Home

tl;dr: Pedersen commitments[^Pede91Comm] are one of the most important cryptographic primitives for a beginner to understand, in my opinion.

tl;dr: Notes on our current use of Groth16 for Aptos Keyless and how we might improve upon it. Should have applications to anonymous payments, confidential assets, zkVM proof wrapping etc.

tl;dr: The 1st multivariate polynomial commitment scheme based on a non-trivial generalization of KZG.

tl;dr: (Almost?) all of the cryptography deployed on Aptos. For users, for developers and for general security.

tl;dr: We present DeKART: a batched ZK range proof for a KZG-committed vector, inspired from Borgeaud’s unbatched protocol1. This is joint work with Dan Boneh, Trisha Datta, Kamilla Nazirkhanova and Rex Fernando. Note that this blog fixes up a previous non-ZK variant and allows for a trading off proving speed for faster verification. ...

$ \def\msg{m} \def\ctxt{C} \def\pk{\mathsf{pk}} \def\sk{\mathsf{sk}} \def\kgen{\mathsf{KGen}} \def\enc{\mathsf{Enc}} \def\dec{\mathsf{Dec}} % IBE \def\ibe{\mathsf{IBE}} \def\tibe{\mathsf{IBE}} \def\id{\mathsf{id}} \def\mpk{\mathsf{mpk}} \def\msk{\mathsf{msk}} \def\dk{\mathsf{dk}} \def\derive{\mathsf{Derive}} $ tl;dr: Encrypt to a phone number ...

tl;dr: This is how it all started: folks wanted to “encrypt.” What does that mean?

tl;dr: For now, this page gathers some resources on FRI[^BBHR18FRI].