SZKP: A Scalable Accelerator Architecture for Zero-Knowledge Proofs

TL;DR

SZKP is a novel ASIC architecture that accelerates the entire zero-knowledge proof generation process, achieving significant speedups over CPU, GPU, and other ASIC implementations by optimizing key primitives like NTT and MSM.

Contribution

This work introduces SZKP, the first ASIC to accelerate complete ZKP proof generation using structured dataflows for NTT and MSM primitives.

Findings

Over 400x speedup over CPU implementations

3x speedup over other ASICs

12x speedup over GPU implementations

Abstract

Zero-Knowledge Proofs (ZKPs) are an emergent paradigm in verifiable computing. In the context of applications like cloud computing, ZKPs can be used by a client (called the verifier) to verify the service provider (called the prover) is in fact performing the correct computation based on a public input. A recently prominent variant of ZKPs is zkSNARKs, generating succinct proofs that can be rapidly verified by the end user. However, proof generation itself is very time consuming per transaction. Two key primitives in proof generation are the Number Theoretic Transform (NTT) and Multi-scalar Multiplication (MSM). These primitives are prime candidates for hardware acceleration, and prior works have looked at GPU implementations and custom RTL. However, both algorithms involve complex dataflow patterns -- standard NTTs have irregular memory accesses for butterfly computations from stage to stage, and MSMs using Pippenger's algorithm have data-dependent memory accesses for partial sum calculations. We present SZKP, a scalable accelerator framework that is the first ASIC to accelerate an entire proof on-chip by leveraging structured dataflows for both NTTs and MSMs. SZKP achieves conservative full-proof speedups of over 400$\times$, 3$\times$, and 12$\times$ over CPU, ASIC, and GPU implementations.