Database Setup Phase: During an initial setup phase, the Prover computes the Pedersen commitments of all the values stored in the database that can be involved in some admissible query. Such commitments are then stored in the database and the original data. This phase is done offline before any query is answered. Then, a Verkle-like tree is built from the commitments, and then the signed tree root is published, together with the database schema.
Query Verification Phase: After an admissible query has been processed by the repository's query processor and the Data Fetcher returns a result, the proof is computed along the following steps:
1. First step: the membership proof is constructed. It consists of proving that all extracted values belong to the database columns involved in the query without revealing anything else. This is achieved using a Verkle-like tree of commitments.
2. Second step: the completeness proof, which proves that all values satisfying the selection conditions are included, is constructed. Provably computes the ordinal position of each value belonging to the column involved in the query and uses the Bulletproofs protocol to prove that all the elements in the answer lie in the range of values in the column.
3. Third and final step: the correctness proof is constructed. Such proof checks that ONLY the values that contribute to the query’s answer satisfy the selection conditions. Its implementation is strictly related to the kind of aggregation and it follows the work of Haber in his 2018 seminal paper “Privacy-Preserving Verification of Aggregate Queries on Outsourced Databases”.