mirror of
https://repo.getmonero.org/monero-project/ccs-proposals.git
synced 2024-10-01 01:35:55 -04:00
Merge !197
Bulletproofs+ Audit for Monero See merge request monero-project/ccs-proposals!197
This commit is contained in:
commit
4a854695db
48
bulletproofs-plus-audit.md
Normal file
48
bulletproofs-plus-audit.md
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
---
|
||||||
|
layout: fr
|
||||||
|
title: "Bulletproofs+ Audit for Monero"
|
||||||
|
author: Suyash Bagad
|
||||||
|
date: 22 December 2020
|
||||||
|
amount: 90.3
|
||||||
|
milestones:
|
||||||
|
- name: Audit Report of Bulletproofs+ Code and the E-print paper
|
||||||
|
funds: 100% (90.3 XMR)
|
||||||
|
done:
|
||||||
|
status: unfinished
|
||||||
|
payouts:
|
||||||
|
- date:
|
||||||
|
amount:
|
||||||
|
---
|
||||||
|
|
||||||
|
### Overview
|
||||||
|
|
||||||
|
Hello everyone! This CCS proposal is for the audit of the Bulletproofs+ [implementation](https://github.com/SarangNoether/monero/tree/bp-plus) for range proofs in Monero. [Bulletproofs+](https://eprint.iacr.org/2020/735) is a more efficient range proof protocol building on [Bulletproofs](https://eprint.iacr.org/2017/1066.pdf). Bulletproofs+ for Monero has been implemented by Dr. Sarang Noether as per [this](https://charity.gofundme.com/o/en/campaign/dr-sarang-noether-to-implement-bulletproofs-in-monero) proposal. Bulletproofs+ offers at least 5% proof size reduction and 5-10% speedup in verification[^1]. Refer to our blogs[^2] for in-depth technical differences between Bulletproofs and Bulletproofs+.
|
||||||
|
|
||||||
|
### Scope
|
||||||
|
|
||||||
|
We aim to perform a cryptographic and security assessment of the Bulletproof+ (referred to as BP+ hereafter) protocol specific to the Monero blockchain. Our goal is to establish the readiness of a specific C++ implementation of BP+ as a drop in replacement to the existing range proof protocol Bulletproofs in Monero. We plan to cover the following points as a part of the audit:
|
||||||
|
1. A full peer review of the eprint version ([link](https://eprint.iacr.org/2020/735)) of the paper with focus on the soundness of the scheme. Note that at the time of writing this proposal, the paper is not yet published in a peer-reviewed conference/journal.
|
||||||
|
2. Thorough examination if the BP+ code ([link](https://github.com/SarangNoether/monero/tree/bp-plus)) accurately represents the Bulletproofs+ prove and verify algorithms, in particular
|
||||||
|
- To check if the code allows an attacker to generate a false proof that the verify algorithm deems as correct,
|
||||||
|
- To check if the code leaks any information to an attacker from examining the proof generated by an honest prover,
|
||||||
|
3. Assess the correctness of the C++ code (~1500 lines of code of BP+ including tests and headers) from a logical and an implementation point of view, including the underlying elliptic curve arithmetic used. We will use an independent Rust [implementation](https://github.com/ZenGo-X/bulletproofs) to provide an extra layer of validation.
|
||||||
|
4. Focus on identifying vulnerabilities related to security and in particular the cryptographic properties. We will do our best effort to offer improvements to the code.
|
||||||
|
|
||||||
|
### About Us
|
||||||
|
|
||||||
|
Our team consists of the following members:
|
||||||
|
1. [Omer Shlomovits](https://www.omershlomovits.com/): Co-founder of [ZenGoX](https://zengo.com/research/), [MPC-Alliance](https://www.mpcalliance.org/), [ZK-Tel-Aviv](https://www.meetup.com/Zero-Knowledge-Tel-Aviv/). Vastly [experienced](https://www.omershlomovits.com/work) in Crypto & Blockchain research, implementing complex cryptographic systems.
|
||||||
|
2. [Suyash Bagad](https://suyash67.github.io/homepage/): Cryptography Engineer at Aztec Protocol, ZenGoX Research member, B.Tech and M.Tech from the Indian Institute of Technology, Bombay with thesis primarily on [Privacy-preserving Proofs of Reserves for Monero and Grin](https://suyash67.github.io/homepage/assets/pdfs/suyash-masters-thesis.pdf). First author of 2 papers presented to IEEE S&B, Crypto Valley conferences. Experienced in implementing zero-knowledge proof systems.
|
||||||
|
|
||||||
|
Note: We are the same team who had first [proposed](https://repo.getmonero.org/monero-project/ccs-proposals/-/merge_requests/156) the implementation of BP+ for Monero.
|
||||||
|
|
||||||
|
### Funding Note
|
||||||
|
|
||||||
|
We estimate to complete the project in about 1 month in two steps: (i) Full peer review of the paper, (ii) Complete audit of the implementation in form of a well-compiled report. We need a funding of XMR 90.3 (equivalent of $15,000) as per 7-day average price (1 XMR = $166.13) on Kraken. This project will include both Suyash and Omer working as well as academic advisory from [Prof. Claudio Orlandi](https://users-cs.au.dk/orlandi/).
|
||||||
|
|
||||||
|
|
||||||
|
[^1]: Dr. Sarang's blog on Bulletproofs+. Available: https://gist.github.com/SarangNoether/ee6367fa8b5500120b2a4dbe23b71694
|
||||||
|
|
||||||
|
[^2]: Comparing Bulletproofs and Bulletproofs+. Available ([Part I](https://suyash67.github.io/homepage/project/2020/07/03/bulletproofs_plus_part1.html), [Part II](https://suyash67.github.io/homepage/project/2020/07/03/bulletproofs_plus_part2.html), [Part III](https://suyash67.github.io/homepage/project/2020/07/03/bulletproofs_plus_part3.html))
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user