Spartan: Efficient and general-purpose zkSNARKs without trusted setup

4QBSUBO ʲ҉߸௨՟ྠಡձʳ4QBSUBO!ϑϨηοπɺ౦ژେֶೆݚڀ౩ ϑϩϯςΟΞύʔτφʔζ߹ಉձࣾ૑ۀऀ୅ද$&0 6OJUFE#JUDPJOFST*ODڞಉ૑ۀऀ$50 ϑϨηοπגࣜձࣾɹٕज़ސ໰ ࠓҪਸ໵

ࣗݾ঺հ ϑϩϯςΟΞύʔτφʔζ߹ಉձࣾ ୅දCEO United Bitcoiners Inc. ڞಉ૑ۀऀˍऔక໾CTO ϑϨηοπגࣜձࣾɹٕज़ސ໰ ϚελϦϯάϏοτίΠϯɺ຋༁ऀ୅ද ੈքͰॳΊͯͷɺ೔ຊޠʹΑΔϏοτίΠϯɾϒϩοΫνΣʔ
ϯͷৄࡉٕज़ॻ(NTTग़൛ࣾ) શମͷׂ̕Λ຋༁ ୈ̍̎࡮ 2016/7/14ग़൛ ిࢠॻ੶൛(kindle)΋ ΦʔϓϯΤσΟγϣϯ൛ https://www.bitcoinbook.info ίϯαΠε൛ͱ߹Θͤͯ13,300෦ൃߦ

ࣗݾ঺հ όοΫάϥ΢ϯυ ৽ׁେֶେֶӃɹૉཻࢠཧ࿦෺ཧɹത࢜(ཧ) ΦϑνΣʔϯΞΧσϛʔ୅ද ೔ຊͰ࠷ॳͷϥΠτχϯάωοτϫʔΫϋοΧιϯ(off-chain academy hackday)Λओ ࠵ ΧΧΫίϜ ݕࡧΤϯδϯ։ൃɹݕࡧαʔόΫϥελߏஙӡ༻ɹେن໛σʔλॲཧɹػցֶ
शɹը૾ೝࣝ σʔλλϫʔגࣜձࣾɹ୅දऔక໾

໨࣍ w ࿦จͷ֓ཁ w ࿦จͷத਎ *OUSPEVDUJPO 3FMBUFEXPSL
1SFMJNJOBSJFT 0WFSWJFXPG4QBSUBO "OFXQVCMJDDPJO TVDDJODUJOUFSBDUJWFBSHVNFOUGPS/1 $PNQVUBUJPODPNNJUNFOUT"UFDIOJRVFUPBDIJFWFTVCMJOFBS WFSJpDBUJPOUJNF

࿦จͷ֓ཁ w 5JUMF w 4QBSUBO&⒏DJFOUBOEHFOFSBMQVSQPTF[L4/"3,TXJUIPVUUSVTUFETFUVQ w "VUIPS w 4SJOBUI4FUUZ .JDSPTPGU3FTFBSDI
w 1VCMJTIFE w .BZ w -JOL w IUUQTFQSJOUJBDSPSH

IUUQTXXXNJDSPTPGUDPNFOVTSFTFBSDIQFPQMFTSJOBUI

IUUQTFQSJOUJBDSPSH

https://twitter.com/VitalikButerin/status/1131636529481359364

࿦จͷ֓ཁ ݕূऀͷෛ୲ΛͲ͏΍ͬͯܰݮ͢Δ͔ʁ #VMMFUQSPPG͸0 O ɺ4QBSUBO͸0 O?

࿦จͷ֓ཁ ݕূऀͷෛ୲ΛͲ͏΍ͬͯܰݮ͢Δ͔ʁ લ͸ઢܗ࣌ؒͰղ͚ΔΑ͏ʹ͢Δ͜ͱʹҙຯ͕͋ͬͨ ͕ɺ࠷ۙ͸TVCMJOFBS ྼઢܗ ࣌ؒͱ͍͏ઢܗ࣌ؒΑΓ΋ ୹͍ෛ୲Ͱղ͚ΔΑ͏ʹɻ

࿦จͷ֓ཁ ͡Ό͋[L45"3,TͰΑ͍ͷͰ͸ʁ ࢖༻Ͱ͖Δ৔߹͕ݶΒΕͯ͠·͏ɻ ·ͨɺ݈શੑͷূ໌ʹ·ͩάϨʔͳ఺͕͋Δɻ

࿦จͷ֓ཁ ໨త͸ɺར༻৔໘ΛݶΒΕΔ͜ͱͳ͘ɺ ηΩϡϦςΟతʹڧݻ͔ͭ࢖͍΍͍͢҉߸ֶతલఏͰɺ ূ໌ऀͱݕূऀͷ ܭࢉ͓ΑͼίϛϡχέʔγϣϯίετΛԼ͛Δ͜ͱ 4QBSUBO

࿦จͷ֓ཁ ิ଍ QSJWBUFDPJO QVCMJDDPJOͱ͍͏ͷ͕ग़͖ͯ·͕͢ɺ ͜ͷzDPJOzͱ͍͏ͷ͸ ϥϯμϜ஋ΛܾΊΔίΠϯτε͔Βདྷ͍ͯ·͢ɻ

*OUSPEVDUJPO

[L4/"3,T w[FSPLOPXMFEHF wূ໌ऀ 1SPWFS ͸ݕূऀ 7FSJpFS ʹൿີΛ౉͢͜ͱͳ͘ w4VDDJODU w؆ܿͰ w/POJOUFSBDUJWF
wඇର࿩ͳܗͰ w"3HVNFOUPG,OPXMFEHF w஌ࣝͷࠜڌΛ౉͢ํ๏ wl1SPPGzPG,OPXMFEHFͰ͸ͳ͍ɻ

;FSP,OPXMFEHF1SPPG θϩ஌ࣝূ໌ w[FSPLOPXMFEHF wূ໌ऀ 1SPWFS ͸ݕূऀ 7FSJpFS ʹൿີΛ౉ ͢͜ͱͳ͘ wྫ5VNCMF#JU
w4VDDJODU ؆ܿ ͔͸ஔ͍͓͍ͯͯ

IUUQXXXVOJUFECJUDPJOFSTDPNCMPHUVNCMFCJU

/POJOUFSBDUJWF ඇର࿩ܕ "MJDF ূ໌ऀ #PC ݕূऀ ίϛοτϝϯτ νϟϨϯδ ϓϧʔϑ ਖ਼͍͔͠ΛνΣοΫ
͜Ε͸4JHNB1SPUPDPMͱݺ͹ΕΔର࿩ܕ

/POJOUFSBDUJWF ඇର࿩ܕ "MJDF ূ໌ऀ #PC ݕূऀ ίϛοτϝϯτ ϓϧʔϑ ਖ਼͍͔͠ΛνΣοΫ ͜Ε͸ඇର࿩ܕɻ
'JBU4IBNJSώϡʔϦεςΟοΫͱ͔ɺ $PNNPO3FGFSFODF4USJOH $34 ͱ͔͕ؔ࿈ɻ

༻ޠઆ໌ w5SBOTQBSFOU ಁ໌ͳ [L4/"3, w[L4/"35XJUIPVUUSVTUFETFUVQ ࣄલʹ৴ ༻͞ΕͨηοτΞοϓ͕͍Βͳ͍ wd[L45"3,

3FMBUFEXPSL

1$1 1SPCBCJMJTUJDBMMZ$IFDLBCMF1SPPGT ֬཰తʹ֬ೝՄೳͳূ໌ wূ໌ऀ͕౴͑Λ஌͓ͬͯΓɺ·ͨਖ਼͍͠ϓϩτίϧΛ༻ ͍Ε͹ɺߴ͍֬཰Ͱݕূऀʹೲಘͤ͞Δ͜ͱ͕Ͱ͖Δ w͜ͷ֬཰͕ߴ͍͜ͱΛ׬શੑ $PNQMFUFOFTT ͕͋Δ ͱ͍͏ɻ
wূ໌ऀ͕ӕ ౴͑Λ஌Βͳ͍ͷʹ஌͍ͬͯΔͱݴ͏ Λͭ ͍ͯ͠·ͬͯ΋௨ͬͯ͠·͏͔΋ɻ wূ໌ऀ͕ӕΛ͍ͭͨ৔߹ʹݕূऀ͕ӕͩͱ൑அ͢Δ֬ ཰͕ߴ͍͜ͱΛ݈શੑ 4PVOEOFTT ͕͋Δͱ͍͏ɻ

1$1ʹ·ͭΘΔྺ࢙ w೥Ҏલ͸੩తূ໌ TUBUJDQSPPG w೥୅ɺ೥୅͸*OUFSBDUJWF1SPPG ର࿩ܕূ໌ w*OUFSBDUJWFl1SPPGz͸׬શੑɺ݈શੑ "SHVNFOUͰ͸ͳ͘
w࣮༻ੑ͸ஔ͍͓͍ͯͯɺର࿩ܕʹ͢Δ͜ͱͰ׬ᘳΛٻΊͯ Έͨ w࣍ୈʹ1$1ʹҠ͍ͬͯ͘ w*OUFSBDUJWF1SPPGΛߦ͏ͨΊʹTVNDIFDLQSPUPDPM͕ ग़͖ͯͨͷ͕೥ IUUQTQFPQMFFFDTCFSLFMFZFEVdBMFYDIEPDT$44MFDUVSFQEG

1$1ʹ·ͭΘΔྺ࢙ w1$1͸೥͔Β wTIPSU1$1೥ wMJOFBS1$1೥ w((13 ॳΊͯͷ2"1 1JOPDDIJP೥ w(SPUI೥

1$1ʹ·ͭΘΔྺ࢙ 4UBUJD1SPPG *OUFSBDUJWF1SPPG .*1 .VMUJ1SPWFST (,3EPVCMZF⒏DJFOU*1೥ %BUBQBSBMMFMJTN DJSDVJUTUSVDUVSF 1$1 TIPSU1$1
MJOFBS1$1 2"1 *01 *OUFSBDUJWF0SBDMF1SPPG [L45"3, ೥ Ұ෦ಡΈҧ͑ͯΔ͔΋͠Ε·ͤΜ *OOFS1SPEVDU #VMMFUQSPPG ೥ 4QBSUBO 4VN$IFDL1SPUPDPM 1PMZOPNJBM$PNNJUNFOU4DIFNF $PNQVUBUJPO$PNNJUNFOU )ZSBY೥ 1JOPDDIJP (SPUI

1$1ʹ·ͭΘΔྺ࢙ 2"1 *OUFSBDUJWF1$1 EPVCMZF⒏DJFOU*1 *OOFS1SPEVDU *01

[L4/"3,zTz w[L4/"3,͸ݻ༗໊ࢺͰ͸ͳ͍ͬ͘ͺ͍͋Δ w4VDDJODU ؆ܿ Ͱ͋Δ͔Ͳ͏͔

1SFMJNJOBSJFT

"SJUINFUJD$JSDVJU4BUJTpBCJMJUZ ࢉज़ճ࿏ॆ଍Մೳੑ wॆ଍ՄೳੑΛௐ΂Δ͜ͱΛɺ4BUJTpBCJMJUZ 1SPCMFN ॆ଍Մೳੑ໰୊ ͱ͍͍ɺ4"5ͱུه͢Δɻ wͨͩී௨4"5ͱ͍͏࣌͸ Y㱹Y㱹ʜ 㱸 Y㱹Y㱹ʜ
㱸ʜͷΑ͏ͳܗΛͨ͠ ࿦ཧࣜͷ૊Έ߹Θ͕ͤଘࡏ͢Δ͔Ͳ͏͔ͷ໰୊Λࢦ ͢Α͏ɻ w͜Ε͸۩ମతͳ΋ͷ͕ͳ͍ͱΠϝʔδ͕͚ͭͮΒ͍ɻ ޙ΄Ͳɻ

4VN$IFDL1SPUPDPM wॆ଍ՄೳੑΛௐ΂Δͱ͖ʹ࢖͏ϓϩτίϧͷ̍ͭ wͳΜͱͳ͘ͷΠϝʔδ ຊ౰͸ͪΐͬͱҧ͍·͕͢ w"MJDF͸ɺٱอాͱീւࢁ ڞʹ৽ׁͷ೔ຊञ ͷར͖ ञ͕Ͱ͖Δͱࣗຫ͍ͯ͠Δɻ w#PC͸ɺຊ౰ʹ"MJDFʹར͖ञ͕Ͱ͖Δ͔Ͳ͏͔Λࢼ
͍ͨ͠ɻ wͲ͏΍Δ͔ʁ

4VN$IFDL1SPUPDPM #PC͸ɺ ͱϥϕϧ͕షΒΕͨίοϓʹٱอాͱീւࢁΛೖΕɺͲͪΒͷϥ ϕϧͷίοϓʹٱอాΛೖΕ͔ͨΛϝϞ͓֮ͯ͑ͯ͘͠ɻ #PC͸ɺ"MJDFʹϥϕϧͷ৘ใΛӅͨ͠ঢ়ଶͰ̎ͭͷίοϓΛ"MJDFʹ౉͠ɺͲ ͪΒ͕ٱอా͔Λڭ͑ΔΑ͏ʹݴ͏ɻ "MJDF͸ɺ೔ຊञΛವΈɺϥϕϧΛ#PCʹ౴͑Δɻ
#PC͸"MJDF͕౰͔ͨͬͨͲ͏͔ΛνΣοΫ͠ɺ౰͔ͨͬͨͲ͏͔ΛϝϞ͢ Δɻ౰ͨͬͨ৔߹͸5SVFɺؒҧͬͨ৔߹͸'BMTFΛΞ΢τϓοτͱͯ͢͠Δɻ #PC͸खॱʹ໭Γɺ͜ΕΛ̍̌ճ܁Γฦ͢ɻ #PC͸̍̌ճ܁Γฦͨ͠ͷͪɺΞ΢τϓοτશͯͷ࿦ཧੵΛऔΔɻ݁Ռ͕ 5SVFͰ͋Ε͹"MJDFʹར͖ञͷೳྗ͕͋Δͱ൑அ͢Δɻ

4VN$IFDL1SPUPDPM

1$1ʹ·ͭΘΔྺ࢙ 4UBUJD1SPPG *OUFSBDUJWF1SPPG .*1 .VMUJ1SPWFST (,3EPVCMZF⒏DJFOU*1೥ %BUBQBSBMMFMJTN DJSDVJUTUSVDUVSF 1$1 TIPSU1$1
MJOFBS1$1 2"1 *01 *OUFSBDUJWF0SBDMF1SPPG [L45"3, ೥ Ұ෦ಡΈҧ͑ͯΔ͔΋͠Ε·ͤΜ *OOFS1SPEVDU #VMMFUQSPPG ೥ 4QBSUBO 4VN$IFDL1SPUPDPM 1PMZOPNJBM$PNNJUNFOU4DIFNF $PNQVUBUJPO$PNNJUNFOU )ZSBY೥ 1JOPDDIJP (SPUI 4QBSUBOͱ ௚઀͸ඥ෇͔ͳ͍͕ྫͱͯ͠࢖͏

2"1 2VBESBUJD"SJUINFUJD1SPHSBN ̎࣍ࢉज़ϓϩάϥϜ w "SJUINFUJD1SPHSBNͱ͸ʁ w ࿦ཧճ࿏ʹࢉज़Λ౰ͯ͸Ί͍ͯͬͯɺਅِҎ֎ͷ਺Λ ࢖͑ΔΑ͏ʹม׵ͨ͠΋ͷɻࢉज़Λ౰ͯ͸Ί͍ͯ͘͜ ͱΛ"SJUINFUJ[BUJPOͱ͍͏ɻ

2"1 2VBESBUJD"SJUINFUJD1SPHSBN ̎࣍ࢉज़ϓϩάϥϜ w ྫ͑͹ w Y㱹Z㱹[ w 㱹l࿦ཧ࿨zɺ㱸l࿦ཧੵzɺz൱ఆz
w ஔ͖׵͑ w Y㱹Z︎ˠY ZɺY㱸Z︎ˠYºZɺY︎ˠ Y w Y Z [ Y5 Z5 ['ͷͱ͖ɺ5SVF Y Z [ͷͱ͖ɺɻ Ҏ֎Ͱ͋Ε͹5SVFͱ൑அɻ

2"1 2VBESBUJD"SJUINFUJD1SPHSBN ̎࣍ࢉज़ϓϩάϥϜ w 2"1ͱ͸ w ূ໌͍ͨ͠࿦ཧΛɺ"SJUINFUJ[BUJPOΛ௨ͯ͠ɺ w "
Y # Y $ Y 5 Y ; Y w ͷܗʹม׵͠ɺ౴͑Λ஌͍ͬͯΔ͜ͱΛ; Y Λ஌͍ͬͯ Δ͜ͱʹؼண͠ίετΛݮΒ͢ํ๏

7JUBMJLͷ[L4/"3,આ໌ͱ "SJUINFUJD$JSDVJUͷ۩ମܭࢉ IUUQTNFEJVNDPN!7JUBMJL#VUFSJORVBESBUJDBSJUINFUJDQSPHSBNTGSPN[FSPUPIFSPGEDFB

7JUBMJLͷ[L4/"3,આ໌ͱ "SJUINFUJD$JSDVJUͷ۩ମܭࢉ w -BZFS93FTFBSDIͷ೔ຊޠ຋༁υΩϡϝϯτ͕͋ͬͨͷ Ͱഈआ͠આ໌͢Δɻ w IUUQTTDSBQCPYJPMBZFSY[L 4/"3,T@$@MPHJD@HBUFT@ˠ@3$4@ˠ@2"1

7JUBMJLͷ[L4/"3,આ໌ͱ "SJUINFUJD$JSDVJUͷ۩ମܭࢉ w ۩ମతͳܭࢉաఔ͸ϗϫΠτϘʔυͰ΍ͬͨͷͰɺҎԼͷ ʮηϛφʔ$$4UVEZʯಈըࢀরɻ w IUUQTXXXZPVUVCFDPNDIBOOFM 6$ZFX;.DZ-R2;J&#WO;RX

7JUBMJLͷ[L4/"3,આ໌ͱ "SJUINFUJD$JSDVJUͷ۩ମܭࢉ w"SJUINFUJD$JSDVJUͷྫ w7JUBMJL͕ྫͱͯ͠ग़͍ͯ͠Δࢉज़ճ࿏ɻϧʔϓ͸͋ͬͯ͸͍͚ ͳ͍ɻ w 9 4ZN 4ZN
: d0VU d0OF

3BOHF1SPPGͷ࣮૷ํ๏ w 3JOH4JHOBUVSFXJUI1FEFSTFO$PNNJUNFOU w "043JOH4JHOBUVSF w ࠓҪͷαϯϓϧίʔυ w IUUQTHJUIVCDPNUBLBZBJNBJTDSJQUMFTT@TDSJQUCMPCNBTUFS BPT@SJOH@TJHOBUVSFKT
w #PSSPNFBO3JOH4JHOBUVSF w $JDMJD(SPVQXJUI4JHNB1SPUPDPM w ʜ w ຊ౰͸ಡॻձͰ͜ΕΛ࣮ࡍʹ4QBSUBOͰ΍ͬͯΈ͔͕ͨͬͨɺ࿩͕࣌ؒ͢ͳ͔ͬͨ

3FGFSFODFT w IUUQTWJUBMJLDBHFOFSBMTUBSLT@QBSU@IUNM w IUUQTNFEJVNDPN!7JUBMJL#VUFSJO[LTOBSLTVOEFSUIFIPPECBG w IUUQTDSZQUPTUBDLFYDIBOHFDPNRVFTUJPOTQSPWFJOUFHFSJTXJUIJO UIFJOUFSWBMBC w IUUQXXXDTVDMBDVLTUB⒎+(SPUI
w IUUQT[LQTDJFODF w IUUQTNFEJVNDPNRFEJUEJWJOHJOUPUIFTOBSLTTFUVQQIBTFCBE w IUUQTNFEJVNDPN!TPVJUJFYQMBJOJOHTOBSLTͷղઆCCDFCDG w IUUQTTDSBQCPYJPMBZFSY[L4/"3,T@$@TFUVQQSPPWJOHWFSJGZJOH

3FGFSFODFT w IUUQTTDSBQCPYJPMBZFSY#VMMFUQSPPGT w IUUQTTDSBQCPYJPMBZFSY[L4/"3,T@$@TFUVQQSPPWJOH WFSJGZJOH w IUUQTTDSBQCPYJP4UBLFE5FDIOPMPHJFT4UBLFE@;,4/"3,T w IUUQTTDSBQCPYJP&UI1FEJB#MJOE@&WBMVBUJPO@PG@1PMZOPNJBMT
w IUUQTUBTVTVIBUFOBCMPHDPNFOUSZ w IUUQTFDDDXFJ[NBOOBDJMSFQPSU w IUUQXXXDTQSJODFUPOFEVDPVSTFTBSDIJWFTQSDPTJQQEG

3FGFSFODFT w IUUQTXXXKBJTUBDKQdVFIBSBDPVSTFJFQEGOQQEG w IUUQTUXJUUFSDPN1FSGFDU@*OTJEFSTUBUVT w IUUQTXXXXFCMJPKQXLQKBDPOUFOU1$1 ܭࢉෳࡶੑཧ࿦@1$1 ܭࢉෳࡶੑ ཧ࿦ͷ֓ཁ
w %PVCMFF⒏DJFOU[L4/"3,T8JUIPVU5SVTUFE4FUVQIUUQTXXXZPVUVCFDPNXBUDI WZR"G-M.XX w IUUQTBLBEFNFJBJOGPJOEFYQIQ $JSDVJU4"5 w IUUQT[DBTIKBUFDIOPMPHZ[LTOBSLT w IUUQTDSZQUPTUBDLFYDIBOHFDPNRVFTUJPOTXIBUEPFTJUNFBOGPSBO BEWFSTBSZUPSVOJOQQU w IUUQMBCJJTFDBDKQdBSJUBQEGTJHNBQEG

Spartan: Efficient and general-purpose zkSNARKs without trusted setup

Spartan: Efficient and general-purpose zkSNARKs without trusted setup

More Decks by Takaya Imai

Other Decks in Technology

Featured

Transcript