Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add more intuitive explanation and blackbox #23

Merged
merged 14 commits into from
May 31, 2024
43 changes: 43 additions & 0 deletions HACKATHON_WEEK.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
# The Hacker Principle

Your code doesn't have to be pretty or have many functions, but should be presentable and runnable.

# Project Ideas

The following are some project ideas to get you started.

## 1. Token Mixer

Reference the following starter code and instructions:
- https://securitylab.github.io/cs251-fall21/
- https://securitylab.github.io/cs251-fall21/hw/proj4.pdf
- https://securitylab.github.io/cs251-fall21/lectures/lecture13.pdf
- https://learn.0xparc.org/materials/circom/learning-group-1/breaking-down-tornado

## 2. ZK Calculator

Prove your calculation is correct, you may want to reference this: https://github.com/jtriley-eth/zk-calculator

## 3. ZK Battleship

Read the following, understand how it works, and make your own ZK battleship game: https://github.com/darkforest-eth/circuits

## 4. Very Simple Rollup

This is a good example, but yours can be even simpler: https://github.com/rollupnc/RollupNC

Reference this PDF: https://securitylab.github.io/cs251-fall21/lectures/lecture17.pdf

## 5. Solve Some ZK Puzzles

Some these problems and present to us how you did it: https://zkhack.dev/puzzles/

## 6. *OR YOUR OWN PROJECT*
!!!!!! UNVEIL YOUR POWER ANON !!!!!

# Helpful Toolkits to Use

- https://github.com/privacy-scaling-explorations/zkp-app-boilerplate
- https://battlezips.gitbook.io/battlezips/development/circom-tester
- https://battlezips.gitbook.io/battlezips/development/hardhat-circom
- https://battlezips.gitbook.io/battlezips/development/shield`
8 changes: 7 additions & 1 deletion MODULE_1.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,12 @@ In this module, our primary goal is to introduce you to key concepts of ZKPs, su

Let’s get started!

## Tips to Learn Zero Knowledge

One really useful mental model to learn zero knowledge is to blackbox the concepts so that you don't get intimidated by the complexity of the topic. This doesn't mean you ignore the details, but rather, you focus on understanding the high-level concepts first and then dive into the details later.

When you study the topic for the first time, only read the required reading. Skip the optional reading unless you are really curious of the details. This will help you to understand the topic without getting overwhelmed by the details.

## A Primer for Zero Knowledge Proofs

Before we delve into the core content of the module, consider acquainting yourself with some high-level concepts of Zero-Knowledge Proofs. The following introductory articles will help you build a robust foundational understanding:
Expand Down Expand Up @@ -162,4 +168,4 @@ modularCalculator('*', 10, 15, 12); // Should return: 6
Feel free to use `console.log` statements in your code to verify that your function is working as expected. For convenience, consider using https://repljs.com/ and pasting in the above code snippet to get started.

## Conclusion
By the end of this module, you will have gained an understanding of the fundamental concepts in Zero-Knowledge Proofs (ZKPs). These principles will guide you in your journey towards mastering the advanced topics that will be covered in the following modules.
By the end of this module, you will have gained an understanding of the fundamental concepts in Zero-Knowledge Proofs (ZKPs). These principles will guide you in your journey towards mastering the advanced topics that will be covered in the following modules.
11 changes: 9 additions & 2 deletions MODULE_2.md
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,14 @@ Cryptographic commitments are essential in cryptography and blockchain technolog

It helps achieve secure and efficient verification of transactions in blockchain protocols. In such contexts, sensitive information, such as transaction details or user identities, is hidden while revealing others for the verifier to authenticate the transactions.

### Pedersen Commitments
You can break down the concept of commitment into two parts: commit and open (reveal).

![commitment scheme](./assets/commitment.png)
[Source](https://zecrey.medium.com/commmitment-schemes-in-zecrey-e6c446e2da97)

There is always a commit phase and a reveal phase, in other words you first encrypt a secret and then reveal it later.

### Pedersen Commitments (Optional)
Pedersen Commitments are a type of cryptographic primitive that allows you to commit to a certain value while keeping it hidden, with the ability to disclose the committed value later. They're often used to achieve privacy-preserving properties in cryptographic protocols. For more on Pedersen Commitments, review these materials:

- [Pedersen Commitments](https://asecuritysite.com/encryption/ped)
Expand Down Expand Up @@ -300,4 +307,4 @@ Congrats on reaching the end of this module!

## Conclusion

In summary, we've ventured through some very important cryptographic primitives, gaining insights into encryption, hash functions, Merkle trees, and more. These components underpin blockchain technologies and zero-knowledge proofs. Moving forward, our next module will navigate the fascinating field of elliptic curve cryptography.
In summary, we've ventured through some very important cryptographic primitives, gaining insights into encryption, hash functions, Merkle trees, and more. These components underpin blockchain technologies and zero-knowledge proofs. Moving forward, our next module will navigate the fascinating field of elliptic curve cryptography.
33 changes: 29 additions & 4 deletions MODULE_3.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ The following StackExchange answer goes over the differences between some of the

- [What is the difference between the RSA, DSA, and ECDSA keys that ssh uses?](https://askubuntu.com/a/1000928/733503)

## Schnorr Signatures and EdDSA
## Schnorr Signatures and EdDSA (Optional)

EdDSA modifies and extends the Schnorr signature scheme to provide additional benefits. So it is crucial to first get an understanding of Schnorr signatures.

Expand Down Expand Up @@ -58,9 +58,17 @@ For more on EdDSA, check out the following links:

## Pairing-Based Cryptography (PBC)

Many of the following topics will depend upon what is called pairing-based cryptography. These two articles set the stage and foundation:
Many of the following topics will depend upon what is called pairing-based cryptography.
You can imagine pairing as the multiplication of elliptic curves. The original elliptic curve operation is homomorphically additive but not homomorphically multiplicative. Pairing is a way to mimic this "multiplication".

This is largely used in zk, especially during the verification stage.

![Pairing](./assets/elliptic-curve-pairings.jpeg)
[Source](https://www.inevitableeth.com/home/concepts/elliptic-curve-pairings)

- **[Exploring Elliptic Curve Pairings by Vitalik Buterin](https://medium.com/@VitalikButerin/exploring-elliptic-curve-pairings-c73c1864e627)** - This resource builds upon the knowledge you learned above regarding elliptic curves and sets the stage for the topics discussed below. It is an excellent introduction to the topic.
If you would like to know more about it, you can check out the following resources:

- **[Exploring Elliptic Curve Pairings by Vitalik Buterin (optional)](https://medium.com/@VitalikButerin/exploring-elliptic-curve-pairings-c73c1864e627)** - This resource builds upon the knowledge you learned above regarding elliptic curves and sets the stage for the topics discussed below. It is an excellent introduction to the topic.
- **[Pairings or Bilinear Maps by Alin Tomescu](https://alinush.github.io/2022/12/31/pairings-or-bilinear-maps.html)** - This resource begins with an introduction to the three fundamental properties of bilinear maps. Building on this foundation, it further explores applications such as the Tripartite Diffie-Hellman protocol, BLS signatures, and Identity-Based Encryption (IBE).

Make sure you read these two articles in full before proceeding.
Expand All @@ -78,6 +86,11 @@ For those who desire a deeper dive into bilinear maps and pairings, check out th

BLS (Boneh-Lynn-Shacham) signatures are a type of cryptographic signature scheme that allows for efficient aggregation of individual signatures into a single signature. It also makes use of pairing-based cryptography.

The intuition of BLS is that it is an aggregation signature. The image below shows how the public key and signature are aggregated. The advantage is that all signatures can be verified at once. That's why it is commonly used in consensus protocols.
![BLS](./assets/bls-signatures.jpeg)

### Optional Reading

The following articles offer a great introduction to BLS signatures and why they are important for the scaling of Ethereum (more specifically, the Beacon Chain):

- [Upgrading Ethereum (chapter on BLS Signatures) by Ben Edgington](https://eth2book.info/capella/part2/building_blocks/signatures/)
Expand All @@ -89,7 +102,15 @@ The following articles offer a great introduction to BLS signatures and why they

## KZG Polynomial Commitments

Polynomial Commitments are cryptographic tools that allow the hiding of some coefficients while revealing others. They're used in various cryptographic proofs and blockchain protocols. For a better understanding of Polynomial Commitments, consider these resources:
Polynomial Commitments are cryptographic tools that allow the hiding of some coefficients while revealing others. They're used in various cryptographic proofs and blockchain protocols. For a better understanding of Polynomial Commitments
The intuition of KZG is that it is a commitment scheme. It is used to commit to a polynomial and later reveal a certain point on that polynomial. All your input data "lock" a specific polynomial.

![KZG](./assets/polynomial-commitments-1.jpeg)

Read this article:
- [KZG commitment by Inevitable Ethereum](https://www.inevitableeth.com/home/concepts/kzg-commitment)

### Optional Reading

- [Polynomials](https://vitalik.eth.limo/general/2021/01/26/snarks.html#polynomials) section of Vitalik's article on zk-SNARKs.
- [KZG in Practice: Polynomial Commitment Schemes and Their Usage in Scaling Ethereum](https://scroll.io/blog/kzg)
Expand All @@ -106,6 +127,10 @@ Scroll's zk-rollup implementation makes use of this commitment scheme to commit

The concept of a trusted setup is an important part of the KZG Polynomial commitment scheme, and indeed part of the wider culture of Ethereum. Here are a few resources to learn more about trusted setups.

The intuition of a trusted setup is that it is a process to generate a bunch of points on the elliptic curve, and the prover will input these points to the polynomial commitment. Therefore the output is a point on the curve as well. Specifically, the generation of these points require many people join and discard the secret value (which they used to create the point). It should not be possible to generate the points without this. That's why it is called a trusted setup.

### Optional Reading

- [How do trusted setups work? by Vitalik Buterin](https://vitalik.eth.limo/general/2022/03/14/trustedsetup.html)
- [On-Chain Trusted Setup Ceremony by a16zcrypto](https://a16zcrypto.com/posts/article/on-chain-trusted-setup-ceremony/)
- [The KZG Ceremony - or How I Learnt to Stop Worrying and Love Trusted Setups by Carl Beekhuizen [27:27]](https://www.youtube.com/watch?v=dTBy661ubgg)
Expand Down
Loading