Benchmarking the Setup of Updatable zk-SNARKs

• Updatable SRS enables any party to join the ceremony, making it a dynamic MPC where the parties are fixed in the generation phase.
• However, none of the subsequent works after Groth et al.’s initial work in Crypto’18 discussed the setup of their schemes in detail.
• A zkSNARK includes three main algorithms (Setup, Prove, Verify), while updatable SNARKs have five algorithms (Setup, SRS-update, SRS-verify, Prove, Verify).
• We discovered that two of the algorithms were missing.
• Additionally, we designed and improved them. Also we found a mistake in Marlin SNARK. Its SRS cannot be updatable knowledge-sound, i.e., it is not extractable. We propose a fix for it.

Download