Subscribe to wiki
Share wiki
Bookmark
Gottfried Herold
The Agent Tokenization Platform (ATP):Build autonomous agents with the Agent Development Kit (ADK)
Gottfried Herold
Gottfried Herold is a German cryptography researcher at the Ethereum Foundation, where he is a member of the cryptography research team. [1] [2] He is recognized for his contributions to the theoretical foundations and practical implementation of cryptographic systems, with a focus on post-quantum cryptography, lattice-based cryptography, and the core protocols supporting the Ethereum roadmap. [3] His work spans multiple areas, including Verkle trees, data availability sampling for sharding, isogeny-based cryptography, and the formal analysis of cryptographic primitives. [4]
Education
Gottfried Herold earned his Ph.D. in Mathematics from the Technische Universität Kaiserslautern in Germany. [5] His early academic publications from this period focused on the computational aspects of isogeny-based cryptography and elliptic curves. Following his doctoral studies, his affiliations suggest a period of academic research at Ruhr-Universität Bochum, a prominent center for cryptographic research in Germany. [6] [3]
Career
Herold's career is marked by a transition from theoretical academic research to applied cryptography within the blockchain industry.
Early Academic Career
Before joining the Ethereum Foundation, Herold was an active academic researcher within the German cryptography community. His early work, with publications dating back to 2010, centered on public-key cryptography. During this time, he co-authored papers on topics such as fully anonymous group signatures with verifier-local revocation, structure-preserving signatures, and constant-size anonymous credentials. His collaborators included respected cryptographers such as Johannes Buchmann and Eike Kiltz, highlighting his strong foundation in the academic field. [4]
Ethereum Foundation
Herold is currently a researcher on the Cryptography Research Team at the Ethereum Foundation, where he is based in Berlin, Germany. [4] In this role, he applies his expertise to solve foundational challenges related to the security, scalability, and long-term viability of the Ethereum network. He works alongside other prominent researchers, including Dankrad Feist, Dmitry Khovratovich, and Benedikt Wagner. [1] His research directly anforms the development and implementation of major network upgrades, such as the transition to Verkle trees and the implementation of Proto-Danksharding (EIP-4844), while also exploring future-proofing the network against quantum threats. [3] [5]
Research and Contributions
Gottfried Herold's research contributions are extensive, covering both the application of cryptography to blockchain systems and the theoretical underpinnings of cryptographic primitives.
Contributions to the Ethereum Protocol
Herold's work at the Ethereum Foundation is central to several key components of the network's scalability and sustainability roadmap.
Verkle Trees and Stateless Ethereum
Herold is a key contributor to the research and optimization of Verkle trees, a type of vector commitment data structure designed to replace Ethereum's existing Merkle Patricia Trie. Verkle trees are crucial for enabling stateless clients, which can verify blocks without needing to store the entire state, thereby reducing node hardware requirements. His January 2026 paper, "Verkle Tree Optimizations for Stateless Ethereum," focuses on improving the efficiency of this data structure. [3] To support the practical development of this technology, Herold created verkle-gen-ref, an open-source reference implementation written in Rust for generating Verkle tree proofs. [4]
Data Availability and Sharding (EIP-4844)
Herold has conducted foundational research for Ethereum's data sharding architecture, particularly in the context of Proto-Danksharding (EIP-4844). He co-authored the 2025 paper "Robust Distributed Arrays: Provably Secure Networking for Data Availability Sampling," which introduced a novel distributed data structure to serve as a provably secure networking layer for Ethereum's Data Availability Sampling (DAS) scheme. This work addressed a critical gap by formalizing the security of the peer-to-peer layer, ensuring robustness with minimal honest-node assumptions. [4]
His contributions also extend to the cryptographic commitments used in sharding. He co-authored the 2026 paper "On the Security of the KZG-based Sharding Scheme of Ethereum," which provided the first formal security analysis of the Kate-Zaverucha-Goldberg (KZG) polynomial commitment scheme as used in EIP-4844. [4] In line with this theoretical work, he developed practical tools to support the ecosystem, including the kzg-interop-test-case-generator for the KZG trusted setup ceremony and contributed to c-kzg-4844, the C language implementation of the commitments. [4] [5]
Post-Quantum Cryptography (PQC)
A significant portion of Herold's research is dedicated to developing cryptographic systems that can withstand attacks from future quantum computers.
Lattice-Based Cryptography and Cryptanalysis
Herold has a strong background in lattice-based cryptography, one of the leading families of PQC candidates. His earlier work includes the 2017 paper "Tightly-Secure Unidirectional Proxy Re-Encryption from LWE," which presented a provably secure proxy re-encryption scheme based on the Learning with Errors (LWE) problem. [3]
Beyond constructing schemes, he has also contributed to lattice cryptanalysis. In a 2017 paper titled "Improved Algorithms for the Approximate k-List Problem in Euclidean Norm," co-authored with Elena Kirshanova, he introduced a novel "configuration-search" algorithm. This work significantly improved the time complexity of sieving methods used to solve the Shortest Vector Problem (SVP), a fundamental hard problem underpinning the security of many lattice-based systems. Their algorithm represented an advancement over the state-of-the-art BLS sieve algorithm, reducing its time complexity and contributing to the field of memory-efficient sieving. His work in this area is also reflected in his maintenance of a fork of fplll, a C++ library for lattice algorithms. [6] [7]
Isogeny-Based Cryptography
Isogeny-based cryptography is another major focus of Herold's PQC research. His work in this area dates back to his academic career, including the 2017 paper "Finding an Isogeny between Supersingular Elliptic Curves in Scrambled Kronecker Class Rings," co-authored with renowned cryptographers Daniel J. Bernstein and Tanja Lange. [5] His more recent research applies isogenies to modern blockchain challenges. The April 2025 paper "Post-quantum VDFs from Isogenies and Pairings" proposes a new construction for Verifiable Delay Functions (VDFs) with post-quantum security. In January 2026, he co-authored "Recursive Proofs for Isogeny-based Commitments" with Dankrad Feist, exploring the use of recursive proofs to create more efficient and scalable cryptographic systems. His open-source work includes the bls12-381-isogenies repository, which provides implementations of isogenies on the BLS12-381 curve. [5]
Other Post-Quantum Research
Herold's PQC research also includes exploring novel signature schemes. A 2025 preprint titled "Post-Quantum Signatures from the MinRank Problem" proposes a new construction for quantum-resistant digital signatures, contributing to the global effort to standardize PQC algorithms. [3]
Elliptic Curve and Pairing-Based Cryptography
Herold has made contributions to the optimization and implementation of elliptic curve cryptography, which is fundamental to many protocols used in Ethereum today. In 2017, he co-authored "Finding new optimal pairings" with Michael Scott, which introduced algorithms for discovering new families of pairing-friendly Barreto-Naehrig (BN) curves. [4] To facilitate this type of research, he developed ec-gpu-gen, a GPU-accelerated tool for searching for elliptic curves with specific desired properties. [4]
His work directly supports Ethereum's proof-of-stake consensus layer through his development of bls12-381-hash, a software library for hashing to the BLS12-381 curve according to the IETF standard. This curve is essential for the aggregate signatures used in the Beacon Chain. [4] Additionally, his public software projects include a repository named Bandersnatch, an implementation in Go that is likely related to the Bandersnatch elliptic curve, known for its efficiency in zero-knowledge proof systems. [7]
Cryptographic Foundations and Hash Functions
Herold also contributes to the foundational theory of cryptography. In January 2026, he co-authored the paper "Aborting Random Oracles: How to Build them, How to Use them." This work initiated the formal study of hash functions that can abort on certain inputs. The paper introduced the "Aborting Random Oracle Model" (aROM), a new idealized framework that extends the standard random oracle model. The research provides generic constructions and demonstrates the framework's utility by applying it to the analysis of SNARK-friendly hypercube encodings and to formalizing grinding attacks in Fiat–Shamir-based proof systems. [2]
Open-Source Software
Gottfried Herold is an active developer of open-source software, creating reference implementations and tools that support his research and the broader cryptographic community. His GitHub profile showcases his work on translating theoretical concepts into practical code. [7]
Key projects include:
- verkle-gen-ref: A reference implementation in Rust for generating Verkle tree proofs, crucial for the development and standardization of this technology for Ethereum.
- kzg-interop-test-case-generator: A tool designed to create interoperability test cases for the KZG trusted setup ceremony required for EIP-4844.
- ec-gpu-gen: A GPU-based tool for searching for optimal elliptic curves with specific cryptographic properties.
- bls12-381-hash: A reference implementation for hashing to the G1 and G2 subgroups of the BLS12-381 curve, following the official IETF standard.
- Bandersnatch: A Go-based project likely providing an implementation or tools for the efficiency-focused Bandersnatch elliptic curve.
- bls12-381-isogenies: A repository containing code for implementing isogenies on the BLS12-381 curve.
His public activity also shows contributions to core Ethereum-related projects such as c-kzg-4844 and forks of major repositories like go-ethereum and ethereum/research, indicating his direct involvement in the foundational layer of the Ethereum protocol. [4] [7] [5]
See something wrong?
The Agent Tokenization Platform (ATP):Build autonomous agents with the Agent Development Kit (ADK)