HashCloak Newsletter April & May 2023
What the HashCloak team has been up to in April and May 2023
Welcome to our Combined April and May editions of the HashCloak Newsletter! We went on a bit of a hiatus to focus on our ongoing client engagements. Now that those are completed, we will be back to our regular monthly schedule of delivering interesting research papers, videos and whatever the HashCloak team deems to be interesting over the past month!
Stuff We’ve been reading
Security disclosure for ECDSA and EdDSA threshold signature schemes
The State of Zero-Knowledge Applications in Ethereum Part 2: Privacy and Identity
ZK Hardware Acceleration: The Past, the Present, and the Future
MINI-FE: computing functions on private data without trusted parties
Distributed Blockbuilding networks via secure knapsack auctions
Building a Zero Knowledge web app with Halo 2 and Wasm (part 1) |
Election Fraud? Double Voting in Celer’s State Guardian Network
Introducing Project Levon | Building Maker’s Economic Risk Engine
Stuff We’ve been playing with
Stuff We’ve been watching
Interesting HashCloak Research Project of the Month
Over the course of April and May, the zk-learning MOOC held a hackathon to help students reinforced what they’ve learned by building a practical project. At HashCloak, several of our teammates participated in this course. In particular, Elena decided to also participate in the hackathon as part of our internal employee benefit that allows everyone working at HashCloak to spend working hours on a project of their choice.
Elena decided to learn the Snarkyjs framework, built by O(1) Labs. She spent the course of the hackathon building an authentication system using Snarkyjs that allows someone with an access pass to authenticate into a group. The use cases for this system include:
Showing that you have a ticket to an online conference without revealing the ticket itself
Showing that you own a particular NFT in order to gain access to an online NFT community
Showing that you hold enough of a particular coin in order to gain access to certain DeFi lending protocols
As snarkyjs applications are written in javascript, it is straightforward to integrate this system into an online application. If you want to learn the details of how it works, please check out Elena’s repository here.
Special Purpose Cryptography Protocol of the Month
Every month, we try to provide a short summary of a special-purpose cryptography protocol for common problems such as set membership, private set intersection, etc. In this edition, we are exploring DLEQ across groups, by Chase, Orru, Perrin, and Zaverucha, a protocol for proving equality of committed values across groups of different order.
Why would one want to prove committed values across groups of different orders? There are several reasons:
The field of zero-knowledge proofs is always evolving. New proving schemes come out. New elliptic curves get designed. New hash functions get designed. In order to keep up, system designers will need a way to upgrade their systems securely to ensure that they can provide their users with the best experience.
Leveraging applications that use proof systems that are different from the credentials/data that users may have. For example, newer proof of solvency schemes leverage zkSNARKs, typically built using pairing-friendly elliptic curves but the cryptocurrency that users hold for many popular blockchains are over non-pairing-friendly curves.
These are just a few of the important use cases in which one may want a protocol for committed values across groups of a different order
The protocol brought forth by Chase et al leverages well-studied primitives and as such, relies on standard cryptographic assumptions. Specifically, it relies on Pedersen's commitments as the foundation for the entire protocol. Then, the authors construct a Sigma protocol leveraging the features of Pedersen commitments. Further, the authors introduce the use of range proofs for the verifier to ensure that the committed values are within an expected range. Finally, to tie this all together, the authors use the Fiat-Shamir transform to make the protocol non-interactive.
If you would like to read the details, you can read the original paper here.
That’s a wrap-up for our Combined Newsletter, we hope you found this month’s content informative and engaging. Our team is constantly exploring new avenues in privacy innovation and we're thrilled to share our latest progress with you. As always, we appreciate your support and welcome feedback on our work.
Stay in the loop with our latest insights and research by subscribing to our newsletter. You'll be the first to know about our upcoming projects and collaborations.
Also, be sure to follow us on Twitter to stay up-to-date with any announcements related
to our engagements or internal projects. Thank you for your continued interest in HashCloak!
Schedule a call with us to engage in R&D, security auditing, or any other potential collaborations: https://calendly.com/d/hhc-dnq-wfd/hashcloak-services-inquiries.