Modular polynomial-based proofs of knowledge for isogeny paths

We present an overview of modular polynomial-based proofs of knowledge for isogeny paths. The general recipe encodes each step of an isogeny path via a modular polynomial, which is then translated into a rank-1 constraint system and plugged into a suitable zero-knowledge succinct non-interactive argument of knowledge. This approach was originally introduced by Cong--Lai--Levin (ACNS 2023) using the classical modular polynomial, but other modular polynomials can be used to achieve smaller and more efficient proofs: In joint work with T. den Hollander, S. Kleine, M. Mula and D. Slamanig (CRYPTO 2025) we explored the use of the canonical modular polynomial for significant improvements, and in ongoing follow-up work we found that both the Atkin and Weber modular polynomials yield further improvements. As these three classes of modular polynomials are less prominent than the classical modular polynomial, especially in the context of isogeny-based cryptography, we will briefly explain how they are constructed and will then investigate how they can be used to encode a step of an isogeny path. Finally, we detail the practical improvements obtained from each of these classes.