Zswap: zk-SNARK Based Non-Interactive Multi-Asset Swaps

Felix Theodor Engelmann, Thomas Kerber, Markulf Kohlweiss, Mikhail Volkhov

Publikation: Artikel i tidsskrift og konference artikel i tidsskriftKonferenceartikelForskningpeer review


Privacy-oriented cryptocurrencies, like Zcash
or Monero, provide fair transaction anonymity and con-
fidentiality, but lack important features compared to
fully public systems, like Ethereum. Specifically, sup-
porting assets of multiple types and providing a mech-
anism to atomically exchange them, which is critical
for e.g. decentralized finance (DeFi), is challenging in
the private setting. By combining insights and secu-
rity properties from Zcash and SwapCT (PETS 21, an
atomic swap system for Monero), we present a simple
zk-SNARKs based transaction scheme, called Zswap,
which is carefully malleable to allow the merging of
transactions, while preserving anonymity. Our protocol
enables multiple assets and atomic exchanges by making
use of sparse homomorphic commitments with aggre-
gated open randomness, together with Zcash friendly
simulation-extractable non-interactive zero-knowledge
(NIZK) proofs. This results in a provably secure privacy-
preserving transaction protocol, with efficient swaps,
and overall performance close to that of existing de-
ployed private cryptocurrencies. It is similar to Zcash
Sapling and benefits from existing code-bases and im-
plementation expertise.
TidsskriftProceedings on Privacy Enhancing Technologies
Udgave nummer4
Sider (fra-til)507-527
StatusUdgivet - 15 jul. 2022


Dyk ned i forskningsemnerne om 'Zswap: zk-SNARK Based Non-Interactive Multi-Asset Swaps'. Sammen danner de et unikt fingeraftryk.