XLS: Confidential Multi-Purpose Tokens (Draft) #460
Conversation
Co-authored-by: Shawn Xie <[email protected]>
fix: auditor policy
XLS-????-ConfidentialMPT/README.md
Outdated
| author: Murat Cenk <[email protected]>, Aanchal Malhotra <[email protected]>, Ayo Akinyele <[email protected]> | ||
| status: Ongoing | ||
| category: Amendment | ||
| created: Jan 15, 2026 |
There was a problem hiding this comment.
| created: Jan 15, 2026 | |
| created: 2026-01-15 |
| description: This amendment introduces Confidential Multi-Purpose Tokens (MPTs) on the XRP Ledger. | ||
| author: Murat Cenk <[email protected]>, Aanchal Malhotra <[email protected]>, Ayo Akinyele <[email protected]> | ||
| status: Ongoing | ||
| category: Amendment |
There was a problem hiding this comment.
| category: Amendment | |
| category: Amendment | |
| requires: XLS-33 |
xls-draft-confidential-mpt/README.md
Outdated
| @@ -0,0 +1,862 @@ | |||
| <pre> | |||
| title: Confidential Multi-Purpose Tokens for XRPL | |||
There was a problem hiding this comment.
title: Confidential Multi-Purpose Tokens
xls-draft-confidential-mpt/README.md
Outdated
| created: Jan 15, 2026 | ||
| </pre> | ||
|
|
||
| # Confidential Multi-Purpose Tokens for XRPL |
There was a problem hiding this comment.
Confidential Multi-Purpose Tokens
xls-draft-confidential-mpt/README.md
Outdated
|
|
||
| MPTokenIssuance Extensions: To support confidential MPTs, the MPTokenIssuance ledger object is extended with two new flags and three new fields. These serve as the global configuration and control settings for the token's confidential features. | ||
|
|
||
| ### 3.2.1 New Flags: |
There was a problem hiding this comment.
The flags should be declared and defined where they're used.
xls-draft-confidential-mpt/README.md
Outdated
| - lsfMPTCanPrivacy: If set, indicates that confidential transfers and conversions are enabled for this token issuance. | ||
| - lsmfMPTCannotMutatePrivacy: If set, the lsfMPTCanPrivacy flag can never be changed after the token is issued, permanently locking the confidentiality setting. | ||
|
|
||
| ### 3.2.3 New Fields: |
There was a problem hiding this comment.
New fields should be declared and defined where they're used.
xls-draft-confidential-mpt/README.md
Outdated
|
|
||
| The existing `MPTokenIssuanceSet` transaction is extended to manage the confidential lifecycle of an MPT issuance. This includes enabling/disabling privacy status and registering encryption keys. | ||
|
|
||
| ### 11.1. New Fields |
There was a problem hiding this comment.
| ### 11.1. New Fields | |
| ### 11.1. Fields |
xls-draft-confidential-mpt/README.md
Outdated
| | `IssuerElGamalPublicKey` | The 33-byte EC-ElGamal public key used for the issuer's mirror balances. | | ||
| | `AuditorElGamalPublicKey` | The 33-byte EC-ElGamal public key used for regulatory oversight (if applicable). | | ||
|
|
||
| ### 11.2. Usage & Mutability |
There was a problem hiding this comment.
This should be moved before fields.
|
|
||
| - **Flags:** The `lsfMPTCanPrivacy` flag is updated (if mutable). | ||
| - **Keys:** The `sfIssuerElGamalPublicKey` and/or `sfAuditorElGamalPublicKey` are stored on the `MPTokenIssuance` ledger entry. | ||
|
|
There was a problem hiding this comment.
Could you add an example JSON please.
xls-draft-confidential-mpt/README.md
Outdated
|
|
||
| Confidential MPTs introduce cryptographic mechanisms that require careful validation and enforcement. This section summarizes key security invariants, proof requirements, and considerations against potential attack vectors. | ||
|
|
||
| ### Proof Requirements |
There was a problem hiding this comment.
Could you please add subsection indexes. E.g. 14.1., 14.2., etc.
xls-draft-confidential-mpt/README.md
Outdated
|
|
||
| Bulletproofs are an efficient choice. Even when reducing the bit length, the decomposition approach results in a transaction payload that is over 6 times larger than a Bulletproof. | ||
|
|
||
| ## 16. Frequently Asked Questions (FAQ) |
There was a problem hiding this comment.
The FAQ should go into the appendix:
# Appendix _(Optional)_
## Appendix A: FAQ _(Optional)_
_[A list of questions the author expects to be asked about the spec, and their answers. It is highly recommended but not required to include this section, to make it easier for spec readers to understand it.]_
### A.1: [Question]
_[Answer to the question]_
|
Thank you for rewriting the specification @mrtcnk , it's in a much better state. I left some editorial comments, once they've been addressed, I'll do a technical review of the transactors. |
🎫 XLS Number AssignmentThis PR adds a new XLS draft. The next available XLS number has been determined:
Next Steps for XLS EditorsBefore merging this PR, please:
This comment was automatically generated. The XLS number is based on the highest existing number in the repository at the time this PR was opened. |
Correct commitment field names
|
@mrtcnk you can now update the XLS number based on the bot's comment 🙂 |
xls-draft-confidential-mpt/README.md
Outdated
| The protocol relies on a set of ZKPs to validate confidential transactions without revealing balances or transfer amounts. The following proof types are used: | ||
|
|
||
| - **Plaintext–ciphertext equality proofs:** Prove that a publicly known amount `m` is correctly encrypted. | ||
|
|
There was a problem hiding this comment.
nit: I recommend removing the spaces between these bullets for consistency/readability (same with in the other sections)
| @@ -0,0 +1,865 @@ | |||
| <pre> | |||
There was a problem hiding this comment.
Please rename the folder as per the bot comment
6 participants
Draft XLS for Confidential Multi-Purpose Tokens.
This brings the spec closer to the current implementation; follow-up PRs may address naming and minor discrepancies.