Paper 2019/191
Zether: Towards Privacy in a Smart Contract World
Benedikt Bünz, Shashank Agrawal, Mahdi Zamani, and Dan Boneh
Abstract
Blockchain-based smart contract platforms like Ethereum have become quite popular as a way to remove trust and add transparency to distributed applications. While different types of important applications can be easily built on such platforms, there does not seem to be an easy way to add a meaningful level of privacy to them. In this paper, we propose Zether, a fully-decentralized, confidential payment mechanism that is compatible with Ethereum and other smart contract platforms. We take an account-based approach similar to Ethereum for efficiency and usability. We design a new smart contract that keeps the account balances encrypted and exposes methods to deposit, transfer and withdraw funds to/from accounts through cryptographic proofs. We describe techniques to protect Zether against replay attacks and front-running situations. We also develop a mechanism to enable interoperability with arbitrary smart contracts. This helps to make several popular applications like auctions, payment channels, voting, etc. confidential. As a part of our protocol, we propose $\Sigma$-Bullets, an improvement of the existing zero-knowledge proof system, Bulletproofs. $\Sigma$-Bullets make Bulletproofs more inter-operable with Sigma protocols, which is of general interest. We implement Zether as an Ethereum smart contract and show the practicality of our design by measuring the amount of gas used by the Zether contract. A Zether confidential transaction costs about 0.014 ETH or approximately $1.51 (as of early Feb, 2019). We discuss how small changes to Ethereum, which are already being discussed independently of Zether, would drastically reduce this cost.
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Preprint. MINOR revision.
- Keywords
- blockchainzero knowledge
- Contact author(s)
- benedikt @ cs stanford edu
- History
- 2019-05-18: last of 2 revisions
- 2019-02-26: received
- See all versions
- Short URL
- https://ia.cr/2019/191
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/191, author = {Benedikt Bünz and Shashank Agrawal and Mahdi Zamani and Dan Boneh}, title = {Zether: Towards Privacy in a Smart Contract World}, howpublished = {Cryptology {ePrint} Archive, Paper 2019/191}, year = {2019}, url = {https://eprint.iacr.org/2019/191} }