Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

zk-Bench: A Toolset for Comparative Evaluation and Performance Benchmarking of SNARKs

  • Conference paper
  • First Online:
Security and Cryptography for Networks (SCN 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14973))

Included in the following conference series:

Abstract

Zero-Knowledge Proofs (ZKPs), especially Succinct Non-interactive ARguments of Knowledge (SNARKs), have garnered significant attention in modern cryptographic applications. Given the multitude of emerging tools and libraries, assessing their strengths and weaknesses is nuanced and time-consuming. Often, claimed results are generated in isolation, and omissions in details render them irreproducible. The lack of comprehensive benchmarks, guidelines, and support frameworks is a major barrier in the development of ZKP applications.

In response to this need, we introduce zk-Bench, the first benchmarking framework and estimator tool for performance evaluation of public-key cryptography, with a specific focus on practical assessment of general-purpose ZKP systems. To simplify navigating the complex set of metrics and qualitative properties, we offer a comprehensive evaluation platform, which enables the dissection and analysis of tools for ZKP development to uncover trade-offs throughout the development stack; from low-level arithmetic libraries, to high-level tools for SNARK development.

Using zk-Bench, we (i) collect data across 13 different elliptic curves implemented across 9 libraries, (ii) evaluate 5 tools for ZKP development and (iii) provide a tool for estimating cryptographic protocols, instantiated for the \(\mathcal {P}\mathfrak {lon}\mathcal {K}\) proof system, achieving an accuracy of 6–32% for ZKP circuits with up to millions of gates. By evaluating zk-Bench for various hardware configurations, we find that certain tools for ZKP development favor compute-optimized hardware, while others benefit from memory-optimized hardware. We observed performance enhancements of up to 40% for memory-optimized configurations and 50% for compute-optimized configurations, contingent on the ZKP development tool.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 74.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    The set of solutions forms an additive group, and for cryptographic purposes we generally focus on a subgroup of prime order p. For more information, we direct the curios reader towards [68].

  2. 2.

    https://members.loria.fr/AGuillevic/pairing-friendly-curves/.

  3. 3.

    Cryptographic assumptions are not sufficient for non-interactive ZKP and SNARKs: additional assumptions (such as the random oracle model, the common reference string model, etc.) are required. In the case of SNARKs, we must also rely on so-called non-falsifiable assumptions [36]. Under these additional constraints, SNARKs exist for any NP statement [15].

  4. 4.

    Another possible approach here would be to instead return the mode. Conformingly to our requirement of modularity, we opted for leaving the default metric of those libraries unchanged.

  5. 5.

    Note: different libraries sometimes refer to the same curve using different names. BN254 is also called BN256 and alt_bn128.

  6. 6.

    We excluded ffjavascript from Fig. 5 for visual clarity.

  7. 7.

    https://github.com/zkCollective/bench-data.

References

  1. zk-Harness: A Benchmarking Framework for SNARKs, 2023. https://github.com/zkCollective/zk-Harness

  2. Mohammad Bagher Abiat. Tinybench, 2023. https://github.com/tinylibs/tinybench

  3. Anoma. Zkp (circuit) compiler shootout, 2023. https://github.com/anoma/zkp-compiler-shootout

  4. arkworks contributors. arkworks zksnark ecosystem, 2022. https://arkworks.rs

  5. Baghery, K., Mertens, A., Sedaghat, M.: Benchmarking the setup of updatable Zk-SNARKs. In: Aly, A., Tibouchi, M. (eds.) Progress in Cryptology – LATINCRYPT 2023. LATINCRYPT 2023. LNCS, vol. 14168, pp. 375–396. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-44469-2_19

  6. Barbulescu, R., Duquesne, S.: Updating key size estimations for pairings. J. Cryptol. 32, 1298–1336 (2019)

    Article  MathSciNet  Google Scholar 

  7. Barreto, P.S.L.M., Lynn, B., Scott, M.: Constructing elliptic curves with prescribed embedding degrees. In: Cimato, S., Persiano, G., Galdi, C. (eds.) SCN 2002. LNCS, vol. 2576, pp. 257–267. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36413-7_19

    Chapter  Google Scholar 

  8. Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006). https://doi.org/10.1007/11693383_22

    Chapter  Google Scholar 

  9. Ben-Sasson, E.: libstark, 2018. https://github.com/elibensasson/libSTARK

  10. Ben-Sasson, E., Bentov, I., Horesh, Y., Riabzev, M.: Scalable zero knowledge with no trusted setup. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11694, pp. 701–732. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26954-8_23

    Chapter  Google Scholar 

  11. Ben-Sasson, E., Chiesa, A., Genkin, D., Tromer, E., Virza, M.: SNARKs for C: verifying program executions succinctly and in zero knowledge. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 90–108. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40084-1_6

    Chapter  Google Scholar 

  12. Benarroch, D., Nicolas, A., Thaler, J., Tromer, E.: Community proposal: a benchmarking framework for (zero-knowledge) proof systems. QEDIT, Tel Aviv-Yafo, Israel, Technical report (2020)

    Google Scholar 

  13. Bernstein, D.J.: Pippenger’s exponentiation algorithm (2002). Preprint. http://cryp.to/papers.html

  14. bheisler. Rust criterion, 2023. https://bheisler.github.io/criterion.rs/book/index.html

  15. Bitansky, N., et al.: The hunting of the SNARK. J. Cryptol. 30(4), 989–1066 (2017)

    Article  MathSciNet  Google Scholar 

  16. Bloemen, R.: Polynomial commitment benchmark, 2023

    Google Scholar 

  17. Bootle, J., Chiesa, A., Hu, Y., Orrú, M.: Gemini: elastic SNARKs for diverse environments. In: Dunkelman, O., Dziembowski, S. (eds.) Advances in Cryptology – EUROCRYPT 2022. EUROCRYPT 2022. LNCS, vol. 13276, pp. 427–457. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-07085-3_15

  18. Botrel, G., El Housni, Y.: Faster Montgomery multiplication and multi-scalar-multiplication for SNARKs. IACR Trans. Cryptogr. Hardw. Embed. Syst. 504–521 (2023)

    Google Scholar 

  19. Botrel, G., Piellard, T., Housni, Y.E., Kubjas, I., Tabaie, A.: Consensys/gnark: v0.8.0, February 2023. https://doi.org/10.5281/zenodo.5819104

  20. Campanelli, M., Gailly, N., Gennaro, R., Jovanovic, P., Mihali, M., Thaler, J.: Testudo: linear time prover SNARKs with constant size proofs and square root size universal setup. In: Aly, A., Tibouchi, M. (eds.) Progress in Cryptology – LATINCRYPT 2023. LATINCRYPT 2023. LNCS, vol. 14168, pp. 331–351. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-44469-2_17

  21. Chaum, D.: Blind signatures for untraceable payments. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds.) CRYPTO’82, pp. 199–203. Plenum Press, New York, USA (1982)

    Google Scholar 

  22. Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–90 (1981)

    Google Scholar 

  23. Chiesa, A., Hu, Y., Maller, M., Mishra, P., Vesely, N., Ward, N.: Marlin: preprocessing zkSNARKs with universal and updatable SRS. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12105, pp. 738–768. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45721-1_26

    Chapter  Google Scholar 

  24. Lambda Class. lambdaworks, 2023. https://github.com/lambdaclass/lambdaworks

  25. Cooley, J.W., Tukey, J.W.: An algorithm for the machine calculation of complex Fourier series. Math. Comput. 19(90), 297–301 (1965)

    Google Scholar 

  26. Delendum. Zk system benchmarking, 2023. https://github.com/delendum-xyz/zk-benchmarking

  27. Diffie, W., Hellman, M.E.: New directions in cryptography. In: Democratizing Cryptography: The Work of Whitfield Diffie and Martin Hellman, pp. 365–390 (2022)

    Google Scholar 

  28. El Housni, Y.: Benchmarking pairing-friendly elliptic curves libraries, 2021. https://hackmd.io/@gnark/eccbench

  29. El Housni, Y., Botrel, G.: EdMSM: Multi-Scalar-Multiplication for SNARKs and Faster Montgomery multiplication. Cryptology ePrint Archive, 2022

    Google Scholar 

  30. Privacy & Scaling Explorations. halo2 community edition, 2023. https://github.com/privacy-scaling-explorations/halo2

  31. Facebook. winterfell, 2023. https://github.com/facebook/winterfell

  32. Filecoin. bellperson, 2023. https://github.com/filecoin-project/bellperson

  33. Fuchsbauer, G., Orrù, M., Seurin, Y.: Aggregate cash systems: a cryptographic investigation of mimblewimble. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11476, pp. 657–689. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17653-2_22

    Chapter  Google Scholar 

  34. Gabizon, A., Williamson, Z.J., Ciobotaru, O.: Plonk: Permutations over lagrange-bases for oecumenical noninteractive arguments of knowledge. Cryptology ePrint Archive, 2019

    Google Scholar 

  35. Galbraith, S.D., Paterson, K.G., Smart, N.P.: Pairings for cryptographers. Discret. Appl. Math. 156(16), 3113–3121 (2008)

    Google Scholar 

  36. Gennaro, R., Wichs, D.: Fully homomorphic message authenticators. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8270, pp. 301–320. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-42045-0_16

    Chapter  Google Scholar 

  37. Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof-systems. In: Proceedings of the Seventeenth Annual ACM Symposium on Theory of Computing, STOC ’85, pp. 291–304. Association for Computing Machinery (1985)

    Google Scholar 

  38. Groth, J.: On the size of pairing-based non-interactive arguments. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 305–326. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_11

    Chapter  Google Scholar 

  39. Hopwood, D., Bowe, S., Hornby, T., Wilcox, N.: Zcash Protocol Specification. GitHub: San Francisco, CA, USA, vol. 4, p. 220 (2016)

    Google Scholar 

  40. iden3. snarkjs, 2021. https://github.com/iden3/snarkjs

  41. iden3. Circom: Circuit compiler for zk proving systems, 2023. https://github.com/iden3/circom

  42. Kim, T., Barbulescu, R.: Extended tower number field sieve: a new complexity for the medium prime case. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 543–571. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_20

    Chapter  Google Scholar 

  43. Kosba, A.: jsnark, 2022. https://github.com/akosba/jsnark

  44. Matter Labs. bellman community edition, 2023. https://github.com/matter-labs/bellman

  45. Matter Labs. Boojum, 2023. https://github.com/matter-labs/era-boojum

  46. O1 labs. kimchi, 2023. https://github.com/o1-labs/proof-systems

  47. O1 labs. snarky, 2023. https://github.com/o1-labs/snarky

  48. O1 labs. snarkyjs, 2023. https://github.com/o1-labs/snarkyjs

  49. Longa, P.: Efficient algorithms for large prime characteristic fields and their application to bilinear pairings. IACR Trans. Cryptogr. Hardw. Embed. Syst. 445–472 (2023)

    Google Scholar 

  50. Maller, M., Bowe, S., Kohlweiss, M., Meiklejohn, S.: Sonic: zero-knowledge SNARKs from linear-size universal and updatable structured reference strings. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 2111–2128 (2019)

    Google Scholar 

  51. Menezes, A., Sarkar, P., Singh, S.: Challenges with assessing the impact of NFS advances on the security of pairing-based cryptography. In: Phan, R.C.-W., Yung, M. (eds.) Mycrypt 2016. LNCS, vol. 10311, pp. 83–108. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61273-7_5

    Chapter  Google Scholar 

  52. Menezes, A., Vanstone, S., Okamoto, T.: Reducing elliptic curve logarithms to logarithms in a finite field. In: Proceedings of the Twenty-Third Annual ACM Symposium on Theory of Computing, STOC ’91, pp. 80–89, New York, NY, USA, 1991. Association for Computing Machinery (1991). https://doi.org/10.1145/103418.103434

  53. Celer Network. The pantheon of zero knowledge proof development frameworks (2023). https://blog.celer.network/2023/07/14/the-pantheon-of-zero-knowledge-proof-development-frameworks/

  54. European Network of Excellence for Cryptology. ebats: Ecrypt benchmarking of asymmetric systems, 2006. https://www.ecrypt.eu.org/ebats/

  55. Michele Orru and George Kadianakis. zkalc, a cryptographic calculator, 2023. https://zka.lc/

  56. Ozdemir, A., Wahby, R., Whitehat, B., Boneh, D.: Scaling verifiable computation using efficient set accumulators. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 2075–2092 (2020)

    Google Scholar 

  57. Parno, B., Howell, J., Gentry, C., Raykova, M.: Pinocchio: nearly practical verifiable computation. In: 2013 IEEE Symposium on Security and Privacy, pp. 238–252. IEEE Computer Society Press, May 2013. https://doi.org/10.1109/SP.2013.47

  58. Pereira, G.C., Simplício Jr, M.A., Naehrig, M., Barreto, P.S.: A family of implementation-friendly BN elliptic curves. J. Syst. Softw. 84(8), 1319–1326 (2011)

    Google Scholar 

  59. Pippenger, N.: A formula for the determinant. CoRR, abs/2206.00134, 2022. arXiv:2206.00134, https://doi.org/10.48550/arXiv.2206.00134

  60. Plonky3. Plonky3, 2023. https://github.com/Plonky3/Plonky3

  61. Mir Protocol. Plonky2, 2023. https://github.com/mir-protocol/plonky2

  62. Sasson, E.B., et al.: Zerocash: decentralized anonymous payments from bitcoin. In: 2014 IEEE Symposium on Security and Privacy, pp. 459–474. IEEE (2014)

    Google Scholar 

  63. scipt lab. libsnark, 2020. https://github.com/scipr-lab/libsnark

  64. scipt lab. libiop, 2021. https://github.com/scipr-lab/libiop

  65. Setty, S., Thaler, J., Wahby, R.: Customizable constraint systems for succinct arguments. Cryptology ePrint Archive (2023)

    Google Scholar 

  66. Espresso Systems. jellyfish, 2023. https://github.com/EspressoSystems/jellyfish

  67. Vesely, P., et al.: Plumo: an ultralight blockchain client. In: Eyal, I., Garay, J. (eds.) Financial Cryptography and Data Security. FC 2022. LNCS, vol. 13411, pp. 597–614. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-18283-9_30

  68. Washington, L.C.: Elliptic Curves: Number Theory and Cryptography. CRC Press, Boca Raton (2008)

    Google Scholar 

  69. ZCash. halo2, 2023. https://github.com/zcash/halo2

  70. zkcrypto. bellman: zk-snark library, 2023. https://github.com/zkcrypto/bellman

Download references

Acknowledgement

This work is partially supported by the Center for Responsible, Decentralized Intelligence at Berkeley (Berkeley RDI) and the Ethereum Foundation. The authors acknowledge the financial support by the Federal Ministry of Education and Research of Germany in the programme of “Souverän. Digital. Vernetzt.”. Joint project 6G-life, project identification number: 16KISK002. We acknowledge contributions to earlier versions of our open-source repository, zk-Harness, by Celer Network, Morgan Thomas, and bingcicle.

Author information

Authors and Affiliations

  1. Technical University of Munich, Munich, Germany

    Jens Ernstberger & Sebastian Steinhorst

  2. Imperial College London, London, UK

    Stefanos Chaliasos & Benjamin Livshits

  3. Matter Labs, Berlin, Germany

    Benjamin Livshits

  4. Ethereum Foundation, Zug, Switzerland

    George Kadianakis

  5. University of Athens, Athens, Greece

    George Kadianakis

  6. University College London, London, UK

    Philipp Jovanovic & Arthur Gervais

  7. Centre National de la Recherche Scientifique, Paris, France

    Michele Orrù

Authors
  1. Jens Ernstberger
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stefanos Chaliasos
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. George Kadianakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sebastian Steinhorst
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Philipp Jovanovic
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Arthur Gervais
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Benjamin Livshits
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Michele Orrù
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jens Ernstberger .

Editor information

Editors and Affiliations

  1. Università degli Studi di Salerno, Fisciano, Italy

    Clemente Galdi

  2. Télécom Paris, Paris, France

    Duong Hieu Phan

Appendices

A Detailed Goals for zk-Bench

Completeness: zk-Bench covers quantitative metrics for components shown in Fig. 3, including low-level arithmetic operations, public-key operations, proof system performance, and circuit execution. We support 9 arithmetic libraries covering 13 elliptic curves and 5 tools for ZKP development in \(\sim 3\,300\) lines of Go, 2 600 lines of Rust, 2 000 lines of Python, and 1 800 lines of JavaScript.

Modularity: We use and enhance benchmarks from upstream libraries, contributing modifications back to the source. Popular benchmarking libraries provide accurate timing measurements. Our modular framework allows external developers to extend it easily: each arithmetic operation and circuit is tested separately, with isolated benchmarks. Minimal effort is needed to extend our circuit benchmarks. For example, integrating Bellman requires 81 lines of Rust and 40 lines of Python, while adding a new circuit needs 30 lines of Rust. Integrating a DSL like Circom requires 210 lines of scripting and 40 lines of Python, with no extra lines needed for adding circuits beyond the circuit itself.

Reproducibility: Benchmarks are automated, publicFootnote 7 and executed on standardized cloud hardware. This ensures consistent and comparable results, facilitating reliable performance evaluations.

Pragmatism: Our objective is to evaluate conditions that mirror practical deployments: we set optimization flags whenever possible, and use all available machine cores. To our knowledge, no standard formats exist for recording raw benchmark data. We develop a unified format for future use by other developers.

Table 2. (a) Overview of arithmetic libraries and elliptic curves currently present in our benchmarking framework. (b) Overview of ZKP tools and proof systems as included in our benchmarking framework, and curves/fields that we consider in the results section. *We use Circom with Snarkjs and Rapidsnark.
Full size table
Fig. 10.
figure 10

Overview of common SNARK and STARK frameworks. (F)rontend and (B)ackend of related frameworks are grouped together. Updated 08/01/2023.

Full size image
Fig. 11.
figure 11

Proof Size for the Exponentiate circuit as observed on m6i.8xlarge. The observed proof size for circom/snarkjs and circom/rapidnsark is the same.

Full size image
Fig. 12.
figure 12

Comparison of memory consumption and execution time for CPU-optimized (c6i.12xlarge) vs. RAM-optimized (r6i.8xlarge) machines for proving Exponentiate circuits. Dark colors indicate higher execution time or memory usage for the CPU-optimized machine than the RAM-optimized machine.

Full size image
Fig. 13.
figure 13

Memory consumption of Exponentiate circuit on m6i.8xlarge. Circom’s memory consumption for verification is constant, as its API requires deserialization of the relatively small verification key, public, and proof. Other ZKP tools and libraries require deserialization of files that grow with circuit size. Memory consumption for Starky is missing due to the lack of serialization APIs.

Full size image

B Related Work

eBATS [54] is the largest effort in benchmarking public-key cryptographic operations, focusing on Diffie-Hellman (scalar multiplication), KEM, and sign operations (multiplication and addition) rather than modern cryptography and runtime estimation. Baghery et al. [5] examine the setup phase of certain zk-SNARKs, and Botrel et al. [18] offer comparative insights into public-key operations in ZKP libraries such as gnark and arkworks. Unlike these works, we provide a comprehensive framework for both arithmetic operations and zk-SNARKs. The drive to standardize ZKPs led to a proposal for a benchmarking framework [12], laying foundational concepts that we expand upon in zk-Bench.

Practitioners are increasingly interested in benchmarking public-key cryptography libraries and tools for ZKP development. Housni evaluates the performance of MSMs and pairings in various elliptic curve implementations [28]. Separately, Bloemen benchmarked implementations of polynomial commitments [16]. We extend these efforts by offering an automated framework to systematically benchmark and compare library implementations across various operations.

Celer Network published a blog post [53] focusing on benchmarking the time and memory costs of proving SHA-256 circuits in various ZKP tools. In contrast, our work provides an extensible framework that supports arbitrary circuits, libraries, and tools, thoroughly benchmarking all phases involved in ZKPs. While we also used SHA-256 circuits where a trusted team provided an implementation, the results can depend heavily on circuit optimization. Therefore, we also benchmarked a straightforward exponentiation circuit across the evaluated tools. Additionally, Anoma has developed a framework [3] for benchmarking different ZKP compilation strategies, focusing on execution time. Lastly, Delendum has developed a framework for benchmarking zkVMs [26].

C Limitations

Hardware Considerations. Our evaluation focused on commodity machines, excluding GPUs, FPGAs, and mobile devices. To fully grasp real-world applicability, future work should include benchmarks on these platforms.

Naïve Public-Key Operations. Points in an elliptic curve can be represented in multiple ways (depending on the curve, affine points – in Weirstrass, Montgomery, or Edwards form – or projective – in standard, Jacobi, or Chudnovsky coordinates). Additionally, different algorithms might have different constraints: no heap allocations (that’s the case for curve25519), constant time, etc. Comparing different algorithms on the same ground is outside the scope of our current arithmetic benchmark. A broader study incorporating these optimizations can elucidate the trade-offs involved. We view an exploration of the impact of optimizations across ZKP tools as promising future work.

Scope of Evaluated Circuits. Our ZKP backend currently evaluates a limited set of test vectors, with performance varying significantly based on circuit implementation (cf. Sect. 5). Given the diversity and complexity of potential ZKP circuits, our chosen circuits may not fully represent all performance scenarios. However, zk-Bench ’s extensibility allows for the easy integration of additional benchmarks for more comprehensive future evaluations.

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ernstberger, J. et al. (2024). zk-Bench: A Toolset for Comparative Evaluation and Performance Benchmarking of SNARKs. In: Galdi, C., Phan, D.H. (eds) Security and Cryptography for Networks. SCN 2024. Lecture Notes in Computer Science, vol 14973. Springer, Cham. https://doi.org/10.1007/978-3-031-71070-4_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-71070-4_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-71069-8

  • Online ISBN: 978-3-031-71070-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation