Paper 2024/2025

Mira: Efficient Folding for Pairing-based Arguments

Josh Beal, Yale University
Ben Fisch, Yale University
Abstract

Pairing-based arguments offer remarkably small proofs and space-efficient provers, but aggregating such proofs remains costly. Groth16 SNARKs and KZG polynomial commitments are prominent examples of this class of arguments. These arguments are widely deployed in decentralized systems, with millions of proofs generated per day. Recent folding schemes have greatly reduced the cost of proving incremental computations, such as batch proof verification. However, existing constructions require encoding pairing operations in generic constraint systems, leading to high prover overhead. In this work, we introduce Mira, a folding scheme that directly supports pairing-based arguments. We construct this folding scheme by generalizing the framework in Protostar to support a broader class of special-sound protocols. We demonstrate the versatility and efficiency of this framework through two key applications: Groth16 proof aggregation and verifiable ML inference. Mira achieves 5.8x faster prover time and 9.7x lower memory usage than the state-of-the-art proof aggregation system while maintaining a constant-size proof. To improve the efficiency of verifiable ML inference, we provide a new lincheck protocol with a verifier degree that is independent of the matrix order. We show that Mira scales effectively to larger models, overcoming the memory bottlenecks of current schemes.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
folding schemesproof-carrying dataincrementally verifiable computationpairings
Contact author(s)
josh beal @ yale edu
ben fisch @ yale edu
History
2024-12-15: approved
2024-12-13: received
See all versions
Short URL
https://ia.cr/2024/2025
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/2025,
      author = {Josh Beal and Ben Fisch},
      title = {Mira: Efficient Folding for Pairing-based Arguments},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/2025},
      year = {2024},
      url = {https://eprint.iacr.org/2024/2025}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.