Creating cryptographic protocols with multiplications
A lot of cryptographic protocols can be reduced to computing some value. Perhaps the value obtained is a shared secret, or it allows us to verify that some other values match (if it's 0). Since we're...
View ArticlePermutation-Based Crypto 2023
I'm pleased to announce that I'm part of the steering committee of the Permutation-Based Crypto 2023 one-day workshop which will take place in Lyon, France (my hometown) colocated with Eurocrypt....
View ArticleLearning OCaml for non-functional language people like me
Learning OCaml has been quite a harsh journey for myself, especially as someone who didn't know anything (and still doesn't know much) about type systems and the whole theory behind programming...
View ArticleClik here to view.
Contributing to open source projects and about learning zero-knowledge proofs
I introduced kimchi in this blogpost last year. It's the general-purpose zero-knowledge proof system that we will use in the next hardfork of Mina. We've been working on it continuously over the last...
View ArticleClik here to view.
Real-World Cryptography, a bit more than a year later
source: redbubble Three years ago, in the middle of writing my book Real-World Cryptography, I wrote about Why I'm writing a book on cryptography. I believed there was a market of engineers (and...
View ArticleA new series of videos on zero-knowledge proof composition and recursion...
I introduced Plonk in a series of 12 videos here. That was almost a year and half ago! So I'm back with more :) In this new series of videos I will explain how proof composition and recursion work...
View ArticleClik here to view.
Dealing with the unknown
I've spent some hard months dealing with things that were way out of my comfort zone. I would usually agree that you should always aim to do things out of your comfort zone, but the ROI tends to...
View ArticleClik here to view.
zkVMs are cool, but have you heard of zkCPUs?
I like to describe Ethereum as a gigantic computer floating in the sky. A computer everyone can use by installing their own applications there, and using each other's applications. It's the world's...
View ArticleLearn How to Code a zkApp Hello World With Me Using TypeScript
Recorded this video for the Mina Foundation going through the first tutorial for zkapps. If you're interested in understanding what goes into these zk smart contracts then this is for you!
View ArticleClik here to view.
Paillier's additively homomorphic cryptosystem
Pascal Paillier released his asymmetric encryption algorithm in 1999, which had the particularity of being homomorphic for the addition. (And unlike RSA, the homomorphism was secure.) Homomorphic...
View ArticleTwo And A Half Coins episode 5: Bitcoin transactions, the Bitcoin script and...
In the 5th episode of this series I interview Arik Sosman (our very first guest!) in order to learn more about Bitcoin transactions. Specifically, how the Bitcoin scripting language works, and what...
View Articlezksecurity.xyz
Today, along with my two other cofounders Gregor Mitscha-Baude and Brandon Kase we are launching www.zksecurity.xyz an auditing platform for zero-knowledge applications. Smart contracts have been at...
View ArticleClik here to view.
What's happening in the round 5 of PlonK?
Someone was asking the following question on [Plonk}(): If you also looked at Plonk and wanted and were wondering the same, here's a short answer. If you do not care about PlonK, feel free to ignore...
View ArticleClik here to view.
The zero-knowledge attack of the year might just have happened, or how Nova...
I wrote a thing that got quite the traction on the internet, which is merely a summary of something awesome that someone else found. You can read it here:...
View ArticleFirst zksecurity public report is out!
My first public report (since I left NCC Group) is out. It was work I did for zksecurity, auditing the Penumbra circuits. You can read it here: https://penumbra.zone/blog/2023-audits It should be...
View ArticleMum, I was on the zkpodcast!
That's it, I made it, I can finally retire now. https://zeroknowledge.fm/290-2/ This week, Anna and Guillermo chat with David Wong, author of the Real-World Cryptography book, and a cofounder...
View ArticleI talked about ZK security on the first episode of Node Guardians season 2!
I was invited by Sam to talk about diverse things, including ZK security. Check the episode here:
View ArticleClik here to view.
A journey into zero-knowledge proofs
My journey into zero-knowledge proofs (ZKPs) began in university, with me slouching in an amphitheater chair attending a cryptography course. "Zero-knowledge proofs", said the professor, "allow a...
View ArticleHow STARKs work if you don't care about FRI
Here's some notes on how STARK works, following my read of the ethSTARK Documentation (thanks Bobbin for the pointer!). Warning: the following explanation should look surprisingly close to PlonK or...
View ArticleClik here to view.
Cairo's public memory
Here are some notes on how the Cairo zkVM encodes its (public) memory in the AIR (arithmetization) of the STARK. If you'd rather watch a 25min video of the article, here it is: The AIR arithmetization...
View Article
