Casting out Primes: Bignum Arithmetic for Zero-Knowledge Proofs

We describe a nondeterministic method for bignum arithmetic. It is inspired by the casting out nines technique, where some identity is checked modulo 9, providing a probabilistic result. More generally, we might check that some identity holds under a set of moduli, i.e. $f(\vec{x}) = 0 \mod m_i$ for each $m_i \in M$. Then \DeclareMathOperator{\lcm}{lcm} f(\vec{x}) = 0 \mod \lcm(M), and if we know |f(\vec{x})| < \lcm(M), it follows that $f(\vec{x}) = 0$. We show how to perform such small-modulus checks efficiently, for certain $f(\vec{x})$ such as bignum multiplication. We focus on the cost model of zero-knowledge proof systems, which support field arithmetic and range checks as native operations

eSTARK: Extending STARKs with Arguments

STARK is a widely used transparent proof system that uses low-degree tests for proving the correctness of a computer program. STARK consumes an intermediate representation known as AIR that is more appropriate for programs with a relatively short and structured description. However, an AIR is not able to succinctly express non-equality constraints, leading to the incorporation of unwanted polynomials. We present the eSTARK protocol, a new probabilistic proof that generalizes the STARK family through the introduction of a more generic intermediate representa- tion called eAIR. We describe eSTARK in the polynomial IOP model, which com- bines the optimized version of the STARK protocol with the incorporation of three arguments into the protocol. We also explain various techniques that enhance the vanilla STARK complexity, including optimizations applied to polynomial computa- tions, and analyze the tradeoffs between controlling the constraint degree either at the representation of the AIR or inside the eSTARK itself

New privacy practices for blockchain software

© 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes,creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.The benefits of blockchain technologies for industrial applications are unquestionable. However, it is a considerable challenge to use a transparent system like blockchain and at the same time provide privacy to sensitive data. Privacy technologies permit conducting private transactions about sensitive data over transparent networks, but their inherent complexity has been overwhelming for many developers. Closing the gap between developers and privacy-preserving technologies would help to the full adoption of the privacy by design framework for blockchain software. To this end, in this paper we present the software tools we have implemented to bring complex privacy technologies closer to developers and facilitate the job of implementing privacy-enabled blockchain applications.This research is supported by the Ethereum Foundation Ecosystem Support [9], TCO-RISEBLOCK (PID2019-110224RB-I00), H2020-i3-MARKET, ARPASAT (TEC2015-70197-R), 2014-SGR-1504, RTI2018-102112-B-I00 (AEI/FEDER,UE) and H2020 PRESENT (856879).Peer ReviewedPostprint (published version