Conference:33rd USENIX Security Symposium
CCF level:CCF A
Categories:network and information security
Year:2024
Conference time:August 14–16, 2024 Philadelphia, PA, USA
Title:
ZK cross: A novel architecture for cross-chain privacy-preserving auditing
zkCross:跨链隐私保护审计的新型架构
Authors:
Abstract:
One of the key areas of focus in blockchain research is how to realize privacy-preserving auditing without sacrificing the system's security and trustworthiness. However, simultaneously achieving auditing and privacy protection, two seemingly contradictory objectives, is challenging because an auditing system would require transparency and accountability which might create privacy and security vulnerabilities. This becomes worse in cross-chain scenarios, where the information silos from multiple chains further complicate the problem. In this paper, we identify three important challenges in cross-chain privacy-preserving auditing, namely Cross-chain Linkability Exposure (CLE), Incompatibility of Privacy and Auditing (IPA), and Full Auditing Inefficiency (FAI). To overcome these challenges, we propose zkCross, which is a novel two-layer cross-chain architecture equipped with three cross-chain protocols to achieve privacy-preserving cross-chain auditing. Among these three protocols, two are privacy-preserving cross-chain protocols for transfer and exchange, respectively; the third one is an efficient cross-chain auditing protocol. These protocols are built on solid cross-chain schemes to guarantee privacy protection and audit efficiency. We implement zkCross on both local and cloud servers and perform comprehensive tests to validate that zkCross is well-suited for processing large-scale privacy-preserving auditing tasks. We evaluate the performance of the proposed protocols in terms of run time, latency, throughput, gas consumption, audit time, and proof size to demonstrate their practicality.
区块链研究的重点领域之一是如何在不牺牲系统安全性和可信度的情况下实现隐私保护审计。然而,同时实现审计和隐私保护这两个看似矛盾的目标却具有挑战性,因为审计系统需要透明度和问责制,这可能会产生隐私和安全漏洞。在跨链场景中,这种情况会变得更加糟糕,因为来自多条链的信息孤岛使问题进一步复杂化。在本文中,我们确定了跨链隐私保护审计中的三个重要挑战,即跨链可链接性暴露 (CLE)、隐私和审计不兼容 (IPA) 和完全审计效率低下 (FAI)。为了克服这些挑战,我们提出了 zkCross,这是一种新颖的两层跨链架构,配备了三种跨链协议来实现隐私保护的跨链审计。在这三个协议中,两个是分别用于转移和交换的隐私保护跨链协议;第三个是高效的跨链审计协议。这些协议建立在可靠的跨链方案之上,以保证隐私保护和审计效率。我们在本地和云服务器上实施 zkCross,并进行全面测试,以验证 zkCross 是否适合处理大规模隐私保护审计任务。我们从运行时间、延迟、吞吐量、gas 消耗、审计时间和证明大小等方面评估所提协议的性能,以证明其实用性。
