Zswap: zk-SNARK Based Non-Interactive Multi-Asset Swaps

Felix Theodor Engelmann, Thomas Kerber, Markulf Kohlweiss, Mikhail Volkhov

Research output: Journal Article or Conference Article in JournalConference articleResearchpeer-review

Abstract

Privacy-oriented cryptocurrencies, like Zcash
or Monero, provide fair transaction anonymity and con-
fidentiality, but lack important features compared to
fully public systems, like Ethereum. Specifically, sup-
porting assets of multiple types and providing a mech-
anism to atomically exchange them, which is critical
for e.g. decentralized finance (DeFi), is challenging in
the private setting. By combining insights and secu-
rity properties from Zcash and SwapCT (PETS 21, an
atomic swap system for Monero), we present a simple
zk-SNARKs based transaction scheme, called Zswap,
which is carefully malleable to allow the merging of
transactions, while preserving anonymity. Our protocol
enables multiple assets and atomic exchanges by making
use of sparse homomorphic commitments with aggre-
gated open randomness, together with Zcash friendly
simulation-extractable non-interactive zero-knowledge
(NIZK) proofs. This results in a provably secure privacy-
preserving transaction protocol, with efficient swaps,
and overall performance close to that of existing de-
ployed private cryptocurrencies. It is similar to Zcash
Sapling and benefits from existing code-bases and im-
plementation expertise.
Original languageEnglish
JournalProceedings on Privacy Enhancing Technologies
Volume2022
Issue number4
Pages (from-to)507-527
ISSN2299-0984
Publication statusPublished - 15 Jul 2022

Keywords

  • Privacy-oriented cryptocurrencies
  • Anonymity
  • Decentralized finance (DeFi)
  • zk-SNARKs
  • Atomic exchanges

Fingerprint

Dive into the research topics of 'Zswap: zk-SNARK Based Non-Interactive Multi-Asset Swaps'. Together they form a unique fingerprint.

Cite this