You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Pairing check on Solidity side (Ethereum's precompile) requires input in specific form, where G2 points are decompressed. Decompressing points on Solidity side is just wasting gas, since it is not actually a useful computation required to be performed on-chain.
Can we update the CompressedSNARK and VerifierKey structures serialisation - to store G2 points in uncompressed form (and exclude implicit decompression from implementation of the reference verifier)?
Zeromorph verification executes pairing check with the input composed in the following way:
where
vk.s_offset_h
,vk.vp.beta_h
andvk.vp.h
are G2 points. In serialised form, compressed G2 points are represented as 64 bytes:Pairing check on Solidity side (Ethereum's precompile) requires input in specific form, where G2 points are decompressed. Decompressing points on Solidity side is just wasting gas, since it is not actually a useful computation required to be performed on-chain.
Can we update the
CompressedSNARK
andVerifierKey
structures serialisation - to store G2 points in uncompressed form (and exclude implicit decompression from implementation of the reference verifier)?Probably related to lurk-lab/solidity-verifier#40
The text was updated successfully, but these errors were encountered: