zk-DASTARK: A quantum-resistant, data authentication and zero-knowledge proof scheme for protecting data feed to smart contracts

The emergence of blockchain technology and smart contracts revolutionize traditional digital applications such as identity management, supply chain management, banking and financial services with Decentralized Applications (DApps). When DApps are integrated with blockchain technology, blockchain validators can access user-sensitive off-chain data to execute a smart contract. On the one hand, DApps need authentic off-chain input user data to execute a given business scenario properly. On the other hand, users are more concerned about their privacy and are reluctant to share their sensitive data on the blockchain. For instance, healthcare insurance DApp requires sensitive user health data as input. DApp must ensure the privacy and authenticity of the user data given to the smart contract so that blockchain validators can perform operations on the user's data without disclosing the user's personal information. However, there is no complete solution to achieve both user privacy and data authenticity at the same time. To address this problem, we propose a highly efficient authenticated zero-knowledge proof scheme named zk-DASTARK by enhancing the standard zk-STARK scheme with a quantum attack-resistant data authentication scheme (CRYSTALS Dilithium digital signature scheme, now FIPS-204 or ML-DSA by the National Institute of Standards and Technology, NIST in the USA). Based on zk-DASTARK, we design a zk-STARKFeed, a zero-knowledge authenticated off-chain data feed mechanism that provides user data privacy and authentication for blockchain-based DApps. The blockchain validators' computation costs can be significantly reduced using zkSTARKFeed with the integration of the "compute off-chain and verify on-chain" approach. We have implemented zk-STARKFeed on the IOTA blockchain and performed extensive testing on the healthcare insurance DApp. Our proposed zk-STARKFeed is highly efficient on the IOTA blockchain in such a way that its proof generation takes less than 60 ms (ms) and its proof verification takes less than 10 ms.