The nullifier is a unique value calculated on the transaction input account. It is included in the public transaction portion. The nullifier depends on the input account, the intermediate key
and the account position in the Merke tree (
is intermediate nullifier hash calculated as:
There is an archive on the contract side which holds nullifiers. In the case of account double-spending the nullifiers for the same accounts will equal one another. In this case the contract will reject a second transaction with the repeated nullifier value.
A nullifier pre-image could be safely disclosed without opening any sensitive data, like an intermediate key
used for encryption and decryption. For example the nullifier disclosure could be useful in compliance reports to prove account-chain linkage.