In this work, we first show that, even if all the above limitations/assumptions hold, a malicious verifier could still violate the zero-knowledge property by leveraging smart contracts. We show an ``attack of the clones'' that allows a malicious verifier to clone some of the stakeholder capabilities via a smart contract that is designed after the proof is received from the prover. This leaves open the question of constructing publicly verifiable zero-knowledge proofs from blockchains. Moreover, it raises the issue of using blockchains as setup assumptions since they evolve over time and could even become unreliable in the future. Then, we provide a publicly verifiable zero-knowledge proof system, based on any blockchain (i.e., not only proof-of-stake) that, very roughly, satisfies the following unpredictability property. Sufficiently many future honest blocks added to the blockchain contain a high min-entropy string in a specific location (e.g., a new wallet for cashing the mining reward). Our proof system is secure against a verifier/prover that can corrupt blockchain players adaptively. In particular, it remains zero knowledge even if the blockchain eventually collapses and all blockchain players are controlled by the zero-knowledge adversary.
Category / Keywords: cryptographic protocols / publicly verifiable zero-knowledge, (collapsing) blockchain, smart contract Date: received 15 Nov 2020 Contact author: luisa siniscalchi88 at gmail com Available format(s): PDF | BibTeX Citation Version: 20201115:121628 (All versions of this report) Short URL: ia.cr/2020/1435