Highlights

The State of Security Tools for ZKPs

Circle STARKs: Part I, Mersenne

Understanding Jolt: Clarifications and reflections by Justin Thaler

Justin Thaler explored four areas in Lasso and Jolt: (1) the relationship between the sum-check protocol and the Binius commitment scheme, (2) the role of sum-check and lookups in Jolt, (3) elliptic curves versus hashing, and (4) precompiles as they relate to zkVMs.

BrainSTARK

This tutorial teaches the reader how to design a Turing-complete zk-STARK engine, consisting of a virtual machine, prover, and verifier. Brainfuck was chosen as the target language due to its well-known and simple instruction set, but the design patterns introduced in this tutorial generalize to arbitrary instruction set architectures

Bivariate Kate-Zaverucha-Goldberg (KZG) Constant-Sized Polynomial Commitments

This article presents a variant of the KZG commitment, the bivariate KZG commitment, which allows us to commit to polynomials with two variables. PolyhedraZK在这篇笔记中描述了二元KZG承诺,可以支持双变量的多项式承诺和验证。笔记简洁易懂。

Updates

zkStudyClub - Reef: Fast Succinct Non-Interactive ZK Regex Proofs (Eli Margolin, Jess Woods: UPenn)

  • https://www.youtube.com/watch?v=68-BuxRR-EA
  • https://eprint.iacr.org/2023/1886

zkSecurity x Bain Capital Crypto Whiteboards: Unveiling the Power of Multi-Party Computation

  • https://www.zksecurity.xyz/blog/posts/mpc/

noname meets Ethereum: Integration with SnarkJS

  • https://www.zksecurity.xyz/blog/posts/noname-r1cs/

Scaling Bitcoin for mass use: A realistic vision by Eli Ben-Sasson

Starknet can become a single layer that settles on both Bitcoin and Ethereum.

  • https://starkware.co/scaling-bitcoin-for-mass-use/

HyperNova was accepted to appear at CRYPTO’24

Made several improvements. A significant addition is achieving ZK while only using a non-zk SNARK. This means an on-chain verifier can continue to verify sum-check messages in plaintext while being truly ZK! Eprint updating soon! 知名折叠方案,Kothapalli和Setty的著名工作,本次确定被密码学顶会CRYPTO’24接收发表。实现了对CCS约束的增量计算的递归证明。可以被推广到Plonkish, R1CS, 和AIR约束。HyperNova的优势在于复杂度上的大量优化,证明的每一步的主要复杂度来源于单个MSM,其大小等于约束系统中的变量数。另外本文还提出了nlookup,一个查找证明,特别适用于基于折叠方案的递归证明。

  • https://eprint.iacr.org/2023/573.pdf

Noir v0.30.0 update

Breaking changes:

  1. remove Opcode::Brillig from ACIR
  2. AES blackbox
  • https://github.com/noir-lang/noir/releases/tag/v0.30.0

Papers

Analyzing and Benchmarking ZK-Rollups

This paper offers a theoretical and empirical examination aimed at comprehending and evaluating ZK-Rollups, with particular attention to ZK-EVMs. Stefanos Chaliasos在zk-Bench之后关于零知识证明实施的又一个Benchmark研究,该研究主要关注ZK-Rollups的设计和实施,论文前半部分主要关注设计上的分析,后半部分对Polygon zkEVM和zkSync Era进行了一些实验和测试。

  • https://eprint.iacr.org/2024/889

zkCross: A Novel Architecture for Cross-Chain Privacy-Preserving Auditing

Proposes zkCross, a novel two-layer cross-chain architecture equipped with three cross-chain protocols to achieve privacy-preserving cross-chain auditing.

  • https://eprint.iacr.org/2024/888

Security of Fixed-Weight Repetitions of Special-Sound Multi-Round Proofs

  • https://eprint.iacr.org/2024/884

Epistle: Elastic Succinct Arguments for Plonk Constraint System

Presents Epistle, an elastic SNARK for Plonk constraint system. For an instance with size , in the time-efficient configuration, the prover uses cryptographic operations and memory; in the space-efficient configuration, the prover uses cryptographic operations and memory. Compared to Gemini, this approach reduces the asymptotic time complexity of the space-efficient prover by a factor of . The key technique we use is to make the toolbox for multivariate PIOP provided by HyperPlonk elastic.

  • https://eprint.iacr.org/2024/872

Cryptanalysis of Algebraic Verifiable Delay Functions

Analyze the security of these algebraic VDF candidates. In particular, shows that the latency of exponentiation can be reduced using parallel computation, against the preliminary assumptions.

  • https://eprint.iacr.org/2024/873

On cycles of pairing-friendly abelian varieties

Generalizes the notion of cycles of pairing-friendly elliptic curves to study cycles of pairing-friendly abelian varieties, with a view towards realizing more efficient pairing-based SNARKs.

  • https://eprint.iacr.org/2024/869

Loquat: A SNARK-Friendly Post-Quantum Signature based on the Legendre PRF with Applications in Ring and Aggregate Signatures

Designs and implements a novel NARK-friendly post-quantum signature scheme based on the Legendre PRF, named Loquat.

  • https://eprint.iacr.org/2024/868

Collaborative, Segregated NIZK (CoSNIZK) and More Efficient Lattice-Based Direct Anonymous Attestation

Defines collaborative, segregated, non-interactive zero knowledge (CoSNIZK). This notion generalizes the property of collaborative zero-knowledge so that the zero-knowledge property need only apply to a subset of provers during collaborative proof generation. The main contribution is the construction of a DAA based on the hardness of problems over module lattices as well as the ISISf assumption.

  • https://eprint.iacr.org/2024/864

Novel approximations of elementary functions in zero-knowledge proofs

In ZKP, all algebraic functions are exactly computable. Recognizing that, proceeds to the approximation of transcendental functions with algebraic functions.

  • https://eprint.iacr.org/2024/859

Generalized Indifferentiable Sponge and its Application to Polygon Miden VM

  • https://eprint.iacr.org/2024/911

Interests

Dark pool

Dark Pool 可以理解为一类平台的统称,这些平台使用增强隐私的技术,允许用户在不透露其身份或交易细节的情况下进行资产交易。下面的第一篇文章介绍了如何使用(门限)完全同态加密(Threshold Fully Homomorphic Encryption, TFHE)来构造一个暗黑的 Dark Pool,即使 Dark Pool 的运营者也无法查看订单详情。第二篇文章是对 Dark Pool 的一些介绍和延展。

  • https://blog.sunscreen.tech/building-a-truly-dark-dark-pool-2/
  • https://distributedresearch.substack.com/p/diving-into-dark-pools

ZKM’s Proving Service

ZKM 宣布发布其独家的证明服务,为开发人员提供高性能服务器的访问,这些服务器能够有效地处理生成零知识证明的密集计算要求。该服务专门针对 zkMIPS 进行了优化,zkMIPS 用于促进将 ZKP 功能集成到各种应用程序中。

  • https://www.zkm.io/blog/zkms-proving-service-breaking-down-the-barriers-for-proof-generation