kilic
kilic
This PR basically moves the `Params` field from `MSM` and adds it as an argument to `eval` function of `MSM`. With this change reference to ecc point parameters are passed...
This library takes place in the security audit of [drand project](https://drand.love/blog/2020/08/10/drand-launches-v1-0/) carried by [SigmaPrime](https://sigmaprime.io). Report can be found [here](https://drive.google.com/file/d/1fCy1ynO78gJLCNbqBruzHx7bh72Tu-q2/view) All issues related with this library in the report are resolved...
Having [`pse/halo2curves`](https://github.com/privacy-scaling-explorations/halo2curves) which reimplements [`pse/pairing`](https://github.com/privacy-scaling-explorations/halo2curves) with upstream traits and also reexports [`zcash/pasta_curves`](https://github.com/zcash/pasta_curves) it is now possible to keep original commitment scheme rather than replacing it. Also since we won't have...
This PR adds a new transcript with poseidon hasher. It also moves blake2b transcript to `::transcript::blake2b` and the new one is implemented at `::transcript::poseidon`. Poseidon transcript depends on [appliedzkp/poseidon](https://github.com/appliedzkp/poseidon/pull/2). In...
Keccak256 option added to transcript. What is different than blake2b procedure is output size of keccak256 is 32 bytes where it is 64 with blake2. We can of cource find...
This PR adds registry that assigns constant values to an advice column in order to propagate constants via permutations. It will be useful for decomposition in vertical product gate which...
Also fixes carry bug in odd numbers of limbs case
It can be reproduced as: https://gist.github.com/guidovranken/14f882f1b0af90398ceb39eeebdace27
This method is useful for msm circuit and it can be ported from [here](https://github.com/AztecProtocol/barretenberg/blob/4d851dd316021496bb190180de621290de602017/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_impl.hpp#L168)
Alongside with pubkey and signature transaction caller may provide an inverted value then we can check the inversion `(a * a_inv == 1) mod n`. So that modexp call can...