Wenhao Wang (Yale University, IC3), Fangyan Shi (Tsinghua University), Dani Vilardell (Cornell University, IC3), Fan Zhang (Yale University, IC3)

Succinct Non-interactive Arguments of Knowledge (SNARKs) can enable efficient verification of computation in many applications. However, generating SNARK proofs for large-scale tasks, such as verifiable machine learning or virtual machines, remains computationally expensive. A promising approach is to distribute the proof generation workload across multiple workers. A practical distributed SNARK protocol should have three properties: horizontal scalability with low overhead (linear computation and logarithmic communication per worker), accountability (efficient detection of malicious workers), and a universal trusted setup independent of circuits and the number of workers. Existing protocols fail to achieve all these properties.

In this paper, we present Cirrus, the first distributed SNARK generation protocol achieving all three desirable properties at once. Our protocol builds on HyperPlonk (EUROCRYPT'23), inheriting its universal trusted setup. It achieves linear computation complexity for both workers and the coordinator, along with low communication overhead. To achieve accountability, we introduce a highly efficient accountability protocol to localize malicious workers. Additionally, we propose a hierarchical aggregation technique to further reduce the coordinator’s workload.

We implemented and evaluated Cirrus on machines with modest hardware. Our experiments show that Cirrus is highly scalable: it generates proofs for circuits with 33M gates in under 40 seconds using 32 8-core machines. Compared to the state-of-the-art accountable protocol Hekaton (CCS’24), Cirrus achieves over 7× faster proof generation for PLONK-friendly circuits such as the Pedersen hash. Our accountability protocol also efficiently identifies faulty workers within just 4 seconds, making Cirrus particularly suitable for decentralized and outsourced computation scenarios.

View More Papers

Through the Authentication Maze: Detecting Authentication Bypass Vulnerabilities in...

Nanyu Zhong (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Key Laboratory of Network Assessment Technology, Chinese Academy of Sciences; Beijing Key Laboratory of Network Security and Protection Technology), Yuekang Li (University of New South Wales), Yanyan Zou (Institute of Information Engineering, Chinese Academy of…

Read More

Adaptive Quantum-Safe Cryptography for 6G Vehicular Networks via Context-Aware...

Poushali Sengupta (University of Oslo), Mayank Raikwar (University of Oslo), Sabita Maharjan (University of Oslo), Frank Eliassen (University of Oslo), Yan Zhang (University of Oslo)

Read More

cwPSU: Efficient Unbalanced Private Set Union via Constant-weight Codes

Qingwen Li (Xidian University), Song Bian (Beihang University), Hui Li (Xidian University)

Read More