ZK Grants Round Announcement

Amit KumarNew York UniversityProof Carrying Data from folding GKR with protostarCurrent Interactive Verifiable Computation (IVC) schemes look challenges with the Witness-Multi-Scalar Multiplication (Witness-MSM) barrier, limiting efficiency. We suggest leveraging the Goldwasser-Kalai-Rothblum (GKR) accumulation strategy to importantly trim the witnesser size, overcoming these limitations. Utilizing the Protostar compiler, we volition fold the GKR protocol, enhancing computational efficiency. Furthermore, we purpose to widen IVC into a Proof Carrying Data framework, facilitating parallel folding successful a histrion operation to streamline verification processes and amended scalability.Pratyush MishraUniversity of Pennsylvania and Stanford UniversityZippel: A connection and compiler for gathering impervious systemsWe suggest Zippel, a caller connection and compiler for gathering close and businesslike succinct impervious systems. Zippel allows the developer to explicit the protocol successful a high-level connection that is adjacent to its mathematical description, and past automatically manages low-level details similar parallelism, representation management, usage of customized hardware, etc. Zippel's compiler besides has almighty and accelerated static analyses that tin assistance developers drawback protocol soundness and zero-knowledge bugs. Our anticipation is that Zippel volition marque it easier for developers to instrumentality and experimentation with caller impervious systems without sacrificing performance.Julian SutherlandNethermindLean Extraction of Circuit Constraints from Halo2The Halo2 room is simply a wide utilized ZK infrastructure room that provides a means to make prover/verifier pairs successful a high-level domain circumstantial connection embedded successful Rust. To formally verify circuits successful this language, and frankincense guarantee the highest level of security, we are aiming to make a ceremonial verification harness to seamlessly extract the constraints from a Halo2 circuit and crushed astir them successful the Lean 4 impervious assistant. We already person important advancement towards and privation to widen it to enactment the afloat gamut of Halo2 features.Jordan CoppardIndependentZK BenchmarksPerformance benchmarking (prover time, verifier time, impervious gross size) for antithetic types of proving systems arsenic good arsenic the prover/verifier implementations of those proving systems implicit assorted machine architectures (x86_64, ARM). To make an understandable (i.e. not conscionable a dump of trial data) and accessible repository of benchmarks surrounding the ZK ecosystem specified that developers, task managers, and the wide nationalist tin marque informed decisions regarding their requirements, oregon simply larn much astir the existent scenery (e.g. show going up/down, caller proving systems etc).Stanislav MarycevzkFoldZKFold Symbolic: a Zero-Knowledge Smart Contract LanguagezkFold Symbolic is the programming connection for penning zero-knowledge astute contracts. It is simply a high-level functional language, a subset of Haskell. Smart contracts written successful zkFold Symbolic are compiled straight into arithmetic circuits that tin beryllium utilized by assorted zero-knowledge protocols. Being a high-level language, it dramatically reduces the obstruction to introduction arsenic the developers bash not request to beryllium experts successful ZK cryptography. Providing astute declaration developers with a due instrumentality to pat into the powerfulness of zero-knowledge protocols enables them to make zk-apps and astute contracts that are connected different level successful presumption of ratio and idiosyncratic experience. Moreover, with much developers adopting this approach, we are reducing the on-chain information and computation footprint, efficaciously scaling Ethereum and EVM chains.Jordan CoppardIndependentZK TreesitterAgnostic treesitter grammars for large zero-knowledge circuits languages Noir (Aztec) and Cairo (Starkware) which are maintained implicit time. To amended developer tooling arsenic good arsenic supply broader entree to tools specified that developers tin prime what is champion for them. - Editor-agnostic treesitter grammars for Noir and Cairo. - Maintenance of these grammars arsenic said languages germinate implicit time. - Complete and casual to recognize documentation specified that anyone tin lend to these grammars erstwhile they are released; oregon usage them arsenic well-structured bases for different treesitter grammars.Sergey KaunovIndependentWasm PLUMEThis task aims to marque the secure/cryptographic PLUME strategy implementation much accessible successful environments extracurricular of the Rust ecosystem. The superior nonsubjective is to summation the adoption of the strategy by minimizing the divergence of the Wasm merchandise from the default people and providing a downstream-friendly API. The project's palmy adoption volition pb to enhanced privacy, simplified individuality management, anonymous moderation, impervious of solvency, versatile applications, and encouragement of idiosyncratic adoption successful the Ethereum ecosystem.Lako NemaIndependentOnboard users to verifiable KYCWe privation to bring developers to ZK by showcasing however the accustomed tools interplay. ZK enthusiasts privation to reply 2 questions earlier gathering an app: what occupation tin we lick with it? and however to physique specified an app? Our task aims astatine answering some questions by creating an open-source end-to-end app connected verifiable KYC. We deliberation that backstage KYC is simply a request for a wide adoption of blockchains. And we privation to amusement however ZK tin bring this. We privation to physique a elemental yet almighty boilerplate for verifiable KYC, based connected Noir language. We program to physique an end-to-end app, with proving, verifying on-chain and connected the lawsuit side. We privation to let immoderate caller developer to motorboat the app with 1 command. We’ll telephone it a occurrence if the task is forked and edited by developers consenting to larn much astir ZK. We program to constitute blog posts and onboarding guides to widen the vulnerability of the project.Albert GarretaNethermindLatticeFold implementation and folding schemes for FRI-based SNARKsThis assistance connection aims to make and instrumentality a Proof of Concept (PoC) for the LatticeFold folding strategy [BC24], benchmarking it against existing schemes similar HyperNova. Additionally, we purpose to probe methodologies to make a "STARK-friendly" folding strategy based connected LatticeFold. This would let to usage folding techniques successful the discourse of FRI-based SNARKs (e.g., ethSTARK, Plonky2/3, Risc Zero, Boojum, etc.) Prof. Dan Boneh and Prof. Binyi Chen, authors of the LatticeFold paper, person agreed to assistance our squad for the project's duration.Albert GarretaNethermindSNARKs for non-prime arithmeticsThis assistance connection seeks to make a SNARK tailored for proving statements implicit rings of the signifier Z/nZ, for Z the ringing of integers and n an arbitrary integer. This deviates from the accustomed mounting wherever statements are expressed implicit a premier tract F_p=Z/pZ for p a prime. We purpose to absorption connected the cases wherever n is simply a powerfulness of 2 oregon a merchandise of 2 ample primes. This would alteration to natively beryllium statements involving computations specified as: RSA-based cryptography operations, CPU operations, floating constituent arithmetic (required for, e.g., instrumentality learning), non-algebraic hash functions, etc. Here, by “natively,” we mean that each of these computations is arithmetized overZ/nZ, for n an due integer, alternatively than implicit a finite field. It is known that the second “non-native” arithmetization tin make overheads of an bid of magnitude successful the circuit/R1CS/AIR size.Stefanos ChaliasosIndependentReproducible ZK Vulnerabilities to Improve Ecosystem’s SecurityZero-knowledge proofs (ZKPs), peculiarly SNARKs (Succinct Non-Interactive Argument of Knowledge), person transitioned from theoretical constructs to practical, real-world applications, offering privateness and verifiability. However, the complexity of designing and implementing ZKP applications introduces a myriad of vulnerabilities. Recent analyses person shed airy connected the unsocial challenges and vulnerabilities astatine some the circuit level and integration level wrong the SNARK stack, posing important threats to ZK systems. Despite advancements successful automated information defenses, their effectiveness remains mostly untested connected extensive, real-world datasets. Moreover, the scarcity of reproducible examples lessens practitioners’ and researchers' quality to recognize and mitigate ZK vulnerabilities effectively. This task aims to widen our erstwhile enactment connected ZK information by processing a broad dataset and model featuring reproducible ZK exploits. This assets volition service arsenic some an acquisition instrumentality for newcomers and a elaborate survey basal for experts. Additionally, we volition measure the effectiveness of existing information tools against this dataset to pinpoint areas needing improvement, yet aiding successful the improvement of much robust detection tools.Stefanos ChaliasosIndependentDetecting Private Information Leakage successful Zero-Knowledge ApplicationsPractical Zero-Knowledge proofs became imaginable owed to the advancement of privacy-preserving projects specified arsenic Zcash. Notably, successful the past fewer years, astir SNARK-enabled projects person focused connected verifiable computation, with zk-rollups being a notable application. Historically, crafting ZKP applications has been a challenging task, necessitating expertise successful libsnark and low-level programming. The emergence of much accessible DSLs similar Circom and arkworks, portion mitigating immoderate complexity, inactive leaves country for captious bugs, specified arsenic under-constrained vulnerabilities [3]. Recent advancements successful ZK programming languages, specified arsenic Noir and Leo, purpose to simplify ZK exertion improvement and trim imaginable vulnerabilities, attracting a broader developer basal perchance unfamiliar with cryptographic fundamentals. A prevalent contented successful these high-level languages, which is besides communal successful lower-level languages, is the leakage of backstage adaptable information. For instance, specified a leakage happens erstwhile a ZK programme publically outputs the sum (z ) of a backstage and a nationalist adaptable (x and y, respectively). Knowing the nationalist input x and the nationalist output z enables the deduction of the worth of the backstage adaptable y. Conversely, hashing the sum of x and y into a nationalist adaptable z does not leak the worth of the backstage adaptable y, assuming the hash function's security. This task proposes the plan and implementation of a static investigation attack enhanced with taint tracking, input generation, and SMT solving to place and validate instances of backstage adaptable accusation leakage. Our attack generates (1) warnings for imaginable leaks, (2) errors for confirmed leaks, and (3) ocular graphs tracing backstage worth propagation to nationalist outputs for debugging purposes. Our program is to use our attack to Noir, and subsequently to different ZK DSLs similar Leo.Patrick StilesIndependentMetal Backend for Icicle MSMSupporting Apple's M bid GPU successful Icicle by creating a Metal Shader Language backend for Icicle MSM utilizing would exposure gpu show benefits to each developers successful the zk ecosystem that person an Apple instrumentality with a M bid chip. Developers with lone a Macbook would person akin gpu show benefits without needing entree to Nvidia GPU devices. These show benefits would besides person a precocious interaction connected projects whose information is airgapped oregon cannot permission the big instrumentality specified arsenic lawsuit broadside proving applications.Gaylord WarnerZK HackZK Whiteboard Sessions Season 2ZK Whiteboard Sessions is simply a bid of acquisition videos focused connected the gathering blocks of ZK. It takes the signifier of a mini course, followed by video interviews with apical zk-practitioners, learning unneurotic and sharing their cognition connected a whiteboard. Season 1 was released successful 2022, produced by ZK Hack successful collaboration with Polygon. It consists of 19 videos and featured speakers specified arsenic Dan Boneh from Stanford University, Justin Drake, Mary Maller, Barry Whitehat from Ethereum Foundation, and galore more. The hosts were Brendan Farmer from Polygon Zero and Bobbin Threadbare from Polygon Miden. ZK Whiteboard Sessions Season 2 volition screen much of the gathering blocks of ZK, providing up-to-date foundational cognition for researchers and builders caller to ZK with 8 caller modules, produced by ZK Hack erstwhile again.Wenhao WangYale UniversityCirrus: Performant and Robust Distributed SNARK Generation via Computation DelegationWe suggest to plan and make Cirrus, a caller protocol for performant and robust distributed SNARK impervious procreation exploiting the thought of computation delegation. The applications are ubiquitous, including ZK-Rollups, zkVMs, and immoderate ZK applications involving ample circuits. While existing distributed SNARK impervious procreation schemes amended ratio and scalability by distributing the work- load crossed aggregate machines, they person non-optimal prover time, connection costs, impervious size, and verifier time. They are besides not attack-proof erstwhile malicious nodes beryllium successful the distributed SNARK procreation process. Our protocol volition execute important improvement, with linear prover time, changeless connection outgo per prover, and robustness to malicious provers, addressing the existent bottleneck successful existing systems.Sergio ChouhyEryx & ManasPlonky2 backend for ACIRWe volition grow the Arithmetic Circuit Intermediate Representation (ACIR) ecosystem by gathering an open-source Arithmetic Circuit Virtual Machine (ACVM) backend for the Plonky2 prover. This volition alteration users of ACIR-compatible DSLs to leverage Plonky2 advantages; and it volition let Plonky2 circuit builders to bask DSLs abstraction & tooling (eg: Noir debugger). We envision that during development, invaluable insights regarding ACIR suitability arsenic a wide modular - and adjacent imaginable improvements to it - volition arise.Paul YuIndependentLookups examination array (speed, memory, preprocessing): univariate + multilinearWe purpose to make a broad examination array that focuses connected the show (including speed, representation usage, and preprocessing requirements) of assorted lookup arguments similar pylookup, Caulk, Baloo, CQ, Lasso, and LogUP+GKR. This array volition comparison some univariate and multilinear polynomial commitment-based lookup arguments. The project's superior nonsubjective is to benchmark these lookup arguments to assistance developers successful choosing the astir suitable solutions for accumulation environments. This entails implementing the lookup arguments mentioned, creating a benchmark table, and penning a elaborate blog station highlighting the cardinal distinctions and show metrics of these lookup arguments. The outcomes of this task are important for the Ethereum ecosystem. It volition heighten decision-making for Layer 2 solutions by providing elaborate comparisons of lookup arguments, facilitate the translation of theoretical protocols into production-level code, and service arsenic an acquisition assets for caller researchers. The task squad comprises Harry Liu, Yu-Ming Hsu, Jing-Jie Wang, and Paul Yu, each contributing important hours per period to the project. The task volition beryllium conducted successful phases, with the methodology including the implementation of lookup arguments utilizing Python, optimization of these arguments according to the archetypal papers, and benchmarking their velocity and representation usage. The squad volition people a array and diagram to comparison these metrics accurately crossed accordant hardware settings. Polynomial committedness schemes volition beryllium implemented arsenic described successful the archetypal papers oregon based connected acquisition assumptions successful cases wherever the archetypal probe lacks elaborate protocol specifications.Igor GulamovZeroPoolMinimal afloat recursive zkDA rollup with sharded storageCurrent rollups people blocks successful their entirety connected Layer 1, which is expensive, limits scalability, and prevents existent recursion. Publishing a rollup's blocks connected different rollup is not working, due to the fact that anyway, the information volition interval up to Layer 1. We suggest a caller rollup architecture that uses zero-knowledge proofs for information availability, sharded storage, and execution. All proofs are combined into a azygous succinct proof, enabling businesslike verification and unlocking infinite recursion - rollups tin beryllium deployed connected apical of different rollups without limitations. This breakthrough plan paves the mode for transforming Web2 into Web3 and achieving the scalability endgame. Despite advantages successful information and scalability, zk rollups presently lag down optimistic rollups successful adoption owed to humanities reasons. This attack is not disposable to optimistic rollups, arsenic they cannot make succinct cosmopolitan proofs. Our attack allows ZK rollups to overtake their competitors.Artem GrigorIndependentZK-ML-IOS IntegrationThis task aims to heighten the existing iOS toolkit for Zero-Knowledge Proofs (ZKP) deevelopment. Specifically, the task aims to adhd enactment to the mopro room for an precise communal proving strategy - Halo2. Additionally, the task volition usage the achieved integration to larboard the state-of-the-art Zero-Knowledge Machine Learning (ZKML) library, EZKL, to iOS devices. These some integrations would payment a wider assemblage and unlock much blase ZKML applications straight connected mobile devices, thereby expanding the possibilities for information privateness and unafraid computing connected borderline devices.Chao MaSnarkifySiriusThis task introduces CycleFold to Sirius the open-source Plonkish Folding Framework for Incrementally Verifiable Computation (IVC). CycleFold is simply a caller attack to instantiate folding-scheme-based recursive arguments implicit a rhythm of elliptic curves published successful August 2023. CycleFold has the imaginable to heighten folding show by astir 3x done minimizing the work of the secondary circuit and reducing the fig of BigInt operations. In particular, Sirius antecedently defines its superior and secondary IVC circuits symmetrically; with CycleFold, the superior circuit bears the main functionality, portion the ECC operations are delegated to the secondary circuit.Hanze GuoDLT Science FoundationBenchmarking ZK-circuits Across Multiple SNARKs/STARKs Development FrameworksZKPs, represented by ZK Layer 2 successful modern cryptography applications, connection a affluent method stack, particularly with SNARK and STARKs. However, owed to the continuous emergence of caller tools and libraries for development, on with the inherent diverseness and complexity, proposing an intuitive and broad benchmark model for investigating and evaluating assorted methods' pros and cons remains a challenge. Despite existent probe covering broad benchmarks of multi-layered ZKP environments, including arithmetic, elliptic curve, and circuit levels, determination are inactive deficiencies successful 2 dimensions: (1) Inclusion of the latest and astir broad ZKP improvement frameworks (2) Rich, reusable, modular investigating circuits. Therefore, we purpose to: (1) comprehensively cod and signifier the improvement tools utilized successful fashionable ZK Layer 2 projects (2) modularly compile and integrate communal algorithms successful the cryptography domain, including assorted hash functions, integer signatures, etc., to conception investigating circuits successful antithetic improvement environments (3) based connected the aforementioned portion investigating circuits, comprehensively measure fashionable ZKP improvement tools crossed antithetic parameters specified arsenic curves, hardware, etc., including runtime, impervious size, RAM (4) physique integrated investigating circuits to further estimation applicable metrics of analyzable systems and the estimated outgo depletion for deployment connected circumstantial blockchain networks.Yu GuoSECBIT Labs. and The Hong Kong Polytechnic UniversityComparison of Multilinear Polynomial Commitment SchemesA polynomial committedness strategy is simply a almighty cryptographic instrumentality that enables a prover to perpetrate a polynomial to a succinct value, and aboriginal allows a verifier to corroborate claimed evaluations of the committed polynomial. Multilinear polynomial committedness schemes are captious successful galore applications specified arsenic SNARKs (succinct non-interactive statement of knowledge) and lookup arguments. There person been galore constructions of multilinear polynomial commitments that grounds fantabulous show successful assorted aspects. However, determination is simply a deficiency of benchmark comparisons for these methods. In this project, we purpose to supply a broad examination of antithetic multilinear polynomial committedness schemes, including their efficiency, information assumptions, the outgo of supporting zero-knowledge prosperity, batching performance, etc. Our findings tin connection wide guidance for developers successful selecting the due multilinear polynomial committedness for antithetic scenarios.Mirror TangSalusA Security model for zkSNARKs improvement and auditThis task aims to make a broad zkSNARKs information model for the Ethereum community, culminating successful a probe paper. It focuses connected analyzing zk information vulnerabilities, specified arsenic Layer 2 scaling and blockchain compression, with the extremity of creating an open-source vulnerability database. The model volition supply developers with theoretical enactment and applicable guidance, including circuit implementation, protocol design, and cryptographic primitives. Outcomes see the improvement of an open-source information framework, dissemination of method documents and tutorials, and enhancements to the information infrastructure and applications of zkSNARK technology, yet contributing to the robustness and information standards of the Ethereum ecosystem.