Zero Knowledge Light Client Implementation by Zpoken team.

Overview

zkp for chain state

Prerecusites

This project requires using the nightly Rust toolchain, which can be used by default in this way:

rustup default nightly

To run binaries use:

cargo run --release --package plonky2_sig_hash
cargo run --release --package plonky2_recursion

Core Concept

The first block of an epoch should be accompanied with the recursive zk-SNARK proof of knowledge of correct private inputs for the composite statement below.

Public inputs:

  • Hc — SHA-256 hash of the block;
  • Hg — SHA-256 hash of the genesis block.

Private inputs:

  • Bc — The block;
  • Bp — The first block of the previous epoch;
  • Hp — SHA-256 hash of the first block of the previous epoch;
  • Pp — The proof accompanying the first block of the previous epoch.

Statement:

  • Hp equals the hash of Bp;
  • Hp equals Hg OR Pp is valid for public inputs (Hp, Hg);
  • Hc equals the hash of Bc;
  • Bc.epoch equals Bp.nextEpoch;
  • Sumi=1..n(Verify(v[i].pubKey, Bc, Bc.signatures[i]) ⋅ v[i].stake) exceeds ⅔ of Sumi=1..n(v[i].stake), where v is Bp.nextValidators, n is Bp.nextValidators.length, Verify performs EdDSA signature verification for a block and returns 1 (correct) or 0 (incorrect).

To generate a proof for the first block of the i-th epoch we should take only this block, the first block of the (i-1)-th epoch, the proof accompanying it and the hash of the genesis block.

To validate a proof for the first block of the i-th epoch we have to compute its hash (denoted as Hi), obtain of the genesis block hash (designated as Hg) and verify the proof, which accompanies the block, for public inputs (Hi, Hg).

The pre-hashing algorithm, which is applied to a block before the direct EdDSA verification, has been implemented in the NEAR lightweight client as a part of the validate_light_client_block function and can be found here:https://github.com/near/nearcore/blob/dce2a47f255fdea591a0c1ea24c0a683f659fb7a/pytest/lib/lightclient.py

The direct EdDSA verification for the NEAR lightweight client is performed using the PyNaCl, which “is a Python binding to libsodium, which is a fork of the Networking and Cryptography library”. In libsodium the EdDSA scheme is built over the Ed25519 curve and the SHA-512 hash function. The corresponding source code can be found here: https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_sign/ed25519/ref10/open.c

For better understanding of the EdDSA scheme the following article is recommended: https://medium.com/asecuritysite-when-bob-met-alice/whats-the-difference-between-ecdsa-and-eddsa-e3a16ee0c966

The circuit for generating the aforesaid proofs requires the following cryptographic primitives:

  • SHA-256 calculator;
  • EdDSA verifier using the Ed25519 curve and the SHA-512 hash function;
  • Verifier of the proofs generated for the considered circuits.

These cryptographic primitives are SNARK-unfriendly, i.e. are not initially represented as a sequence of computations over the circuit's native field. Therefore, the time and space complexities for the resulting prover should be estimated before implementation.

You might also like...
STARK - SNARK recursive zero knowledge proofs, combinaison of the Winterfell library and the Circom language

STARK - SNARK recursive proofs The point of this library is to combine the SNARK and STARK computation arguments of knowledge, namely the Winterfell l

A fast zero-knowledge proof friendly Move language runtime environment.
A fast zero-knowledge proof friendly Move language runtime environment.

zkMove Lite zkMove Lite is a lightweight zero-knowledge proof friendly Move language virtual machine. Move bytecode is automatically "compiled" into c

Spartan2: High-speed zero-knowledge SNARKs.

Spartan2: High-speed zero-knowledge SNARKs. Spartan is a high-speed zkSNARK, where a zkSNARK is type cryptographic proof system that enables a prover

Outp0st is an open-source UI tool to enable next-level team collaboration on dApp development over Terra blockchain
Outp0st is an open-source UI tool to enable next-level team collaboration on dApp development over Terra blockchain

Outp0st is an open-source UI tool to enable next-level team collaboration on dApp development over Terra blockchain

Rust library for build smart contracts on Internet Computer, by the Spinner.Cash team.

Spinner Rust library for building smart contracts on the Internet Computer. More specifically it is used by Spinner.Cash, a decentralized layer-2 prot

The backend for the Cougar Scouting App for 1403 FRC team.
The backend for the Cougar Scouting App for 1403 FRC team.

Welcome to Cougar Scouting App Backend! Before you use any code in this repo Please credit us in your repo and credits in your app This code is a work

The fast, light, and robust client for the Ethereum mainnet.

OpenEthereum Fast and feature-rich multi-network Ethereum client. » Download the latest release « Table of Contents Description Technical Overview Bui

The fast, light, and robust client for Ethereum-like networks.

The Fastest and most Advanced Ethereum Client. » Download the latest release « Table of Contents Description Technical Overview Building 3.1 Building

A crate for working with Ethereum beacon chain light client protocol messages. `no_std` friendly!

eth-lightclient-rs A crate for working with Ethereum beacon chain light client protocol messages. no_std friendly! !! For hacking and experimentation

Owner
Zpoken
We are a full-stack Web3 development organization.
Zpoken
The Zero Knowledge Whitelist Tool is a powerful utility for managing an address whitelist using Zero-Knowledge (ZK) proofs.

zk_whitelist: A Zero Knowledge Whitelist Tool The Zero Knowledge Whitelist Tool is a powerful utility for managing an address whitelist using Zero-Kno

Nikos Koumbakis 4 Nov 21, 2023
RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture.

RISC Zero WARNING: This software is still experimental, we do not recommend it for production use (see Security section). RISC Zero is a zero-knowledg

RISC Zero 653 Jan 3, 2023
Implementation of zero-knowledge proof circuits for Tendermint.

Tendermint X Implementation of zero-knowledge proof circuits for Tendermint. Overview Tendermint X's core contract is TendermintX, which stores the he

Succinct 3 Nov 8, 2023
A Software Development Kit (SDK) for Zero-Knowledge Transactions

Aleo SDK The Aleo SDK is a developer framework to make it simple to create a new account, craft a transaction, and broadcast it to the network. Table

Aleo 270 Jan 5, 2023
Zerocaf: A library built for EC operations in Zero Knowledge.

Dusk-Zerocaf WARNING: WIP Repo. Fast, efficient and bulletproof-friendly cryptographic operations. This repository contains an implementation of the S

Dusk Network 50 Oct 31, 2022
Zero-Knowledge Assembly language and compiler

zkAsm A Zero-Knowledge circuit assembly language, designed to represent Zero-Knowledge circuits in a compressed format, to be stored on blockchains. I

null 1 Dec 30, 2021
Noir is a domain specific language for zero knowledge proofs

The Noir Programming Language Noir is a Domain Specific Language for SNARK proving systems. It has been designed to use any ACIR compatible proving sy

null 404 Jan 1, 2023
OpenZKP - pure Rust implementations of Zero-Knowledge Proof systems.

OpenZKP OpenZKP - pure Rust implementations of Zero-Knowledge Proof systems. Overview Project current implements ?? the Stark protocol (see its readme

0x 529 Jan 5, 2023
Vector OLE and zero-knowledge for Z2k.

Mozzarella Benchmarking Code This repository contains the code developed for the benchmarking experiments in our paper: "Moz $\mathbb{Z}_{2^k}$ arella

null 7 Dec 20, 2022
Safeguard your financial privacy with zero-knowledge proofs.

Spinner The Spinner project (https://spinner.cash) takes a privacy first approach to protect users crypto assets. It is a layer-2 protocol built on th

Spinner 21 Dec 28, 2022