Short Privacy-Preserving Proofs of Liabilities

Abstract

In the wake of fraud scandals involving decentralized exchanges and the significant financial loss suffered by individuals, regulators are pressed to put in place mechanisms that enforce customer protections and capital requirements in decentralized ecosystems. Proof of liabilities (PoL) is such a mechanism: it allows a prover (e.g., an exchange) to prove its liability to a verifier (i.e., a customer), in such a way the verifier is assured their liability is accounted for in the total liabilities claimed by the prover. This paper introduces a fully privacy-preserving PoL scheme with short proofs. We first store the prover’s liabilities in a sparse summation Verkle tree (SVVT), a tree in which each internal node is a hiding vector commitment of its children and whose root commits to the sum of all the leaves in the tree. We then leverage inner product arguments to prove that a liability of user is included in the total liabilities of the prover without leaking any information beyond the liability’s inclusion. The privacy of the scheme follows from the history independence of the SVVT, the zero-knowledge of the inner product arguments, and the hiding property of the vector commitments. Our construction yields proofs of size $ {𝑂(log_𝑛(𝑁))} $ for trees of ary 𝑛 and size 𝑁. Additionally, we show how to further optimize the proof size using aggregation. Finally, we benchmark our scheme using an SVVT of size $ {2^{256}} $ and an another of size $ {10^9} $ that covers the universe of all US social security numbers.