Home

tl;dr: The good: Audit went well. Lúcás Meier’s Caith-Sith threshold ECDSA protocol seems like a reasonable, conservative choice. The bad: Near’s MPC currently works in a 5 out of 8 setting, without any proactive refresh. Notes Good MPC’s configuration is transparent, on-chain $\Rightarrow$ can monitor for suspicious membership changes “...

tl;dr: Running some secp256k1 MSM benchmarks.

tl;dr: Groth’s non-interactive distributed key generation paper[^Grot21e], which uses a novel approximate ZK range proofs to argue correct chunking, but inadvertantly increases share decryption time.

tl;dr: a few notes on Move (and maybe on Aptos too).

tl;dr: This is a “note to self” that there’s some interesting work out there on malleable NIZKs[^CH20]$^,$[^DaEFplus23e].

tl;dr: Some notes to self on state-of-the-art witness encryption (WE) schemes. $ \def\adp{\mathsf{ADP}} \def\aadp{\mathsf{AADP}} \def\eval{\mathsf{eval}} \def\x{\mathbf{x}} \def\M{\mathsf{M}} \def\A{\mathbf{A}} \def\B{\mathbf{B}} \def\R{\mathbf{R}} \def\Rvss{\mathcal{R}_\mathsf{vss}} \def\Radp#1{\mathcal{R}_\mathsf{adp}^{#1}} \def\span{\mathsf...

tl;dr: What has happened in quantum computing over the years.

tl;dr: A catalog of polynomial commitment schemes for multilinear polynomials (i.e., multivariate polynomials where each variable has degree at most 1). These are the workhorse of modern SNARKs based on the sumcheck protocol.