Hyperplonk: Plonk with linear-time prover and high-degree custom gates

B Chen, B Bünz, D Boneh, Z Zhang - … on the Theory and Applications of …, 2023 - Springer
Plonk is a widely used succinct non-interactive proof system that uses univariate polynomial
commitments. Plonk is quite flexible: it supports circuits with low-degree “custom” gates as …

Plonk: Permutations over lagrange-bases for oecumenical noninteractive arguments of knowledge

A Gabizon, ZJ Williamson, O Ciobotaru - Cryptology ePrint Archive, 2019 - eprint.iacr.org
Abstract zk-SNARK constructions that utilize an updatable universal structured reference
string remove one of the main obstacles in deploying zk-SNARKs [GKMMM, Crypto 2018] …

Marlin: Preprocessing zkSNARKs with universal and updatable SRS

A Chiesa, Y Hu, M Maller, P Mishra, N Vesely… - Advances in Cryptology …, 2020 - Springer
We present a methodology to construct preprocessing zkSNARKs where the structured
reference string (SRS) is universal and updatable. This exploits a novel use of holography …

Bulletproofs: Short proofs for confidential transactions and more

B Bünz, J Bootle, D Boneh, A Poelstra… - … IEEE symposium on …, 2018 - ieeexplore.ieee.org
We propose Bulletproofs, a new non-interactive zero-knowledge proof protocol with very
short proofs and without a trusted setup; the proof size is only logarithmic in the witness size …

Sonic: Zero-knowledge SNARKs from linear-size universal and updatable structured reference strings

M Maller, S Bowe, M Kohlweiss… - Proceedings of the 2019 …, 2019 - dl.acm.org
Ever since their introduction, zero-knowledge proofs have become an important tool for
addressing privacy and scalability concerns in a variety of applications. In many systems …

Spartan: Efficient and general-purpose zkSNARKs without trusted setup

S Setty - Annual International Cryptology Conference, 2020 - Springer
This paper introduces Spartan, a new family of zero-knowledge succinct non-interactive
arguments of knowledge (zkSNARKs) for the rank-1 constraint satisfiability (R1CS), an NP …

Prio: Private, robust, and scalable computation of aggregate statistics

H Corrigan-Gibbs, D Boneh - 14th USENIX symposium on networked …, 2017 - usenix.org
This paper presents Prio, a privacy-preserving system for the collection of aggregate
statistics. Each Prio client holds a private data value (eg, its current location), and a small set …

Doubly-efficient zkSNARKs without trusted setup

RS Wahby, I Tzialla, A Shelat, J Thaler… - … IEEE Symposium on …, 2018 - ieeexplore.ieee.org
We present a zero-knowledge argument for NP with low communication complexity, low
concrete cost for both the prover and the verifier, and no trusted setup, based on standard …

Efficient zero-knowledge arguments for arithmetic circuits in the discrete log setting

J Bootle, A Cerulli, P Chaidos, J Groth… - Advances in Cryptology …, 2016 - Springer
We provide a zero-knowledge argument for arithmetic circuit satisfiability with a
communication complexity that grows logarithmically in the size of the circuit. The round …

Libra: Succinct Zero-Knowledge Proofs with Optimal Prover Computation

T Xie, J Zhang, Y Zhang, C Papamanthou… - Advances in Cryptology …, 2019 - Springer
We present Libra, the first zero-knowledge proof system that has both optimal prover time
and succinct proof size/verification time. In particular, if C is the size of the circuit being …