18811
Lukas

@lh1 #18811

Building at TACEO Believing in programmable cryptography.
201 Follower 131 Following
Even if we crack scalability and interoperability for blockchains by 2025, it won’t bring the world on-chain. Why? Businesses and users need privacy—at least Web2 levels (we’re far from that in Web3).

The catch? Web3 can’t just replicate Web2 privacy. (Hint: it can go beyond—but that’s a topic for another post.)

Take “private” validiums: ZK chains where validators hold the full state but don’t share it. Sounds like Web2-style "privacy from peers," right? But relying on centralized operators undermines decentralization.

So… why even start with a chain? 🤔
I believe calling the system we trust most “trustless” is a mistake
✅Range checks in collaborative Noir
✅Support for asserts, and...
✅The first version of the Brillig VM in MPC!

Though still in early experimental stages, this is huge progress for private shared state in Noir
Read more in the coNoir releases:

https://docs.taceo.io/docs/releases/co-noir-nov/
/zk
Excited for tomorrow: Our first internal hackathon.

One week, self-chosen projects, and ideas we’ve been eager to try.

Highlights include:
- Secret-shared Santa: an on-chain gift exchange powered by coSNARKs.
- Asymmetric private proof delegation.

Will be fun!
/zk
If you're curious about coSNARKs after this week's Zk podcast episode featuring Dan Boneh (one of the two original authors of the coSNARKs paper), this thread has you covered!

https://x.com/taceo_io/status/1862124669425369581?s=46
/zk
Over the past few months, I’ve been working on improving how I communicate about the work I do. One piece of advice that stuck with me was to focus on just one platform at a time (thanks @ishverduzco). That’s why I’ve been mostly active on Twitter lately. While I’m far from mastering it, I’ve realized how much I’ve been missing Farcaster. Feels great to be back!
Make MPC cypherpunk again
Global Private State vs. Private Shared State:

🔄 Consistent vs. ⏳ Ephemeral
👥 Millions of users vs. 👤handful to dozens
🛠️ Examples: Worldcoin's MPC Uniqueness Check vs. Renegades' Dark Pool ZK-MPC Matching
If you think creating representative benchmarks for ZK is hard, then don't even start thinking about MPC. The addition of network dynamics introduces a whole new level of complexity that could be debated endlessly.
Even before the launch of Ethereum Vitalik talked about the need for private shared state.
No better place to make progress on co-noir.
What is the end-game for privacy infra?

Equilibrium just dropped a banger blog post.

original, unopinionated, funny

It’s the best piece you can read about the MPC, FHE, ZKP, and TEEs landscape.

chapeau @hammyx 🎩

https://equilibrium.co/writing/do-all-roads-lead-to-mpc
After an intense week at Science of Blockchain I needed to sleep a lot and then touch grass.

Thanks @cdixon.eth ‬⁩ for my new cap.
Takeaway from this week: Negative definition worked best to explain what MPC we do – everything except wallets.
OH: Among ZKP, FHE, MPC, TEEs - MPC is the strongest decentralization force.
3 big zk privacy players under one roof (next to the 🐂).

1h gets you up to speed on all of them.

Privacy is a requirement for mass adoption. Thanks for pushing Aleo @aztecnetwork @polygonchain
/zk
By now, everyone into zk knows about lookup tables (thanks to Plookup, Lasso, etc.). But did you know that lookup tables (LUTs) also exist in MPC?

Why explore MPC lookups? They help balance a common trade-off in MPC: secret sharing-based protocols have minimal total communication but require many rounds, while Yao-Garbled Circuits (GC) have a constant number of rounds but higher communication overhead.

The most compelling application of LUTs is private ML inference (more on this in another post). However, there's an underexplored area: MPC LUTs for collaborative SNARKs.

To support proof systems that leverage LUTs, we need to find efficient ways to compute zk LUTs in an MPC-fied manner. We are actively researching this area and would love to speak with anyone interested in this topic.
/zk
What is Programmable Cryptography? Here is an in depth article by @gubsheep
I especially like the visionary aspect (what can we achieve in 10+ years)

https://0xparc.org/blog/programmable-cryptography-1
/zk
Why MPC and Noir are a good fit:

1. Noir is lowered to ACIR, an intermediate representation that consists of 7 opcodes (making the evaluation of it rather simple) and is backend agnostic. ACIR can be used as an entry point, greatly reducing complexity as one can reuse the Noir compiler.

2. The ecosystem is designed to add support for proving systems, i.e., we can just write a co-SNARKs backend. So, we do not need to hack around the ecosystem - we can just leverage everything because it is designed to do so (we had to fork circom to build our co-SNARKs as the intended use case was not to add other proof systems).

3. The witness extension is the most complex part to support for co-SNARKs. For Noir, we can support a large portion of all possible circuits by MPC-ifying the most basic opcodes of ACIR (simple solver of equations which is fine in MPC).
Would be nice to finish before the 5. e-print anniversary of PLONK.

https://x.com/taceo_io/status/1819005440572715197?s=46
/zk
The start of track and field at the Olympics is today.

Track and field is to sports what math is to science. I love both!