BSV
$54.45
Vol 29.85m
1.35%
BTC
$96774
Vol 41206.26m
-0.49%
BCH
$455.25
Vol 342.11m
1.56%
LTC
$102.31
Vol 815.74m
2.08%
DOGE
$0.31
Vol 4867.54m
-0.63%
Getting your Trinity Audio player ready...

This post was first published on Medium.

Prove Group Membership Without Ring Signatures

In Part 1, we have demonstrated zk-SNARK turns cryptographic problems into programming problems. As an example, we “programmed” elliptic curve point multiplication to prove knowledge of a private key for a given public key, the equivalent of a digital signature.

Today, we show how to implement another otherwise sophisticated cryptographic primitive by simply “programming” it in zero knowledge language Circomring signatures.

Ring Signatures using zk-SNARK

 In a ring signature, any member of a group/ring can sign to prove their membership, without disclosing their specific identity. Based on the signature, a verifier can be sure one of the group members signed, but he cannot know which one signed. We have implemented ring signatures before. Even though it is doable, it is far from trivial and requires comprehensive knowledge of cryptography and ingenuity to come up with.

Circular Chart
Ring Signature

Thanks to the programmability and composability of zk-SNARK, we can simply “coded” ring signature as below, based on the previous point multiplication library.

group_pubkey.circom

From Line 11 to 22, we use ECDSAPrivToPub covered in Part 1 to derive a public key at Line 16 from the private key at Line 5 (Note it is declared private)¹. We then just compare the resulting public key with each of the public key in the group defined at Line 7 (Note it is declared public). We return true if and only if it matches any in the group at Line 54.

A test can be found here.

Since the private key input is private and remains hidden, a verifier cannot use it to identify which member created the proof. We have created a ZKP for membership in a group/ring and the equivalent of ring signatures, without knowing any underlying cryptography! This is the power of zk-SNARKs.

***

NOTE:

[1] We prefer ECDSAPrivToPub here over Secp256k1ScalarMult, since it is more efficient.

Watch: The BSV Global Blockchain Convention presentation, Smart Contracts and Computation on BSV

https://www.youtube.com/watch?v=c_zAlkImgTU

Recommended for you

Google unveils ‘Willow’; Bernstein downplays quantum threat to Bitcoin
Google claims that Willow can eliminate common errors associated with quantum computing, while Bernstein analysts noted that Willow’s 105 qubits...
December 18, 2024
WhatsOnChain adds support for 1Sat Ordinals with new API set
WhatsOnChain now supports the 1Sat Ordinals with a set of APIs in beta testing; with this new development, developers can...
December 13, 2024
Advertisement
Advertisement
Advertisement