PSE

1/ 🌱 The zkID team published OpenAC: Open Design for Transparent and Lightweight Anonymous Credentials earlier this week with a show proof time of 0.129 seconds. It describes a zero-knowledge identity construction designed to work with existing identity stacks and was purposely constructed to be compatible with the European Digital Identity Architecture and Reference Framework (EUDI ARF). github.com/privacy-ethere…

For a more detailed explanation, take a look at the design doc: github.com/privacy-ethere… Implementation: github.com/privacy-ethere…

We've just designed and implemented Generalized Predicate Proofs for Verifiable Credentials in OpenAC. This lets a credential holder prove complex logical statements over multiple attributes without revealing underlying values. The implementation uses Circom, but the approach can be applied with any zkDSL. Policies can express arbitrary combinations of comparisons and logical expressions, including: • Comparisons to constants or between attributes • Range checks • Set membership and non-membership • Logical compositions E.g. age > 18 AND annual income is between $30,000 and $100,000. The verifier only learns the boolean result, confirming whether the policy is satisfied, nothing more. This design is not tied to OpenAC and can be implemented in any Verifiable Credential system. Check threads to see the links 🔗

Current on-chain identity breaks when the issuer does. Sanctioned, shut down, or turned adversarial; already-verified users lose the ability to prove their credentials. This is the first post in our three-part resilience series on identity, payments, and coordination. We published a PoC that removes the issuer from the verification path entirely.

Who's your #1 Spotify artist? Prove it onchain. We pay the gas.

We released a draft PR for "Lean Staking", an EIP that breaks the link between deposit addresses and consensus layer validator keys, powered by LeanVM. The goal? Staking privacy. The byproduct? Two-sided plausibly deniable ETH transfers. Co-authored with @MMJahanara ethereum-magicians.org/t/eip-8222-lea… github.com/ethereum/EIPs/…

Client-side ZK proofs under 100ms. No SNARKs. Any device PlasmaBlind uses BlindFold, a Nova folding extension, to deliver private transfers with sender-receiver unlinkability and confidential amounts MIT-licensed. Open to everyone

welcome PlasmaBlind: a new privacy L2 that ditches SNARKs altogether, with <100ms client-side zk proofs, using the blindfold scheme and a carefully designed aggregator. uncompromising and instant privacy on *any* device. we implemented and benchmarked the whole thing at @PrivacyEthereum and are opening it under MIT. paper + code available at plasmablind.xyz the time for a special purpose privacy L2 has come 😎

Lots of great privacy work happening on Ethereum.

Every Ethereum read leaks what you're looking at. Private Information Retrieval (PIR) fixes this, but no single PIR scheme fits all of Ethereum's state New design from @0xalizk and Keewoo Lee: shard Ethereum's state by access pattern and pair each slice with the optimal PIR scheme. Express data, archival state, and everything in between; each gets the right cryptographic treatment. - A sidecar architecture handles real-time updates without blocking queries - A universal GraphQL interface keeps existing RPC calls working unchanged Read more 👉 ethresear.ch/t/sharded-pir-…

PSE just ran an internal vibecoding hackathon — what happens when cryptography engineers build with AI for 2 days straight? 10 projects. ZK circuit tooling, post-quantum crypto, circuit auditors, anonymous social networks. github.com/privacy-ethere… Highlights: 🥇 Vibe Circuit — Claude Code plugin for structured ZK circuit + Lean proof workflows 🥈 Seal — local daemon serving verified web app bundles over HTTPS on .seal TLD 🥉 Noir Circuit Auditor — found 3 real bugs across 5 Noir repos using adversarial AI auditing

You can try it here: openac-flow-builder.vercel.app Would really appreciate any feedback, especially what’s unclear, missing, or doesn’t map well to real-world use cases. We’re continuing to iterate before making this more broadly available. If you’re working on identity or privacy-related problems and will be at EthCC, would love to chat and hear what you’re building. Feel free to reply here or DM and we can find a time 🤝🏻

We’ve been working on OpenAC Studio, an interactive tool to explore how OpenAC can be used across different real-world scenarios. See threads for the link 👀 It’s still very much a work in progress, but we wanted to start sharing it early. The goal is to make it easier to understand: - what OpenAC enables - how it can be applied to different use cases - and what trade-offs come with different design choices (privacy, linkability, replay, etc.) This is an attempt to help teams reason about which components they actually need, and the implications of those choices.

VOLE-in-the-head is a fast hash-based ZK proving system which is plausibly post-quantum secure. We invited @crypto_carsten to give a talk on how it works, including how it was applied to build the FAEST signature scheme which is currently a NIST candidate, and the POMFRIT blind signature scheme. youtube.com/watch?v=5VjvkV…

Design principle: No new classical privacy debt, the privacy honeypot can only be prevented from growing, it can never be drained. Recommendations: Quantify the privacy honeypot, build a confidentiality surface registry, ship reference libraries for tractable surfaces, and scope open problems (zkTLS, real-world zkID import) as non-blocking research tracks.

Ethereum inherits PQ transport via Go 1.24's hybrid PQ TLS, but application-layer privacy like stealth addresses, zkID, confidential transactions; needs Ethereum-specific work Stealth addresses: ML-KEM replaces ECDH but ciphertexts are 33x larger. zkID export (Poseidon + STARKs) is tractable; real-world zkID import hits a 131x SNARK gap. zkTLS has no production MPC even for classical TLS 1.3.

Post-Quantum Threats to Ethereum Privacy ethresear.ch/t/post-quantum… Most PQ work focuses on signature forgery. But privacy is more urgent! Harvest-now-decrypt-later means every on-chain ciphertext is permanently exposed right now. No protocol upgrade can re-encrypt it.

Seed phrases break. Users shouldn't lose their wallet when they do. Social Recovery SDK is a ref implementation of on-chain account recovery with threshold policies and timelocks. Guardians can be EOAs, passkeys, or even email, verified with ZK proofs with no data exposed. Solidity + Noir + TypeScript pse.dev/blog/social-re…

PRIVATE LOGIC ON PUBLIC RAILS We built a DIY validium where the business logic is ordinary Rust, proved in zero knowledge, and verified on Ethereum Simple idea: write the rule, prove it, verify it on-chain iptf.ethereum.org/diy-validium/

True, and now you can add privacy into it with ZERO FRICTION Vibe your first ZK mobile app using mopro-ai 👇repo and blog post below