gnark
gnark copied to clipboard
Consensys
docs: document behavior of hash function inside and outside a circuit
See #99 and here.
In short, when using MiMC inside a circuit, each input is treated as a field element on size(element) bytes.
Example
To mimic this the following (inside a circuit):
hash.Write([]byte{0x01})
hash.Write([]byte{0x02})
outside a circuit, one needs to add padding to the byte slices. The easiest way is to use fr.Element objects.
var b1, b2 fr.Element
b1.SetBytes([]byte{0x01})
b2.SetBytes([]byte{0x02})
hash.Write(b1.Marshal()) // writes size(element) bytes, like in a circuit, NOT a single byte.
hash.Write(b1.Marshal()) // writes size(element) bytes, like in a circuit, NOT a single byte.
Hi @gbotrel . I'm looking to contribute to this repo. Can I take up one of these issues??
hi @xenowits -- sure, any contribution is welcome / appreciated :-) . Are you looking for something more dev? more doc? more crypto? Few hours work, or few days? (we've several things in mind that may not appear in the github backlog)
Something more crypto would work @gbotrel . I actually want to learn about zksnarks in general. I can take up the easier ones first, u can assign me those
3 ideas come to mind, of independent tasks (crypto);
- SSWU hash to curve implementation in
gnark-crypto - adding new components in
gnark/std; for example, we have aMiMChash function available to use in a circuit, it could be interesting to addPoseidonhash function. That would likely involve implementingPoseidoningnark-cryptoand adding a circuit component undergnark/std. - a PLONK solidity verifier
more software oriented, would be:
- #70 (find elegant ways to generate "type safe" witness in non-Go code bases)
- or explore any of the blockers that may arise with #74 #76 #75 (using
gnarkin WASM, iOS or Android).
more exploratory;
- add a (Groth16) batch-verify algorithm, from this