Enable using transcripts other than merlin::Transcript.
#161
Assignees
Labels
Comments
JayWhite2357
added
enhancement
|
@jvff Here is the issue that we discussed. This should complete the work to support |
JayWhite2357
added a commit
that referenced
this issue
Sep 26, 2024
# Rationale for this change See #161 for rationale. # What changes are included in this PR? NOTE: the individual commits may be good to review individually * `DoryMessages` accepts `impl Transcript` instead of `merlin::Transcript`. This is a breaking change, making the proofs non-backward compatible. The API deos not change. * Changed `CommitmentEvaluationProof` to accept `impl Transcript` rather than `merlin::Transcript`. * Replaced `merlin::Transcript` with `Keccak256Transcript` within `QueryProof`. Although the proof could be made generic, there is no real use-case for `merlin`. In the future, we can easily support other transcripts, but I think it is best to keep it concrete for now. * Dropped dead code and renamed the old `merlin` module. * Put `merlin` behind the `blitzar` feature flag since it is still required for the `blitzar::InnerProductProof`. * The tests are _NOT_ refactored to remove `merlin`. This can be done in a separate PR. # Are these changes tested? Yes. Existing tests cover the changes.
JayWhite2357
added a commit
that referenced
this issue
Mar 7, 2025
# Rationale for this change See #161 for rationale. # What changes are included in this PR? NOTE: the individual commits may be good to review individually * `DoryMessages` accepts `impl Transcript` instead of `merlin::Transcript`. This is a breaking change, making the proofs non-backward compatible. The API deos not change. * Changed `CommitmentEvaluationProof` to accept `impl Transcript` rather than `merlin::Transcript`. * Replaced `merlin::Transcript` with `Keccak256Transcript` within `QueryProof`. Although the proof could be made generic, there is no real use-case for `merlin`. In the future, we can easily support other transcripts, but I think it is best to keep it concrete for now. * Dropped dead code and renamed the old `merlin` module. * Put `merlin` behind the `blitzar` feature flag since it is still required for the `blitzar::InnerProductProof`. * The tests are _NOT_ refactored to remove `merlin`. This can be done in a separate PR. # Are these changes tested? Yes. Existing tests cover the changes.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Background and Motivation
Currently, the Proof of SQL prover uses the
merlincrate to provide it's public-coin transcript, created here:sxt-proof-of-sql/crates/proof-of-sql/src/sql/proof/query_proof.rs
Line 62 in 29d334d
However,
merlindoes not supportno_std(see #117 and zkcrypto/merlin#8) and is not conducive to use within the EVM/Solidity.#123 and #159 add a new
Transcripttrait that allows for using different transcripts. (Such as the simpleKeccak256Transcript.)If we replace all uses of
merlin::Transcriptwithimpl Transcript, we enable the ability to use any transcript implementation that is desired.Requested Changes
We need to replace all usage of
merlin::Transcriptwithimpl Transcript. Tests can still leveragemerlin::Transcriptbecause they need a concrete implementation, but all other code should be written generically.extend_serialize_as_lecan replaceappend_autoextend_canonical_serialize_as_lecan replaceappend_canonical_serializescalar_challenge_as_becan replacechallenge_scalar_single( andchallenge_scalars)other methods can be better replacements as relevant
CommitmentEvaluationProof::new,CommitmentEvaluationProof::verify_proof,CommitmentEvaluationProof::verify_batched_proofshould acceptimpl crate::base::proof::Transcriptinstead ofmerlin::Transcript.All implementers of
CommitmentEvaluationProofwill need to be updated to implement the changes properly.InnerProductProof- this will still internally need to usemerlin::Transcript. This is handled viawrap_transcript.DoryEvaluationProof- the usages of the transcript bubble down toDoryMessages.Either
QueryProof::newandQueryProof::verifycan be made generic w.r.t.Transcript, orQueryProofitself can be made generic w.r.t.Transcript. It is unclear which is a better design choice. Both solutions will require replacing the old transcript usage with the new within those functions.Tests will likely need to be refactored, but should just used
merlin::Transcriptas the concrete type. In the future, we may wish to migrate tests to useKeccak256Transcriptinstead. This can be a separate issue.The text was updated successfully, but these errors were encountered: