CN-121530593-B - Zero-knowledge privacy verification method and system based on parameterized circuit

Abstract

The invention discloses a zero-knowledge privacy verification method and a zero-knowledge privacy verification system based on a parameterization circuit, wherein after hierarchical business rule definition and original request data are received, the hierarchical business rule definition and the original request data are flattened into rule parameter vectors and private data vectors through depth-first traversal and path coding; the method comprises the steps of selecting a target verification circuit from a multi-specification universal circuit resource pool in a self-adaptive mode according to the field number of rule parameter vectors, loading the rule parameter vectors serving as public input and private data vectors serving as private input into the target verification circuit, executing dynamic verification and generating zero knowledge proof, and submitting the zero knowledge proof and the rule parameter vectors to an on-chain verification contract for verification. The invention realizes the decoupling of the business rule and the verification circuit through the parameterized circuit and the self-adaptive selection mechanism, effectively solves the problems of poor expandability, high operation and maintenance cost and incapability of flexibly adapting to the dynamic change of business existing in the traditional static special circuit scheme, and remarkably improves the flexibility and the resource utilization efficiency of the system.

Inventors

• YIN ZHEN
• XU SAIHUA

Assignees

• 上海金润联汇数字科技有限公司

Dates

Publication Date

20260508

Application Date

20260115

Claims (8)

1. 1. The zero-knowledge privacy verification method based on the parameterized circuit is characterized by comprising the following steps of: Receiving hierarchical business rule definition to be verified and original request data to be verified; Performing depth-first traversal and path coding operation on the hierarchical service rule definition, flattening the hierarchical service rule definition into a rule parameter vector formed by sequentially arranging a plurality of field rule units, wherein each field rule unit defines constraint conditions of a corresponding field; Simultaneously, performing depth-first traversal and path coding operation on the original request data to generate private data vectors aligned with field rule units in the rule parameter vectors one by one; Adaptively selecting a target verification circuit from a pre-constructed multi-specification universal circuit resource pool according to the number of field rule units contained in the rule parameter vector, wherein the multi-specification universal circuit resource pool contains parameterized verification circuit instances with different input capacities; Taking the rule parameter vector as public input and the private data vector as private input, loading the rule parameter vector into the target verification circuit, executing a dynamic verification logic on a corresponding data value in the private data vector by the target verification circuit on the basis of constraint conditions defined by the field rule unit, and generating zero knowledge proof; Submitting the zero knowledge proof and the rule parameter vector to an on-chain verification contract for verification, wherein the on-chain verification contract selects a corresponding verification key to execute a verification algorithm according to the length of the rule parameter vector, and outputs a verification result; Performing depth-first traversal and path-coding operations on the hierarchical business rule definition to flatten it into a rule parameter vector comprised of a plurality of field rule units arranged sequentially, comprising: performing depth-first traversal on the hierarchical business rule definition to generate an access sequence containing all leaf nodes; Generating a unique path identifier for each leaf node in the access sequence according to its access path in the hierarchical business rule definition; constructing a corresponding field rule unit according to constraint information declared by each leaf node in the hierarchical business rule definition, wherein the field rule unit at least comprises the path identifier and parameterized constraint description for representing the constraint type of the leaf node; Arranging all constructed field rule units according to the sequence of the access sequence to form the rule parameter vector; Performing depth-first traversal and path-coding operations on the original request data to generate private data vectors aligned one-to-one with field rule units in the rule parameter vector, including: Performing depth-first traversal order on the original request data to generate a data access sequence containing all data leaf nodes; Generating a corresponding data path identifier for each data leaf node in the data access sequence according to the access path of the data leaf node in the original request data; Converting the data value of each data leaf node into a format which can be processed by a zero knowledge proof circuit, and combining the data value with the corresponding data path identifier to form a private data unit; And arranging all the formed private data units according to the sequence of the data access sequence to generate the private data vector, wherein the data path identifier of each private data unit in the private data vector is matched with the path identifiers of field rule units in the same sequence position in the rule parameter vector, so that the one-to-one alignment is realized.
2. 2. The parameterized circuit-based zero-knowledge privacy preserving method of claim 1, wherein adaptively selecting target preserving circuits from a pre-built multi-specification universal circuit resource pool containing parameterized preserving circuit instances of a plurality of different input capacities according to a number of field rule units contained in the rule parameter vector, comprising: Acquiring the effective length of the rule parameter vector, wherein the effective length is equal to the number of the field rule units contained in the rule parameter vector; Comparing the effective length with a plurality of standard capacity specifications predefined in the multi-specification universal circuit resource pool; if the standard capacity specification which is completely matched with the effective length exists, selecting a parameter verification circuit example corresponding to the standard capacity specification as the target verification circuit; And if the standard capacity specification which is completely matched does not exist, selecting a parameter verification circuit example corresponding to the minimum standard capacity specification with the capacity larger than the effective length from the multi-specification universal circuit resource pool as the target verification circuit.
3. 3. The zero-knowledge privacy verification method based on a parameterized circuit according to claim 2, wherein if there is no standard capacity specification that is completely matched, selecting, as the target verification circuit, a parameter verification circuit instance corresponding to a minimum standard capacity specification having a capacity greater than the effective length from the multi-specification universal circuit resource pool, comprising: calculating resource waste rate between the effective length and each standard capacity specification larger than the effective length in the multi-specification universal circuit resource pool; According to the calculated resource wave rate, executing self-adaptive selection decision by combining the request frequency characteristic defined by the hierarchical business rule, wherein the self-adaptive selection decision comprises the following steps: If the resource waste rate is lower than a preset waste threshold value or the request frequency characteristic indicates a low-frequency request, directly selecting a parameter verification circuit instance corresponding to the minimum standard capacity specification as the target verification circuit; And if the resource waste rate is higher than the preset waste threshold value and the request frequency characteristic indicates a high-frequency request, triggering an asynchronous dynamic compiling process, generating an accurately matched parameter verification circuit instance for the effective length, storing the parameter verification circuit instance into a hot spot cache area of the multi-specification universal circuit resource pool for subsequent use, and simultaneously, still using the parameter verification circuit instance corresponding to the minimum standard capacity specification as the target verification circuit.
4. 4. The parameterized circuit-based zero-knowledge privacy verification method of claim 1, wherein loading the rule parameter vector as a public input and the private data vector as a private input into the target verification circuit, wherein the target verification circuit internally executes a dynamic verification logic on corresponding data values in the private data vector based on constraint conditions defined by the field rule unit, and generates a zero-knowledge proof, comprises: Pairing each field rule unit in the rule parameter vector with a private data unit in the same sequence position in the private data vector; for each pair of paired field rule units and private data units, performing, inside the target verification circuitry, a consistency check according to a path identifier in the field rule unit and a data path identifier in the private data unit; after the consistency check is passed, corresponding constraint condition check is carried out on the data value in the private data unit according to the parameterized constraint description in the field rule unit; when all paired field rule units and private data units pass the consistency check and the constraint condition check, the target verification circuit generates the zero knowledge proof based on a non-interactive zero knowledge proof protocol.
5. 5. The parameterized circuit-based zero-knowledge privacy verification method of claim 4, wherein performing a corresponding constraint check on the data values in the private data units according to parameterized constraint descriptions in the field rule units comprises: Analyzing parameterized constraint descriptions in the field rule unit to determine one or more constraint check types to be executed by the current field; According to the constraint checking type, dynamically calling a corresponding constraint checking logic module from a plurality of constraint checking logic modules preset in the target verification circuit to check the data value in the private data unit, wherein the method comprises the following steps: if the constraint checking type comprises numerical range checking, a range checking module is called to verify whether the data value is in a closed interval formed by the minimum value and the maximum value stated by the parameterized constraint description; If the constraint checking type comprises enumeration value checking, calling an enumeration checking module to verify whether the cryptographic hash value of the data value exists in a legal enumeration value hash set stated by the parameterized constraint description; If the constraint checking type comprises a filling-necessary checking, calling a presence checking module to verify whether the data value is a non-zero or non-empty valid value; when the data value passes the verification of all the called constraint checking logic modules, the private data unit is judged to pass the constraint condition check.
6. 6. The parameterized circuit-based zero-knowledge privacy verification method of claim 1, wherein submitting the zero-knowledge proof and the rule parameter vector to an on-chain verification contract for verification, the on-chain verification contract selecting a corresponding verification key to execute a verification algorithm according to a length of the rule parameter vector, and outputting a verification result, comprising: the on-chain validation contract receiving the zero knowledge proof and the rule parameter vector; The on-chain verification contract retrieves and loads a corresponding target verification key from a plurality of verification keys according to the length of the rule parameter vector; the on-chain verification contract executes a zero knowledge proof verification algorithm on the zero knowledge proof by utilizing the target verification key and the rule parameter vector; And generating and outputting a verification result according to the execution result of the zero-knowledge proof verification algorithm, wherein the verification result is used for indicating whether the original request data accords with all constraint conditions defined by the hierarchical business rule.
7. 7. The parameterized circuit-based zero-knowledge privacy validation method of claim 6, wherein the in-chain validation contract retrieves and loads a corresponding target validation key from a plurality of validation keys according to the length of the rule parameter vector, comprising: The on-chain verification contract analyzes the rule parameter vector and determines the number of field rule units contained in the rule parameter vector; inquiring a verification key mapping table maintained in the verification contract on the chain according to the number of the field rule units, wherein the verification key mapping table stores the association relation between the number of different field rule units and the corresponding verification key; If the query is successful, extracting and loading a verification key which is accurately matched with the number of the field rule units from the verification key mapping table as the target verification key; if the query fails, the on-chain verification contract returns a verification failure result and indicates that verification of the rule parameter vector of the field rule unit number is not supported currently.
8. 8. A zero-knowledge privacy verification system based on a parameterized circuit, adapted to the zero-knowledge privacy verification method of any one of claims 1 to 7, the system comprising: The data preprocessing module is used for receiving hierarchical service rule definition to be verified and original request data to be verified, performing depth-first traversal and path coding operation on the hierarchical service rule definition to generate rule parameter vectors, and simultaneously performing the same depth-first traversal and path coding operation on the original request data to generate private data vectors aligned with field rule units in the rule parameter vectors one by one; The circuit resource management module is used for maintaining a pre-constructed multi-specification universal circuit resource pool, wherein the multi-specification universal circuit resource pool comprises a plurality of parameterized verification circuit examples with different input capacities, and a target verification circuit is adaptively selected from the multi-specification universal circuit resource pool according to the number of field rule units contained in the rule parameter vector; The proving generation module is used for loading the rule parameter vector as public input and the private data vector as private input into the target verification circuit, driving the target verification circuit to execute dynamic verification logic based on constraint conditions defined by the field rule unit and generating zero knowledge proving; and the on-chain verification module is deployed in the blockchain network and is used for receiving the zero knowledge proof and the rule parameter vector, selecting a corresponding verification key according to the length of the rule parameter vector, executing a zero knowledge proof verification algorithm and outputting a verification result.

Description

Zero-knowledge privacy verification method and system based on parameterized circuit Technical Field The invention relates to the technical field of data privacy protection, in particular to a zero-knowledge privacy verification method and system based on a parameterized circuit. Background The zero knowledge proof is used as a cryptographic protocol capable of proving that a certain assertion is true to a verifier on the premise that the prover does not reveal any privacy information, and is widely applied to the fields of blockchain, privacy calculation, data compliance verification and the like. The core is to construct an arithmetic circuit to convert the business logic to be verified into a set of polynomial constraints. In the application scenario of trusted data exchange and on-chain verification, the industry commonly adopts a zero-knowledge proof scheme based on a static special circuit, for example, a Gnark or Circom framework is used. In this scheme, as shown in fig. 1, a set of dedicated arithmetic circuit codes is manually written by a developer for each specific business data model, and the number of input/output ports, signal names and internal constraint logic of the circuits are completely solidified at compile time and correspond to one-to-one with-chain validation contracts. When new business models occur or rules of existing models change, the full flow of circuit development, compilation, trusted setup, and contract deployment must be repeated entirely. However, this static dedicated mode of "a circuit" has significant drawbacks in practical applications. First, the scalability of the system is very poor, and the operation and maintenance costs increase linearly or even exponentially with the number of business models, because each different data model requires independent maintenance of a set of circuits and contracts. Second, the scheme cannot adapt to the dynamic nature of the service, any minor service rule change, such as adjusting the numerical range of a certain field or adding an optional field, is equivalent to the change of circuit logic, and the whole circuit must be modified, compiled and deployed again, so that the system is stiff and the response is slow. Finally, the resource utilization rate is low, because the circuit resource allocation is fixed, a simple model which only needs to verify a small number of fields also needs to occupy the resources of a complete circuit, so that the waste of storage and calculation resources is caused, and a complex model which has a large number of fields can be limited by the preset capacity of a single circuit and can not be processed or needs to be split, so that the complexity of the proving and the verification cost are increased. The root of the problems is that the prior art strongly couples the business logic and the circuit structure, so that the circuit lacks generality and elasticity, and is difficult to meet the large-scale and dynamic business verification requirements. Disclosure of Invention Therefore, the invention aims to provide a zero-knowledge privacy verification method and system based on a parameterized circuit, which realize a set of verification tasks of circuit adaptation to various dynamic changes by parameterizing and decoupling business rules from a general verification circuit and solve the problems that the traditional static special circuit scheme is poor in expandability, high in operation and maintenance cost and incapable of flexibly responding to business changes. To achieve the above object, in a first aspect, the present application provides a zero-knowledge privacy verification method based on a parameterized circuit, including: Receiving hierarchical business rule definition to be verified and original request data to be verified; Performing depth-first traversal and path coding operation on the hierarchical service rule definition, flattening the hierarchical service rule definition into a rule parameter vector formed by sequentially arranging a plurality of field rule units, wherein each field rule unit defines constraint conditions of a corresponding field; meanwhile, performing depth-first traversal and path coding operation on the original request data to generate private data vectors aligned with field rule units in the rule parameter vectors one by one; according to the number of field rule units contained in the rule parameter vector, adaptively selecting a target verification circuit from a pre-constructed multi-specification universal circuit resource pool, wherein the multi-specification universal circuit resource pool contains multiple parameterized verification circuit instances with different input capacities; Taking the rule parameter vector as public input and the private data vector as private input, loading the rule parameter vector into a target verification circuit, executing constraint conditions defined based on a field rule unit in the target verification circuit, executing