Community Guidelines

Welcome to Ingopedia!

This is a community-driven effort to compile a comprehensive collection of resources and information related to Zero Knowledge Proofs. Our goal is to provide a one-stop-shop for anyone interested in learning about ZKPs, from beginners to experts.

We invite the community to help us keep Ingopedia up-to-date and relevant. If you have any suggestions or contributions, please feel free to submit them through the appropriate channels. We believe that the power of the community lies in collaboration and sharing knowledge, so we encourage everyone to get involved.

To keep this book organized, we ask that you use the designated sections for your contributions. If you have a new resource to share, please add it to the appropriate section. If you are unsure where to add your contribution, feel free to reach out to the moderators for guidance.

Thank you for being a part of our ZKP community and helping us build a valuable resource for all.

Note: The branch master contains the src files for the ingopedia mdbook. Each page from the deployment page has a editable button that allows one to edit the markdown file of the specific page.

The old Ingopedia is still available in the branch main, we are planning to continue in the mdbook format. Suggestions are welcome.

Nerdy Lion

Glossary

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

A

ASIC (Application-Specific Integrated Circuit) - A specialized integrated circuit designed for a specific application or function, offering optimized performance and efficiency by implementing dedicated hardware tailored to that specific task.

Authentication - The process of verifying the identity of a user, device, or system to ensure that it is genuine and authorized to access certain resources or information.

Aurora - Aurora is a Zero Knowledge Proof system that combines zk-SNARKs and Bulletproofs to achieve compact proofs for general-purpose computations.

AuroraLight - AuroraLight is an improvement over Aurora that achieves faster prover times and smaller proof sizes while maintaining its generality and security properties.

B

Bulletproofs - Bulletproofs are a non-interactive Zero Knowledge Proof construction that enables efficient verification of range proofs and arithmetic circuits.

C

Cryptography - The practice and study of secure communication techniques, including encryption, decryption, and various cryptographic protocols.

Completeness - The property of a Zero Knowledge Proof protocol that guarantees an honest prover can convince a verifier of a correct statement.

Commitment Scheme - A cryptographic protocol that enables a party to commit to a value without revealing it and later prove the committed value’s consistency.

Computational Zero Knowledge - The lowest level of security among the three types of Zero Knowledge proofs, ensuring that an efficient computational algorithm cannot distinguish between valid and invalid proofs within a reasonable amount of time.

D

E

F

Fiat-Shamir Heuristic - A technique used to transform an interactive Zero Knowledge Proof into a non-interactive form by simulating the verifier’s challenges.

FPGA (Field-Programmable Gate Array) - A reconfigurable integrated circuit that can be programmed and reprogrammed to perform a wide range of tasks, offering flexibility and customization for various applications without requiring a fixed design.

Fractal - Fractal is a non-interactive Zero Knowledge Proof system that allows for scalable and efficient verification of statements in a distributed setting.

G

Groth16 - Groth16 is a non-interactive Zero Knowledge Proof system that utilizes elliptic curve pairings to achieve succinctness and efficient verification.

H

Homomorphic Encryption - A form of encryption that allows mathematical operations to be performed on encrypted data without decrypting it.

Hardware Acceleration - The use of specialized hardware components or instructions to perform computations more efficiently than software-based approaches.

Halo - Halo is a recursive proof composition technique that enables the construction of compact Zero Knowledge Proofs for general arithmetic circuits.

Hyrax - Hyrax is a Zero Knowledge Proof system that provides efficiency and succinctness for verifying arithmetic and boolean circuit satisfiability.

I

Interactive Proof - A Zero Knowledge Proof where the prover and verifier engage in multiple rounds of communication to establish the validity of the proof.

J

K

L

Ligero - Ligero is a Zero Knowledge Proof system designed specifically for blockchain applications, offering low computational and storage requirements for verification.

M

Marlin - Marlin is a Zero Knowledge Proof system that leverages recursive composition to construct large-scale Zero Knowledge Proofs with low proof sizes and verification times.

Merkle Tree - A tree data structure in cryptography that enables efficient verification of the integrity and membership of data elements.

Multi-party Computation (MPC) - A cryptographic protocol that enables multiple parties to jointly compute a function over their private inputs while preserving the privacy of those inputs, allowing them to collectively obtain the desired result without revealing individual data to each other.

N

Non-interactive Proof - A Zero Knowledge Proof where the prover generates a single proof without any interaction with the verifier.

NTT (Number Theoretic Transform) - A mathematical technique used for efficient polynomial multiplication and fast Fourier transforms in various applications such as signal processing, error correction codes, and cryptography.

O

P

Pairing-Based Cryptography - A cryptographic approach that leverages mathematical pairings to perform various operations and enable advanced cryptographic protocols.

Perfect Zero Knowledge - A level of security provided by a Zero Knowledge proof where the verifier gains no additional knowledge about the secret information being proved, except for the validity of the statement.

Plonk - Plonk (Permutation-based SNARK) is a Zero Knowledge Proof system that utilizes permutation arguments to achieve succinctness and efficiency.

Privacy - The state of being free from unauthorized intrusion, surveillance, or disclosure of personal or sensitive information.

Proof Of Knowledge - A cryptographic concept where a prover demonstrates possession of certain information or knowledge to a verifier without revealing the actual information.

Prover - The entity in a Zero Knowledge Proof protocol that possesses knowledge of a secret and aims to prove its knowledge to the verifier.

Pseudorandom Function - A pseudorandom function (PRF) is a deterministic function that takes an input and produces an output that appears random, even though it is generated by a deterministic algorithm, making it indistinguishable from a truly random function for practical purposes.

Q

QAP (Quadratic Arithmetic Programs) - QAP is a method to represent arithmetic circuits as quadratic polynomials, commonly used in Zero Knowledge Proof systems for efficient proof generation and verification.

R

R1CS (Rank-1 Constraint Systems) - R1CS is a mathematical framework used in Zero Knowledge Proof systems to represent computational problems as sets of constraints.

Redshift - Redshift is a Zero Knowledge Proof system designed for blockchain applications, offering scalability, efficiency, and post-quantum security.

Ring Signature - A cryptographic digital signature scheme that allows a user to sign a message on behalf of a group (or ring) of potential signers, while maintaining the privacy of the actual signer’s identity within the group.

S

Security - The protection of hardware, software, and data from unauthorized access, theft, damage, or disruption, aiming to maintain confidentiality and integrity.

Side-channel Attacks - Attacks that exploit unintended information leakage, such as timing, power consumption, or electromagnetic radiation, to infer secret information.

Statistical Zero Knowledge - A level of security offered by a Zero Knowledge proof where the verifier cannot distinguish between a valid proof and a false proof, except with an extremely low probability.

Sonic - Sonic (Scalable, Non-Interactive, and Compact) is a Zero Knowledge Proof system that offers scalability and efficiency for verifying large computations.

Soundness - The property of a Zero Knowledge Proof protocol that ensures an honest prover cannot convince a verifier of an incorrect statement.

Spartan - Spartan is a Zero Knowledge Proof system that achieves transparency, scalability, and post-quantum security without requiring a trusted setup.

Supersonic - Supersonic is a Zero Knowledge Proof system that provides high-performance and efficient verification of arithmetic circuits and boolean satisfiability.

T

Trusted Execution - The execution of a program or process in a secure and isolated environment, protecting it from tampering and unauthorized access.

Trusted Setup - The process of generating initial parameters for a Zero Knowledge Proof protocol, ensuring that they do not reveal any secret information.

U

V

Verifier - The entity in a Zero Knowledge Proof protocol that challenges the prover’s claim and verifies the validity of the proof without gaining knowledge of the secret.

W

Witness Indistinguishable Proof - A cryptographic proof that guarantees that given two valid proofs for the same statement, it is computationally infeasible for an adversary to distinguish which proof corresponds to the true witness.

X

Y

Z

Zero Knowledge Proof - A cryptographic protocol where a prover can demonstrate knowledge of a secret without revealing the secret itself, convincing the verifier of its validity.

Zero Knowledge Property - The property of a Zero Knowledge Proof protocol that assures the verifier learns no additional information about the secret beyond its validity.

Zk-rollups - zk-rollups, short for Zero-Knowledge Rollups, are Layer 2 scaling solutions for blockchain networks that utilize zero-knowledge proofs to aggregate and validate multiple transactions off-chain, improving scalability and reducing transaction fees while maintaining the security and trustlessness of the underlying blockchain.

zk-STARKs - Zero-Knowledge Scalable Transparent Arguments of Knowledge (zk-STARKs) are Zero Knowledge Proofs that achieve transparency and scalability without a trusted setup.

zk-SNARKs - Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge (zk-SNARKs) are Zero Knowledge Proofs that provide succinctness and non-interactivity.

ZPU - A Zero Knowledge Processing Unit (ZPU) is an application-specific integrated circuit (ASIC) designed to accelerate zero-knowledge proof computations and enhance the efficiency of cryptographic protocols.

Zero Knowledge Proofs

Curated Resources

Our curated resources consist of carefully selected, links, linktrees and other almanacs like “Ingopedia”. These resources are aimed at helping users access high-quality information in a quick and efficient manner.

Video Lecture Series

Our Video lecture series on ZK proofs offers in-depth and engaging presentations that cover the fundamentals and advanced topics of zero-knowledge proofs. These lectures are designed to educate and inform a wide range of audiences, and will contain series of videos on ZKP’s various concepts.

Articles

Our articles on ZK proofs are comprehensive and educational pieces that delve into the intricacies of zero-knowledge proofs. They consist of blogs, articles, PDFs, and notes. These articles aim to provide a clear understanding of this cutting-edge technology, its used-case applications, its vulnerabilities and its significance.

Hands on ZK

Our hands-on approach to learning ZK proofs provides interactive and practical training experiences that allow participants to build their skills and knowledge in an engaging way. These hands-on workshops, tutorials, and projects are designed to help learners apply their understanding of ZK proofs in real-world situations, making them an invaluable resource for anyone looking to further their expertise in this field.

Protocols

Our collection of mathematical papers, protocols, and code on ZK proofs is a comprehensive resource for researchers, developers, and students in the field of cryptography. These materials provide a deep understanding of the theories, implementations, and practical applications of zero-knowledge proofs, serving as a valuable reference for anyone interested in this cutting-edge technology.

Mathematics

The resources on the mathematics behind ZK proofs delve into the complex theories and mathematical concepts that underpin this intive technology. These resources are intended for those with a strong background in mathematics, or those looking to deepen their understanding of the mathematical foundations of zero-knowledge proofs and their applications.

Curated Resources

Our curated resources consist of carefully selected, links, linktrees and other almanacs like “Ingopedia”. These resources are aimed at helping users access high-quality information in a quick and efficient manner.

What you will find here: Links, Linktrees, Almanacs

References

A collection of links and Almanacs breaking down ZKPs and related topics.

Libraries

A collection of libraries where you can create a ZKP.

Math/Crypto libraries

HW libraries

GPU for ZK

learn GPUs/FPGAs

FPGA for ZK

BLAZE
- Blaze developer walkthrough

Lecture Series

What you will find here: Video playlists of Podcasts, Lectures, and University/Professional Classes

ZK courses

University and professional level courses on ZK.

Discussions/Seminars

Podcasts and lecture playlists on various ZKP related topics.

Advanced Courses/Topics

Advanced University and professional level courses on ZK.

Articles

What you will find here: Blogs, Articles, PDFs, Notes

ZK Introductory

ZKSNARKS

STARKS

Applications

ZK Introductory

Understanding ZK from beginner to advanced on a surface level.

Beginner

Intermediate

Advanced

Ingonyama Blogs

Check out blogs, papers, pieces, and videos published by the Ingonyama Team

Sumcheck 201

Medium Link

Application of Graph Methods for Efficient Quotient Polynomial Evaluation in Halo2

Medium Link

Fast Danksharding using ICICLE

Introducing ICICLE: An Open-Source GPU Library for Zero Knowledge Acceleration

A Brief History of Lookup Arguments

How Zero-Knowledge Proofs Will Change Gaming Forever

Medium Link

Intro to ECNTT from Starkware Sessions 2023

Medium Link

Deep Dive into the Sumcheck Protocol with Justin Thaler

YouTube Link

Multi-Precision Fast Modular Multiplication

Hardware-friendliness of HyperPlonk

Medium Link

Zero Knowledge Proofs and the Metaverse

Medium Link

The Z Games: Pushing ZK Provers to the Extreme

Medium Link

Goldilocks NTT Trick

Down the Rabbit Hole: Optimizing AWS F1 Direct Memory Access (DMA)

Medium Link

Sparkworks - Native Hardware Acceleration in Arkworks

Medium Link

NTT Mini: Exploring Winograd’s Heuristic for Faster NTT

Marlin & Me: A Deep Dive into the Heart of the Marlin ZK Protocol

Bridging the Multichain Universe with Zero Knowledge Proofs

Medium Link

Systemization of Knowledge: ZK-Friendly Hash Functions

HackerNoon: Using Cloud-ZK for Developing ZKP Acceleration in the Cloud

HackerNoon Link

Cloud-ZK: A Toolkit for Developing ZKP Acceleration in the Cloud

HackerNoon: Lowering the Barrier of Entry to Zero Knowledge Proofs

HackerNoon Link

A Mathematical Theory of Danksharding

PipeMSM: Hardware Acceleration for Multi-Scalar Multiplication

Medium Link and Paper

Fast Modular Multiplication

Ingopedia: A Repo for all things ZK

Medium Links

Poseidon-Hash Repository

Medium Link

Polygon’s zkEVM Fun Facts

Medium Link

Introducing Ingonyama

Medium Link

ZKSNARKS

A collection of resources explaining ZKSnarks.

Trusted Setup

Vitalik Snark tutorial

Recursive Snarks

STARKS

A collection of resources explaining Starks.

Introductory

Stark Thread - Eli Ben Sasson

Papers

Stark tutorials

Vitalik
Stark math series
Stark 101 - hands on
STARK Recursion
- BReaking down recursive starks
- Stark recursion
  - Recursive STARK -Avihu Levy
Stark Anatomy series
- Anatomy of a STARK
- Part2: BrainSTARK
  - Code: Brainfuck
Applications
- EthSTARK
  - code
  - documentation
Stone Prover
- An overview

Stark security

STARK round by round soundness and security - Ben Sasson

Applications

A compilation of materials that showcase various applications of zk technology.

Zero Knowledges Applications

General

ZK Rollups EVMs/VMs

ZK bridges

Client side

ZKML

ZK Gaming

ZK ID

Ecosystem with ZK applications

Filecoin
Aleo

other applications

Security and Vulnerabilities

Potential vulnerabilities and security in ZK systems

Hands-On ZK/Cryptography

What you will find here: Code-to-Learn Applications

General

Challenges and hackathons

Rust learning resources for ZK/cryptography

GPU- CUDA learning resources

GPU-Puzzles

Benchmarking tools

Protocols — UNDER CONSTRUCTION

What you will find here: Protocols, Papers, Code Implementation, Resources

SNARK Protocols

Protocols	Paper	Implementation	Resources	Universal	Transparent
Pinocchio - 2013	→📝			❌	❌
TinyRAM - 2013	→📝			❌	❌
vnTinyRAM - 2014	→📝	Mike Hearn		✅	❌
Geppetto - 2015	→📝			❌	❌
Buffet - 2015	→📝			❌	❌
Groth -2016	→📝	ConsenSys-gnark[1] arkworks-rs[2]	Groth16 Malleability - Geometry[1] Proof of forgery[2] Groth16 aggregation proposal[3] Groth - Talk[4] Deep into bellman library - Star Li[5] Lookups for groth16?[6.1] ultragroth[6.2] An overview of the Groth 16 proof system[7]	❌	❌
Ligero - 2017	→📝			✅	✅
ZoKrates - 2018	→📝	ZoKrates	Proving hash preimage with Zokrates - Decentriq[1] Efficient ECC in Zokrates- Decentriq[2]
xjSNARK - 2018	→📝			❌	❌
Hyrax - 2018	→📝
Sonic - 2019	→📝		Benthams Gaze	✅	❌
Plonk - 2019	→📝	heliaxdev[1] kobigurk[2] ZK-Garage[3] dusk-network[4] Jellyfish (Includes Plookup)[5]	Plonk high level summary[1] Talk: Ariel Gabizon[2] Talk: Zac Williamson[3] Understanding Plonk - Vitalik[4] From AIRs to RAPs - how PLONK-style arithmetization works[5] Custom gates on plonk -Do whatever[7] Plonk Cafe[8] Plonk: Anatomy of a proof generation: Scroll[9] Resource: Plonk by hand -1 Metastate[10.1] Resource: Plonk by hand -2 Metastate[10.2] Resource: Plonk by hand -3 Metastate[10.3] Resource: Plonk and Plookup Metastate[10.4] Turboplonk[11] Custom gates in plonk[12] Plonk: Thomas Piellard[13] ZKP intro to Plonk - Star Li[14] Multi set checks in Plonk and Plookup: Gabizon[15] Plonk - Kimchi: Mina Protocol[16.1] Kimchi[16.2] Plonk not a monad tutorial[17]	✅	❌
Redshift - 2019	→📝	Redhsift Summary
Spartan - 2019	→📝	Microsoft
Halo - 2019	→📝			✅	✅
MIRAGE - 2020	→📝			✅	❌
Marlin - 2020	→📝	arkworks-rs	Doc: Pre lunar and not updated to Aleo/testnet3[1] Thesis[2] Eurocrypt 2020: Talk video [3] ZK summit - Talk: Pratyush[4] Sin7y tech review: blog[5] Marlin and Me[6]
Fractal -2020	→📝	scipr-lab/libiop	Fractal - talk[1] Demystifying Fractal 1 -Metastate[2.1] Demystifying Fractal 2 - Metastate[2.2]
Lunar - 2020	→📝		ZK study club video
SuperSonic - 2020	→📝		Demystifying supersonic 1 -Metastate[1.1] Demystifying supersonic 2- Metastate[1.2]	✅	✅
Darlin - 2021	→📝
Plonkup -2021	→📝	HorizenOfficial/ginger-lib
SnarkPack -2021	→📝	Efficient Aggregation
FFlonk -2021	→📝
Brakedown - 2021	→📝
Gemini - 2022	→📝	Elastic SNARKs for diverse environments
Hyperplonk - 2022	→📝	EspressoSystems	Hyperplonk - benedikt Bunz[1] Delendum[2] Hardware friendliness of MLE-Sumcheck[3] Hardware-optimizations for SumCheck-Binyi Chen[4]
Testudo: Groth+Spartan - 2023	→📝	cryptonetlab
Jolt - 2023	→📝		Introducing Lasso and Jolt[1] Boosting Lasso-Jolt[2] A Technical FAQ[3]

STARK Protocols

Protocols	Paper	Implementation	Resources	Universal	Transparent
zkSTARK -2018	→📝	Winterfell[1] Ministark[2] Cairo[3]	Guide for Ministark	✅	✅
Aurora - 2019	→📝	Thesis Spooner		✅	✅
Zilch - 2021	→📝	TrustworthyComputing		✅	✅
Plonky - 2021	→📝	mir-protocol	Plonky: Fast recursive arguments based on Plonk and Halo[1] Plonky: Adding zero Knowledge to Plonk and Halo[2]
Plonky2 - 2021	→📝	mir-protocol
Orion -2022	→📝	sunblaze-ucb	IACR -talk

Lookup Protocols

Protocols	Paper	Implementation	Resources
Plookup -2020	→📝	Jellyfish	Plookup in action -Talk[1] Plonk and Plookup - Metastate[2] Plonk and Plookup - Khovratovich[3] Mina Protocol[4]](https://o1-labs.github.io/proof-systems/introduction.html) AES with lookup : Daira Hopwood[5] Lookup tables - Ariel Gabizon[6]
Caulk - 2022	→📝	caulk-crypto[1] Caulk+[2]
Flookup - 2022	→📝
Baloo - 2022	→📝
CQ - 2022	→📝	Geometry
CqLin - 2023	→📝
Lasso - 2023	→📝		Introducing Lasso and Jolt[1] Boosting LassoJolt [2] A Technical FAQ on LassoJolt [3] Efficient multilinear PCS in Lasso and Jolt [4]

Folding Scheme Protocols

Protocols	Paper	Implementation	Resources
Nova - 2021	→📝	microsoft	Srinath Setty - Talk[1] Srinath Setty - Video[2] IACR talk slides[3] IVC:Nova lambdaclass[4] Nova - zkstudy club talk[5] zkstudy club video[6]
Supernova - 2022	→📝	jules	Champagne supernova: lambdaclass
Hypernova - 2023	→📝		CCS: Customizable constraint systems for succinct arguments
Sangria - 2023	→📝		Blog
Protostar - 2023	→📝		Deep dive into Protostar paper & protocol - Binyi Chen
Protogalaxy - 2023	→📝		Notes on ProtoGalaxy
CycleFold - 2023	→📝
BaseFold	→📝
Proofs for deep thought - 2024	→📝
Latticefold	→📝		talk - Binyi Chen
Accumulation without homomorphism	→📝

Other Protocols

Protocols	Paper	Implementation	Resources	Universal	Transparent
vRAM - 2018	→📝			✅	❌
Bulletproof - 2018	→📝	Dalek[1] Lovesh[2]	ZKP using Bullet proofs - Lovesh Harchandani[1] Notes[2]	✅	✅
Virgo - 2020	→📝	sunblaze-ucb		✅	✅
Sigma Protocols	→📝	sigmastate	Sigma Protocols for the Working Programmer

Mathematics

The resources on the mathematics behind ZK proofs delve into the complex theories and mathematical concepts that underpin this innovative technology. These resources are intended for those with a strong background in mathematics, or those looking to deepen their understanding of the mathematical foundations of zero-knowledge proofs and their applications.

What will you find here: Atoms and building blocks of a ZKP

Finite fields

Modular arithmetic

Polynomials

Cryptographic primitives

Elliptic curves

Hash functions

How to choose our zk friendly hash
ZK hashes- General
Hashes
- Keccak: Sponge and Duplex constructions
- SHA256
  - Halo2 16 bit lookup implementation
- Poseidon
- Rescue
- MIMC
- Reinforced concrete
- Sinsemilla
  - Sinsemilla: A circuit-efficient, lookup-based collision-resistant hash function
  - ZCash protocol specification
- BLAKE
  - Blake
  - code
- Tip5
  - Tip5
  - code
Hash to Curve
Hash Bounties
- Algebraic Hash bounties

Verifiable Delay functions

General

All about Verifiable Delay Functions (VDF’s) - VDFresearch

Arithmetization

General
R1CS constraint system
Plonkish arithmetization Refer to Plonk
AIR Arithmetization
Customizable Constraint system CCS
- CCS: Customizable constraint systems for succinct arguments
- A multivariate AIR using Superspartan- Borgeaud

Commitment Schemes

General
KZG
Merkle commitment
Vector Commitments
Inner product Arguments (IPA)
Lattice based commitment Schemes
- Vortex
- SLAP
  - Blog

Secure Multi Party Computation

(needs sorting)

General

Proving Methods

(To add papers: Work in progress)

PLonk’s permutation - a definitive explanation

Lookup arguments

Aggregations and recursions

Snarkpack: practical snark aggregation

Folding and accumulation schemes

General

Computational Primitives

Hardware acceleration

Need for hardware acceleration or not?

HW acc review - 0xmonia

Competitions

Zprize

Discrete Fourier Transforms

Algorithms and methods

Implementations

Multi scalar multiplications

Algorithms and methods

Implementations

Fully Homomorphic Encryption

Articles

What you will find here: Blogs, Articles, PDFs, Videos, Notes

Schemes

Bootstrapping in FHEW like schemes

TFHE

Paper

Libraries

A curated list of Homomorphic Encryption libraries, and what schemes they use.

UNDER CONSTRUCTION 👷

Libraries

Libraries	Scheme	Resources
Microsoft SEAL	$BF V$ $BG V$
PALISADE	$BF V$ $F H E W$ $TF H E$
IBM FHE	$BG V$
IBM HElib	$BG V$ $C KK S$
Sunscreen - levelled bootstrap	$BF V$	Introduction
OpenFHE	$BF V$ $BG V$ $C KK S$ $F H E W$ $TF H E$	OpenFHE.com
TenSEAL - Openmined	$BF V$ $C KK S$
Zama AI - Concrete - Python compiler	$TF H E$
Zama AI - TFHE-rs - Rust library	$TF H E$
Google - FHE	$TF H E$

Mathematics

Bootstrapping