Cryptology ePrint Archive: Report 2015/675

Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts

Ahmed Kosba and Andrew Miller and Elaine Shi and Zikai Wen and Charalampos Papamanthou

Abstract: Emerging smart contract systems over decentralized cryp- tocurrencies allow mutually distrustful parties to transact safely with each other without trusting a third-party inter- mediary. In the event of contractual breaches or aborts, the decentralized blockchain ensures that other honest parties obtain commesurate remuneration. Existing systems, how- ever, lack transactional privacy. All transactions, including flow of money between pseudonyms and amount trasacted, are exposed in the clear on the blockchain. We present Hawk, a decentralized smart contract system that does not store financial transactions in the clear on the blockchain, thus retaining transactional privacy from the publicís view. A Hawk programmer can write a private smart contract in an intuitive manner without having to implement cryptography, and our compiler automatically generates an efficient cryptographic protocol where contractual parties in- teract with the blockchain, using cryptographic primitives such as succint zero-knowledge proofs. To formally define and reason about the security of our protocols, we are the first to formalize the blockchain model of secure computation. The formal modeling is of indepen- dent interest. We advocate the community to adopt such a formal model when designing interesting applications atop decentralized blockchains.

Category / Keywords: cryptographic protocols / blockchain, cryptocurrency, smart contracts, universal composability, zero-knowledge proofs, SNARKs, fairness, compiler

Date: received 4 Jul 2015, last revised 15 May 2016

Contact author: runting at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20160515:073808 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]