Collaborative SNARKs

Stub

Collaborative SNARKs is an (quite an) universal way of turning an arithmetic MPC protocol into so called "auditable MPC" - i.e. the computation scheme in which the correctness is guaranteed with a ZK-proof, even in case of compromise of MPC. It is described in this recent work, we will briefly state their properties.

1. Collaborative SNARK takes as an input a shared witness - i.e. the witness vector to the computation, linearly shared between parties. So, an arithmetic MPC is a natural fit for it (because it, roughly, produces shared witness as its computation trace).
2. This witness is then treated (in MPC) to produce a proof (efficiently - for schemes relying mostly on linear operations and few pairings, notably Groth16 and PlonK). The performance at this stage almost does not degrade compared to a single party computation.
3. Naturally, this also turns some semi-honest computation schemes into maliciously secure, because the proof will fail. This, however, has exceptions and limitations - notably, when deviation from the protocol might break privacy without breaking correctness. This is, in particular, important for the oblivious random permuation case.