International Association
for Cryptologic Research

We present a practical method to achieve timelock encryption, where a ciphertext is guaranteed to be decrypted only after a specified amount of time has passed or a date has been reached. We use an existing threshold network implementing the BLS signature scheme and use it in the context of Boneh and Franklin's identity-based encryption (IBE) scheme. The threshold network acts as a decentralised Private Key Generator in the IBE scheme where identities are the round numbers and secret keys are the randomness associated with this round output by the beacon. Therefore anyone can encrypt a message towards a specific round, which can be only be decrypted when the threshold network releases the associated randomness. A noticeable advantage of this scheme is that only users (senders and recipients) are required to perform additional cryptographic operations; the threshold network does not need to be aware of any encryption happening and does not require any change to support this scheme. We also release an open-source implementation of our scheme and a live web page that can be used in production now relying on the existing League of Entropy (LoE) network acting as a distributed public randomness beacon service using threshold BLS signatures. The LoE is a threshold BLS network producing random beacons at a frequency of 30 seconds and has been running in production without missing a single beacon for the past two years, ensuring very high availability to any user of our timelock solution.

Zero-knowledge SNARKs (zk-SNARKs) are non-interactive proof systems with short and efficiently verifiable proofs that do not reveal anything more than the correctness of the statement. zk-SNARKs are widely used in decentralised systems to address privacy and scalability concerns. A major drawback of such proof systems in practice is the requirement to run a trusted setup for the public parameters. Moreover, these parameters set an upper bound to the size of the computations or statement to be proven, which results in new scalability problems. We design and implement SnarkPack, a new argument that further reduces the size of SNARK proofs by means of aggregation. Our goal is to provide an off-the-shelf solution that is practical in the following sense: (1) it is compatible with existing deployed SNARK systems, (2) it does not require any extra trusted setup. SnarkPack is designed to work with Groth16 scheme and has logarithmic size proofs and a verifier that runs in logarithmic time in the number of proofs to be aggregated. Most importantly, SnarkPack reuses the public parameters from Groth16 system. SnarkPack can aggregate 8192 proofs in 8.7s and verify them in 163ms, yielding a verification mechanism that is exponentially faster than batching and previous solutions in the field. SnarkPack can be deployed in blockchain applications that rely on many SNARK proofs such as Proof-of-Space or roll-up solutions.