zkBridge: Trustless Cross-chain Bridges Made Practical

2022  |  Tiancheng Xie · Jiaheng Zhang · Zerui Cheng · Fan Zhang · Yupeng Zhang · Yongzheng Jia · Dan Boneh · Dawn Song  |  Link to Paper  |  To appear in ACM CCS 2022

We present zkBridge, the first trustless, permissionless, extensible, universal, and efficient cross-chain bridge. With succinct proofs, zkBridge not only guarantees strong security without external assumptions, but also significantly reduces on-chain verification cost. We propose novel succinct proof protocols that are orders-of-magnitude faster than existing solutions for workload in zkBridge. With a modular design, zkBridge enables a broad spectrum of applications, including message passing, token transferring, and other computational logic operating on state changes from different chains. We have already implemented zkBridge between certain chains and evaluated its end-to-end performance. We encourage community members to join us to extend zkBridge to other chains; please fill in the form if you are interested in contributing to this project towards building a universal, secure foundation for multi-chain interoperability...

  Learn More   Read Paper 

Orion: Zero Knowledge Proof with Linear Prover Time

2022  |  Tiancheng Xie · Yupeng Zhang · Dawn Song  |  Link to Paper  |  published in CRYPTO 2022

Zero-knowledge proof is a powerful cryptographic primitive that has found various applications in the real world. However, existing schemes with succinct proof size suffer from a high overhead on the proof generation time that is super-linear in the size of the statement represented as an arithmetic circuit, limiting their efficiency and scalability in practice. In this paper, we present Orion, a new zero-knowledge argument system that achieves \(O(N)\) prover time of field operations and hash functions and \(O(\log^2 N)\) proof size.

  Read Paper   View Repo

MetaData: Exploring the Unprecedented Privacy Risks of the Metaverse

2022  |  Vivek Nair · Gonzalo Munilla Garrido · Dawn Song  |  https://doi.org/10.48550/arXiv.2207.13176

Thirty study participants playtested an innocent-looking "escape room" game in virtual reality (VR). Behind the scenes, an adversarial program had accurately inferred over 25 personal data attributes, from anthropometrics like height and wingspan to demographics like age and gender, within just a few minutes of gameplay. In this work, we illustrate how VR attackers can covertly ascertain dozens of personal data attributes from seemingly-anonymous users of popular metaverse applications…

  Metaverse Research   Learn More   Read Paper   View Repo

MetaGuard: Going Incognito in the Metaverse

2022  |  Vivek Nair · Gonzalo Munilla Garrido · Dawn Song  |  https://doi.org/10.48550/arXiv.2208.05604

We present the first known method of implementing an "incognito mode" for VR. Our technique leverages local ε-differential privacy to quantifiably obscure sensitive user data attributes, with a focus on intelligently adding noise when and where it is needed most to maximize privacy while minimizing usability impact…

  Metaverse Research   Learn More   Read Paper   View Repo

Multi-Factor Key Derivation Function (MFKDF)

2022  |  Vivek Nair · Dawn Song  |  https://doi.org/10.48550/arXiv.2208.05586

Our Multi-Factor Key Derivation Function (MFKDF) expands upon password-based key derivation functions (PBKDFs) with support for using other popular authentication factors like TOTP, HOTP, and hardware tokens in the key derivation process. In doing so, it provides an exponential security improvement over PBKDFs with less than 12 ms of additional computational overhead. The result is a paradigm shift toward direct cryptographic protection of user data using all available authentication factors, with no noticeable change to the user experience…

  Learn More   Read Paper   View Repo

A More Complete Analysis of the Signal Double Ratchet Algorithm

2022  |  Alexander Bienstock · Jaiden Fairoze · Sanjam Garg · Pratyay Mukherjee · Srinivasan Raghuraman

We develop new formal definitions in the Universal Composability framework for the Signal Double Ratchet (DR) protocol. Our definitions (a) capture the security and correctness guarantees of prior work, and (b) capture more guarantees that are absent from one or all prior works. We also present an enhancement of the DR, denoted the Triple Ratchet (TR), that meets a stronger security definition and also applies to other protocols…

  Watch Presentation   Read Paper

Systematization of Knowledge (SoK): DeFi Incidents

2022  |  Liyi Zhou · Xihan Xiong · Jens Ernstberger · Stefanos Chaliasos · Zhipeng Wang · Ye Wang · Kaihua Qin · Roger Wattenhofer · Dawn Song · Arthur Gervais

In this paper, we introduce a common reference frame to systematically evaluate and compare DeFi incidents. We investigate 77 academic papers, 30 audit reports, and 181 real-world incidents. Our open data reveals several gaps between academia and the practitioners' community. For example, few academic papers address "price oracle attacks" and "permissonless interactions", while our data suggests that they are the two most frequent incident types (15% and 10.5% correspondingly). We also investigate potential defenses…

  Read Paper

Copyright ©2022 UC Regents  |  Email us at rdi@berkeley.edu.