Abstract

Cerberus lets mutually distrustful parties jointly compute over private data without ever exposing it: inputs stay secret and outputs reach only their intended recipient, or remain encrypted, so the computing parties learn nothing, neither inputs nor results. It provides the strongest guarantees in Multi-Party Computation (MPC), staying secure in the dishonest-majority setting where all but one of the n parties may be corrupted and deviate arbitrarily. For an honest party this amounts to zero trust: its inputs remain private and it is never coerced into accepting an incorrect result, no matter how many others collude. Cerberus further achieves identifiable abort, pinpointing and excluding any misbehaving party. This is the unlock for the decentralized, permissionless setting: by recasting malicious behavior from an anonymous denial-of-service into an accountable act, sensitive computation can be safely outsourced to a permissionless set of mutually distrustful third parties. This document specifies the protocol end to end. Building on the design of [BMRS24], Cerberus composes the full cryptographic stack: low-level primitives (Oblivious Transfer, Oblivious Linear Evaluation and its vector form VOLE, authenticated secret sharing, and signatures), an input-independent preprocessing phase, and an online phase that securely evaluates arbitrary arithmetic circuits with minimal communication per gate, detailing every component alongside its optimizations. These guarantees hold over any decentralized substrate offering public, append-only communication and a basis for accountability, a role a blockchain fills naturally. Cerberus is the most secure protocol powering Arcium, where computing parties are distinct from data owners: the network computes over private inputs from users and applications outside the MPC set who trust no individual node, with a blockchain anchoring state, input & output delivery, and the economic incentives behind accountability, so anyone can outsource computation to the network.

‍