Amortized efficient zk-SNARK from linear-only RLWE encodings

This paper addresses a new lattice-based designated zk-SNARK having the smallest proof size in amortized sense, from linear-only ring learning with error (RLWE) encodings. We first generalize quadratic arithmetic programming (QAP) over finite field to ring-variant polynomial Z p [X]/(X N + 1) power of two N. Then, we propose this encoding assumption on RLWE From isomorphism +1)≅Z , proposed scheme packs multiple messages resulting much smaller compared previous works. In addition, present refined analysis noise flooding technique based Hellinger divergence instead conventional statistical distance, which reduces proof. particular, our is 276.5 KB and only 156 bytes since protocol allows batch N proofs into single Therefore, achieve category zk-SNARKs comparable (pre-quantum) category.