nullpay.

The cryptography

The sealed envelope.

Blind signatures were invented in 1982 and standardized as RFC 9474 in 2023. Here's how they work.

The carbon-copy envelope

Imagine you need a notary to certify a document — but you don't want the notary to read it.

  1. 1

    You write a message on paper.

  2. 2

    You put it in a special envelope lined with carbon paper.

  3. 3

    A notary stamps the outside of the sealed envelope.

  4. 4

    The stamp transfers through the carbon paper to the message inside.

  5. 5

    You open the envelope — your message now has a valid stamp.

  6. 6

    The notary can verify the stamp is genuine but never saw the message.

  7. 7

    If you present the stamped message later, the notary cannot tell which envelope it came from.

This is a blind signature. The signer authenticates something without ever seeing its content.

David Chaum, 1982

David Chaum published the idea at Crypto '82. He founded DigiCash around 1989–1990 (sources vary on the exact year). The first electronic payment was sent in 1994. The company went bankrupt in 1998.

E-commerce wasn't ready. There was a chicken-and-egg problem between merchants and users. DigiCash was centralized around a single company. It failed commercially but inspired the cypherpunk movement and eventually Bitcoin.

“As the Web grew, the average level of sophistication of users dropped. It was hard to explain the importance of privacy to them.”

— David Chaum

RFC 9474

Published by the Internet Research Task Force (IRTF) in 2023. An RSA-based blind signature protocol, co-authored by researchers at Cloudflare. An open internet standard, not proprietary to any company.

Full specification: RFC 9474 — RSA Blind Signatures

Who uses this today

Apple Private Access Tokens

iOS 16+, macOS Ventura+. Uses RFC 9474 to eliminate CAPTCHAs without tracking.

Cloudflare Privacy Pass

Private authentication across millions of websites.

GNU Taler

EU Horizon Europe funded. 11 partners, 8 countries. Piloting with real banks. Principle: "income transparent, spending anonymous."

Cashu

Chaumian ecash for Bitcoin. Open source.

EDPB SPE Expert Report (2025)

Expert report commissioned by the European Data Protection Board concluded blind signatures are a credible path for the Digital Euro’s token-based offline modality.

These organizations use the same cryptographic primitive. They do not endorse or have any affiliation with NullPay.

See also: RFC 9576 — Privacy Pass Architecture