The image is made by Bing Image Creator (Powered by DALL·E 3)

This repository is an implementation of zRA protocol, a non-interactive method for constructing a transparent remote attestation (RA) protocol based on zkSNARKs.

This protocol eliminates the need for online and trusted services during attestation. The protocol provides a publicly verifiable attestation mechanism with generating ZK proofs for pre-image solutions for commitments within a specialized Merkle tree. In other words, zRA requires the device (prover) to demonstrate knowledge of specific values (challenge, response, and public_key) that when combined and hashed, result in a leaf within the Merkle tree. In practice, this approach can be viewed as an adaptation of the Tornado-cash protocol to enhance remote attestation.

Watch the following video presentation of the zRA protocol at NDSS-24:

The initial paper of this protocol has been accepted/published as part of the NDSS'24 Conference.
For more details on the building blocks, performance and security analysis of zRA, we advise you to check the manuscript, available at NDSS'24.

Title: From Interaction to Independence: zkSNARKs for Transparent and Non-Interactive Remote Attestation
Authors: Shahriar Ebrahimi, Parisa Hassanizadeh
Conference: NDSS 2024
PDF of the Camera-Ready Version: NDSS24.pdf

All of the experiments are reproducible on commodity hardware using Linux-based operating systems. We have provided pre-built executable/binary files in the repository that can be used easily for benchmarking.

All of the benchmarks are also have been done successfully on the following tiny boards:

1. ASUS TinkerBoard
2. Raspberry Pi Zero 2W

The only preparation that is required to execute benchmarks is installing "node js and snarkjs package" that can be done in any OS easily as follows:

For Installing Node JS:

curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.3/install.sh | bash

source ~/.bashrc

nvm install v16.20.0

For installing snarkjs:

npm install -g snarkjs

1. clone the repository with following command:
   git clone https://github.com/zero-savvy/zk-remote-attestation.git

2. go to the benchmark directory:
   cd zk-remote-attestation/benchmarking

3. We have prepared a script for benchmark. Simply give it execution permissions:
   chmod +x script.sh

4. Run the benchmarks!
   The script takes two inputs: 1) number of tests, and 2) the test name [choose from ra10 , ra20, ra30, and ra40].

Example 1: running proofs of attestation tree with height of 30 for 10 times:
./script.sh 10 ra30

Example 2: running proofs of attestation tree with height of 20 for 5 times:
./script.sh 5 ra20

Sample output: The script reports the average time for generating witness and the proof. Below is a sample output:

Average witness generation time: 0.4152 seconds
Average proof generation time: 0.7881 seconds

Implementation of zRA could not be possible without the following open-source projects and we appreciate all the efforts done by the community. Especially, we have used following repositories to build zRA:

[1] Circom: For building and compiling ZK circuits.

[2] CircomLib: Used for globaly tested POSEIDON implementations on Circom.

[3] Tronado-Core: Used for audited implementations of MerkleTree proofs on Circom.

[4] Circom-compatible POSEIDON implementation in JavaScript: Shoutout to @BigWhaleLabs for the accurate implementation of POSEIDON that is compatible with CircomLib.

This work is licensed under Attribution-NonCommercial 4.0 International