Key verification #39
Key verification #39
Conversation
dtebbs
commented
Aug 10, 2020
•
dtebbs
commented
- Gadget to check hash of nested vk, parameterized by hash gadget
- Refactor aggragtor gadget so that the caller controls variable allocation
- Move control of variable allocation and use of key hashing gadget into circuit wrapper class
dtebbs
force-pushed
the
key-verification
branch
from
80d90ce
to
589ff59
Compare
dtebbs
force-pushed
the
key-verification
branch
2 times, most recently
from
a79220e
to
58525f1
Compare
dtebbs
force-pushed
the
key-verification
branch
4 times, most recently
from
66d4bdf
to
a8dff09
Compare
dtebbs
force-pushed
the
key-verification
branch
from
a8dff09
to
f77cffe
Compare
dtebbs
changed the title
dtebbs
force-pushed
the
key-verification
branch
from
f77cffe
to
6c0e89b
Compare
| using nppT = other_curve<wppT>; | ||
| using wsnarkT = typename wverifierT::snark; | ||
| using npp = other_curve<wppT>; | ||
| using nsnark = typename nverifierT::snark; | ||
|
|
||
| static const size_t batch_size = 2; | ||
| static const size_t public_inputs_per_proof = 1; |
There was a problem hiding this comment.
Why not add the size of the instance as part of another attribute of the application pool: https://github.com/clearmatics/zecale/blob/develop/libzecale/core/application_pool.hpp?
As such the new attribute app_pool.nb_pub_inputs (or however it is named) can be passed to the aggregator circuit to instantiate it's internal constants. That allows to check that the instance size of the extended proofs push'ed in the application pool equals app_pool.nb_pub_inputs and enables to fail early (before starting the assignment of circuit wires)
There was a problem hiding this comment.
Good catch. I've added it to aggregator server for now, since that's where most of these checks and error handling is currently done (I added a bunch in a previoius PR, but didn't add this one).
Eventually it would be great to include the number of inputs in the proof / vk types so that these errors are caught at compile time / when the tx is decoded, but that might be a more fundamental change.
There was a problem hiding this comment.
Good catch. I've added it to aggregator server for now, since that's where most of these checks and error handling is currently done (I added a bunch in a previoius PR, but didn't add this one).
That's fine for now to keep this on the server. Nevertheless, that shouldn't be where this value is set in the long run. The "uncompressed" instance size is function of the underlying base application and so checking received instance size outside of the scope of the application doesn't really make sense and affects the "genericity" of the Zecale server. The base app "compressed" instance size (the output of the hash function - see "GGPR's trick" - used on the base app instance) is a Zecale protocol param however, and so that's fine to set this on the aggregator server.
There was a problem hiding this comment.
Right. Eventually it seems we may be able to support a per-application number of inputs (up to some predetermined max). Note, it would not really be feasible to keep this as a variable yet anyway - we need a generic snarkT::verification_key_get_num_inputs() method first. clearmatics/zeth#291
dtebbs
force-pushed
the
key-verification
branch
from
6c0e89b
to
372e0a4
Compare
…ency and in preparation for extending the circuit)
…or mixing groth16 / pghr13.
…ator_circuit_wrapper
dtebbs
force-pushed
the
key-verification
branch
from
165f8c3
to
4943f21
Compare
dtebbs
force-pushed
the
key-verification
branch
from
c0e6d04
to
8eb8fb4
Compare
|
LGTM |
