More Web Proxy on the site http://driver.im/

research-article

zkay: Specifying and Enforcing Data Privacy in Smart Contracts

Authors:

Samuel Steffen,

Benjamin Bichsel,

Mario Gersbach,

Martin VechevAuthors Info & Claims

CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security

Pages 1759 - 1776

https://doi.org/10.1145/3319535.3363222

Published: 06 November 2019 Publication History

Abstract

Privacy concerns of smart contracts are a major roadblock preventing their wider adoption. A promising approach to protect private data is hiding it with cryptographic primitives and then enforcing correctness of state updates by Non-Interactive Zero-Knowledge (NIZK) proofs. Unfortunately, NIZK statements are less expressive than smart contracts, forcing developers to keep some functionality in the contract. This results in scattered logic, split across contract code and NIZK statements, with unclear privacy guarantees. To address these problems, we present the zkay language, which introduces privacy types defining owners of private values. zkay contracts are statically type checked to (i) ensure they are realizable using NIZK proofs and (ii) prevent unintended information leaks. Moreover, the logic of zkay contracts is easy to follow by just ignoring privacy types. To enforce zkay contracts, we automatically transform them into contracts equivalent in terms of privacy and functionality, yet executable on public blockchains. We evaluated our approach on a proof-of-concept implementation generating Solidity contracts and implemented 10 interesting example contracts in zkay. Our results indicate that zkay is practical: On-chain cost for executing the transformed contracts is around 1M gas per transaction (~0.50US$) and off-chain cost is moderate.

Supplementary Material

WEBM File (p1759-steffen.webm)

Download
114.48 MB

References

[1]

N. Z. Aitzhan and D. Svetinovic. 2018. Security and Privacy in Decentralized Energy Trading Through Multi-Signatures, Blockchain and Anonymous Messaging Streams. IEEE Transactions on Dependable and Secure Computing (2018).

[2]

Thomas H. Austin, Jean Yang, Cormac Flanagan, and Armando Solar-Lezama. 2013. Faceted Execution of Policy-agnostic Programs. In PLAS'13. https://doi.org/10.1145/2465106.2465121

[3]

Michael Backes and Dominique Unruh. 2008. Computational Soundness of Symbolic Zero-Knowledge Proofs Against Active Attackers. In CSF '08. https://doi.org/10.1109/CSF.2008.20

[4]

Assi Barak, Martin Hirt, Lior Koskas, and Yehuda Lindell. 2018. An End-to-End System for Large Scale P2P MPC-as-a-Service and Low-Bandwidth MPC for Weak Participants. In CCS '18. https://doi.org/10.1145/3243734.3243801

Digital Library

[5]

David Basin, Jannik Dreier, and Ralf Sasse. 2015. Automated Symbolic Proofs of Observational Equivalence. In CCS '15. https://doi.org/10.1145/2810103.2813662

[6]

Eli Ben-Sasson, Iddo Bentov, Yinon Horesh, and Michael Riabzev. 2018. Scalable, transparent, and post-quantum secure computational integrity. Cryptology ePrint Archive. (2018). https://eprint.iacr.org/2018/046.

[7]

Eli Ben-Sasson, Alessandro Chiesa, Daniel Genkin, Eran Tromer, and Madars Virza. 2013. SNARKs for C: Verifying Program Executions Succinctly and in Zero Knowledge. In CRYPTO '13.

[8]

Eli Ben-Sasson, Alessandro Chiesa, Matthew Green, Eran Tromer, and Madars Virza. 2015. Secure Sampling of Public Parameters for Succinct Zero Knowledge Proofs. In SP '15. https://doi.org/10.1109/SP.2015.25

[9]

Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, and Madars Virza. 2014. Succinct Non-interactive Zero Knowledge for a Von Neumann Architecture. In SEC'14. http://dl.acm.org/citation.cfm?id=2671225.2671275

[10]

Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, and Madars Virza. 2017. Scalable Zero Knowledge Via Cycles of Elliptic Curves. Algorithmica 4 (Dec. 2017). https://doi.org/10.1007/s00453-016-0221-0

[11]

Nir Bitansky, Ran Canetti, Alessandro Chiesa, and Eran Tromer. 2012. From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again. In ITCS '12. https://doi.org/10.1145/2090236.2090263

Digital Library

[12]

Manuel Blum, Paul Feldman, and Silvio Micali. 1988. Non-interactive zero-knowledge and its applications. In STOC '88. https://doi.org/10.1145/62212.62222

Digital Library

[13]

Dan Bogdanov, Peeter Laud, and Jaak Randmets. 2014. Domain-Polymorphic Programming of Privacy-Preserving Applications. In PLAS'14. https://doi.org/10.1145/2637113.2637119

[14]

Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, and Howard Wu. 2018. Zexe: Enabling Decentralized Private Computation. IACR Cryptology ePrint Archive (2018).

[15]

Vitalik Buterin. 2016. Privacy on the Blockchain. Available from: https://blog.ethereum.org/2016/01/15/privacy-on-the-blockchain/.

[16]

Vitalik Buterin and Christian Reitwiessner. 2017. EIP 197: Precompiled contracts for optimal ate pairing check on the elliptic curve alt_bn128. http://eips.ethereum.org/EIPS/eip-197 Accessed 2019-04--11.

[17]

Ethan Cecchetti, Fan Zhang, Yan Ji, Ahmed Kosba, Ari Juels, and Elaine Shi. 2017. Solidus: Confidential Distributed Ledger Transactions via PVORM. In CCS '17.

Digital Library

[18]

Raymond Cheng, Fan Zhang, Jernej Kos, Warren He, Nicholas Hynes, Noah M. Johnson, Ari Juels, Andrew Miller, and Dawn Song. 2018. Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contract Execution. CoRR (2018).

[19]

ConsenSys. 2018. Truffle Suite. https://truffleframework.com/.

[20]

Patrick Cousot and Radhia Cousot. 1977. Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In POPL '77. https://doi.org/10.1145/512950.512973

Digital Library

[21]

Daniel Demmler, Thomas Schneider, and Michael Zohner. 2015. ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation. In NDSS '15. https://doi.org/10.14722/ndss.2015.23113

[22]

D. Dolev and A. C. Yao. 1981. On the security of public key protocols. In SFCS '81. https://doi.org/10.1109/SFCS.1981.32

[23]

Jacob Eberhardt and Stefan Tai. 2018. ZoKrates - Scalable Privacy-Preserving Off-Chain Computations. In IEEE International Conference on Blockchain. http://www.ise.tu-berlin.de/fileadmin/fg308/publications/2018/2018_eberhardt_ZoKrates.pdf

[24]

Ethereum Foundation. 2018. Solidity Documentation. https://solidity.readthedocs.io/en/v0.4.24/. Accessed: 2018-08--23.

[25]

Ethereum Foundation. 2019. web3.js Ethereum JavaScript API. https://github.com/ethereum/web3.js. Accessed 2019-05-07.

[26]

Uriel Feige, Dror Lapidot, and Adi Shamir. 1999. Multiple NonInteractive Zero Knowledge Proofs Under General Assumptions. SIAM J. Comput. 1 (Jan. 1999). https://doi.org/10.1137/S0097539792230010

[27]

Rosario Gennaro, Craig Gentry, Bryan Parno, and Mariana Raykova. 2013. Quadratic Span Programs and Succinct NIZKs without PCPs. In EUROCRYPT '13. https://doi.org/10.1007/978--3--642--38348--9_37

[28]

Matthew Green and Ian Miers. 2017. Bolt: Anonymous Payment Channels for Decentralized Currencies. In CCS '17. https://doi.org/10.1145/3133956.3134093

[29]

Jens Groth. 2016. On the Size of Pairing-based Non-interactive Arguments. Cryptology ePrint Archive, Report 2016/260. https://eprint.iacr.org/2016/260.

[30]

Jens Groth and Mary Maller. 2017. Snarky Signatures: Minimal Signatures of Knowledge from Simulation-Extractable SNARKs. Cryptology ePrint Archive, Report 2017/540. https://eprint.iacr.org/2017/540.

[31]

Ethan Heilman, Foteini Baldimtsi, and Sharon Goldberg. 2016. Blindly Signed Contracts: Anonymous On-Blockchain and Off-Blockchain Bitcoin Transactions. (2016).

[32]

Everett Hildenbrandt, Manasvi Saxena, Xiaoran Zhu, Nishant Rodrigues, Philip Daian, Dwight Guth, Brandon Moore, Yi Zhang, Daejun Park, Andrei cStefuanescu, and Grigore Rocsu. 2018. KEVM: A Complete Semantics of the Ethereum Virtual Machine. In CSF'18. IEEE.

[33]

Harry Hodges. 2017. Medical data and the rise of blockchain. Available from: https://www.bookingbug.com/blog/5-ways-blockchain-will-change-the-face-of-retail/. Accessed: 2019-05--11.

[34]

Harry Kalodner, Steven Goldfeder, Xiaoqi Chen, S. Matthew Weinberg, and Edward W. Felten. 2018. Arbitrum: Scalable, private smart contracts. In USENIX Security.

[35]

A. Kosba, A. Miller, E. Shi, Z. Wen, and C. Papamanthou. 2016. Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts. In SP '16. https://doi.org/10.1109/SP.2016.55

[36]

C. Liu, X. S. Wang, K. Nayak, Y. Huang, and E. Shi. 2015. ObliVM: A Programming Framework for Secure Computation. In SP '15. https://doi.org/10.1109/SP.2015.29

[37]

Dahlia Malkhi, Noam Nisan, Benny Pinkas, and Yaron Sella. 2004. Fairplay-a Secure Two-party Computation System. In SSYM'04. http://dl.acm.org/citation.cfm?id=1251375.1251395

[38]

I. Miers, C. Garman, M. Green, and A. D. Rubin. 2013. Zerocoin: Anonymous Distributed E-Cash from Bitcoin. In SP '13. https://doi.org/10.1109/SP.2013.34

[39]

Andrew C. Myers and Andrew C. Myers. 1999. JFlow: Practical Mostly-static Information Flow Control. In POPL '99. https://doi.org/10.1145/292540.292561

[40]

Janus Dam Nielsen and Michael I. Schwartzbach. 2007. A domain-specific programming language for secure multiparty computation. In PLAS'07. https://doi.org/10.1145/1255329.1255333

[41]

Mike Orcutt. 2017. How Blockchain Could Give Us a Smarter Energy Grid. Accessed: 2019-05-09. Available from: https://www.technologyreview.com/s/609077/how-blockchain-could-give-us-a-smarter-energy-grid/.

[42]

B. Parno, J. Howell, C. Gentry, and M. Raykova. 2013. Pinocchio: Nearly Practical Verifiable Computation. In SP '13. https://doi.org/10.1109/SP.2013.47

[43]

A. Rastogi, M. A. Hammer, and M. Hicks. 2014. Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations. In SP '14. https://doi.org/10.1109/SP.2014.48

[44]

Eli Ben Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. 2014. Zerocash: Decentralized Anonymous Payments from Bitcoin. In SP '14. https://doi.org/10.1109/SP.2014.36

Digital Library

[45]

Benedikt Scheungraber. 2018. Eliminate the hassle of flight delay compensation by using smart contracts. Available from: https://medium.com/cashlink-crypto/eliminate-the-hassle-of-flight-delay-compensation-by-using-smart-contracts-a5db3b5c3ed.

[46]

Muyao Shen. 2018. Crypto Valley Declares Blockchain Voting Trial a `Success'. Available from: https://www.coindesk.com/crypto-valley-declares-blockchain-voting-trial-a-success/.

[47]

Lydia Torne and Sophie Sheldon. 2018. Medical data and the rise of blockchain. Available from: http://www.pharmatimes.com/web_exclusives/medical_data_and_the_rise_of_blockchain_1243441. Accessed: 2019-05-09.

[48]

Petar Tsankov, Andrei Dan, Dana Drachsler-Cohen, Arthur Gervais, Florian Bünzli, and Martin Vechev. 2018. Securify: Practical Security Analysis of Smart Contracts. In CCS'18. https://doi.org/10.1145/3243734.3243780

Digital Library

[49]

Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution. In USENIX Security.

Digital Library

[50]

Kevin Wang and Ali Safavi. 2017. Blockchain is empowering the future of insurance. Available from: https://techcrunch.com/2016/10/29/blockchain-is-empowering-the-future-of-insurance/.

[51]

Xiao Wang, Samuel Ranellucci, and Jonathan Katz. 2017. Global-Scale Secure Multiparty Computation. In CCS '17. https://doi.org/10.1145/3133956.3133979

[52]

Yuepeng Wang, Shuvendu K. Lahiri, Shuo Chen, Rong Pan, Isil Dillig, Cody Born, and Immad Naseer. 2018. Formal Specification and Verification of Smart Contracts for Azure Blockchain. arXiv:1812.08829 [cs] (Dec. 2018). http://arxiv.org/abs/1812.08829

[53]

Gavin Wood. 2016. Ethereum: a Secure Decentralised Generalised Transaction Ledger.

[54]

Jean Yang, Travis Hance, Thomas H. Austin, Armando Solar-Lezama, Cormac Flanagan, and Stephen Chong. 2016. Precise, Dynamic Information Flow for Database-backed Applications. In PLDI '16.

[55]

Jean Yang, Kuat Yessenov, and Armando Solar-Lezama. 2012. A Language for Automatically Enforcing Privacy Policies. In POPL '12. https://doi.org/10.1145/2103656.2103669

Digital Library

Cited By

Li RWang QLi YDuan SWang QGalindo D(2025)Bringing Smart Contract Confidentiality via Trusted Hardware: Fact and FictionIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.348429120(159-174)Online publication date: 2025
https://doi.org/10.1109/TIFS.2024.3484291
Luo XXue KXu ZAi MHong JZhang XSun QLu J(2025)EtherCloak: Enabling Multi-Level and Customized Privacy on Account-Model BlockchainsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2024.341861722:1(771-786)Online publication date: Jan-2025
https://doi.org/10.1109/TDSC.2024.3418617
Wei ZSun JZhang ZZhang XYang XZhu L(2024)Survey on Quality Assurance of Smart ContractsACM Computing Surveys10.1145/3695864Online publication date: 14-Sep-2024
https://doi.org/10.1145/3695864
Show More Cited By

Index Terms

zkay: Specifying and Enforcing Data Privacy in Smart Contracts

Recommendations

Zapper: Smart Contracts with Data and Identity Privacy
CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security

Privacy concerns prevent the adoption of smart contracts in sensitive domains incompatible with the public nature of shared ledgers.

We present Zapper, a privacy-focused smart contract system allowing developers to express contracts in an intuitive ...
Making a nymbler nymble using VERBS
PETS'10: Proceedings of the 10th international conference on Privacy enhancing technologies

We propose a new system modeled after Nymble. Like Nymble, our scheme provides a privacy-preserving analog of IP address blocking for anonymizing networks. However, unlike Nymble, the user in our scheme need not trust third parties to maintain their ...
Privacy Breaches in Smart Contract due to Solidity Language and its Protection
ICFNDS '21: Proceedings of the 5th International Conference on Future Networks and Distributed Systems

Abstract - Smart contracts are essentially agreements between two parties, and the information included within them must be kept private and not shared with the outside community. Simultaneously, the most typical smart contract systems’ public nature ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security

November 2019

2755 pages

ISBN:9781450367479

DOI:10.1145/3319535

General Chairs:
Lorenzo Cavallaro
King's College London, UK
,
Johannes Kinder
Bundeswehr University Munich, Germany
,
Program Chairs:
XiaoFeng Wang
Indiana University, USA
,
Jonathan Katz
George Mason University, USA

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 November 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '19

Sponsor:

SIGSAC

CCS '19: 2019 ACM SIGSAC Conference on Computer and Communications Security

November 11 - 15, 2019

London, United Kingdom

Acceptance Rates

CCS '19 Paper Acceptance Rate 149 of 934 submissions, 16%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

58
Total Citations
View Citations
1,641
Total Downloads

Downloads (Last 12 months)97
Downloads (Last 6 weeks)12

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Li RWang QLi YDuan SWang QGalindo D(2025)Bringing Smart Contract Confidentiality via Trusted Hardware: Fact and FictionIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.348429120(159-174)Online publication date: 2025
https://doi.org/10.1109/TIFS.2024.3484291
Luo XXue KXu ZAi MHong JZhang XSun QLu J(2025)EtherCloak: Enabling Multi-Level and Customized Privacy on Account-Model BlockchainsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2024.341861722:1(771-786)Online publication date: Jan-2025
https://doi.org/10.1109/TDSC.2024.3418617
Wei ZSun JZhang ZZhang XYang XZhu L(2024)Survey on Quality Assurance of Smart ContractsACM Computing Surveys10.1145/3695864Online publication date: 14-Sep-2024
https://doi.org/10.1145/3695864
Liang WLiu YYang CXie SLi KSusilo W(2024)On Identity, Transaction, and Smart Contract Privacy on Permissioned and Permissionless Blockchain: A Comprehensive SurveyACM Computing Surveys10.1145/367616456:12(1-35)Online publication date: 29-Jun-2024
https://dl.acm.org/doi/10.1145/3676164
Zyskind GErez YLanger TGrossman IBondarevsky L(2024)FHE-Rollups: Scaling Confidential Smart Contracts on Ethereum and BeyondProceedings of the 6th ACM International Symposium on Blockchain and Secure Critical Infrastructure10.1145/3659463.3660031(1-9)Online publication date: 2-Jul-2024
https://dl.acm.org/doi/10.1145/3659463.3660031
Li YSoska KHuang ZBellemare SQuintyne-Collins MWang LLiu XSong DMiller AQuek TGao DZhou JCardenas A(2024)Ratel: MPC-extensions for Smart ContractsProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3661142(336-352)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3661142
Zhang JChen JWan ZChen TGao JChen ZRoychoudhury APaiva AAbreu RStorey M(2024)When Contracts Meets Crypto: Exploring Developers' Struggles with Ethereum Cryptographic APIsProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3639131(1-13)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3639131
Jiang ZXie MChen HPan YLyu JAu MFang JLiu YWang X(2024)RPSC: Regulatable Privacy-Preserving Smart Contracts on Account-Based BlockchainIEEE Transactions on Network Science and Engineering10.1109/TNSE.2024.342153911:5(4822-4835)Online publication date: Sep-2024
https://doi.org/10.1109/TNSE.2024.3421539
Chen DLiao ZChen RWang HYu CZhang KZhang NShen X(2024)Privacy-Preserving Anomaly Detection of Encrypted Smart Contract for Blockchain-Based Data TradingIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2024.3353827(1-16)Online publication date: 2024
https://doi.org/10.1109/TDSC.2024.3353827
Xia LZhang JWang CTan ZGao JGuan ZChen Z(2024)Cryptcoder: An Automatic Code Generator for Cryptographic Tasks in Ethereum Smart Contracts2024 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)10.1109/SANER60148.2024.00105(976-980)Online publication date: 12-Mar-2024
https://doi.org/10.1109/SANER60148.2024.00105
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten