Toward succinct proofs of solvency

Jeremy Clark

9.27.24

A firm that holds a large amount of crypto-assets on behalf of customers, such as a centralized exchange, can provide some level of assurance to their users by issuing frequent zero-knowledge proofs (ZKPs) of solvency (or reserves). These protocols have been studied for years, open problems remain.

Crypto-assets like BTC or ETH are governed by public key cryptography in a particular setting (secp256k1) that lacks a key feature (bilinear pairings) necessary for many modern, succinct ZKPs. Related work often considers only liabilities (not assets), or it resorts to implementing secp math into the circuit of a general zk-SNARK. Here, Jeremy Clark (Concordia) offers a new proof of solvency that directly covers both assets and liabilities in the poly-iop model (implemented over bls12-381), the “glue” that makes it work for assets on secp blockchains. Ultimately, the protocol is not succinct, but the non-succinct parts are manageable: the “gluing” protocol is largely a one-time pre-computation, and the “spill-over” from the large data sizes results in a proof that is linear in the number of bits used to capture an account balance, while remaining independent of (succinct in) the number of accounts (up to 4 billion accounts).

About the presenter:

Jeremy is an associate professor at the Concordia Institute for Information Systems Engineering. At Concordia, he holds the NSERC/Raymond Chabot Grant Thornton/Catallaxy Industrial Research Chair in Blockchain Technologies. He earned his PhD from the University of Waterloo, where his gold medal dissertation focused on designing and deploying secure voting systems including Scantegrity. Beyond research, he has worked with several municipalities on voting technology and testified to both the Canadian Senate and House finance committees on Bitcoin.

About a16z crypto research:

a16z crypto research is a multidisciplinary lab that works closely with our portfolio companies and others toward solving the important problems in the space, and toward advancing the science and technology of the next generation of the internet.

More about us:

a16z.com/2022/04/21/announcing-a16z-crypto-research More from the a16z crypto team – Subscribe to our ‘web3 weekly newsletter’: a16zcrypto.substack.com – Listen to our ‘web3 with a16z’ podcast: a16zcrypto.com/web3-with-a16z-podcast/ – Read more of our work: a16zcrypto.com

podcast: web3 with a16z

A show about building the next internet, from a16z crypto

Any investments or portfolio companies mentioned, referred to, or described on this page are not representative of all investments in vehicles managed by a16z and there can be no assurance that the investments will be profitable or that other investments made in the future will have similar characteristics or results. Exits include current and former a16z portfolio companies which have been acquired as well as companies which have undergone an initial public offering or direct public offering of shares. Certain publicly traded companies on this list may still be held in Andreessen Horowitz funds. A list of investments made by funds managed by a16z is available here: https://a16z.com/investments/. Excluded from this list are investments for which the issuer has not provided permission for a16z to disclose publicly as well as unannounced investments in publicly traded digital assets. Further, the list of investments is updated monthly and as such may not reflect most recent a16z investments. Past results of Andreessen Horowitz’s investments, pooled investment vehicles, or investment strategies are not necessarily indicative of future results.

© 2024 Andreessen Horowitz WTUVKUCXZLYAD
GGCMUGJX