diff --git a/misc/prio3_multiproof_robustness.py b/misc/prio3_multiproof_robustness.py
new file mode 100644
index 00000000..ab67ec81
--- /dev/null
+++ b/misc/prio3_multiproof_robustness.py
@@ -0,0 +1,99 @@
+# prio3_multiproof_robustness.py - Plot robustness bounds for various parameters.
+# Use `sage -python prio3_multiproof_robustness.py`
+import matplotlib.pyplot as plt
+import math
+
+FIELD128_MODULUS = 2**66 * 4611686018427387897 + 1  # Field128.MODULUS
+FIELD64_MODULUS = 2**32 * 4294967295 + 1            # Field64.MODULUS
+
+BATCH_SIZE = 1000000000
+
+
+def soundness(gadget_calls, gadget_degree, field_size):
+    '''
+    ia.cr/2019/188, Theorem 4.3
+
+    gadget_calls - number of times the gadget is called
+
+    gadget_degree - arithmetic degree of the gadget
+
+    field_size - size of the field
+    '''
+    return gadget_calls * gadget_degree / (field_size - gadget_calls)
+
+
+def robustness(epsilon, ro_queries, prep_queries, num_proofs):
+    '''
+    ia.cr/2023/130, Theorem 1 (ignoring negligible terms)
+
+    epsilon - soundness of the base FLP
+
+    ro_queries - random oracle queries, a proxy for the amount of precomputation
+                 done by the adversary
+
+    prep_queries - number of online attempts, a proxy for the batch size
+
+    num_proofs - number of FLPs
+    '''
+    return (ro_queries + prep_queries) * epsilon**num_proofs
+
+
+def sum_vec(field_size, num_proofs, lengths):
+    '''
+    Prio3SumVec (draft-irtf-cfrg-vdaf-08, Section 7.4.3): Probability of
+    accepting one report in a batch of BATCH_SIZE. Assuming the asymptotically
+    optimal chunk length.
+    '''
+
+    # Table 11
+    def gadget_calls(length, bits, chunk_length):
+        return (length * bits + chunk_length - 1) // chunk_length
+
+    return [
+        robustness(
+            soundness(
+                gadget_calls(length, 1, max(1, math.sqrt(length))),
+                2,
+                field_size,
+            ),
+            2**80,       # ro_queries
+            BATCH_SIZE,  # prep_queries
+            num_proofs,  # num_proofs
+        ) for length in lengths
+    ]
+
+lengths = range(0, 1000000, 100)
+plt.plot(
+    lengths,
+    sum_vec(FIELD128_MODULUS, 1, lengths),
+    label='Field128/1',
+)
+plt.plot(
+    lengths,
+    sum_vec(FIELD64_MODULUS, 1, lengths),
+    label='Field64/1',
+)
+plt.plot(
+    lengths,
+    sum_vec(FIELD64_MODULUS, 2, lengths),
+    label='Field64/2',
+)
+plt.plot(
+    lengths,
+    sum_vec(FIELD64_MODULUS, 3, lengths),
+    label='Field64/3',
+)
+plt.plot(
+    lengths,
+    sum_vec(FIELD64_MODULUS, 4, lengths),
+    label='Field64/4',
+)
+
+plt.xscale('log', base=10)
+plt.yscale('log', base=2)
+plt.xlabel('Length')
+plt.ylabel('Prob(1 in {} accepted reports being invalid)'.format(BATCH_SIZE))
+plt.title('Prio3SumvVec (field/number of proofs)')
+plt.legend()
+plt.grid()
+plt.show()