Community Guidelines

Welcome to Ingopedia!

This is a community-driven effort to compile a comprehensive collection of resources and information related to Zero Knowledge Proofs. Our goal is to provide a one-stop-shop for anyone interested in learning about ZKPs, from beginners to experts.

We invite the community to help us keep Ingopedia up-to-date and relevant. If you have any suggestions or contributions, please feel free to submit them through the appropriate channels. We believe that the power of the community lies in collaboration and sharing knowledge, so we encourage everyone to get involved.

To keep this book organized, we ask that you use the designated sections for your contributions. If you have a new resource to share, please add it to the appropriate section. If you are unsure where to add your contribution, feel free to reach out to the moderators for guidance.

Thank you for being a part of our ZKP community and helping us build a valuable resource for all.

Note: The branch master contains the src files for the ingopedia mdbook. Each page from the deployment page has a editable button that allows one to edit the markdown file of the specific page.

The old Ingopedia is still available in the branch main, we are planning to continue in the mdbook format. Suggestions are welcome.

Zero Knowledge Proofs

Curated Resources

Our curated resources consist of carefully selected, links, linktrees and other almanacs like “Ingopedia”. These resources are aimed at helping users access high-quality information in a quick and efficient manner.

Video Lecture Series

Our Video lecture series on ZK proofs offers in-depth and engaging presentations that cover the fundamentals and advanced topics of zero-knowledge proofs. These lectures are designed to educate and inform a wide range of audiences, and will contain series of videos on ZKP’s various concepts.

Articles

• ZK Introductory
• ZKSNARKS
• STARKS
• Applications

Our articles on ZK proofs are comprehensive and educational pieces that delve into the intricacies of zero-knowledge proofs. They consist of blogs, articles, PDFs, and notes. These articles aim to provide a clear understanding of this cutting-edge technology, its used-case applications, its vulnerabilities and its significance.

Hands on ZK

Our hands-on approach to learning ZK proofs provides interactive and practical training experiences that allow participants to build their skills and knowledge in an engaging way. These hands-on workshops, tutorials, and projects are designed to help learners apply their understanding of ZK proofs in real-world situations, making them an invaluable resource for anyone looking to further their expertise in this field.

Protocols

Our collection of mathematical papers, protocols, and code on ZK proofs is a comprehensive resource for researchers, developers, and students in the field of cryptography. These materials provide a deep understanding of the theories, implementations, and practical applications of zero-knowledge proofs, serving as a valuable reference for anyone interested in this cutting-edge technology.

Mathematics

The resources on the mathematics behind ZK proofs delve into the complex theories and mathematical concepts that underpin this innovative technology. These resources are intended for those with a strong background in mathematics, or those looking to deepen their understanding of the mathematical foundations of zero-knowledge proofs and their applications.

Curated Resources

Our curated resources consist of carefully selected, links, linktrees and other almanacs like “Ingopedia”. These resources are aimed at helping users access high-quality information in a quick and efficient manner.

What you will find here: Links, Linktrees, Almanacs

References

A collection of links and Almanacs breaking down ZKPs and related topics.

• zkProof Standards - Resource
• ZK Mesh - resource
• Zero Knowledge Fm
• Curated list of ZKP implementations
• Awesome - Matter labs - ZK proofs
• Awesome - Mikerah - Privacy on Blockchains
• Awesome - Worldcoin - ZK Machine Learning
• Resource: Awesome_Plonk
• Awesome: Halo2
• ZK research 0x
• ZK canon
  • DAO canon
  • NFT canon
  • Crypto Canon
• Moonmath manual
• ZKP knowledge base: Delendum
• ZKP beginner resources
• Proofs Arguments and Zero Knowledge - Justin Thaler
  • Discord group
• Awesome ZKEVM

Libraries

A collection of libraries where you can create a ZKP.

• Rust Cryptographic libraries
• Arkworks
• Lambdaworks by Lambdaclass
• Gnark: in Golang
• Circom: creating zk circuits
  • Circom tutorials by 0xparc
• Halo 2 - library
  • Latest development in Halo2
  • Guide to Halo2 source code
  • ZK MOOC halo2 circuit building
    • Building and testing with halo2 workshop
  • Anatomy of proof generation by Scroll (KZG) version
  • Halo2 workshop by 0xparc
  • lookup args in Halo2
  • circuit development in halo2
  • Icemelon circuit development tutorial
• Zokrates
• Crrl: Cryptography research library - Thomas Pornin
• Bellman (not updated)
• libsnark in C++
• Snarky frontend

Lecture Series

Our Video lecture series on ZK proofs offers in-depth and engaging presentations that cover the fundamentals and advanced topics of zero-knowledge proofs. These lectures are designed to educate and inform a wide range of audiences, and will contain series of videos on ZKP’s various concepts.

What you will find here: Video playlists of Podcasts, Lectures, and University/Professional Classes

ZK courses

University and proffesional level courses on ZK.

• ZKMOOC - 2023
• ZK BIU school - 2019
• Cryptography 2018 MIT
• Modern ZK cryptography 0xparc

Discussions/Seminars

Podcasts and lecture playlists on various ZKP related topics.

• ZK whiteboard Sessions
• ZK hack
• ZK summit
• Zk study club
• ZK privacy in cosmos
• ZK podcast
• ZK Sessions
• RISC0 architecture
• RISC0 Study club
• Modular arithmetic visually
• PLONK by David Wong
• Ingonyama: Moon math club
• a16z summer seminars
• ZK Hack: Thaler study group
• ZKP workshop 2022

Advanced Courses/Topics

Advanced University and proffesional level courses on ZK.

• Meta complexity bootcamp - Simons Institute
• Foundations of probabilistic proofs - Chiesa
• Probabilistically checkable and interactive proofs - Chisea
• Algebraic error correcting codes - Stanford
• ZKP composition and recursion - Wong
• Introduction to Elliptic curves
• BIU winter school Bilinear pairings in cryptography
• BIU winter school: Advances in MPC
• Foundations of Block chains - Tim Roughgarden
• BLockchain and money MIT 2018
• DEFI MOOC

Articles

Our articles on ZK proofs are comprehensive and educational pieces that delve into the intricacies of zero-knowledge proofs. They consist of blogs, articles, PDFs, and notes. These articles aim to provide a clear understanding of this cutting-edge technology, its used-case applications, its vulnerabilities and its significance.

What you will find here: Blogs, Articles, PDFs, Notes

ZK Introductory

ZKSNARKS

STARKS

Applications

ZK Introductory

Understanding ZK from beginner to advanced on a surface level.

Beginner

• Amit Sahai explaining ZK to people of all ages - video
• Nico’s ZK Jargon Decoder)
• KU Lueven: Intro to ZK part 1
• Interactive_proofs and Zk
• The incredible Machine - Aviv Zohar

Intermediate

• An introduction to how zk snarks are possible - Vitalik
• Zk blog

Advanced

• An incomplete guide to zk: why zk matters
• Why and how Zero knowledge works
• The math behind ZkSNARK - video
• De-mystifying Zk proofs -workshop
• An evolution of ZKP - Sarah Meiklejohn
• Zk_primer_1 M.Green
• Zk_primer_2 M.Green
• Zero Knowledge: A tutorial by Oded Goldreich
• Cryptographic Protocls: lectures
• Using zkSnarks for privacy: Vitalik
• STARK vs SNARK
• SNARK vs STARK vs Bulletproofs
• ZKp from Information theoretic Proof systems 1 - Yuval Ishai
• ZKP from Information theoretic Proof systems 2 - Yuval Ishai
• ZKP - Modular approach -Yuval Ishai

Ingonyama Blogs

Check out blogs, papers, pieces, and videos published by the Ingonyama Team

Fast Danksharding using ICICLE

• Medium Link
• Fast-Danksharding Implementation

Introducing ICICLE: An Open-Source GPU Library for Zero Knowledge Acceleration

• Medium Link
• ICICLE - GPU Library

A Brief History of Lookup Arguments

• Medium Link
• Paper

How Zero-Knowledge Proofs Will Change Gaming Forever

• Medium Link

Intro to ECNTT from Starkware Sessions 2023

• Medium Link

Deep Dive into the Sumcheck Protocol with Justin Thaler

• YouTube Link

Multi-Precision Fast Modular Multiplication

• Medium Link
• Paper

Hardware-friendliness of HyperPlonk

• Medium Link

Zero Knowledge Proofs and the Metaverse

• Medium Link

The Z Games: Pushing ZK Provers to the Extreme

• Medium Link

Goldilocks NTT Trick

• Medium Link
• Paper

Down the Rabbit Hole: Optimizing AWS F1 Direct Memory Access (DMA)

• Medium Link

Sparkworks - Native Hardware Acceleration in Arkworks

• Medium Link

NTT Mini: Exploring Winograd’s Heuristic for Faster NTT

• Medium Link
• Paper: https://github.com/ingonyama-zk/papers/blob/main/Winograd_fft.pdf

Marlin & Me: A Deep Dive into the Heart of the Marlin ZK Protocol

• Medium Link
• Paper

Bridging the Multichain Universe with Zero Knowledge Proofs

• Medium Link

Systemization of Knowledge: ZK-Friendly Hash Functions

• Medium Link
• Paper

HackerNoon: Using Cloud-ZK for Developing ZKP Acceleration in the Cloud

• HackerNoon Link

Cloud-ZK: A Toolkit for Developing ZKP Acceleration in the Cloud

• Medium Link
• Repository Link

HackerNoon: Lowering the Barrier of Entry to Zero Knowledge Proofs

• HackerNoon Link

A Mathematical Theory of Danksharding

• Medium Link
• Paper

PipeMSM: Hardware Acceleration for Multi-Scalar Multiplication

• Medium Link and Paper

Fast Modular Multiplication

• Medium Link
• Paper

Ingopedia: A Repo for all things ZK

• Medium Links

Poseidon-Hash Repository

• Medium Link

Polygon’s zkEVM Fun Facts

• Medium Link

Introducing Ingonyama

• Medium Link

ZKSNARKS

A collection of resources explainig ZKSnarks.

Trusted Setup

• Introduction -Vitalik
• Aztec Ceremony
• Trusted setup - Tau
• Setup ceremonies
• Zk snark setup phase

Vitalik Snark tutorial

• Snarks 1: QAP from zero to hero
• Snarks 2: Elliptic curve pairings
• Snarks 3: Zk snarks

Recursive Snarks

• Recursive SNARKs - Stanford lecs
• Recursive SNARK -zkProof
• Recursive SNARK - overview - Michael Straka
• Fast Recursive arguments based on Plonk and Halo
• Field selection for recursive SNARKS
• ZKsnark aggregation - Delendum

STARKS

A collection of resources explaining Starks.

Introductory

• Stark from home series
• STARK glossary
• Stark Thread - Eli Ben Sasson

Papers

• STARK paper
• DEEP - FRI
• Proximity Gaps for Reed-Solomon Codes

Stark tutorials

• Vitalik
  • Starks 1 proofs with polynomials
  • Starks 2
  • Starks 3
• Stark math series
  • Journey Begins
  • Arithmetization I
  • Arithmetization II
  • Low Degree Testing
  • A framework for efficient STARKS
  • Stark recursion
    • Recursive STARK -Avihu Levy
• Stark 101 - hands on
• Stark Anatomy series
  • Anatomy of a STARK
  • Part2: BrainSTARK
    • Code: Brainfuck
• Applications
  • EthSTARK
    • code
    • documentation

Applications

A compilation of materials that showcase various applications of zk technology.

General

• A cambrian explosion of crypto proofs -Ben Sasson
• What’s next in ZK

ZK Rollups EVMs/VMs

• General
  • What is a ZK EVM
  • Ethworks: Blockchain scaling
  • Ethereum-powered ZK-Rollups: World Beaters
  • Ethereum - Scalability
  • Decentralizing zk rollups
  • Zk rollups an incomplete guide
  • Decentralized zk-Rollup
  • Zk rollups popular
  • Ethereum: Zk rollups
  • How ZK rollups work: Simon Brown
• EVM/VMs
  • Aztec protocol
  • Scroll EVM
  • Taiko EVM
  • zkSync
  • Polygon zkEVM
  • Miden VM
    • Range Checks in Miden VM
    • Miden VM program decoder
    • Memory in MidenVM
    • u32 in MidenVM
  • RISC0 ZK VM
    • RISC0 proof system
  • OlaVM
  • zkWasm
  • Loopring

ZK bridges

• Vulnerabilities in ZK bridges
• Primer on Cross chain bridges and how to break them: Niv Yehezkel
• Block chain bridges: Introduction
• Introduction to validating bridges and L2 protocols - Patrick McCory
• zkEVMOS - Bridges and Interoperability
• Bridging the blockchain multiverse with ZKP
• Cross chain Futur - Delendum
• Navigating privacy on Blockchains - Wei Dai
• Having a safe CEX: proof of solvency and beyond

ZKML

• An Introduction to ZKML
• zkMNIST
• awesome-zkml

ZK Gaming

• Dark Forest - the zk SNARK game
• Cairo Games Vol2: Solns
• Blockchain games and game mechanics
• Crypto gaming - A practical thesis
• The strongest Crypto gaming thesis
• ZKP for gaming: Mina

Ecosystem with ZK applications

• Filecoin
  • Filecoin primer
  • Economics
  • specs
  • Proof system
    • Filecoin snark audit
    • Proof of space
    • Proof of Replication: Depth Robust Graphs
      • SDR blog
  • mining task overview
    • task definitions
    • PoRep circuit blog
    • Precommit 2

Vulnerabilities

Potential vulnerabilities in ZK systems

• ZK bug tracker by0xparc
  • bug tracker intro
• Vulnerabilities in zk systems
• Vulnerability in Fiat-Shamir
• Frozen heart vulnerability: Bulletproof
• Frozen heart vulnerability: Plonk
• Hertzbleed attack: sidechannel
  • paper
• Stress testing Zk systems: Zk docs
• Specialized ZKP vulnerabilities
• security of zkp projects: same but different

Hands-On ZK/Cryptography

Our hands-on approach to learning ZK proofs provides interactive and practical training experiences that allow participants to build their skills and knowledge in an engaging way. These hands-on workshops, tutorials, and projects are designed to help learners apply their understanding of ZK proofs in real-world situations, making them an invaluable resource for anyone looking to further their expertise in this field.

What you will find here: Code-to-Learn Applications

General

• A beginners intro to coding Zero knowledge Proofs
• zero knowledge with Bellman
• Cryptohack - hands on cryptography
• Hands on ZK - ZK learning group
• Intro to zk: do it yourself circuits
• Zk Sudoku - Python
• Arnacube implementations
• DAPP fron scratch - Vivian Plasencia
• Zordle - Zk wordle
• Mental Poker: Part 1
• Mental poker: Part 2
• 0xparc learning groups - covering cricom and halo2
• Plonkathon 0xparc
• Constructing ZK SNARK circuits - DSL Zk calculator
• Social Applied ZK projects on Ethereum
• Uncloak courses
• Proofs args and zk study group implementations
• Cryptopals challenges
• Starkware101
• Verifiable AES
  • code: lambdaclass
• Merkle patricia tree: lambdaclass
• Haskell: Introduction
• Practical Cryptography for Devs: Nakov

Challenges and hackathons

• Berkeley RDI ZKP-Web3 hackathon
• Zk hack puzzles

Rust learning resources for ZK/cryptography

• The Rust book
  • rust book with interactive quizzes
  • The Rust book course
• Comprehensive rust by google
• Print and keep nearby - cheats.rs
• Tutorials
• Idiomatic Rust - For beauty over brawn
• Uncloak Study group
• Awesome rust cryptographic libraries
• Awesome rust – general
• Rust Algorithms
• Rustlings
• Rust learning
• Rust crash course

Benchmarking tools

• Zk system benchmarking
  • code
• Benchmarking with Rust
• Flamegraphs
  • code
  • code:flamegraphs from hierarchical data
• Criterion
  • Criterion introduction
• The benchmark game

Protocols

Our collection of mathematical papers, protocols, and code on ZK proofs is a comprehensive resource for researchers, developers, and students in the field of cryptography. These materials provide a deep understanding of the theories, implementations, and practical applications of zero-knowledge proofs, serving as a valuable reference for anyone interested in this cutting-edge technology.

What you will find here: Protocols, Papers, Code

• Pinocchio - 2013
• TinyRAM - 2013
• vnTinyRAM - 2014
  • Code: Mike Hearn
• Geppetto - 2015
• Buffet - 2015
• Groth -2016
  • Code: ConSensys - gnark,Code: Arkworks
  • Groth16 Malleability - Geometry research
  • Proof of forgery
  • Groth16 aggregation proposal
  • Groth - Talk
  • Deep into bellman library - Star Li
• Ligero - 2017
• ZoKrates - 2018, Code: ZoKrates
  • Proving hash preimage with Zokrates - Decentriq
  • Efficient ECC in Zokrates- Decentriq
• xjSNARK - 2018
• vRAM - 2018
• Bulletproof - 2018
  • ZKP using Bullet proofs - Lovesh Harchandani
  • Code: Dalek
  • Code: Lovesh
  • Notes
• Hyrax - 2018
• zk-STARK -2018
  • Code: Winterfell -multi threaded zk STARK, Crate: Winterfell
  • CAIRO
  • MiniSTARK
• Sonic - 2019
  • Sonic - Benthams Gaze
• Plonk - 2019
  • Plonk high level summary
  • Talk: Ariel Gabizon
  • Talk: Zac Williamson
  • Understanding Plonk - Vitalik
  • From AIRs to RAPs - how PLONK-style arithmetization works
  • On optimizations of Plonk
  • Custom gates on plonk -Do whatever
  • Plonk Cafe
  • Plonk: Anatomy of a proof generation: Scroll
  • code: Heliaxdev, code: Kobigurkan ,code: ZKgarage, code: Dusknetwork,code: Jellyfish includes plookup ,Resource: Awesome_Plonk
  • Resource: Plonk by hand -1 Metastate
    • Resource: Plonk by hand -2 Metastate
    • Resource: Plonk by hand -3 Metastate
    • Resource: Plonk and Plookup Metastate
  • Turboplonk
  • Custom gates in plonk
  • Plonk: Thomas Piellard
  • ZKP intro to Plonk - Star Li
  • Multi set checks in Plonk and Plookup: Gabizon
  • Plonk - Kimchi: Mina Protocol
    • Kimchi -Redshift - 2019
  • Redhsift Summary
• Spartan - 2019
  • code: Microsoft
• Halo - 2019
  • Halo - Thomas Piellard
• Aurora - 2019
  • Thesis Spooner
• MIRAGE - 2020
• Marlin - 2020
  • Code: Sciprlab-Arkworks
  • Doc: Pre lunar and not updated to Aleo/testnet3
  • Thesis
  • Eurocrypt 2020: Talk video
  • ZK summit - Talk: Pratyush
  • Sin7y tech review: blog
  • Marlin and Me
• Fractal -2020
  • Fractal - talk
  • code: Sciprlabs-Libiop
  • Resource: Demystifying Fractal 1 -Metastate
  • Resource:Demystifying Fractal 2 - Metastate
• Lunar - 2020 - Optimizations for Marlin.
  • ZK study club video
• SuperSonic - 2020
  • Resource: Demystifying supersonic 1 -Metastate
  • Resource: Demystifying supersonic 2- Metastate
• Virgo - 2020, code
• Plookup -2020
  • Marlin + Plookup (High-Level Summary)
  • code: Jellyfish
  • Plookup in action -Talk
  • Plonk and Plookup - Metastate
  • Plonk and Plookup - Khovratovich
  • Mina Protocol
  • AES with lookup : Daira Hopwood
  • Lookup tables - Ariel Gabizon
• Zilch - 2021
  • code
• Darlin - 2021
  • code
• Plonkup -2021
• SnarkPack -2021 Practical snark aggregation
  • Blog: efficient aggregation
  • SNark aggregation: general
• FFlonk -2021 a FFT friendly Plonk
• Brakedown - 2021
• Nova - 2021,
  • code
  • Srinath Setty - Talk
  • Srinath Setty - Video
  • Nova - Entropy
  • IACR talk slides
  • IVC:Nova lambdaclass
• Plonky2 - 2022
  • code
  • documentation
  • Plonky: code
  • Plonky: Fast recursive arguments based on Plonk and Halo
  • Plonky: Adding zero Knowledge to Plonk and Halo
• Gemini - 2022, Arkworks
  • talk
• Caulk - 2022
  • Code
  • Caulk+
• Orion -2022
  • Code
  • IACR -talk
• Hyperplonk - 2022
  • code: Espresso systems
  • Hyperplonk - benedikt Bunz
  • Blog- Delendum
  • Hardware friendliness of MLE-Sumcheck
  • Hardware-optimizations for SumCheck-Binyi Chen
• flookup: Fractional decomposition-based lookups in quasi-linear time independent of table size -2022
• Baloo: Nearly Optimal Lookup Arguments - 2022
• CQ: Cached coefficients for fast lookups 2022
  • code: Geometry
• Supernova 2022
  • code: Jules
  • Champagne supernova: lambdaclass
• Sangria: a folding scheme for plonk
  • blog

Mathematics

The resources on the mathematics behind ZK proofs delve into the complex theories and mathematical concepts that underpin this innovative technology. These resources are intended for those with a strong background in mathematics, or those looking to deepen their understanding of the mathematical foundations of zero-knowledge proofs and their applications.

What will you find here: Atoms and building blocks of a ZKP

Finite Fields

Polynomials

Elliptic curves

FFT

MSM

Finite fields

• Number theory explained from first principles
• An introduction to the theory of finite fields
• MIT lectures -FInite Field arithmetic
• Finite field arithmetic Doche Lange
• Aztec emulated field and group operations
• Extension fields: Entropy

Modular arithmetic

• A Fast Large-Integer Extended GCD Algorithm and Hardware Design for Verifiable Delay Functions and Modular Inversion
• Optimized Binary GCD for Modular Inversion
• Library of Algorithms
• Modular Multiplication and Hardware implementations - Review
• Evaluation of large integer multiplications in hardware - Review
• Hardware friendly modular mult
• Montgomery REDC using positive inverse mod r
• Low latency multipliers and cryptographic puzzles

Related Math

• The Matrix cookbook
• Ideal Class Groups

Polynomials

• Finite fields and polynomials
• Schwarz - Zippel Lemma
• Curious History of Schwarz-Zippel lemma

Cryptographic primitives

Elliptic curves

General

• ECC cryptobook
• Cures over finite fields - Lectures
• Elliptic curves Chapter 4 Washington
• Elliptic Curves: MIT lectures
• Corbellini - ECC
• ECC primer
• Silverman - ECC talk
• Faster Point Multiplication on Elliptic Curves with Efficient Endomorphisms
• Solinas - Efficient Arithmetic on Koblitz Curves
• Koblitz curve cryptosystems
• Elliptic Curve Cryptosystems (Koblitz Curves)
• Algorithm to Find Elliptic curves with a subgroup of a given size
• Elliptic curves number theory and cryptography
• Elliptic curve Arithmetic Curve addition - Doche-Lange
• Elliptic Curve Arithmetic Exponentiation -Doche Lange
• Elliptic curves of characteristic 2 or 3 - John Cook
• Addition/Doubling formulae
• Visualize Elliptic curves
• j invariant of a curve
• subgroup checks in BLS12
• Complete addition formulae : Bernstein - Lange
• Complete addition formulae for prime order curves
  • FPGA implementation of complete formulae with Montgomery multiplier
• Survey of Elliptic curves for Proof systems
• Edwards curves
• Twisted Edwards curves
• Subgroup checks for BLS12
• Cofactor explained: Elliptic curves dirty little secret

Pairings

• Pairings for beginners - Craig Costello
• Pairings - Vitalik Buterin
• Pairing friendly curves
• Estimating the Bit Security of Pairing-Friendly Curves - NCCgroup
• Pairing implementation revisited
• Groth_Sahai proofs are not scary
• Bilinear pairings in cryptography - Dennis Meffert
• Pairings and poly commitments - David Wong
• Circom pairing
  • Code
• Pairings or bilinear maps

Specific curves

• BLS12-381 For The Rest Of Us
• BN254 for the rest of us
• Benchmarking pairing-friendly elliptic curves libraries
• ecgfp5 - Pornin: Goldilocks
  • ed448 blog John Cook
• A deep dive into ed25519
• Pasta curves -Electric coin
• Developers guide to constructing application specific curves

Hash functions

• ZK hashes- General
  • ZKP friendly hash functions: SOK
  • Whats the deal with hashes: zk hack
  • Sponge functions: paper
  • S box properties
  • Merkling
    • What is a merkle tree
    • Merkle trees
    • Sparse Merkle trees
    • Merkle Commitment scheme
    • Merkle trees and proof of inclusion
    • why you should not sort your Merkle Leaves
  • Fiat Shamir
    • Merlin: Fiat-Shamir magic generator
    • How to Fiat Shamir
    • Serving up ZKP
    • Frozen Heart vulnerability
      • in Girault proof of knowledge
      • in Bulletproofs
      • in Plonk
• Hashes
  • Keccak: Sponge and Duplex constructions
  • SHA256
    • NIST doc
    • Halo2 16 bit lookup implementation
  • Poseidon
    • POSEIDON: A New Hash Function for Zero-Knowledge Proof Systems
    • some documentation
    • Encryption With Poseidon: Dima Khovratovich
    • SAFE A tool box for Poseidon API
      • SAFE: Faster and simple hashing with ZKP
    • Encoding of long objects in Poseidon - Dmitry Khovratovich
    • Talk Grassi
    • Plonky2: Poseidon gate
    • Penumbra: Poseidon Decaf377
    • Poseidon Implementations
      • code: filecoin
        • Poseidon in Filecoin - Dmitry Khovratovich
      • code: Ingonyama (python)
      • code: snarkVM Aleo Poseidon
      • code: Dusk network
      • code: Dust netowrk - Poseidon merkle
      • code: Triplewz - GO
  • Rescue
    • Rescue-Prime: a Standard Specification (SoK)
    • Observations on Rescue
    • Poseidon vs Rescye
  • MIMC
    • MiMc
    • Mimc7 in Plonk - Custom gates
    • Mimc Roy slides
  • Reinforced concrete
    • Reinforced concrete
    • implementation
    • Plonkup reinforced concrete zkstudyclub
    • Dusk network
    • Code: Luke Pearson
  • Sinsemilla
    • Sinsemilla: A circuit-efficient, lookup-based collision-resistant hash function
    • halo book
    • ZCash protocol specification
  • BLAKE
    • Blake
    • code
  • Tip5
    • Tip5
    • code
• Hash to Curve
  • Hash to Curve
  • Hash to secp256k1 curve
  • Optimized BLS signatures on EVM
• Hash Bounties
  • Algebraic Hash bounties

Verifiable Delay functions

General

• All about Verifiable Delay Functions (VDF’s) - VDFresearch

Arithmetization

• General
  • Arithmetic Circuits: A survey
  • How to transform code into an arithmetic circuit?
  • Complexity Zoo
  • Arithmetization schemes for snarks
• R1CS constraint system
  • Daira Hopwood - Efficient R1CS circuits: Video
  • Quadratic Arithmetic programs R1CS 0 to H - Vitalik Buterin
  • Aleo - Basics of R1CS Zero Knowledge Proofs: How Cryptographers can prove anything
  • Alex Pinto - Constraint system for snarks
  • Alex Pinto - How to build QAP
  • Alex Pinto - Vanishing polynomial for QAP
  • QAP from zero to hero: Vitalik
  • R1CS workshop - Mir
• Plonkish arithmetization Refer to Plonk
• AIR Arithmetization
  • AIR to RAPs - Gabizon
  • AIR-Multivariate Sumcheck - W.Borgeaud
  • AIR assembly Bobbin Threadbare

Commitment Schemes

• General
  • Overview of commitment schemes: Justin Drakes
  • Comparison of Commitment Schemes
• KZG
  • KZG commitments
  • KZG - Suyash
  • Polynomial commitments - Dankrad Feist
    • How to use KZG in proofs
    • Fast KZG proofs
    • Amortized KZG - Feist Khovratovich
    • Multiplying a vector by a Toeplitz matrix
    • PCS multiproofs - Feist
    • New sharding design with tight beacon and shard block integration - Dankrad Feist
    • Protodanksharding - FAQ Vitalik
  • Universal verification equation for data availability sampling
  • KZG friendly curves: El Housseini
  • KZG in practice: Scroll
• Vector Commitments
  • Verkle Trie - Dankrad Feist
  • Aggregatable vector sub commitments
  • Catalano-Fiore VC
• Inner product Arguments (IPA)
  • Inner product arguments - Dankrad Feist

Secure Multi Party Computation

(needs sorting)

General

• An Introduction to Secret-Sharing-Based Secure Multiparty Computation - Daniel Escudero
• Yau;s garbled circuits: MPC
• A gentle introduction to YAU’s Garbled circuits
• Setup ceremonies - Pruden & Matlala
• Collaborative zk-Snarks
• a Multi-Prover Zero-Knowledge Proof System
• Trinocchio: Privacy-Preserving Outsourcing by Distributed Verifiable Computation
• Zero-Knowledge Proofs on Secret-Shared Data via Fully Linear PCPs
• Prio: Private, Robust, and Scalable Computation of Aggregate Statistics
• ATLAS (Goyal, CMU) Efficient and Scalable MPC in the Honest Majority Setting

Proving Methods

(To add papers: Work in progress)

Sumcheck Protocol

• Unreasonable power of sumcheck - Thaler
  • Justin Thaler Lecture
  • Intro to Sumcheck protocol -oxsage
  • Inuition behind sumcheck - Wong
• Sumcheck argument and applications

Low degree Testing/FRI

• STARK paper
• DEEP - FRI
• Proximity Gaps for Reed-Solomon Codes
• FRI hackernoon
• FRI properties
• FRI erasure code fraud proof
• Barycentric low deg check - Dankrad Feist
• Low Degree Testing

Lookup arguments

• A brief history of lookup arguments

Aggregations and recursions

• Snarkpack: practical snark aggregation
  • blog
  • talk

Computational Primitives

Hardware acceleration

Need for hardware acceleration or not?

• Measuring Snark performance frontends-backends and future - Thaler
• SNark security and peformance - Thaler
• Decentralized Speed: Advances in Zero Knowledge Proofs
• Hardware Acceleration for Zero Knowledge Proofs
• Secure computing and hardware acceleration

Competitions

• Zprize submissions summary - entropy
  • hackmd version

General HW resources and guides

• PipeZK
• Algorithms for modern Hardware
• learning CUDA from scratch - entropy

Benchmarks of ZKP primitives

• Pantheon of ZKP frameworks - Celer Network
• ZK Harness
• ZK Benchmarking -Delendum
• ZKalc

Discrete Fourier Transforms

Algorithms and methods

• FFT - Vitalik
• Reed-Solomon code: Vitalik
• FFT Notes
• The Fast Fourier Transform in a Finite Field - Pollard
• Number Theoretic Transform (NTT): Introduction
• NTT with code
• Efficient primes for NTT - Goldilocks
  • Goldilocks in nuFHE
  • Goldilocks NTT trick - Solberg
• Elliptic Curve Fast Fourier Transform (ECFFT) Part I: Fast Polynomial Algorithms over all Finite Fields: Eli Ben-Sasson et.al
  • Talk -zk study club
  • ECFFT algorithm
  • Rust Implementation -Wboregaud
  • Rust ECFFT BN254- Wboregeaud
• ECFFT-2 Ben-Sasson et.al
• FFT - Ferror Moreno thesis
• Zcash FFT
• FFT for polynomial multiplication
• A quick barycentric evaluation tutorial - Vitalik
• Barycentric interpolation - Math Oxford

Implementations

• Thesis: BUNTTERFLY: A Flexible Hardware Generator for the Number Theoretic Transform - Jason Vranek
• CycloneNTT
• NTL: a library for NTT
• Zprize 2022

Multi scalar multiplications

Algorithms and methods

• Fast Multi-scalar Multiplication Methods on Elliptic Curves with Precomputation Strategy Using Montgomery Trick
• Faster batch forgery identification See section 4 for MSM, bucket method
• Pippenger’s exponentiation algorithm - Bernstein
• Efficient multi-exponentiation
  • implementation in Python
• Multi-scalar multiplication: state of the art & new ideas with Gus Gutoski
• Improved Fast exponentiations - Bodo Moller
• Fast exponentiation with precomputation - Brickell Gordon et al
• Matter labs -ALgorithms
• Ryah Henry - Thesis
• Efficient Multi exponentiation: Bucket method - Bootle

Implementations

• pipezk
• MSM with FPGA -Connor Masterson thesis
• PipeMSM
• EdMSM
• CycloneMSM
• Cuzk
• Zprize MSM implementations

Homomorphic Encryption

General

• Survey on FHE and applications
• Encrypted search using FHE
• Exploring FHE: Vitalik
• ML and FHE

TFHE deep dive: ZAMA AI - Ilaria Chilloti

• Part 1: Ciphertext types
• Part 2: Encoding and linear ops
• part 3: key switching and levelled multiplications
• Part 4: programmable bootstrapping

HE Libraries/implementations

• Awesome FHE library list
• Microsoft SEAL
• TenSEAL - Openmined
• PySyft - Openmined
• Tfhe - torus
• Google - FHE
• IBM - FHE
• PALISADE
• Zama AI - Concrete - Rust
• Paillier - Julia
• Cupcake - Facebook Research

Accelerating FHE

• FPT: a Fixed-Point Accelerator for Torus Fully Homomorphic Encryption