Paper 2023/608

Publicly Verifiable Auctions with Privacy

Paul Germouty, nChain
Enrique Larraia, nChain
Wei Zhang, nChain

Online auctions have a steadily growing market size, creating billions of US dollars in sales value every year. To ensure fairness and auditability while preserving the bidder's privacy is the main challenge of an auction scheme. At the same time, utility driven blockchain technology is picking up the pace, offering transparency and data integrity to many applications. In this paper, we present a blockchain-based first price sealed-bid auction scheme. Our scheme offers privacy and public verifiability. It can be built on any public blockchain, which is leveraged to provide transparency, data integrity, and hence auditability. The inability to double spend on a blockchain is used to prevent bid replay attacks. Moreover, our scheme can achieve non-repudiation for both bidders and the auctioneer without revealing the bids and we encapsulate this concept inside the public verification of the auction. We propose to use ElGamal encryption and Bulletproofs to construct an efficient instantiation of our scheme. We also propose to use recursive zkSNARKs to reduce the number of comparison proofs from $N-1$ to $1$, where $N$ is the number of bidders.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Workshop on Trusted Smart Contracts (WTSC) - Financial Cryptography 2023
AuctionsBlockchainPrivacyPublic Verifiability
Contact author(s)
p germouty @ nchain com
e larraia @ nchain com
w zhang @ nchain com
2023-04-28: approved
2023-04-28: received
See all versions
Short URL
Creative Commons Attribution-NonCommercial-NoDerivs


      author = {Paul Germouty and Enrique Larraia and Wei Zhang},
      title = {Publicly Verifiable Auctions with Privacy},
      howpublished = {Cryptology ePrint Archive, Paper 2023/608},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.