github/darkfi
1
1
Fork 0
mirror of https://github.com/darkrenaissance/darkfi.git synced 2026-01-09 14:48:08 -05:00
Code Issues Packages Projects Releases Wiki Activity

[research/bulletproof-mpc] conclude dark-renegade

Browse Source
This commit is contained in:
ertosns
2023-10-14 16:55:11 +03:00
parent fbe42f3f66
commit b6596ffcf6
1 changed files with 19 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
script/research/bulletproof-mpc/README.md
View File

@@ -6,23 +6,38 @@
- from on-chain published VALID-COMMITMENT counterparties validate it's valid, and start matching process.
- reconstruct commitment over MPC through secret shares [o], [b], [f], [r], first construct match tuple $M=(\tilde{m_1}, \tilde{m_2}, \tilde{v_1}, \tilde{v_2}, d, f_1, f_2)$ validate exchange coins match, $v_1==v_2$, directions, and that fee covers relay fee. reconstruct commitments shares $H_{o_1}$, $H_{b_1}$, $H_{f_1}$, $H_{o_2}$, $H_{b_2}$, $H_{f_2}$, open shares through third party, then exchange notes.
## renegade performance
- both bulletproof over mpc, and collaborative zksnark over mpc are 2 times proving, and verifying of single prover proof [^10],[^11]
## dark renegade
- internal, and external wallet update state $T_I$, $T_E$ are replaced by drk money transfer contract.
- TODO eliminate third-party for opening shares.
- eliminate third-party for opening shares using witness encryption.
# framework
- mpc-stark[^2] is spdz mpc built over stark-curve (curve can change)
- mpc-bulletproof[^3] mpc r1cs with mpc inner product proof built over mpc-stark
- mpc-stark[^2] is spdz mpc built over stark-curve (curve can change), we have sage implementation [^12]
- mpc-bulletproof[^3] mpc r1cs with mpc inner product proof built over mpc-stark, we have sage implementation of the ipp [^13]
- plug darkfi-p2p network into mpc-bulletproof
- fork renegade[^4]
- if the aim is to use halo2 proof zk-proofs, fork mpc-stark, and replace stark-curve with pallas-curve.
- rewrite renegade zk-snark proofs with darkfi compiler
- replace wallet update with money transfer contracts
- TODO eliminate third-party for opening shares.
## open fairness
- opening shares between two strategic players in p2p network without a third-party is impossible [^5].
- one turn around is witness encrypting (WE) [^6],[^9],[^8] the match shares for which the other party encrypt with witness (the other share), and the opposite for the peer [^7]
[^1]: https://renegade.fi/whitepaper.pdf
[^2]: https://github.com/renegade-fi/mpc-stark
[^3]: https://github.com/renegade-fi/mpc-bulletproof
[^4]: https://github.com/renegade-fi/renegade
[^5]: https://kodu.ut.ee/~swen/courses/crypto-ii/2008/cleve1986.pdf
[^6]: https://eprint.iacr.org/2013/258.pdf
[^7]: https://eprint.iacr.org/2017/1091.pdf
[^8]: https://github.com/guberti/witness-encryption-demos
[^9]: https://arxiv.org/pdf/2112.04581.pdf
[^10]: https://eprint.iacr.org/2021/1530
[^11]: https://github.com/renegade-fi/mpc-bulletproof/pull/14
[^12]: https://github.com/darkrenaissance/darkfi/tree/master/script/research/mpc
[^13]: https://github.com/darkrenaissance/darkfi/tree/master/script/research/bulletproof-mpc