An Auditable Confidentiality Protocol for Blockchain Transactions

Blockchain exposes all users’ transaction data to the public, including account balances, asset holdings, trading history, etc. Such data exposure leads to potential security and personal privacy risks that restrict blockchain from broader adoption. Although some existing projects focus on single-chain confidential payment, no existing cross-chain system supports private transactions yet, which is incompatible with privacy regulations such as GDPR. Also, current confidential payment systems require users to pay high extra fees. However, a private and anonymous protocol encrypting all transaction data raises concerns about malicious and illegal activities since the protocol is difficult to audit. We need to balance privacy and auditability in blockchain. We propose an auditable and affordable protocol for cross-chain and single-chain transactions. This protocol leverages zero-knowledge proofs to encrypt transactions and perform validation without disclosing sensitive users’ data. To meet regulations, each auditor from an auditing committee will have an encrypted secret share of the transaction data. Auditors may view the private transaction data only if a majority of the committee agrees to decrypt the data. We employ a ZK-rollup scheme by processing multiple transactions in batches, which reduces private transaction costs to 90% lower compared with solutions without ZK-rollup. We implemented the proposed scheme using Zokrates and Solidity and evaluated the protocol on the Ethereum test network, and the total one-to-one private transactions cost only 5 seconds. We also proved the security of the protocol utilizing the standard real/ideal world paradigm.

[1]  Martin T. Vechev,et al.  ZeeStar: Private Smart Contracts by Homomorphic Encryption and Zero-knowledge Proofs , 2022, 2022 IEEE Symposium on Security and Privacy (SP).

[2]  Matthew Green,et al.  ZEXE: Enabling Decentralized Private Computation , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[3]  Dan Boneh,et al.  Zether: Towards Privacy in a Smart Contract World , 2020, IACR Cryptol. ePrint Arch..

[4]  Petar Tsankov,et al.  zkay: Specifying and Enforcing Data Privacy in Smart Contracts , 2019, CCS.

[5]  Manuel Blum,et al.  Non-interactive zero-knowledge and its applications , 1988, STOC '88.

[6]  K. Noble Ledger , 2019, Pleiades: Literature in Context.

[7]  Xiaohui Gu,et al.  FabZK: Supporting Privacy-Preserving, Auditable Smart Contracts in Hyperledger Fabric , 2019, 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[8]  Stefan Tai,et al.  ZoKrates - Scalable Privacy-Preserving Off-Chain Computations , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[9]  Dan Boneh,et al.  Bulletproofs: Short Proofs for Confidential Transactions and More , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[10]  Jens Groth,et al.  Snarky Signatures: Minimal Signatures of Knowledge from Simulation-Extractable SNARKs , 2017, IACR Cryptol. ePrint Arch..

[11]  Jens Groth,et al.  On the Size of Pairing-Based Non-interactive Arguments , 2016, EUROCRYPT.

[12]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[13]  Jens Groth,et al.  Short Pairing-Based Non-interactive Zero-Knowledge Arguments , 2010, ASIACRYPT.

[14]  Yvo Desmedt,et al.  A New Paradigm of Hybrid Encryption Scheme , 2004, CRYPTO.

[15]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[16]  D. Song,et al.  ZEBRA: Anonymous Credentials with Practical On-chain Verification and Applications to KYC in DeFi , 2022, IACR Cryptol. ePrint Arch..

[17]  Arnab Roy,et al.  Poseidon: A New Hash Function for Zero-Knowledge Proof Systems , 2021, USENIX Security Symposium.

[18]  Neha Narula,et al.  zkLedger: Privacy-Preserving Auditing for Distributed Ledgers , 2018, IACR Cryptol. ePrint Arch..

[19]  Pieter Wuille,et al.  Confidential Assets , 2018, Financial Cryptography Workshops.

[20]  Daniel Davis Wood ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[21]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .