IACR News item: 19 May 2025
Min Zhang, Yu Chen, Xiyuan Fu, Zhiying Cui
ePrint Report
Cryptocurrencies enable transactions among mutually distrustful users, necessitating strong privacy, namely, concealing both transfer amounts and participants' identities, while maintaining practical efficiency. While UTXO-based cryptocurrencies offer mature solutions achieving strong privacy and supporting multi-receiver transfers, account-based cryptocurrencies currently lack practical solutions that simultaneously guarantee these properties.
With the aim to close this gap, we propose a generic framework for account-based cryptocurrencies that achieve strong privacy and support multi-receiver transfers, and then give a practical instantiation called \textit{Anonymous PGC}. Experimental results demonstrate that, for a 64-sized anonymity set and 8 receivers, Anonymous PGC outperforms Anonymous Zether (IEEE S\&P 2021) --- which offers limited anonymity and no multi-receiver support --- achieving 2.6$\times$ faster transaction generation, 5.1$\times$ faster verification, and 2.1$\times$ reduction in transaction size.
Along the way of building Anonymous PGC, we present two novel $k$-out-of-$n$ proofs. First, we generalize the Groth-Kohlweiss (GK) $1$-out-of-$n$ proof (EUROCRYPT 2015) to the $k$-out-of-$n$ case, resolving an open problem of its natural generalization. Particularly, the obtained $k$-out-of-$n$ proof lends itself to integrate with range proofs in a seamless way, yielding an efficient $k$-out-of-$n$ range proof, which demonstrates that $k$ witnesses among $n$ instances lie in specific ranges. Second, we extend the Attema-Cramer-Fehr (ACF) $k$-out-of-$n$ proof (CRYPTO 2021) to support distinct group homomorphisms, improving its expressiveness while reducing both prover and verifier complexities from quadratic to linear. We believe these two $k$-out-of-$n$ proofs are of independent interest, and will find more applications in privacy-preserving scenarios.
With the aim to close this gap, we propose a generic framework for account-based cryptocurrencies that achieve strong privacy and support multi-receiver transfers, and then give a practical instantiation called \textit{Anonymous PGC}. Experimental results demonstrate that, for a 64-sized anonymity set and 8 receivers, Anonymous PGC outperforms Anonymous Zether (IEEE S\&P 2021) --- which offers limited anonymity and no multi-receiver support --- achieving 2.6$\times$ faster transaction generation, 5.1$\times$ faster verification, and 2.1$\times$ reduction in transaction size.
Along the way of building Anonymous PGC, we present two novel $k$-out-of-$n$ proofs. First, we generalize the Groth-Kohlweiss (GK) $1$-out-of-$n$ proof (EUROCRYPT 2015) to the $k$-out-of-$n$ case, resolving an open problem of its natural generalization. Particularly, the obtained $k$-out-of-$n$ proof lends itself to integrate with range proofs in a seamless way, yielding an efficient $k$-out-of-$n$ range proof, which demonstrates that $k$ witnesses among $n$ instances lie in specific ranges. Second, we extend the Attema-Cramer-Fehr (ACF) $k$-out-of-$n$ proof (CRYPTO 2021) to support distinct group homomorphisms, improving its expressiveness while reducing both prover and verifier complexities from quadratic to linear. We believe these two $k$-out-of-$n$ proofs are of independent interest, and will find more applications in privacy-preserving scenarios.
Additional news items may be found on the IACR news page.