Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API improvements #2

Open
1 of 6 tasks
swasilyev opened this issue Jan 20, 2022 · 1 comment
Open
1 of 6 tasks

API improvements #2

swasilyev opened this issue Jan 20, 2022 · 1 comment
Assignees
@swasilyev

Comments

@swasilyev
Copy link
Collaborator

swasilyev commented Jan 20, 2022
edited
Loading

An integration attempt w3f/apk-proofs#31 immediately showed a number of API deficiencies:

  • 1. Though to produce an evaluation proof, the prover doesn't even need to compute the evaluation... Notice (f - f(y))/(X - y) = f/(X - y), where '/' stays for "get the quotient" as deg(f(y)) = 0 < 1 = deg(X-y). ...in most usecases prover has to supply the evaluations. So it make sense to make open to return the evaluations together with the proof, or provide a separate convenience method.
  • 2. In a similar vein, the combinations of polynomials are usually committed before generating the proof, so open can take a list of combinations.
  • 3. CommitmentScheme trait that both commits and verifies isn't practical as e.g. in KZG verifying an opening requires less parameter data than committing to the polynomial.
  • 4. Implementing AdditiveCommitment for GroupAffine likely requires a wrapper.
  • 5. 3rd party crate can't implement ShplonkTranscript for merlin Transcript.
  • 6. fflonk verification expects evaluations as a vec per an opening point (root), while shplonk -- as a vec per a polynomial. E.g. let have f and g opened in x and y. fflonk represents evaluations as [[f(x), g(x)], [f(y), g(y)]] vs [[f(x), f(y)], [g(x), g(y)]] in shplonk.
@swasilyev swasilyev self-assigned this Jan 20, 2022
@swasilyev
Copy link
Collaborator Author

swasilyev commented Jan 28, 2022
edited
Loading

№3 addressed in #8

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@swasilyev swasilyev

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@swasilyev