A nullifier is the per-note fingerprint that lets the SolMask program detect double-spends without learning which deposit you are spending. When you deposit, your browser picks a random nullifier_secret and hashes it with Poseidon into the on-chain commitment. When you later withdraw, your zero-knowledge proof reveals only the Poseidon hash of that same secret — that hash is the nullifier.
The program maintains an on-chain set of every nullifier that has ever been used. The withdraw instruction rejects any proof whose nullifier is already in the set, so a single note can only be spent once. Crucially, the nullifier is a deterministic function of the secret alone: two different deposits produce two different nullifiers, and an observer cannot link a nullifier back to a specific commitment without breaking Poseidon's preimage resistance.
Because the nullifier is revealed at withdraw time but the link from nullifier to commitment is hidden by the proof, double-spend prevention does not cost you privacy. That is the entire point of the construction.