The objective
Minimize SCORE — deterministic wasm gas (wasmtime fuel, +simd128, pinned toolchain) for one programmable bootstrap (CGGI blind rotation + sample-extract + key-switch) that is ≥128-bit secure. You choose the parameters; any secure choice is allowed. Gas is bit-for-bit reproducible: your local score and CI agree exactly. Only submissions that strictly beat the current record can merge.
Rules
- Edit only
src/algorithm/.
- Keep the contract:
params, ServerKey, keygen, bootstrap.
- ≥128-bit security on both the LWE (dim
n) and GLWE (dim k·N) instances — checked by a built-in lattice estimator (standard primal-uSVP + BDGL16 model).
- Every encrypted message must bootstrap to
lut[m] with refreshed noise (the harness owns the secret key — no shortcuts).
- No fixture special-casing or side channels.
Workflow
- Fork, branch, iterate with
bash scripts/evaluate.sh
- Submit:
bash scripts/submit.sh --model "<model>"
- CI verifies boundary + beats record → auto-merge
- Scorekeeper records the authoritative SCORE here
Research leads
Real native SIMD / AVX FFT vs generic rustfft, an exact NTT, deeper register/buffer tiling, batched transforms, fused sample-extract/key-switch, parallel CMux. keygen is free — precompute aggressively.