I was going through the quorum documentation and stumbled upon how private transactions are validated in quorum. Take the following example where there are four nodes - Node A, Node B, Node C and Node D.Consider the following steps -
1.Node A does a private transaction(assume TX1) with Node B. At this point Node A and Node B have their private tries updated to reflect the private transaction.
2. Node B uses the output of TX1 and does a private transaction with Node C. Since Node C was unaware of the TX1 in the first place how does it validate that TX1 is an actual valid transaction?
Does Node B send the un-encrypted payload of TX1 to Node C so that it can validate the transaction?If yes, then isn't Node A's identity revealed in this scenario? If not, then Node B can dupe Node C by sending using the output of TX1 to first send it to Node D and then doing a double spend and sending it to Node C after it has been sent to Node D. In essence how is a chain of private transactions validated?
The only way to maintain privacy and still prevent double-spending (afaik) is to use zero-knowledge proofs. This is available on Quorum under the Anonymous Zether implementation. Please note that this is a 'work in progress' and not yet recommended for production use.