During the summer of 2021, Horizen Labs engaged NCC Group to conduct a cryptography review of Zendoo protocol’s proof verifier. This system generates and verifies modified Marlin proofs with a polynomial commitment scheme based on the hardness of the discrete logarithm problem in prime-order groups. The system also provides optimized batch verification of accumulated proofs. The review included a large number of supporting elements for the proof system, such as the underlying field arithmetic, instantiations of specific elliptic curves, a custom hash function, and optimized Merkle Tree implementations. NCC Group assigned three consultants for a total of 42 person-days over the course of five calendar weeks on this review. Following this review, NCC Group performed a retest of the findings uncovered during the initial engagement a few weeks later.

The Public Report for this review may be downloaded below:

Published by Jennifer Fernick

Jennifer Fernick is the Global Head of Research at NCC Group. She can be found on Twitter at @enjenneer.

Published