Daily Digest 每日摘要 View All 查看全部

April 2026 2026 年四月

Thu

2026-04-30

Pairing-Based Verifiable Shuffles with Logarithmic-Size Proofs Paper

Xingye Lu Verifiable Shuffle Mix-net

Lu et al. propose a pairing-based verifiable shuffle for ElGamal ciphertexts with O(log N) proof size, significantly reducing bandwidth compared to prior O(N) schemes, and provide the first benchmarks for logarithmic-size shuffle proofs. Lu等人在论文中提出一种基于配对的ElGamal密文可验证混洗协议，证明规模为对数级（O(log N)），比现有O(N)方案大幅降低带宽消耗，并首次实现了对数级证明的基准测试。

Key Points: 要点：

• Proof size is O(log N) group elements, far better than traditional O(N) schemes. 证明规模仅O(log N)个群元素，远优于传统O(N)方案
• Public-coin protocol with Fiat-Shamir transform, non-interactive. 基于配对的公币协议，通过Fiat-Shamir转化为非交互式
• Supports updatable SRS from powers-of-tau ceremony. 支持可更新参考字符串，通过power-of-tau仪式生成
• Proof is only ~1.6 MB for 1M ciphertexts, vs. hundreds of KB to MB for others. 百万级密文时证明仅约1.6MB，同规模Shuffle方案需数百KB至数百MB
• First benchmark for logarithmic-size verifiable shuffle. 实现并提供了首个对数级可验证混洗的基准测试
• Applicable to e-voting and blockchain anonymization. 适用于电子投票和区块链匿名化协议

Wed

2026-04-29

Code-based Scalable Collaborative SNARKs Paper

Christodoulos Pappas CoSNARK

Pappas et al. proposed the first scalable collaborative SNARK based on error-correcting codes in their paper, enabling efficient, transparent, and post-quantum secure proof systems through distributed computation and zero-knowledge collaborative codes. Pappas等人在论文中提出首个基于纠错码的可扩展协作SNARK，通过分布式证明计算和零知识协作码实现高效、透明且后量子安全的证明系统。

Key Points: 要点：

• First scalable collaborative SNARK based on error-correcting codes with distributed proof computation 提出首个基于纠错码的可扩展协作SNARK，支持分布式证明计算
• Introduces zero-knowledge collaborative codes for message privacy in distributed settings 引入零知识协作码概念，确保分布式计算中的消息隐私安全
• Uses tensor codes (composition of two Reed-Solomon codes) that are foldable 利用张量码（两个Reed-Solomon码组合）满足定义并支持折叠
• Builds collaborative IOPP with logarithmic randomness for zero-knowledge 构建协作交互式预言证明，实现对数级随机性零知识IOPP
• Extends compiler to preserve round-by-round soundness against quantum adversaries 扩展编译器在协作设置中保持抗量子攻击的逐轮可靠性
• Experimental results show outperformance in prover time and communication over existing schemes 实验显示在证明时间和通信开销上优于现有非后量子安全方案

Tue

2026-04-28

Verifying Provenance of Digital Media: Security Analysis of C2PA and its Implementation Paper

Neal Krawetz C2PA security analysis

Krawetz et al. conducted a security analysis of the C2PA digital provenance system, finding that its specifications and implementations fail to achieve claimed security goals, including timestamp disagreement, certificate revocation vulnerabilities, and validator inconsistencies. Krawetz等人对C2PA数字溯源系统进行了安全分析，指出其规范和实现未能达到声称的安全目标，包括时间戳不一致、证书撤销漏洞、验证器不一致等问题，并提出了改进建议。

Key Points: 要点：

• C2PA specs fail to meet claimed tamper-evidence and weak file integrity goals. C2PA规范未实现声称的防篡改和弱文件完整性目标
• Formal analysis shows disagreement on trusted timestamps between claim generators and validators. 形式化分析显示声明生成器和验证器在时间戳上不一致
• Inadequate certificate revocation allows known compromised Nikon certificates to be accepted. 证书撤销政策不足，已验证含漏洞的尼康证书仍有效
• Validator inconsistencies lead to contradictory conclusions for the same asset. 验证器实现间存在不一致，同一资产产生不同结果
• Exclusion ranges in spec permit undetectable alterations. 规定中的排除范围允许对媒体内容的未检测修改
• Conformance program lacks technical review; improvements suggested for timestamping. 符合性项目缺乏技术审查，建议加强核心协议时间戳

Mon

2026-04-27

The Sum-Check Protocol over the Monomial Basis, and Other Optimizations Paper

Ari Biswas Sum-Check Monomial Basis

Biswas et al. proposed a projective variant of the Sum-Check protocol in their paper, changing the interpolating set from Boolean hypercube to infinity hypercube to optimize prover performance, with additional optimizations for prime field multiplication. Biswas等人在论文中提出了一种基于单项式基的Sum-Check协议变体，通过将插值集从布尔超立方改为无穷超立方，优化了证明者性能，并针对素数域乘法进行了额外优化。

Key Points: 要点：

• Proposed a projective Sum-Check variant using infinity hypercube instead of Boolean hypercube 提出基于无穷超立方的Sum-Check协议变体，替代标准布尔超立方插值集
• Achieves end-to-end prover speedup on BN254 and 128-bit pseudo-Mersenne prime fields 该变体在BN254和128位伪梅森素数域上实现端到端证明者加速
• Eliminates all field subtractions when binding multilinear polynomials 消除绑定多项式时的所有域减法操作，简化计算过程
• Provides evaluation procedures with fewer field operations for structured polynomials 针对结构化多项式（如等式和小于比较）提供更少域操作的评估过程
• Monomial-coefficient form aligns naturally with polynomial commitment schemes like WHIR 单项式系数形式与WHIR等多项式承诺方案自然对齐，消除基不匹配问题
• Optimized prime field multiplication by sampling challenges from specific subsets 针对素数域乘法提出优化，通过选择挑战子集实现乘法加速

Sat

2026-04-25

Secret-Carrying Puzzles and Garbled Circuits Optimized for Zero-knowledge Proofs Paper

Debasish Ray Chawdhuri Garbled Circuits

Chawdhuri and Prabhakaran introduce OxSP and a proof-friendly Garbled Circuit construction in , reducing the cost of proving correct garbling by nearly two-thirds. Chawdhuri和Prabhakaran在论文中提出Obliviously Checkable Secret-Carrying Puzzles (OxSP)，并设计了一种对ZK友好的混淆电路(GC)构造，将正确性的证明成本降低了近三分之二。

Key Points: 要点：

• OxSP enables public puzzle posting and solution verification with hidden content. OxSP允许公开发布谜题并验证解，同时隐藏谜题和响应的关键部分
• Building OxSP on GC requires ZK proofs, but existing combinations are costly. 基于GC构建OxSP需要ZK证明，但现有GC+ZK组合成本高昂
• New GC construction reduces cost of correct garbling proof by nearly two-thirds without non-standard assumptions. 新构造将证明正确混淆的成本降低近三分之二，无需非标准假设
• The proof-friendly GC is independently useful for auditable secure 2PC. 该GC构造对可审计安全两方计算具有独立意义
• Experiments show significant improvement in proving overhead. 实验表明：新GC在证明开销上显著优于传统方法
• OxSP potential applications include verifiable computing and private auctions. OxSP潜在应用包括可验证计算、隐私拍卖等场景

Thu

2026-04-23

ZK-VSA: Zero-Knowledge Verifiable Speaker Anonymization Leveraging Phase Vocoder with Time-Scale Modification Paper

Shuang Liang Speaker Anonymization

@icerdesign et al. proposed ZK-VSA, a zero-knowledge verifiable speaker anonymization method using zkSNARKs and phase vocoder for public verification while preserving privacy. @icerdesign 等人在论文中提出了一种零知识可验证说话人匿名化方法ZK-VSA，利用zkSNARKs和相位声码器实现公开验证，保护原始语音隐私。

Key Points: 要点：

• Introduced VSA paradigm for publicly verifiable speaker anonymization, preventing original speech exposure. 提出VSA范式，首次实现说话人匿名化的公开验证，防止原始语音泄露
• Designed arithmetic constraints with zkSNARKs for PV-TSM, minimizing accuracy loss. 基于zkSNARKs设计算术约束，优化相位声码器与时间尺度修改，降低精度损失
• Integrated cryptographic commitments and signatures for authentication, resisting inversion and re-identification attacks. 集成密码学承诺和数字签名，增强认证安全性，抵抗反转和重识别攻击
• Evaluated on LibriSpeech with minimal proof overhead and millisecond verification. 在LibriSpeech数据集上评估，证明开销小，验证时间仅毫秒级
• Suitable for forensic applications requiring auditability and privacy, ensuring evidence integrity. 适用于司法鉴定等需审计和隐私的场景，确保证据完整性
• Opens path for proof-based guarantees in broader speech transformations, advancing privacy tech. 为更广泛的语音变换提供基于证明的保证，推动隐私保护技术发展

Wed

2026-04-22

ACTS: Attestations of Contents in TLS Sessions Paper

Pierpaolo Della Monica TLS

Della Monica et al. proposed ACTS, a distributed architecture in their paper, using predicate blind signatures to enable users to prove data retrieved from TLS servers with verifiers only checking standard signatures, avoiding complex schemes like zkSNARK. Della Monica等人在论文中提出了ACTS分布式架构，基于谓词盲签名技术，允许用户证明从TLS服务器获取的数据，验证者仅需检查标准签名，无需运行zkSNARK等复杂密码方案。

Key Points: 要点：

• Existing tech like DECO relies on non-standardized schemes like zkSNARK, limiting adoption. 现有技术如DECO依赖zkSNARK等非标准化密码方案，限制大规模应用
• ACTS uses predicate blind signatures, requiring verifiers to check only standard RSA-PSS signatures. ACTS基于谓词盲签名，验证者仅需检查标准RSA-PSS签名，简化部署
• Architecture is compatible with DECO and successors, leaving TLS servers untouched for data confidentiality. 架构兼容DECO及其后继方案，不修改TLS服务器，保护数据机密性
• Optimized for practical deployment on commodity hardware with notary policies. 优化构造支持实际硬件上的高效运行，适用于公证人实施的政策
• Experimental validation uses PDF documents with standard PADES signatures for transparent verification. 实验验证基于PDF文档用例，通过标准PADES签名实现透明验证
• Enhances Web3 data interoperability and usability in existing systems. 推动Web3数据互操作性，提升现有系统对用户数据的利用能力

Mon

2026-04-20

Hint-Free Multi-Signatures Paper

Michael Reichle Aggregation BLS

Reichle et al. proposed a hint-free multi-signature scheme in their paper, enabling multi-hop aggregation with verification relying solely on public key sets, addressing scalability and verification dependencies in existing schemes. Reichle等人在论文中提出了无提示多签名方案，支持多跳聚合且验证仅需公钥集，解决了现有方案在可扩展性和验证依赖上的限制。

Key Points: 要点：

• Existing multi-signature schemes have limitations: either no further aggregation or verification requires auxiliary info, hindering use in large-scale systems like PoS blockchains. 现有多签名方案存在聚合不可再聚合或验证需额外信息的问题，限制其在PoS区块链等大规模系统中的应用
• Hint-free multi-signatures support multi-hop aggregation with verification using only public key sets, no extra info needed. 无提示多签名支持多跳聚合，验证仅依赖公钥集，无需聚合拓扑等辅助信息
• Previous known construction relied on recursive zkSNARKs, introducing security heuristics or limiting aggregation depth. 先前唯一已知方案依赖递归zkSNARK，存在安全启发式问题或聚合深度限制
• New scheme achieves this without proof recursion in the standard model, normalizing BLS multi-signatures publicly. 新方案在标准模型中实现，无需证明递归，通过公开标准化BLS多签名来消除多集依赖
• Scheme uses indistinguishability obfuscation, not practical but establishes feasibility for future work. 方案基于不可区分混淆，虽不实用但证明了原语可行性，为未来实用构造奠定基础
• Security highlighted: simplifies trust in verification, though current implementation depends on strong cryptographic assumptions. 安全性问题突出：解决了聚合验证的信任简化，但当前实现依赖强密码学假设

Sat

2026-04-18

Mergeable SNARGs for Trapdoor Languages and Their Applications Paper

Zvika Brakerski SNARG iO LWE

Brakerski et al. propose a new method for mergeable SNARGs in their paper, supporting unbounded recursive merges with security reduction time scaling only with depth, and apply it to construct the first CCA1-secure multi-hop FHE scheme. Brakerski等人在论文中提出了一种可合并SNARG的新方法，支持无限递归合并且安全归约时间仅与合并深度相关，并应用于构建首个CCA1安全的多跳全同态加密方案。

Key Points: 要点：

• First SNARG method supporting unbounded polynomial recursive merges with arbitrary topology 提出首个支持无限多项式递归合并的SNARG方法，合并拓扑可任意
• Security reduction time scales only with merge depth, not tree size (potentially exponential) 安全归约时间仅与合并深度相关，不随树大小指数增长
• Method applicable to trapdoor languages; trapdoor used only in security reduction, not proof generation/verification 方法适用于陷门语言，陷门仅用于安全归约，不影响证明生成或验证
• Constructions from sub-exponential iO yield fully compact proofs; from LWE yield proofs scaling with depth 基于亚指数iO构建完全紧凑证明，基于LWE构建证明大小与深度相关
• Application: first CCA1-secure multi-hop fully homomorphic encryption scheme 应用：构建首个CCA1安全的多跳全同态加密方案
• Application: first adaptive multi-hop aggregate signature scheme from LWE 应用：构建首个基于LWE的自适应多跳聚合签名方案

Thu

2026-04-16

Veloz: Efficient and Flexible Distribution Framework for Code-Based Polynomial Commitment Scheme Paper

Yuanzhuo Yu Polynomial Commitment

Yu et al. proposed Veloz, a distribution framework for code-based multilinear PCS, achieving sublinear communication cost and eliminating proof size dependence on sub-provers. Yu等人在论文中提出了一种基于代码的多线性多项式承诺分布框架Veloz，首次实现通信成本亚线性于子证明者数量，并消除证明大小对子证明者数量的依赖。

Key Points: 要点：

• Existing code-based PCS distribution schemes suffer from high communication or proof size overhead. 现有基于代码的PCS分布方案存在通信成本高或证明大小开销大的问题
• Veloz uses a customized proof aggregation method from interleaved code to efficiently combine sub-proofs. Veloz通过定制化的交错码证明聚合方法，高效组合子证明
• Two instantiations: Veloz-RS based on Reed-Solomon code and Veloz-Fast based on Brakedown's fast linear code. 提供两种实例化：基于Reed-Solomon码的Veloz-RS和基于Brakedown快速线性码的Veloz-Fast
• Veloz-RS achieves O(n) proving time, O(√n) communication, and O(1) proof size. Veloz-RS实现O(n)证明时间、O(√n)通信和O(1)证明大小
• Veloz-Fast achieves O(n log n) proving time, O(√n) communication, O(1) proof size, and field agnosticity. Veloz-Fast实现O(n log n)证明时间、O(√n)通信和O(1)证明大小，且具有域无关性
• Experiments show linear scalability; Veloz-Fast achieves 26.9s proof generation and 7.02× speedup for n=2²⁰. 实验显示线性可扩展性，Veloz-Fast在n=2²⁰时证明生成26.9秒，加速比达7.02倍

Tue

2026-04-14

2G2T: Constant-Size, Statistically Sound MSM Outsourcing Paper

Majid Khabbazian MSM Outsourcing

Majid Khabbazian proposed the 2G2T protocol in the paper for outsourcing MSM to untrusted servers, featuring constant-size proofs and statistical soundness, with verification up to ~300x faster than local computation. Majid Khabbazian在论文中提出了2G2T协议，用于将MSM外包给不可信服务器，具有常数大小证明和统计可靠性，验证速度比本地计算快约300倍。

Key Points: 要点：

• 2G2T enables resource-constrained clients to outsource MSM to untrusted servers for efficiency 2G2T协议允许资源受限客户端将MSM外包给不可信服务器，提升效率
• Server performs only two MSM computations and returns two group elements (constant-size proof) 服务器仅需执行两次MSM计算并返回两个群元素，证明大小恒定
• Client verification requires one length-n field inner product and three group operations, fast verification 客户端验证仅需一次长度-n的域内积和三次群操作，验证速度快
• In Ristretto255 implementation, verification is ~300x faster than local optimized MSM (n≤2^18) 在Ristretto255实现中，验证速度比本地优化MSM快约300倍（n≤2^18）
• Supports latency-hiding verification: most verifier work done while waiting for server response 支持延迟隐藏验证：大部分验证工作可在等待服务器响应时完成
• Achieves statistical soundness: probability of accepting incorrect result ≤1/q, high security 协议具有统计可靠性：接受错误结果的概率≤1/q，安全性高

Mon

2026-04-13

zkRAG: Efficiently Proving RAG Retrieval in Zero Knowledge Paper

Xinyang Yang HNSW ANNS

Yang et al. proposed zkRAG in their paper, a ZK proof system for HNSW algorithm to verify faithful RAG retrieval execution with linear prover time. Yang等人在论文中提出了zkRAG，一种针对HNSW算法的ZK证明系统，用于验证RAG检索的忠实执行，实现线性证明时间的高效验证。

Key Points: 要点：

• RAG systems rely on vector retrieval, but server-side black-box operations can cause deviations, requiring consistency verification. RAG系统依赖向量检索，但服务端黑盒操作可能导致执行偏差，需验证一致性
• zkRAG designs a PIOP for HNSW algorithm to enable ZK proofs, ensuring retrieval faithfulness to committed database and index. zkRAG针对HNSW算法设计PIOP，实现ZK证明，确保检索忠实于承诺的数据库和索引
• Prover time is linear in HNSW search trace length, achieving asymptotically optimal online efficiency. 证明时间与HNSW搜索轨迹长度线性相关，达到渐进最优在线证明效率
• Introduces new techniques like hybrid lookup argument and priority-queue update checker for improved efficiency. 引入混合查找参数、优先级队列更新检查器等新技术，提升效率
• Single-threaded proof for typical queries takes seconds, hundreds of times faster than baselines, with lightweight verification. 单线程下证明典型查询仅需数秒，比现有基线快数百倍，验证轻量
• Security highlighted: protects server embeddings and index privacy, only outputs revealed, preventing arbitrary deviations. 安全性突出：保护服务端嵌入和索引隐私，仅输出结果可见，防止任意偏差

Sun

2026-04-12

Boolean Arithmetic over $\mathbb{F}_2$ from Group Commutators Paper

Marc Joye Boolean Group

Marc Joye proposes methods for binary field arithmetic using nonabelian group operations in the paper, implementing Boolean computation via commutators with explicit realizations in alternating groups A5 and A6, achieving state-of-the-art efficiency. Marc Joye在论文中提出利用非阿贝尔群的群运算实现二进制域算术的方法，通过交换子实现布尔计算，在交替群A5和A6中提供具体实现，达到最优效率。

Key Points: 要点：

• Implements binary field arithmetic using only group operations (multiplication and inversion) in nonabelian groups 研究利用非阿贝尔群的乘法与逆运算实现二进制域算术
• Uses commutators for Boolean computation within group structure with two complementary approaches 通过交换子在群结构中实现布尔计算，提出两种互补方法
• Realizes universal Boolean gate (NAND) and direct XOR/AND operations 实现通用布尔门（NAND）及直接实现XOR和AND运算
• Applies to finite nonabelian simple groups like alternating groups A5 and A6 适用于有限非阿贝尔单群，如交替群A5和A6
• Achieves state-of-the-art efficiency in number of group operations for A5 在最小非阿贝尔单群A5中实现群运算数量的最优效率
• Potential applications in fully homomorphic encodings and cryptography 方法可用于全同态编码等密码学应用

Sat

2026-04-11

Game Theory Does Not Always Help: The Case of Statistical Multi-Party Coin Tossing Paper

Chen-Da Liu-Zhang Game Theory

Liu-Zhang et al. analyzed multi-party coin-tossing protocols in their paper, proving that game-theoretic approaches cannot overcome cryptographic impossibility in the statistical setting once an honest majority is lost. Liu-Zhang等人在论文中分析了多方掷币协议，证明了在统计安全设置下，一旦失去诚实多数，博弈论方法无法克服密码学不可能性。

Key Points: 要点：

• Multi-party coin-tossing protocols combine cryptography and game theory to generate unbiased random bits. 多方掷币协议研究结合了密码学和博弈论，旨在生成无偏随机比特
• Classical cryptography: strong fairness achievable with honest majority in statistical setting, impossible with dishonest majority. 经典密码学结果：统计设置下，诚实多数可实现强公平性，不诚实多数则不可能
• Game-theoretic approaches can sometimes circumvent cryptographic lower bounds via weak equilibrium guarantees. 博弈论方法有时能通过弱均衡保证规避密码学下界，但在统计设置中优势有限
• Main finding: no statistically secure game-theoretic protocol for n parties with t≥n/2 corruptions (except n=4 special case). 主要结论：对于n方且t≥n/2腐败，不存在统计安全的博弈论掷币协议（除n=4特殊情况）
• Without broadcast, no computationally secure game-theoretic protocol for t≥n/3 and polynomial rounds (except n=6 special case). 无广播设置下，对于t≥n/3且多项式轮复杂度，不存在计算安全的博弈论协议（除n=6特殊情况）
• Work completes the statistical feasibility landscape, defining boundaries of game-theoretic fairness in coin tossing. 研究完善了统计可行性图景，明确了博弈论公平性在多方掷币中的边界

Fri

2026-04-10

VEIL: Lightweight Zero-Knowledge for Hash-Based Multilinear Proof Systems Paper

Rahul Dalal Multilinear Compiler

Dalal et al. proposed VEIL, a lightweight non-intrusive compiler for adding ZK to hash-based multilinear proof systems, achieving minimal prover overhead by decoupling algebraic interactions from hashing. Dalal等人在论文中提出了VEIL，一种轻量级非侵入式编译器，用于为基于哈希的多线性证明系统添加ZK，通过解耦代数交互与哈希实现最小证明者开销。

Key Points: 要点：

• VEIL is a lightweight non-intrusive compiler for hash-based multilinear proof systems VEIL是一种轻量级非侵入式编译器，专为基于哈希的多线性证明系统设计
• Decouples algebraic interactions from cryptographic hashing, applying ZK wrapper only to algebraic components 通过解耦协议中的代数交互与密码学哈希，仅对代数组件应用ZK包装
• Avoids drawbacks of composing with expensive ZK systems or tightly coupled modifications 避免了传统方法中与昂贵ZK系统组合或紧密耦合修改的缺点
• Simple and plausibly post-quantum protocol with minimal prover overhead of (1+o(1)) 实现简单且可能具有后量子安全性，证明者开销最小化至(1+o(1))
• Proof-of-concept: 3% prover overhead, 22% verifier overhead, 12% proof-size overhead for 2^29 field elements 概念验证显示：在31位基素数域上，对于2^29个域元素轨迹，证明者开销约3%
• Maintains architectural integrity of the base proof system 验证者开销22%，证明大小开销12%，保持基础证明系统的架构完整性

Thu

2026-04-09

Open-Sourcing Venus: A New Foundation for High-Performance zkVMs OSS

Cysic zkVM GPU

@Cysic open-sourced Venus, a graph-based foundation for high-performance zkVMs, based on ZisK, designed to improve proving performance through global optimization and hardware-native execution. @Cysic 团队开源了Venus项目，这是一个基于图架构的高性能zkVM基础框架，代码基于ZisK，旨在通过全局优化和硬件原生执行提升证明性能。

Key Points: 要点：

• Venus uses a graph-first architecture, encoding proving as a computational graph instead of traditional HAL. Venus采用图优先架构，将证明流程编码为计算图，替代传统的HAL方法
• Enables global optimization across the full proving pipeline, not isolated kernels. 支持全局优化，可跨整个证明管道进行性能提升，而非孤立内核
• Hardware-native execution maps directly to GPU models like CUDA Graphs. 硬件原生执行，直接映射到GPU执行模型如CUDA Graphs
• Improves auditability with structured and inspectable proving flows. 提升审计性，使证明流程结构化且可检查，增强透明度
• Performance tests show ~6%+ throughput improvement over ZisK 0.16.1. 性能实测显示，相比ZisK 0.16.1，吞吐量提升约6%以上
• Provides a foundation for hardware-software co-design across GPU, FPGA, and ASIC. 为硬件-软件协同设计奠定基础，支持GPU、FPGA和ASIC等硬件

Wed

2026-04-08

Efficient Batch Threshold Encryption Using Partial Fraction Techniques Paper

Dan Boneh Threshold Pairing

Boneh et al. proposed an efficient batch threshold encryption scheme in their paper, using partial fraction techniques to achieve linear-sized public parameters, constant-sized pre-decryption keys and ciphertexts, and efficient batch decryption. Boneh等人在论文中提出了一种高效的批处理阈值加密方案，利用部分分数技术实现线性大小的公共参数、恒定大小的预解密密钥和密文，并支持高效的批处理解密。

Key Points: 要点：

• Existing batch encryption schemes rely on epochs or suffer from large public parameters (quadratic) and censorship vulnerability. 现有批处理加密方案依赖时段或存在公共参数过大（二次方增长）和审查脆弱性问题
• New scheme is epochless with linear-sized public parameters and constant-sized pre-decryption keys and ciphertexts. 新方案无时段依赖，具有线性大小的公共参数和恒定大小的预解密密钥与密文
• Uses partial fraction decomposition: a single group element as pre-decryption key decrypts all batch ciphertexts. 利用部分分数分解技术，单个群元素作为预解密密钥即可解密批次内所有密文
• Proves CCA security and shows how to thresholdize the scheme. 证明了方案的CCA安全性，并展示了如何实现阈值化
• Directly benefits applications like encrypted mempools for MEV mitigation and time-lock encrypted storage. 直接适用于加密内存池（MEV缓解）和时间锁定加密存储等应用
• Extends partial fraction techniques from Jutla, Nema, and Roy's threshold encryption scheme. 基于Jutla、Nema和Roy的阈值加密方案中的部分分数技术进行扩展

Tue

2026-04-07

PlasmaBlind: A Private Layer 2 With Instant Client-Side Proving Paper

Pierre Daix-Moreux Folding

Daix-Moreux and Zhang proposed PlasmaBlind in their paper, a privacy-preserving and scalable Layer-2 protocol using folding schemes for fast client-side proving and efficient block aggregation. Daix-Moreux和Zhang在论文中提出PlasmaBlind，一种隐私保护且可扩展的Layer-2协议，利用折叠方案实现客户端快速证明和高效区块聚合。

Key Points: 要点：

• PlasmaBlind uses folding schemes' blinding property to protect transaction data without expensive ZK proofs PlasmaBlind利用折叠方案的盲化特性保护交易数据，无需昂贵ZK证明
• Client-side proving time under 100ms, aggregator per-transaction time under 300ms 客户端证明时间低于100毫秒，聚合器每交易处理时间低于300毫秒
• Optimization links verification tasks, avoiding non-uniform circuit proof composition 优化技术链接不同验证任务，避免非均匀电路证明组合
• Low accumulation cost of folding schemes enables efficient block aggregation to constant-size proof 折叠方案的低累积成本支持高效区块聚合为恒定大小证明
• Preliminary benchmarks validate practicality on consumer hardware 初步基准测试验证了协议在消费级硬件上的实用性
• Focuses on balancing privacy and scalability, offering new direction for Layer-2 design 专注于隐私保护与可扩展性平衡，为Layer-2设计提供新方向

Sat

2026-04-04

VeriRAG: Efficient Zero-Knowledge Proofs for Verifiable Retrieval-Augmented Generation Paper

Chenqi Lin RAG

Lin et al. proposed VeriRAG framework in their paper, using ZKP for efficient integrity guarantees in RAG systems, supporting ANNS and optimizing verification overhead, achieving 96s prover time and 3s verifier time on 37GB dataset. Lin等人在论文中提出VeriRAG框架，利用ZKP为RAG系统提供高效完整性保证，支持近似最近邻搜索并优化验证开销，实验显示可在37GB数据集上实现96秒证明时间和3秒验证时间。

Key Points: 要点：

• RAG systems suffer from hallucination, allowing malicious providers to bypass retrieval or claim false data quality RAG系统存在幻觉问题，恶意提供者可能绕过检索或伪造数据质量
• VeriRAG uses ZKP for integrity guarantees while preserving dataset privacy VeriRAG利用ZKP提供完整性保证，同时保护数据集隐私
• Supports Approximate Nearest Neighbor Search to avoid exhaustive searches 支持近似最近邻搜索，避免全量搜索带来的计算负担
• Proposes innovative protocol bypassing complex verification of sorting processes 协议绕过排序过程的复杂验证，优化top-k排序验证
• Uses joint optimization with vector lookup and chunk-merging strategies to reduce verification overhead 采用向量查找和块合并联合优化策略，降低验证开销
• Experimental results show scalability to 37GB dataset with 96s prover time and 3s verifier time 实验证明框架可扩展到37GB数据集，证明时间96秒，验证时间仅3秒

Fri

2026-04-03

Securing Elliptic Curve Cryptocurrencies against Quantum Vulnerabilities: Resource Estimates and Mitigations Paper

Ryan Babbush Post-Quantum Cryptography

Babbush et al. analyze quantum threats to blockchains in their paper, providing resource estimates for breaking secp256k1 and validating results with ZK proof, while discussing mitigations and the urgency of migrating to Post-Quantum Cryptography. Babbush等人在论文中分析了量子计算机对区块链的威胁，提供了secp256k1曲线破解的资源估计，并利用ZK证明验证结果，同时探讨了缓解策略和迁移到后量子密码学的紧迫性。

Key Points: 要点：

• Quantum computers can break secp256k1 using Shor's algorithm with ≤1200 logical qubits and ≤90M Toffoli gates. 量子计算机可破解secp256k1曲线，使用Shor算法需≤1200逻辑量子比特和≤9000万Toffoli门
• On superconducting architectures, circuits can execute in minutes with <500k physical qubits. 在超导架构上，电路可在几分钟内用不到50万物理量子比特执行
• Distinguish fast-clock vs. slow-clock architectures; fast-clock CRQCs may enable on-spend attacks. 区分“快时钟”和“慢时钟”架构，快时钟CRQC可能对公链交易发起“即时花费”攻击
• Analyze systemic risks in blockchain features like smart contracts, PoS, and Data Availability Sampling. 分析了智能合约、PoS共识、数据可用性采样等区块链高级功能的系统性风险
• Propose digital salvage frameworks to regulate dormant assets and prevent adversarial seizure. 提出“数字抢救”框架，以监管休眠资产的恢复或销毁，防止恶意夺取
• Urge vulnerable cryptocurrency communities to migrate to Post-Quantum Cryptography immediately. 强调所有易受攻击的加密货币社区应尽快迁移到后量子密码学

Thu

2026-04-02

SHRIMPS: 2.5 KB post-quantum signatures across multiple stateful devices Blog

jonasnick SPHINCS+ Signatures

jonasnick proposed the SHRIMPS protocol in the blog, combining compact and fallback SPHINCS+ instances to enable small post-quantum signatures across multiple devices, reducing size in contexts like Bitcoin. jonasnick在博客中提出了SHRIMPS协议，通过结合紧凑和回退SPHINCS+实例，实现跨多设备的小型后量子签名，在比特币等场景下显著减小签名大小。

pq-provable-shrimps OSS

AbdelStark STARK Cairo SHRIMPS

AbdelStark released the open-source project, integrating Rust signing, Cairo verification, and Stwo STARK proving for post-quantum signature verification with 772-byte compact signatures and ZK proof generation. AbdelStark发布了开源项目，结合Rust签名、Cairo验证和Stwo STARK证明，支持后量子签名SHRIMPS的验证，提供772字节紧凑签名和ZK证明生成。

Wed

2026-04-01

Post-Quantum Blockchains with Agility in Mind Paper

Manuel B. Santos EVM Signature

Santos et al. proposed an EVM-compatible blockchain design with cryptographic agility in their paper, featuring CATX transaction format and consensus-layer key registration to address quantum threats. Santos等人在论文中提出了一种支持密码学敏捷性的EVM兼容区块链设计，包括CATX交易格式和共识层密钥注册机制，以应对量子计算威胁。

Key Points: 要点：

• Blockchains need long-term integrity, but cryptographic primitives may fail due to quantum advances. 区块链需长期完整性保障，但密码学原语可能因量子计算等进步而失效
• Existing systems lack comprehensive cryptographic agility support for seamless algorithm transitions. 现有系统缺乏全面的密码学敏捷性支持，难以在不中断运行下切换算法
• Proposed flexibility framework distributes algorithm choice across blockchain components. 提出灵活性框架，将算法选择分布到区块链各组件
• Designed CATX transaction format decouples body and signature for user-selected schemes. 设计CATX交易格式，分离交易体与签名，支持用户自选签名方案
• Consensus-layer key registration enables validator migration between schemes without hard forks. 共识层密钥注册机制允许验证者在签名方案间迁移，无需硬分叉
• Experimental evaluation shows CATX format introduces no measurable overhead with various signatures. 实验评估显示CATX格式在ECDSA、Falcon-512、ML-DSA签名下无显著开销