Affiliations: [a] School of Computer Science and Technology, Zhejiang University, Zhejiang, China | [b] Department of Computer Science, Virginia Commonwealth University, VA, USA
Note: [1] A preliminary version (In European Symposium on Research in Computer Security (2021) 430–451 Springer) of this paper was presented at the 26th European Symposium on Research in Computer Security (ESORICS) 2021.
Abstract: Non-interactive zero-knowledge proof or argument (NIZK) systems are widely used in many security sensitive applications to enhance computation integrity, privacy and scalability. In such systems, a prover wants to convince one or more verifiers that the result of a public function is correctly computed without revealing the (potential) private input, such as the witness. In this work, we introduce a new notion, called scriptable SNARK, where the prover and verifier(s) can specify the function (or language instance) to be proven via a script. We formalize this notion in UC framework and provide a generic trusted hardware based solution. We then instantiate our solution in both SGX and Trustzone with Lua script engine. The system can be easily used by typical programmers without any cryptographic background. The benchmark result shows that our solution is better than all the known SNARK proof systems w.r.t. prover’s running time (1000 times faster), verifier’s running time, and the proof size. In addition, we also give a lightweight scriptable SNARK protocol for hardware with limited state, e.g., Θ(λ) bits. Finally, we show how the proposed scriptable SNARK can be readily deployed to solve many well-known problems in the blockchain context, e.g. verifier’s dilemma, fast joining for new players, etc.
Keywords: Scriptable SNARK, universal composition, trusted hardware model
