Use zk-whir variant instead of the leaky one#132
Conversation
| } | ||
| } | ||
|
|
||
| // TODO: refactor this function |
There was a problem hiding this comment.
TODO: refactor this whole project 😅
wzmuda
left a comment
wzmuda
left a comment
There was a problem hiding this comment.
I'm unable to verify the correctness of cryptographic changes, so I reviewed the PR from the programming perspective and I don't see anything obviously wrong (other than this project is super unreadable with its humongous functions and 200-character-long lines, but this is not this PR's fault).
I wish we could refactor this project one day because it will quickly become unmaintainable.
| EvaluationsList<FieldElement>, | ||
| ) { | ||
| let mask = generate_mask(witness_polynomial_evals.evals().len()); | ||
| let masked_polynomial = create_masked_polynomial(&witness_polynomial_evals, &mask); |
There was a problem hiding this comment.
Very minor: IMO, generate_mask and create_masked_polynomia can be combined to just one function called mask_polynomial(&whitness_polynomial_evals).
| } | ||
|
|
||
| #[instrument(skip_all)] | ||
| pub fn run_zk_whir_pcs_prover( |
There was a problem hiding this comment.
This seems to replace run_whir_pcs_prover, making it a dead code. Should we remove it?
batmendbar
left a comment
batmendbar
left a comment
There was a problem hiding this comment.
There are some changes that might conflict with the Spark implementation, but I can handle them when merging Spark to this. I left some comments on small issues. Otherwise, looks good.
3 participants
Opening this instead of this work:
#32
It is relying on an unmerged PR in WHIR: WizardOfMenlo/whir#188
The goal of this PR is to rely on WHIRs batching option to perform polynomial commitment in the ZK fashion.
The crux of it is, instead of performing WHIR rounds on the witness polynomial, you mask and blind its values with a huge random polynomial and do the batch commit on [masked, blinding] pair of polynomials.
Theoretical explanation can be found here: https://github.com/worldfnd/ProveKit/blob/main/sage/fri-and-friends/Zero%20Knowledge%20for%20WHIR.md