In this third whiteboard session in partnership with Archetype, we explain how a recent paper on Fiat-Shamir security and the GKR protocol works.
zkSecurity offers auditing, research, and development services for cryptographic systems including zero-knowledge proofs, MPCs, FHE, and consensus protocols.
Learn more →In this post, we dive deep into the Inner Product Argument (IPA), the mathematical core of Bulletproofs. Starting from simple vector folding, we build up to a full zero-knowledge proof with Pedersen commitments, explore how the mysterious `L` and `R` terms appear, and finish with smart verifier optimizations. All illustrated with clear, runnable SageMath code.
Learn how Bulletproofs enables efficient zero-knowledge proofs without trusted setups by computing inner products in a verifiable way. This post breaks down the core folding technique that reduces large vectors to single elements through recursive compression, making proofs both compact and fast to verify. Used in Monero, Mina's Kimchi, and Zcash's Halo 2, Bulletproofs is a practical alternative to pairing-based schemes.
In Session 07 of "Proof is in the Pudding," we explore the other dark forest—the realm of offchain public keys. We dive into zkLogin, ZK Email, and ZKPassport, examining how these protocols handle authentication and privacy. We also discuss the issue of unlinkability in privacy protocols and why replacing traditional signature verifications with zero-knowledge proofs could unlock more interesting and powerful ZK products.
We audited Reclaim protocol's ChaCha20 circuits, diving deep into bit-level operations for a secure and efficient design. After a few iterations, we switched from a word-based to a bit-focused circuit approach, achieving a 10% enhancement in performance and size. We used Circom for implementation, with a focus on Groth16 system constraints. Our findings led Reclaim to revamp their strategy, honing in on bitwise logic for an effective flow without costly re-encodings. Curious about the technical journey and the final audit insights? We’ve got the details covered!
We recently had the pleasure of auditing Renegade's circuits and smart contracts, and it was a great experience. Over three weeks, our team explored their top-notch code and documentation, with the Renegade team providing awesome support throughout. Curious how it all went? Dive into our full report for the inside scoop!
We recently teamed up with Celo for an in-depth security audit of the Self project, exploring its innovative approach to on-chain identity using biometric passports and zero-knowledge proofs. During our three-week dive, we examined everything from cryptographic primitives to smart contract architecture and a unique proof delegation system using AWS Nitro Enclaves. The Celo team impressed us with their commitment and responsiveness, and we collaborated on refining the system with strategic improvements. Curious about the nitty-gritty details and our insights? Check out the full report!
Dive into our exploration of Circomscribe, a nifty tool designed to illuminate the mysterious process of how your Circom code gets translated into constraints. We share insights from our experience with Circom circuit audits, highlighting common pitfalls developers face when their high-level intentions meet low-level reality. By showcasing how Circomscribe can help visualize this transition, we aim to empower developers to craft more bug-free, secure ZK applications. If you're keen on understanding the inner workings of Circom and enhancing your coding prowess, this post is your guide.
In an exciting collaboration with ZPrize, we embarked on a journey to discover the fastest proofs for ECDSA signatures, ultimately crowning two standout approaches as winners. The blog post delves into the innovative solutions that captured the $500,000 prize by pushing the boundaries of zero-knowledge proofs. The story offers a fascinating glimpse into how these cutting-edge techniques might pave the way for privacy-focused applications. Curious to know which teams came out on top and how they did it? Dive in to explore the thrilling results and what's next in the ZK space!
We're excited to introduce zkBitcoin, a new tool that lets you create zero-knowledge applications on Bitcoin using a minimal layer 2 protocol. This innovation opens up a world of complex, privacy-focused apps by enhancing Bitcoin's scripting capabilities. We're currently on testnet, so you can jump in and explore the possibilities. Check out our whitepaper or watch some videos for a deeper dive. It's an exciting time for Bitcoin development, and we can't wait to see what you'll build!