Boris Düdder

Zibin Lin, Taotao Wang, Shengli Zhang et al.

Web 3.0 platforms need an onboarding mechanism that can admit real users at scale without forcing them to reveal identity documents or pay one on-chain verification cost per user. Existing approaches typically rely on KYC-style disclosure, per-request on-chain verification, or trusted batching, making onboarding cost and latency difficult to predict under bursty demand. We present \textbf{ZK-AMS}, a credibly anonymous admission infrastructure that maps Personhood Credentials to anonymous on-chain Soul Accounts. Rather than introducing a new primitive, ZK-AMS composes zero-knowledge credential validation, permissionless batch submission, recursive proof aggregation, and anonymous post-admission account provisioning into one end-to-end workflow. Its key design feature is a confidential batching pipeline in which admission instances of a common relation are folded off-chain under multi-key homomorphic encryption, allowing an untrusted batch submitter to coordinate aggregation without direct access to individual user witnesses during batching; the confidentiality scope is characterized explicitly in the security analysis. The resulting batch is settled on-chain with constant verification cost per batch rather than per admitted user. We implement ZK-AMS on an Ethereum testbed and evaluate admission throughput, end-to-end latency, gas consumption, and parameter trade-offs. Results show stable batch-verification gas across evaluated batch sizes, substantially lower amortized on-chain cost than the non-recursive baseline, and practical cost-latency trade-offs for high-concurrency onboarding in Web 3.0 platforms.

Kaiping Cui, Xia Feng, Liangmin Wang et al.

Secure aggregation enables federated learning (FL) to perform collaborative training of clients from local gradient updates without exposing raw data. However, existing secure aggregation schemes inevitably perform an expensive fresh setup per round because each client needs to establish fresh input-independent secrets over different rounds. The latest research, Flamingo (S&P 2023), designed a share-transfer-based reusable secret key to support the server continuously performing multiple rounds of aggregation. Nevertheless, the share transfer mechanism it proposed can only be achieved with P probability, which has limited reliability. To tackle the aforementioned problems, we propose a more reliable and anonymously authenticated scheme called Chu-ko-nu for multi-round secure aggregation. Specifically, in terms of share transfer, Chu-ko-nu breaks the probability P barrier by supplementing a redistribution process of secret key components (the sum of all components is the secret key), thus ensuring the reusability of the secret key. Based on this reusable secret key, Chu-ko-nu can efficiently perform consecutive aggregation in the following rounds. Furthermore, considering the client identity authentication and privacy protection issue most approaches ignore, Chu-ko-nu introduces a zero-knowledge proof-based authentication mechanism. It can support clients anonymously participating in FL training and enables the server to authenticate clients effectively in the presence of various attacks. Rigorous security proofs and extensive experiments demonstrated that Chu-ko-nu can provide reliable and anonymously authenticated aggregation for FL with low aggregation costs, at least a 21.02% reduction compared to the state-of-the-art schemes.

Xikun Jiang, He Lyu, Chenhao Ying et al.

With the increasingly widespread application of machine learning, how to strike a balance between protecting the privacy of data and algorithm parameters and ensuring the verifiability of machine learning has always been a challenge. This study explores the intersection of reinforcement learning and data privacy, specifically addressing the Multi-Armed Bandit (MAB) problem with the Upper Confidence Bound (UCB) algorithm. We introduce zkUCB, an innovative algorithm that employs the Zero-Knowledge Succinct Non-Interactive Argument of Knowledge (zk-SNARKs) to enhance UCB. zkUCB is carefully designed to safeguard the confidentiality of training data and algorithmic parameters, ensuring transparent UCB decision-making. Experiments highlight zkUCB's superior performance, attributing its enhanced reward to judicious quantization bit usage that reduces information entropy in the decision-making process. zkUCB's proof size and verification time scale linearly with the execution steps of zkUCB. This showcases zkUCB's adept balance between data security and operational efficiency. This approach contributes significantly to the ongoing discourse on reinforcing data privacy in complex decision-making processes, offering a promising solution for privacy-sensitive applications.

Yibin Xu, Jianhua Shao, Yangyu Huang et al.

Blockchain Sharding is a blockchain performance enhancement approach. By splitting a blockchain into several parallel-run committees (shards), it helps increase transaction throughput, reduce computational resources required, and increase reward expectation for participants. Recently, several flexible sharding methods that can tolerate up to $n/2$ Byzantine nodes ($n/2$ security level) have been proposed. However, these methods suffer from three main drawbacks. First, in a non-sharding blockchain, nodes can have different weight (power or stake) to create a consensus, and as such an adversary needs to control half of the overall weight in order to manipulate the system ($p/2$ security level). In blockchain sharding, all nodes carry the same weight. Thus, it is only under the assumption that honest participants create as many nodes as they should that a $n/2$ security level blockchain sharding reaches the $p/2$ security level. Second, when some nodes leave the system, other nodes need to be reassigned, frequently, from shard to shard in order to maintain the security level. This has an adverse effect on system performance. Third, while some $n/2$ approaches can maintain data integrity with up to $n/2$ Byzantine nodes, their systems can halt with a smaller number of Byzantine nodes. In this paper, we present a $p/2$ security level blockchain sharding approach that does not require honest participants to create multiple nodes, requires less node reassignment when some nodes leave the system, and can prevent the system from halting. Our experiments show that our new approach outperforms existing blockchain sharding approaches in terms of security, transaction throughput and flexibility.

Jan Bessai, Boris Düdder, Andrej Dudenhefner et al.

We study an assignment system of intersection types for a lambda-calculus with records and a record-merge operator, where types are preserved both under subject reduction and expansion. The calculus is expressive enough to naturally represent mixins as functions over recursively defined classes, whose fixed points, the objects, are recursive records. In spite of the double recursion that is involved in their definition, classes and mixins can be meaningfully typed without resorting to neither recursive nor F-bounded polymorphic types. We then adapt mixin construct and composition to Java and C#, relying solely on existing features in such a way that the resulting code remains typable in the respective type systems. We exhibit some example code, and study its typings in the intersection type system via interpretation into the lambda-calculus with records we have proposed.

Boris Düdder, Oliver Garbe, Moritz Martens et al.

We describe ongoing work on a framework for automatic composition synthesis from a repository of software components. This work is based on combinatory logic with intersection types. The idea is that components are modeled as typed combinators, and an algorithm for inhabitation {\textemdash} is there a combinatory term e with type tau relative to an environment Gamma? {\textemdash} can be used to synthesize compositions. Here, Gamma represents the repository in the form of typed combinators, tau specifies the synthesis goal, and e is the synthesized program. We illustrate our approach by examples, including an application to synthesis from GUI-components.