Succinctly Verifiable Sealed-Bid Auction Smart Contract

The recently growing tokenization process of digital and physical assets over the Ethereum blockchain requires a convenient trade and exchange mechanism. Sealed-bid auctions are powerful trading tools due to the advantages they offer compared to their open-cry counterparts. However, the inherent transparency and lack of privacy on the Ethereum blockchain conflict with the main objective behind the sealed-bid auctions. In this paper, we tackle this challenge and present a smart contract protocol for a succinctly verifiable sealed-bid auction on the Ethereum blockchain. In particular, we utilize various cryptographic primitives including zero-knowledge Succinct Non-interactive Argument of Knowledge (zk-SNARK), Multi-Party Computation (MPC), Public-Key Encryption (PKE) scheme, and commitment scheme for our approach. First, the proving and verification keys for zk-SNARK are generated via an MPC protocol between the auctioneer and bidders. Then, when the auction process starts, the bidders submit commitments of their bids to the smart contract. Subsequently, each bidder individually reveals her commitment to the auctioneer using the PKE scheme. Then, according to the auction rules, the auctioneer claims a winner and generates a proof off-chain based on the proving key, commitments which serve as public inputs, and their underlying openings which are considered the auctioneer’s witness. Finally, the auctioneer submits the proof to the smart contract which in turn verifies its validity based on the public inputs, and the verification key. The proposed protocol scales efficiently as it has a constant-size proof and verification cost regardless of the number of bidders. Furthermore, we provide an analysis of the smart contract design, in addition to the estimated gas costs associated with the different transactions.

[1]  Jeremy Clark,et al.  On Bitcoin as a public randomness source , 2015, IACR Cryptol. ePrint Arch..

[2]  Marcin Andrychowicz,et al.  Secure Multiparty Computations on Bitcoin , 2014, IEEE Symposium on Security and Privacy.

[3]  Iddo Bentov,et al.  Amortizing Secure Computation with Penalties , 2016, CCS.

[4]  Eli Ben-Sasson,et al.  Secure Sampling of Public Parameters for Succinct Zero Knowledge Proofs , 2015, 2015 IEEE Symposium on Security and Privacy.

[5]  Amr M. Youssef,et al.  Verifiable Sealed-Bid Auction on the Ethereum Blockchain , 2018, IACR Cryptol. ePrint Arch..

[6]  David Cerezo Sánchez Raziel: Private and Verifiable Smart Contracts on Blockchains , 2018, IACR Cryptol. ePrint Arch..

[7]  Vinod Vaikuntanathan,et al.  Improvements to Secure Computation with Penalties , 2016, CCS.

[8]  Florian Kerschbaum,et al.  Strain: A Secure Auction for Blockchains , 2018, IACR Cryptol. ePrint Arch..

[9]  Iddo Bentov,et al.  How to Use Bitcoin to Design Fair Protocols , 2014, CRYPTO.

[10]  Elaine Shi,et al.  Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[11]  Prateek Saxena,et al.  Making Smart Contracts Smarter , 2016, IACR Cryptol. ePrint Arch..

[12]  Ian Miers,et al.  Scalable Multi-party Computation for zk-SNARK Parameters in the Random Beacon Model , 2017, IACR Cryptol. ePrint Arch..

[13]  Matthew Green,et al.  A multi-party protocol for constructing the public parameters of the Pinocchio zk-SNARK , 2018, IACR Cryptol. ePrint Arch..

[14]  Massimo Bartoletti,et al.  A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.

[15]  Rosario Gennaro,et al.  Zero-Knowledge Contingent Payments Revisited: Attacks and Payments for Services , 2017, IACR Cryptol. ePrint Arch..

[16]  Eli Ben-Sasson,et al.  Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture , 2014, USENIX Security Symposium.