Document Open Access Logo

Zero-Knowledge Authenticator for Blockchain: Policy-Private and Obliviously Updateable

Authors Kostas Kryptos Chalkias , Deepak Maram , Arnab Roy , Joy Wang , Aayush Yadav

PDF

File

Thumbnail PDF
PDF
LIPIcs.AFT.2025.2.pdf
  • Filesize: 0.9 MB
  • 23 pages

Document Identifiers

Related Versions

Subject Classification

ACM Subject Classification
  • Security and privacy → Cryptography
  • Security and privacy → Authentication
  • Security and privacy → Privacy-preserving protocols
Keywords
  • Blockchain privacy
  • authentication schemes
  • threshold wallets
  • zero knowledge proofs

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
    0
    Metadata Views

Abstract

Transaction details and participant identities on the blockchain are often publicly exposed. In this work, we posit that blockchain’s transparency should not come at the cost of privacy. To that end, we introduce zero-knowledge authenticators (zkAt), a new cryptographic primitive for privacy-preserving authentication on public blockchains. zkAt utilizes zero-knowledge proofs to enable users to authenticate transactions, while keeping the underlying authentication policies private. 
Prior solutions for such policy-private authentication required the use of threshold signatures, which can only hide the threshold access structure itself. In comparison, zkAt provides privacy for arbitrarily complex authentication policies, and offers a richer interface even within the threshold access structure by, for instance, allowing for the combination of signatures under distinct signature schemes.
In order to construct zkAt, we design a compiler that transforms the popular Groth16 non-interactive zero knowledge (NIZK) proof system into a NIZK with equivocable verification keys, a property that we define in this work. Then, for any zkAt constructed using proof systems with this new property, we show that all public information must be independent of the policy, thereby achieving policy-privacy.
Next, we give an extension of zkAt, called zkAt^+ wherein, assuming a trusted authority, policies can be updated obliviously in the sense that a third-party learns no new information when a policy is updated by the policy issuer. We also give a theoretical construction for zkAt^+ using recursive NIZKs, and explore the integration of zkAt into modern blockchains. Finally, to evaluate their feasibility, we implement both our schemes for a specific threshold access structure. Our findings show that zkAt achieves comparable performance to traditional threshold signatures, while also attaining privacy for significantly more complex policies with very little overhead.

Cite As Get BibTex

Kostas Kryptos Chalkias, Deepak Maram, Arnab Roy, Joy Wang, and Aayush Yadav. Zero-Knowledge Authenticator for Blockchain: Policy-Private and Obliviously Updateable. In 7th Conference on Advances in Financial Technologies (AFT 2025). Leibniz International Proceedings in Informatics (LIPIcs), Volume 354, pp. 2:1-2:23, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2025) https://doi.org/10.4230/LIPIcs.AFT.2025.2

Author Details

Kostas Kryptos Chalkias
  • Mysten Labs, Palo Alto, CA, USA
Deepak Maram
  • Mysten Labs, Palo Alto, CA, USA
Arnab Roy
  • Mysten Labs, Palo Alto, CA, USA
Joy Wang
  • Mysten Labs, Palo Alto, CA, USA
Aayush Yadav
  • George Mason University, Fairfax, VA, USA

Acknowledgements

The authors thank Foteini Baldimtsi for her feedback on the manuscript.

References

  1. 0xPARC. Big integer arithmetic and secp256k1 ecc operations in circom. https://github.com/0xPARC/circom-ecdsa, 2024. Accessed: 2025-02-19.
  2. Damiano Abram, Ariel Nof, Claudio Orlandi, Peter Scholl, and Omer Shlomovits. Low-bandwidth threshold ECDSA via pseudorandom correlation generators. In 2022 IEEE Symposium on Security and Privacy, pages 2554-2572, San Francisco, CA, USA, May 22-26 2022. IEEE Computer Society Press. URL: https://doi.org/10.1109/SP46214.2022.9833559.
  3. Argent. Smart wallet features. https://www.argent.xyz/blog/smart-wallet-features, 2024. Accessed: 2024-10-11.
  4. Foteini Baldimtsi, Konstantinos Kryptos Chalkias, Yan Ji, Jonas Lindstrøm, Deepak Maram, Ben Riva, Arnab Roy, Mahdi Sedaghat, and Joy Wang. zkLogin: Privacy-preserving blockchain authentication with existing credentials. In Bo Luo, Xiaojing Liao, Jun Xu, Engin Kirda, and David Lie, editors, ACM CCS 2024: 31st Conference on Computer and Communications Security, pages 3182-3196, Salt Lake City, UT, USA, October 14-18 2024. ACM Press. URL: https://doi.org/10.1145/3658644.3690356.
  5. Paulo S. L. M. Barreto, Ben Lynn, and Michael Scott. Constructing elliptic curves with prescribed embedding degrees. In Stelvio Cimato, Clemente Galdi, and Giuseppe Persiano, editors, SCN 02: 3rd International Conference on Security in Communication Networks, volume 2576 of Lecture Notes in Computer Science, pages 257-267, Amalfi, Italy, September 12-13 2003. Springer Berlin Heidelberg, Germany. URL: https://doi.org/10.1007/3-540-36413-7_19.
  6. Mihir Bellare, Elizabeth C. Crites, Chelsea Komlo, Mary Maller, Stefano Tessaro, and Chenzhi Zhu. Better than advertised security for non-interactive threshold signatures. In Yevgeniy Dodis and Thomas Shrimpton, editors, Advances in Cryptology - CRYPTO 2022, Part IV, volume 13510 of Lecture Notes in Computer Science, pages 517-550, Santa Barbara, CA, USA, August 15-18 2022. Springer, Cham, Switzerland. URL: https://doi.org/10.1007/978-3-031-15985-5_18.
  7. Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, and Bo-Yin Yang. High-speed high-security signatures. Journal of Cryptographic Engineering, 2(2):77-89, September 2012. URL: https://doi.org/10.1007/s13389-012-0027-1.
  8. BitGo. Policy builder overview. https://developers.bitgo.com/guides/policy-builder/overview, 2024. Accessed: 2024-10-11.
  9. Dan Boneh, Manu Drijvers, and Gregory Neven. Compact multi-signatures for smaller blockchains. In Thomas Peyrin and Steven Galbraith, editors, Advances in Cryptology - ASIACRYPT 2018, Part II, volume 11273 of Lecture Notes in Computer Science, pages 435-464, Brisbane, Queensland, Australia, December 2-6 2018. Springer, Cham, Switzerland. URL: https://doi.org/10.1007/978-3-030-03329-3_15.
  10. Dan Boneh, Wilson Nguyen, and Alex Ozdemir. Efficient functional commitments: How to commit to private functions. Cryptology ePrint Archive, Report 2021/1342, 2021. URL: https://eprint.iacr.org/2021/1342.
  11. Gautam Botrel, Thomas Piellard, Youssef El Housni, Ivo Kubjas, and Arya Tabaie. Consensys/gnark: v0.9.0, February 2023. URL: https://doi.org/10.5281/zenodo.5819104.
  12. Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, and Howard Wu. ZEXE: Enabling decentralized private computation. In 2020 IEEE Symposium on Security and Privacy, pages 947-964, San Francisco, CA, USA, May 18-21 2020. IEEE Computer Society Press. URL: https://doi.org/10.1109/SP40000.2020.00050.
  13. Friederike Brezing and Annegret Weng. Elliptic curves suitable for pairing based cryptography. Designs, Codes and Cryptography, 37(1):133-141, 2005. URL: https://doi.org/10.1007/s10623-004-3808-4.
  14. Kostas Kryptos Chalkias, Deepak Maram, Arnab Roy, Joy Wang, and Aayush Yadav. Zero-knowledge authenticator for blockchain: Policy-private and obliviously updateable. Cryptology ePrint Archive, Paper 2025/921, 2025. URL: https://eprint.iacr.org/2025/921.
  15. Binyi Chen, Benedikt Bünz, Dan Boneh, and Zhenfei Zhang. HyperPlonk: Plonk with linear-time prover and high-degree custom gates. In Carmit Hazay and Martijn Stam, editors, Advances in Cryptology - EUROCRYPT 2023, Part II, volume 14005 of Lecture Notes in Computer Science, pages 499-530, Lyon, France, April 23-27 2023. Springer, Cham, Switzerland. URL: https://doi.org/10.1007/978-3-031-30617-4_17.
  16. Alessandro Chiesa, Yuncong Hu, Mary Maller, Pratyush Mishra, Psi Vesely, and Nicholas P. Ward. Marlin: Preprocessing zkSNARKs with universal and updatable SRS. In Anne Canteaut and Yuval Ishai, editors, Advances in Cryptology - EUROCRYPT 2020, Part I, volume 12105 of Lecture Notes in Computer Science, pages 738-768, Zagreb, Croatia, May 10-14 2020. Springer, Cham, Switzerland. URL: https://doi.org/10.1007/978-3-030-45721-1_26.
  17. Yvo Desmedt. Society and group oriented cryptography: A new concept. In Carl Pomerance, editor, Advances in Cryptology - CRYPTO'87, volume 293 of Lecture Notes in Computer Science, pages 120-127, Santa Barbara, CA, USA, August 16-20 1988. Springer Berlin Heidelberg, Germany. URL: https://doi.org/10.1007/3-540-48184-2_8.
  18. Yvo Desmedt and Yair Frankel. Threshold cryptosystems. In Gilles Brassard, editor, Advances in Cryptology - CRYPTO'89, volume 435 of Lecture Notes in Computer Science, pages 307-315, Santa Barbara, CA, USA, August 20-24 1990. Springer, New York, USA. URL: https://doi.org/10.1007/0-387-34805-0_28.
  19. Jiajun Du, Zhonghui Ge, Yu Long, Zhen Liu, Shifeng Sun, Xian Xu, and Dawu Gu. MixCT: Mixing confidential transactions from homomorphic commitment. In Vijayalakshmi Atluri, Roberto Di Pietro, Christian Damsgaard Jensen, and Weizhi Meng, editors, ESORICS 2022: 27th European Symposium on Research in Computer Security, Part III, volume 13556 of Lecture Notes in Computer Science, pages 763-769, Copenhagen, Denmark, September 26-30 2022. Springer, Cham, Switzerland. URL: https://doi.org/10.1007/978-3-031-17143-7_39.
  20. Stefan Dziembowski, Lisa Eckey, Sebastian Faust, and Daniel Malinowski. Perun: Virtual payment hubs over cryptocurrencies. In 2019 IEEE Symposium on Security and Privacy, pages 106-123, San Francisco, CA, USA, May 19-23 2019. IEEE Computer Society Press. URL: https://doi.org/10.1109/SP.2019.00020.
  21. Youssef El Housni and Aurore Guillevic. Optimized and secure pairing-friendly elliptic curves suitable for one layer proof composition. In Stephan Krenn, Haya Shulman, and Serge Vaudenay, editors, CANS 20: 19th International Conference on Cryptology and Network Security, volume 12579 of Lecture Notes in Computer Science, pages 259-279, Vienna, Austria, December 14-16 2020. Springer, Cham, Switzerland. URL: https://doi.org/10.1007/978-3-030-65411-5_13.
  22. Youssef El Housni and Aurore Guillevic. Families of SNARK-friendly 2-chains of elliptic curves. In Orr Dunkelman and Stefan Dziembowski, editors, Advances in Cryptology - EUROCRYPT 2022, Part II, volume 13276 of Lecture Notes in Computer Science, pages 367-396, Trondheim, Norway, May 30 - June 3 2022. Springer, Cham, Switzerland. URL: https://doi.org/10.1007/978-3-031-07085-3_13.
  23. Electron Labs. Ed25519 implementation in circom. https://github.com/Electron-Labs/ed25519-circom, 2024. Accessed: 2024-10-11.
  24. Fireblocks. Fireblocks governance and policy engine. https://www.fireblocks.com/platforms/governance-and-policy-engine/, 2024. Accessed: 2024-10-11.
  25. Ariel Gabizon, Zachary J. Williamson, and Oana Ciobotaru. PLONK: Permutations over Lagrange-bases for oecumenical noninteractive arguments of knowledge. Cryptology ePrint Archive, Report 2019/953, 2019. URL: https://eprint.iacr.org/2019/953.
  26. Rosario Gennaro, Craig Gentry, Bryan Parno, and Mariana Raykova. Quadratic span programs and succinct NIZKs without PCPs. In Thomas Johansson and Phong Q. Nguyen, editors, Advances in Cryptology - EUROCRYPT 2013, volume 7881 of Lecture Notes in Computer Science, pages 626-645, Athens, Greece, May 26-30 2013. Springer Berlin Heidelberg, Germany. URL: https://doi.org/10.1007/978-3-642-38348-9_37.
  27. Noemi Glaeser, Matteo Maffei, Giulio Malavolta, Pedro Moreno-Sanchez, Erkan Tairi, and Sri Aravinda Krishnan Thyagarajan. Foundations of coin mixing services. In Heng Yin, Angelos Stavrou, Cas Cremers, and Elaine Shi, editors, ACM CCS 2022: 29th Conference on Computer and Communications Security, pages 1259-1273, Los Angeles, CA, USA, November 7-11 2022. ACM Press. URL: https://doi.org/10.1145/3548606.3560637.
  28. Matthew Green and Ian Miers. Bolt: Anonymous payment channels for decentralized currencies. In Bhavani M. Thuraisingham, David Evans, Tal Malkin, and Dongyan Xu, editors, ACM CCS 2017: 24th Conference on Computer and Communications Security, pages 473-489, Dallas, TX, USA, October 31 - November 2 2017. ACM Press. URL: https://doi.org/10.1145/3133956.3134093.
  29. Jens Groth. On the size of pairing-based non-interactive arguments. In Marc Fischlin and Jean-Sébastien Coron, editors, Advances in Cryptology - EUROCRYPT 2016, Part II, volume 9666 of Lecture Notes in Computer Science, pages 305-326, Vienna, Austria, May 8-12 2016. Springer Berlin Heidelberg, Germany. URL: https://doi.org/10.1007/978-3-662-49896-5_11.
  30. Ethan Heilman, Leen Alshenibr, Foteini Baldimtsi, Alessandra Scafuro, and Sharon Goldberg. TumbleBit: An untrusted bitcoin-compatible anonymous payment hub. In ISOC Network and Distributed System Security Symposium - NDSS 2017, San Diego, CA, USA, February 26 - March 1 2017. The Internet Society. URL: https://doi.org/10.14722/ndss.2017.23086.
  31. International Civil Aviation Organization. Basics of epassport cryptography, 2024. Accessed: 2025-02-17. URL: https://www.icao.int/Security/FAL/PKD/BVRT/Pages/Basics.aspx.
  32. K. Itakura. A public-key cryptosystem suitable for digital multisignatures, 1983. Google Scholar
  33. Chelsea Komlo and Ian Goldberg. FROST: Flexible round-optimized Schnorr threshold signatures. In Orr Dunkelman, Michael J. Jacobson, Jr., and Colin O'Flynn, editors, SAC 2020: 27th Annual International Workshop on Selected Areas in Cryptography, volume 12804 of Lecture Notes in Computer Science, pages 34-65, Halifax, NS, Canada (Virtual Event), October 21-23 2020. Springer, Cham, Switzerland. URL: https://doi.org/10.1007/978-3-030-81652-0_2.
  34. Kostas Kryptos Chalkias. Soft privacy-related leak in threshold eddsa wallets. https://x.com/kostascrypto/status/1703594584100700641, 2023.
  35. Jin Li, Man Ho Au, Willy Susilo, Dongqing Xie, and Kui Ren. Attribute-based signature and its applications. In Dengguo Feng, David A. Basin, and Peng Liu, editors, ASIACCS 10: 5th ACM Symposium on Information, Computer and Communications Security, pages 60-69, Beijing, China, April 13-16 2010. ACM Press. URL: https://doi.org/10.1145/1755688.1755697.
  36. Benoît Libert, Somindu C. Ramanna, and Moti Yung. Functional commitment schemes: From polynomial commitments to pairing-based accumulators from simple assumptions. In Ioannis Chatzigiannakis, Michael Mitzenmacher, Yuval Rabani, and Davide Sangiorgi, editors, ICALP 2016: 43rd International Colloquium on Automata, Languages and Programming, volume 55 of Leibniz International Proceedings in Informatics (LIPIcs), pages 30:1-30:14, Rome, Italy, July 11-15 2016. Schloss Dagstuhl - Leibniz-Zentrum für Informatik. URL: https://doi.org/10.4230/LIPIcs.ICALP.2016.30.
  37. Hemanta K. Maji, Manoj Prabhakaran, and Mike Rosulek. Attribute-based signatures. In Aggelos Kiayias, editor, Topics in Cryptology - CT-RSA 2011, volume 6558 of Lecture Notes in Computer Science, pages 376-392, San Francisco, CA, USA, February 14-18 2011. Springer Berlin Heidelberg, Germany. URL: https://doi.org/10.1007/978-3-642-19074-2_24.
  38. Easwar Vivek Mangipudi, Udit Desai, Mohsen Minaei, Mainack Mondal, and Aniket Kate. Uncovering impact of mental models towards adoption of multi-device crypto-wallets. In Weizhi Meng, Christian Damsgaard Jensen, Cas Cremers, and Engin Kirda, editors, ACM CCS 2023: 30th Conference on Computer and Communications Security, pages 3153-3167, Copenhagen, Denmark, November 26-30 2023. ACM Press. URL: https://doi.org/10.1145/3576915.3623218.
  39. Silvio Micali, Kazuo Ohta, and Leonid Reyzin. Accountable-subgroup multisignatures: Extended abstract. In Michael K. Reiter and Pierangela Samarati, editors, ACM CCS 2001: 8th Conference on Computer and Communications Security, pages 245-254, Philadelphia, PA, USA, November 5-8 2001. ACM Press. URL: https://doi.org/10.1145/501983.502017.
  40. Microchain Labs. Zk session keys. https://docs.microchain.microchainlabs.xyz/blog/second-post, 2024. Accessed: 2025-02-21.
  41. Tim Ruffing, Viktoria Ronge, Elliott Jin, Jonas Schneider-Bensch, and Dominique Schröder. ROAST: Robust asynchronous schnorr threshold signatures. In Heng Yin, Angelos Stavrou, Cas Cremers, and Elaine Shi, editors, ACM CCS 2022: 29th Conference on Computer and Communications Security, pages 2551-2564, Los Angeles, CA, USA, November 7-11 2022. ACM Press. URL: https://doi.org/10.1145/3548606.3560583.
  42. Safe Core. Safe core protocol whitepaper. URL: https://github.com/5afe/safe-core-protocol-specs/blob/main/whitepaper.pdf, 2024. Accessed: 2024-10-11.
  43. Qin Wang and Shiping Chen. Account abstraction, analysed. In 2023 IEEE International Conference on Blockchain (Blockchain), pages 323-331, 2023. URL: https://doi.org/10.1109/Blockchain60715.2023.00057.
Any Issues?
X

Feedback on the Current Page

CAPTCHA

Thanks for your feedback!

Feedback submitted to Dagstuhl Publishing

Could not send message

Please try again later or send an E-mail
© 2023-2025 Schloss Dagstuhl – LZI GmbH About DROPS Imprint Privacy Contact