Please note that the Discreet Network is still in testnet, endpoints are subject to change.



A block in a blockchain represents a single unit of data used for the consensus mechanism, containing an ordered list of transactions. A block references a previous block (except for the genesis block, the canonical first block) to form the blockchain, thereby ensuring a total ordering of transactions. In Discreet's testnet, blocks are signed by the minter.


A blockchain refers to a collection of ordered blocks meant to represent a total ordering of transactions in some distributed state over a network. Blocks in the blockchain refer only to their previous block and their position (block height) to create the structure.


A wallet is a special structure representing a set of wallet addresses, called accounts by the GUI, in the daemon. The wallet contains information called entropy to encrypt sensitive data for each address contained within it. This entropy is also used to generate addresses deterministically, for easier recovery of funds. The entropy is encrypted with a password, and the password is never stored (even as a full hash!) anywhere on disk.

Wallet Address (Account)

Much like a bank account, a wallet address, or account, is used for sending and receiving assets on the Discreet network. The wallet address exists inside of a user-owned wallet. Wallet addresses can be created deterministically from the wallet entropy, or be imported from a hexadecimal string or mnemonic.

Accounts/wallet addresses come in two varieties: private and public. Private addresses are Monero-style addresses that use dual-key stealth address protocol for spending coins, and are constructed from a spend and view key. Public addresses are Bitcoin-style addresses that are constructed from a single key pair.

Wallet addresses can be represented by their address string, which is shared to others to receive coins.

Private/Public Key

Cryptocurrencies generally use a specific version of public key cryptography called elliptic curve cryptography. Private keys are essentially random 256-bit values, with the public keys being created from their corresponding private keys. The private key is sensitive, and this is never shared, while the public key can be shared to the network.

In Discreet, addresses are constructed from public keys. Private keys are involved with the spending of assets from both private and public wallet addresses, and for viewing balances for private ones.

Address String

Address strings represent destinations for sending coins in the Discreet network. For public wallet addresses, the address string is constructed from a hash of the public key. For private wallet addresses, the address string is directly constructed from the public spend and view keys.

Spend and View Keys

For private wallet addresses, a protocol is used for the spending of funds without revealing the user's identity called the Dual-Key Stealth Address Protocol (DKSAP). This ensures the user can spend funds without leaking their identity, and is used in conjunction with Triptych signatures to provide full anonymity.

These spend and view keys are both key pairs. Both public keys are used to create the address string, while the private keys control access to viewing the balance of (private view key) and spending the assets in (private spend key) a wallet address.


Signatures represent a "proof of ownership" for a transaction to verify that a user actually did own the funds necessary to spend them. For public assets, these are simply EdDSA signatures, while for private ones, a combined membership proof and ownership proof is used, called Triptych.


A bulletproof is a special kind of proof used in private transactions. Due to the nature of how confidentiality is achieved for private outputs, a range proof must be used to prevent the creation of new coins via integer overflow.

Range proofs for Discreet prove that the coins in a private output lie in the range [0, 2^63 - 1]. This is fine for balance checks since the arithmetic is done over the scalar field, where the scalar is much larger than 2^63-1. The range proof used by Discreet is Bulletproof+, an efficient improvement of the original Bulletproof specification.

Transaction Outputs (UTXOs)

Transaction outputs, or UTXOs, are the actual outputs of a transaction. They can be separated into two types, depending on whether or not they contain private or public assets.

Private UTXOs contain a one-time destination address used to spend the coins, and a commitment which is used to keep the coins in the UTXO confidential, i.e. without revealing the number of coins.

For more information, visit the FAQ.


A transaction is an atomic value transfer in the Discreet network. Each input is signed by the owner (in a way that prevents transaction malleability), and the total coins spent and received must balance, except in the case of a coinbase transaction.

Transactions in the Discreet network currently come in four varieties: coinbase, private, transparent, and mixed.

Coinbase Transaction

A coinbase transaction is a private transaction with one private output and zero inputs. It is created as a block reward when a head block in a consensus round is added to the network, and paid out to the miner of the block. This is how new coins are added to the network.

Private Transaction

A private transaction facilitates a value transfer of private assets between private wallet addresses on the Discreet network. They preserve anonymity and confidentiality for the end users, and thus provide full privacy.

Transparent Transaction

Transparent transactions are the counterpart to private transactions. They facilitate a value transfer of public assets between public wallet addresses on the Discreet network. They only provide privacy in the form of pseudonymity, much like the case for Bitcoin.

Mixed Transaction

Mixed transactions are a mix of private and transparent transactions. They facilitate a value transfer of any asset between any type of wallet address on the Discreet network.


The WalletDB is a component within the daemon responsible for storing information regarding the state of wallets, with the counterpart for storing blockchain information called the DisDB. Information within the WalletDB is stored encrypted on disk since it contains sensitive information which could be used by attackers to deanonymize or even spend your assets.