The cryptographic hyjinx in the BitVM world continue unabated it seems.

You may recall that Argo Mac (#1411495) increased BitVM efficiency by great leaps and bounds:

Recent research BitVM3 dramatically reduces this on-chain cost by using a garbled SNARK verifier circuit to shift most of the verification off-chain, but each garbled circuit is 42 Gibytes in size, so the off-chain storage and setup costs are huge.

This new paper, BABE, seems to have found a way to reduce the setup costs:

This paper introduces BABE, a new proof verification protocol on Bitcoin, which preserves BitVM3's savings of on-chain costs but reduces its off-chain storage and setup costs by three orders of magnitude.

How they do it is basically magic. But it kinda sounds like the magic that Bitcoiners should be familiar with:

BABE uses a witness encryption scheme for linear pairing relations to verify Groth16 proofs. Since Groth16 verification involves non-linear pairings, this witness encryption scheme is augmented with a secure two-party computation protocol implemented using a very efficient garbled circuit for scalar multiplication on elliptic curves.

Does all this just come down to doing really fancy things with signatures?