Recursive Proof Composition without a Trusted
Setup
Sean Bowe1
, Jack Grigg1
, and Daira Hopwood1
1 Electric Coin Company
{sean,jack,daira}@electriccoin.co
electriccoin.co/
Abstract. Non-interactive arguments of knowledge are powerful cryptographic tools that can be used to demonstrate the faithful execution
of arbitrary computations with publicly verifiable proofs. Increasingly
efficient protocols have been described in recent years, with verification
time and/or communication complexity that is sublinear in the size of
the computation being described. These efficiencies can be exploited to
realize recursive proof composition: the concept of proofs that attest to
the correctness of other instances of themselves, thereby allowing large
computational effort to be incrementally verified. All previously known
realizations of recursive proof composition have required a trusted setup
and cycles of expensive pairing-friendly elliptic curves. We obtain and
implement Halo, the first practical example of recursive proof composition without a trusted setup, using the discrete log assumption over
normal cycles of elliptic curves. In the process we develop several novel
techniques that may be of independent interest.
Keywords: recursive proofs · incrementally verifiable computation ·
zero knowledge
Setup
Sean Bowe1
, Jack Grigg1
, and Daira Hopwood1
1 Electric Coin Company
{sean,jack,daira}@electriccoin.co
electriccoin.co/
Abstract. Non-interactive arguments of knowledge are powerful cryptographic tools that can be used to demonstrate the faithful execution
of arbitrary computations with publicly verifiable proofs. Increasingly
efficient protocols have been described in recent years, with verification
time and/or communication complexity that is sublinear in the size of
the computation being described. These efficiencies can be exploited to
realize recursive proof composition: the concept of proofs that attest to
the correctness of other instances of themselves, thereby allowing large
computational effort to be incrementally verified. All previously known
realizations of recursive proof composition have required a trusted setup
and cycles of expensive pairing-friendly elliptic curves. We obtain and
implement Halo, the first practical example of recursive proof composition without a trusted setup, using the discrete log assumption over
normal cycles of elliptic curves. In the process we develop several novel
techniques that may be of independent interest.
Keywords: recursive proofs · incrementally verifiable computation ·
zero knowledge
Nota
huge catalysts for the world this week, we'll know if lower lows are coming or if the underwater cycle is behind usNota
volatility continues, as anticipated. looking for a $55.00 tap and more consolidation with volitility
Penerbitan berkaitan
Penafian
Maklumat dan penerbitan adalah tidak dimaksudkan untuk menjadi, dan tidak membentuk, nasihat untuk kewangan, pelaburan, perdagangan dan jenis-jenis lain atau cadangan yang dibekalkan atau disahkan oleh TradingView. Baca dengan lebih lanjut di Terma Penggunaan.
Penerbitan berkaitan
Penafian
Maklumat dan penerbitan adalah tidak dimaksudkan untuk menjadi, dan tidak membentuk, nasihat untuk kewangan, pelaburan, perdagangan dan jenis-jenis lain atau cadangan yang dibekalkan atau disahkan oleh TradingView. Baca dengan lebih lanjut di Terma Penggunaan.