DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
CONTINUATION
This application is a continuation application of U.S. application no. 18/966,570 filed on December 3, 2024, now U.S. Patent 12,462,253 (“Parent Application”). See MPEP §201.07. In accordance with MPEP §609.02 A. 2 and MPEP §2001.06(b) (last paragraph), the Examiner has reviewed and considered the prior art cited in the Parent Application. Also in accordance with MPEP §2001.06(b) (last paragraph), all documents cited or considered ‘of record’ in the Parent Application are now considered cited or ‘of record’ in this application. Additionally, Applicant(s) are reminded that a listing of the information cited or ‘of record’ in the Parent Application need not be resubmitted in this application unless Applicants desire the information to be printed on a patent issuing from this application. See MPEP §609.02 A. 2. Finally, Applicants are reminded that the prosecution history of the Parent Application is relevant in this application. See e.g., Microsoft Corp. v. Multi-Tech Sys., Inc., 357 F.3d 1340, 1350, 69 USPQ2d 1815, 1823 (Fed. Cir. 2004) (holding that statements made in prosecution of one patent are relevant to the scope of all sibling patents).
Applicant’s claim for the benefit of U.S. provisional patent application 63/606,301 filed December 5, 2023 under 35 U.S.C. 119(e) is acknowledged.
Information Disclosure Statement
The information disclosure statement (IDS) was submitted on January 14, 2026. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1, 11 and 20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1 in view of claims 2 and 3 along with claim 11 in view of claims 12 and 13 of U.S. Patent No. 12,462,253. Although the claims at issue are not identical, they are not patentably distinct from each other because the limitation of receiving a transaction from a sender, the transaction comprising at least an encrypted amount, an account state commitment, and a zero-knowledge proof in instant claims 1, 11 and 20 is anticipated by issued claims 1 and 2. The limitation of storing, in a first data structure configured to track a state of an outgoing balance, an account state commitment of the sender is anticipated by the recitation from issued claims 1, 11 and 20 that the first data structure corresponds to an outgoing Merkle tree tracking a state of an outgoing balance when read in light of claims 3 and 13 which recite that the hash of the account state commitment is appended to the first data structure and the limitation of storing, in a second data structure configured to track a state of an incoming balance, the receiver amount mapped to the first public key of the receiver is anticipated by the recitation from issued claims 1, 11 and 20 that the second data structure corresponds to an incoming Merkle tree tracking a state of an incoming balance. The limitation of updating an outgoing balance of the sender and a current balance of the receiver is also disclosed by issued claims 1, 11 and 20. What is not taught by the claims of the issued patent are the limitations of “computing a confidential fee amount based on a transfer amount and a fee rate”, “generating a first ciphertext representing a receiver amount and a second ciphertext representing the computed fee amount, each ciphertext being encrypted using a first public key of the receiver and a second public key of a fee-collector” and “updating… a fee-collector balance according to the transaction”. With regard to the limitation of generating a first ciphertext representing a receiver amount and a second ciphertext representing the computed fee amount, each ciphertext being encrypted using a first public key of the receiver and a second public key of a fee-collector Vines et al. (U.S. Patent Publication 2023/0186296, hereinafter referred to as Vines) discloses at paragraph 0066 “By using a linearly homomorphic encryption scheme to encrypt balances and transfer amounts, the ZK-Token Program is able to process balances and transfer amounts in encrypted form. Since linear homomorphism holds only when ciphertexts are encrypted under the same public keys, the transfer amount may be encrypted under the sender public key and receiver public key as follows” and subsequently lists the results in paragraphs 0067-0070 where 0070 recites “amt: Encrypt(pk.sub.sender, 10), Encrypt(pk.sub.receiver, 10)”. Vines does not explicitly disclose the computation of fees however transaction fees (also called “gas”) are taught by Blackshear et al. (U.S. Patent Publication 2022/0164338, hereinafter referred to as Blackshear) at paragraphs 0427 (“Further, as shown in FIG. 25, the ledger transaction system 106 performs an act 2504 of deducting the transaction fee from the user account. Indeed, upon executing a transaction, the ledger transaction system 106 can determine a cost of execution. Accordingly, the ledger transaction system 106 can deduct the determined amount from the user account that sent the transaction after the transaction is executed”) and 0428 (“In one or more embodiments, the ledger transaction system 106 determines the transaction fee based on a gas price and a gas cost. In particular, as mentioned above, each transaction request can specify a price, in digital currency, that the user account submitting the transaction request is willing to pay per unit of gas (i.e., the gas price). Further, the ledger transaction system 106 can dynamically account for the computational power expended in executing the transaction, which is translated into gas cost.”). The recitation of Vines cited above discloses that the amount sent to a receiver is encrypted and as the claim does not describe any particular property with regard to how the fee amount is “confidential” those skilled in the art would view the portion of the claim that is directed towards the fee as simply being the inclusion of a second receiver in the transaction and therefore the teachings of Vines with regard to the encryption of the receiver amount and the updating of receiver balances would lead to nothing more than predictable results when applied to the fee computation, encryption and balance updating as the recited fee-collector is simply a second receiver and those skilled in the art would make such a modification when making payments or transfers of cryptocurrencies where gas fees are charged as compensation to the network performing the transaction. Therefore instant claims 1, 11 and 20 are anticipated over claims 1-2 and 11-12 in view of Vines and Blackshear.
Claims 2-10 are also rejected as being dependent upon claim 1.
Claims 12-19 are also rejected as being dependent upon claim 11.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
Claim 1 recites a method and therefore meets Step 1 of the Patent Subject Matter Eligibility Guidelines (MPEP § 2106.03).
The analysis then proceeds to Step 2A. Step 2A is a two-prong inquiry, in which examiners determine in Prong One whether a claim recites a judicial exception, and if so, then determine in Prong Two if the recited judicial exception is integrated into a practical application of that exception. Claim 1 recites as follows:
1. A computer-implemented method, the method comprising:
receiving a transaction from a sender, the transaction comprising at least an encrypted amount, an account state commitment, and a zero-knowledge proof;
computing a confidential fee amount based on a transfer amount and a fee rate;
generating a first ciphertext representing a receiver amount and a second ciphertext representing the computed fee amount, each ciphertext being encrypted using a first public key of the receiver and a second public key of a fee-collector;
storing, in a first data structure configured to track a state of an outgoing balance, an account state commitment of the sender;
storing, in a second data structure configured to track a state of an incoming balance, the receiver amount mapped to the first public key of the receiver; and
updating an outgoing balance of the sender, a current balance of the receiver, and a fee-collector balance according to the transaction.
The operation of receiving a transaction can be viewed as being part of the performing of being part of a transfer of funds between a sender and a receiver or recipient as is the operation of a computing a confidential fee based on a transfer amount and a fee rate. Tracking the states of outgoing balances and incoming balances along with the operation of updating an outgoing balance of the sender, a current balance of the receiver, and a fee-collector balance according to the transaction are also part of the funds transfer. Transferring funds between a sender and a receiver is a fundamental economic practice (MPEP § 2106.04(a)(2)(II)(A)) and the computing of a confidential fee can be considered as a mathematical concept (MPEP § 2106.04(a)(2)(I)(C)). Generating a first ciphertext representing a receiver amount and a second ciphertext representing the computed fee amount would require the use of encryption which is based on a mathematical relationship (MPEP § 2106.04(a)(2)(I)(A)). Therefore under Prong One of Step 2A claim 1 is deemed as being directed towards ineligible subject matter.
The analysis then proceeds to Prong Two of Step 2A in order to determine whether additional elements are present that form a practical application of the abstract idea (MPEP § 2106.04(d) and (d)(I)) in conjunction with MPEP § 2106.05 (a)-(c) and (e)-(h)). The operations of receiving a transaction from a sender, storing an account state commitment of the sender, storing the receiver amount, and updating an outgoing balance of the sender, a current balance of the receiver and a fee-collector balance according to the transaction all involve the gathering and outputting of data and can be viewed insignificant extra-solution activity (MPEP § 2106.05 (g)). The operations of receiving a transaction from a sender, computing a confidential fee amount based on a transfer amount and a fee rate, generating a first ciphertext representing a receiver amount and a second ciphertext representing the computed fee amount, each ciphertext being encrypted using a first public key of the receiver and a second public key of a fee-collector, storing, in a first data structure configured to track a state of an outgoing balance, an account state commitment of the sender, storing, in a second data structure configured to track a state of an incoming balance, the receiver amount mapped to the first public key of the receiver, and updating an outgoing balance of the sender, a current balance of the receiver, and a fee-collector balance according to the transaction can also be viewed as mere instructions to apply the abstract idea (MPEP § 2106.05 (f)) as the operations of receiving a transaction from a sender, computing a confidential fee amount based on a transfer amount and a fee rate and updating an outgoing balance of the sender, a current balance of the receiver, and a fee-collector balance according to the transaction can be viewed as simply invoking a computer as a tool to perform an existing process (MPEP § 2106.05 (f)(2)) and the operations of generating a first ciphertext representing a receiver amount and a second ciphertext representing the computed fee amount, each ciphertext being encrypted using a first public key of the receiver and a second public key of a fee-collector, storing, in a first data structure configured to track a state of an outgoing balance, an account state commitment of the sender and storing, in a second data structure configured to track a state of an incoming balance, the receiver amount mapped to the first public key of the receiver are all recited a high level of generality as there is no restriction as to how the state is maintained or how the encryption is performed (MPEP § 2106.05 (f)(3)). The recitation of the computer in the preamble merely ties the abstract idea to a particular technological environment (MPEP § 2106.05 (h)). Therefore under Prong Two of Step 2A claim 1 is deemed as being directed towards ineligible subject matter.
The analysis then moves to Step 2B in which the claim is evaluated as to whether the claim contains additional elements that amount to significantly more than the abstract idea itself (which is referred to as an inventive concept) (MPEP § 2106.05). In Step 2B most of the considerations that were already evaluated in Step 2A Prong Two are carried over into Step 2B including the identification of additional elements and any conclusions from Step 2A Prong Two on the considerations discussed in MPEP §§ 2106.05(a) - (c), (e) (f) and (h). Elements considered under MPEP § 2106.05(g) are re-evaluated as to whether these elements are unconventional in nature or otherwise more than what is well-understood, routine and conventional activity in the field. In addition Examiners evaluate whether any additional element or combination of elements are other than what is well-understood, routine, conventional activity in the field, or simply append well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception, per MPEP § 2106.05(d). From Prong Two of Step 2A the operations of receiving a transaction from a sender, computing a confidential fee amount based on a transfer amount and a fee rate, generating a first ciphertext representing a receiver amount and a second ciphertext representing the computed fee amount, each ciphertext being encrypted using a first public key of the receiver and a second public key of a fee-collector, storing, in a first data structure configured to track a state of an outgoing balance, an account state commitment of the sender, storing, in a second data structure configured to track a state of an incoming balance, the receiver amount mapped to the first public key of the receiver, and updating an outgoing balance of the sender, a current balance of the receiver, and a fee-collector balance according to the transaction can also be viewed as mere instructions to apply the abstract idea (MPEP § 2106.05 (f)) and the operations of receiving a transaction from a sender, computing a confidential fee amount based on a transfer amount and a fee rate and updating an outgoing balance of the sender, a current balance of the receiver, and a fee-collector balance according to the transaction can be viewed as simply invoking a computer as a tool to perform an existing process (MPEP § 2106.05 (f)(2)) The operations of generating a first ciphertext representing a receiver amount and a second ciphertext representing the computed fee amount, each ciphertext being encrypted using a first public key of the receiver and a second public key of a fee-collector, storing, in a first data structure configured to track a state of an outgoing balance, an account state commitment of the sender and storing, in a second data structure configured to track a state of an incoming balance, the receiver amount mapped to the first public key of the receiver are all recited a high level of generality as there is no restriction as to how the state is maintained or how the encryption is performed (MPEP § 2106.05 (f)(3)). The recitation of the computer in the preamble merely ties the abstract idea to a particular technological environment (MPEP § 2106.05 (h)). With regard to the operations of receiving a transaction from a sender, storing an account state commitment of the sender, storing the receiver amount, and updating an outgoing balance of the sender, a current balance of the receiver and a fee-collector balance according to the transaction all involve the gathering and outputting of data each operation is described at a high level of generality and there is no indication of any modification to the operations of receiving, storing or updating and the operation of receiving can be viewed as mere data gathering and the operations of storing and updating can be viewed as nothing more than necessary data outputting (MPEP § 2106.05 (g)). When viewed individually or in combination the elements do not amount to significantly more than the abstract idea itself. Therefore under Step 2B claim 1 is deemed as being directed towards ineligible subject matter.
Claim 2 recites “The computer-implemented method of claim 1, wherein the confidential fee is computed using fixed-point arithmetic with deterministic truncation”. Under Prong One of Step 2A the claim can be viewed as being directed towards an operation involving a mathematical calculation (MPEP § 2106.04(a)(2)(I)(C)). No additional elements are presented that would alter the limitation under Prong Two of Step 2A or Step 2B as the claim amounts to mere instructions to apply an exception (MPEP § 2106.05(f)). Therefore claim 2 is deemed as being directed towards ineligible subject matter.
Claim 3 recites “The computer-implemented method of claim 1, further comprising verifying that the second ciphertext corresponds to a valid encryption of the computed confidential fee under the second public key using a randomness”. Under Prong One of Step 2A the claim can be viewed as being directed towards an operation involving a mathematical concept (MPEP § 2106.04(a)(2)(I)(A)). No additional elements are presented that would alter the limitation under Prong Two of Step 2A or Step 2B as the claim amounts to mere instructions to apply an exception (MPEP § 2106.05(f)). Therefore claim 2 is deemed as being directed towards ineligible subject matter.
Claim 4 recites “The computer-implemented method of claim 1, further comprising: selecting a plurality of receiver public keys forming a receiver group including the receiver and a plurality of decoy receivers; and encrypting a zero value for each decoy receiver and an actual value for the receiver. Encrypting a zero value for each decoy receiver and an actual value for the receiver can be viewed as being directed towards an operation involving a mathematical concept (MPEP § 2106.04(a)(2)(I)(A)). The operation of selecting a plurality of receiver public keys forming a receiver group including the receiver and a plurality of decoy receivers can be viewed as a form of data gathering which under Prong Two of Step 2A can be viewed insignificant extra-solution activity (MPEP § 2106.05 (g)). Under Step 2B the operation of selecting can be viewed as nothing more than selecting a particular data source or type of data to be manipulated. Therefore claim 4 is deemed as being directed towards ineligible subject matter.
Claim 5 recites “The computer-implemented method of claim 4, wherein the plurality of receiver public keys defines a ring-privacy group, and wherein the transaction includes a proof that only one ciphertext among the group corresponds to a non-zero encrypted transfer amount.” The written disclosure at paragraph 0153 recites that “According to embodiments, the transfer protocol may implement a group-based ring privacy method. In the transfer protocol, the sender’s address is completely hidden, but the receiver’s address may be public. To improve the receiver-level privacy, the transfer protocol may employ the group-based method, which includes a plurality of receiver addresses for each transaction. One of the receiver addresses is the actual receiver and the remaining addresses are intended to conceal the identity of the actual receiver’s address (that is, 1-in-N receiver anonymity). In some embodiments, the sender may encrypt zero in the transaction sent to the remaining addresses. As such, third parties will see that a transaction has multiple receivers, but only one of them is the real receiver and the real receiver is hidden in a ring of users”. The operation of includes a proof that only one ciphertext among the group corresponds to a non-zero encrypted transfer amount relies on a mathematical concept (MPEP § 2106.04(a)(2)(I)(A)). The ring-privacy group per paragraph 0153 merely describes the operation of claim 4 where selecting a plurality of receiver public keys forming a receiver group including the receiver and a plurality of decoy receivers can be viewed as a form of data gathering which under Prong Two of Step 2A can be viewed as insignificant extra-solution activity (MPEP § 2106.05 (g)). Under Step 2B the operation of selecting can be viewed as nothing more than selecting a particular data source or type of data to be manipulated. Therefore claim 5 is deemed as being directed towards ineligible subject matter.
Claim 6 recites “The computer-implemented method of claim 1, wherein the fee rate and the fee-collector public key are public inputs and the transfer amount and the computed confidential fee are private variables.” The recitation does not recite an actual method step and can be viewed as a description of the underlying data involving the mathematical concept (MPEP § 2106.04(a)(2)(I)(A)). As no additional elements are presented that would affect the analysis under Prong Two of Step 2A or Step 2B claim 6 is deemed as being directed towards ineligible subject matter.
Claim 7 recites “The computer-implemented method of claim 1, wherein the balance of an account at a given time is the aggregate of all inbound and outbound transactions up to the given time.” The recitation does not recite an actual method step and can be viewed as a description of the underlying data involving the mathematical concept (MPEP § 2106.04(a)(2)(I)(A)). As no additional elements are presented that would affect the analysis under Prong Two of Step 2A or Step 2B claim 7 is deemed as being directed towards ineligible subject matter.
Claim 8 recites “The computer-implemented method of claim 1, wherein the first data structure corresponds to an outgoing Merkle tree tracking a state of an outgoing balance including operations that result in a decrease in a total balance of an account of the sender, and the account state commitment is stored as a leaf in the outgoing Merkle tree.” A Merkle tree is a tree-like data structure named after Ralph Merkle, the computer scientist who introduced the concept in 1987. It organizes large sets of data efficiently by condensing the entire dataset into a single root hash or Merkle root (taken from https://www.ledger.com/academy/glossary/merkle-tree, page from October 20, 2023, 6 pages, author unknown). Under Prong Two of Step 2A the use of a Merkle Tree for storing data can be viewed as insignificant extra-solution activity (MPEP § 2106.05 (g)). Under Step 2B the operation can be viewed as well-understood, routine and conventional activity as the properties of a Merkle Tree including the hash in the Merkle root for verifying the integrity of the leaf nodes in the tree are known to those skilled in the art and the claim does not contain any modification of that which is known. Therefore claim 8 is deemed as being directed towards ineligible subject matter.
Claim 9 recites “The computer-implemented method of claim 1, wherein the second data structure corresponds to an incoming Merkle tree tracking a state of an incoming balance including operations made from an outside account that result in an increase in a total balance of an account of the receiver.” A Merkle tree is a tree-like data structure named after Ralph Merkle, the computer scientist who introduced the concept in 1987. It organizes large sets of data efficiently by condensing the entire dataset into a single root hash or Merkle root (taken from https://www.ledger.com/academy/glossary/merkle-tree, page from October 20, 2023, 6 pages, author unknown). Under Prong Two of Step 2A the use of a Merkle Tree for storing data can be viewed as insignificant extra-solution activity (MPEP § 2106.05 (g)). Under Step 2B the operation can be viewed as well-understood, routine and conventional activity as the properties of a Merkle Tree including the hash in the Merkle root for verifying the integrity of the leaf nodes in the tree are known to those skilled in the art and the claim does not contain any modification of that which is known. Therefore claim 9 is deemed as being directed towards ineligible subject matter.
Claim 10 recites “The computer-implemented method of claim 1, further comprising: generating a nullifier for the account state commitment using a third private key of the sender; and appending a previous nullifier corresponding to a previous account state commitment to a nullifier list, the nullifier list comprising account state commitments that have been spent by the sender.” The written disclosure at paragraph 0030 describes the nullifier as a serial number and at paragraph 0029 recites that the nullifier is calculated for a note to verify whether it has already been spent. The use of serial numbers for currency notes is a fundamental economic practice (MPEP § 2106.04(a)(2)(II)(A)) and use of a private key is indicative of a cryptographic operation where cryptography is based on a mathematical relationship (MPEP § 2106.04(a)(2)(I)(A)). Therefore the operations can be viewed as mere instructions to apply the abstract idea (MPEP § 2106.05 (f)) which under Prong Two of Step 2A and Step 2B does not amount to significantly more than the abstract idea itself. Therefore claim 10 is deemed as being directed towards ineligible subject matter.
Claims 11 through 19 are directed towards the system for performing the method of claims 1-9. The system is recited as comprising one or more processors and a memory comprising the instructions that are executed by the processors to perform the method of claims 1-9. The additional elements are recited in a way that only ties the method to a particular technological environment (MPEP § 2106.05(h)) and therefore does not confer eligibility under Prong Two of Step 2A or Step 2B. Therefore claims 11-19 are held as being directed towards ineligible subject matter.
Claim 20 is directed towards the non-transitory computer-readable medium for storing the instructions which when executed by a computer perform the method of claim 1. The additional element of the non-transitory computer-readable medium is recited in a way that only ties the method to a particular technological environment (MPEP § 2106.05(h)) and therefore does not confer eligibility under Prong Two of Step 2A or Step 2B. Therefore claim 20 is held as being directed towards ineligible subject matter.
Statement Regarding the Prior Art
No prior art reference fairly taught or suggested the use of separate and distinct data structures for storing states of outgoing and incoming balances that are mapped to public keys of either the sender or the receiver. The previously cited Vines et al. reference (U.S. Patent Publication 2023/0186296, hereinafter referred to as Vines) clearly does not teach this feature. Blackshear et al. (U.S. Patent Publication 2022/0164338, hereinafter referred to as Blackshear) teaches a state database that stores account state representations at Figure 10 and paragraphs 0284-0285 but these are not split into incoming and outgoing balances as recited in the claim. Jeong et al. “Azeroth: Auditable Zero-Knowledge Transactions in Smart Contracts”, IEEE Access, Volume 11, 2023, June 12, 2023, pp. 56463-56480, hereinafter referred to as Jeong) also does not teach this feature. Sertkaya et al. (GB2623304, hereinafter referred to as Sertkaya) discloses a zero knowledge execution environment based on homomorphism and Merkle trees. Sertkaya does not disclose that these Merkle trees are distinct based on incoming and outgoing transactions. Guan et al. “BlockMaze: An Efficient Privacy Preserving Account-Model Blockchain Based on zk-SNARKs”, IEEE Transactions on Dependable and Secure Computing, Vol. 19, No. 3, May/June 2022, pp. 1446-1463, discloses a system based on blockchain for implementing transaction privacy based on zk-SNARKs which includes unique serial numbers for preventing double spending but also does not teach or suggest Merkle trees that are distinct based on incoming and outgoing transactions. Therefore claims 120 are held as not being fairly taught or suggested over the prior art.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Jeong et al. “Azeroth: Auditable Zero-Knowledge Transactions in Smart Contracts”, IEEE Access, Volume 11, 2023, June 12, 2023, pp. 56463-56480 discloses an auditable zero-knowledge transaction method employing smart contracts to protect privacy. Zk-SNARK is used to prove arbitrary functionalities for messages, including encryption. In section II Jeong discloses other services for providing privacy in blockchain transactions such as Zerocash, Blockmaze, Quisquis, Zether and zkLedger amongst others. In the overview at section (IV)(B) Jeong teaches that deposit/withdrawal transactions and public/private transfer transactions are integrated into a single transaction zkTransfer.
Guan et al. “BlockMaze: An Efficient Privacy Preserving Account-Model Blockchain Based on zk-SNARKs”, IEEE Transactions on Dependable and Secure Computing, Vol. 19, No. 3, May/June 2022, pp. 1446-1463 discloses a zero-knowledge system in which the sender uses a send transaction which is confirmed on the blockchain and subsequently the receiver collates the fund transfer commitment with other fund transfer commitments to form a Merkle tree. The recipient then generates a zero-knowledge proof to receive the transferred fund without leaking from which transaction he/she receives the fund. Balances are stored in both plaintext and a zero-knowledge balance.
Alonso “Zero to Monero: First Edition”, June 26, 2018, 91 pages describes the Monero mechanism for sending payments including the use of one-time addresses. While there is discussion of Merkle trees no particular treatment is made of their use in storing balances and instead Monero uses sub-addresses in order to obfuscate where the total amount of a user’s funds are stored.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES D NIGH whose telephone number is (571)270-5486. The examiner can normally be reached 6:00 to 9:45 and 10:30 to 2:45.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached at (571) 270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JAMES D NIGH/ Senior Examiner, Art Unit 3699