ZKP-FedEval: Verifiable and Privacy-Preserving Federated Evaluation using Zero-Knowledge Proofs

TL;DR

This paper introduces ZKP-FedEval, a protocol that uses zero-knowledge proofs to enable privacy-preserving and verifiable evaluation in federated learning, preventing leakage of sensitive performance metrics.

Contribution

It presents a novel ZKP-based protocol for federated evaluation that ensures privacy and verifiability without external dependencies.

Findings

Achieves verifiable evaluation with low computational overhead.

Reduces communication costs compared to traditional methods.

Successfully applied to MNIST and HAR datasets with simple models.

Abstract

Federated Learning (FL) enables collaborative model training on decentralized data without exposing raw data. However, the evaluation phase in FL may leak sensitive information through shared performance metrics. In this paper, we propose a novel protocol that incorporates Zero-Knowledge Proofs (ZKPs) to enable privacy-preserving and verifiable evaluation for FL. Instead of revealing raw loss values, clients generate a succinct proof asserting that their local loss is below a predefined threshold. Our approach is implemented without reliance on external APIs, using self-contained modules for federated learning simulation, ZKP circuit design, and experimental evaluation on both the MNIST and Human Activity Recognition (HAR) datasets. We focus on a threshold-based proof for a simple Convolutional Neural Network (CNN) model (for MNIST) and a multi-layer perceptron (MLP) model (for HAR), and evaluate the approach in terms of computational overhead, communication cost, and verifiability.