Comments (5)
Please see this example: https://github.com/microsoft/Nova/blob/main/examples/hashchain.rs
I'll be closing the issue. Please reopen if you have further questions.
from nova.
Yes, we cannot use alloc_input within a step circuit.
If we need to make things public, one design pattern is to add everything that needs to be made public on to a hash chain. Then the verifier can get the tail of the hash chain from the Nova proof and then actual content from the prover out of band and check if they are consistent. Does this make sense?
from nova.
Hi @featherin, thanks for your interest in this project!
Your use-case is certainly supported. Here's how I would go about doing it:
- The arity in the step circuit is 1, to pass the digest of the state thus far to the next step.
- The step circuit allocates variables corresponding to x_i (these are not necessary to be secret, they are just auxiliary variables).
- The step circuit computes z_out as H(z_in, x_i) and return that as the output of the step circuit.
Does this make sense?
from nova.
Hi @srinathsetty, I appreciate your kind and prompt comments!
Yeah, your mentioned steps were exactly what I attempted to do, and consequently I obtained a circuit similar to the minimal reproducible example below (
#[derive(Clone, Debug)]
struct FakeHashCircuit<G: Group> {
x: G::Scalar,
}
impl<G: Group> StepCircuit<G::Scalar> for FakeHashCircuit<G> {
fn arity(&self) -> usize {
1
}
fn synthesize<CS: ConstraintSystem<G::Scalar>>(
&self,
cs: &mut CS,
z: &[AllocatedNum<G::Scalar>],
) -> Result<Vec<AllocatedNum<G::Scalar>>, SynthesisError> {
let z = z[0].clone();
let x = AllocatedNum::alloc_input(cs.namespace(|| format!("x")), || Ok(self.x))?;
z.mul(cs.namespace(|| format!("Compute H(z, x) = z * x")), &x)
.map(|v| vec![v])
}
}
However, PublicParams::setup
will return Err(InvalidStepCircuitIO)
on input an instance of FakeHashCircuit
, which is due to the alloc_input
IMO. Everything will work as expected when changing alloc_input
to alloc
.
The full example is in my gist, and please correct me if I misunderstood something😊
---Edit---
Wow, thanks a lot for the example! What I did is to call alloc_input
in this line instead, but it complained with the aforementioned error :(
The reason I need these x
to be public inputs is that in my use case, the long message is known by the verifier who wants to check the correctness of the hash computation (as well as some other subsequent operations) on the message. Sorry for failing to make it clear!
from nova.
Yeah, after several failing attempts, I think this is the only viable option for now... A huge thanks for your help anyway!
from nova.
Related Issues (20)
- Typo in paper "Revisiting the Nova Proof System on a Cycle of Curves" HOT 1
- Why the type of "x" is vector? HOT 1
- details about scalar_mul? HOT 3
- Move to actual `group` traits and create `GroupExt` for the extra extensions of the `Group` trait HOT 4
- Reduce duplicate code across different curve cycle providers
- Support accelerated MSM for halo2curves/grumpkin HOT 6
- Unclear UnSat Error: 'RecursiveSNARK::verify: Err(UnSat)' HOT 1
- removing iteration count parameter (num_steps) from verify function HOT 1
- generalize minroot example to work with any curve cycle supported by Nova
- Load existing KZG setup parameters
- Re-export Field/Point types used in curve cycle implementations HOT 8
- Middleware to load Noir's ACIR into R1CS supported by Nova
- error: could not compile `nova-snark` (lib test) due to previous error HOT 3
- Remove redundant absorbing to the transcript HOT 1
- How does Nova constrain prev output and next input? HOT 1
- Use expect_test for tests in src/circuit.rs and elsewhere
- Compilation on 32-bit architectures HOT 1
- Solidity Verfier HOT 2
- [question] Where to find the example for matrix multiplication recursive snark HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nova.