Platform monopolies have turned the contemporary internet into digital feudalism, extracting profit from human connection while enabling surveillance and censorship. Iran’s 2019 near-blackout, which cut connectivity to 5 %, exposed how centralized architectures become authoritarian chokepoints. Yet scholarship remains fragmented: most studies isolate protocols instead of synthesizing how technical design and political economy co-evolve. We compare federated systems such as ReP2P Matrix, Nostr’s peer-to-peer networks, Bluesky’s AT Protocol, blockchain communication hybrids, and Named Data Networking. Our multi-method study of decentralized internet alternatives blends traffic analytics of 4 million Nostr users on 600 relays, performance benchmarks, economic sustainability modeling, and architectural case studies. We ask whether these designs can fulfil the promise of a truly decentralized internet. The evidence is mixed. SendingNetwork scales group messaging linearly, and Waku proves spam-resistant peer-to-peer networks with <300 ms proof generation; however, no single protocol reconciles censorship resistance, usability, and economic sustainability. Nostr delivers uncompromising censorship resistance yet consumes 35 × the resources of centralized systems. Bluesky’s growth leaves 98.9 % of identities non-portable. Community mesh networks invite new hierarchies of technical privilege. Accepting irreducible trade-offs must guide emerging web3 governance. Communities will choose architectures aligned with their values, but meaningful decentralization will remain aspirational until funding models and accessibility gaps are resolved.

The optimization of batch processing and micro-payment systems in account-based anonymous blockchain systems

Q-BFT: zero-knowledge data quality gate for byzantine fault-tolerant consensus

Abstract Non-interactive zero-knowledge (NIZK) proofs of knowledge have proven to be highly relevant for securely realizing a wide array of applications that rely on both privacy and correctness . They enable a prover to convince any party of the correctness of a public statement for a secret witness . However, most NIZKs do not natively support proving knowledge of a secret witness that is distributed over multiple provers. Previously, collaborative proofs [54] have been proposed to overcome this limitation. We investigate the notion of composability in this setting, following the Commit-and-Prove design of LegoSNARK [19]. Composability allows users to combine different, specialized NIZKs (e.g., one for arithmetic circuits, one for boolean circuits, and one for range proofs) with the aim of reducing the proof generation time. Moreover, it opens the door to efficient realizations of many applications in the collaborative setting such as mutually exclusive prover groups, combining collaborative and single-party proofs and efficiently implementing publicly auditable secure multiparty computing (PA-MPC). We present the first, general definition for collaborative commitand- prove NIZK (CP-NIZK) proofs of knowledge and construct MPC protocols to enable their realization. We implement our protocols for two commonly used NIZKs, Groth16 and Bulletproofs, and evaluate their practicality in a variety of computational settings. Our findings indicate that composability adds only minor overhead, especially for large circuits. We also evaluated our construction in two application settings, one of which shows 18– $$55\times $$ 55 × runtime reduction when compared to prior works while requiring only a fraction ( $$0.2\%$$ 0.2 % ) of the communication.

This paper explores how Zero-Knowledge Proofs (ZKPs) can enhance the privacy and security of decentralized supply chains. Although blockchain technology enhances supply chain transparency, it also reveals sensitive information, including supplier identities, pricing strategies, and transaction volumes. ZKPs offer a feasible approach in that subjects can authenticate data without revealing the underlying data, whilst keeping the information confidential and maintaining trust. In this study, the main performance indicators, including the time to verify a transaction (0.48 seconds), communication overhead (1.3 KB proof size), and privacy (95) in the ZKP-based system, are examined. ZKPs can enhance economic security by eliminating risks, such as industrial espionage and counterparty fraud, that can arise from publicly accessible data in historical blockchain systems. The performance of ZKP-enabled networks is also compared with that of traditional transparent blockchain systems. The major benefits are data privacy (95 % in ZKPs and 40 % in traditional systems) and scalability (80 % high and 60 % moderate). The paper also discusses how AI-based ZKP generation can speed up proof generation and automated compliance auditing to uphold regulatory compliance, including the General Data Protection Regulation (GDPR) and Anti-Money Laundering (AML). By incorporating AI into the ZKP procedure, proof generation can be sped up, yielding significant improvements in efficiency. This study finds that ZKPs can provide an effective approach to decentralized supply chain security, privacy, efficiency, and regulatory compliance, thereby making global trade activities more secure, transparent, and efficient.

Abstract Ensuring data consistency across multiple cloud service providers (CSPs) is essential for maintaining the reliability and security of multi-cloud storage systems. However, most existing related works rely on trusted third parties (TTPs) and are vulnerable to collusion, which undermines trust and efficiency. To overcome these challenges, we propose MDCV, a decentralized and collusion-resistant consistency verification scheme for multi-cloud storage. MDCV leverages smart contracts to autonomously coordinate consistency verification process without relying on any TTP, thereby ensuring transparency, immutability, and trust-free verification. Specifically, MDCV employs a collusion-resistant public verification protocol in which each CSP binds the proof generation process to its private key and generates non-interactive, publicly verifiable consistency proof using pseudo-random challenges derived from blockchain transaction IDs. This design not only prevents colluding CSPs from generating forged proofs but also supports public auditing. Formal security analysis demonstrates the soundness of the proposed scheme, while experimental results show that MDCV achieves efficient proof generation and verification with lower computational and communication overhead, validating its practicality in real-world multi-cloud backup auditing systems.

Digital product passports outline information about a product’s lifecycle, circularity, and sustainability-related data. Sustainability data contains claims about carbon footprint, recycled material composition, ethical sourcing of production materials, etc. Also, upcoming regulatory directives require companies to disclose this type of information. However, current sustainability reporting practices face challenges, such as greenwashing, where companies make incorrect claims that are difficult to verify. There is also a challenge of disclosing sensitive production information when other stakeholders, such as consumers or other economic operators, wish to verify sustainability claims independently. Zero-knowledge proofs (ZKPs) provide a cryptographic system for verifying statements without revealing sensitive information. The goal of this research paper is to explore ZKP cryptography, trust models, and implementation concepts for extending DPP capability in privacy-aware reporting and verification of sustainability claims in products. To achieve this goal, first, formal representations of sustainability claims are provided. Then, a data matrix and trust model for generating proofs are developed. An interaction sequence is provided to show different components for various proof generation and verification scenarios for sustainability claims. Lastly, the paper provides a circuit template for the proof generation of an example claim and a credential structure for their input data validation. The proposed approach is assessed using a scenario-based evaluation to check the performance metrics for data credential verification and proof generation for verifying material composition in a product.

Digital identity verification is central to trust management on the evolving decentralized web. Traditional web-based identity models, which are heavily centralized and dependent on trusted intermediaries, pose significant challenges related to user privacy, data security, and regulatory compliance, especially in sensitive contexts such as Know Your Customer (KYC) processes. This paper introduces a novel privacy-preserving KYC verification framework leveraging Zero-Knowledge Proofs (ZKPs), Self-Sovereign Identity (SSI), Decentralized Identifiers (DIDs), and smart contracts, explicitly designed as a decentralized trust infrastructure for web-based interoperable payments. Our approach enables users to verify their identities across multiple platforms without revealing sensitive personal information, thereby significantly reducing long-term reliance on centralized authorities and enhancing user control and privacy. Furthermore, our system achieves cross-chain interoperability, ensuring that identity verification credentials can be securely and efficiently recognized across diverse Web3 ecosystems. We present a detailed prototype implementation of our DID framework, highlighting its ability to meet regulatory requirements while ensuring seamless interoperability across platforms. Comprehensive performance evaluations, including metrics on proof generation time, gas consumption, and transaction costs, demonstrate that the framework achieves low-latency verification and efficient execution, making it suitable for high-throughput, web-scale deployment.

Embedded systems, as computational platforms with limited memory, compute capability, and bandwidth-constrained interfaces, are deployed across industrial infrastructures such as smart grid metering units, and supply chain modules to manage transactional credits bound to physical commodities or operational entitlements. To facilitate decentralized coordination across administrative domains of embedded systems, blockchain-based ledgers provide globally verifiable settlement and tokenbased credits, yet their inherent transparency exposes transaction metadata: credit transaction flow, credit types and value transferred and exchanged, etc., thus raising confidentiality concerns. These concerns are compounded by the requirement to enable multi-type credit transfer and exchange across heterogeneous embedded systems, each backed by distinct blockchains, and by the challenge of coordinating cryptographic protocol execution where only edge servers, connected to the local embedded devices, maintain as blockchain nodes. We present M3-Mix, a system with protocols suite for cross-chain credit transfer and exchange that prevents source–destination traceability (mixer for unlinkability) and supports multi-token-type, mixing credit exchange under embedded system constraints via embedding devices’ cryptographic offloading to edge servers as blockchain relayers. The architecture integrates SNARK-verifiable nullifier-based mixing, commitment-compatible credit encoding, and a Book-Settle coordination protocol that resolves nondeterminism in token exchanges under adversarial reordering. We implement a comprehensive system using Groth16 over the hash within R1CS via the Gnark framework, and benchmark through emulated ARM embedded processors, demonstrating low-latency proof generation, small and bounded RAM usage, and constant-size proofs consisting of eight 256-bit words, using smart contract deployments on Ethereum Sepolia confirming practical gas efficiency with various number of transactions in a mixer obfuscated set (Merkle depths).

A sharing framework based on Zero-Knowledge Proof (ZKP) and Proxy Re-encryption (PRE) technologies offers a promising solution for sharing Student Electronic Academic Records (SEARs). As core credentials in the education sector, student records are characterized by strong identity binding, the need for long-term retention, frequent cross-institutional verification, and sensitive information. Compared with electronic health records and government archives, they face more complex security, privacy protection, and storage scalability challenges during sharing. These records not only contain sensitive data such as personal identity and academic performance but also serve as crucial evidence in key scenarios such as further education, employment, and professional title evaluation. Leakage or tampering could have irreversible impacts on a student’s career development. Furthermore, traditional blockchain technology faces storage capacity limitations when storing massive academic records, and existing general electronic record sharing solutions struggle to meet the high-frequency verification demands of educational authorities, universities, and employers for academic data. This study proposes a dedicated sharing framework for students’ electronic academic records, leveraging PRE technology and the distributed ledger characteristics of blockchain to ensure transparency and immutability during sharing. By integrating the InterPlanetary File System (IPFS) with Ethereum Smart Contract (SC), it addresses blockchain storage bottlenecks, enabling secure storage and efficient sharing of academic records. Relying on optimized ZKP technology, it supports verifying the authenticity and integrity of records without revealing sensitive content. Furthermore, the introduction of gate circuit merging, constant folding techniques, Field-Programmable Gate Array (FPGA) hardware acceleration, and the efficient Bulletproofs algorithm alleviates the high computational complexity of ZKP, significantly reducing proof generation time. The experimental results demonstrate that the framework, while ensuring strong privacy protection, can meet the cross-scenario sharing needs of student records and significantly improve sharing efficiency and security. Therefore, this method exhibits superior security and performance in privacy-preserving scenarios. This framework can be applied to scenarios such as cross-institutional academic certification, employer background checks, and long-term management of academic records by educational authorities, providing secure and efficient technical support for the sharing of electronic academic credentials in the digital education ecosystem.

We present the first horizontally scalable polynomial commitment scheme (PCS) that is both transparent and plausibly post-quantum (PQ) secure. This PCS can be combined with the distributed polynomial interactive oracle proof (PIOP) introduced in Pianist (IEEE S& P 2024), which achieves linear scalability by encoding witnesses using bivariate polynomials. While Pianist and other scalable SNARK systems offer strong performance profiles, they rely on trusted setup ceremonies and cryptographic assumptions that are not PQ secure, e.g., pairing-based primitives. In contrast, we present a bivariate PCS based on FRI, which, when used to compile the Pianist PIOP, achieves a transparent and plausibly PQ alternative. Distributed FRI has a high communication cost. Therefore, we introduce Fold-and-Batch, a customizable technique that applies partial folding locally before performing batched FRI centrally. We formally prove the security of our constructions and provide an implementation for three variants of distributed FRI, accompanied by thorough performance evaluations. Our results show that Fold-and-Batch reduces communication overhead compared to existing distributed FRI approaches, while preserving scalability and maintaining moderate proof sizes. To our knowledge, this is the first horizontally scalable PCS that simultaneously achieves transparency, plausible PQ security, and a tunable tradeoff between efficiency, verifier cost, and communication.

Integrity auditing with deduplication enables integrity verification of cloud-stored IoT data while alleviating storage overhead caused by data redundancy. In most existing deduplication auditing schemes, authenticators are generated using the initial client’s key. However, clients are often vulnerable to key exposure. Compromise of the private key undermines the auditing security of all identical files. Although client-key-based schemes provide stronger security, they still suffer from the risk of gradual key-exposure in long-term deployments. Therefore, achieving integrity auditing, data deduplication, and resistance to long-term key-exposure simultaneously remains a challenging problem. While some existing schemes achieve these objectives, they rely on a third-party auditor. Compromise of the auditor would endanger all clients, and its continuous involvement could incur additional communication overhead. To address these limitations in cloud-based IoT data storage, this work presents an integrity auditing scheme that simultaneously supports deduplication and long-term key-exposure resilience without requiring a third party for key updates. By aggregating authenticators and public keys of clients, authenticator storage, proof generation and proof verification costs remain independent of the number of participating clients. Additionally, the integrity of previously uploaded data remains protected even when all clients’ secret keys at the current time are compromised. Our scheme is provably secure in the random oracle model under the ℓ-wBDHI<sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">∗</sup><sub xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">3</sub> assumption. Performance evaluations further demonstrate that the authenticator size and auditing cost are unaffected by the number of identical files, making the scheme practical for cloud-based IoT systems.

The digital transformation of education necessitates secure, private, and learner-centric methods for verifying academic credentials. Conventional verification processes expose sensitive personally identifiable information, creating privacy risks that conflict with data protection regulations like GDPR. Existing blockchain solutions for educational credential verification face persistent challenges including prohibitive transaction costs, privacy vulnerabilities, and inflexible verification models. This paper presents VeriZKP, a proof-of-concept architecture demonstrating gas-free credential verification on Ethereum using zero-knowledge proofs. The core innovation lies in separating on-chain trust anchoring from off-chain cryptographic computation, enabling a novel cost-elimination mechanism. The system leverages Ethereum’s view functions through pre-compiled verifier contracts to achieve zero gas consumption for verification operations while preserving privacy through selective disclosure mechanisms. Our prototype, evaluated on Ethereum Sepolia testnet, validates the fundamental feasibility of this approach. Results demonstrate complete elimination of verification costs, practical client-side proof generation times of 1.02-1.63 seconds on standard hardware, and support for multi-attribute credential verification. The architecture proves both economically viable and performant for blockchain-based identity systems.

Zero-knowledge succinct non-interactive arguments of knowledge (zk-SNARKs) have emerged as a critical technology for privacy-preserving computation and blockchain applications. However, systematic performance analysis of practical implementations remains limited, hindering informed technology adoption decisions. This study presents a comprehensive benchmarking analysis of the Groth16 protocol implementation using the widely-adopted Circom-snarkjs framework. We developed an automated benchmarking platform that systematically measures performance across seven representative circuit types with varying computational complexity (1-11 R1CS constraints). Our methodology ensures reproducible measurements through controlled experimental design with statistical validation. The platform captures detailed metrics for all three phases of the Groth16 protocol: witness generation, proof creation, and verification. Results from 35 independent measurements reveal several important findings. Witness generation demonstrates consistent performance across circuit types, averaging 57.6±12.1 milliseconds. Proof generation times range from 832 to 1,147 milliseconds, showing non-linear scaling with circuit complexity. Verification times remain relatively stable (741-884 milliseconds), confirming Groth16's theoretical constant-time verification advantage. All measurements achieved 100% success rate with complete proof validation. Notably, circuit structure significantly impacts performance beyond simple constraint counting. Comparison-based circuits achieve 13.22 constraints per second efficiency, substantially outperforming arithmetic circuits (1.02-4.36 constraints/second). This finding provides actionable guidance for circuit design optimization. The study contributes an open-source benchmarking framework for reproducible zk-SNARK research and provides empirical performance data for technology adoption decisions. Our findings support the practical deployment of Groth16 for applications requiring efficient zero-knowledge proofs while highlighting optimization opportunities for circuit designers.

Smart contracts enable programmatic agreements but face two persistent problems: high on-chain cost (throughput/latency) and weak privacy (public ledger exposes transaction semantics). We propose a hybrid on-chain/off-chain commitment scheme (HOC-C) that combines lightweight on-chain commitments, verifiable off-chain computation, and succinct zero-knowledge proofs to deliver privacy-preserving contract execution at scale. In HOC-C, sensitive inputs and heavy computations are executed off-chain by a consortium of replicated verifiers; the verifiers publish a succinct zk-SNARK proof of correct execution plus a small state commitment on-chain. The on-chain contract verifies the proof and updates state atomically. To prevent malicious collusion among verifiers, HOC-C integrates an economic incentive layer and challenge windows where anyone can publish refutation proofs; the refutation burden is designed to be less than the honest-verifier cost. We implement HOC-C using a prototype that plugs into an EVM-compatible chain (Ethereum testnet) and evaluate performance for representative workloads (private auctions, confidential supply-chain workflows, private token-transfer batching). The system reduces gas cost by an order of magnitude compared to naive on-chain execution while preserving end-to-end confidentiality for user inputs. We analyze security properties (soundness, liveness, and economic incentive compatibility) and discuss trade-offs: proof generation latency vs. throughput, verifier decentralization vs. amortized cost. HOC-C offers a practical roadmap for adopting private, inexpensive smart contracts on mainstream blockchains.

Abstract With the rising volume of transactions on blockchains, signature verification becomes a critical bottleneck of efficiency, hindering scalability and performance. This paper presents a general approach to batch verification of arbitrary signatures on blockchain. By leveraging the memory-friendliness of incremental verifiable computation (IVC) and optimizing for blockchain environments, the proposed scheme can enhance scalability, reduce memory consumption, and ensure compatibility with common devices while supporting an arbitrary number of signature verifications. This approach allows for the concurrent generation of IVC proofs while receiving signatures from other nodes, making it particularly well-suited for low-latency blockchain applications. As a concrete instantiation of our approach, we introduce BEATS (Batch ECDSA Transaction verification Scheme), where the underlying SNARK is instantiated by Spartan with Bulletproof commitment. Our implementation, evaluated on a virtual machine with 8 cores and 16 GB RAM, shows significant performance gains compared to Spartan BP , which is the direct construction using Spartan with Bulletproof commitment to verify a batch of ECDSA. The comparison shows that BEATS speeds up the prover by 3–7 times and the verifier by 48–240 times when handling up to 2 11 ECDSA signatures, the maximum batch size supported by Spartan BP . For larger batches exceeding 2 10 , our scheme outperforms the baseline approach, which verifies ECDSA signatures one by one without any proof system. Our verifier achieved a speedup of 21–174 times compared to the baseline as the batch size grows to 2 20 . Furthermore, BEATS exhibits a remarkably low memory footprint, with peak memory usage remaining below 1 GB.

ABSTRACT Blockchain technology improves transparency and security in agricultural food supply chains (FSC) but faces challenges related to data privacy and emerging computational threats. These issues limit the efficiency and security of permissioned blockchain systems. To address these, a novel cryptographic framework, Permutations Supersonic Ligero Elliptic eXtended Merkle Curve Digital Signature Algorithm, is proposed. In permissioned blockchain-based FSC, metadata exposure and cross-entity data aggregation create privacy risks, allowing adversaries to infer sensitive operational insights by analyzing transaction patterns and correlating data fragments across entities. To mitigate this, the Permutations Supersonic Ligero Fractal (PSLF) is introduced, which ensures transparent, scalable, and compact proof generation, while preserving metadata privacy and preventing adversaries from reconstructing sensitive insights. Also enforces privacy-preserving protocols to limit data exposure across multiple participants and prevent leakage. Additionally, quantum threats, specifically through Shor’s algorithm, threaten the security of cryptographic systems used in FSC. To counter this, the Elliptic eXtended Merkle Curve Digital Signature Algorithm (EXMC-DSA) is presented, which combines quantum-resistant key exchange and signature schemes, ensuring robust security against quantum attacks. This hybrid cryptographic approach ensures both current efficiency and future-proof resilience. As a result, the proposed model outperforms the existing methods in terms of low execution time, low proof generation, and verification time.

The increasing use of federated learning (FL) in healthcare IoT demands rigorous verification to ensure the correctness of remote model training without compromising patient data privacy. However, existing approaches either assume full trust in clients or introduce high computational and communication costs when integrating cryptographic guarantees. In this work, we propose a lightweight, privacy-preserving federated learning framework that integrates zk-SNARK-based verifiable training over a ring topology. Our system ensures that each client’s model update and aggregation step can be independently verified without revealing sensitive data or requiring a central auditor. We design an efficient proof composition strategy (CGro16) tailored for chained convolution operations and commitment schemes optimized for healthcare models. We also introduce a matrix polynomial-based masking mechanism (MatProofs) to support zero-knowledge commitments for convolutional neural networks (CNNs).Experimental results on standard benchmarks (MNIST, CIFAR-100) show up to 47% reduction in proof generation time and 39% lower memory overhead compared to baseline zk-SNARK schemes. The protocol is also benchmarked on edge devices (Jetson Nano, Raspberry Pi), confirming its suitability for remote and wearable healthcare scenarios.

The growing reliance on digital financial services necessitates a secure, efficient, and privacy-centric approach to identity verification and Know Your Customer (KYC) compliance. Traditional identity management systems rely on centralized databases, making them susceptible to data breaches, inefficiencies, and regulatory constraints. Over 10 billion identity records have been exposed in centralized KYC breaches, leading to a 60% increase in financial fraud cases. The rise of Decentralized Finance (DeFi) has further complicated KYC compliance, requiring innovative solutions that balance privacy and regulatory requirements. This paper proposes a Web3-powered decentralized identity framework that leverages blockchain technology, self-sovereign identity (SSI), verifiable credentials (VCs), and zero-knowledge proofs (ZKPs). By eliminating reliance on centralized authorities, our system enhances data privacy, reducing personally identifiable information (PII) disclosure by 80% while ensuring compliance with AML and GDPR regulations. The integration of zk-SNARKs enables trustless identity verification with an average proof generation time of 12.5 seconds, significantly reducing the 3-5 day verification period required by traditional systems. Smart contract-based KYC automation eliminates intermediaries, cutting compliance costs by 40% and reducing fraud risk by 60%. Through comparative analysis, we highlight that decentralized KYC improves security, cost-effectiveness, and scalability compared to traditional models. Performance evaluation confirms that transaction throughput remains within acceptable blockchain limits, with gas costs stabilized at 35,000-55,000 Gwei per verification request. Despite challenges in regulatory adaptation and zk-SNARK scalability, the proposed model demonstrates the feasibility of Web3-driven identity management for trustless, privacy-preserving, and compliant financial ecosystems.

Generative AI has shown its value for many software engineering tasks. Still in its infancy, large language model (LLM)-based proof generation lags behind LLM-based code generation. In this paper, we present AutoVerus. AutoVerus uses LLMs to automatically generate correctness proof for Rust code. AutoVerus is designed to match the unique features of Verus, a verification tool that can prove the correctness of Rust code using proofs and specifications also written in Rust. AutoVerus consists of a network of agents that are crafted and orchestrated to mimic human experts' three phases of proof construction: preliminary proof generation, proof refinement guided by generic tips, and proof debugging guided by verification errors. To thoroughly evaluate AutoVerus and help foster future research in this direction, we have built a benchmark suite of 150 non-trivial proof tasks, based on existing code-generation benchmarks and verification benchmarks. Our evaluation shows that AutoVerus can automatically generate correct proof for more than 90% of them, with more than half of them tackled in less than 30 seconds or 3 LLM calls.