zk-AuthFeed: Protecting Data Feed to Smart Contracts With Authenticated Zero Knowledge Proof

The emerging blockchain technology, combined with the smart contract paradigm, is expected to transform traditional applications with decentralization. When the blockchain technology is applied to decentralize traditional applications, blockchain validators may need to take in sensitive off-chain data to execute a smart contract. On the one hand, decentralized applications (DApps) require authentic off-chain input data to correctly execute a given business procedure. On the other hand, users are reluctant to expose their sensitive privacy on the blockchain. For example, for a decentralized medical insurance DApp that takes as input personal health data, it is critical to guarantee authenticity and privacy of the data sent to the smart contract, such that the data can be verified by validators without leaking sensitive information. However, no satisfactory solution has been proposed to attain privacy and authenticity at the same time. In this work, we first present a highly efficient authenticated zero knowledge proof protocol called zk-DASNARK by extending the classical zk-SNARK scheme with data authentication. Based on zk-DASNARK, we design zk-AuthFeed, a zero-knowledge authenticated off-chain data feed scheme to achieve both data privacy and authenticity for blockchain-based DApps. Following the strategy of "compute off-chain and verify on-chain", zk-AuthFeed can significantly reduce computation cost of blockchain validators. We fully implement a prototype of zk-AuthFeed, and conduct comprehensive experiments on a medical insurance DApp. We consider 4 typical computation models for insurance premium/reimbursement in the experiments. It shows that zk-AuthFeed is highly efficient: key generation takes about 10 seconds only, proof generation takes less than 4 seconds, and proof verification takes less than 40 ms.