This is a combined update for May and June, and it doubles as our Q2 wrap-up. The quarter converged the three workstreams onto concrete artifacts: a double-stateless PIR engine fast enough to serve a larger chunk of the Ethereum hot state, a network-agnostic access layer design with its first public write-up, and a binary-trie node that now builds against mainnet. Reporting cadence is moving to roughly six weeks going forward, one mid-quarter and one at the end doubling as a quarterly wrap-up.

Highlights

  • PIR Genesis: codename for the first end-to-end PIR deployment over live Ethereum state, ~July. A sharded PIR system fronted by a versioned middleware that routes each Ethereum RPC call to the right shard, so resharding never breaks an integrated client. First launch targeted for July, more shards added iteratively, backed by a working group of external collaborators.
  • Finished the GPU (CUDA) implementation of insPIRe, our double-stateless workhorse: 36 ms over a 16 GB database on a single RTX 5090, with a ~300–400 KB round trip and under 2× memory blow-up.
  • Built a mainnet binary-trie node (EIP-7864), the data source for KeywordPIR, which in turn feeds the PIR shards.
  • Published Power to the Edges: the case for a direct browser↔p2p channel for Ethereum, and the foundation of our network-agnostic access layer.
  • Specced Skirrt, a new in-house double-stateless batch-PIR scheme that retrieves a full Merkle proof in one batched query with >10× lower communication than prior batching. Paper and reference implementation in progress.
  • Reimplemented VIA in Rust with secure parameters: VIA-C and batched VIA-B end to end at ≥120-bit security, with the earlier parameterization issue fixed in the open.
  • Conducted a multi-agent LLM security audit of the Tor client with EF’s Protocol Security team, covering our Arti fork and its upstream crates; findings shared with the Tor Project.
  • Opened a formal-verification track: a Lean-based effort kicks off in July with Leo Alt (Powdr Labs), starting from rustls-rustcrypto primitives and our PIR cores.

Details

PIR for the Ethereum State

  • PIR Genesis: A first end-to-end pipeline over part of the live Ethereum state. We are assembling a sharded PIR deployment (internally, “PIR Genesis”) that serves real balance/state queries across multiple shards, with a versioned middleware that compiles an Ethereum RPC call into the right query for the right shard, so backend resharding never breaks an integrated client. First launch targeted for July, with two shards running on one or both of insPIRe and VIA (pending security analysis and performance), and more shards added iteratively to cover more of the state. It is backed by a working group of external collaborators, spanning GPU acceleration and PIR for Merkle roots.
  • Scheme selection settled on insPIRe, we implemented it for GPU (CUDA). After concluding that LeanPIR could not beat insPIRe on GPU, we focused on accelerating and speccing insPIRe. The deciding factors are memory rather than raw compute: insPIRe blows the database up by under 2×, where preprocessed schemes such as OnionPIRv2 need 4× or more, so the same GPU serves roughly 4× more data. The bottleneck is now memory bandwidth, not arithmetic, which is why scheme choice matters more than GPU micro-optimization. On a single RTX 5090, our insPIRe implementation retrieves from a 1 GB database in 3.2 ms, 4 GB in under 10 ms, and 16 GB in 36 ms, with a ~300–400 KB round trip and under 12 s setup. Being double-stateless, the server holds no per-client key material, which both eases deployment and keeps queries unlinkable across sessions.
  • Skirrt, a new in-house double-stateless batch-PIR scheme. To retrieve a Merkle proof in a single batched query, we designed a new construction targeting double-stateless client-side batching, a gap existing schemes don’t fill because their batching keys are too large to re-send each query. Early results show more than 10× lower communication than prior batching approaches; a paper and reference implementation are in progress.
  • VIA, in the open: implemented in Rust and fixed a security/correctness issue. The previously surfaced parameterization issue, query sizes shrunk by parameters that fall short of the 128-bit security target, is being resolved through the via-rs reference implementation, which now runs VIA-C and the batched VIA-B end to end with a ≥120-bit-secure instantiation, an in-repo noise estimator, and docs. Several reviewers, including Ling Ren’s group, are independently checking the parameters.
  • GPU collaboration with SNU. Working with researchers at Seoul National University (SCALE lab), we are benchmarking VIA, insPIRe and OnionPIRv2 side by side on GPU. Their result, headed to ICS 2026, is that the GPU-PIR optimizations developed for OnionPIRv2 transfer to VIA, which is structurally close to it.
  • Benchmarks as a public good. Fixes and improvements to the published benchmarks, incorporating valuable feedback from Ling Ren, and adding a section (notes only for now) on multiserver schemes.
  • Invited seminar at COSIC (KU Leuven) on PIR for Ethereum.

TorJS / Embedded Arti

  • “Power to the Edges.” Our post frames the core problem: Ethereum survives internet outages, user access doesn’t. Today every browser request funnels through a handful of HTTPS gateways; a direct browser↔p2p channel unlocks accessibility, privacy, and resilience at once. Reception has been more enthusiastic than we expected.
  • The access-layer abstraction. The design has shifted from pushing one anonymity protocol into Ethereum clients to letting clients plug into any anonymity network (Tor, Nym, HOPR, Nox, Anyone, …) through a common interface. A minimal on-chain registry handles discovery, signaling and version vouching only; the transport stays off-chain. We plan to convene the anonymity-network teams as a working group once a v1 is out.
  • TorJS as its own project. tor-js now lives under the privacy-ethereum org, separated from the Arti fork, with upstream Arti kept WASM-ready (ideally with a WASM compilation check in CI) rather than WASM-specific. Shipped 0.3.1–0.3.3 on npm in June.
  • Transport kit: WebRTC and QUIC behind one API. KPS (key-pinned streams) is the cross-language (Go + Rust) transport underneath the access layer: a function-based API with WebRTC for browsers and QUIC for native, behind one shared port and one interface, plus an interop test matrix. This supersedes the earlier message-oriented “WebRTC transport kit” framing.
  • Integrations, brought in-house. Rather than wait on grants, we are integrating TorJS directly via PRs, with ethers.js as the primary target and then wallets depending on it, plus Kohaku/Ambire. A consensus-refresh bug in the fast-bootstrap path, and a payload-size limit on the deployed WebRTC gateway, are the current blockers being fixed first.
  • Multi-agent LLM audit of TorJS / Arti. In collaboration with EF’s Protocol Security team, we conducted a multi-agent (“swarm”) LLM audit over the TorJS/Arti fork and, critically, its upstream crate dependencies, with specialized agents working in parallel and an adversarial pass to consensus before a triage agent consolidated findings. The same method previously surfaced a libp2p CVE while auditing Lighthouse. To prepare, we documented how the fork diverges from upstream (its behavior, expected functionality, and security invariants) so the agents had accurate context. We communicated the issues it surfaced to the Tor Project team.
  • Post-quantum. We are deferring a full PQ-Arti to the Tor Project’s roadmap and instead prioritizing a hybrid key exchange against store-now-decrypt-later, plus formal verification of rustls-rustcrypto.

Verifiable UBT

  • A headless binary-trie node. We are building binary-node, a UBT client with no MPT to maintain. It builds an EIP-7864 binary trie from a recent mainnet snapshot (around the 25M block mark), and is now in the final stage: catching up from that applied snapshot to the tip of the chain by re-executing blocks, which requires enough memory to hold a large part of the state in memory. We skip the state-root check, since the binary node’s state root necessarily differs from the MPT root, and validate instead by querying a normal node and the binary node for everything read and written per block and checking that the results match.
  • New approach for UBT–MPT equivalence (h/t Kev). Take the BAL-hash-carrying header of a mainnet block and prove that the same BAL was applied to the binary trie. This takes the MPT out of the equivalence proving.
  • Ethrex track continuing. The Ethrex collaboration for client diversity continues alongside this in-house node.

Collaborations & acceleration

  • SNU SCALE lab (GPU acceleration and benchmarking of PIR), Ling Ren’s group at UIUC (double-stateless designs and VIA parameter review), and Powdr Labs (formal verification) are the active research collaborations this quarter.
  • Potential grant with Ling and PhD students. After months of async collaboration on the sharded PIR design and the security/correctness of the VIA scheme, we are discussing potential scopes for a grant with Ling Ren and Yue Chen.
  • CAPZCHA (PAP-4, the zkID anti-bot standard) moved toward a scoped proposal from external prospective grantees (in review): device-bound credentials supporting at least two production-ready zkID schemes through a common abstraction.