-
## Feature
I propose to add three software syscalls (i.e., https://github.com/risc0/risc0/blob/main/risc0/zkvm/src/host/server/exec/syscall.rs#L107) that are useful for modular operations and do no…
-
# Problem
For Groth16, we currently rely on wasm3 for witness generation and circom-compat for proof generation. There's circom-witness-rs which seems promising and would be roughly comparable with…
-
I tested on BN254 with Fr = 14226294082152339227274917010873249985458047913852393750281719691125978796426, the algorithm decomposes it into two numbers, one is 128 bits, but the other one is 191 bits.…
-
cc @kevincharm what exactly is left for Prod? I noticed quite a few TODO's still, so was curious what is needed in your opinion to actually use this in prod?
-
**Affected Code:** BN254.sol (line 286)
**Summary:** The encoding of G1 points assigns higher values to encode of positive Y coordinates and lower values to encode negative Y coordinates, which is …
-
-
Same IR as https://github.com/llvm/llvm-project/issues/103841 but applied to Aarch64 as an alternative to https://github.com/llvm/llvm-project/issues/103717
Unlike x86 there is always an extra inst…
-
Currently, we keep two BLS signature instantiations; one uses blst under BLS curves, and the other uses BN curves
https://github.com/EspressoSystems/jellyfish/blob/main/primitives/src/signatures/bls_…
-
The current pattern of using o1js' `Gadgets.ForeignField` is wrong: you're converting `Field3` to/from bigint in every operation. This will fail in provable code -- bigint operations are not provable,…
-
## Problem
Previously we use ark-zkey to decrease zkey size and loading time [ark-zkey](https://github.com/zkmopro/mopro/tree/main/ark-zkey)
But then we use `new_unchecked` to fix circom-compat zk…