Paper 2025/1026

Malicious Security in Collaborative zk-SNARKs: More than Meets the Eye

Sanjam Garg, University of California, Berkeley
Aarushi Goel, Purdue University
Abhishek Jain, NTT Research, Johns Hopkins University
Bhaskar Roberts, University of California, Berkeley
Sruthi Sekar, Indian Institute of Technology Bombay
Abstract

Collaborative zk-SNARKs (Ozdemir and Boneh, USENIX’22) are a multiparty variant of zk-SNARKs where multiple, mutually distrustful provers, each holding a private input, jointly compute a zk-SNARK using their combined inputs. A sequence of works has proposed efficient constructions of collaborative zk-SNARKs using a common template that involves designing secure multiparty computation (MPC) protocols to emulate a zk-SNARK prover without making non-black-box use of cryptography. To achieve security against malicious adversaries, these works adopt compilers from the MPC literature that transform semi-honest MPC into malicious-secure MPC. In this work, we revisit this design template. • Pitfalls: We demonstrate two pitfalls in the template, which can lead to a loss of input privacy. We first show that it is possible to compute collaborative proofs on invalid witnesses, which in turn can leak the inputs of honest provers. Next, we show that using state-of-the-art malicious security compilers as-is for proof computation is insecure, in general. Finally, we discuss mitigation strategies. • Malicious Security Essentially for Free: As our main technical result, we show that in the honest-majority setting, one can forego malicious security checks performed by state-of-the-art malicious security compilers during collaborative proof generation of several widely used zk-SNARKs. In other words, we can avoid the overheads of malicious security compilers, enabling faster proof generation. To the best of our knowledge, this is the first example of non-trivial computations where semi-honest MPC protocols achieve malicious security. The observations underlying our positive results are general and may have applications beyond collaborative zkSNARKs.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published by the IACR in CRYPTO 2025
Keywords
multiparty computationzk-SNARKscollaborative zk-SNARKs
Contact author(s)
sanjamg @ berkeley edu
aarushi @ purdue edu
abhishek @ cs jhu edu
bhaskarr @ eecs berkeley edu
sruthi @ cse iitb ac in
History
2025-06-03: approved
2025-06-02: received
See all versions
Short URL
https://ia.cr/2025/1026
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/1026,
      author = {Sanjam Garg and Aarushi Goel and Abhishek Jain and Bhaskar Roberts and Sruthi Sekar},
      title = {Malicious Security in Collaborative zk-{SNARKs}: More than Meets the Eye},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/1026},
      year = {2025},
      url = {https://eprint.iacr.org/2025/1026}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.