ZoKrates - Scalable Privacy-Preserving Off-Chain Computations

Scalability and privacy are two challenges for today's blockchain systems. Processing transactions at every node in the system limits the system's ability to scale. Furthermore, the requirement to publish all corporate or individual information for processing at every node, essentially making the data public, is - despite of all other advantages - often considered a major obstacle to blockchain adoption. In this paper, we make two main contributions to address these two problems: (i)To increase efficiency, we propose a processing model which employs noninteractive proofs to off-chain computations, thereby reducing on-chain computational efforts to the verification of correctness of execution rather than the execution itself. Due to the verifiable computation scheme's zero-knowledge property, private information used in the off-chain computation does not have to become public to verify correctness. (ii)We introduce ZoKrates, a toolbox to specify, integrate and deploy such off-chain computations. It consists of a domain-specific language, a compiler, and generators for proofs and verification Smart Contracts. ZoKrates hides significant complexity inherent to zero-knowledge proofs, provides a more familiar and higher level of programming abstractions to developers and enables circuit integration, hence fostering adoption.

[1]  Craig Gentry,et al.  Quadratic Span Programs and Succinct NIZKs without PCPs , 2013, IACR Cryptol. ePrint Arch..

[2]  D. Boneh,et al.  Bulletproofs : Efficient Range Proofs for Confidential Transactions , 2017 .

[3]  Matthew Green,et al.  A multi-party protocol for constructing the public parameters of the Pinocchio zk-SNARK , 2018, IACR Cryptol. ePrint Arch..

[4]  Stefan Tai,et al.  On or Off the Blockchain? Insights on Off-Chaining Computation and Data , 2017, ESOCC.

[5]  Eli Ben-Sasson,et al.  Secure Sampling of Public Parameters for Succinct Zero Knowledge Proofs , 2015, 2015 IEEE Symposium on Security and Privacy.

[6]  Jason Teutsch,et al.  A scalable verification solution for blockchains , 2019, ArXiv.

[7]  Elaine Shi,et al.  Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[8]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[9]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[10]  Eli Ben-Sasson,et al.  Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture , 2014, USENIX Security Symposium.

[11]  Jens Groth,et al.  On the Size of Pairing-Based Non-interactive Arguments , 2016, EUROCRYPT.

[12]  Vitalik Buterin A NEXT GENERATION SMART CONTRACT & DECENTRALIZED APPLICATION PLATFORM , 2015 .

[13]  Ian Miers,et al.  Scalable Multi-party Computation for zk-SNARK Parameters in the Random Beacon Model , 2017, IACR Cryptol. ePrint Arch..

[14]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[15]  Eli Ben-Sasson,et al.  SNARKs for C: Verifying Program Executions Succinctly and in Zero Knowledge , 2013, CRYPTO.

[16]  Eli Ben-Sasson,et al.  Scalable, transparent, and post-quantum secure computational integrity , 2018, IACR Cryptol. ePrint Arch..

[17]  Paulo S. L. M. Barreto,et al.  Pairing-Friendly Elliptic Curves of Prime Order , 2005, Selected Areas in Cryptography.

[18]  Leslie Lamport,et al.  Paxos Made Simple , 2001 .

[19]  Stefan Tai,et al.  Not Acid, Not Base, but Salt - A Transaction Processing Perspective on Blockchains , 2017, CLOSER.

[20]  Craig Gentry,et al.  Pinocchio: Nearly Practical Verifiable Computation , 2013, IEEE Symposium on Security and Privacy.

[21]  Juan Benet,et al.  IPFS - Content Addressed, Versioned, P2P File System , 2014, ArXiv.