SNARK Primitives

Hash functions, Merkle trees, and other ZK building blocks

Writing Circuits

🟢 推荐使用 🟡 可用但谨慎 🔴 不推荐

🔐 Hash Functions

Name	Type	Use Case	ZK-Friendly	Recommend	Implementations	Notes
Poseidon	Permutation	Merkle Tree, Commitment, PRF	✅	🟢	Circom, Arkworks, Halo2	SNARK-native, fast in R1CS/PLONK
MiMC	Feistel-like	Merkle Tree, PRF	✅	🟢	Circom, Arkworks	Minimal constraints per round
Rescue	Sponge	Hash, PRF	✅	🟡	Halo2, Winterfell	Algebraic structure, STARK-friendly
Pedersen	EC-based	Commitment	⚠️ Partial	🟡	Circom, Sapling, Arkworks	Curve-dependent
SHA2/SHA3	Standard	Compatibility with EVM systems	❌	🔴	Circom	Very high cost in R1CS

🌲 Merkle Tree Primitives

Variant	Hash Used	ZK-Friendly	Recommend	Implementations	Notes
Poseidon MT	Poseidon	✅	🟢	Circom, Noir	Fully SNARK-native
MiMC MT	MiMC	✅	🟢	Circom	Lightweight and efficient
Pedersen MT	Pedersen	⚠️ Moderate	🟡	Sapling	Legacy zkApp use
SHA MT	SHA2/SHA3	❌	🔴	Circom	Expensive in constraint count

🧾 Commitment Schemes

Scheme	Binding	Hiding	ZK-Friendly	Recommend	Implementations	Notes
Pedersen	✅	✅	✅	🟢	Circom, Arkworks	Fast, curve-based
Poseidon-based	✅	✅	✅	🟢	Noir, Halo2	Fully arithmetized
KZG Commitment	✅	❌	⚠️ Limited	🟡	PLONK (zkEVMs)	Trusted setup required

📐 Polynomial-Related Primitives

Primitive	Use Case	ZK-Friendly	Recommend	Implementations	Notes
FFT	Polynomial commitment	✅	🟢	PLONK, STARK systems	Core of modern SNARKs
Lagrange Interp.	Witness construction	✅	🟢	Internal	Used in identity checks
Kate Commitment	Openings for poly evals	✅	🟡	PLONK, zkEVM	Pairing-based, used in KZG

🔣 Bit-level Encodings

Primitive	Use Case	ZK-Friendly	Recommend	Implementations	Notes
Bit Decomposition	Range proofs, logic	✅	🟢	Circom, Halo2	Common, but costly
Field Packing	Efficient encoding	✅	🟢	Circom, Arkworks	Reduce input size

🔗 Application Mapping Quick Guide

Application	Recommended Primitive(s)	Notes
Efficient Merkle Tree	Poseidon, MiMC	Avoid SHA-based in ZK
Privacy-preserving commitment	Pedersen, Poseidon-based	Group or native
Range / logic constraints	Bit Decomposition	Optimize with custom gadgets
Public compatibility (EVM)	SHA2, Keccak256	Only if EVM compatibility needed
Polynomial-based proving system	FFT, KZG, Lagrange Interp.	Backbone of PLONK/STARK

📎 Legend

Use Case：主要适用场景
ZK-Friendly：是否为低约束设计
Recommend：开发者优先级选择建议
Implementations：有成熟实现的框架（Circom, Arkworks, Noir, Halo2 等）