ZK-SNARK cheatsheet
10 Dec 2024Based on ZKDL Camp
File download:
The following post introduces my results on benchmarking ZKVMs from RISC0 and Valida. Valida caught my eye because of the declarations of the fastest existing ZKVM (but still not fully constrained haha). Here we go with my results:
Evaluation of the 46th Fibonacci element:
Evaluating Pedersen commitment with Rust k256 library:
let private_key = Scalar::from(12345678909876554321u128);
let amount = Scalar::from(12345u64);
let g = k256::ProjectivePoint::GENERATOR;
let h = g.mul(k256::Scalar::from(12345u32));
let commitment = g.mul(private_key).add(h.mul(amount));
In conclusion, we can see that Valida is probably faster, but only 9 times for Fibonacci and 1.6 times for k256 library. Also, RISC0 can successfully generate proofs using only 20GB RAM while Valida requires 120GB RAM for k256 benchmark.
One of the existing problems of non-SNARK confidential assets protocols based on Pedersen commitments is the disability for coins receiver to decrypt an amount in the received payment. To achieve private decommitment, sender has to share the amount in a secure way with the receiver that often is not a part of a protocol. I’ve made some research and described the option to use private payments in a couple with verifiable encryption, that allows sender to share amount securely with receiver and convince the receiver that this amount corresponds to the committed one.
Check my article for more: Private coins extension with verifiable encryption
Still continuing my series of articles on advanced cryptographic protocols explained in simple words. Here is a paper about ZK-STARK protocol.
Enjoy! ZK-STARKs explained