You can’t get rid of the requirement that this data be kept around. Either you implicitly have the validators keep it, which is what I assumed for simplicity, or you have the spender provide a Merkle proof, the generation of which requires access to that data set that scaled linearly with the entire block chain history. On the face of it this is a bad trade off because signers often need to be low power mobile or tamper resistant devices with limited bandwidth, whereas full validation nodes have access to high powered servers on low latency networks. A middle ground is to have a third party archivist maintain these records and provide proofs for a fee. That’s fine until running one of these becomes beyond the reach of individuals or scrappy organizations, as them you’ve introduced de facto centralized gateways.
This Merkle tree commitment approach is basically what zerocoin and zcash do — except with fancy zero knowledge proofs to achieve full cryptographic anonymity. But to make those proofs you still need the data...
This Merkle tree commitment approach is basically what zerocoin and zcash do — except with fancy zero knowledge proofs to achieve full cryptographic anonymity. But to make those proofs you still need the data...