Home

tl;dr: KZG + Hyrax[^WTSplus18] = KZH[^KZHB25e]. This name makes me happy: not only it stands on its own but it also coincides with the first three authors’ initials!

tl;dr: Motorcycles are drugs. Alin might buy a motorcycle and risk the few, still-functioning limbs in his body. Someone should convince him not to do this. Update (July 2020): Alin purchased a 2017 Honda Rebel 500. He has never been more happy and frightened at the same time. Even after taking basic, intermediate and advanced riding clinics, ...

tl;dr: A quick note on the most commonly-occuring variant of $\Sigma$-protocols, inspired from the Boneh-Shoup textbook!

tl;dr: The sumcheck protocol is an extremely-powerful technique for (zero-knowledge) argument systems. In this short blog post, I will try to summarize it for my own benefit and, hopefully, yours too.

tl;dr: I got nothing, except Karthik Inbasekar’s write-up1. Marlin & Me, by Karthik Inbasekar, 2022 [PDF] ↩

tl;dr: ElGamal public key encrypting $\approx$ Using an ephemeral Diffie-Hellman exchanged key as a one-time pad.

tl;dr: Notes on the [BG12] verifiable shuffle.

tl;dr: Who said you can only sumcheck your multivariate polynomials? $\sum_{i\in[n]} a(\omega^i)b(\omega^i)$ can be proved with two size-$n$ multiexps and 6 FFTs! And verified with a size-4 multipairing (and a bit more?).