Halo: Recursive Proof Composition without a Trusted Setup
Sean Bowe, an engineer and cryptographer at Electric Coin Company (ECC), has discovered a technique for creating practical, scalable and
Reducing Shielded Proving Time in Sapling
Since the successful Sapling network upgrade, we have already seen an increased adoption of shielded addresses in the Zcash ecosystem.
Perspectives on Zcash Origins from Tromer
As we approach Zcash’s second birthday, it’s fitting to look back at the origins of this little experiment. And who
Improved zk-SNARK Multi-party Computation Protocol
zk-SNARKs – the zero-knowledge proofs at the core of Zcash – require a parameter generation ceremony to take place for
Ceremony Audit Results
As a science-focused team, ensuring the security of the Zcash protocol and the users of the network is a natural
Pay-to-sudoku Revisited
Last year, I created a project called pay-to-sudoku which was the world’s first implementation of a zero-knowledge contingent payment (ZKCP).
Explaining SNARKs Part VII: Pairings of Elliptic Curves
<< Part VI In Part VI, we saw an outline of the Pinocchio zk-SNARK. We were missing two things –
Explaining SNARKs Part VI: The Pinocchio Protocol
<< Part V In part V we saw how a statement Alice would like to prove to Bob can be
Explaining SNARKs Part V: From Computations to Polynomials
<< Part IV In the three previous parts, we developed a certain machinery for dealing with polynomials. In this part,
Explaining SNARKs Part IV: How to make Blind Evaluation of Polynomials Verifiable
<< Part III In this part, we build on Part II and III to develop a protocol for verifiable blind
Bellman: zk-SNARKs in Rust
Bellman is a Rust-language library for building zk-SNARKs — small, cheap-to-verify zero-knowledge proofs of arbitrary computations. The goal of bellman
Explaining SNARKs Part III: The Knowledge of Coefficient Test and Assumption
<< Part II In Part II, we saw how Alice can blindly evaluate the hiding :math:`E(P(s))` of her polynomial :math:`P`
