Pinned
The original definition of the Weil pairing from Weil's 1940 prison note.
Ariel Gabizon
2,312 posts
Ariel Gabizon
@rel_zeta_tech
Joined September 2021
- To all plonkers out there. A talented student from TU Wien named Marek Sefranek has discovered a mistake in the implementation of zero-knowledge in Section 8 of the plonk paper.
- proving KZG has knowledge soundness under a falsifiable assumption, is something I tried and watched people try for long hours :) kudos to this new paper for doing what I thought couldn't be done by this point eprint.iacr.org/2024/173 This puts KZG-based SNARKs on much more solid
- Mercury, with @liameagen, goes beyond previous techniques for multilinear commitment schemes, obtaining constant proof size rather than logarithmic, while preserving "elliptic curve linear time" - O(n) field ops and 2 size n MSMs, but no O(nlogn) from FFTs eprint.iacr.org/2025/385.pdf
- After five years of reading it on screens, got the real thing.
- 1/ Lookups in snarks just got a lot easier! With @LiamEagen and @dariofiore0, we continue the recent sequence of works starting from Caulk, with a new protocol called cq (short for "cached quotients"). eprint.iacr.org/2022/1763
- Because "cool" people at @aztecnetwork like @jonwu_ were complaining "the nerds aren't tweeting enough," here's a little thread about a class I wrote called safe_uint. It seems trivial, but safe_uint is an example of the security improvements we constantly make to our codebase:
- Zcash had a significant head start in the zk race. It was first to depoly, had *huge* community support and enthusiasm behind it, and a team with the few people who understood the tech at the time. Though I've had some great experiences in the zk world since, nothing compared toA new season begins. @jswihart, formerly SVP of Growth at ECC, returns to ECC and takes over the reins from @zooko as CEO. Zooko will continue as a director on the board of the Bootstrap Project, the parent company of ECC. electriccoin.co/blog/welcomingโฆ
- token 2022 passed six audits, used one of the simpler and more conservative zk systems - bulletproofs for confidential transactions. And still had a fatal money printing zk bug. Moreover, a "not including all inputs in Fiat Shamir" bug, you'd think people would know to look for.
- Did you miss the big news? A bonus module of ZK Whiteboard Sessions Season 2! @danboneh covers "FRI and Proximity Proofs", with mentions of several papers & researchers: @EliBenSasson @UHaboeck @PapiniShahar A. Chiesa @GiacomoFenzi E. Yogev & more... Shoulders of giants!
- having finally understood zklogin properly - I really like how simple and smooth it is.
