Range Proofs with Constant Size and Trustless Setup

Range proofs are widely adopted in practice in many privacy-preserving cryptographic protocols in the public blockchain. The performances known in the literature for range proofs are logarithmic-sized proofs and linear verification time. In contexts where the proof verification is left to the ledger maintainers and proofs are stored in blocks, one might expect higher transaction fees and blockchain space when the size of the relation over the proof grows. With this paper, we improve Bulletproofs, a zero-knowledge argument of knowledge for range proofs, by modifying its Inner Product Argument (IPA) subroutine. In particular, we adopt a new relation from the polynomial commitment scheme of Halo, based on standard groups and assumptions (DLOG and RO) with a trustless setup. We design a two-step reduction algorithm and we obtain a constant number of two rounds in the IPA and a constant-sized proof composed of 5 G1 points and 2 Zp scalars.