Groth16BatchVerifier icon indicating copy to clipboard operation
Groth16BatchVerifier copied to clipboard

verified publisher icon matter-labs-archive

Metadata

Batch verification proposal for the zkSNARK verification with the same(!) circuit

Batched Groth16 SNARK verification for the same circuit

Short explainer of how SNARK for transaction aggregation can be verified more efficiently on-chain. It allows the trade-off "100 mil constraints + one SNARK verification <=> few proofs of 10 mil constraints + batched verification".

Full construction description is here.

Implementation results

These tests are for three public inputs and uses r[0] = 1 optimization.

  • Verification of 1 proof using batching verifier requires gas: 737684
  • Verification of 2 proofs using batching verifier requires gas: 924385
  • Verification of 3 proofs using batching verifier requires gas: 1111151
  • Verification of 4 proofs using batching verifier requires gas: 1297855
  • Verification of 5 proofs using batching verifier requires gas: 1484433

License

Implementation code available under the Apache License 2.0 license. See the LICENSE for details.

Author

Alex Vlasov, @shamatar, [email protected]

Metadata

24
Stars
2
Forks
Watchers

Owner

verified publisher icon matter-labs-archive

Metadata

Batch verification proposal for the zkSNARK verification with the same(!) circuit

Back