Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Optimize proof structure #13
Right now, STARK proofs include spot checks against 2 Merkle trees (that's in addition to FRI proof). The trees are:
A leaf of the evaluation Merkle tree has the following form:
This means that the size of the proof grows with the number of registers, number of secret inputs, and number of registers mentioned in boundary constraints, and number of transition constraints.
A leaf of the linear combination tree is just a single value that is a linear combination of all P, S, B, and D evaluations computed as follows:
We start off by re-defining the structure of the evaluation Merkle tree. Instead of including evaluations of P(x), S(x), B(x), and D(x), it will now include only evaluations of P(x) and S(x). So, the leaf of the evaluation tree would look like this:
The methodology for building linear combination tree remains the same as before.
The verifier is still able to verify everything it was able to verify before. Here is the logic: