ZK Insights | 24th Nov 2024

Highlights

Devcon Key Insight: Indistinguishability Obfuscation

本文讨论了 不可区分混淆（iO） 这一被称为密码学「圣杯」的技术，它能够在保留程序功能的同时隐藏其逻辑。文章提到 Sora（基于标准假设）和 Gauss Labs（基于非标准假设）在 iO 实现上的最新进展，并探讨了如安全投票和抗串通多方系统等实际应用，同时提及了验证者串通等挑战。尽管 iO 目前效率低下且仍偏理论化，但其在区块链、zkSNARKs 等领域的潜力巨大，相关实践正在逐步推进。

This article discusses the advancements in Indistinguishability Obfuscation (iO), a cryptographic "holy grail" that hides program logic while preserving functionality. It highlights recent progress by Sora (standard assumptions) and Gauss Labs (non-standard assumptions). Practical applications, like secure voting and collusion-resistant multi-party systems, are explored, alongside challenges like validator collusion. Although iO remains inefficient and theoretical, its potential in blockchain, zkSNARKs, and beyond is immense, with ongoing efforts to make it practical.

• https://www.leku.blog/io/

awesome zkVm

这是一个关于 zkVM（零知识虚拟机）的精选资源仓库。

A curated list of zkVM, zero-knowledge virtual machine.

• https://github.com/rkdud007/awesome-zkvm

Getting the bugs out of SNARKs: The road ahead

关于改进 SNARKs 的挑战和进展。

About the challenges and progress in improving SNARKs.

• https://x.com/SuccinctJT/status/1859327094452277701
• https://a16zcrypto.com/posts/article/getting-bugs-out-of-snarks/

zkVM Security: What Could Go Wrong?

本文探讨了 zkVM（零知识虚拟机）的安全挑战。zkVM 通过抽象密码学复杂性，简化了零知识证明（ZKP）的开发，但其工作流程——从编译、执行到证明和验证——存在多种漏洞。编译器错误、不当的约束设置以及验证器缺陷可能导致关键的安全问题，如错误的证明或被篡改的输出。定制的预编译功能和确定性随机数等预处理步骤增加了复杂性和风险。确保内存一致性、指令执行正确性以及轨迹验证的严谨性至关重要。随着 zkVM 技术的发展，严格的审计、形式化验证和以安全为核心的开发将是构建可靠可信的零知识系统的关键。

The article explores the security challenges of zkVMs (Zero-Knowledge Virtual Machines), which simplify zero-knowledge proof (ZKP) development by abstracting cryptographic complexities. It highlights vulnerabilities across the zkVM workflow—compilation, execution, proving, and verification. Compiler bugs, improper constraints, and verifier weaknesses can lead to critical security failures, such as incorrect proofs or manipulated outputs. Custom preprocessing steps, like precompiles and deterministic randomness, add complexity and risk. Ensuring consistency in memory, instruction handling, and trace verification is essential. As zkVMs evolve, rigorous audits, formal verification, and security-focused development are vital to building robust and trustworthy zero-knowledge systems for real-world applications.

• https://www.zksecurity.xyz/blog/posts/zkvm-security/

A formal verification tool for Noir

工具 coq-of-noir 将 Noir 程序翻译为 Coq，以进行形式化验证，从而确保程序在所有参数下的预期行为。

The tool, coq-of-noir, translates Noir programs into Coq for formal verification, ensuring expected behavior for all parameters.

• https://formal.land/blog/2024/11/15/tool-for-noir-2

AlphaProof's Greatest Hits

本文重点介绍了 AlphaProof 使用 Lean 证明助手解决 2024 年国际数学奥林匹克（IMO）三道极具挑战性问题（第 1、2、6 题）的解法。

The article highlights AlphaProof's solutions to three challenging IMO 2024 problems (1, 2, and 6) using the Lean proof assistant.

• https://rishimehta.xyz/2024/11/17/alphaproofs-greatest-hits.html

New quantum algorithm for approximate polynomial interpolation

主要策略利用了 Regev 的归约（最初出现在基于格的密码学中）：可以利用 Reed-Solomon 码的高效解码器，并通过应用量子傅里叶变换（QFT），从而得到一个用于近似多项式插值的高效量子算法。

the main strategy exploits Regev's reduction (that appeared initially in lattice-based crypto): one can exploit the existence of efficient decoders for Reed-Solomon codes and apply a QFT in order to get an efficient quantum algo for approximate polynomial intepolation

• https://x.com/letonyo/status/1859139146016534650
• https://arxiv.org/abs/2411.12553

The DIF 2024 Hackathon List of Winners

DIF（Decentralized Identity Foundation，去中心化身份基金会） 是一个致力于推动去中心化身份（Decentralized Identity, DID）技术发展的组织。

DIF (Decentralized Identity Foundation) is an organization dedicated to advancing Decentralized Identity (DID) technology.

• https://difhackathon2024.devpost.com/project-gallery?page=1

Updates

Slicing Up Binary Towers: Accelerating Sumcheck on GPUs

• https://www.irreducible.com/posts/slicing-up-binary-towers

Improving the Security of the Jolt zkVM

• https://www.zksecurity.xyz/blog/posts/jolt-findings/

Celebrating AleoBFT formal verification milestone

• https://provable.com/blog/creating-aleobft-formal-verification-milestone

Extractable Witness Encryption for KZG Commitments - Brechy

• https://www.youtube.com/watch?v=cmvJZ3vbk9I

Reflections and Insights Post-Devcon

• https://hackmd.io/-NhfD9RBRymCZBUmctzFWA

CoSnarks in Action at Devcon7

• https://blog.taceo.io/devcon-demo/

E11: Nigel Smart, Zama

• https://codestory.co/podcast/e11-nigel-smart-zama/

Fhenix Nitrogen Testnet Upgrade

• https://www.fhenix.io/fhenix-nitrogen-testnet-upgrade/

Papers

Field-Agnostic SNARKs from Expand-Accumulate Codes

• https://eprint.iacr.org/2024/1871

Cirrus: Performant and Accountable Distributed SNARK

• https://eprint.iacr.org/2024/1873

Multi-Holder Anonymous Credentials from BBS Signatures

• https://eprint.iacr.org/2024/1874

Practical Zero-Knowledge PIOP for Public Key and Ciphertext Generation in (Multi-Group) Homomorphic Encryption

• https://eprint.iacr.org/2024/1879