Multiplication of Polynomials in Point Form Polynomial multiplication is widely used in zero-knowledge proofs and mathematical cryptography. But the brute force or traditional approach for...

Basic Bank Tutorial with SPL Tokens and Anchor In this tutorial, we’ll build a simple bank program on Solana with the basic features you'd expect from a regular bank. Users can create accounts, check...

The Fundamental Theorem of Finite Cyclic Groups The Fundamental Theorem of Cyclic Groups provides guarantees about the existence of cyclic subgroups within a cyclic group. In the context of the...

The constant product formula in Uniswap v3 Our goal is to derive the constant product formula based on real reserves for a segment, given by $$ L^2 = (x_r+\frac{L}{\sqrt{p_u}})(y_r+L\sqrt{p_l}) $$...

Circle FFT — Part 1: Building the Circle Domain Circle STARKs is a new zk-STARK scheme that has been implemented in Stwo and Plonky3, and it has been adopted by several zkVM projects. Its key...

Multiplicative Subgroups and Primitive Elements Introduction This chapter continues our study of group theory by exploring subgroups and generators. The concept of a primitive element will be...

ZK Proof of Selection Sort Most computations of interest are generally “stateful” — that is, they need to go through a series of steps to produce the final result. Sometimes, we do not need to show...

How a ZKVM Works A Zero-Knowledge Virtual Machine (ZKVM) is a virtual machine that can create a ZK-proof that verifies it executed a set of machine instructions correctly. This allows us to take a...

Swapping Two Items in an Array in Circom This chapter shows how to swap two signals in a list of signals. This is an important subroutine for a sorting algorithm. More generally, lists are a...

The Permutation Argument A permutation argument is a proof that two lists hold the same elements, but possibly in a different order. For example, is a permutation of and vice-versa. The permutation...

Introduction to Stateful Computations in ZK When carrying out iterative computations such as powers, factorials, or computing the Fibonacci sequence, we need to “stop the computation” after a certain...

32-Bit Emulation in ZK The default datatype in ZK is the field element, where all arithmetic is done modulo a large prime number. However, most “real” computation is done using 32, 64, or 256-bit...