Zero-Knowledge Shuffle Improvement in Ethereum Single Secret Leader Election
Authors
Holmgaard, Oliver ; Jakobsen, Anders Malta
Term
4. term
Education
Publication year
2025
Submitted on
2025-06-12
Pages
18
Abstract
Ethereum er en af de førende proof-of-stake-blockchains, men er stadig sårbar over for angreb. Et konkret eksempel er Heimbach m.fl.s deanonymiseringsangreb, hvor en modstander kan finde validatorers IP-adresser og derefter udføre Denial-of-Service-angreb mod dem. For at modvirke dette har Ethereum foreslået Whisk, en Single Secret Leader Election (SSLE) protokol, der hemmeligt udpeger en leder. Whisk bygger på et nul-videns-bevis kaldet Curdleproofs, som anvender såkaldte inner product arguments til at bevise gyldigheden af en permutation (en “shuffle”) af validatorer uden at afsløre deres rækkefølge. I denne afhandling forbedrer vi Curdleproofs’ inner product arguments ved at introducere CAAUrdleproofs, en modificeret udgave, der inddrager idéer fra Springproofs for at adressere begrænsninger knyttet til blandingsstørrelse (størrelsen på permutation). Vi viser, at CAAUrdleproofs har tilsvarende bevis- og verificeringstider som Curdleproofs, når blandingsstørrelsen er en potens af to. Vi demonstrerer også, at CAAUrdleproofs har en ydelsesfordel for alle blandingsstørrelser, der ikke er en 2-potens, og at fordelen vokser, jo mindre størrelsen er i forhold til den nærmeste 2-potens. Baseret på eksperimenter foreslår vi desuden en ny, mindre blandingsstørrelse end den, der aktuelt bruges i Curdleproofs, hvilket reducerer blok-overhead. Alt dette opnås, mens validatorernes anonymitet bevares.
Ethereum is a leading proof-of-stake blockchain, but it remains vulnerable to attacks. One example is the de-anonymization attack by Heimbach et al., where an adversary learns validator IP addresses and then mounts Denial-of-Service attacks. To mitigate this, Ethereum has proposed Whisk, a Single Secret Leader Election (SSLE) protocol that secretly elects a leader. Whisk relies on a zero-knowledge proof system called Curdleproofs, which uses inner product arguments to prove that a list of validators has been correctly shuffled without revealing the mapping. This thesis improves Curdleproofs’ inner product arguments by introducing CAAUrdleproofs, a modified version that incorporates ideas from Springproofs to address limitations related to shuffle size (the size of the permutation). We show that CAAUrdleproofs has similar proving and verifying times to Curdleproofs when the shuffle size is a power of two. We also show that CAAUrdleproofs is faster for any shuffle size that is not a power of two, with a growing advantage as the size falls below a power of two. Based on experiments, we recommend a new, smaller shuffle size than the one currently used in Curdleproofs, which reduces block overhead, while preserving validator anonymity.
[This summary has been rewritten with the help of AI based on the project's original abstract]
Keywords
Documents