ZEXE: Enabling Decentralized Private Computation
- 1 May 2020
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
Ledger-based systems that support rich applications often suffer from two limitations. First, validating a transaction requires re-executing the state transition that it attests to. Second, transactions not only reveal which application had a state transition but also reveal the application’s internal state.We design, implement, and evaluate ZEXE, a ledger-based system where users can execute offline computations and subsequently produce transactions, attesting to the correctness of these computations, that satisfy two main properties. First, transactions hide all information about the offline computations. Second, transactions can be validated in constant time by anyone, regardless of the offline computation.The core of ZEXE is a construction for a new cryptographic primitive that we introduce, decentralized private computation (DPC) schemes. In order to achieve an efficient implementation of our construction, we leverage tools in the area of cryptographic proofs, including succinct zero knowledge proofs and recursive proof composition. Overall, transactions in ZEXE are 968 bytes regardless of the offline computation, and generating them takes less than 1min plus a time that grows with the offline computation.We demonstrate how to use ZEXE to realize privacy-preserving analogues of popular applications: private user-defined assets and private decentralized exchanges for these assets.Keywords
This publication has 41 references indexed in Scilit:
- Refereed delegation of computationInformation and Computation, 2013
- Implementing Pairings at the 192-Bit Security LevelLecture Notes in Computer Science, 2013
- Evaluating User Privacy in BitcoinLecture Notes in Computer Science, 2013
- Quantitative Analysis of the Full Bitcoin Transaction GraphLecture Notes in Computer Science, 2013
- BLAKE2: Simpler, Smaller, Fast as MD5Lecture Notes in Computer Science, 2013
- Attractive Subfamilies of BLS Curves for Implementing High-Security PairingsLecture Notes in Computer Science, 2011
- A Taxonomy of Pairing-Friendly Elliptic CurvesJournal of Cryptology, 2009
- Simulation-Sound NIZK Proofs for a Practical Language and Constant Size Group SignaturesLecture Notes in Computer Science, 2006
- Constructing Elliptic Curves with Prescribed Embedding DegreesLecture Notes in Computer Science, 2003
- Robust Non-interactive Zero KnowledgeLecture Notes in Computer Science, 2001