Trusted Computing on Untrusted Platforms with privacy guarantees - A ZKS*ARKs approach

**TL;DR**: We try to solve the problem of running obfuscated code on an open-source client and provide security and privacy guarantees for both the client and a service provider. We guarantee that: i) it is hard for the user to learn the obfuscated logic; ii) the user cannot forge or tamper with outputs of the computation; iii) user can verify the number of bits of the output of the computation; iv) the user can provide private outputs to the computation that are not leaked to anyone else; v) service providers can verify that the output is valid; This system is useful to implement privacy-preserving anti fraud systems, where the user runs anti fraud logic locally without needing to disclose any of their personal and critical data to a service provider. The anti fraud runs locally only, the user can check how many bits are leaked by the computation to avoid fingerprinting and the service provider has strong guarantees that the output of the computation (e.g. is fraud/ is not fraud) is not forged by an attacker. --- **Abstract:** We design a system that allows a server (verifier) to request clients (provers) to run obfuscated instructions without revealing the instruction logic. The system enables running trusted computation on untrusted platforms with strong security and privacy guarantees for both the verifier and the prover. Our system has the following guarantees: i) the client is be able to prove the validity and correctness of the output of the obfuscated computation to the verifier, given a set of private (to the verifier) and public inputs; and ii) the client can learn the amount of information (i.e. number of bits) that the output "leaks" to the verifier. We assume the client to be curious and potentially an active attacker: i.e., the client has incentives to de-obfuscate the logic running locally and to attempt to tamper the results of the computation. Our system leverages zk-SNARKs to implement the features and guarantees required to run trusted computing on untrusted platforms: the prover executes an arbitrary and encrypted boolean circuit locally and produces a zero-knowledge proof that can be validated by the verifier. We implement and perform measurements of our system running on Brave browser and study the practicality and scalability of the system in real world settings, with focus on a fraud prevention mechanism that runs on the web browser. ## Context The main goal of this project is to build a zk-based scheme that allows a server (verifier) to request clients (provers) to run obfuscated anti-fraud logic locally without revealing the anti-fraud logic. In addition, the client must be able to run the anti-fraud logic with private inputs that are not revealed to the server and prove the correctness of the output resulting from running the anti-fraud logic. The client is curious and potentially an active attacker: i.e., the client has incentives to learn about the anti-fraud running locally and to attempt to tamper the results in order to try to bypass anti-fraud checks. ## High-level goals - **Integrity / non-forgeability**: The output extracted from the client and sent to the server should be hard/impossible to forge and change by attackers; - **Non-replayability**: Ensure that attackers cannot replay reputation attestations; - **Confined obfuscation**: Reputation logic is obfuscated but cannot make network requests; - **Output verifiability / privacy-preserving**: Users can verify that only a small amount of bits are sent to the server as result of the attestation; - **Flexibility**: Reputation logic should be updated on a per-wallet basis in real-time and without requiring changes in the browser; - **Implementation feasibility and simplicity**;