| Amit Kumar |
New York University |
Proof Carrying Information from folding GKR with protostar |
Present Interactive Verifiable Computation (IVC) schemes face challenges with the Witness-Multi-Scalar Multiplication (Witness-MSM) barrier, limiting effectivity. We suggest leveraging the Goldwasser-Kalai-Rothblum (GKR) accumulation scheme to considerably cut back the witness dimension, overcoming these limitations. Using the Protostar compiler, we are going to fold the GKR protocol, enhancing computational effectivity. Moreover, we intention to increase IVC right into a Proof Carrying Information framework, facilitating parallel folding in a tree construction to streamline verification processes and enhance scalability. |
| Pratyush Mishra |
University of Pennsylvania and Stanford University |
Zippel: A language and compiler for constructing proof programs |
We suggest Zippel, a brand new language and compiler for constructing right and environment friendly succinct proof programs. Zippel permits the developer to precise the protocol in a high-level language that’s near its mathematical description, after which routinely manages low-level particulars like parallelism, reminiscence administration, use of customized {hardware}, and so on. Zippel’s compiler additionally has highly effective and quick static analyses that may assist builders catch protocol soundness and zero-knowledge bugs. Our hope is that Zippel will make it simpler for builders to implement and experiment with new proof programs with out sacrificing efficiency. |
| Julian Sutherland |
Nethermind |
Lean Extraction of Circuit Constraints from Halo2 |
The Halo2 library is a extensively used ZK infrastructure library that gives a way to develop prover/verifier pairs in a high-level area particular language embedded in Rust. To formally confirm circuits on this language, and thus guarantee the very best stage of safety, we’re aiming to develop a proper verification harness to seamlessly extract the constraints from a Halo2 circuit and motive about them within the Lean 4 proof assistant. We have already got vital progress in direction of and want to prolong it to help the complete gamut of Halo2 options. |
| Jordan Coppard |
Unbiased |
ZK Benchmarks |
Efficiency benchmarking (prover time, verifier time, proof gate dimension) for various kinds of proving programs in addition to the prover/verifier implementations of these proving programs over numerous pc architectures (x86_64, ARM). To create an comprehensible (i.e. not only a dump of take a look at information) and accessible repository of benchmarks surrounding the ZK ecosystem such that builders, venture managers, and most people could make knowledgeable selections concerning their necessities, or just be taught extra in regards to the present panorama (e.g. efficiency going up/down, new proving programs and so on). |
| Stanislav Marycev |
zkFold |
ZKFold Symbolic: a Zero-Data Sensible Contract Language |
zkFold Symbolic is the programming language for writing zero-knowledge sensible contracts. It’s a high-level practical language, a subset of Haskell. Sensible contracts written in zkFold Symbolic are compiled straight into arithmetic circuits that may be utilized by numerous zero-knowledge protocols. Being a high-level language, it dramatically reduces the barrier to entry because the builders don’t should be consultants in ZK cryptography. Offering sensible contract builders with a correct instrument to faucet into the ability of zero-knowledge protocols permits them to create zk-apps and sensible contracts which can be on one other stage by way of effectivity and consumer expertise. Furthermore, with extra builders adopting this strategy, we’re decreasing the on-chain information and computation footprint, successfully scaling Ethereum and EVM chains. |
| Jordan Coppard |
Unbiased |
ZK Treesitter |
Agnostic treesitter grammars for main zero-knowledge circuits languages Noir (Aztec) and Cairo (Starkware) that are maintained over time. To enhance developer tooling in addition to present broader entry to instruments such that builders can choose what’s greatest for them. – Editor-agnostic treesitter grammars for Noir and Cairo. – Upkeep of those grammars as stated languages evolve over time. – Full and straightforward to grasp documentation such that anybody can contribute to those grammars when they’re launched; or use them as well-structured bases for different treesitter grammars. |
| Sergey Kaunov |
Unbiased |
Wasm PLUME |
This venture goals to make the safe/cryptographic PLUME scheme implementation extra accessible in environments exterior of the Rust ecosystem. The first goal is to extend the adoption of the scheme by minimizing the divergence of the Wasm launch from the default goal and offering a downstream-friendly API. The venture’s profitable adoption will result in enhanced privateness, simplified id administration, nameless moderation, proof of solvency, versatile functions, and encouragement of consumer adoption within the Ethereum ecosystem. |
| Lako Nema |
Unbiased |
Onboard customers to verifiable KYC |
We need to carry builders to ZK by showcasing how the standard instruments interaction. ZK fanatics need to reply two questions earlier than constructing an app: what drawback can we remedy with it? and construct such an app? Our venture goals at answering each questions by creating an open-source end-to-end app on verifiable KYC. We expect that non-public KYC is a requirement for a widespread adoption of blockchains. And we need to present how ZK can carry this. We need to construct a easy but highly effective boilerplate for verifiable KYC, primarily based on Noir language. We plan to construct an end-to-end app, with proving, verifying on-chain and on the shopper facet. We need to enable any new developer to launch the app with one command. We’ll name it successful if the venture is forked and edited by builders keen to be taught extra about ZK. We plan to put in writing weblog posts and onboarding guides to widen the publicity of the venture. |
| Albert Garreta |
Nethermind |
LatticeFold implementation and folding schemes for FRI-based SNARKs |
This grant proposal goals to develop and implement a Proof of Idea (PoC) for the LatticeFold folding scheme [BC24], benchmarking it towards current schemes like HyperNova. Moreover, we intention to analysis methodologies to create a “STARK-friendly” folding scheme primarily based on LatticeFold. This may enable to make use of folding methods within the context of FRI-based SNARKs (e.g., ethSTARK, Plonky2/3, Risc Zero, Boojum, and so on.) Prof. Dan Boneh and Prof. Binyi Chen, authors of the LatticeFold paper, have agreed to help our staff for the venture’s period. |
| Albert Garreta |
Nethermind |
SNARKs for non-prime arithmetics |
This grant proposal seeks to develop a SNARK tailor-made for proving statements over rings of the shape Z/nZ, for Z the ring of integers and n an arbitrary integer. This deviates from the standard setting the place statements are expressed over a major area F_p=Z/pZ for p a major. We intention to give attention to the instances the place n is an influence of two or a product of two massive primes. This may allow to natively show statements involving computations reminiscent of: RSA-based cryptography operations, CPU operations, floating level arithmetic (required for, e.g., machine studying), non-algebraic hash features, and so on. Right here, by “natively,” we imply that every of those computations is arithmetized overZ/nZ, for n an acceptable integer, somewhat than over a finite area. It’s recognized that the latter “non-native” arithmetization can create overheads of an order of magnitude within the circuit/R1CS/AIR dimension. |
| Stefanos Chaliasos |
Unbiased |
Reproducible ZK Vulnerabilities to Enhance Ecosystem’s Safety |
Zero-knowledge proofs (ZKPs), significantly SNARKs (Succinct Non-Interactive Argument of Data), have transitioned from theoretical constructs to sensible, real-world functions, providing privateness and verifiability. Nonetheless, the complexity of designing and implementing ZKP functions introduces a myriad of vulnerabilities. Current analyses have make clear the distinctive challenges and vulnerabilities at each the circuit stage and integration stage inside the SNARK stack, posing vital threats to ZK programs. Regardless of developments in automated safety defenses, their effectiveness stays largely untested on in depth, real-world datasets. Furthermore, the shortage of reproducible examples lessens practitioners’ and researchers’ capacity to grasp and mitigate ZK vulnerabilities successfully. This venture goals to increase our earlier work on ZK safety by creating a complete dataset and framework that includes reproducible ZK exploits. This useful resource will function each an academic instrument for newcomers and an in depth examine base for consultants. Moreover, we are going to consider the effectiveness of current safety instruments towards this dataset to pinpoint areas needing enchancment, in the end aiding within the improvement of extra strong detection instruments. |
| Stefanos Chaliasos |
Unbiased |
Detecting Personal Data Leakage in Zero-Data Purposes |
Sensible Zero-Data proofs grew to become attainable as a result of development of privacy-preserving tasks reminiscent of Zcash. Notably, in the previous few years, most SNARK-enabled tasks have centered on verifiable computation, with zk-rollups being a notable software. Traditionally, crafting ZKP functions has been a difficult process, necessitating experience in libsnark and low-level programming. The emergence of extra accessible DSLs like Circom and arkworks, whereas mitigating some complexity, nonetheless leaves room for crucial bugs, reminiscent of under-constrained vulnerabilities [3]. Current developments in ZK programming languages, reminiscent of Noir and Leo, intention to simplify ZK software improvement and cut back potential vulnerabilities, attracting a broader developer base doubtlessly unfamiliar with cryptographic fundamentals. A prevalent concern in these high-level languages, which can be widespread in lower-level languages, is the leakage of personal variable info. For example, such a leakage occurs when a ZK program publicly outputs the sum (z ) of a non-public and a public variable (x and y, respectively). Understanding the general public enter x and the general public output z permits the deduction of the worth of the non-public variable y. Conversely, hashing the sum of x and y right into a public variable z doesn’t leak the worth of the non-public variable y, assuming the hash operate’s safety. This venture proposes the design and implementation of a static evaluation strategy enhanced with taint monitoring, enter era, and SMT fixing to determine and validate cases of personal variable info leakage. Our strategy generates (1) warnings for potential leaks, (2) errors for confirmed leaks, and (3) visible graphs tracing non-public worth propagation to public outputs for debugging functions. Our plan is to use our strategy to Noir, and subsequently to different ZK DSLs like Leo. |
| Patrick Stiles |
Unbiased |
Metallic Backend for Icicle MSM |
Supporting Apple’s M sequence GPU in Icicle by making a Metallic Shader Language backend for Icicle MSM utilizing would expose gpu efficiency advantages to all builders within the zk ecosystem which have an Apple system with a M sequence chip. Builders with solely a Macbook would obtain comparable gpu efficiency advantages while not having entry to Nvidia GPU units. These efficiency advantages would even have a excessive influence on tasks whose information is airgapped or can not go away the host system reminiscent of shopper facet proving functions. |
| Gaylord Warner |
ZK Hack |
ZK Whiteboard Classes Season 2 |
ZK Whiteboard Classes is a sequence of academic movies centered on the constructing blocks of ZK. It takes the type of a mini course, adopted by video interviews with high zk-practitioners, studying collectively and sharing their data on a whiteboard. Season 1 was launched in 2022, produced by ZK Hack in collaboration with Polygon. It consists of 19 movies and featured audio system reminiscent of Dan Boneh from Stanford College, Justin Drake, Mary Maller, Barry Whitehat from Ethereum Basis, and plenty of extra. The hosts have been Brendan Farmer from Polygon Zero and Bobbin Threadbare from Polygon Miden. ZK Whiteboard Classes Season 2 will cowl extra of the constructing blocks of ZK, offering up-to-date foundational data for researchers and builders new to ZK with 8 new modules, produced by ZK Hack as soon as once more. |
| Wenhao Wang |
Yale University |
Cirrus: Performant and Sturdy Distributed SNARK Era through Computation Delegation |
We suggest to design and develop Cirrus, a brand new protocol for performant and strong distributed SNARK proof era exploiting the thought of computation delegation. The functions are ubiquitous, together with ZK-Rollups, zkVMs, and any ZK functions involving massive circuits. Whereas current distributed SNARK proof era schemes enhance effectivity and scalability by distributing the work- load throughout a number of machines, they’ve non-optimal prover time, communication prices, proof dimension, and verifier time. They’re additionally not attack-proof when malicious nodes exist within the distributed SNARK era course of. Our protocol will obtain vital enchancment, with linear prover time, fixed communication value per prover, and robustness to malicious provers, addressing the present bottleneck in current programs. |
| Sergio Chouhy |
Eryx & Manas |
Plonky2 backend for ACIR |
We are going to broaden the Arithmetic Circuit Intermediate Illustration (ACIR) ecosystem by constructing an open-source Arithmetic Circuit Digital Machine (ACVM) backend for the Plonky2 prover. This may allow customers of ACIR-compatible DSLs to leverage Plonky2 benefits; and it’ll enable Plonky2 circuit builders to take pleasure in DSLs abstraction & tooling (eg: Noir debugger). We envision that in improvement, beneficial insights concerning ACIR suitability as a widespread commonplace – and even potential enhancements to it – will come up. |
| Paul Yu |
Unbiased |
Lookups comparability desk (pace, reminiscence, preprocessing): univariate + multilinear |
We intention to develop a complete comparability desk that focuses on the efficiency (together with pace, reminiscence utilization, and preprocessing necessities) of assorted lookup arguments like pylookup, Caulk, Baloo, CQ, Lasso, and LogUP+GKR. This desk will examine each univariate and multilinear polynomial commitment-based lookup arguments. The venture’s major goal is to benchmark these lookup arguments to help builders in selecting probably the most appropriate options for manufacturing environments. This entails implementing the lookup arguments talked about, making a benchmark desk, and writing an in depth weblog submit highlighting the important thing distinctions and efficiency metrics of those lookup arguments. The outcomes of this venture are vital for the Ethereum ecosystem. It can improve decision-making for Layer 2 options by offering detailed comparisons of lookup arguments, facilitate the interpretation of theoretical protocols into production-level code, and function an academic useful resource for brand new researchers. The venture staff contains Harry Liu, Yu-Ming Hsu, Jing-Jie Wang, and Paul Yu, every contributing vital hours per thirty days to the venture. The venture can be carried out in phases, with the methodology together with the implementation of lookup arguments utilizing Python, optimization of those arguments based on the unique papers, and benchmarking their pace and reminiscence utilization. The staff will publish a desk and diagram to match these metrics precisely throughout constant {hardware} settings. Polynomial dedication schemes can be carried out as described within the authentic papers or primarily based on academic assumptions in instances the place the unique analysis lacks detailed protocol specs. |
| Igor Gulamov |
ZeroPool |
Minimal totally recursive zkDA rollup with sharded storage |
Present rollups publish blocks of their entirety on Layer 1, which is pricey, limits scalability, and prevents true recursion. Publishing a rollup’s blocks on one other rollup shouldn’t be working, as a result of anyway, the info will float as much as Layer 1. We suggest a novel rollup structure that makes use of zero-knowledge proofs for information availability, sharded storage, and execution. All proofs are mixed right into a single succinct proof, enabling environment friendly verification and unlocking infinite recursion – rollups will be deployed on high of different rollups with out limitations. This breakthrough design paves the way in which for remodeling Web2 into Web3 and reaching the scalability endgame. Regardless of benefits in safety and scalability, zk rollups presently lag behind optimistic rollups in adoption resulting from historic causes. This strategy shouldn’t be accessible to optimistic rollups, as they can’t generate succinct common proofs. Our strategy permits ZK rollups to overhaul their rivals. |
| Artem Grigor |
Unbiased |
ZK-ML-IOS Integration |
This venture goals to reinforce the present iOS toolkit for Zero-Data Proofs (ZKP) deevelopment. Particularly, the venture goals so as to add help to the mopro library for an quite common proving system – Halo2. Moreover, the venture will use the achieved integration to port the state-of-the-art Zero-Data Machine Studying (ZKML) library, EZKL, to iOS units. These each integrations would profit a wider group and unlock extra subtle ZKML functions straight on cellular units, thereby increasing the probabilities for information privateness and safe computing on edge units. |
| Chao Ma |
Snarkify |
Sirius |
This venture introduces CycleFold to Sirius the open-source Plonkish Folding Framework for Incrementally Verifiable Computation (IVC). CycleFold is a brand new strategy to instantiate folding-scheme-based recursive arguments over a cycle of elliptic curves printed in August 2023. CycleFold has the potential to reinforce folding efficiency by round 3x by way of minimizing the duty of the secondary circuit and decreasing the variety of BigInt operations. Specifically, Sirius beforehand defines its major and secondary IVC circuits symmetrically; with CycleFold, the first circuit bears the principle performance, whereas the ECC operations are delegated to the secondary circuit. |
| Hanze Guo |
DLT Science Foundation |
Benchmarking ZK-circuits Throughout A number of SNARKs/STARKs Improvement Frameworks |
ZKPs, represented by ZK Layer 2 in fashionable cryptography functions, supply a wealthy technical stack, particularly with SNARK and STARKs. Nonetheless, as a result of steady emergence of recent instruments and libraries for improvement, together with the inherent range and complexity, proposing an intuitive and complete benchmark framework for testing and evaluating numerous strategies’ execs and cons stays a problem. Regardless of present analysis masking complete benchmarks of multi-layered ZKP environments, together with arithmetic, elliptic curve, and circuit ranges, there are nonetheless deficiencies in two dimensions: (1) Inclusion of the most recent and most complete ZKP improvement frameworks (2) Wealthy, reusable, commonplace testing circuits. Due to this fact, we intention to: (1) comprehensively gather and manage the event instruments utilized in fashionable ZK Layer 2 tasks (2) modularly compile and combine widespread algorithms within the cryptography area, together with numerous hash features, digital signatures, and so on., to assemble testing circuits in numerous improvement environments (3) primarily based on the aforementioned unit testing circuits, comprehensively consider fashionable ZKP improvement instruments throughout completely different parameters reminiscent of curves, {hardware}, and so on., together with runtime, proof dimension, RAM (4) construct built-in testing circuits to additional estimate related metrics of advanced programs and the estimated value consumption for deployment on particular blockchain networks. |
| Yu Guo |
SECBIT Labs. and The Hong Kong Polytechnic University |
Comparability of Multilinear Polynomial Dedication Schemes |
A polynomial dedication scheme is a robust cryptographic instrument that allows a prover to commit a polynomial to a succinct worth, and later permits a verifier to substantiate claimed evaluations of the dedicated polynomial. Multilinear polynomial dedication schemes are crucial in lots of functions reminiscent of SNARKs (succinct non-interactive argument of information) and lookup arguments. There have been quite a few constructions of multilinear polynomial commitments that exhibit glorious efficiency in numerous features. Nonetheless, there’s a lack of benchmark comparisons for these strategies. On this venture, we intention to supply a complete comparability of various multilinear polynomial dedication schemes, together with their effectivity, safety assumptions, the price of supporting zero-knowledge prosperity, batching efficiency, and so on. Our findings can supply clear steerage for builders in choosing the suitable multilinear polynomial dedication for various situations. |
| Mirror Tang |
Salus |
A Safety framework for zkSNARKs improvement and audit |
This venture goals to develop a complete zkSNARKs safety framework for the Ethereum group, culminating in a analysis paper. It focuses on analyzing zk safety vulnerabilities, reminiscent of Layer 2 scaling and blockchain compression, with the aim of making an open-source vulnerability database. The framework will present builders with theoretical help and sensible steerage, together with circuit implementation, protocol design, and cryptographic primitives. Outcomes embody the event of an open-source safety framework, dissemination of technical paperwork and tutorials, and enhancements to the safety infrastructure and functions of zkSNARK expertise, in the end contributing to the robustness and safety requirements of the Ethereum ecosystem. |
