CLA Assistant Lite bot All contributors have signed the CLA ✍️ ✅

I have read and hereby sign the Contributor License Agreement.

CLA signed ✅
All checks passed ✅
Ready for review. Thank you for your time!

Specific projects in the Polkadot ecosystem that would benefit frommy research into Poseidon hash cryptanalysis is highly relevant. As a developer committed to decentralization and the efficiency of ZK technology (ZKVM, RISC-V, ZKEVM), I believemy work is crucial for the network's future.

The demand formy research stems from two major initiatives: Polkadot's next-generation architecture and the underlying cryptographic infrastructure.

1. Core Project: JAM (Join-Accumulate Machine)

The most significant project driving ZK integration is the future evolution of Polkadot, theJoin-Accumulate Machine (JAM), proposed byDr. Gavin Wood.

• Goal: JAM aims to unify Polkadot's shared security model with native smart contract execution, including direct support forZK-Rollups and generalized ZK computation.
• The ZK Challenge: As Dr. Wood highlighted, the current cost of ZK proof generation is orders of magnitude higher than Polkadot's current consensus mechanism. Achieving the "ZK-only" future requires efficiency gains addressed by high-performance primitives like Poseidon.
• Reference (Gavin Wood's Vision on Staking & ZK): The core idea is to eventually replace costly staking with ZK proofs for efficiency.
  • ZK Revolution - Eliminating Staking for Enhanced Efficiency

2. Infrastructure Project: OpenZL & Substrate Builders

The primary initiative standardizing these ZK primitives for all Substrate-based chains is theOpenZL proposal. This is wheremy research has the most direct and immediate impact.

• Objective: To establish aCommon Good Zero-Knowledge-Proof Library for all Substrate builders, explicitly includingZK-Friendly hash functions like Poseidon in its initial range of cryptographicgadgets.
• Why Poseidon? Poseidon is optimized for ZK circuits, dramatically reducing the number ofconstraints compared to non-ZK friendly hashes like SHA-256, which is necessary for high-throughput ZK-Rollups on Polkadot.

The Cruciality of My Cryptanalysis Research

My research on the cryptanalysis of Poseidon is not just academic; it is anessential security prerequisite for Polkadot's evolution.

Just as theSHA-3 competition necessitated rigorous scrutiny to establish a secure national standard, Poseidon must pass intensive cryptanalysis to be adopted as the standardized ZK-friendly hash. If Polkadot is to transition to a ZK-centric architecture (JAM), the core cryptographic primitive used for proof generation must be provably secure against algebraic attacks.My work directly contributes to validating this foundation, securing the future of the decentralized web on Polkadot.

I am eager to contribute this critical line of work to the ecosystem.

Hi@Lederstrumpf, thank you very much for your thoughtful review and detailed questions.
Please find below my clarifications and additional details.

1. Relation to the EF Poseidon Cryptanalysis Initiative

Yes — I’m aware of the Ethereum Foundation’s ongoing $55k Poseidon challenge program.
However, my request to the Web3 Foundation isnot for duplicative funding but rather toenable the research and implementation required to effectively participate in and contribute to that initiative.

The EF bounties are only awardedafter a successful attack or analysis is produced, whereas this grant would fund theresearch and computational work necessary to reach that stage.
In other words, this proposal requestsseed support for the empirical phase required to perform one of those Gröbner basis attacks in practice.

2. Current Funding Situation

At present, I’m not receiving any financial support apart from limited academic supervision from my university. This grant would therefore be myprimary source of research funding, allowing me to dedicate time and compute resources to the project.

3. Scope and Coverage — Poseidon2 Flavors

The focus will be specifically onPoseidon2 over the Goldilocks field
($F_p = 2^{64} − 2^{32} + 1$), with parameters
d = 7, t = 8, RF = 6, RP = 13 — corresponding to the40-bit estimated security instance of the EF challenge.

The model will initially targetreduced-round instances for tractability, with the goal of producing apredictive complexity model (Athena) for Gröbner basis attacks that can later be generalized to other Poseidon2 instance.

I will useRust (based on the open implementation fromHorizenLabs/poseidon2),Sage, andLean to integrate empirical data, symbolic algebra, and formal verification.

4. About the “efficiency vs. security” point

You are absolutely right — the core of this project is asecurity analysis.
My argument connecting it to efficiency is thatPoseidon’s appeal in ZK systems derives from its high efficiency in constraint systems. As the goal of ZK is important for performance, if any ZK protocol as expected uses Poseidon as the favorite candidate for its high efficiency in arithmetization and my research has a positive impact, then Poseidon would no longer be secure and many ZK protocols that use Poseidon today would be affected.

If the security margins of Poseidon2 were shown to be weaker than expected, that would directly affectefficiency-driven design choices across ZK protocols in the Polkadot ecosystem (e.g., JAM’s ZK-enabled future).
So while orthogonal,security and efficiency are deeply coupled at the protocol-design level.

5. Regarding OpenZL

I agree — OpenZL is currently inactive, and I appreciate the note.
I referenced it historically because it represented an early attempt tostandardize ZK-friendly primitives for Substrate builders. I do believe the Polkadot ecosystem would benefit fromreviving or rethinking such an initiative, especially given Ethereum’s strong current momentum in this domain.

The Athena project could provide valuable data and modeling tools for any future ZK cryptography standardization efforts within the ecosystem. The deliverable is anempirical and reproducible predictive model for Gröbner basis attacks. Long-term, the results can strengthenZK-proof primitives and security assessments within the Polkadot research community.

Thank you again for your review — I hope this clarifies my intentions and the unique contribution Athena aims to make.