zkDaily - 2026-04-18

零知识证明 zkDaily

ZKP Frontier Tracker 🎯

Sat

04.18

2026

Mergeable SNARGs for Trapdoor Languages and Their Applications

Paper

https://eprint.iacr.org/2026/678

Zvika Brakerski SNARG iO LWE

Brakerski et al. propose a new method for mergeable SNARGs in their paper, supporting unbounded recursive merges with security reduction time scaling only with depth, and apply it to construct the first CCA1-secure multi-hop FHE scheme.

Notes

First SNARG method supporting unbounded polynomial recursive merges with arbitrary topology
Security reduction time scales only with merge depth, not tree size (potentially exponential)
Method applicable to trapdoor languages; trapdoor used only in security reduction, not proof generation/verification
Constructions from sub-exponential iO yield fully compact proofs; from LWE yield proofs scaling with depth
Application: first CCA1-secure multi-hop fully homomorphic encryption scheme
Application: first adaptive multi-hop aggregate signature scheme from LWE

Collected by @icerdesign

零知识证明 zkDaily

Q&A Deep Dive 💬

Sat

04.18

2026

Why do we need proof merging?

In recursive proofs or complex computations, multiple proofs can be compressed into one, reducing verification cost and improving scalability.

What are trapdoor languages?

Trapdoor languages are languages where validity can be efficiently decided given a hidden trapdoor. This trapdoor is used only in the security proof, not in proving or verification.

What assumptions are used for constructions?

Using sub-exponential iO yields fully compact SNARGs, while LWE-based constructions have proof size growing with merge depth.

Prompted by @icerdesign