausibility We then build an anonymous o line payment system based on the implementation of BAMP The system has the property that its secu rity against counterfeiting relies on the integrity of a public auditable database and not on the secrecy of privately held keys The system strongly defends against blackmailing and bank robbery attacks in the same way the system in does However the current system is a sig ni cant step towards practicality since unlike the previous system rst it does not use general protocols for zero knowledge proofs for NP and second the cost of the payment protocol is independent of the number of total coins withdrawn