Paper 2019/191

Zether: Towards Privacy in a Smart Contract World

Benedikt Bünz, Shashank Agrawal, Mahdi Zamani, and Dan Boneh

Abstract

Blockchain-based smart contract platforms like Ethereum have become quite popular as a way to remove trust and add transparency to distributed applications. While different types of important applications can be easily built on such platforms, there does not seem to be an easy way to add a meaningful level of privacy to them. In this paper, we propose Zether, a fully-decentralized, confidential payment mechanism that is compatible with Ethereum and other smart contract platforms. We take an account-based approach similar to Ethereum for efficiency and usability. We design a new smart contract that keeps the account balances encrypted and exposes methods to deposit, transfer and withdraw funds to/from accounts through cryptographic proofs. We describe techniques to protect Zether against replay attacks and front-running situations. We also develop a mechanism to enable interoperability with arbitrary smart contracts. This helps to make several popular applications like auctions, payment channels, voting, etc. confidential. As a part of our protocol, we propose $\Sigma$-Bullets, an improvement of the existing zero-knowledge proof system, Bulletproofs. $\Sigma$-Bullets make Bulletproofs more inter-operable with Sigma protocols, which is of general interest. We implement Zether as an Ethereum smart contract and show the practicality of our design by measuring the amount of gas used by the Zether contract. A Zether confidential transaction costs about 0.014 ETH or approximately $1.51 (as of early Feb, 2019). We discuss how small changes to Ethereum, which are already being discussed independently of Zether, would drastically reduce this cost.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. MINOR revision.
Keywords
blockchainzero knowledge
Contact author(s)
benedikt @ cs stanford edu
History
2019-05-18: last of 2 revisions
2019-02-26: received
See all versions
Short URL
https://ia.cr/2019/191
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/191,
      author = {Benedikt Bünz and Shashank Agrawal and Mahdi Zamani and Dan Boneh},
      title = {Zether: Towards Privacy in a Smart Contract World},
      howpublished = {Cryptology {ePrint} Archive, Paper 2019/191},
      year = {2019},
      url = {https://eprint.iacr.org/2019/191}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.