zkDaily - 2026-02-05

零知识证明 zkDaily

ZKP Frontier Tracker 🎯

Thu

02.05

2026

Hachi: Efficient Lattice-Based Multilinear Polynomial Commitments over Extension Fields

Paper

https://eprint.iacr.org/2026/156

Ngoc Khanh Nguyen Lattice Sumcheck

Nguyen et al. proposed Hachi, a lattice-based multilinear polynomial commitment scheme in their paper, achieving square-root verification time and compact proofs (~55KB) by integrating Greyhound with ring-switching.

Notes

Hachi offers poly(ℓ,λ) proof size and Õ(√2^ℓλ) verifier time for ℓ-variate polynomials under Module-SIS
Achieves Õ(λ) asymptotic improvement over Greyhound, with 12.5x practical speedup
Uses sumcheck protocol but addresses bottlenecks in lattice-based constructions
Novel integration of Greyhound with ring-switching eliminates R_q multiplications for verifier
Generic reduction converts extension field proofs to cyclotomic ring statements
Technique applicable to lattice-based SNARKs for faster verification

Collected by @icerdesign

零知识证明 zkDaily

Q&A Deep Dive 💬

Thu

02.05

2026

Why does verifier time often become a bottleneck in lattice-based polynomial commitment schemes?

In lattice-based polynomial commitment schemes, verifying multilinear polynomials requires substantial algebraic computation. The verifier must perform costly ring operations and norm checks, causing its cost to grow quickly with the problem size and limiting scalability.

What efficiency issues does standard sumcheck face in lattice-based constructions?

Standard sumcheck assumes cheap field operations, but in lattice settings the verifier must often perform many multiplications over the ring R_q. These operations are expensive, making naive sumcheck inefficient.

What are the broader design implications of reducing extension-field proofs to cyclotomic rings?

This generic reduction shows that polynomial verification over extension fields can be mapped to more structured ring settings. It improves verifier efficiency and enables a modular, reusable design paradigm for lattice-based SNARK components.

Prompted by @icerdesign