|
|
|
|
|
|
by Ar-Curunir
54 days ago
|
|
|
I don’t think that these attacks indicate things one way or another for ZKPs vs TEEs. After all, you yourself mention catastrophic breaks for various TEE implementations. There are two kinds of issues: a break in the proof system, and a break in the program that proof system is proving. The first is analogous to vulnerabilities in the TEE platform, of which, as you yourself note, there have been numerous. The second is analogous to a bug in the program running in the TEE. Again, this is a kind of bug that’s totally possible when writing plain software too. Yes, ZKP-based privacy mechanisms have an issue where if you have these soundness bugs, it can be catastrophic. We can and should design ZKP systems that are resistant to such issues. But it’s just part of the maturity cycle of the tech. AFAIK dusk was an early adopter of the tech back when we were still figuring out how to implement things securely. |
|
|
TEEs have had attacks, but the good ones like Xbox One or classical SGX didn't have any catastrophic attacks. All attacks were fixable via software updates that could be rolled out quickly and easily.
ZKPs have had multiple catastrophic attacks now. By catastrophic I mean there is no way to recover. Once the problem is discovered the entire database the ZKPs were protecting is a writeoff.
I stopped following ZKP research years ago but at the time it appeared this problem was fundamental. By design these systems leave only small mathematical objects behind that prove things about something you can't see. If the proofs can be forged it's game over, there's no data which can be used to restore trust in the system. I don't see how this can be addressed with maturity, and cryptographers have been pushing circuit based ZKP systems for 15 years now, so how long exactly is this maturation process supposed to take?
You can use TEEs in a way that yield catastrophic attacks, but the system I designed didn't have that problem.