Home » Tech » Programmable zero knowledge proofs using zk-SNARKs: Part 2

Programmable zero knowledge proofs using zk-SNARKs: Part 2

Tech 20 July 2022

This post was first published on Medium.

Prove Group Membership Without Ring Signatures

In Part 1, we have demonstrated zk-SNARK turns cryptographic problems into programming problems. As an example, we “programmed” elliptic curve point multiplication to prove knowledge of a private key for a given public key, the equivalent of a digital signature.

Today, we show how to implement another otherwise sophisticated cryptographic primitive by simply “programming” it in zero knowledge language Circom: ring signatures.

Ring Signatures using zk-SNARK

In a ring signature, any member of a group/ring can sign to prove their membership, without disclosing their specific identity. Based on the signature, a verifier can be sure one of the group members signed, but he cannot know which one signed. We have implemented ring signatures before. Even though it is doable, it is far from trivial and requires comprehensive knowledge of cryptography and ingenuity to come up with.

Circular Chart — Ring Signature

Thanks to the programmability and composability of zk-SNARK, we can simply “coded” ring signature as below, based on the previous point multiplication library.

group_pubkey.circom

From Line 11 to 22, we use ECDSAPrivToPub covered in Part 1 to derive a public key at Line 16 from the private key at Line 5 (Note it is declared private)¹. We then just compare the resulting public key with each of the public key in the group defined at Line 7 (Note it is declared public). We return true if and only if it matches any in the group at Line 54.

A test can be found here.

Since the private key input is private and remains hidden, a verifier cannot use it to identify which member created the proof. We have created a ZKP for membership in a group/ring and the equivalent of ring signatures, without knowing any underlying cryptography! This is the power of zk-SNARKs.

***

NOTE:

[1] We prefer ECDSAPrivToPub here over Secp256k1ScalarMult, since it is more efficient.

Watch: The BSV Global Blockchain Convention presentation, Smart Contracts and Computation on BSV

YouTube video

frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" allowfullscreen>

New to blockchain? Check out CoinGeek’s Blockchain for Beginners section, the ultimate resource guide to learn more about blockchain technology.

Related News

latest news

National Aeronautics and Space Administration

Tech 8 hours ago

NASA astronauts train for future space missions with VR metaverse

The studies will recreate the tasks that astronauts are expected to face in the space, NASA will rely on the expertise of SpaceX's Raja Chari and Nicole Mann who led Crew-3 and Crew-5 missions.

Google mobile app

Tech 14 April 2024

Google’s Arm-based Axion Processors delivers energy efficiency, advanced capabilities

The new Arm-based CPU, called Google Axion Processors, will be available on Google Cloud, offering a low-cost alternative for enterprises seeking computing services.

Solidity vs sCrypt banner from Medium

Tech 10 April 2024

Smart contract programming languages: sCrypt vs. Solidity

This article compares sCrypt and Solidity, to help users decide which one they should use for building smart contracts in the Bitcoin or Ethereum Virtual Machine ecosystems.