PLONK Simplified: A Pedagogical Zero-Knowledge Proof Framework with KZG Commitments

Hosny Abo Emira; Ayman Mohamed; Abdelrahman Elsayed; Mohamed M. Reda Ali; Saeed Hamouda

doi:10.66279/1wmt4837

Authors

Hosny H. Abo Emira King Salman International University Author
Ayman Mohamed Al-Ahliyya Amman University Author
Abdelrahman Elsayed Isra University Author
Mohamed M. Reda Ali Isra University Author
Saeed Hamouda Al-Ahliyya Amman University Author

DOI:

https://doi.org/10.66279/1wmt4837

Keywords:

Zero-Knowledge Proofs;, PLONK; zk-SNARKs;, Cryptographic Protocols., KZG;, Polynomial Commitments

Abstract

Zero-knowledge succinct non-interactive arguments of knowledge (zk-SNARKs) allow for elegant, privacy-preserving validation of computations. PLONK, a subclass of the zk-SNARKs, is certainly useful, but its complex interactions with permutation arguments, lookup tables, and blinding, among other considerations, make the protocol difficult to follow, let alone understand. This paper describes a framework centered around the core components of zk-SNARKs. In particular, we detail the construction of arithmetic gate constraints, representation of witness polynomials, and the Kate-Zaverucha-Goldberg (KZG) commitment scheme. By removing permutation proofs, lookup, and blinding, we aim to simplify the pedagogy of zk-SNARKs and preserve their essential properties of soundness and completeness. We describe a Python module from the ground up that demonstrates the generation and validation of proofs in a PLONK-modified zk-SNARK. We validate the framework and its foundations with a benchmark of a module generating and validating proofs in a PLONK-modified zk-SNARK. We validate the module against a circuit of 1,000 gates and demonstrate that the system correctly rejects all invalid witnesses. We illustrate the expected asymptotic behavior, with a pro tor of tight the module is quasi-linear, and verification, tight. We justify the foundations of the module and describe tight with zero private inputs. We have also bridged the gap between abstract zk-SNARK theoretical arguments and their practical implementation and research. We have provided a simple, empirically grounded mechanism that describes the key components of PLONK. We have done this in such a way that researchers, developers, and teachers can build on this base module and create production-ready systems without the abstraction.

Downloads

Download data is not yet available.

Author Biographies

Hosny H. Abo Emira, King Salman International University

Department of Artificial Intelligence Engineering, Faculty of Computer Science and Engineering, King Salman International University (KSIU), South Sinai 46511, Egypt.
Ayman Mohamed, Al-Ahliyya Amman University

Faculty of Information Technology, Al-Ahliyya Amman University, Amman 19328, Jordan.
Abdelrahman Elsayed, Isra University

Department of Computer Science, Faculty of Information Technology, Isra University, Jordan.
Mohamed M. Reda Ali, Isra University

Department of Computer Science, Faculty of Information Technology, Isra University, Jordan.
Saeed Hamouda, Al-Ahliyya Amman University

Faculty of Information Technology, Al-Ahliyya Amman University, Amman 19328, Jordan.

References

[1] Goldwasser, S. Micali, and C. Rackoff, “The knowledge complexity of interactive proof systems,” SIAM J. Comput., vol. 18, no. 1, pp. 186–208, 1989. DOI: https://doi.org/10.1137/0218012

[2] H. H. A. Emira, “Authenticating IoT devices issues based on blockchain,” J. Cybersecurity Inf. Manag., vol. 1, no. 2, pp. 35–40, 2020. DOI: https://doi.org/10.54216/JCIM.010202

[3] E. Ben-Sasson et al., “Scalable, transparent, and post-quantum secure computational integrity,” Cryptology ePrint Archive, Rep. 2018/046, 2018.

[4] H. H. A. Emira, A. A. Elngar, and M. Kayed, “Blockchain-enabled security framework for enhancing IoT networks: A two-layer approach,” Int. J. Adv. Comput. Sci. Appl., vol. 14, no. 10, 2023. DOI: https://doi.org/10.14569/IJACSA.2023.0141059

[5] E. Ben-Sasson, A. Chiesa, D. Genkin, E. Tromer, and M. Virza, “Succinct non-interactive zero knowledge for a von Neumann architecture,” in Proc. 23rd USENIX Security Symp., 2014.

[6] J. Groth, “On the size of pairing-based non-interactive arguments,” in Proc. EUROCRYPT 2016, LNCS vol. 9666, pp. 305–326, 2016. DOI: https://doi.org/10.1007/978-3-662-49896-5_11

[7] A. Gabizon, Z. J. Williamson, and O. Ciobotaru, “Plonk: Permutations over Lagrange-bases for oecumenical noninteractive arguments of knowledge,” Cryptology ePrint Archive, 2019.

[8] Aztec Protocol, “Aztec Connect: Private DeFi with zk-rollups,” technical documentation, 2022.

[9] L. Pearson, A. Gabizon, and Z. J. Williamson, “TurboPlonk,” unpublished manuscript, 2020.

[10] A. Gabizon and Z. J. Williamson, “The lookup argument,” unpublished manuscript, 2020.

[11] D. Boneh and V. Shoup, “A Graduate Course in Applied Cryptography,” draft version 0.5, 2020.

[12] Zcash Foundation, “The Bellman library,” online, 2018.

[13] B. Parno, J. Howell, C. Gentry, and M. Raykova, “Pinocchio: Nearly practical verifiable computation,” in Proc. IEEE Symp. Security Privacy (S&P), 2013, pp. 238–252. DOI: https://doi.org/10.1109/SP.2013.47

[14] A. Kate, G. M. Zaverucha, and I. Goldberg, “Constant-size commitments to polynomials and their applications,” in Proc. ASIACRYPT 2010, LNCS vol. 6477, pp. 177–194, 2010. DOI: https://doi.org/10.1007/978-3-642-17373-8_11

[15] E. Ben-Sasson, I. Bentov, Y. Horesh, and M. Riabzev, “Fast Reed-Solomon interactive oracle proofs of proximity,” in Proc. ICALP 2018, 2018.

[16] J. Lee, “Dory: Efficient, transparent arguments for generalised inner products and polynomial commitments,” in

Proc. TCC 2021, LNCS vol. 13044, pp. 1–34, 2021.

17] A. Golovnev et al., “Brakedown: Linear-time and post-quantum SNARKs for R1CS,” Cryptology ePrint Archive, Rep. 2021/1043, 2021.

[18] Polygon Zero, “Plonky2: Fast recursive arguments with PLONK and FRI,” technical report, 2022.

[19] J. Eberhardt and S. Tai, “ZoKrates: Scalable privacy-preserving off-chain computations,” in Proc. IEEE Blockchain, 2018, pp. 1084–1091. DOI: https://doi.org/10.1109/Cybermatics_2018.2018.00199

[20] Zcash Foundation, “The Halo2 Book,” online, 2021.

[21] B. Chen et al., “HyperPlonk: Plonk with linear-time prover and high-degree custom gates,” Cryptology ePrint Archive, Rep. 2023/570, 2023. DOI: https://doi.org/10.1007/978-3-031-30617-4_17

[22] K. Zejdler et al., “BaseFold: Efficient field-agnostic polynomial commitment schemes,” in Proc. EUROCRYPT 2024,

2024.

[23] S. Setty, B. Braun, N. V. Vu, A. J. G. Binz, T. Zakian, and J. Tiwari, “Jolt: SNARKs for virtual machines via lookups,” in Proc. EUROCRYPT 2024, LNCS vol. 14601, pp. 1–34, 2024.

[24] B. Bünz, J. Bootle, D. Boneh, A. Poelstra, P. Wuille, and G. Maxwell, “Bulletproofs: Short proofs for confidential transactions and more,” in Proc. IEEE Symp. Security Privacy (S&P), 2018, pp. 315–334. DOI: https://doi.org/10.1109/SP.2018.00020

[25] J. Kim et al., “Sangria: A PLONK-based zk-SNARK with transparent setup,” in Proc. IEEE Symp. Security Privacy (S&P), 2024.

[26] Y. Zhang et al., “Recursive proof composition with PLONK and Halo2,” J. Cryptol., vol. 38, no. 2, pp. 1–27, 202