Paper 2024/143
Scalable Collaborative zk-SNARK: Fully Distributed Proof Generation and Malicious Security
Abstract
The notion of collaborative zk-SNARK is introduced by Ozdemir and Boneh (USENIX 2022), which allows multiple parties to jointly create a zk-SNARK proof over distributed secrets (also known as the witness). This approach ensures the privacy of the witness, as no corrupted servers involved in the proof generation can learn anything about the honest servers' witness. Later, Garg et al. continued the study, focusing on how to achieve faster proof generation (USENIX 2023). However, their approach requires a powerful server that is responsible for the most resource-intensive computations and communications during the proof generation. This requirement results in a scalability bottleneck, making their protocols unable to handle large-scale circuits. In this work, we address this issue by lifting a zk-SNARK called Libra (Crypto 2019) to a collaborative zk-SNARK and achieve a fully distributed proof generation, where all servers take roughly the same portion of the total workload. Further, our protocol can be adapted to be secure against a malicious adversary by incorporating some verification mechanisms. With 128 consumer machines and a 4Gbps network, we successfully generate a proof for a data-parallel circuit containing $2^{23}$ gates in merely 2.5 seconds and take only 0.5 GB memory for each server. This represents a $19\times$ speed-up, compared to a local Libra prover. Our benchmark further indicates an impressive 877$\times$ improvement in running time and a 992$\times$ enhancement in communication compared to the implementation in previous work. Furthermore, our protocol is capable of handling larger circuits, making it scalable in practice.
Note: This work has an extensive update, which can be found at https://eprint.iacr.org/2024/940. The update includes semi-honest protocols extended for collaborative HyperPlonk for general circuits, a more efficient sub-protocol used by sumcheck, additional optimizations, and new experimental results.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- zero-knowledgezk-SNARKsmulti-party computationimplementation
- Contact author(s)
-
hinsliu @ zju edu cn
yangxh @ zju edu cn - History
- 2024-06-12: revised
- 2024-02-01: received
- See all versions
- Short URL
- https://ia.cr/2024/143
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/143, author = {Xuanming Liu and Zhelei Zhou and Yinghao Wang and Bingsheng Zhang and Xiaohu Yang}, title = {Scalable Collaborative zk-{SNARK}: Fully Distributed Proof Generation and Malicious Security}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/143}, year = {2024}, url = {https://eprint.iacr.org/2024/143} }