Computer-implemented system and method for trustless zero-knowledge contingent payment

The invention claimed is: 1. A computer-implemented method for enabling a trustless zero-knowledge contingent payment or exchange of reward data from a buyer or verifier in exchange for access data from a seller or prover, the method including: receiving from the buyer, a buyer public key (pk B ) derived from multiplying a buyer secret key (sk B ) with an elliptic curve generator point (G); generating a seller public key (pk s ) determined from multiplying a seller secret key (i) with the elliptic curve generator point (G), wherein the seller secret key is the access data or is used to secure the access data required by the buyer; preparing and sending a data set to the buyer, said data set including a zero-knowledge proof statement, which for a given function circuit output of an arithmetic circuit representing the zero-knowledge proof statement, and an elliptic curve point, a function circuit input is equal to the seller secret key (i), wherein said zero-knowledge proof statement enables the buyer to determine that the arithmetic circuit is satisfied and validate the zero-knowledge proof statement, thus determining that the seller holds the seller secret key that unlocks the access data; receiving from the buyer a first transaction Tx 1 that contains an output that allocates the reward data to the buyer, which is accessible using the seller secret key (i); and signing and broadcasting the first transaction on a blockchain, such that it is mined into a block, and accessing the reward data from the output of the first transaction Tx 1 by providing a second transaction Tx 2 supplying the seller secret key (i) to unlock the reward data, wherein the reward data is revealed on the blockchain, thus enabling the buyer to obtain the access data offered by the seller, wherein the prover or seller receives an elliptic curve public key pk B from the verifier or buyer, said buyer having generated said elliptic curve public key from a secure random secret key sk B , wherein: pk B =sk B ×G, and G is the elliptic curve point, and the prover or seller secures the access data to be provided with a locking value i, such that access data= pk B +i×G and the seller includes in the data set sent to the buyer the seller public key (pk s ), wherein pk s =i×G, and an output f(i) from the given function circuit of the arithmetic circuit, wherein the function circuit input is the locking value i. 2. The computer-implemented method according to claim 1 , wherein: the seller receives from the buyer the first transaction Tx 1 that contains an output that contains the reward data to be received, which can be accessed by a signature from the seller and the function circuit input, the locking value i, and the seller signs and broadcasts the first transaction on a blockchain, where it is mined into a block, enabling the seller to obtain the access data from the output of the first transaction Tx 1 by providing the second transaction Tx 2 supplying their signature and the locking value i to unlock the first transaction, which is then wherein the reward data is revealed on the blockchain, thus enabling the buyer to identify the locking value i and obtain the access data offered by the seller, wherein: sk=sk B +i, where pk=sk×G. 3. A computer-implemented method for enabling a trustless zero-knowledge contingent payment or exchange of reward data from a buyer or verifier in exchange for access data from a seller or prover, the method including: sending a seller a buyer public key (pk B ) derived from multiplying a buyer secret key (sk B ) with an elliptic curve generator point (G); receiving from the seller a data set, said data set including a zero-knowledge proof statement, which for a given function circuit output of an arithmetic circuit representing the zero-knowledge proof statement, and an elliptic curve point, a function circuit input is equal to a seller secret key (i), wherein a seller's public key (pk s ) is derived from multiplying the seller secret key (i) with the elliptic curve generator point (G), wherein the seller secret key is the access data or is used to secure the access data; verifying the zero-knowledge proof statement; sending the buyer a first transaction Tx 1 that contains an output that allocates the reward data to the buyer in exchange for obtaining the access data, that is accessible using the seller secret key (i); confirming, on a blockchain, that the seller has signed and broadcast the first transaction such that it is mined into a block, thus enabling the seller to access the reward data from the output of the first transaction Tx 1 by providing a second transaction Tx 2 supplying their signature and the seller secret key (i) to unlock the reward data; and obtaining the access data offered by the seller, further including sending an elliptic curve public key pk B to the seller, said buyer having generated said elliptic curve public key from a secure random secret key sk B , wherein: pk B =sk B ×G, and G is the elliptic curve point, and the seller secures the access data to be provided with a locking value i, such that access data= pk B +i×G and receiving from the seller, with the data set, seller public key, wherein pk s =i×G, and an output f(i) from the given function circuit of the arithmetic circuit, wherein the function circuit input is the locking value i. 4. The computer-implemented method according to claim 3 , further including: sending the buyer the first transaction Tx 1 that contains an output that contains the access data to be received, that can be accessed by a signature from the seller and the function circuit input, the locking value i, wherein the seller signs and broadcasts the transaction on a blockchain, where it is mined into a block, enabling the seller to access data from the output of the first transaction Tx 1 by providing a second transaction Tx 2 supplying their signature and the locking value i to unlock the first transaction, wherein the reward data is revealed on the blockchain, accessing the blockchain to identify the locking value I and access digital content offered by the seller, wherein: sk=sk B +i, where pk=sk×G. 5. The computer-implemented method according to claim 3 , wherein the reward data to be received from the seller includes a cryptocurrency payment. 6. The computer-implemented method according to claim 3 , wherein the access data to be provided by the seller is a secret key of a vanity address or enables determination of a secret key of a vanity address. 7. The computer-implemented method according to claim 3 for enabling zero-knowledge proof or verification of a statement (S) in which a prover proves to a verifier that a statement is true while keeping a witness (w) to the statement a secret, the method including: the prover sending to the verifier: a statement (S) represented by an arithmetic circuit with m gates and n wires configured to implement a function circuit and determine whether for a given function circuit output (h) and an elliptic curve point (P), the function circuit input (s) to a wire of the function circuit is equal to a corresponding elliptic curve point multiplier (s); individual wire commitments and/or a batched commitment for wires of the arithmetic circuit; a function circuit output (h); and a proving key (PrK), which enables the verifier to determine that the arithmetic circuit is satisfied and calculate the elliptic curve point (P) and validate the statement, thus determining that the prover holds the witness (w) to the statement. 8. The computer-implemented method according to claim 7 , wherein the prover sends an individual wire commitment and communicates with the verifier usin