Alberto Garoffolo

Ulrich Haböck, Alberto Garoffolo, Daniele Di Benedetto

This document describes Darlin, a succinct zero-knowledge argument of knowledge based on the Marlin SNARK (Chiesa et al., Eurocrypt 2020) and the `dlog' polynomial commitment scheme from Bootle et al. EUROCRYPT 2016. Darlin addresses recursive proofs by integrating the amortization technique from Halo (IACR eprint 2019/099) for the non-succinct parts of the dlog verifier, and we adapt their strategy for bivariate circuit encoding polynomials to aggregate Marlin's inner sumchecks across the nodes the recursive scheme. We estimate the performance impact of inner sumcheck aggregation by about 30% in a tree-like scheme of in-degree 2, and beyond when applied to linear recursion.

Alberto Garoffolo, Dmytro Kaidalov, Roman Oliynykov

In the Zendoo whitepaper we introduced a novel SNARK-based construction that allows Bitcoin-like blockchains to create and communicate with sidechains of different types without knowing their internal structure. We also introduced a specific construction, called Latus, allowing creation of fully verifiable sidechains. In the paper we omitted a detailed description of an incentive scheme for Latus that is an essential element of a real decentralized system. This paper fills the gap by introducing details of the incentive scheme for the Latus sidechain. The represented ideas can also be adopted by other SNARK-based blockchains to incentivize decentralized proofs creation.

Alberto Garoffolo, Dmytro Kaidalov, Roman Oliynykov

Sidechains are an appealing innovation devised to enable blockchain scalability and extensibility. The basic idea is simple yet powerful: construct a parallel chain -- sidechain -- with desired features, and provide a way to transfer coins between the mainchain and the sidechain. In this paper, we introduce Zendoo, a construction for Bitcoin-like blockchain systems that allows the creation and communication with sidechains of different types without knowing their internal structure. We consider a parent-child relationship between the mainchain and sidechains, where sidechain nodes directly observe the mainchain while mainchain nodes only observe cryptographically authenticated certificates from sidechain maintainers. We use zk-SNARKs to construct a universal verifiable transfer mechanism that is used by sidechains. Moreover, we propose a specific sidechain construction, named Latus, that can be built on top of this infrastructure, and realizes a decentralized verifiable blockchain system for payments. We leverage the use of recursive composition of zk-SNARKs to generate succinct proofs of sidechain state progression that are used to generate certificates' validity proofs. This allows the mainchain to efficiently verify all operations performed in the sidechain without knowing any details about those operations.

Alberto Garoffolo, Robert Viglione

We propose a novel sidechain construction tailored to be compatible with the Horizen blockchain and designed for conducting secure and decentralized cross-chain transfers without requiring the mainchain nodes to track sidechains to verify them. The proposed scheme can also be adopted for other similar blockchain systems. We show that our cross-ledger transfer mechanism is secure under certain plausible assumptions.