Paper 2022/802

VERI-ZEXE: Decentralized Private Computation with Universal Setup

Alex Luoyuan Xiong, Espresso Systems
Binyi Chen, Espresso Systems
Zhenfei Zhang, Espresso Systems
Benedikt Bünz, Espresso Systems
Ben Fisch, Espresso Systems
Fernando Krell, Espresso Systems
Philippe Camacho, Espresso Systems

Traditional blockchain systems execute program state transitions on-chain, requiring each network node participating in state-machine replication to re-compute every step of the program when validating transactions. This limits both scalability and privacy. Recently, Bowe et al. introduced a primitive called decentralized private computation (DPC) and provided an instantiation called ZEXE, which allows users to execute arbitrary computations off-chain without revealing the program logic to the network. Moreover, transaction validation takes only constant time, independent of the off-chain computation. However, ZEXE required a separate trusted setup for each application, which is highly impractical. Prior attempts to remove this per-application setup incurred significant performance loss. We propose a new DPC instantiation VERI-ZEXE that is highly efficient and requires only a single universal setup to support an arbitrary number of applications. Our benchmark improves the state-of-the-art by 9x in transaction generation time and by 2.6x in memory usage. Along the way, we also design efficient gadgets for variable-base multi-scalar multiplication and modular arithmetic within the plonk constraint system, leading to a Plonk verifier gadget using only ∼ 21k plonk constraints.

Available format(s)
Publication info
decentralized computationzero knowledge proofssuccinct arguments
Contact author(s)
alex xiong tech @ gmail com
2022-06-23: approved
2022-06-21: received
See all versions
Short URL
Creative Commons Attribution


      author = {Alex Luoyuan Xiong and Binyi Chen and Zhenfei Zhang and Benedikt Bünz and Ben Fisch and Fernando Krell and Philippe Camacho},
      title = {VERI-ZEXE: Decentralized Private Computation with Universal Setup},
      howpublished = {Cryptology ePrint Archive, Paper 2022/802},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.