Paper 2015/1093

C$\mathrm{\varnothing }$C$\mathrm{\varnothing }$: A Framework for Building Composable Zero-Knowledge Proofs

Ahmed Kosba, Zhichao Zhao, Andrew Miller, Yi Qian, Hubert Chan, Charalampos Papamanthou, Rafael Pass, abhi shelat, and Elaine Shi

Abstract

Non-interactive zero-knowledge proofs are a powerful cryptographic primitive used in privacy-preserving protocols. We design and build C$\mathrm{\varnothing }$C$\mathrm{\varnothing }$, the first system enabling developers to build efficient, composable, non-interactive zero-knowledge proofs for generic, user-defined statements. C$\mathrm{\varnothing }$C$\mathrm{\varnothing }$ extends state-of-the-art SNARK constructions by applying known strengthening transformations to yield UC-composable zero-knowledge proofs suitable for modular use in larger cryptographic protocols. To attain fast practical performance, C$$C$$ includes a library of several ``SNARK-friendly'' cryptographic primitives. These primitives are used in the strengthening transformations in order to reduce the overhead of achieving composable security. Our open-source library of optimized arithmetic circuits for these functions are up to 40$$ more efficient than standard implementations and are thus of independent interest for use in other NIZK projects. Finally, we evaluate C$$C$$ on applications such as anonymous credentials, private smart contracts, and nonoutsourceable proof-of-work puzzles and demonstrate 5$$ to 8$$ speedup in these application settings compared to naive implementations.