Alhad Daftardar,Brandon Reagen,Siddharth Garg

DOI: https://doi.org/10.1145/3656019.3676898

2024-08-12

Abstract:Zero-Knowledge Proofs (ZKPs) are an emergent paradigm in verifiable computing. In the context of applications like cloud computing, ZKPs can be used by a client (called the verifier) to verify the service provider (called the prover) is in fact performing the correct computation based on a public input. A recently prominent variant of ZKPs is zkSNARKs, generating succinct proofs that can be rapidly verified by the end user. However, proof generation itself is very time consuming per transaction. Two key primitives in proof generation are the Number Theoretic Transform (NTT) and Multi-scalar Multiplication (MSM). These primitives are prime candidates for hardware acceleration, and prior works have looked at GPU implementations and custom RTL. However, both algorithms involve complex dataflow patterns -- standard NTTs have irregular memory accesses for butterfly computations from stage to stage, and MSMs using Pippenger's algorithm have data-dependent memory accesses for partial sum calculations. We present SZKP, a scalable accelerator framework that is the first ASIC to accelerate an entire proof on-chip by leveraging structured dataflows for both NTTs and MSMs. SZKP achieves conservative full-proof speedups of over 400$\times$, 3$\times$, and 12$\times$ over CPU, ASIC, and GPU implementations.

Hardware Architecture,Cryptography and Security

Tao Lu,Chengkun Wei,Ruijing Yu,Chaochao Chen,Wenjing Fang,Lei Wang,Zeke Wang,Wenzhi Chen

DOI: https://doi.org/10.46586/tches.v2023.i3.194-220

2023-01-01

IACR Transactions on Cryptographic Hardware and Embedded Systems

Abstract:Zero-knowledge proof is a critical cryptographic primitive. Its most practical type, called zero-knowledge Succinct Non-interactive ARgument of Knowledge (zkSNARK), has been deployed in various privacy-preserving applications such as cryptocurrencies and verifiable machine learning. Unfortunately, zkSNARK like Groth16 has a high overhead on its proof generation step, which consists of several time-consuming operations, including large-scale matrix-vector multiplication (MUL), number-theoretic transform (NTT), and multi-scalar multiplication (MSM). Therefore, this paper presents cuZK, an efficient GPU implementation of zkSNARK with the following three techniques to achieve high performance. First, we propose a new parallel MSM algorithm. This MSM algorithm achieves nearly perfect linear speedup over the Pippenger algorithm, a well-known serial MSM algorithm. Second, we parallelize the MUL operation. Along with our self-designed MSM scheme and well-studied NTT scheme, cuZK achieves the parallelization of all operations in the proof generation step. Third, cuZK reduces the latency overhead caused by CPU-GPU data transfer by 1) reducing redundant data transfer and 2) overlapping data transfer and device computation. The evaluation results show that our MSM module provides over 2.08x (up to 2.94x) speedup versus the state-of-the-art GPU implementation. cuZK achieves over 2.65x (up to 4.86x) speedup on standard benchmarks and 2.18× speedup on a GPU-accelerated cryptocurrency application, Filecoin.

Ye Zhang,Shuo Wang,Xian Zhang,Jiangbin Dong,Xingzhong Mao,Fan Long,Cong Wang,Dong Zhou,Mingyu Gao,Guangyu Sun

DOI: https://doi.org/10.1109/isca52012.2021.00040

2021-01-01

Abstract:Zero-knowledge proof (ZKP) is a promising cryptographic protocol for both computation integrity and privacy. It can be used in many privacy-preserving applications including verifiable cloud outsourcing and blockchains. The major obstacle of using ZKP in practice is its time-consuming step for proof generation, which consists of large-size polynomial computations and multi-scalar multiplications on elliptic curves. To efficiently and practically support ZKP in real-world applications, we propose PipeZK, a pipelined accelerator with two subsystems to handle the aforementioned two intensive compute tasks, respectively. The first subsystem uses a novel dataflow to decompose large kernels into smaller ones that execute on bandwidth-efficient hardware modules, with optimized off-chip memory accesses and on-chip compute resources. The second subsystem adopts a lightweight dynamic work dispatch mechanism to share the heavy processing units, with minimized resource underutilization and load imbalance. When evaluated in 28 nm, PipeZK can achieve 10x speedup on standard cryptographic benchmarks, and 5x on a widely-used cryptocurrency application, Zcash.

Hao Zhou,Changxu Liu,Lan Yang,Li Shang,Fan Yang

DOI: https://doi.org/10.1109/tcsi.2024.3468033

2024-01-01

Abstract:Zero-knowledge proof (ZKP) plays a significant role in privacy protection technology. However, the proof generation phase requires considerable time and hardware resources. In this phase, Number Theoretic Transform or Inverse Number Theoretic Transform (NTT/INTT) in polynomial computation, as well as Multiple Scalar Multiplication (MSM), are bottlenecks that dominate the execution time. In this paper, we propose a highly reconfigurable accelerator ReZK to accelerate ZKP proof generation phase, focusing on NTT/INTT and MSM. According to the configurations, ReZK can be configured as NTT, INTT, and MSM with variable sizes and bit-widths by adjusting the data path between on-chip memories and arithmetic cores. As the basic unit of arithmetic cores, the reconfigurable processing element (PE) in ReZK is composed of pipelined modular multipliers and modular adders that support variable bit-widths. It can perform butterfly or arithmetic operations. Based on the reconfigurable PEs, the ReZK core can implement NTT/INTT with different sizes and bit-widths, or a fully pipelined point adder (PADD). Additionally, we propose a modularized MSM scheduling architecture to support various bit-widths. The on-chip memories are also well organized for reuse. In NTT/INTT mode, 4-way 256-bit or 2-way 384-bit NTT/INTT can be computed in parallel. In MSM mode, for different elliptic curves, ReZK is capable of processing 4-way 256-bit or 2-way 384-bit MSM in parallel.

Oleksandr Kuznetsov,Anton Yezhov,Vladyslav Yusiuk,Kateryna Kuznetsova

2024-07-04

Abstract:Zero-knowledge proofs (ZKPs) have emerged as a promising solution to address the scalability challenges in modern blockchain systems. This study proposes a methodology for generating and verifying ZKPs to ensure the computational integrity of cryptographic hashing, specifically focusing on the SHA-256 algorithm. By leveraging the Plonky2 framework, which implements the PLONK protocol with FRI commitment scheme, we demonstrate the efficiency and scalability of our approach for both random data and real data blocks from the NEAR blockchain. The experimental results show consistent performance across different data sizes and types, with the time required for proof generation and verification remaining within acceptable limits. The generated circuits and proofs maintain manageable sizes, even for real-world data blocks with a large number of transactions. The proposed methodology contributes to the development of secure and trustworthy blockchain systems, where the integrity of computations can be verified without revealing the underlying data. Further research is needed to assess the applicability of the approach to other cryptographic primitives and to evaluate its performance in more complex real-world scenarios.

Cryptography and Security

Weiliang Ma,Qian Xiong,Xuanhua Shi,Xiaosong Ma,Hai Jin,Haozhao Kuang,Mingyu Gao,Ye Zhang,Haichen Shen,Weifang Hu

DOI: https://doi.org/10.1145/3575693.3575711

2023-01-01

Abstract:Zero-knowledge proof (ZKP) is a cryptographic protocol that allows one party to prove the correctness of a statement to another party without revealing any information beyond the correctness of the statement itself. It guarantees computation integrity and confidentiality, and is therefore increasingly adopted in industry for a variety of privacy-preserving applications, such as verifiable outsource computing and digital currency. A significant obstacle in using ZKP for online applications is the performance overhead of its proof generation. We develop GZKP, a GPU accelerated zero-knowledge proof system that supports different levels of security requirements and brings significant speedup toward making ZKP truly usable. For polynomial computation over a large finite field, GZKP promotes a cache-friendly memory access pattern while eliminating the costly external shuffle in existing solutions. For multi-scalar multiplication, GZKP adopts a new parallelization strategy, which aggressively combines integer elliptic curve point operations and exploits fine-grained task parallelism with load balancing for sparse integer distribution. GZKP outperforms the state-of-the-art ZKP systems by an order of magnitude, achieving up to 48.1x and 17.6x speedup with standard cryptographic benchmarks and a real-world application workload, respectively.

Anees Ahmed,Nojan Sheybani,Davi Moreno,Nges Brian Njungle,Tengkai Gong,Michel Kinsy,Farinaz Koushanfar

DOI: https://doi.org/10.1145/3676536.3676809

2024-11-10

Abstract:Collision-resistant, cryptographic hash (CRH) functions have long been an integral part of providing security and privacy in modern systems. Certain constructions of zero-knowledge proof (ZKP) protocols aim to utilize CRH functions to perform cryptographic hashing. Standard CRH functions, such as SHA2, are inefficient when employed in the ZKP domain, thus calling for ZK-friendly hashes, which are CRH functions built with ZKP efficiency in mind. The most mature ZK-friendly hash, MiMC, presents a block cipher and hash function with a simple algebraic structure that is well-suited, due to its achieved security and low complexity, for ZKP applications. Although ZK-friendly hashes have improved the performance of ZKP generation in software, the underlying computation of ZKPs, including CRH functions, must be optimized on hardware to enable practical applications. The challenge we address in this work is determining how to efficiently incorporate ZK-friendly hash functions, such as MiMC, into hardware accelerators, thus enabling more practical applications. In this work, we introduce AMAZE, a highly hardware-optimized open-source framework for computing the MiMC block cipher and hash function. Our solution has been primarily directed at resource-constrained edge devices; consequently, we provide several implementations of MiMC with varying power, resource, and latency profiles. Our extensive evaluations show that the AMAZE-powered implementation of MiMC outperforms standard CPU implementations by more than 13$\times$. In all settings, AMAZE enables efficient ZK-friendly hashing on resource-constrained devices. Finally, we highlight AMAZE's underlying open-source arithmetic backend as part of our end-to-end design, thus allowing developers to utilize the AMAZE framework for custom ZKP applications.

Cryptography and Security,Hardware Architecture

Oleksandr Kuznetsov,Alex Rusnak,Anton Yezhov,Dzianis Kanonik,Kateryna Kuznetsova,Stanislav Karashchuk

DOI: https://doi.org/10.1109/ACCESS.2024.3384705

2024-02-06

Abstract:Blockchain technology has emerged as a revolutionary tool in ensuring data integrity and security in digital transactions. However, the current approaches to data verification in blockchain systems, particularly in Ethereum, face challenges in terms of efficiency and computational overhead. The traditional use of Merkle Trees and cryptographic hash functions, while effective, leads to significant resource consumption, especially for large datasets. This highlights a gap in existing research: the need for more efficient methods of data verification in blockchain networks. Our study addresses this gap by proposing an innovative aggregation scheme for Zero-Knowledge Proofs within the structure of Merkle Trees. We develop a system that significantly reduces the size of the proof and the computational resources needed for its generation and verification. Our approach represents a paradigm shift in blockchain data verification, balancing security with efficiency. We conducted extensive experimental evaluations using real Ethereum block data to validate the effectiveness of our proposed scheme. The results demonstrate a drastic reduction in proof size and computational requirements compared to traditional methods, making the verification process more efficient and economically viable. Our contribution fills a critical research void, offering a scalable and secure solution for blockchain data verification. The implications of our work are far-reaching, enhancing the overall performance and adaptability of blockchain technology in various applications, from financial transactions to supply chain management.

Cryptography and Security

Konkin, Anatoly,Zapechnikov, Sergey

DOI: https://doi.org/10.1007/s11416-023-00466-1

2023-03-11

Journal of Computer Virology and Hacking Techniques

Abstract:Comprehensive adoption of distributed ledger technology and blockchain in enterprises might disrupt financial and other sectors. At the same time, there are some barriers to rolling out the technology in practice. One of the significant issues concerns information security and privacy in the blockchain. Some methods for private transactions such as mixed networks, ring signatures, and off-chain protocols address certain data privacy issues, but do not provide the blockchain characteristics such as decentralized storing systems and immutability verification of private data. This article examines zero-knowledge proof (ZKP) methods for corporate blockchain networks. The article reviews existing methods for private transactions, observes the implementation of ZKP methods, and discusses performance and scalability issues.

Hanze Guo,Yebo Feng,Cong Wu,Zengpeng Li,Jiahua Xu

2024-09-03

Abstract:With the rapid development of Zero-Knowledge Proofs (ZKPs), particularly Succinct Non-Interactive Arguments of Knowledge (SNARKs), benchmarking various ZK tools has become a valuable task. ZK-friendly hash functions, as key algorithms in blockchain, have garnered significant attention. Therefore, comprehensive benchmarking and evaluations of these evolving algorithms in ZK circuits present both promising opportunities and challenges. Additionally, we focus on a popular ZKP application, privacy-preserving transaction protocols, aiming to leverage SNARKs' cost-efficiency through "batch processing" to address high on-chain costs and compliance issues. To this end, we benchmarked three SNARK proving systems and five ZK-friendly hash functions, including our self-developed circuit templates for Poseidon2, Neptune, and GMiMC, on the bn254 curve within the circom-snarkjs framework. We also introduced the role of "sequencer" in our SNARK-based privacy-preserving transaction scheme to enhance efficiency and enable flexible auditing. We conducted privacy and security analyses, as well as implementation and evaluation on Ethereum Virtual Machine (EVM)-compatible chains. The results indicate that Poseidon and Poseidon2 demonstrate superior memory usage and runtime during proof generation under Groth16. Moreover, compared to the baseline, Poseidon2 not only generates proofs faster but also reduces on-chain costs by 73% on EVM chains and nearly 26% on Hedera. Our work provides a benchmark for ZK-friendly hash functions and ZK tools, while also exploring cost efficiency and compliance in ZKP-based privacy-preserving transaction protocols.

Cryptography and Security

Zhelei Zhou,Bingsheng Zhang,Yuan Chen,Jiaqi Li,Yajin Zhou,Yibiao Lu,Kui Ren,Phuc Thai,Hong-Sheng Zhou

DOI: https://doi.org/10.3233/JCS-210167

2022-01-01

Journal of Computer Security

Abstract:Non-interactive zero-knowledge proof or argument (NIZK) systems are widely used in many security sensitive applications to enhance computation integrity, privacy and scalability. In such systems, a prover wants to convince one or more verifiers that the result of a public function is correctly computed without revealing the (potential) private input, such as the witness. In this work, we introduce a new notion, called scriptable SNARK, where the prover and verifier(s) can specify the function (or language instance) to be proven via a script. We formalize this notion in UC framework and provide a generic trusted hardware based solution. We then instantiate our solution in both SGX and Trustzone with Lua script engine. The system can be easily used by typical programmers without any cryptographic background. The benchmark result shows that our solution is better than all the known SNARK proof systems w.r.t. prover's running time (1000 times faster), verifier's running time, and the proof size. In addition, we also give a lightweight scriptable SNARK protocol for hardware with limited state, e.g., Theta(lambda) bits. Finally, we show how the proposed scriptable SNARK can be readily deployed to solve many well-known problems in the blockchain context, e.g. verifier's dilemma, fast joining for new players, etc.

Cristina Vilchez Moya,Juan Ramón Bermejo Higuera,Javier Bermejo Higuera,Juan Antonio Sicilia Montalvo

DOI: https://doi.org/10.3390/app13095552

2023-04-29

Applied Sciences

Abstract:The problem of digital identity acquires more relevance every day in the eyes of a society that spends more and more time connected to the Internet. It has evolved throughout its history to reach a decentralized model known as Self-Sovereign Identity (SSI), which finds its natural tools in the blockchain technology and Zero-Knowledge Proofs (ZKPs). ZKPs, in this context, allow users to prove that their credentials are legitimate without revealing more information than is strictly necessary, and constitute one of the most promising areas of applied cryptography. In this work, an application is developed for the study of Zero-Knowledge Proof methods and, specifically, in their application for authentication in public-private key encryption systems. It focuses on the study of three ZKP protocols (Feige-Fiat-Shamir, Guillou-Quisquater, and Schnorr, which rely on the problems of large number factorizations and discrete logarithms for security) in the practical use-case where a prover wants to demonstrate knowledge of a private key for a public key without revealing the key itself. The application allows the user to modify the necessary parameters in each method to achieve a better understanding of their role in their safety and efficiency. Several types of attacks are carried out against the above-mentioned protocols to analyze their degree of security and what recommendations can be made to improve it.

materials science, multidisciplinary,engineering,chemistry,physics, applied

Sven Laur,Bingsheng Zhang

DOI: https://doi.org/10.1007/978-3-319-13257-0_9

2014-01-01

Abstract:Crypto-computing is a set of well-known techniques for computing with encrypted data. The security of the corresponding protocols are usually proven in the semi-honest model. In this work, we propose a new class of zero-knowledge proofs, which are tailored for cryptocomputing protocols. First, these proofs directly employ properties of the underlying crypto systems and thus many facts have more concise proofs compared to generic solutions. Second, we show how to achieve universal composability in the trusted set-up model where all zero-knowledge proofs share the same system-wide parameters. Third, we derive a new protocol for multiplicative relations and show how to combine it with several crypto-computing frameworks.

Wei Liu,Jian Weng,Bingsheng Zhang,Kai He,Junjie Huang

DOI: https://doi.org/10.1016/j.ins.2022.09.026

IF: 8.1

2022-01-01

Information Sciences

Abstract:Non-interactive zero-knowledge (NIZK) proof systems are very useful for statement verification without interaction in cryptography; they entail just one message, called the proof, that convinces the verifier of the truth of the statement without leaking any extra information. Many NIZK proof systems are related to quadratic residuosity languages and follow three main steps. First, the prover and the verifier sample a common reference string (CRS) in some particular form. Second, the prover proves that n is a Blum integer (BL , n = p 1 t 1 · p 2 t 2, where p 1 and p 2 are different primes both congruent to 3 modulo 4, and t 1 and t 2 are odd). Third, various statements (e.g., NQR n , OR n , AND n , T ( k , t ), and 3 SAT) can be proven by the prover based on the properties of BL . In this study, we improve the NIZK proof system for n ∈ BL based on the special distribution of the square roots modulo n and embed this proof in the third step. Moreover, we show that the CRS can be sampled more efficiently using the improved process.

Ryan Lavin,Xuekai Liu,Hardhik Mohanty,Logan Norman,Giovanni Zaarour,Bhaskar Krishnamachari

2024-08-01

Abstract:Zero-knowledge proofs (ZKPs) represent a revolutionary advance in computational integrity and privacy technology, enabling the secure and private exchange of information without revealing underlying private data. ZKPs have unique advantages in terms of universality and minimal security assumptions when compared to other privacy-sensitive computational methods for distributed systems, such as homomorphic encryption and secure multiparty computation. Their application spans multiple domains, from enhancing privacy in blockchain to facilitating confidential verification of computational tasks. This survey starts with a high-level overview of the technical workings of ZKPs with a focus on an increasingly relevant subset of ZKPs called zk-SNARKS. While there have been prior surveys on the algorithmic and theoretical aspects of ZKPs, our work is distinguished by providing a broader view of practical aspects and describing many recently-developed use cases of ZKPs across various domains. These application domains span blockchain privacy, scaling, storage, and interoperability, as well as non-blockchain applications like voting, authentication, timelocks, and machine learning. Aimed at both practitioners and researchers, the survey also covers foundational components and infrastructure such as zero-knowledge virtual machines (zkVM), domain-specific languages (DSLs), supporting libraries, frameworks, and protocols. We conclude with a discussion on future directions, positioning ZKPs as pivotal in the advancement of cryptographic practices and digital privacy across many applications.

Cryptography and Security,Computational Complexity

Binbin Gu,Faisal Nawab

DOI: https://doi.org/10.1007/s10619-024-07444-6

IF: 0.974

2024-08-31

Distributed and Parallel Databases

Abstract:Blockchain and Decentralized Applications (DApps) are increasingly important for creating trust and transparency in data storage and computation. However, on-chain transactions are often costly and slow. To overcome this challenge, off-chain nodes can be used to store and compute data. Unfortunately, this introduces the risk of untrusted nodes. To address this, authenticated data structures have been proposed, however, this ignores the compute of data from the raw data. We tackle this challenge by introducing zk-Oracle, which provides an efficient and trusted compute and storage off-chain. There is a challenge in using zero-knowledge proofs (zk-proof for short), which is the large proof generation time. We aim to overcome it with novel designs in zk-Oracle. zk-Oracle builds on zk-proofs technologies to achieve two goals. First, the computation of data structures from raw data and the corresponding proof generation is improved in terms of performance. Second, the verification on-chain is inexpensive and fast. Our experiments show that we can speed up zk-proof generation by up to faster than the baseline method.

computer science, information systems, theory & methods

Jiahui Huang,Teng Huang,Huanchun Wei,Jiehua Zhang,Hongyang Yan,Duncan S. Wong,Haibo Hu

DOI: https://doi.org/10.1002/ett.4709

IF: 3.6

2022-12-20

Transactions on Emerging Telecommunications Technologies

Abstract:We present a privacy‐preserving model based on zk‐SNARKs and hash chain for efficient exchange of digital assets. The comprehensive experimental results show the practicality of zkChain. As a distributed public ledger technology in a peer‐to‐peer network, blockchain has been widely used in a variety of Internet interaction systems in recent years, such as market supervision, property rights protection, and digital identity. However, in blockchain environment, all historical transaction data are open and transparent, and adversaries may illegally access private transaction data, which makes privacy attacks a core issue that hinders the popularization and application of blockchain. Different privacy‐preserving technologies such as zerocoin and zerocash have been proposed. However, the large amount of proofs and the slow verification speed hinder the effective application of zero‐knowledge proofs (ZKPs) in blockchain. This article proposes a privacy‐preserving model based on zk‐SNARKs and hash chain for efficient transfer of assets, called zkChain. Different from traditional privacy‐preserving schemes, this scheme constructs a smaller proof based on hash chain, and the verification speed of the proof is faster. This scheme constructs ZKP based on the one‐way hash function and zk‐SNARKs. The proof is publicly recorded in the ledger after being verified by miners, and users use the proof to send privacy‐preserving transactions. In the above process, the zkChain scheme can achieve effective privacy protection of account balance and account address. We evaluated the computational and storage costs of the zkChain scheme based on libsnark, and establish a test network to evaluate the processing performance of the zkChain scheme.

telecommunications

Bingsheng Zhang,Yuan Chen,Jiaqi Li,Yajin Zhou,Phuc Thai,Hong-Sheng Zhou,Kui Ren

DOI: https://doi.org/10.1007/978-3-030-88418-5_21

2021-01-01

Abstract:Non-interactive zero-knowledge proof or argument (NIZK) systems are widely used in many security sensitive applications to enhance computation integrity, privacy and scalability. In such systems, a prover wants to convince one or more verifiers that the result of a public function is correctly computed without revealing the (potential) private input, such as the witness. In this work, we introduce a new notion, called succinct scriptable NIZK, where the prover and verifier(s) can specify the function (or language instance) to be proven via a script. We formalize this notion is UC framework and provide a generic trusted hardware based solution. We then instantiate our solution in both SGX and Trustzone with Lua script engine. The system can be easily used by typical programmers without any cryptographic background. The benchmark result shows that our solution is better than all the known NIZK proof systems w.r.t. prover's running time (1000 times faster), verifier's running time, and the proof size. Finally, we show how the proposed scriptable succinct NIZK can be readily deployed to solve many wellknown problems in the blockchain context, e.g. verifier's dilemma, fast joining for new players, etc..

Zhiguo Wan,Yan Zhou,Kui Ren

DOI: https://doi.org/10.1109/tdsc.2022.3153084

2022-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The emerging blockchain technology, combined with the smart contract paradigm, is expected to transform traditional applications with decentralization. When the blockchain technology is applied to decentralize traditional applications, blockchain validators may need to take in sensitive off-chain data to execute a smart contract. On the one hand, decentralized applications (DApps) require authentic off-chain input data to correctly execute a given business procedure. On the other hand, users are reluctant to expose their sensitive privacy on the blockchain. For example, for a decentralized medical insurance DApp that takes as input personal health data, it is critical to guarantee authenticity and privacy of the data sent to the smart contract, such that the data can be verified by validators without leaking sensitive information. However, no satisfactory solution has been proposed to attain privacy and authenticity at the same time. In this work, we first present a highly efficient authenticated zero knowledge proof protocol called zk-DASNARK by extending the classical zk-SNARK scheme with data authentication. Based on zk-DASNARK, we design zk-AuthFeed, a zero-knowledge authenticated off-chain data feed scheme to achieve both data privacy and authenticity for blockchain-based DApps. Following the strategy of “compute off-chain and verify on-chain”, zk-AuthFeed can significantly reduce computation cost of blockchain validators. We fully implement a prototype of zk-AuthFeed, and conduct comprehensive experiments on a medical insurance DApp. We consider 4 typical computation models for insurance premium/reimbursement in the experiments. It shows that zk-AuthFeed is highly efficient: key generation takes about 10 seconds only, proof generation takes less than 4 seconds, and proof verification takes less than 40 ms.

computer science, information systems, software engineering, hardware & architecture