Polynomial IOPs for Linear Algebra Relations

Polynomial IOPs for Linear Algebra Relations


1 min read


This paper proposes new Polynomial IOPs for arithmetic circuits. They rely on the monomial coefficient basis to represent the matrices and vectors arising from the arithmetic constraint satisfaction system, and build on new protocols for establishing the correct computation of linear algebra relations such as matrix-vector products and Hadamard products.

Our protocols give rise to concrete proof systems with succinct verification when compiled down with a cryptographic compiler whose role is abstracted away in this paper. Depending only on the compiler, the resulting SNARKs are either transparent or rely on a trusted setup.

Read the full text.


Alan Szepieniec, Yuncong Zhang

Published in

The International Conference on Practice and Theory of Public-Key Cryptography (PKC) 2022, March 2022

Preprint release date

Dec 2, 2021


Zero-Knowledge, SNARK, Cryptography, Succinct Verification, Polynomial IOP

Other articles that you might like: