Gautam Botrel
Gautam Botrel
When deserializing points (see ecc/xxx/Decoder) , we do a subgroup check. `gnark` may need to deserialize millions of such points, and performance wise, we can't afford to do multiple scalar...
For BLS12-377 and BLS24-315: https://eprint.iacr.org/2020/1407.pdf
Most of the library is tested with property based testing & fuzzing. Need to add: - [ ] cross libraries checks, when available - [ ] carefully crafted test vectors...
Hi all, very interesting project :) I see you are using libsnark, and would like to suggest to have a look at our work: https://github.com/ConsenSys/gnark . It is written in...
used to have 3 constraints for `api.IsZero` ``` // m * (1 - m) = 0 // constrain m to be 0 or 1 // a * m = 0...
``` --- FAIL: TestCubicEquation/bw6_633/plonkFRI#01 (0.01s) assert.go:539: Error Trace: assert.go:539 assert.go:129 assert.go:176 assert.go:73 Error: plonkFRI(bw6_633): algebraic relation does not hold witness:{"x":3,"Y":35} Test: TestCubicEquation/bw6_633/plonkFRI#01 ```
Technically, the API encourages the use of `NewElement[T]` or `Assign` which will build element with correct number of limbs. But since these limbs are unconstrained, there is no soundness guarantees...
Solvers testing could be improved; instead of just testing provided witness against big.Int test engine, we should add test vectors and compare the full solution vector against expected [edge-cases] values.