Abstract 

The increasing demand for privacy, verifiable computation and trust in web applications

highlights the inherent limitations of the traditional client/server architecture.

Zero-Knowledge Proofs (ZKPs) and Succinct Non-Interactive Arguments of Knowledge

(SNARKs) emerge as revolutionary technologies, offering the ability to prove the correctness

of a computation or the possession of information without disclosing any underlying sensitive

data for users.

This course will explore the foundational concepts of ZKPs, from interactive protocols to

highly efficient non-interactive proof systems. During the course hands-on sessions and

practical exercises will allow students, in some cases, to implement and, in others, apply

these technologies.

We will delve into cryptographic constructions like Groth16, Plonk, and Halo2, understanding

their architecture, their practical implications and how to use them in real-world cryptography.

Indeed, the course will also emphasize their applications in enhancing privacy and scalability

in blockchain systems, digital media integrity, and web security.

The curriculum is informed by the latest research and enriched by practical experience in

applied cryptography, extending the course made by Anca Nitulescu at crypt-a-bit 2024 and

building on my own teaching and research experiences. Furthermore, the course is thought

to be in continuity with Prof. Vitaletti’s course on blockchain technologies of ECI2025.

Objectives of the course 

The course “Building Cryptographic Proofs: Zero-Knowledge Proofs & SNARKs“ is designed

to give a first understanding of the main concepts and practical challenges behind verifiable

computation, from interactive proofs to modern non-interactive arguments.

The main goal of the course is to give the attendees the chance to understand how these

advanced cryptographic tools are realized in practice in order to give them the chance to

grasp the technical challenges to use such technologies in real-world applications.

Specifically, at the end of the course, attendees should be able to understand:

• how group-based cryptography is implemented in practice in basic protocols such as

Schnorr and in more advanced ones such as Bulletproof;

• how statements are encoded as circuits with tools like Circom;
• how to generate and verify Groth16 proofs with SnarkJS/Rapidsnark;
• grasp the foundations of IOP-based proofs based on Plonk arithmetization which are

the base of nowadays advancements in the field and see how to generate proofs in

such proof systems (e.g., Halo2, Plonky2 & 3);

Finally, attendees should also be able to clearly identify the use cases where SNARKs can

enable privacy and scalability in blockchain systems, digital media, and web integrity and they should also be able to identify the challenges of the adoption of these technologies in

real-world applications.

A basic knowledge of programming and fundamental cryptographic concepts can help.

Language: English

Brief index

• Introduction to Zero-Knowledge Proofs (ZKPs): Motivation and formal definition of

zero-knowledge. Interactive proofs and the Σ-protocol paradigm. Implementing basic ZK proofs (e.g., Schnorr protocol) using Python libraries.

• From ZK to SNARKs: Non-interactive proofs via Fiat–Shamir transformation. From Schnorr to Bulletproofs: range proofs and aggregation. Hands-on session on Bulletproofs implementation.
• From Bulletproofs to Groth16: Arithmetic circuits and Rank-1 Constraint Systems (R1CS): how statements are encoded as circuits. Introduction to Circom and SnarkJS for compiling, generating and verifying Groth16 proofs.
• From Groth16 to IOP-based proofs: Interactive Oracle Proofs (IOP) as the foundation of modern SNARKs (guaranteeing additional properties through recursion or folding or aggregation. Overview of Plonk and Halo2 (a recursive proof system) frameworks.
• Applications of SNARKs: How ZK proofs enable privacy and scalability in blockchain

systems (ZK-Rollups, zkVM Risc0). Use of SNARKs for verifiable digital media, PDF signatures and Web integrity proofs.

Program per day:

DAY 1 (3 hours): Intro to Zero-knowledge proofs: Sigma Protocols and implementation.

Example of I will conduct the implementation is available here:

https://hackmd.io/@LsH8lGjzQEiZJROqMMzmCA/SJ8f_85Jbx

DAY 2 (3 hours): From ZK towards SNARKS (and from Schnorr to Bulletproofs) and

implementation.

DAY 3 (3 hours): From Bulletproofs to Groth16. The concept of circuits: Circom and Snarkjs.

DAY 4 (3 hours): From Groth16 to IOPs: Plonk and Halo2.

DAY 5 (3 hours): SNARK applications in blockchains (for scalability and privacy), digital

media (e.g., image transformation) and web (e.g., TLS). Analysis of a zkVM: Risc0.