CRYPTOGRAPHIC PROOF OF LIABILITY

§101 §103

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . The following is a Final Office Action in response to communications received September 02, 2025. Claim 2, 6, 9, 13, 16 and 20 have been canceled. Claims 1, 8 and 15 have been amended. No new claims have been added. Therefore, claims 1, 3-5, 7-8, 10-12, 14-15 and 17-19 are pending and addressed below. Priority Application No. 18/208,463 filing date 06/12/2023. Applicant Name/Assignee: International Business Machines Corporation Inventor(s): Falzon, Francesca; El Khiyaoui, Kaoutar; De Caro, Angel; Androulaki, Elli Manevich, Yacov Response to Amendment/Argument Claim Rejections - 35 USC § 101 Applicant's arguments filed 09/02/2025 have been fully considered but they are not persuasive. In the remarks applicant discusses the 2019 USPTO 101 guidance 2 step analysis traversing the previous Office Action rejection incorporating all previous arguments. In the remarks applicant argues that the claimed limitations incorporate a practical application under step 2A prong 2 and 2B. Specifically, applicant recites the limitation “the vector commitment being a hiding vector commitment” and “the authentication path and the plurality of proofs over a communication network” provided to the “requesting device” and “the tree data structure” allows “for a reduction in sized of the plurality of proofs in providing proofs of liabilities”. Applicant argues the computer implemented method provides cryptographic proof of liability, with size reduction, in connection with a database in a computer network preserving the privacy of that database. Applicant argues the reduction of size effects bandwidth reduction in communication networks which is an improvement to technology. The computer security facilitated in database security also improves technology by improving the ability of a computer processor to maintain data privacy. The preserving of data privacy and reducing size of data communicated over a network and storage when the limitations are considered as a whole reflect patent eligibility under MPEP 2106.04(d)(I). Applicant points to para 0017-0023, 0069, 0075, 0099, 0119 and 0120 which express further improvement and patent eligibility. The examiner respectfully disagrees. The specification makes clear that the focus on the invention is not to reduce bandwidth in communication networks or improve the ability of computer to maintain data privacy. As discussed in the previous Office action, the specification discusses how current authentication processes provide proof of liabilities such as found in blockchain systems (para 0002). The specification discloses that applying proof of liabilities can solve solvency auditing problems (para 0048-0049) allowing financial institutes to prove that the claimed amount of financial liabilities to its customer preserving privacy. Therefore, the focus of the invention is not technology but rather an authentication process to mitigate risk. When considered in light of the specification, the claim limitations as a whole are directed toward an authentication process that applies proof of liabilities by providing a plurality of proofs over an authentication path. The specification as pointed to by the applicant includes: [0017] Advantageously, the sparse n-ary tree data structure can allow for relatively short authentication path for proof of liabilities, and thus less nodes in the path which are stored, providing for savings and efficiency in computer storage and communication network bandwidth. [0018] One or more of the following features can be separable or optional from each other. For example, at each internal node at depth d-1, Vis a vector commitment of liabilities of the leaf nodes and a sum of the liabilities. Such structure can benefit from preserving the security of information transmitted over a communication network, for example, minimizing leakage of information. [0019] In another aspect, each internal node at depth d-2 and lower can include two vector commitments <V, W>. An internal node can compactly and securely store information about its child nodes, saving computer storage space and preserving security of information. [0020] Yet in another aspect, at each internal node at depth i E [d -2], V can commit to (vo, ... , vn) where for allj E [n], v1 is a sum of values committed in a V component of a/h child node, and Vn is a sum of values ( vo, ... , Vn-1). In this way, for example, information can be compactly stored in a parent node about its child node, saving storage space in computer storage. [0021] Still yet in another aspect, W can commit to (wo, ... , Wn-1) where for allj E [n], w1 is a hash of a content of a/h child node. Advantageously, the information transmitted can be further secured. [0022] Yet in another aspect, the root node can commit to vector (vo, ... ,vn), Vn being a sum of all values stored in non-empty leaf nodes of the tree data structure. In this way, the root node can compactly store information about its non-empty leaf nodes, providing efficient computer storage when saving the root node. [0023] In another aspect, the method can further include batching the plurality of proofs along the authentication path. In this way, for example, computer processing can be optimized, allowing a computer processor to perform the proof of liabilities computations more efficiently. [0069] The method in an aspect can also provide for security and privacy guarantees. The soundness of the PoL scheme directly follows from the binding property of the vector commitments and the soundness of the opening equality and sum arguments and range proofs. Additionally, the hiding property of the vector commitments and the zero-knowledge property of the arguments guarantee the privacy of user liabilities. The history independence of the sparse Verkle tree ensures that the construction does not leak any information about the size of the prover's database. [0075] In an aspect, using the SSVT, privacy can be provided for both the prover and verifiers. Sparse Summation Verkle Tree (SSVT) data structure can hide the number of users while shortening the authentication path. An SSVT is a modified sparse Merkle tree in which each internal node contains vector commitments to its children and whose root node contains a commitment to the values of the leaves of the tree, e.g., the sum of all the leaves in the tree. Briefly, a Merkle tree is a binary tree (2-ary structure) whose inner nodes contain a hash to their respective children. The SSVT can be of intractable size, yet it can still be represented compactly by only storing the nodes along the paths from leaf nodes of actual users to the root. SSVTs support ary n 2 2, thus hiding the total number of users while ensuring short authentication paths. [0099] Cryptographic proof of liability described herein can be secure and privacy-preserving. In an aspect, in the cryptographic proof of liability implemented using a sparse Verkle tree described here, an adversary does not learn the size of the prover's database DB. The following illustrates additional details of cryptographic proof of liability in one or more embodiments, e.g., the hiding vector commitments introduced, and tailor-made range proofs, opening equality arguments and sum arguments. Together, these primitives can keep the proofs of liabilities short. [00119] In an embodiment, a PoL scheme can implement following operations in its algorithm. • (PD, SD) ~ $ Setup(l K, DB) is a probabilistic polynomial-time algorithm executed by prover P that takes as input a security parameter K and a database DB = { ( idu, f u) }uE'U, comprising of an identifier-liability pair for each user u E 'U. It outputs public data PD and secret data SD only known to P. • (TI, L) ~ ProveTot(DB,SD) is a polynomial-time algorithm executed by P at the behest of an authorized auditor if the scheme calls for one. It takes as input the database DB and P's secret data SD. It outputs the total liability L and associated proof TI. • b ~ VerifyTot(PD,L, TI). Given the total liabilities Land its associated proof TI, an authorized auditor can inspect the validity of L according to the public data PD. The polynomialtime algorithm returns 1 if the verification succeeds and 0 otherwise. • n ~ Prove(DB,SD, id) is a polynomial time algorithm executed by P. It takes as input the database DB, P's secret data SD, and a user ID id. It outputs a proof rr indicating the inclusion of P's liabilities to the user in the total liabilities. • b ~ Verify(PD, id, f, n) is a polynomial-time algorithm executed by the user. It takes as input the public data PD, the user's ID id, P's liabilities to the user f, and the associated proof of inclusion rr. It returns 1 if verification succeeds and O otherwise. [00120] In one or more embodiments, a fully-private decentralized PoL scheme is provided with short proofs that leaks only the size of the user universe. Such scheme can be achieved through the use of sparse summation Verkle trees together with tailor-made zero-knowledge arguments that enable users to verify the inclusion of their individual liabilities without compromising their privacy or the privacy of the party holding the liabilities. The specification merely describes the known features of applying n-ary sparse merkle trees for an authentication process. The specification is silent with respect improving any underlying technology or hashing process or tree matrices. Under step 2a prong 2 and 2B, improvement to technology is not applying technology in its ordinary capacity in order to perform an abstract idea. It is known in the art that sparse merkle trees provide a cryptographic hash function (protect data privacy) when being applied in verifiable audit paths and that the use of sparse merkle trees provide efficient caching strategies in limits amount of space for the cache The evidence of such known features which include encryption and use of smaller data caches when using n-ary merkle trees can be found in the articles below. (see Article “efficient sparse merkle trees: caching strategies and secure (non-) membership proofs” by Dahlberg et al (2016) Abstract A sparse Merkle tree is an authenticated data structure based on a perfect Merkle tree of intractable size. It contains a distinct leaf for every possible output from a cryptographic hash function, and can be simulated efficiently because the tree is sparse (i.e., most leaves are empty). We are the first to provide complete, succinct, and recursive definitions of a sparse Merkle tree and related operations. We show that our definitions enable efficient space-time trade-offs for different caching strategies, and that verifiable audit paths can be generated to prove (non-)membership in practically constant time (<4 ms) when using SHA-512/256. This is despite a limited amount of space for the cache---smaller than the size of the underlying data structure being authenticated---and full (concrete) security in the multi-instance setting. A nary Merkle tree is a mathematical concept. It is a type of hash tree where eac node can have an arbitrary number of children, unlike the binary Merkle tree where each node has two children/ This allows for a more flexible structure that can be adapted to different data sizes and distribution patterns. The mathematical properties of hash functions, such as irreversibility and collision resistance, are still applicable to nary Merkle trees, ensuring their use in cryptographic applications See also article “Sparsity and Structured Matrices: Lecture 14 – fall 2017” by Cornell Edu slide 2-3, slide 9; “Reducing Memory Requirements with Sparse data Structures” by czechthedata (2023) “Using sparse data structures can vastly reduce memory requirements. Sparse data refers to data where most entries are zero, while dense data contains a higher proportion of non-zero values. To manage sparse data effectively, it is best stored as a sparse matrix. “: see “Rule of thumb for sparse vs dense matrix storage” by Stackexchange (2018). The use of such known technology in order to provide efficient storage is merely applying known technology in an authentication process in its ordinary capacity, taking advantage of the known effects of using such technology is not an improvement to technology. Applicant’s limitations and specification do not attempt to improve upon the ability of communication networks broadband or improve upon the ability of databases to store data, the use of sparse nary trees merely applies a specific mathematical process in order to store only non-zero values in an authentication process, the encryption of the data in such mathematical processes is not an improvement but rather the standard in such use of technology. The rejection is maintained. In the remarks applicant argues that the claimed limitations which require 4-5 references when combined offer evidence as to the unconventional technology and the significantly more than any alleged abstract idea in the claim limitations. Applicant’s argument is not persuasive. Novelty alone is not sufficient to provide patent eligibility. As discussed above in argument 2, the application of nary sparse merkle trees for use in authentication and encryption of data is known application of such mathematical concepts. The rejection is maintained. Claim Rejections - 35 USC § 103 Based on the amendment “at least one of the plurality of proofs is a proof that C is a commitment in a list where the value at ith position is v,”, the 103 rejection is withdrawn, as the prior art references do not teach the limitation “commitment in a list of where the value at ith positions is v, (vector,) “ Claim Interpretation The examiner is interpreting the “hiding vector” to be as defined in the specification “A vector commitment is hiding if it does not leak any information about the committed vector.” (para 0054) Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1, 3-5, 7-9, 10-12, 14-15 and 17-19 are rejected under 35 U.S.C. § 101 because the instant application is directed to non-patentable subject matter. Specifically, the claims are directed toward at least one judicial exception without reciting additional elements that amount to significantly more than the judicial exception. The rationale for this determination is in accordance with the guidelines of USPTO, applies to all statutory categories, and is explained in detail below. In reference to claims 1, 3-5 and 7: STEP 1. Per Step 1 of the two-step analysis, the claims are determined to include a method, as in independent Claim 1 and the dependent claims. Such methods fall under the statutory category of "process." Therefore, the claims are directed to a statutory eligibility category. STEP 2A Prong 1. The claimed invention is directed to an abstract idea without significantly more. Method claim 1 steps to provide authentication the steps comprise (1) generating tree data structure having root and leaf nodes 2) mapping liability for each user to a user leaf node with vector commitments of the tree with root node containing sum of all leaf nodes 3) receiving a query 4) generating an authentication path along tree data structure with proofs authenticating path where each entry in the vectors along path is positive and a sum associated with a vector in each node along the path is entry in parent node vector (5) providing authentication path and proofs over a network.(6) root node commitment published to public bulletin board (7) user associated with requesting device, liability and proofs and (8) tree data structure allowing reduction in size of proofs. The claimed limitations which under its broadest reasonable interpretation, covers performance of the limitation in the mind. The claim limitations provide no positive recitation of any technology performing any functions. The current limitations under the broadest reasonable interpretation is directed toward mathematical concepts. This is because the application of verkle trees and vectoring nodes in a tree structure is a mathematical concept. As the vectors of the entries in each node represents mathematical expressions. Accordingly the limitations (1) generating tree data structure having root and leaf nodes 2) mapping liability for each user to a user leaf node with vector commitments of the tree with root node containing sum of all leaf nodes and 4) generating an authentication path along tree data structure with proofs authenticating path where each entry in the vectors along path is positive and a sum associated with a vector in each node along the path is entry in parent node vector is directed toward mathematical concepts. The specification discusses how current authentication processes provide proof of liabilities such as found in blockchain systems (para 0002). The specification discloses that applying proof of liabilities can solve solvency auditing problems (para 0048-0049) allowing financial institutes to prove that the claimed amount of financial liabilities to its customer preserving privacy. Therefore, the focus of the invention is not technology but rather an authentication process to mitigate risk. When considered in light of the specification, the claim limitations as a whole are directed toward an authentication process that applies proof of liabilities by providing a plurality of proofs over an authentication path. Such processes are found in the abstract category of mitigation of risk a fundamental economic practice. These concepts are enumerated in Section I of the 2019 revised patent subject matter eligibility guidance published in the federal register (84 FR 50) on January 7, 2019) is directed toward abstract category of mathematical concepts and methods of organizing human activity. STEP 2A Prong 2: The identified judicial exception is not integrated into a practical application because the claims recite a process by a system to (1) generating tree data structure having root and leaf nodes -directed toward a business process of organizing data according to a paradigm and mathematical concepts 2) mapping liability for each user to a user leaf node with vector commitments of the tree with root node containing sum of all leaf nodes – data organization for a business process 3) receiving a query-insignificant extra solution activity 4) generating an authentication path along tree data structure with proofs authenticating path where each entry in the vectors along path is positive and a sum associated with a vector in each node along the path is entry in parent node vector -directed toward applying elements for authentication and data manipulation – – directed toward mitigation of risk and mathematical concepts 5) providing authentication path and proofs over a network- insignificant extra solution activity of providing results of authentication and proofs. The limitations “vector commitment being a hiding vector commitment” and “at least one of the plurality of proofs is a proof that C is a commitment to a list where a value at ith position is V” is not a step but instead limits the proof. The wherein clause does not further limit the providing step of an authentication and proofs over a network, but instead further limits the data provided and limits a mathematical formula that is not relevant to the providing process of an authentication path and proofs over a network. (6) root node commitment published to public bulletin board-directed toward insignificant extra solution activity (7) user associated with requesting device, liability and proofs-transaction and authentication practice and (8) tree data structure allowing reduction in size of proofs.-mathematical concepts. For data, mere “manipulation” of basic mathematical constructs [i.e.,] the paradigmatic ‘abstract idea,’" has not been deemed a transformation. CyberSource v. Retail Decisions, 654 F.3d 1366, 1372 n.2, 99 USPQ2d 1690, 1695 n.2 (Fed. Cir. 2011) (quoting In re Warmerdam, 33 F.3d 1354, 1355, 1360 (Fed. Cir. 1994). Whether the transformation is extra-solution activity or a field-of-use (i.e., the extent to which (or how) the transformation imposes meaningful limits on the execution of the claimed method steps). A transformation that contributes only nominally or insignificantly to the execution of the claimed method (e.g., in a data gathering step or in a field-of-use limitation) would not provide significantly more (or integrate a judicial exception into a practical application). Mayo, 566 U.S. at 76, 101 USPQ2d at 1967. The Supreme Court disagreed, finding that this step was only a field-of-use limitation and did not provide significantly more than the judicial exception. Id. See MPEP § 2106.05(g) & (h). The functions are is recited at a high-level of generality such that it amounts to no more than applying the exception using generic computer components. Taking the claim elements separately, the operation performed by the method at each step of the process is purely in terms of results desired and devoid of implementation of details. This is true with respect to the limitations “generating a tree data structure”, “mapping a liability” or “generating an authentication path” as the claimed limitations do not provide any technology to perform the recited functions. Technology is not integral to the process as the claimed subject matter is so high level that any generic process could be applied and the steps could be performed by any known means. Furthermore, the claimed functions do not provide an operation that could be considered as sufficient to provide a technological implementation or application of/or improvement to this concept (i.e. integrated into a practical application). The specification para 0073-0076 is discloses a proof of liabilities process by shortening of user authentication path by only storing nodes along paths of actual users to the root nary- which is merely applying technology to only considering from a total number of users (accounts) only considering the path of actual users in the authentication process. The purpose of this process is not to improve blockchain technology but rather in a cryptographic proof of liability implement a sparse (smaller) tree related to proof size where only the actual user data is in the proof tree. This is merely applying technology to reduce data for consideration in the proof of liabilities process in order to mitigate risk. When the claims are taken as a whole, as an ordered combination, the limitations 1 and combination of limitations 3 and 6 are directed toward insignificant extra solution intermediate activity of data transmission and outputting the result respectively related to authentication activity of business practice – a common business practice. The combination of limitations 1-2 is directed toward organizing data in a tree structure (see MPEP 2106.05 (c)). The combination of limitations 4 and 1-2 is directed toward generating an authentication path with proofs where each entry in vectors of the authentication path is positive (correct) and the sum of the vectors in each node is an entry in a parent vector with respect to the combination of limitations 1-2 – an authentication process to mitigate risk. The wherein clause does not further limit the providing step process of an authentication and proofs over a network, but instead further limits the data content provided over a communication network. The wherein clause does not further limit the providing step of an authentication and proofs over a network, instead limits a mathematical formula that is not relevant to the providing process of an authentication path and proofs over a network. The combination of limitations 1-5 and 6 is directed toward communication of entries. The specification discloses Public Bulletin Board details as a means to provide information for viewing to all entities. [0043] A public bulletin board (PBB) provides the same view to all entities (i.e., consensus). The PBB may be instantiated using a blockchain that one can read from or write to. The public data (PD) computed at setup is published in the PBB, ensuring thus, that all users in a set of users (e.g., U) have the same view of the public data PD. The claim limitations and specification do not provide any indication that the tree structure of liabilities mapped or the generating an authentication path of vector nodes are related to technology or the improvement thereof in any way. The claim limitations are silent with respect to technology and therefore, cannot impose meaningful limits upon the identified abstract idea. The limitations are performed at a high level of generality without any specifics on how as a technical process the limitations are performed. The limitations only recite outcomes “generating …tree”, “mapping …nodes”, “generating …paths”, “commitment is published to a public bulletin board” without any details on how the outcomes are accomplished. The combinations of parts is not directed toward any technical process or technological technique or technological solution to a problem rooted in technology. In addition, when the claims are taken as a whole, as an ordered combination, the combination of steps not integrate the judicial exception into a practical application as the claim process fails to impose meaningful limits upon the abstract idea. This is because the claimed subject matter fails to provide additional elements or combination or elements to apply or use the judicial exception in a manner that imposes a meaningful limit on the judicial exception. The functions recited in the claims recite the concept of manipulating data by applying vectors to entries to child nodes of a parent node of a data tree structure, where an authentication path can be generated with liability proofs in order to mitigate risk which is a process directed toward a business practice. The integration of elements do not improve upon technology or improve upon computer functionality or capability in how computers carry out one of their basic functions. The integration of elements do not provide a process that allows computers to perform functions that previously could not be performed. The integration of elements do not provide a process which applies a relationship to apply a new way of using an application. The instant application, therefore, still appears only to implement the abstract idea to the particular technological environments apply what generic computer functionality in the related arts. The steps are still a combination made to manipulate data into a tree nodal structure in order to generate an authentication path with liability proofs of each vector of child nodes in order to mitigate risk and does not provide any of the determined indications of patent eligibility set forth in the 2019 USPTO 101 guidance. The additional steps only add to those abstract ideas using generic functions, and the claims do not show improved ways of, for example, an particular technical function for performing the abstract idea that imposes meaningful limits upon the abstract idea. Moreover, Examiner was not able to identify any specific technological processes that goes beyond merely confining the abstract idea in a particular technological environment, which, when considered in the ordered combination with the other steps, could have transformed the nature of the abstract idea previously identified. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. STEP 2B; The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because as discussed above with respect to concepts of the abstract idea into a practical application. This is because the claim limitations fail to recite any additional elements beyond the abstract idea. [0043] A public bulletin board (PBB) provides the same view to all entities (i.e., consensus). The PBB may be instantiated using a blockchain that one can read from or write to. The public data (PD) computed at setup is published in the PBB, ensuring thus, that all users in a set of users (e.g., U) have the same view of the public data PD. With respect to applying nary merkle processes for encryption and for reducing storage requirements the Office Action provides: “Efficient sparse merkle trees: caching strategies and secure (non-) membership proofs” by Dahlberg et al (2016) Abstract A sparse Merkle tree is an authenticated data structure based on a perfect Merkle tree of intractable size. It contains a distinct leaf for every possible output from a cryptographic hash function, and can be simulated efficiently because the tree is sparse (i.e., most leaves are empty). We are the first to provide complete, succinct, and recursive definitions of a sparse Merkle tree and related operations. We show that our definitions enable efficient space-time trade-offs for different caching strategies, and that verifiable audit paths can be generated to prove (non-)membership in practically constant time (<4 ms) when using SHA-512/256. This is despite a limited amount of space for the cache---smaller than the size of the underlying data structure being authenticated---and full (concrete) security in the multi-instance setting. A nary Merkle tree is a mathematical concept. It is a type of hash tree where eac node can have an arbitrary number of children, unlike the binary Merkle tree where each node has two children/ This allows for a more flexible structure that can be adapted to different data sizes and distribution patterns. The mathematical properties of hash functions, such as irreversibility and collision resistance, are still applicable to nary Merkle trees, ensuring their use in cryptographic applications See also article “Sparsity and Structured Matrices: Lecture 14 – fall 2017” by Cornell Edu slide 2-3, slide 9; “Reducing Memory Requirements with Sparse data Structures” by czechthedata (2023) “Using sparse data structures can vastly reduce memory requirements. Sparse data refers to data where most entries are zero, while dense data contains a higher proportion of non-zero values. To manage sparse data effectively, it is best stored as a sparse matrix.”: see “Rule of thumb for sparse vs dense matrix storage” by Stackexchange (2018). The use of such known technology in order to provide efficient storage is merely applying known technology in an authentication process in its ordinary capacity, taking advantage of the known effects of using such technology is not unconventional application of known technology. Merkle Trees by Chumbley et al. The remaining dependent claims—which impose additional limitations—also fail to claim patent-eligible subject matter because the limitations cannot be considered statutory. In reference to claims 3-5 and 7 these dependent claim have also been reviewed with the same analysis as independent claim 1. Dependent claims 3-4 are directed toward vectors of nodes-mathematical concepts. Dependent claim 5 is directed toward is directed toward mathematical concepts. Dependent claim 7 is directed toward risk mitigation. The dependent claim(s) have been examined individually and in combination with the preceding claims, however they do not cure the deficiencies of claim 1. Where all claims are directed to the same abstract idea, “addressing each claim of the asserted patents [is] unnecessary.” Content Extraction & Transmission LLC v. Wells Fargo Bank, Nat 7 Ass ’n, 776 F.3d 1343, 1348 (Fed. Cir. 2014). If applicant believes the dependent claims 3-5 and 7 are directed towards patent eligible subject matter, they are invited to point out the specific limitations in the claim that are directed towards patent eligible subject matter. In reference to claims 8, 10-12 and 14: STEP 1. Per Step 1 of the two-step analysis, the claims are determined to include a non-transitory computer program, as in independent Claim 8 and the dependent claims. Such mediums fall under the statutory category of "manufacture." Therefore, the claims are directed to a statutory eligibility category. STEP 2A Prong 1. Method claim 8 corresponds to system claim 1. Therefore, claim 8 has been analyzed and rejected as being directed toward an abstract idea of the categories of concepts directed toward mathematical concepts and methods of organizing human activity previously discussed with respect to claim 1. STEP 2A Prong 2: The identified judicial exception is not integrated into a practical application because the claims recite a process by a system to (1) generating tree data structure having root and leaf nodes -directed toward a business process of organizing data according to a paradigm and mathematical concepts 2) mapping liability for each user to a user leaf node with vector commitments of the tree with root node containing sum of all leaf nodes – data organization for a business process 3) receiving a query-insignificant extra solution activity 4) generating an authentication path along tree data structure with proofs authenticating path where each entry in the vectors along path is positive and a sum associated with a vector in each node along the path is entry in parent node vector -directed toward applying elements for authentication and data manipulation – – directed toward mitigation of risk and mathematical concepts 5) providing authentication path and proofs over a network- insignificant extra solution activity. .(6) root node commitment published to public bulletin board-insignificant extra solution activity (7) user associated with requesting device, liability and proofs- transaction and authentication process and (8) tree data structure allowing reduction in size of proofs.-mathematical concepts The limitations “vector commitment being a hiding vector commitment” and “at least one of the plurality of proofs is a proof that C is a commitment to a list where a value at ith position is V” is not a step but instead limits the proof. For data, mere “manipulation” of basic mathematical constructs [i.e.,] the paradigmatic ‘abstract idea,’" has not been deemed a transformation. CyberSource v. Retail Decisions, 654 F.3d 1366, 1372 n.2, 99 USPQ2d 1690, 1695 n.2 (Fed. Cir. 2011) (quoting In re Warmerdam, 33 F.3d 1354, 1355, 1360 (Fed. Cir. 1994). Whether the transformation is extra-solution activity or a field-of-use (i.e., the extent to which (or how) the transformation imposes meaningful limits on the execution of the claimed method steps). A transformation that contributes only nominally or insignificantly to the execution of the claimed method (e.g., in a data gathering step or in a field-of-use limitation) would not provide significantly more (or integrate a judicial exception into a practical application). Mayo, 566 U.S. at 76, 101 USPQ2d at 1967. The Supreme Court disagreed, finding that this step was only a field-of-use limitation and did not provide significantly more than the judicial exception. Id. See MPEP § 2106.05(g) & (h) The functions are recited at a high-level of generality such that it amounts to no more than applying the exception using generic computer components. Taking the claim elements separately, the operation performed by the method at each step of the process is purely in terms of results desired and devoid of implementation of details. This is true with respect to the limitations “generating a tree data structure”, “mapping a liability” or “generating an authentication path” as the claimed limitations do not provide any technology to perform the recited functions. Technology is not integral to the process as the claimed subject matter is so high level that any generic process could be applied and the steps could be performed by any known means. Furthermore, the claimed functions do not provide an operation that could be considered as sufficient to provide a technological implementation or application of/or improvement to this concept (i.e. integrated into a practical application). When the claims are taken as a whole, as an ordered combination, the limitations 1 and combination of limitations 3 and 6 are directed toward insignificant extra solution intermediate activity of data transmission and outputting the result respectively related to authentication activity of business practice – a common business practice. The combination of limitations 1-2 is directed toward organizing data in a tree structure (see MPEP 2106.05 (c)). The combination of limitations 4 and 1-2 is directed toward generating an authentication path with proofs where each entry in vectors of the authentication path is positive (correct) and the sum of the vectors in each node is an entry in a parent vector with respect to the combination of limitations 1-2 – an authentication process to mitigate risk. The wherein clause does not further limit the providing step process of an authentication and proofs over a network, but instead further limits the data content provided over a communication network. The wherein clause does not further limit the providing step of an authentication and proofs over a network, instead limits a mathematical formula that is not relevant to the providing process of an authentication path and proofs over a network. The combination of limitations 1-5 and 6 is directed toward communicating the commitment that is limited according to limitation 7 user device and user liability. The claim limitations and specification do not provide any indication that the tree structure of liabilities mapped or the generating an authentication path of vector nodes are related to technology or the improvement thereof in any way. The claim limitations recite generic technology without any details that go beyond performing the abstract idea and therefore, cannot impose meaningful limits upon the identified abstract idea. The limitations are performed at a high level of generality without any specifics on how as a technical process the limitations are performed. The limitations only recite outcomes “generating …tree”, “mapping …nodes”, “generating …paths” without any details on how the outcomes are accomplished. The combinations of parts are not directed toward any technical process or technological technique or technological solution to a problem rooted in technology. In addition, when the claims are taken as a whole, as an ordered combination, the combination of steps not integrate the judicial exception into a practical application as the claim process fails to impose meaningful limits upon the abstract idea. This is because the claimed subject matter fails to provide additional elements or combination or elements to apply or use the judicial exception in a manner that imposes a meaningful limit on the judicial exception. The functions recited in the claims recite the concept of manipulating data by applying vectors to entries to child nodes of a parent node of a data tree structure, where an authentication path can be generated with liability proofs in order to mitigate risk which is a process directed toward a business practice. The additional elements in the claimed limitations “computer program product comprising a computer readable storage medium having programmed instructions readable by a device to perform the instructions corresponding to the steps of method claim 1 do not impose meaningful limits upon the abstract idea. The limitations as discussed above are performed at a high level of generality and amounts to no more than mere instructions to apply the exception using a generic device. The specification para 0073-0076 discloses a proof of liabilities process by shortening of user authentication path by only storing nodes along paths of actual users to the root nary- which is merely applying technology to only considering from a total number of users (accounts) only considering the path of actual users in the authentication process. The purpose of this process is not to improve blockchain technology but rather in a cryptographic proof of liability implement a sparse (smaller) tree related to proof size where only the actual user data is in the proof tree. This is merely applying technology to reduce data for consideration in the proof of liabilities process in order to mitigate risk. The integration of elements do not improve upon technology or improve upon computer functionality or capability in how computers carry out one of their basic functions. The integration of elements do not provide a process that allows computers to perform functions that previously could not be performed. The integration of elements do not provide a process which applies a relationship to apply a new way of using an application. The instant application, therefore, still appears only to implement the abstract idea to the particular technological environments apply what generic computer functionality in the related arts. The steps are still a combination made to manipulate data into a tree nodal structure in order to generate an authentication path with liability proofs of each vector of child nodes in order to mitigate risk and does not provide any of the determined indications of patent eligibility set forth in the 2019 USPTO 101 guidance. The additional steps only add to those abstract ideas using generic functions, and the claims do not show improved ways of, for example, an particular technical function for performing the abstract idea that imposes meaningful limits upon the abstract idea. Moreover, Examiner was not able to identify any specific technological processes that goes beyond merely confining the abstract idea in a particular technological environment, which, when considered in the ordered combination with the other steps, could have transformed the nature of the abstract idea previously identified. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. STEP 2B; The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because as discussed above with respect to concepts of the abstract idea into a practical application. The additional elements beyond the abstract idea include a computer program product having instructions readable by a device for the device to perform the instructions corresponding to the steps of method claim 1–is purely functional and generic. Nearly every device using instructions for implementing a method is capable of generating tree data structure, mapping data, receiving query, generate authentication path and providing results” - As a result, none of the instruction performed by the device recited by the program claims offers a meaningful limitation beyond generally linking the use of the method to a particular technological environment, that is, implementation via computers. The instructions of computer program 8 corresponds to steps of claim 1. Therefore, claim 8 has been analyzed and rejected as failing to provide additional elements that amount to an inventive concept –i.e. significantly more than the recited judicial exception. Furthermore, as previously discussed with respect to claim 1, the limitations when considered individually, as a combination of parts or as a whole fail to provide any indication that the elements recited are unconventional or otherwise more than what is well understood, conventional, routine activity in the field. According to 2106.05 well-understood and routine processes to perform the abstract idea is not sufficient to transform the claim into patent eligibility. As evidence the examiner provides: [0023] In another aspect, the method can further include batching the plurality of proofs along the authentication path. In this way, for example, computer processing can be optimized, allowing a computer processor to perform the proof of liabilities computations more efficiently. [0024] A system including at least one computer processor and at least one memory device coupled with the at least one computer processor can be provided, where the at least one computer processor can be configured to perform the method described above. A computer program product that includes a computer readable storage medium having program instructions embodied therewith, the program instructions readable by a device to cause the device to perform the above-described method can also be provided. [0026] A computer program product embodiment ("CPP embodiment" or "CPP") is a term used in the present disclosure to describe any set of one, or more, storage media ( also called "mediums") collectively included in a set of one, or more, storage devices that collectively include machine readable code corresponding to instructions and/or data for performing computer operations specified in a given CPP claim. A "storage device" is any tangible device that can retain and store instructions for use by a computer processor. Without limitation, the computer readable storage medium may be an electronic storage medium, a magnetic storage medium, an optical storage medium, an electromagnetic storage medium, a semiconductor storage medium, a mechanical storage medium, or any suitable combination of the foregoing. Some known types of storage devices that include these mediums include: diskette, hard disk, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or Flash memory), static random access memory (SRAM), compact disc read only memory (CD-ROM), digital versatile disk (DVD), memory stick, floppy disk, mechanically encoded device (such as punch cards or pits/ lands formed in a major surface of a disc) or any suitable combination of the foregoing. A computer readable storage medium, as that term is used in the present disclosure, is not to be construed as storage in the form of transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide, light pulses passing through a fiber optic cable, electrical signals communicated through a wire, and/or other transmission media. As will be understood by those of skill in the art, data is typically moved at some occasional points in time during normal operations of a storage device, such as during access, defragmentation or garbage collection… [0043] A public bulletin board (PBB) provides the same view to all entities (i.e., consensus). The PBB may be instantiated using a blockchain that one can read from or write to. The public data (PD) computed at setup is published in the PBB, ensuring thus, that all users in a set of users (e.g., U) have the same view of the public data PD. With respect to the mathematical process claimed evidence includes: Verkle Trie Structure by Ethereum Foundation (Year: 2021); Hyperproofs: Aggregating and Maintaining Proofs in Vector Commitments by Srnivasan et al (Year: 2021); Take a Deep Dive Into Verkle Tree For Ethereum by Sin7Y (Year: 2022); Verkle Trees by John Kuszmaul (Year: 2021); N-ary Tree Data Structure by enjoyalgorithms (Year: 2022); 10.3: Rooted Trees by Mathematics Libre Texts (Year: 2022). With respect to applying nary merkle processes for encryption and for reducing storage requirements the Office Action provides: “Efficient sparse merkle trees: caching strategies and secure (non-) membership proofs” by Dahlberg et al (2016) Abstract A sparse Merkle tree is an authenticated data structure based on a perfect Merkle tree of intractable size. It contains a distinct leaf for every possible output from a cryptographic hash function, and can be simulated efficiently because the tree is sparse (i.e., most leaves are empty). We are the first to provide complete, succinct, and recursive definitions of a sparse Merkle tree and related operations. We show that our definitions enable efficient space-time trade-offs for different caching strategies, and that verifiable audit paths can be generated to prove (non-)membership in practically constant time (<4 ms) when using SHA-512/256. This is despite a limited amount of space for the cache---smaller than the size of the underlying data structure being authenticated---and full (concrete) security in the multi-instance setting. A nary Merkle tree is a mathematical concept. It is a type of hash tree where eac node can have an arbitrary number of children, unlike the binary Merkle tree where each node has two children/ This allows for a more flexible structure that can be adapted to different data sizes and distribution patterns. The mathematical properties of hash functions, such as irreversibility and collision resistance, are still applicable to nary Merkle trees, ensuring their use in cryptographic applications See also article “Sparsity and Structured Matrices: Lecture 14 – fall 2017” by Cornell Edu slide 2-3, slide 9; “Reducing Memory Requirements with Sparse data Structures” by czechthedata (2023) “Using sparse data structures can vastly reduce memory requirements. Sparse data refers to data where most entries are zero, while dense data contains a higher proportion of non-zero values.