This repository contains implementations for a selection of zero-knowledge and verifiable computation protocols from Justin Thaler's book, "Proofs, Arguments, and Zero-knowledge." Implementations are coded in Rust using the Arkworks ecosystem libraries for algebraic primitives. The code design emphasizes:
- Protocol implementations which are readable and self-contained
- Style and presentation closely mirroring that of the source material
- Program output that can be reasoned about by hand
Currently the repository includes the following implementations:
- The multivariate sum-check protocol for proving that the sum over an exponentially-sized domain of a multivariate polynomial function is a given value (Section 4.1)
- Freivalds' algorithm for efficient randomized verification of matrix products (Section 2.2)
- Schnorr's protocol for knowledge of discrete logarithms (Protocol 3, Section 12.2)
- A non-succinct zero-knowledge protocol for inner product relations of Pedersen commitments (Protocol 11, Section 14.2)
- The Bulletproofs protocol for inner product relations, requiring only logarithmic communication complexity using recursive folding (Protocol 13, Section 14.4)
- Small finite fields and small elliptic curve groups implemented using the Arkworks algebra backend, to allow for protocol transcripts which are easier to follow
- A simple framework for threaded execution of 2-party interactive proof protocols
IMPORTANT: While this software aims to provide correct implementations of the relevant protocols, it is meant for academic and educational purposes, and has not been audited for security. As such, it is strongly recommended not to use this code for production applications.