Skip to main content


The note specifies an available user's assets. It indicates that an asset is held by the owner of the spending key σ\sigmawhich was used to derive the private address.

A private address is a value strictly associated with the user account. It consists of:

  1. a random value called a diversifier and
  2. a diversified public key derived from the diversifier using the spending key.

The note is created by the asset sender. A note and its hash are placed in transaction.

A note is a tuple (d,Pd,b,t)(d, P_d, b, t)where

  • dd (10 bytes) is a diversifier (a random value generated by a note owner)
  • PdP_d (32 bytes) is diversified public key (a value derived from the dd and spending key σ\sigma)
  • bb(8 bytes) is a note balance (an asset amount transferred by this note)
  • tt(10 bytes) is a salt. Since the transaction contains note hashes we must use a random salt to hide notes with the same owners and balances.

Due to the private nature of transactions, all notes are encrypted. They can be decrypted by a sender or receiver (note owner) only.

The sender decrypts notes to obtain the outcome transaction history. The note receiver (owner) can decrypt it with the spending key σ\sigma which was used to generate a private address (d,Pd)(d, P_d)specified in the note.


Zero note

There is an additional state for the note. When a user creates a transaction one or more zero output notes may be created. They will be ignored during transaction parsing. In such a note all fields are zero.