bitcoin-dev

Combined summary - OP_ZKP updates

Combined summary - OP_ZKP updates

The recent updates in cryptographic solutions within the domain of open application circuits emphasize a shift towards recursive verification to streamline the process.

This approach negates the requirement to publish each application circuit's verification key on-chain, opting instead for a singular circuit verified through recursion. A dedicated GitHub organization and repository, named "tea-horse," have been established to facilitate the sharing of ideas and developments related to this innovative strategy. While the repository is currently in the early stages of development, it is expected to become a valuable resource for those interested in contributing to or understanding the project further. The links to both the GitHub organization and the specific repository are made available for easy access.

The discussion also delves into the technical requisites for implementing Dory, a cryptographic solution that necessitates pairing-friendly curves, contrasting with secp256k1's lack of support for pairing operations. This distinction underscores the importance of selecting cryptographic curves that align with the operational requirements of Dory, highlighting its need for pairing to function properly. Despite Dory's promise in terms of transparency and efficiency, its larger proof size compared to other solutions presents a challenge, illustrating the complexities involved in choosing a cryptographic framework that balances technical specifications with desired outcomes such as transparency and scalability.

Weiji Guo highlighted a technical limitation regarding the compatibility of Dory with secp256k1, pointing out that Dory's reliance on pairing operations, which secp256k1 does not support, poses a significant hurdle. This highlights the need for further exploration or alternative solutions to overcome this compatibility issue, reflecting a nuanced understanding of cryptographic principles necessary to address these challenges.

The OP_ZKP proposal aims to integrate Zero-Knowledge Proofs within Bitcoin transactions by identifying an appropriate ZKP scheme that meets several high-level requirements. These include minimal security assumptions, small block size consumption, and the capability for batched verification and aggregated proving without necessitating a trusted setup. The Inner Product Argument (IPA) emerges as a potential candidate due to its transparent setup, compatibility with secp256k1, and relatively small proof size. However, challenges such as linear verification time and scalability of verification keys remain. Aggregated proving techniques are suggested to mitigate these issues, although concerns about the deployment of large verification keys and the overall system complexity persist. Future considerations involve evaluating the performance impact on lower-powered devices and potentially exploring alternative schemes like Dory, should unresolved issues with IPA persist. For those interested in further reading on SNARKs misconceptions and Torus-based optimization, additional resources are provided, including detailed articles from a16zcrypto and links to a video and paper discussing Torus optimization.

Discussion History

0
Weiji GuoOriginal Post
July 22, 2024 14:05 UTC
1
July 22, 2024 18:45 UTC
2
July 22, 2024 22:38 UTC
3
August 28, 2024 15:33 UTC
4
October 14, 2024 09:00 UTC