Skip to content

Home > Proof Systems

Proof Systems

Cryptographic proof systems from foundational theory through modern production SNARKs. Notes cover construction, security assumptions, setup requirements, and proof/verifier complexity.

Foundational Theory

Note Description
GMR85 — Knowledge Complexity Goldwasser-Micali-Rackoff (1985): the paper that defined zero-knowledge
NIZK (Blum-Feldman-Micali) First non-interactive ZK construction in the common reference string model
Fiat-Shamir Transform Heuristic to compile interactive proofs into non-interactive ones via a hash function
DI06 — Scalable MPC Damgard-Ishai MPC-in-the-head approach (basis of Ligero and descendants)

Early SNARKs

Note Description
QSP / GGPR13 Quadratic Span Programs — theoretical basis for practical SNARKs
Pinocchio First practically efficient zk-SNARK; introduced the R1CS/QAP pipeline (2013)
Groth16 Highly efficient pairing-based SNARK with a circuit-specific trusted setup; still widely deployed

PLONK Family

Note Description
PLONK Universal and updatable trusted-setup SNARK using PLONKish arithmetisation (2019)
TurboPLONK PLONK extension with custom gates
plookup Lookup argument for efficiently proving table membership inside PLONK
Sonic Universal SNARK with a universal SRS predating PLONK
HyperPlonk PLONK variant over multilinear polynomials for improved prover time
HONK Aztec's PLONK successor using Gemini/ShPLONK; production-ready
UltraHonk Ultra-optimised HONK variant used in Noir's default backend

Transparent / STARK-based

Note Description
FRI Fast Reed-Solomon IOP — the polynomial commitment scheme powering zk-STARKs
zk-STARKs Transparent, post-quantum proofs based on FRI and AIR arithmetisation

IOP / Multilinear / Vector Commitments

Note Description
Bulletproofs Transparent range proofs and arithmetic circuits; no trusted setup, logarithmic proof size
Bulletproofs+ Improved Bulletproofs with shorter proofs and faster verification
Ligero MPC-in-the-head proof system based on linear codes
Ligero++ Improved Ligero with better concrete efficiency
Spartan Transparent SNARK using sum-check and multilinear polynomials; no FFTs
Hyrax Doubly-efficient zkSNARK using Pedersen commitments and the sum-check protocol
Libra Linear-time prover SNARK using the sum-check protocol over layered circuits

Dynamic & Designated-Verifier

Note Description
DV-Dynamic-zkSNARKs Designated-verifier dynamic zk-SNARKs with sublinear proof updates; applied to dynamic proofs of index (Wang et al. 2026)