Briefing
The core problem in Zero-Knowledge SNARKs is the inherent trade-off between succinct proof size and efficient prover computation, with no single construction simultaneously achieving optimal performance in both. This research introduces the Equifficient Polynomial Commitment Scheme (EPC) , a novel cryptographic primitive that enforces a consistent representation (equal coefficients) of committed polynomials across different components of the SNARK. This foundational mechanism enables the construction of two new SNARKs, Pari and Garuda, which collectively set new performance frontiers → Pari achieves the smallest known proof size, while Garuda delivers the fastest prover time by supporting both free linear gates and custom gates. This theoretical breakthrough fundamentally re-architects the SNARK compiler paradigm, promising a new generation of verifiable computation systems with unprecedented efficiency for blockchain scaling and privacy.
Context
Prior to this work, SNARK construction relied on polynomial commitment schemes (PCS) like KZG or FRI, which forced developers to choose between minimal proof size (e.g. Groth16’s three elements) and efficient prover time with features like custom gates (e.g. HyperPlonk).
No existing SNARK could leverage the speed of free linear gates and the circuit compression of custom gates while maintaining an optimally succinct proof size. The prevailing challenge was designing a single, unified commitment primitive that could satisfy the stringent consistency requirements of a fast prover without sacrificing the succintness of the final proof.
Analysis
The Equifficient Polynomial Commitment Scheme (EPC) is a new cryptographic primitive that operates within the SNARK compiler framework. Conceptually, the EPC ensures that a committed polynomial has the same coefficient representation across the different encoding bases used by the SNARK’s underlying Polynomial Interactive Oracle Proof (IOP). This is achieved by using the EPC to enforce linear constraints, while the IOP handles the non-linear constraints. By enforcing this “equal coefficient” property, the EPC acts as a strategic drop-in replacement for a standard PCS, which allows the resulting SNARK constructions (Pari and Garuda) to simultaneously inherit the benefits of linear-time prover techniques (free addition gates) and circuit-specific optimization techniques (custom gates) without the typical increase in proof size or verification complexity.
Parameters
- Pari Proof Size → 160 bytes. (The smallest proof size among all known SNARKs, achieved using the BLS12-381 curve).
- Garuda Prover Speed → 3x faster than Groth16. (The first SNARK to combine free addition gates and custom gates for a significant reduction in proof generation time).
- New Primitive → Equifficient Polynomial Commitment Scheme (EPC). (A cryptographic primitive that enforces a consistent polynomial representation).
Outlook
The introduction of the EPC primitive and the resulting SNARKs, Pari and Garuda, opens a new research avenue for hybrid SNARK construction, specifically in optimizing the compiler approach. Future work will focus on generalizing EPCs to a universal and updatable setting, moving beyond the current circuit-specific trusted setup. In 3-5 years, this technology will enable truly stateless clients and highly complex, verifiable computation → such as full-scale verifiable machine learning models → to be executed and verified on-chain with unprecedented speed and minimal data overhead, fundamentally shifting the cost structure of decentralized applications.
Verdict
This research delivers a foundational cryptographic primitive that resolves the core efficiency trade-off in Zero-Knowledge SNARKs, defining the new performance standard for verifiable computation.
