Verifiable Weighted Secret Sharing

TL;DR

This paper introduces the first efficient verifiable weighted secret sharing scheme that tolerates malicious dealers, leveraging Bulletproofs for verification, and demonstrates significant communication efficiency improvements over existing methods.

Contribution

It presents a novel verifiable weighted secret sharing scheme that withstands malicious dealers and integrates Bulletproofs for efficient verification, addressing limitations of prior schemes.

Findings

Up to 100x reduction in communication complexity on Ethereum

20x improvement over unweighted VSS schemes

Compatible with latest CRT-based WSS

Abstract

Traditionally, threshold secret sharing (TSS) schemes assume all parties have equal weight, yet emerging systems like blockchains reveal disparities in party trustworthiness, such as stake or reputation. Weighted Secret Sharing (WSS) addresses this by assigning varying weights to parties, ensuring security even if adversaries control parties with total weight at most a threshold $t$. Current WSS schemes assume honest dealers, resulting in security from only honest-but-curious behaviour but not protection from malicious adversaries for downstream applications. \emph{Verifiable} secret sharing (VSS) is a well-known technique to address this, but existing VSS schemes are either tailored to TSS, or require additional trust assumptions. We propose the first efficient verifiable WSS scheme that tolerates malicious dealers and is compatible with the latest CRT-based WSS~\cite{crypto_w_weights}. Our solution uses Bulletproofs for efficient verification and introduces new privacy-preserving techniques for proving relations between committed values, which may be of independent interest. Evaluation on Ethereum show up to a $100\times$ improvement in communication complexity compared to the current design and $20\times$ improvement compared to unweighted VSS schemes.