Multiplicative Subgroups and Primitive Elements Introduction This chapter continues our study of group theory by exploring subgroups and generators. The concept of a primitive element will be...

How Tornado Cash Works (Line by Line for Devs) !tornado cash tutorial by rareskills Introduction to Tornado Cash Tornado Cash is a cryptocurrency smart contract mixer that enables users to deposit...

Multiplication of Polynomials in Point Form Polynomial multiplication is widely used in zero-knowledge proofs and mathematical cryptography. But the brute force or traditional approach for...

Basic Bank Tutorial with SPL Tokens and Anchor In this tutorial, we’ll build a simple bank program on Solana with the basic features you'd expect from a regular bank. Users can create accounts, check...

Circom language tutorial with circomlib walkthrough This tutorial introduces the Circom language and how to use it, along with common pitfalls. We will also explain a significant portion of the...

The constant product formula in Uniswap v3 Our goal is to derive the constant product formula based on real reserves for a segment, given by $$ L^2 = (x_r+\frac{L}{\sqrt{p_u}})(y_r+L\sqrt{p_l}) $$...

Circle FFT — Part 1: Building the Circle Domain Circle STARKs is a new zk-STARK scheme that has been implemented in Stwo and Plonky3, and it has been adopted by several zkVM projects. Its key...

Logarithmic sized proofs of commitment In a previous chapter, we showed that multiplying the sums of elements of the vectors $\mathbf{a}$ and $\mathbf{G}$ computes the sum of the outer product terms,...

Hello World Circom Introduction This chapter shows the relationship between Circom code and the Rank 1 Constraint System (R1CS) it compiles to. Understanding R1CSs is critical to understanding...

32-Bit Emulation in ZK The default datatype in ZK is the field element, where all arithmetic is done modulo a large prime number. However, most “real” computation is done using 32, 64, or 256-bit...

The Schwartz-Zippel Lemma and its application to Zero Knowledge Proofs Nearly all ZK-Proof algorithms rely on the Schwartz-Zippel Lemma to achieve succintness. The Schwartz-Zippel Lemma states that...

Compute Then Constrain "Compute then constrain" is a design pattern in ZK circuits where an algorithm's correct output is first computed without constraints. The correctness of the solution is then...