Add Athena.md — Grant application

[manudev97]

Project Abstract

Athena is a predictive complexity model for Poseidon cryptanalysis using Gröbner basis attacks. The project develops an empirically grounded security model that estimates the practical cost of Gröbner basis attacks against Poseidon hash functions, addressing a major research gap in the Ethereum Foundation’s Poseidon Cryptanalysis Initiative.

This research aims to build the first open, reproducible framework for evaluating and modeling Poseidon’s security, integrating Magma/Sage-based experiments, Rust implementations, and Lean formal proofs. Results will support ZK-proof ecosystems such as Polkadot and Substrate by improving understanding of cryptographic security margins for Poseidon parameters.

Grant level

• Level 1: Up to $10,000, 2 approvals
• Level 2: Up to $30,000, 3 approvals
• Level 3: Unlimited, 5 approvals (for >$100k: Web3 Foundation Council approval)

Application Checklist

Note: A Polkadot AssetHub address for USDC/DOT payment will be provided upon request or before the first milestone, as my current address is ERC-20.

• The application template has been copied and aptly renamed (project_name.md).
• I have read the application guidelines.
• Payment details have been provided (Polkadot AssetHub (USDC & DOT) address in the application and bank details via email, if applicable).
• I understand that an agreed upon percentage of each milestone will be paid in vested DOT, to the Polkadot address listed in the application.
• I am aware that, in order to receive a grant, I (and the entity I represent) have to successfully complete a KYC/KYB check.
• The software delivered for this grant will be released under an open-source license specified in the application.
• The initial PR contains only one commit (squash and force-push if needed).
• The grant will only be announced once the first milestone has been accepted (see the announcement guidelines).
• I prefer the discussion of this application to take place in a private Element/Matrix channel. My username is: @_______:matrix.org (change the homeserver if you use a different one)

[github-actions]

CLA Assistant Lite bot All contributors have signed the CLA ✍️ ✅

[manudev97]

I have read and hereby sign the Contributor License Agreement.

[manudev97]

CLA signed ✅
All checks passed ✅
Ready for review. Thank you for your time!

[Noc2]

Thanks a lot for the application. Is there a specific project that you are aware of that wants to use this research in the Polkadot ecosystem?

[manudev97]

Specific projects in the Polkadot ecosystem that would benefit from my research into Poseidon hash cryptanalysis is highly relevant. As a developer committed to decentralization and the efficiency of ZK technology (ZKVM, RISC-V, ZKEVM), I believe my work is crucial for the network's future.

The demand for my research stems from two major initiatives: Polkadot's next-generation architecture and the underlying cryptographic infrastructure.

---

1. Core Project: JAM (Join-Accumulate Machine)

The most significant project driving ZK integration is the future evolution of Polkadot, the Join-Accumulate Machine (JAM), proposed by Dr. Gavin Wood.

• Goal: JAM aims to unify Polkadot's shared security model with native smart contract execution, including direct support for ZK-Rollups and generalized ZK computation.
• The ZK Challenge: As Dr. Wood highlighted, the current cost of ZK proof generation is orders of magnitude higher than Polkadot's current consensus mechanism. Achieving the "ZK-only" future requires efficiency gains addressed by high-performance primitives like Poseidon.
• Reference (Gavin Wood's Vision on Staking & ZK): The core idea is to eventually replace costly staking with ZK proofs for efficiency.
  • ZK Revolution - Eliminating Staking for Enhanced Efficiency

---

2. Infrastructure Project: OpenZL & Substrate Builders

The primary initiative standardizing these ZK primitives for all Substrate-based chains is the OpenZL proposal. This is where my research has the most direct and immediate impact.

• Objective: To establish a Common Good Zero-Knowledge-Proof Library for all Substrate builders, explicitly including ZK-Friendly hash functions like Poseidon in its initial range of cryptographic gadgets.
• Why Poseidon? Poseidon is optimized for ZK circuits, dramatically reducing the number of constraints compared to non-ZK friendly hashes like SHA-256, which is necessary for high-throughput ZK-Rollups on Polkadot.

Reference Type	Link
OpenZL Discussion (Polkassembly)	OpenZL: Common Good Zero-Knowledge-Proof Library for Substrate Builders #1050
OpenZL Learning Resource	OpenZL YouTube Playlist
Example Parachain (Potential User)	Cyborg-Network GitHub (AI/Compute Parachain)

---

The Cruciality of My Cryptanalysis Research

My research on the cryptanalysis of Poseidon is not just academic; it is an essential security prerequisite for Polkadot's evolution.

Just as the SHA-3 competition necessitated rigorous scrutiny to establish a secure national standard, Poseidon must pass intensive cryptanalysis to be adopted as the standardized ZK-friendly hash. If Polkadot is to transition to a ZK-centric architecture (JAM), the core cryptographic primitive used for proof generation must be provably secure against algebraic attacks. My work directly contributes to validating this foundation, securing the future of the decentralized web on Polkadot.

I am eager to contribute this critical line of work to the ecosystem.

[Lederstrumpf]

Hi @manudev97, thanks for your application.

1. I'm guessing you're aware that there's still an aggregate $55k in prize funding from EF for the ~40-bit security challenges + Poseidon256 32-bit challenge: https://www.poseidon-initiative.info/#h.eh9k3r1f7uke. So my understanding is you're looking to get this funded from them + w3f?
2. Are you receiving/applying for any other funding - other than the university support I'm guessing you're receiving?
3. It's not crystal-clear to me whether your analysis & rust framework would cover all Poseidon (2) flavors or not. It would be good to explicitly list all flavors you will cover in your milestones.

The ZK Challenge: As Dr. Wood highlighted, the current cost of ZK proof generation is orders of magnitude higher than Polkadot's current consensus mechanism. Achieving the "ZK-only" future requires efficiency gains addressed by high-performance primitives like Poseidon.

4. Sure. But your work is orthogonal to efficiency - it's a security analysis. And I'm not saying that to discredit value of security analyses - it's just that your argumentation here doesn't appear sound to me.

The primary initiative standardizing these ZK primitives for all Substrate-based chains is the OpenZL proposal. This is where my research has the most direct and immediate impact.

5. OpenZL has had no developer activity since almost three years now: https://github.com/openzklib/openzl

[manudev97]

Hi @Lederstrumpf, thank you very much for your thoughtful review and detailed questions.
Please find below my clarifications and additional details.

---

1. Relation to the EF Poseidon Cryptanalysis Initiative

Yes — I’m aware of the Ethereum Foundation’s ongoing $55k Poseidon challenge program.
However, my request to the Web3 Foundation is not for duplicative funding but rather to enable the research and implementation required to effectively participate in and contribute to that initiative.

The EF bounties are only awarded after a successful attack or analysis is produced, whereas this grant would fund the research and computational work necessary to reach that stage.
In other words, this proposal requests seed support for the empirical phase required to perform one of those Gröbner basis attacks in practice.

---

2. Current Funding Situation

At present, I’m not receiving any financial support apart from limited academic supervision from my university. This grant would therefore be my primary source of research funding, allowing me to dedicate time and compute resources to the project.

---

3. Scope and Coverage — Poseidon2 Flavors

The focus will be specifically on Poseidon2 over the Goldilocks field
($F_p = 2^{64} − 2^{32} + 1$), with parameters
d = 7, t = 8, RF = 6, RP = 13 — corresponding to the 40-bit estimated security instance of the EF challenge.

The model will initially target reduced-round instances for tractability, with the goal of producing a predictive complexity model (Athena) for Gröbner basis attacks that can later be generalized to other Poseidon2 instance.

I will use Rust (based on the open implementation from HorizenLabs/poseidon2), Sage, and Lean to integrate empirical data, symbolic algebra, and formal verification.

---

4. About the “efficiency vs. security” point

You are absolutely right — the core of this project is a security analysis.
My argument connecting it to efficiency is that Poseidon’s appeal in ZK systems derives from its high efficiency in constraint systems. As the goal of ZK is important for performance, if any ZK protocol as expected uses Poseidon as the favorite candidate for its high efficiency in arithmetization and my research has a positive impact, then Poseidon would no longer be secure and many ZK protocols that use Poseidon today would be affected.

If the security margins of Poseidon2 were shown to be weaker than expected, that would directly affect efficiency-driven design choices across ZK protocols in the Polkadot ecosystem (e.g., JAM’s ZK-enabled future).
So while orthogonal, security and efficiency are deeply coupled at the protocol-design level.

---

5. Regarding OpenZL

I agree — OpenZL is currently inactive, and I appreciate the note.
I referenced it historically because it represented an early attempt to standardize ZK-friendly primitives for Substrate builders. I do believe the Polkadot ecosystem would benefit from reviving or rethinking such an initiative, especially given Ethereum’s strong current momentum in this domain.

The Athena project could provide valuable data and modeling tools for any future ZK cryptography standardization efforts within the ecosystem. The deliverable is an empirical and reproducible predictive model for Gröbner basis attacks. Long-term, the results can strengthen ZK-proof primitives and security assessments within the Polkadot research community.

---

Thank you again for your review — I hope this clarifies my intentions and the unique contribution Athena aims to make.