Protostar: Generic Efficient Accumulation/Folding for Special-Sound Protocols

Benedikt Bünz, Binyi Chen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Accumulation is a simple yet powerful primitive that enables incrementally verifiable computation (IVC) without the need for recursive SNARKs. We provide a generic, efficient accumulation (or folding) scheme for any -move special-sound protocol with a verifier that checks degree-d equations. The accumulation verifier only performs elliptic curve multiplications and field/hash operations. Using the compiler from BCLMS21 (Crypto 21), this enables building efficient IVC schemes where the recursive circuit only depends on the number of rounds and the verifier degree of the underlying special-sound protocol but not the proof size or the verifier time. We use our generic accumulation compiler to build Protostar. Protostar is a non-uniform IVC scheme for Plonk that supports high-degree gates and (vector) lookups. The recursive circuit is dominated by 3 group scalar multiplications and a hash of field elements, where is the degree of the highest gate. The scheme does not require a trusted setup or pairings, and the prover does not need to compute any FFTs. The prover in each accumulation/IVC step is also only logarithmic in the number of supported circuits and independent of the table size in the lookup.

Original languageEnglish (US)
Title of host publicationAdvances in Cryptology – ASIACRYPT 2023 - 29th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings
EditorsJian Guo, Ron Steinfeld
PublisherSpringer Science and Business Media Deutschland GmbH
Pages77-110
Number of pages34
ISBN (Print)9789819987238
DOIs
StatePublished - 2023
Event29th Annual International Conference on the Theory and Application of Cryptology and Information Security, Asiacrypt 2023 - Guangzhou, China
Duration: Dec 4 2023Dec 8 2023

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume14439 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference29th Annual International Conference on the Theory and Application of Cryptology and Information Security, Asiacrypt 2023
Country/TerritoryChina
CityGuangzhou
Period12/4/2312/8/23

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Protostar: Generic Efficient Accumulation/Folding for Special-Sound Protocols'. Together they form a unique fingerprint.

Cite this