Ligerolight：基于 IOP 的优化区块链可扩展性零知识论证

IF 4.4 2区化学 Q2 MATERIALS SCIENCE, MULTIDISCIPLINARY

ACS Applied Polymer Materials Pub Date : 2024-07-01 DOI:10.1109/TDSC.2023.3336717

Zongyang Zhang, Weihan Li, Ximeng Liu, Xin Chen, Qihang Peng

{"title":"Ligerolight：基于 IOP 的优化区块链可扩展性零知识论证","authors":"Zongyang Zhang, Weihan Li, Ximeng Liu, Xin Chen, Qihang Peng","doi":"10.1109/TDSC.2023.3336717","DOIUrl":null,"url":null,"abstract":"Zero-knowledge scalable transparent arguments of knowledge (zk-STARKs) are a promising approach to solving the blockchain scalability problem while maintaining security, decentralization and privacy. However, compared with zero-knowledge proofs with trusted setups deployed in existing scalability solutions, zk-STARKs are usually less efficient. In this paper, we introduce Ligerolight, an optimized zk-STARK for the arithmetic circuit satisfiability problem following the framework of Ligero (ACM CCS 2017) and Aurora (Eurocrypt 2019) based on interactive oracle proof, which could be used for blockchain scalability. Evaluations show that Ligerolight has performance advantages compared with existing zk-STARKs. The prover time is 30% faster than Aurora to generate proof for computing an authentication path of a Merkle tree with 32 leaves. The proof size is about 131 KB, one-tenth of Ligero and 50% smaller than Aurora. The verifier time is 2 times as fast as Aurora. Underlying Ligerolight is a new batch zero-knowledge inner product argument, allowing to prove multiple inner product relations once. Using this argument, we build a batch multivariate polynomial commitment with poly-logarithmic communication complexity and verification. This polynomial commitment is particularly efficient when opening multiple points in multiple polynomials at one time, and may be of independent interest in constructing scalability solutions.","PeriodicalId":7,"journal":{"name":"ACS Applied Polymer Materials","volume":"274 1","pages":"3656-3670"},"PeriodicalIF":4.4000,"publicationDate":"2024-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Ligerolight: Optimized IOP-Based Zero-Knowledge Argument for Blockchain Scalability\",\"authors\":\"Zongyang Zhang, Weihan Li, Ximeng Liu, Xin Chen, Qihang Peng\",\"doi\":\"10.1109/TDSC.2023.3336717\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Zero-knowledge scalable transparent arguments of knowledge (zk-STARKs) are a promising approach to solving the blockchain scalability problem while maintaining security, decentralization and privacy. However, compared with zero-knowledge proofs with trusted setups deployed in existing scalability solutions, zk-STARKs are usually less efficient. In this paper, we introduce Ligerolight, an optimized zk-STARK for the arithmetic circuit satisfiability problem following the framework of Ligero (ACM CCS 2017) and Aurora (Eurocrypt 2019) based on interactive oracle proof, which could be used for blockchain scalability. Evaluations show that Ligerolight has performance advantages compared with existing zk-STARKs. The prover time is 30% faster than Aurora to generate proof for computing an authentication path of a Merkle tree with 32 leaves. The proof size is about 131 KB, one-tenth of Ligero and 50% smaller than Aurora. The verifier time is 2 times as fast as Aurora. Underlying Ligerolight is a new batch zero-knowledge inner product argument, allowing to prove multiple inner product relations once. Using this argument, we build a batch multivariate polynomial commitment with poly-logarithmic communication complexity and verification. This polynomial commitment is particularly efficient when opening multiple points in multiple polynomials at one time, and may be of independent interest in constructing scalability solutions.\",\"PeriodicalId\":7,\"journal\":{\"name\":\"ACS Applied Polymer Materials\",\"volume\":\"274 1\",\"pages\":\"3656-3670\"},\"PeriodicalIF\":4.4000,\"publicationDate\":\"2024-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACS Applied Polymer Materials\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1109/TDSC.2023.3336717\",\"RegionNum\":2,\"RegionCategory\":\"化学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"MATERIALS SCIENCE, MULTIDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACS Applied Polymer Materials","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/TDSC.2023.3336717","RegionNum":2,"RegionCategory":"化学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"MATERIALS SCIENCE, MULTIDISCIPLINARY","Score":null,"Total":0}

引用次数: 0

摘要

零知识可扩展透明知识论证（zk-STARKs）是解决区块链可扩展性问题的一种有前途的方法，同时还能保持安全性、去中心化和隐私性。然而，与现有可扩展性解决方案中部署的具有可信设置的零知识证明相比，zk-STARK 通常效率较低。在本文中，我们介绍了Ligerolight，这是一种针对算术电路可满足性问题的优化zk-STARK，它遵循Ligero（ACM CCS 2017）和Aurora（Eurocrypt 2019）的框架，基于交互式甲骨文证明，可用于区块链可扩展性。评估表明，与现有的zk-STARKs相比，Ligerolight具有性能优势。在计算一棵有 32 个树叶的梅克尔树的认证路径时，证明者生成证明的时间比 Aurora 快 30%。证明大小约为 131 KB，是 Ligero 的十分之一，比 Aurora 小 50%。验证时间是 Aurora 的 2 倍。Ligerolight 的基础是一种新的批量零知识内积论证，允许一次证明多个内积关系。利用这一论证，我们构建了一种批量多变量多项式承诺，其通信复杂度和验证速度均为多对数。当一次打开多个多项式中的多个点时，这种多项式承诺尤其高效，而且在构建可扩展性解决方案时可能具有独立的意义。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Ligerolight: Optimized IOP-Based Zero-Knowledge Argument for Blockchain Scalability

Zero-knowledge scalable transparent arguments of knowledge (zk-STARKs) are a promising approach to solving the blockchain scalability problem while maintaining security, decentralization and privacy. However, compared with zero-knowledge proofs with trusted setups deployed in existing scalability solutions, zk-STARKs are usually less efficient. In this paper, we introduce Ligerolight, an optimized zk-STARK for the arithmetic circuit satisfiability problem following the framework of Ligero (ACM CCS 2017) and Aurora (Eurocrypt 2019) based on interactive oracle proof, which could be used for blockchain scalability. Evaluations show that Ligerolight has performance advantages compared with existing zk-STARKs. The prover time is 30% faster than Aurora to generate proof for computing an authentication path of a Merkle tree with 32 leaves. The proof size is about 131 KB, one-tenth of Ligero and 50% smaller than Aurora. The verifier time is 2 times as fast as Aurora. Underlying Ligerolight is a new batch zero-knowledge inner product argument, allowing to prove multiple inner product relations once. Using this argument, we build a batch multivariate polynomial commitment with poly-logarithmic communication complexity and verification. This polynomial commitment is particularly efficient when opening multiple points in multiple polynomials at one time, and may be of independent interest in constructing scalability solutions.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

ACS Applied Polymer Materials Multiple-

CiteScore

7.20

自引率

6.00%

发文量

810

期刊介绍： ACS Applied Polymer Materials is an interdisciplinary journal publishing original research covering all aspects of engineering, chemistry, physics, and biology relevant to applications of polymers. The journal is devoted to reports of new and original experimental and theoretical research of an applied nature that integrates fundamental knowledge in the areas of materials, engineering, physics, bioscience, polymer science and chemistry into important polymer applications. The journal is specifically interested in work that addresses relationships among structure, processing, morphology, chemistry, properties, and function as well as work that provide insights into mechanisms critical to the performance of the polymer for applications.