Albi
@zk_albi
Followers
337
Following
2K
Media
4
Statuses
299
Mathematician & cryptographer. Building Jolt Atlas at ICME. PhD candidate @ImperialCollege. I care about privacy, human flourishing and ZKPs. @ZCash is hope.
London
Joined August 2021
I've written this short note on how Neo compares to LatticeFold in their embedding from fields to polynomial rings, and how this relates to "pay-per-bit" commitment schemes and NTTs. Especially targeted to ZK practitioners who may be new to lattices! https://t.co/hMNQzyjxEQ
blog.icme.io
Lattice cryptography allows us to build cryptographic primitives from hard lattice problems. LatticeFold[1] is the first lattice-based folding scheme protocol, inspired by HyperNova[2], whose...
1
12
56
The Tachyon concept/architecture is such an elegant solution to nullifier scalability: Evolve nullifiers over epochs Reveal/store nullifiers for the current epoch only Prove unspent in a past epoch Outsource proving to oblivious service via recursive proofs Infinity unlocked
New work with @ebfull on scaling Zcash and Zexe-derived protocols like Aleo and Aztec. zkSNARKs are now a (fantastic) commodity. They were always just one piece of the puzzle: building a secure protocol architecture for "shielded state" manipulation. https://t.co/uOSiNqNX6X
9
15
131
New work with @ebfull on scaling Zcash and Zexe-derived protocols like Aleo and Aztec. zkSNARKs are now a (fantastic) commodity. They were always just one piece of the puzzle: building a secure protocol architecture for "shielded state" manipulation. https://t.co/uOSiNqNX6X
eprint.iacr.org
Anonymous payment protocols based on Zerocash (IEEE S&P 2014) have seen widespread deployment in decentralized cryptocurrencies, as have derivative protocols for private smart contracts. Despite...
21
56
298
Privacy is having a moment on crypto twitter. Reminder: If your zkSNARK requires sending data to someone else's provers, it's neither zero-knowledge, non-interactive, nor yours.
42
48
342
government: recklessly pass data collection laws 💃 lawyers: “comply!!” 🫵 cybersecurity* firms: “the 💸💸 goes here. kthxbye 🤑” computer scientists: continue ignoring that minimizing data collection is part of the ACM Code of Ethics and Professional Conduct (or risk jail)
🪪 ID laws are forcing companies to store massive amounts of sensitive data, turning compliance into a security risk. @Acronis shows how MSPs can close the gaps with integrated cybersecurity, backup, and endpoint protection. ➡️ https://t.co/CR6VApuaWw
#cybersecurity #sponsored
1
1
6
A wonderful read on the state of zero knowledge proofs for verifying AI models
The Definitive Guide to ZKML (2025). https://t.co/IJkTY2vMou This is meant to be a reference for us all to check in 12/mo to see progress! Leaving edits open until Dec 12th -> DM for tweaks, corrections, or additions.
0
0
2
@Zac_Aztec is a living embodiment of the moral character of cryptographic work 🫡 Be sure to read through his passionate essay. Having done so, three thoughts come to my mind...
1
1
15
Journey to fastest zkSNARK provers: Sum-check’92 ➜ IPs for low-depth circuits (GKR/CMT’12) ➜ SNARKs for low-depth circuits (vSQL’17) ➜ SNARKs for general circuits+lookups (Spartan’19) ➜ zkVMs via lookups (Lasso+Jolt’23, Twist+Shout’25) Sum-check also powers folding: Neo!
1/ New survey: Sum-check is all you need. Just posted a survey on the design principles behind Jolt and fast-prover SNARKs more broadly. It's arguably the first time the core ideas have all been written down in one place.
0
6
41
In case you didn't know (yet!), sum-check is all you need 😁. Great to see how it is contextually applied in modern techniques such as Twist, Shout, the Prefix-Suffix Proving Algorithm, Jolt, etc.
1/ New survey: Sum-check is all you need. Just posted a survey on the design principles behind Jolt and fast-prover SNARKs more broadly. It's arguably the first time the core ideas have all been written down in one place.
0
1
7
At its core, this is what zkML aims to address: AI that doesn’t lie to you. @icme_app is on it.
David Sacks says the biggest risk of AI was described not by James Cameron in The Terminator but by George Orwell in 1984. “I almost feel like the term ‘woke AI’ is insufficient to explain what’s going on because it somehow trivializes it.” “What we’re really talking about is
0
1
3
I recently went through the exercise of applying logup* (Soukhanov) to implement Twist and Shout (Setty & Thaler). As a result, we can have memory checking arguments with very cheap commitment costs using hash-based commitment schemes! ↓
5
20
87
Twist and Shout via logup* by @georgwiese
https://t.co/o5zZelztXC
0
5
19
I completely share this feeling!
Glad Zcash is exciting again as well! The caliber of both the initial and the follow up research, as well as the engineering, is top-notch 👌👌 Zcash getting recognition in the market is a sign that the market might not be completely irrational. And that gives me hope.
0
0
2
An exciting update from myself and @benediamond ( https://t.co/bKwowXYcMB). We show that the 𝘶𝘱-𝘵𝘰-𝘤𝘢𝘱𝘢𝘤𝘪𝘵𝘺 proximity gaps conjecture is 𝗳𝗮𝗹𝘀𝗲. More precisely, given any pair c, d we construct codes whose error grows faster than nᶜ / (q ⋅ (ρ η)ᵈ).
eprint.iacr.org
For each positive integer $c^*$, we construct an infinite sequence of Reed–Solomon codes $C \subset \mathbb{F}_q^n$, together with ball radii $z$, for which the proportion of $\mathbb{F}_q^n$...
19
95
478
Zcash adoption has an inverse relationship with tools of centralized control like CBDCs and digital IDs. The harder they try to impose them on the people, the faster Zcash will spread.
13
19
138
Just published a simpler proof of the RBR soundness of FRI! Work with @0xAlbertG and Benedikt Wagner I also wrote a blog post explaining the high level ideas of the proof. All you need to know is how to colour a graph! Links to paper and blog below 1/3
2
19
100
Amazing to see @zcash finally doing well in the markets - finally some recognition for years and years of hard, committed, principled work building the substrate for an actually freedom-preserving monetary alternative. Rarely indeed do the crypto markets deliver such justice.
17
37
216
Module 5 is live! We’re diving into The Ligero Proof System with @mvenkita and @GuilleAngeris Thanks to @BainCapCrypto for the support. Full access to all module resources https://t.co/OFOk6HlqPT
5
19
74
A zkSNARK has to prove: (1) a statement about a secret witness; and (2) a statement about circuit. In Pinocchio/Groth16, both are done together relying on a circuit-specific setup. A key idea in Spartan was to prove (2) efficiently; it works with any PCS including LigeroPCS!
@mvenkita @rel_zeta_tech @__zkhack__ @GuilleAngeris @BainCapCrypto A more straightforward to get ppzkSNARK from Ligero is to extract a PCS from Ligero and compose it with a PIOP. We did this in the Brakedown paper where the PIOP is Spartan. This is also analogous to Google's longfellow where they use LigeroPCS with GKR (a la Hyrax paper).
0
3
40
It happened again... At a halloween event over the weekend I met a dad. He asked me: 'What should I do in Tokyo?' After a decade in Japan, I get this constantly. Before: I would spend 20 mins of copy-pasting links, restaurant names, fav spots... Now: I just send them my
kinic.io
Stop re-explaining yourself to every AI tool. Kinic creates a portable memory layer that works across ChatGPT, Claude, custom agents, and more. Cryptographically secured, user-owned — your context...
1
4
15