(2026-05) Unique SNARGs with Adaptive Security; Constructions and Black-Box Separations
2026-05-05
Succinct non-interactive arguments (SNARGs) for NP allow an efficient prover to convince a verifier that an NP statement is true with a proof that is much shorter than the original NP witness. Gentry and Wichs (STOC ’11) showed that adaptive soundness of such SNARGs cannot be proven via a black-box reduction from any falsifiable assumption. However, recent works by Waters, Wu and Zhandry (STOC ’24, CRYPTO ’24, CRYPTO ’25) circumvent this negative result by relying on subexponential hardness assumptions and having a long common reference string (CRS) that is longer than the statement size.
In this work, we study unique SNARGs where each statement has at most one accepting proof. The above constructions of adaptively sound SNARGs are not unique and crucially rely on the existence of multiple valid proofs in their security analysis. We explore to what extent this is inherent as follows:
- On the negative side, we give a strengthened Gentry-Wichs style black-box separation for the case of perfectly complete and unique SNARGs for NP with adaptive security. Our black-box separation extends even to reductions that rely on subexponentially hard falsifiable assumptions and to SNARGs that have an arbitrarily long CRS.
- On the positive side, we construct perfectly unique and adaptively secure SNARGs for NP with a long CRS based on subexponentially hard one-way functions and indistinguishability obfuscation. We do so by relaxing perfect completeness and allowing for a negligible completeness error. This is the first unique SNARG with a proof of adaptive security from falsifiable assumptions, even restricted to P