The Vesper Protocol

Abstract

This work explores the feasibility of combining zero-knowledge proofs with SGX enclave protection technology, using the Hyperledger fabric, as the testing environment. The focus is on assessing the viability of this combination in real-world scenarios where post-quantum security is crucial. To this end, a new zero-knowledge proof, called Vesper, has been developed. This is a lattice-based zk-SNARK with a Regev commitment scheme. Vesper aims to provide a novel approach to developing lattice-based zero-knowledge proofs suitable for blockchain environments. Vesper features a proof size of 128 bytes, an average verification time of 0.14 ms, requires no trusted setup, while achieving at least 128-bit and 256-bit security. Only the proof geberation time increases when the LWE dimension increases. To analyze and explore the potential of combining Intel SGX with such a ZKP and Hyperledger Fabric, two projects have been developed: 1. Vesper Smart Contract: This project uses Vesper in combination with a lattice-based digital signing scheme that has been NIST-approved. The proof generation benefits from SGX enclave protection, while the verifier for Vesper is deployed in a permissioned blockchain as a smart contract. Middleware using Fabric Peer command line interface (CLI) tools facilitates commu- nication between the prover and verifier sides. 2. Vesper-FPC: This project explores the feasibility of protecting Hyperledger Fabric chaincode with an SGX enclave. It combines Vesper with a simplified lattice-based digital signing function to accommodate a restricted environment. Both the proof generation and the deployed verifier are SGX-protected. Communication is managed via custom peer CLI commands specifically de- signed to handle the interaction between the additional SGX protection layer and the blockchain infrastructure. The simplified digital signing scheme of Vesper-FPC has a fast average verification time of 1.46 ms and an even faster average signing time of 0.49 ms while achiving 128-bit security. This is quicker than the NIST-approved digital signing scheme of Vesper Smart Contract, which has average signing and verification times of approximately 76.52 ms and 13.25 ms, respectively. The simplified version features a private key size of 512 bytes, a signature size of 768 bytes, and a public key size of 48 KB. In contrast, the digital signing scheme of Vesper Smart Contract has a private key size of 2528 bytes, a signature size of 2420 bytes, and a public key size of 1312 bytes. The execution time of Vesper Smart Contract without SGX is on average approximately 2086.83 ms for a 128-bit security level. Adding SGX protection on the prover side increased the average execution time to 26339 ms. Vesper-FPC, with SGX protection for both the prover and the deployed verifier, has an average execution time of approximately 51229 ms.