Collaborative SNARKs

In this document we list some literature for collaborative SNARKs.

Experimenting with Collaborative zk-SNARKs: Zero-Knowledge Proofs for Distributed Secrets

This is the first paper1 in this space. It experiments with the feasibility of evaluating SNARKs in MPC and implements Groth162 and Plonk3 using SPDZ4 and GSZ5 (maliciously secure variants of additive secret sharing and Shamir secret sharing respectively).

EOS: efficient private delegation of zkSNARK provers

This paper6 uses a delegator to speed up MPC computations and investigates using the SNARK as error-detecting computation to implement cheaper malicious security.

zkSaaS: Zero Knowledge SNARKs as a service

This paper7 uses packed secret sharing (PSS)8, i.e., a variant of Shamir secret sharing where multiple secrets are embedded into the same sharing polynomial, to speed up MPC computation. However, they encounter some problems with FFTs, since they cannot be implemented with the SIMD semantics of PSS naively.

Scalable Collaborative zk-SNARK: Fully Distributed Proof Generation and Malicious Security

This paper9 is a followup to zkSaaS which replaces the used SNARK with GKR10, which is better suited for PSS.

Scalable Collaborative zk-SNARK and Its Application to Efficient Proof Outsourcing

This paper11 is essentially an update version of "Scalable Collaborative zk-SNARK: Fully Distributed Proof Generation and Malicious Security", which includes semi-honest protocols for collaborative HyperPlonk12, additional optimization, and new experiments.

Confidential and Verifiable Machine Learning Delegations on the Cloud

This paper13 implements GKR in MPC using the well-known MP-SPDZ14 library. It focuses on efficient matrix multiplications, bit provides a generic construction as well.

How to prove any NP statement jointly? Efficient Distributed-prover Zero-Knowledge Protocols

This paper15 provides new security notions for distributed prover zero knowledge (DPZK) and provides a generic compiler to realize distributed proof generation for any zero-knowledge proof system build from the interactive oracle proofs (IOP) paradigm.