Curdleproofs：zero-knowledge shuffle argument

1. 引言

以太坊团队2022年论文《Curdleproofs: A Shuffle Argument Protocol》，相关开源代码实现见：

• https://github.com/asn-d6/curdleproofs

Curdleproofs致力于Ethereum PoS中的secret leader election，以防DDOS攻击。

Curdleproofs受Bayer和Groth 2012年论文《Efficient Zero-Knowledge Argument for Correctness of a Shuffle》启发。关于《Efficient Zero-Knowledge Argument for Correctness of a Shuffle》的相关资料有：

• Efficient Zero-Knowledge Argument for Correctness of a Shuffle学习笔记（1）
• Efficient Zero-Knowledge Argument for Correctness of a Shuffle学习笔记（2）
• Efficient Zero-Knowledge Argument for Correctness of a Shuffle学习笔记（3）
• 开源代码https://github.com/3for/verifiable-shuffle

zero-knowledge shuffle arguments可用于：

• 1）Secret leader election protocols
• 2）Message shuffling in mixnets
• 3）Universally verifiable electronic voting protocols

Curdleproofs shuffle argument中包含多个子证明：

• 1）Same Scalar argument
• 2）Same Permutation argument
• 3）Grand Product argument
• 4）Inner Product argument
• 5）Same MultiScalar argument

基于BLS12-381曲线，Curdleproofs在Intel i7-8550U CPU @ 1.80GHz 机器上的性能表现为：

Shuffled ElementsProving (ms)Verification (ms)Shuffling (ms):Proof Size (bytes)601772228396812430427574448252560351214928 参考资料

[1] Curdleproofs：ZK shuffling scheme For Ethereum PoS