Integrating zero-knowledge proofs into federated learning: a path to on-chain verifiable and privacy-preserving federated learning frameworks

PurposeThe growing concern over privacy leakage has led to reduced user participation in data sharing, prompting the exploration of novel techniques such as federated learning (FL). Meanwhile, existing FL solutions often overlook the validation of the training process, leaving room for malicious trainers to introduce false or toxic local models, detrimental to the global model's utility. This study aims to propose a zero-knowledge proof-based verifiable federated learning (ZKP-FL) framework on the blockchain.Design/methodology/approachZKP-FL leverages zero-knowledge proofs to verify the extensive local training process without threatening the local privacy. To reduce the memory and runtime overhead, the authors divide the training algorithm to be proven into smaller pieces and generating proofs for each segment. The authors leverage sigma-protocol to ensure the consistency and reliability of these proofs. Moreover, they design a secure model aggregation protocol that matches the local proofs, safeguarding the data privacy of individual local models throughout the process. Furthermore, this aggregation protocol can also guarantee the correctness of the aggregation.FindingsTo establish the effectiveness and security of ZKP-FL, the authors conduct a formal security analysis in terms of completeness, soundness and zero-knowledge properties. Experimental evaluations with different algorithms and models within the ZKP-FL framework demonstrate that with parallel execution the additional proof time per round is minimal.Originality/valueThis paper offers a novel perspective on security and privacy of FL, providing valuable insights that extend the current understanding of verifiable FL. The findings contribute to the ZKP-FL, highlighting areas for future research and practical applications.