barretenberg
barretenberg copied to clipboard
AztecProtocol
Problem: with new structured poly PR, we require up to 1.5x CRS points than before Breakdown of problem leading to more SRS points being requested: - pippenger_unsafe_optimized_for_non_dyadic_polys allows for non-power-of-2...
We currently just allocate dyadic_circuit_size/2 size for all of the polynomials (including shifted ones!) during sumcheck, which is a huge amount of memory. In ClientIVC, we don't really care about...
See https://github.com/AztecProtocol/aztec-packages/issues/9005
Currently an ACIR ivc recursion constraint requires witnesses corresponding to the VK, the public inputs, and the proof (without public inputs). The VK and public inputs are genuinely known in...
The main flow used for IVC in the TS tests `client_ivc_prove_output_all_msgpack` now includes explicit tagging of every other circuit as a kernel. This used to be done automatically from within...
We allocate `FF linearly_independent_contribution{ 0 }` (40ns?) only to immediately overwrite it with an `element * challenges[0]` where `challenges[0]` is 1. Looking at the numbers in basics.bench.cpp, this costs about...
Currently, we create a completely disconnected `stdlib::bool_t` witness dummy round from the native one which is insecure. We need to connect it to the `circuit_size` received from transcript (which is...
If we know this circuit will be recursively proven, then we should use poseidon2 in the transcript. Otherwise we can use keccak. This could allow us to get rid of...
Comparing to literal 0 costs 35 ns, which is too much just for a comparison, because it is inefficient.
