Tags → #phd

The post-quantum migration path: lattice commitments, STARK wrapping, isogeny credentials

16 May 2026

Series finale. Shor's algorithm breaks every elliptic-curve assumption F_RP currently rests on. The migration: lattice polynomial commitments (Brakedown/Orion), hash-based STARKs as universal backend, isogeny group actions for credentials.
MEV resistance: why UPEE is sandwich-proof by construction

14 May 2026

Theorem 7.3 — UPEE transactions resist sandwich/frontrun/liquidation MEV by construction. Theorem 7.4 — block MEV bounded by public-bit leakage, not transaction value. Independent of V, not super-linear.
F_RP vs Zcash, Tornado, RAILGUN, Aztec, Penumbra, Aleo, Namada, Monero

12 May 2026

F_RP vs nine deployed privacy systems on the four axes that matter: relayer-free, Turing-complete, on-chain verifiable on a high-perf L1, low-trust setup.
Fitting F_RP in 656 bytes on Solana

10 May 2026

Concrete F_RP instantiation on Solana. Groth16 over BN254, Poseidon Merkle, indexed nullifier tree, BN254 Pedersen, transaction in 656 of 1,232 bytes, 235K of 1.4M CU.
UPEE: composing SPST + PPST + TAB into one framework

8 May 2026

F_RP Construction IV. The five-algorithm tuple Setup/Deploy/Invoke/Verify/Finalize plus the simulation-based privacy theorem (3.12) and self-sovereignty theorem (3.13). The composition that makes the whole thing deployable.
Bayer-Groth verifiable shuffles for network-layer privacy

6 May 2026

F_RP Construction III, Approach C. Bayer-Groth verifiable shuffles obscure the input→output permutation of a batch with O(√n) proof size — used to cascade-mix pre-broadcast batches at the network layer.
TAB: hiding the submitter with ring signatures and FROST

4 May 2026

F_RP Construction III. ZK proofs hide the contents but the wrapping Solana tx still leaks the submitter pubkey. TAB closes that gap with a Fujisaki-Suzuki ring signature and a FROST threshold Schnorr over Ed25519.
On the death of the trusted setup

4 May 2026

Universal SRS, transparent FRI, and why Groth16's per-circuit ceremony feels anachronistic in 2026 — even when, as ZERA does, you're still using one. A history of the ceremonies that worked, the ones that didn't, and what comes next.
WASM-native proving for ZK SDKs: an SDK author's take

3 May 2026

Why zera-sdk ships native Rust on Node and snarkjs in the browser — and what it would actually cost to ship a WASM-compiled Rust prover for the browser path. A design post about the dual-target build pipeline.
Plonky3, the small-fast-cheap revolution

2 May 2026

Why plonky3 — small fields, FRI commitments, no trusted setup — is the proof system to watch in 2026. The Mersenne31 / BabyBear / Goldilocks landscape, the FRI folding step, and why your laptop is suddenly a viable prover.

Tags → #phd

# The post-quantum migration path: lattice commitments, STARK wrapping, isogeny credentials

# MEV resistance: why UPEE is sandwich-proof by construction

# F_RP vs Zcash, Tornado, RAILGUN, Aztec, Penumbra, Aleo, Namada, Monero

# Fitting F_RP in 656 bytes on Solana

# UPEE: composing SPST + PPST + TAB into one framework

# Bayer-Groth verifiable shuffles for network-layer privacy

# TAB: hiding the submitter with ring signatures and FROST

# On the death of the trusted setup

# WASM-native proving for ZK SDKs: an SDK author's take

# Plonky3, the small-fast-cheap revolution

The post-quantum migration path: lattice commitments, STARK wrapping, isogeny credentials

MEV resistance: why UPEE is sandwich-proof by construction

F_RP vs Zcash, Tornado, RAILGUN, Aztec, Penumbra, Aleo, Namada, Monero

Fitting F_RP in 656 bytes on Solana

UPEE: composing SPST + PPST + TAB into one framework

Bayer-Groth verifiable shuffles for network-layer privacy

TAB: hiding the submitter with ring signatures and FROST

On the death of the trusted setup

WASM-native proving for ZK SDKs: an SDK author's take

Plonky3, the small-fast-cheap revolution