[Resource Topic] 2020/1069: Lunar: a Toolbox for More Efficient Universal and Updatable zkSNARKs and Commit-and-Prove Extensions

Resource Cryptographic protocols
#1

Welcome to the resource topic for 2020/1069

Title:
Lunar: a Toolbox for More Efficient Universal and Updatable zkSNARKs and Commit-and-Prove Extensions

Authors: Matteo Campanelli, Antonio Faonio, Dario Fiore, Anaïs Querol, Hadrián Rodríguez

Abstract:

We address the problem of constructing zkSNARKs whose SRS is \mathit{universal} – valid for all relations within a size-bound – and \mathit{updatable} – a dynamic set of participants can add secret randomness to it indefinitely thus increasing confidence in the setup. We investigate formal frameworks and techniques to design efficient universal updatable zkSNARKs with linear-size SRS and their commit-and-prove variants. We achieve a collection of zkSNARKs with different tradeoffs. One of our constructions achieves the smallest proof size and proving time compared to the state of art for proofs for arithmetic circuits. The language supported by this scheme is a variant of R1CS, called R1CS-lite, introduced by this work. Another of our constructions supports directly standard R1CS and improves on previous work achieving the fastest proving time for this type of constraint systems. We achieve this result via the combination of different contributions: (1) a new algebraically-flavored variant of IOPs that we call \mathit{Polynomial} \mathit{Holographic} \mathit{IOPs} (PHPs), (2) a new compiler that combines our PHPs with \mathit{commit}-\mathit{and}-\mathit{prove} \mathit{\ zkSNARKs} for committed polynomials, (3) pairing-based realizations of these CP-SNARKs for polynomials, (4) constructions of PHPs for R1CS and R1CS-lite, (5) a variant of the compiler that yields a commit-and-prove universal zkSNARK.

ePrint: https://eprint.iacr.org/2020/1069

Talk: https://www.youtube.com/watch?v=PLCr8TLT65Y

Slides: https://iacr.org/submit/files/slides/2021/asiacrypt/asiacrypt2021/23/slides.pdf

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .