The goal of this repository is to experiment with verifiable encryption: provably share secrets in presence of an arbitrator.
We implement two protocols as Python code and Solidity smart contracts, allowing the arbitrator to be anyone with a Python interpreter or the Ethereum blockchain.
In both cases, A(lice) wants to share a secret with B(ob).
The protocols are explained in this blog post.
| ECC protocol | ZK protocol | |
|---|---|---|
fingerprint |
curve25519(secret) |
SHA256(secret) or keccak(secret) (could also easily support babyjubjub(secret) ) |
| Elliptic Curve | Curve25519 | Baby Jubjub |
| Need of a trusted setup | No | Yes |
| Need for client-side verification | Yes | No |
| Number of messages | 3 (Alice Bob Alice) when there is no cheating | 2 (Bob Alice) |
| Gas consumption | 1.5M | 1.4M + 900k per use |
| Dependencies | None | ZoKrates |
# Install ZoKrates
curl -LSfs get.zokrat.es | sh
# Install Python dependencies
pip install -r requirements.txtpython secret_nft/compile_zk.py# -s to display full output
pytest -sWe did not implement the endpoints that allow Alice to claim Bob cheated in their message of the ECC protocol.
The verification is however simple to implement in Solidity by reproducing the ecies_check function.
A practical use does not necessarily require it as Bob could be allowed to claim back their funds after some time. Alice would need to check that the contract still has a positive balance to avoid disclosing the secret without payment.