Integration of ZK-based ECDSA Signature Verification into DCAP v3 Attestation

Question

Opened this issue 6 months ago · 0 comments

Optimisation of on-chain DCAP v3 Attestation via ZK-based ECDSA signature verification

Goal: Change the on-chain ecdsa256 signature verifications to ZK circuit verification, to reduce the gas used in verification.

The POC provided by Clique is to perform a ZKP generation and verification for #3.
https://github.com/CliqueOfficial/zk-dcap-verifier

Off-chain part
- ZKP Circuit
  - Leverage the Clique’s POC, test the possibility of parameterizing the circuit inputs.
  - Aggregate multiple ecdsa256 signature verifications into 1 circuit.
- User-friendly CLI
  - Produce a signature proof given a DCAP v3 quote.
  - Produce the unsigned transaction to the smart contract, by using the quote and circuit.
On-chain part
- Smart contract
  - Adjust the function interface to add the ZKP circuit parameter.
  - Adjust the signature verifications to use the ZKP circuit, send the decoded fields as the public inputs to the circuit to perform an aggregated ecdsa256 signature verification, the number of the public inputs is equal to 3 times of the number of ecdsa256 signature verifications. Because we need to verify the cert chain, and it will be greater than 3 ecdsa256 signature verifications because of the intermediate certs.
  - Benchmark and breakdown gas cost for new implementation.

Summary of ECDSA signatures performed in the circuit: