ZK Hints
Daily Digest 每日摘要 View All 查看全部
@BrianSeong99 published Pessimistic Proof benchmark test, comparing SP1, Risc0, and Pico from @SuccinctLabs, @RiscZero, and @brevis_zk in zkVMs, focusing on execution time and proof efficiency. @BrianSeong99 发布了Pessimistic Proof基准测试,比较了@SuccinctLabs的SP1、@RiscZero的Risc0和@brevis_zk的Pico在zkVMs上的性能,重点关注了执行时间和证明效率。
@ezklxyz team discussed the importance of verifiable machine learning in blog, including how to extend the security and privacy of Face ID and other technologies using zero-knowledge proof technology, making it support any programmable machine learning model. @ezklxyz 团队在博客中讨论了可验证机器学习的重要性,包括如何通过零知识证明技术扩展Face ID等技术的安全性和隐私保护,使其支持任意可编程的机器学习模型。
Garms et al. revealed an attack on the Gemini multilinear polynomial commitment scheme optimization in paper, allowing malicious provers to falsely claim the value of a polynomial at any input point. Garms等人在论文中揭示了对Gemini多线性多项式承诺方案优化的攻击,允许恶意证明者虚假声明多项式在任何输入点的值。
Frigo et al. proposed libZK in IETF draft, a zero-knowledge proof library that combines MPC-in-the-head method and sumcheck-based verifiable computation protocol, designed to generate concise non-interactive zero-knowledge proofs. Frigo等人在IETF标准中提出,一个结合MPC-in-the-head方法和基于sumcheck的可验证计算协议的ZK证明库,旨在生成简洁的非交互式零知识证明。
@dlubarov shared an advisory about a bug in Plonky3's FRI verifier, and in this thread are some discussions about how to find vulnerabilities in proof systems. @dlubarov 发布了关于Plonky3的FRI验证器中一个bug的公告,在此推下面还有一些关于如何找到证明系统中漏洞的方法和讨论。
@RiscZero shared details about OP Kailua Validity Mode, allowing OP Rollups to transition from Optimistic to Hybrid to Validity mode, providing maximum security and 1-hour finality. @RiscZero 分享了OP Kailua Validity Mode的详细信息,允许OP Rollups从Optimistic过渡到Hybrid再到Validity模式,提供最高安全性和1小时最终性。
@zksecurityXYZ shared a blog post about clean, introducing an embedded DSL and formal verification framework for ZK circuits in Lean4, aimed at enhancing confidence in ZK circuit correctness. @zksecurityXYZ 分享了关于clean的博客,介绍了这个基于Lean4的ZK电路设计DSL和形式验证框架,旨在提升ZK电路的正确性信心。
@coinbase opened source its MPC cryptography library, which includes ECDSA and EdDSA two-party and multi-party signature code, as well as security backup and multi-party key-gen tools, supporting the secure management of cryptocurrency asset keys. @coinbase 开源了其MPC密码学库,该库包括ECDSA和EdDSA的两方及多方签名代码,以及安全备份、多方密钥生成等工具,支持加密货币资产密钥的安全管理。
Polylog team's video discusses how to use zero-knowledge proofs to prove a solution to a Sudoku puzzle without revealing the solution. Polylog团队发布的视频探讨了如何使用零知识证明技术在不透露解决方案的情况下证明解决了数独问题。
@0xShivani discussed zkTLS in a thread, explaining several common zkTLS schemes, their products, and introduced the challenges of zkTLS. @0xShivani 在长推中讨论了zkTLS,讲解了几种常见的zkTLS方案,及其产品场景,并介绍了zkTLS当前遇到的问题和挑战。
@yourbuddyconner opened source ZKarnage, aiming to test the performance limits of Ethproof provers through worst-case attacks. @yourbuddyconner 开源了ZKarnage项目,旨在通过最差情况攻击,测试Ethproof provers的性能极限。
Key Points: 要点:
- • Construct worst case, forcing EVM to load large contracts to increase proving burden. 构造最差情况(worst case),迫使EVM加载大型合约来增加计算负担。
- • Use `EXTCODESIZE` bytecode to force EVM to load contract bytecode, increasing ZK circuit complexity. `EXTCODECOPY` is similar. 使用`EXTCODESIZE`字节码迫使EVM加载合约字节码,增加ZK电路的复杂度。`EXTCODECOPY`也是类似的。
- • This operation consumes the least gas (~408 gas/KB), but is very complex in ZK circuits. 该操作消耗最小的gas(~408 gas/KB),但在ZK电路中非常复杂。
- • This repo provides tools to construct such worst cases. 该代码库提供了构造这类最差情况的工具
Belohorec et al. proposed a unified framework in for proving the soundness of KZG class polynomial commitment schemes, covering both single and multi-variable variants. By conceptualizing the proof technique of Lipmaa et al., they demonstrated the completeness and soundness of the integrity assumptions, allowing black-box extraction of multi-variable KZG schemes. Belohorec等人在论文中提出了一个统一框架,用于证明KZG类多项式承诺方案的知识健全性,涵盖单变量和多变量变体。通过概念化Lipmaa等人的证明技术,他们展示了工具和可证伪的完整性假设,允许黑盒提取多变量KZG方案。
Hylé team shared benchmarking results of P256 ECDSA proving systems in the browser, focusing on comparing the performance and user experience of Noir, Circom, Halo2, and Cairo. Hylé团队分享了在浏览器中验证P256 ECDSA签名的证明系统基准测试结果,重点比较了Noir、Circom、Halo2和Cairo的性能和用户体验。
pnyda2 released halo2 ccs+, a transpiler that converts zcash/halo2 circuits to CCS circuits, and provided a benchmark result with poseidon hash. pnyda2发布了halo2 ccs+,一个将zcash/halo2电路转换为CCS电路的转译器,并以poseidon hash为例给出了基准测试结果。
Václav Rozhoň released an introduction to zero-knowledge proofs, interestingly explaining the satisfiability problem in zero-knowledge proofs using colored circuits. Václav Rozhoň发布了关于零知识证明的入门讲解,有趣的是利用彩色电路讲解零知识证明中的可满足性问题。
Junkai Liang, et al. in paper delved into zk-SNARKs, providing a comprehensive analysis of the gap between research and practice, proposing a unified 'master recipe', and categorizing existing zk-SNARKs. Junkai Liang等人在论文中深入研究了zk-SNARKs,从理论到实践全面分析了研究与实践之间的差距,提出了统一的“主配方”,并对现有zk-SNARKs进行了分类。
Balazs Komuves released the hash-circuits open-source project, containing multiple popular hash function circom implementations, such as SHA2, Keccak/SHA3, Blake2, Poseidon2, Griffin, and MiMC, and providing constraint comparison. Balazs Komuves发布了hash-circuits开源项目,包含多种流行哈希函数的circom实现,如SHA2、Keccak/SHA3、Blake2、Poseidon2、Griffin和MiMC,并提供了约束数量比较。
Coset and SECBIT Labs will host the zkVM HackerHouse in Suzhou from April 14 to 27, providing free accommodation and focusing on zkVM and hardware acceleration. Coset与SECBIT Labs将于2025年4月14日至27日在苏州举办zkVM HackerHouse,提供免费住宿,聚焦zkVM与硬件加速技术,欢迎报名参加。
Alperen Tunçkıran compared Kimchi proof system with KZG commitments in blog, providing a detailed introduction to Kimchi's technical architecture, innovations, and its application in the Mina blockchain. Alperen Tunçkıran在博客中比较了Kimchi证明系统与KZG承诺,详细介绍了Kimchi的技术架构、创新点及其在Mina区块链中的应用。
ICME-Lab released zkEngine, an (NIVC) zkWASM implementation based on Nebula proof system, aiming to provide memory-efficient and portable local verifiable computing and privacy protection for resource-constrained environments. ICME-Lab开源了zkEngine,一个基于Nebula证明方案的(NIVC) zkWASM实现,旨在为受限环境提供内存高效和高便携性的本地可验证计算和隐私保护。
Aadharsh Pannirselvam from @archetypevc discussed the privacy 2.0 era in blog, including the potential of privacy-enhancing technologies (PETs) such as TEEs, MPC, FHE, and ZK, and the potential issues. @archetypevc 的 Aadharsh Pannirselvam 在博客中讨论了隐私2.0时代,包括隐私增强技术(PETs)如TEEs、MPC、FHE和ZK的潜力及潜在问题。
@cryptodavidw shared a visual explanation of Plonk's permutation argument in blog, using color coding and tables to help understand how Plonk protocol achieves permutation through different cosets and challenge compression. @cryptodavidw 在博客中分享了Plonk的置换参数视觉解释,通过颜色编码和表格展示,帮助理解Plonk协议中如何通过不同cosets和挑战压缩技术实现置换。
@Scroll_ZKP Sepolia recently underwent a major upgrade, switching from zkEVM to zkVM, using REVM for EVM compatibility, and migrating the underlying framework from Halo2 to OpenVM, reducing circuit complexity and enhancing the ability of small teams to deploy zkRollup independently. @Scroll_ZKP Sepolia最近进行了重大升级,从zkEVM过渡到zkVM,使用REVM实现EVM兼容性,并将底层框架从Halo2迁移到OpenVM,降低电路复杂度,提高小团队自行部署zkRollup的能力。
ethGlobal Trifecta will take place from 3/21 as a 72-hour online hackathon, targeting high-level participants who have won past ethGlobal events. The competition will focus on three topics: AI Agents, TEEs, and ZK. ethGlobal Trifecta活动将在3月21日开始72小时的线上黑客松,该活动是一个高水平的黑客松,要求是过去ethGlobal的获奖者才能参加。活动将围绕三个主题进行竞争:AI Agents、TEEs 和 ZK。
Oh et al. proposed zkAML framework in paper , utilizing zkSNARK technology to implement anti-money laundering compliance in smart contracts, without exposing sensitive information, this work is jointly completed with the Bank of Korea. Oh等人在论文中提出zkAML框架,利用zkSNARK技术实现智能合约中的反洗钱合规,无需暴露敏感信息,该工作是与韩国银行合作完成的。
@icerdesign published a ZKP system Solidity Gas estimation report, analyzing the Gas consumption of different ZKP frameworks (including SnarkJs, Noir, gnark, halo2, etc.) and patterns in Solidity, including deployment costs, verification costs, etc. @icerdesign 发布了ZKP系统Solidity Gas估算报告,详细分析了不同ZKP框架(包括SnarkJs, Noir, gnark, halo2等)和模式在Solidity中的Gas消耗,包括部署成本、验证成本等。
Matthew Green discussed the Random Oracle Model (ROM) and its applications in cryptography in blog, particularly highlighting the actual attacks on Fiat-Shamir transformations, emphasizing the complexity between theoretical models and security proofs. Matthew Green在博客中讨论了随机预言模型(ROM)及其在密码学中的应用,特别是对Fiat-Shamir变换的实际攻击,强调了理论模型与安全证明之间的复杂关系。
@lagrangedev announced DeepProve, a zkML library, aiming to achieve verifiable AI inference, claiming 158x faster than previous methods, marking the convergence of AI and ZK technology. @lagrangedev 发布了DeepProve,一个zkML库,旨在实现可验证的AI推理,声称比以往快158倍,标志着AI与ZK技术的结合。
@CamutoDante posted a long thread indicating that DeepProve's benchmark results did not match their claims, providing specific benchmark data, and pointing out that DeepProve's speed may be due to compromises in accuracy and proof size. @CamutoDante 发布长推表示DeepProve的基准测试结果并没有他们声称的那么快,并给出了具体的测试数据,同时还指出DeepProve的快速可能是由于对正确性和证明大小的妥协。
@a16zcrypto's @SuccinctJT discussed the security and performance challenges of zkVMs in blog, proposing a phased approach to achieving secure and efficient zkVMs. @a16zcrypto 的 @SuccinctJT 在博客中讨论了zkVM的安全性和性能挑战,提出了实现安全高效zkVM的阶段目标,包括协议正确性、验证器和证明器实现的正式验证。
Key Points: 要点:
- • The author foresaw the development of zkVMs in terms of security and performance stages. 作者预见了zkVM发展中的安全发展阶段和性能发展阶段。
- • Security stage: 1. Protocol correctness, 2. Verifier implementation correctness, 3. Prover implementation correctness. 安全阶段:1. 协议正确,2. 验证器实现正确,3. 证明器实现正确。
- • Performance stage: 1. Reasonable verification cost, 2. At most 256k proof and 16ms verification time. 性能阶段:1. 合理的验证成本,2. 至多256k证据及16ms验证时间。
- • Currently at performance stage 1, security stage 1 has not been reached. 目前为性能阶段1,安全阶段1尚未达到。
- • Although it is hope to reach performance stage 2 within two years, it may be at the cost of sacrificing security. A security stage upgrade may come with a performance stage downgrade. 虽然近两年有可能达到性能阶段2,但可能是以牺牲安全性为前提的,安全阶段的提升,可能会伴随性能阶段的降低。
timofey explored GKR in blog, a class of interactive proof schemes based on multilinear extensions, evaluated by the author as a scheme addresses cryptographic overhead differently—by nearly avoiding commitments in the first place. timofey在博客中探讨了GKR,一类通过多线性扩展实现的交互式证明方案,被作者评价为:通过主要避免承诺来减少开销的一种方案。
Lisa Akselrod explored the mathematical principles of pairings in blog, including the basic properties of elliptic curves, group laws, and rational functions, eventually leading to Weil Pairing. Lisa Akselrod在博客中深入探讨了配对(Pairings)的数学原理,包括椭圆曲线的基本性质、群定律以及有理函数等概念,最终导到Weil Pairing。
Redshift Zero introduced shielded transactions in blog , discussing how to use them in privacy payment systems like ZCash and how to implement privacy protection in Bitcoin-shaped UTXO-based protocols. Redshift Zero在博客中介绍了隐匿交易(shielded tx)的概念,讨论了如何在ZCash等隐私支付系统中使用,以及如何在比特币类的UTXO协议上实现隐私保护。
Garg et al. proposed split prover zkSNARKs in paper , allowing Alice to delegate part of the zkSNARK computation tasks to helper Bob, while ensuring data privacy and proof indistinguishability. Garg等人在论文中提出了分割证明者zkSNARKs,允许Alice将部分zkSNARK计算任务委托给助手Bob,同时确保数据隐私和证明的不可区分性。
@alignedlayer and @class_lambda released zkVM benchmarks, including Fibonacci and Keccak benchmarks on NV RTX A6000 GPU and AMD EPYC 8534P CPU, with RISC0, SP1, PICO proof systems. @alignedlayer 和 @class_lambda 团队发布了zkVM基准测试项目,包括在NV RTX A6000 GPU和AMD EPYC 8534P CPU上的Fibonacci和Keccak基准测试结果,包括RISC0,SP1,PICO三种证明系统。
PSE team shared a retrospective of the Circom MPC project, discussing the development of MPC applications using the Circom language, including the implementation of the circom-2-arithc compiler and integration with the MP-SPDZ backend. PSE 团队分享了Circom MPC项目的回顾,讨论了使用Circom语言开发MPC应用的方法,包括circom-2-arithc编译器的实现和与MP-SPDZ后端的集成。
Michael Straka shared polynomial protocols developed with Alin Tomescu for string concatenation and substring extraction in R1CS circuits, code implemented in @Aptos Keyless circuit. Michael Straka在博客中分享了与Alin Tomescu合作开发的两个多项式协议,用于在R1CS电路中处理字符串连接和子字符串提取,代码实现用在了 @Aptos Keyless电路中。
@NexusLabs team released the Nexus specification document, providing detailed technical specifications and guidelines, also showing their considerations and constraints in designing the zkVM. @NexusLabs 团队发布了Nexus规范文档,提供了详细的技术规格和指南,从中也可以看到他们在设计zkVM时的考虑,以及详细的约束条件。
Suegami and Bottazzi proposed diamond iO in , a new iO construction based on lattices that replaces expensive recursive encryption with lightweight matrix operations, significantly reducing complexity. Suegami和Bottazzi在论文中提出了diamond iO,一种新的基于格的iO构造,通过轻量级矩阵操作替代了昂贵的递归加密过程,显著降低了复杂性。
Yuval Domb explored the duality of Barrett and Montgomery modular reduction algorithms in , proposing a new multi-precision modular reduction scheme that requires only $n^2+1$ digit multiplications, significantly improving computational efficiency. Yuval Domb在博客中探讨了Barrett和Montgomery模约简算法的对偶性,并提出了一种新的多精度模约简方案,仅需$n^2+1$次数字乘法,显著提升了计算效率。
Pierre在博客中探讨了Intmax,一个基于Plasma和有效性证明的可扩展支付L2解决方案,详细介绍了其工作原理、数据可用性机制及如何通过有效性证明防止恶意聚合器。
Key Points: 要点:
- • Intmax是基于Plasma和数据有效性(DA)证明的可扩展支付L2解决方案。
- • Plasma是一种通过最小化链上数据并依赖用户挑战机制实现扩展的L2架构。
- • **防数据扣留**:用 DA 机制和 BLS 签名,防止数据扣留(data withholding)并确保交易数据的完整性。
- • **防恶意聚合器**:通过有效性证明(如 PCD)防止聚合器提交恶意交易,确保交易和余额的有效性。
- • **可扩展性**:Intmax 的链上数据量极低,理论 TPS 可达 7000,通过优化数据存储和证明生成实现高效扩展。
- • **主要算法**:Intmax 使用 Plonky2 生成单一余额证明,支持复杂的证明组合和验证流程。
Vivian Jeng在博客中分享了Mopro团队对Circom的Groth16证明生成器的比较研究,重点讨论了移动设备上的证明生成速度和性能优化。
Pi Squared在博客中深入探讨了zkVM生态系统,包括Risc Zero、Jolt、zkWasm、Cairo、Nexus、SP1、Lurk七种zkVM的性能比较及其在实现证明协议中的应用。
@xxiang_xie 和Xiao Wang分享了关于zkTLS的基准测试和密码分析报告,包括MPC-TLS和Proxy-TLS两种主要方法的性能比较,并指出了 @reclaimprotocol 中的问题,最后展示了Primus的garble-then-prove系统的显著速度优势。
@zkemail 团队分享了如何通过ZKEmail使空投更加人性化的博客,讨论了使用ZK技术验证资格并通过邮箱领取代币的方法。并表示他们已经与 @JupiterExchange 展开了合作。
Benny Applebaum和Eliran Kachlon在论文中提出了信息论安全的NPSS定义和构造,支持任意t≤n的t-out-of-n秘密共享,并展示了其在零知识证明组合中的应用。
@coinbase 的 Gil Segev在论文中提出了一种扩展的Bulletproofs系统,用于R1CS,旨在弥补完整性和可靠性之间的差距,并增加了诚实验证者零知识特性。(诚实验证者零知识性(HVZK)指的是在验证者严格遵循协议的前提下,证明系统能够确保验证者无法从交互中获取任何关于证明者秘密信息的额外知识。是较弱但实用的特性。)
Decentralized Thoughts在博客中讨论了在加密证明系统中验证多标量乘法(MSM)结果的高效方法,该方法通过将计算分解为可批量验证的子计算,显著提高了验证效率。
Haitner等人在论文中以教程的形式详细介绍了基于RSA的整数承诺及相关协议,并提出了一种新的高效设置协议,用于采样承诺参数。