This work addresses the challenge of enabling efficient, trustless off-chain double-spending prevention while preserving privacy for both users and service providers. To this end, the authors propose a modular off-chain execution layer that leverages a public-key-based token ownership model combined with a novel multi-public-key signature scheme. This design supports stable identities and transaction unlinkability while minimizing key management overhead. Through a formal security model, the system is proven to satisfy three core properties: double-spending resistance, censorship resistance (non-blocking), and bidirectional privacy. Notably, this is the first construction to achieve a private off-chain payment mechanism that simultaneously offers high efficiency and rigorous security guarantees under a general cryptographic setting.

This paper introduces the Unicity Execution Layer, a modular component of the Unicity framework enabling secure off-chain transactions while maintaining trustless double-spending prevention. We present a formal security model where token ownership is represented by public keys and transfers require digital signatures. We prove three fundamental security properties: (1) no double-spending--each token state can be spent at most once, (2) no blocking--only the legitimate owner can prevent a token from being spent, and (3) service-side privacy--the Unicity Service cannot link transactions with the same token. The user-side privacy is addressed by introducing generalized multi-public-key signature schemes that allow one secret to generate multiple unlinkable public keys, and interactive and non-interactive concrete instantiations, enabling private transactions with stable public identity with minimal key management overhead.