Can you create a ciphertext that can be decrypted if the polynomial inside a polynomial commitment has a particular evaluation? Yes and it turns out to not be that complicated… Today we will look at the construction from our recent Asiacrypt 2024 paper, which enables just that for standard KZG commitments. So come along and let’s dive into the world of Witness Encryption for KZG commitments. Introduction to Witness Encryption (WE) In public key encryption schemes, there are two types of keys: a public key and a secret key.

zkSecurity is helping zkHack kick off a new season of zkHack whiteboard sessions! In this module, Nicolas Mohnblatt and David Wong from zkSecurity dig into the term “Zero Knowledge” and discuss what this property actually is, when it is being used (or not) and what characteristics some systems need in order to be considered truly ZK. They then highlight the different types of ZK — perfect, statistical, and computational –, discuss the distinction between dishonest and honest verifiers, and the preference for adaptive models over non-adaptive ones.

Proof is in the Pudding is a IRL series of whiteboard sessions hosted by Archetype and zkSecurity. For Session 01, David from zkSecurity started at the ground floor with arithmetization. Arithmetization involves the process of converting logical statements into algebraic form, which are then used to create arithmetic circuits, a key building block in the construction of a ZK proof. Watch it on Archetype’s channel! Note that this is an unedited recording of the session.

Last weekend I took part in creating some challenges for a CTF event during the MOCA italian hacker camp. One of the tasks I authored was a cryptography challenge called “2+2=5” featuring the Jolt zkVM: it involved crafting a proof for an invalid execution of a RISC-V program exploiting a modified version of the Jolt library. This post will go over the challenge statement and solution, if you want to try and tackle the challenge by yourself you can download the original attachments here!

It was our pleasure to take part in the judging of the latest zkHack competition. An annual hackathon spanning a weekend (in Montreal this time) that brings together developers, researchers, and enthusiasts to explore the latest in zero-knowledge proofs and privacy-enhancing technologies. The results of the competition and a write up of the event can be found here. The projects that came out of this edition showcased the versatility and potential of ZK proofs in enhancing privacy in various applications, as well as solving real-world problems, exploring insanely creative new use cases like ZK breathalyzers, ZK & GPS and many more!

Last February, we published a paper on systemizing vulnerabilities in Zero-Knowledge Proof (ZKP) implementations with collaborators from TUM, Imperial College London, Scroll, EF, and MatterLabs. Building on the dataset we released alongside the paper, we have been working to create a comprehensive GitHub repository where we reproduce known ZK circuit vulnerabilities. Reproducing these vulnerabilities serves several important purposes: Understanding Attack Vectors: Replicating vulnerabilities allows researchers and developers to gain deep insights into how specific attacks are executed.

We are thrilled to unveil the upcoming release of noname 2.0 preview; a major leap forward in the noname language! This release will introduce powerful enhancements that enable developers to write more sophisticated ZK circuits. The notable enhancements include: Generic-Sized Arrays: Unlock greater flexibility and effectiveness in your circuit code by enabling functions to handle arrays of varying sizes. Folding Schemes via Sonobe Integration: Seamlessly create your circuits for IVC (incremental verifiable computation).

Aleo is a blockchain platform that utilizes zero-knowledge cryptography to enable private and scalable decentralized applications. Central to Aleo is Leo, a high-level programming language tailored for developing private applications. Leo allows developers to focus on creating applications with strong privacy without needing to consider the intricacies of zero-knowledge proofs. Understanding and utilizing the unique features of Leo is essential for developers aiming to build robust and secure solutions. This article provides a brief introduction to Leo, with a focus on its security features and practical tips for developers.

We have been working with StarkWare on building the EVM adapter, and are pleased to announce that we have recently successfully verified Cairo proofs on the Ethereum mainnet! We are furthering the work of Andrew Milson and Aditya Bisht who have reached this milestone before us, and we believe that this is a big step forward towards making StarkWare’s technology more accessible to the open-source community. In this post, we’d like to share some background into how Cairo programs are verified on Ethereum, and perhaps motivate some of our readers to try out our code.

We just released a paper on the security of Byzantine Fault Tolerant (BFT) consensus protocols in collaboration with Matter Labs and Sigma Zero. The paper is a collection of lessons learned from analyzing the real-world security of various BFT consensus protocol implementations. You can find the paper on eprint. Here is the abstract: This paper presents a collection of lessons learned from analyzing the real-world security of various Byzantine Fault Tolerant (BFT) consensus protocol implementations.