The paper behind zkCoins.
zkCoins implements Shielded CSV — a privacy protocol for Bitcoin that reveals nothing on-chain beyond a 64-byte nullifier. No token. No own chain. Settled on Bitcoin.
Whitepaper · ePrint 2025/068
Shielded CSV: Private and Efficient Client-Side Validation
A privacy-preserving variant of Client-Side Validation, settled directly on Bitcoin.
- Authors
- Jonas Nick (Blockstream) · Liam Eagen (Alpen Labs) · Robin Linus (ZeroSync)
- Published
- January 2025
- Reference
- eprint.iacr.org/2025/068
Client-Side Validation (CSV) decouples transaction validation from Bitcoin consensus by moving it to the recipient. Shielded CSV improves on prior CSV designs by hiding the transaction history entirely: each transfer leaks only a 64-byte nullifier to the chain, with the rest verified client-side via succinct zero-knowledge proofs. The protocol is compatible with Bitcoin as-is — no soft fork, no hard fork — and targets roughly an order of magnitude more transactions per second than the base layer alone.
On-chain footprint
64 bytes per transfer.A nullifier — derived from the transaction, indistinguishable from random data — replaces the full transaction payload.
Privacy
No leaked transaction graph.Unlike RGB or Taproot Assets, the history is hidden under a zk-SNARK-style proof; recipients verify validity without seeing the lineage.
Compatibility
Bitcoin as-is.No soft fork, no hard fork. CSV protocols coexist on the chain by using it only for ordering and double-spend prevention.
Throughput
~100 transactions per second.Shrinking the on-chain footprint from ~560 WU to ~64 WU lifts Bitcoin's effective capacity by roughly an order of magnitude.