Cryptographic commitment scheme that hides a value while allowing later verification. Computed as C = vG + rH where v is the value, r is a random blinding factor, and G/H are generator points. Used in Solana's confidential transfers (Token-2022) to hide transfer amounts while enabling balance verification through homomorphic addition.
Start with the shortest useful explanation before going deeper.
Cryptographic commitment scheme that hides a value while allowing later verification. Computed as C = vG + rH where v is the value, r is a random blinding factor, and G/H are generator points. Used in Solana's confidential transfers (Token-2022) to hide transfer amounts while enabling balance verification through homomorphic addition.
Use the quick analogy first so the term is easier to reason about when you meet it in code, docs, or prompts.
Think of it as a building block that connects one definition to the larger Solana system around it.
Place the term inside its Solana layer so the definition is easier to reason about.
Serialization, memory, data structures, and core engineering basics.
Turn the term from vocabulary into something operational for product and engineering work.
This term unlocks adjacent concepts quickly, so it works best when you treat it as a junction instead of an isolated definition.
Use this compact block when you want to give an agent or assistant grounded context without dumping the entire page.
Pedersen Commitment (pedersen-commitment) Category: Programming Fundamentals Definition: Cryptographic commitment scheme that hides a value while allowing later verification. Computed as C = vG + rH where v is the value, r is a random blinding factor, and G/H are generator points. Used in Solana's confidential transfers (Token-2022) to hide transfer amounts while enabling balance verification through homomorphic addition. Related: ElGamal Encryption, Zero-Knowledge Proofs (ZKP)
Use glossary context, relationships, mental models, and builder paths to get structured answers instead of generic chat output.
Optional: paste Anchor, Solana, or Rust code so the Copilot can map primitives back to glossary terms.
The Copilot will answer using the current term, related concepts, mental models, and the surrounding glossary graph.
These branches show which concepts this term touches directly and what sits one layer beyond them.
ElGamal encryption is a public-key cryptosystem based on the Diffie-Hellman problem over an elliptic curve group, providing additive homomorphism — meaning the encryption of a sum of values equals the product of their individual ciphertexts — which makes it suitable for confidential token balance accounting where balances can be updated without decrypting them. On Solana, the Token-2022 Confidential Transfers extension uses Twisted ElGamal encryption over the Ristretto255 curve to encrypt token balances in token accounts, so transfers update encrypted balances homomorphically while zero-knowledge range proofs (proving a balance is non-negative and a transfer amount is within bounds) prevent overdrafts without revealing any amounts. Each confidential token account stores a pending encrypted incoming balance and an available encrypted balance, and the account owner uses their ElGamal private key to decrypt and rotate balances via ZK-proof-accompanied instructions.
A zero-knowledge proof is a cryptographic protocol by which a prover convinces a verifier that a statement is true — for example, that a state transition is valid — without revealing any information beyond the truth of the statement itself, satisfying the properties of completeness, soundness, and zero-knowledge. In Solana's ecosystem, ZKPs are used by ZK Compression (via Groth16 SNARKs) to prove correct state transitions for compressed accounts without storing full account state on-chain, and by the Token-2022 Confidential Transfers extension (via ElGamal encryption and range proofs) to prove token balances are non-negative without revealing the actual amounts. Solana's BPF VM exposes the alt_bn128 elliptic curve syscall to make on-chain Groth16 proof verification computationally feasible within the 1.4M compute unit budget.
These are the next concepts worth opening if you want this term to make more sense inside a real Solana workflow.
Glossary entries become useful when they are connected. These links are the shortest path to adjacent ideas.
ElGamal encryption is a public-key cryptosystem based on the Diffie-Hellman problem over an elliptic curve group, providing additive homomorphism — meaning the encryption of a sum of values equals the product of their individual ciphertexts — which makes it suitable for confidential token balance accounting where balances can be updated without decrypting them. On Solana, the Token-2022 Confidential Transfers extension uses Twisted ElGamal encryption over the Ristretto255 curve to encrypt token balances in token accounts, so transfers update encrypted balances homomorphically while zero-knowledge range proofs (proving a balance is non-negative and a transfer amount is within bounds) prevent overdrafts without revealing any amounts. Each confidential token account stores a pending encrypted incoming balance and an available encrypted balance, and the account owner uses their ElGamal private key to decrypt and rotate balances via ZK-proof-accompanied instructions.
A zero-knowledge proof is a cryptographic protocol by which a prover convinces a verifier that a statement is true — for example, that a state transition is valid — without revealing any information beyond the truth of the statement itself, satisfying the properties of completeness, soundness, and zero-knowledge. In Solana's ecosystem, ZKPs are used by ZK Compression (via Groth16 SNARKs) to prove correct state transitions for compressed accounts without storing full account state on-chain, and by the Token-2022 Confidential Transfers extension (via ElGamal encryption and range proofs) to prove token balances are non-negative without revealing the actual amounts. Solana's BPF VM exposes the alt_bn128 elliptic curve syscall to make on-chain Groth16 proof verification computationally feasible within the 1.4M compute unit budget.
These entries live beside the current term and help the page feel like part of a larger knowledge graph instead of a dead end.
A systems programming language emphasizing memory safety, zero-cost abstractions, and concurrency without a garbage collector. Rust uses an ownership model with borrow checking at compile time to prevent data races and null pointer bugs. It is the primary language for Solana program development (via Anchor or native solana-program crate) and the Agave validator client.
A statically typed superset of JavaScript that compiles to plain JavaScript. TypeScript adds type annotations, interfaces, generics, and enums to catch errors at compile time. It is the standard language for Solana client-side development—wallet adapters, dApp frontends, test suites, and SDK interactions (web3.js, Anchor client) are typically written in TypeScript.
The ubiquitous scripting language for web development, running in browsers and Node.js. JavaScript is dynamically typed and event-driven. Most Solana dApp frontends and scripts use JavaScript/TypeScript with libraries like @solana/web3.js. Node.js enables server-side JS for backend services, indexers, and bot development.
A JavaScript runtime built on Chrome's V8 engine that enables server-side JavaScript execution. Node.js uses an event-driven, non-blocking I/O model. In the Solana ecosystem, Node.js is used for: running Anchor tests (Mocha/Jest), backend services, transaction bots, indexers, and CLI tools. npm/yarn/pnpm manage JavaScript package dependencies.