7 weeks of live online classes
ZK Development &
Security Bootcamp
(Circom)
Practice Zero Knowledge (ZK) circuit programming with Circom and
learn how build privacy applications and ZK VMs.
This bootcamp exclusively teaches the Circom language — however what you learn will be applicable to other ZK circuit languages, such as GNARK from Consensys or oljs from Mina.
Writing circuits is very different from writing imperative code (such as Javascript) or functional programming (such as Haskell).
Our curriculum spends significant time building a foundational understanding of the circuit programming paradigm rather than simply giving you a list of quirks and gotchas to memorize.
With a strong mental model for the subject, you will easily grasp how applications like Tornado Cash or Semaphore work, and how security vulnerabilities specific to ZK happen — we'll even teach you how to create proof of concept exploits for ZK circuits.
Next Cohort:
17th June 2024 | 8:00AM EDT
Prerequisites
You should be familiar with the following before starting
We assume an intermediate understanding of Solidity programming.
We assume basic understanding of computer science fundamentals like how a virtual machine works, the basics of a hash function, and simple data structures like stacks.
Participants should be comfortable with entry-level algebra and basic modular arithmetic.
No prior knowledge of ZK is assumed.
ZK Circom Curriculum
7 Weeks
Last Updated: May 2024
Arithmetic Circuits
Circuit programming is counterintuitive to programmers. Rather than computing a solution, we assume we already have a proposed solution. Then, we write constraints that pass only if the solution is valid.
Basic Circom
Having understood the theory of arithmetic circuits, we learn how to express them in code. We also learn how to incorporate ZK into smart contracts.
Circom Components and Outputs
Circom's concept of an "output" confuses a lot of developers. We will clarify the purpose of an output and how to selectively reveal information from a computation.
Non-deterministic Signals
The thin arrow operator in Circom has been a significant source of underconstraint bugs — but the language includes it for a reason. We will learn when to use this operation and what to look out for when doing so.
Hacking Under-constrained Circuits
This week we will write POCs (Proof of Concepts) for exploits of under constrained ZK circuits. We will also review other ZK specific vulnerabilities.
Quin Selector and Stateful Computation
ZK circuits are stateless and immutable, but we also want to prove knowledge of inputs to algorithms that have multiple steps. In this week we will learn more advanced designed patterns in ZK.
Preimage of a Hash
ZK allows you to prove you know the preimage of a non-secret hash output — without revealing the input. This week we will learn how to implement a cryptographic hash function from scratch and prove we know the preimage. What we learn this week will motivate why "ZK friendly" hash functions exist.
Nullifier Schemes
The nullified scheme is a design pattern to prevent double-voting or double-withdrawing in a ZK application. Learning this pattern makes the circuits Semaphore and Tornado Cash easy to understand.
Building VM
We will teach how to implement the RARE-VM (Reduced Architecture for Ratified Execution Virtual Machine) in Circom to see how ZK VMS work end-to-end. Motivated students can easily add features to RARE-VM as practice.
Pricing
Save 2% if you pay with USDC or USDT
FAQs
What is the difference between the Circom Bootcamp and the ZK Bootcamp?
Think about is as the difference between studying Solidity and how the EVM works. You could get by developing smart contracts with no understanding of how the EVM works, but you won’t be able to understand certain categories of security vulnerabilities and why some algorithms are more efficient than others in the context of ZK.
I'm new to ZK, should I take the ZK Bootcamp or the Circom Bootcamp first?
They can be taken in either order.
Why learn Circom when there are "easier" languages like Noir, Cairo, and Zokrates?
Modern day ZK applications are written as low-level circuits, which Circom enables. Modern ZK programming languages still cannot achieve the efficiency that a well-designed circuit can achieve.
Can I take the ZK Bootcamp and the Circom Bootcamp at the same time?
We strongly recommend you not do this. Based on our experience, the difficulty of learning ZK is the time required for new and unfamiliar concepts to sink in. Cramming unfamiliar knowledge is not helpful in the long run.
I'm eager to get started now! What can I do?
Read the following articles: P vs NP and its application to zero knowledge proofs, Arithmetic Circuits for ZK, Finite Fields for Arithmetic Circuits (in that order). And apply below!