### Indistinguishability obfuscation (iO) for general circuits

We propose a construction for indistinguishability obfuscation (iO) for general circuits. The scheme is concocted from four main ingredients: (1) selectively indistinguishably-secure functional encryption for general circuits having its encryption procedure in complexity class NC1; (2) universal circuits; (3) puncturable pseudorandom functions having evaluation in NC1; (4) indistinguishably-secure affine-determinant programs, a notion proposed by works in submission that particularizes iO for specific circuit classes and acts as “depleted” obfuscators. The scheme can be used to build iO for all polynomial-sized circuits in a simplified way. Instantiations can be obtained from sub-exponentially secure learning with errors (LWE).

*2023-10-23 by Razvan Rosie*

### Nouns Private Voting Research Sprint - General Report

This report presents the results of the joint work done by Aragon ZK Research Association and Aztec Labs to implement a private voting PoC for NounsDAO.

*2023-08-17 by AZKR*

### Nouns Private Voting Research Sprint - Technical Report

We provide a technical description of the outcomes of the work done by Aragon ZK Research (AZKR) during the exectution of the joint proposal submitted to the Nouns DAO Private Voting Research Sprint by Aztec Labs and AZKR.

*2023-08-17 by AZKR*

### TLCS protocols for time-locked encryption

We describe two protocols (zk-TLCS and TLCS) that can be used for time-locked encryption under the assumption that a trusted parts publishes a certain type of random beacon at regular intervals. We then present our *timelock.zone* service, which will be based on the TLCS protocol.

*2023-07-05*

### E-voting: State of the Art

In this post we summarize a review of the state of the art in e-voting that we published at Aragon ZK Research.

*2023-06-08 by Vincenzo Iovino*

### Fast Consensus in Weakly Byzantine Asynchronous Environments

We explore conditions for achieving binary consensus in a single communication step when conditions are favourable. With leader-based protocols and known block producers this is possible with only a slight weakening of fault tolerance assumptions.

*2023-05-29 by Alex Kampa*

### The Poseidon hash function and its implementation in Noir

In this blog post, we provide a brief description of the Poseidon hash function, which provides a contrast with the SHA-2 family of hash functions discussed in a previous post, and discuss its implementation in Aztec’s Noir language.

*2023-03-31 by Ahmad Afuni*

### MINI-FE: computing functions on private data without trusted parties

In this blog post we introduce MINI-FE, a cryptographic protocol to compute functions over private data without any trusted parties and with minimal interaction. In particular we present its applications for Private Stream Aggregation and Quadratic-like Boardroom Voting.

*2023-03-29 by Artem Grigor and Vincenzo Iovino*

### Aragon and Aztec join forces to bring private voting to NounsDAO

State-of-the-art DAO private voting with minimal off-chain dependency via Ethereum storage proofs & timelapse encryption.

*(DAO proposal) 2023-03-06*

### BatRaVot: Scalable Trustless Voting on Ethereum

BatRaVot is a trustless voting protocol that allows for both on-chain and off-chain voting with on-chain results, making it a cost-effective and versatile solution for various types of voting scenarios on the Ethereum blockchain. In the blog post we explain the protocol and present our implementation that you can already use today.

*2023-01-19 by Artem Grigor*

### Notes on elliptic curves over finite fields and their pairings

Manuscript release

*2022-12-23 by Matan Prasma*

### Selected Topics in Cryptography: from the basics to e-voting

In this post we announce the first set of cryptographic notes published at Aragon ZK Research.

*2022-12-23 by Vincenzo Iovino*

### A rust implementation of DualRing’s sum argument

Recently at Aragon we’ve been looking for ways to enable efficient, decentralised private voting. As part of that, we’ve been looking into the state of the art of private linkable membership proofs, as they’re very suitable to act as the base of a private voting protocol. We implemented an interesting subsection of the state of the art in ring signatures, and this post explains why that’s interesting!

*2022-12-22 by Rebekah*

### Decentralised Private Voting

Many private voting protocols rely on central servers, or partially or fully trusted third parties, either for availability or for privacy. This note discusses some ways to achieve decentralised, private, blockchain-based voting, without any trusted third parties.

*2022-12-21 by Rebekah*

### SHA512 and its implementation in Noir

In this blog post, we discuss the SHA512 hash function and its implementation in Aztec’s Noir, a domain-specific language for constructing and verifying zero-knowledge proofs.

*2022-12-14 by Ahmad Afuni*

### SNARVs: Succinct Non-Interactive Arguments of Voting – protocols for cost-effective, off-chain e-voting.

Announcing SNARV: succinct non-interactive arguments of voting.

*2022-11-25 by Vincenzo Iovino and Matan Prasma*

### Blind-OVOTE: OVOTE with Blind Signatures for voter anonymity

Blind-OVOTE is a L2 voting solution which combines the validity rollup ideas with blind signatures over elliptic curves inside zkSNARK, to provide gasless anonymous voting with onchain binding execution on Ethereum.

*(forum post) 2022-11-24 by arnaucube, Alex Kampa and Roger Baig*

### privacy without snarks — one of many proofs

One of many proofs are a membership proof, also know as a ring signature. They rely only on the discrete log problem, not the heavy infrastructure of snarks.

*2022-10-21 by Rebekah*

### Simple Soundness Proofs

Soundness proofs tend to be quite long and technical. We describe a general method to significantly simplify such proofs if some specific conditions are met.

*2022-10-14 by Alex Kampa*

### Weil reciprocity on the projective line

This Maths Seminar note provides a self-contained proof of the Weil reciprocity on the projective line of a field, together with concrete examples. A good grasp of the concepts explained here will help with understanding elliptic curve pairings.

*2022-10-07 by Alex Kampa*

### We present OVOTE: Offchain Voting with Onchain Trustless Execution

OVOTE (Offchain Voting with Onchain Trustless Execution) is a L2 design for voting using validity-proofs (zkSNARK proofs), which is similar to zkRollups. The main idea is that the votes are aggregated offchain, and proved onchain through a zkSNARK proof, resulting in constant gas costs while scaling up to thousands of voters through a single Ethereum transaction.

*(forum post) 2022-07-05 by arnaucube*

### rwc2022 : Threshold ECDSA with additive key derivation and presignatures : an attack, and a solution

Additive key derivation is used widely throughout the cryptocurrency space, as defined in BIP32. Presignatures are used to reduce the round complexity of threshold ECDSA. Though both used very frequently, and often in combination, a security proof for the construction was missing until this point. Shoup and Groth find an attack on threshold ECDSA when using both AKD and presignatures, and present a solution.

*2022-05-11 by Rebekah*

### Adding Vote Delegation to Anonymous E-Voting Schemes

Anonymous e-voting schemes are a promising tool in the current and future digital society. We propose a simple and elegant way to add delegation capabilities to such schemes.

*2022-05-06 by Vincenzo Iovino*

### The Bellare-Micali Oblivious Transfer

Oblivious transfer (OT) is a cryptographical primitive that is fundamental for secure multiparty computation. We give a brief introduction to the Bellare-Micali OT protocol, which is particularly simple and elegant.

*2022-05-03 by Alex Kampa*

### Lagrange bases in subgroups of \(F_p^*\): a hands-on introduction

Our first Maths Seminar note is about Lagrange bases in subgroups of \(F_p^*\) which happen to have a simple and explicit formula. Numerous examples as well as detailed proofs of the main results are provied. We note that these particular Langrange bases have been used in the construction of the well-known PLONK zk scheme.

*2022-05-02 by Alex Kampa*