You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently the API for PC schemes follows the definition in the Marlin paper. This means that instead of generating an opening challenge for batch verification via a random oracle, methods on PolynomialCommitment explicitly take as input an opening challenge.
This reduces flexibility in challenge generation, and also increases the chance of mistakes in challenge generation due to incorrect domain separation or incorrect state chaining
Hence, we should define a common random oracle interface, and should use this interface consistently in PolynomialCommitment, as well as downstream in marlin. Goals include making the construction modular with respect to choice of concrete random oracle (eg: blake2s, Poseidon, etc), and enabling optimizations like sampling short linear combination coefficients, instead of sampling them as powers of opening_challenge.
Prior art include libraries like merlin, and the ad-hoc impl in marlin
The text was updated successfully, but these errors were encountered:
Currently the API for PC schemes follows the definition in the Marlin paper. This means that instead of generating an opening challenge for batch verification via a random oracle, methods on
PolynomialCommitmentexplicitly take as input an opening challenge.This reduces flexibility in challenge generation, and also increases the chance of mistakes in challenge generation due to incorrect domain separation or incorrect state chaining
Hence, we should define a common random oracle interface, and should use this interface consistently in
PolynomialCommitment, as well as downstream inmarlin. Goals include making the construction modular with respect to choice of concrete random oracle (eg: blake2s, Poseidon, etc), and enabling optimizations like sampling short linear combination coefficients, instead of sampling them as powers ofopening_challenge.Prior art include libraries like merlin, and the ad-hoc impl in marlin
The text was updated successfully, but these errors were encountered: