Doing mixed matrix commitments (MMCS) with STIR & WHIR

This post looks at Plonky3 and combining Mixed Matrix Commitment Schemes with STIR 🥣 and WHIR 🌪️ as the low-degree test. As far as I understand, the problem that we are aiming to solve is the following: The prover has committed to a matrix of functions (note the possibly different number of columns in each row) $$ \begin{bmatrix} f_{1, 1}, \dots, f_{1, n_1} \\ \vdots \\ f_{m, 1}, \dots, f_{m, n_m} \end{bmatrix} $$...

October 2024 · Giacomo Fenzi

LDPC codes vs RS codes

Just some spare thoughts on LDPC codes and RS codes (for IOPP based SNARKs), as an answer to Dev’s questions . TLDR; LDPC are an amazing avenue of research, that I hope to explore more, but I am bit skeptical on the current maturity of prover and verifier performance that they bring to the table. I think it makes sense to consider the question on two parts: prover time and verifier complexity....

October 2024 · Giacomo Fenzi

WHIR: Reed–Solomon Proximity Testing with Super-Fast Verification

This blog-post is a short introduction to our new work: “WHIR: Reed–Solomon Proximity Testing with Super-Fast Verification”. This is joint work with Gal Arnon, Alessandro Chiesa, and Eylon Yogev, and the full version is available on ePrint . Code is also available at WizardOfMenlo/whir. WHIR 🌪️ We present WHIR (Weights Help Improving Rate), a concretely efficient IOPP for constrained Reed–Solomon codes1. WHIR is both an IOPP for Reed–Solomon codes and a multilinear polynomial commitment scheme (PCS), and achieves the fastest verification speed of any such scheme, even including univariate PCS with trusted setup....

September 2024 · Gal Arnon, Alessandro Chiesa, Giacomo Fenzi, Eylon Yogev

zkSNARKs in the ROM with Unconditional UC-Security

This blog-post is a short introduction to our new work: “zkSNARKs in the ROM with Unconditional UC-Security”. This is joint work with Alessandro Chiesa, and the full version is available on ePrint. The Universal Composability (UC) [Can01]1 framework is a “gold-standard” for security in cryptography. UC-secure protocols achieve strong security guarantees against powerful adaptive adversaries, and retain these guarantees when used as part of larger protocols. Zero knowledge succinct non-interactive arguments of knowledge are often used within larger protocols deployed in dynamic environments, and so UC-security is a highly desirable, if not necessary, goal....

May 2024 · Alessandro Chiesa, Giacomo Fenzi
STIR

STIR: Reed–Solomon Proximity Testing with Fewer Queries

This blog-post is a short introduction to our new work: “STIR: Reed-Solomon Proximity Testing with Fewer Queries”. This is joint work with Gal Arnon , Alessandro Chiesa , and Eylon Yogev , and the full version is available on ePrint . Code is also available at WizardOfMenlo/stir . Here are also some slides that might be helpful, the recording of the talk at zkSummit11 , and our episode on zkPodcast ....

February 2024 · Gal Arnon, Alessandro Chiesa, Giacomo Fenzi, Eylon Yogev

STIR: Setting Parameters

Our recent work, STIR 🥣 (See 2024/390 and blog-post. ) is an IOPP for RS codes with improved query complexity compared to the state-of-the art, FRI. Compared to FRI, STIR has a few more parameters that one can tweak, which can have a rather large impact on prover time, verifier time and argument size. This short blurb details what these parameters are, and how they translate, concretely, in the resulting argument....

February 2024 · Giacomo Fenzi
SLAP

SLAP: Succinct Lattice-Based Polynomial Commitments from Standard Assumptions

This blog-post is a short introduction to our new work: “SLAP: Succinct Lattice-Based Polynomial Commitments from Standard Assumptions”. This is joint work with Martin Albrecht, Oleksandra Lapiha and Ngoc Khanh Nguyen, and the full version is available on ePrint . Here are also some slides that might be helpful. In our previous paper , we looked at the problem of constructing efficient lattice-based polynomial commitments, to be used in as a drop-in replacement to non-post-quantum secure schemes such as KZG....

September 2023 · Martin R. Albrecht, Giacomo Fenzi, Oleksandra Lapiha, Ngoc Khanh Nguyen

Lattice-Based Polynomial Commitments: Towards Asymptotic and Concrete Efficiency

In this blog-post, I will be taking a look at my recent work with Hossein Moghaddas and Ngoc Khanh Nguyen, full version . We extend the vector commitment scheme of [WW23]1 with an evaluation proof, and achieve a lattice-based polynomial commitment scheme with polylogarithmic proof size and verifier complexity. We further investigate the applicability of our techniques to the Polynomial IOP of [Marlin]2, show that our scheme is easily batchable and more!...

June 2023 · Giacomo Fenzi, Hossein Moghaddas, Ngoc Khanh Nguyen