The network grant program is paused for the moment. We will come back with news soon!

# CryptoNet supports researchers and protocol designers

As part of CryptoNet’s mission to improve the cryptographic building blocks for Web3 applications, we are very interested in funding research projects in the space, and creating collaborations across companies and academia. If you are a researcher working in any of Web3-related cryptographic problems we encourage you to apply to one of our* Grants*, and become part of CryptoNet extended community of researchers and collaborator.

**Research Areas**

CryptoNet will fund grants in the following areas

- SNARKs
- Vector Commitments
- Multiparty Computation
- Threshold Cryptography
- Fully Homomorphic Encryption

- Decentralized and anonymous authentication
- Security against Rational Adversaries
- Quantum Resistant Cryptography
- Proofs of Space

## Network Grants

A network grant is a mid-size funding instrument intended to stimulate research on cryptographic problems arising from Web3 applications, such as the ones listed above. We encourage applications that span the entire range of research projects: from theoretical foundational questions, to applied implementation and experimental efforts. We expect the typical grant to last one year (with possible renewal) and be funded on average $25,000.

Funds can be used to support graduate students, the summer salaries of university faculty, travel to conferences and meetings, participation in summer schools and Web3 events, fellowships for graduate students and postdocs.

### Application Process [Paused]

Applications will be received at any time, through a revolving application process. To apply for a Network Grant, applicants must submit a 3-page research proposal, a CV, and a budget that should not exceed $35,000, with a description of how the funds will be used.

### Requirements

There are no strict requirements that funded researchers have to meet, except for submitting a end-of-the-year report on the results of the project (which will be used to evaluate a potential renewal of the grant).

While researchers are not expected to collaborate with CryptoNet staff, we will strongly encourage interactions between funded PIs and our team, and across the network of funded PIs. To that extent CryptoNet will organize events for the PIs to share their problems and progress, and foster collaboration.

Apply at this page.

## Collaborator Grants

Occasionally CryptoNet staff will approach researchers for a more intense and hands-on collaboration on some of our own research projects. In this case the topic and span of the effort is set by CryptoNet, as opposed to proposal for Network Grants where we accept applications on any relevant topic.

This type of collaboration is usually initiated by CryptoNet staff. If you are interested in collaborating with us on one of our specific projects let us know, but we strongly encourage researchers to apply for a Network Grant first.

## Awarded Grants

### Network Grants

**Applicants**: Chaya Ganesh**Projected grant completion date**: Fall 2023**PL DRI:****@Matteo Campanelli****Project title:**Rational Protocols**Start date:**Oct, 2022

**Applicants**: Ghada Almashaqbeh**Projected grant completion date**: Fall 2023**PL DRI:****@Anca Nitulescu****Project title:**Delegation in Cryptographic Protocols**Start date:**Oct, 2022

### Summer Research Fellowships

**Applicants**: Yevgeniy Dodis**Projected grant completion date**: Summer 2024**PL DRI:**@**Project title:**Private, Ordered, Verifiable Databases**Start date:**Summer 2023

### Postdoc Fellowships

**Applicants**: Kelsey Melissaris**Projected grant completion date**: TBD**PL DRI:****@irenegia****Project title:**Witness-based Proxy Cryptography**Start date:**November 2022

**Applicants**: Lior Rotem (postdoc), Dan Boneh (PI)**Projected grant completion date**: Fall 2023, possible 1-year renewal**PL DRI:****@rosariogennaro**and**@ninitrava****Project title:**Succinct Arguments of Knowledge: Better Efficiency via Tighter Concrete Security**Start date:**September 2022

**Applicants**: Akira Takahashi (postdoc), Markulf Kohlweiss (PI)**Institution**: University of Edinburgh**Projected grant completion date**: Spring 2023, possible 1 year renewal**PL DRI:****@ninitrava****Project title:**Commit-and-prove zk-SNARKs in the Post-quantum World**Start date:**November 2022

### PhD Fellowships

**Applicants**: Weijie Wang (advisee), Charalampos (Babis) Papamanthou (advisor)**Projected grant completion date**: 01/2025**PL DRI:**@Anca Nitulescu**Project title:**Updatable Vector Commitments with Natural Aggregation Algorithms

**Applicants**: Abhiram Kothapalli**Projected grant completion date**: 05/2024**PL DRI:****@rosariogennaro****Project title:**Towards Unlimited-Depth Recursive Arguments

**Applicants**: Ioanna Karantaidou**PL DRI:**@Matteo Campanelli**Project title:**New Directions in Proof of Storage**Start date:**Fall 2022

**Applicants**: Varun Madathil (student), Alessandra Scafuro (advisor)**Institution:**North Carolina State University**PL DRI:****@nikkolasg****Project title:**Improving privacy guarantees of Decentralized Networks**Start date:**January, 2022

**Applicants**: Arantxa Zapico (student), Carla Rafols (advisor)**Institution:**UPF (Pompeu Fabra University)**Projected grant completion date**: Nov 30, 2022**PL DRI:****@ninitrava****Project title:**Vector Commitments - Linear-map VC**Start date:**December 1, 2021

### RFP-010 Projects on Vector Commitments

Grantees: Charalampos (Babis) Papamanthou (IP), Weijie Wang

Institution: Yale University

Description: This project focuses on tree-based vector commitments.What distinguishes tree-based vector commitments from other vector commitments is the fact that all proofs can be updated/maintained in sublinear time, whenever an element of the vector changes. However, due to this convenience, other challenges arise that we plan to investigate as part of this proposal. For example, it is typically hard to provide aggregation in tree-based vector commitments (e.g., Merkle tree proofs cannot be naturally aggregated) and verification of aggregated proofs can be expensive.

Directions:

(a) tree-based commitments based on multilinear trees;

(b) tree-based commitments based on RSA groups;

(c) tree-based commitments based on lattices.

**Grantees:** Carla Rafols (IP), Alexandros Zacharakis

**Institution:** Universitat Pompeu Fabra

**Description:** This project focuses on vector commitments in the discrete logarithm setting.

While the discrete logarithm setting is limited, because it does not allow to exploit key structure, it remains quite interesting to explore the problem in this setting for the following reasons:

- DLog cryptographic assumptions are clean, extensively studied, and well-understood,
- The arithmetic in this setting is more efficient, which could lead to more efficient constructions,
- techniques in this setting will probably work in other settings that generalize the discrete logarithm setting, most notably bilinear groups.

Directions: In this project the grantees investigate what subsets of the desired properties of vector commitments can be achieved in the discrete logarithm and with what efficiency. They will use both known techniques mainly inspired from the succinct argument literature, as well as explore new techniques to tackle the problem. Furthermore, the project will explore more restricted scenarios such as designated verifier and distributed trust that can be of practical importance for applications where fully public verifiability is not necessary.

**Status:** in progress

**Grantees:** Russell Lai, Sri Aravinda Krishnan Thyagarajan, Martin Albrecht, Giulio Malavolta

**Institutions:**

- Friedrich-Alexander University Erlangen-Nuremberg,
- Royal Holloway - University of London,
- Max Planck Institute for Security and Privacy

**Description:** This project focuses on lattice-based vector commitments.

Being “lattice-based” allows for some advanced functionalities and, critically, enables potentially post-quantum secure constructions. In particular, utilising the flexibility offered by lattices, the team aims for the first direct construction of any vector commitment with functional openings for any constant-degree polynomial. Moreover, to the best of our knowledge, this would be the first example of a lattice-based vector commitment beyond positional openings (for which there are “trivial” constructions from Merkle trees).

Directions: The proposed construction is likely to only be shown secure against a new family of lattice-based assumptions, which are natural extensions of the short integer solution (SIS) assumption. This family is called the k-Ring Inhomogenous Short Integer Solution assumptions. Such assumptions offer additional algebraic structure, which allows to transfer techniques for pairing-based cryptography to the lattice world.

**Grantees:** Dario Fiore, Dimitris Kolonelos, Dominique Schroder, Hien Chu

**Institutions:**

- IMDEA Software Institute, Madrid, Spain
- University of Erlangen-Nürnberg, Germany

**Description:** This project focuses on building functional commitments for a larger class of functions.

In functional commitments, an opening not only discloses single vector entries but can also be used to open a function of the committed vector, still in a concise manner. While there exist several realizations of vector commitments under different assumptions and with a variety of efficiency measures, less is known about functional commitments of which only a few schemes are known.

Directions: This project aims at studying the foundations of functional commitments with a particular focus on the computational assumptions and the minimal efficiency measures needed to build schemes for linear functions and more.

**Paper: ****Inner Product Functional Commitments with Constant-Size Public Parameters and Openings**** **in SCN 2022

### RFP-009 Projects on Proof of Space

Institution: Reichman University

Description: The goal of this project is to explore a new direction in constructing proofs of storage that are both useful and suitable for a permissonless consensus algorithm.

Directions: The main idea is to look at converting *privately verifiable* proofs of storage into *publicly verifiable *proofs.

Privately verifiable proofs of storage are almost trivial to construct (e.g., encrypt some useful data and send it to the storage provider; without the private key, this data is completely incompressible). Even if we want to guarantee utility of the encoded data to the holder of the data, we have constructions that can provide this. For example, the recent works on incompressible encodings (including my paper with Daniel Wichs from the previous Crypto) show how to encode arbitrary data in a way that prevents compression, but still allows it to be decoded (without requiring a secret key).

Status: end date Jan 2023

Grantees: Danilo Francati, Qiang Tang (U. Sydney), Giuseppe Ateniese (GMU), Dimitris Papadopoulos (HKUST)

Institutions: University of Sydney, GMU, HKUST

Description: Verifiable capacity bound function (VCBF) was recently proposed as a space analog of verifiable delay function. In particular, a VCBF imposes a lower bound on the number of bits read from memory during evaluation (referred to as minimum capacity). No adversary, even unbounded, should produce an output without spending this minimum memory capacity. Moreover, a VCBF allows for an efficient public verification process: Given a proof-of-correctness, checking the validity of the output takes significantly fewer memory resources, sublinear in the target minimum capacity. Finally, it achieves soundness, i.e., no computationally bounded adversary can produce a proof that passes verification for a false output. Despite showing potentials for applications due to the strict enforcement of “energy cost” during function evaluation (and analyzed via the tool of Kolmogorov complexity), VCBF is still at its very beginning, several drawbacks remain, here we list two:

(1) Current VCBF construction is secure in a “restricted model” that the adversary reads only constant blocks. This is only a theoretical cornerstone for a construction eventually in the model that allows the adversary to “adaptively” decide which bits to read.

(2) Directly applying VCBF to proofof-space (PoS), by replacing the hash might not work, as VCBF in its current form does not support proportional capacity growth during parallel evaluations

Status: end date Oct 2022