-
Hi,
I am running a big for loop as follows:
```
for (int i=0; i < i; i++){ // num_cts : 53
for (int j = 0; i < J; j++) { // code_length: 169
if (cipher1_list[i][j]…
-
If your performing exponentiation on the same variable in multiple locations in your code, you may have duplicate constraints in many places.
Ideally the backend should be able to catch these and o…
-
[MiMC] is the result of the design approach of "let's do a traditional symmetric-flavored secure hash function, but using primitives that are efficient within a SNARK".
* original paper: http://epr…
-
The goal of this meta issue is to build a go-to place for links, information, and opportunities for building trustless zk-SNARKs as a potential future protocol building-block for Monero.
Disclaimer…
-
We forego robustness deliberately because it's hard/impossible in our restricted setting without a reliable broadcast channel or honest majority.
But we could aim for the weaker goal of identifiabl…
-
# yAcademy Rate-Limit Nullifier Review
**Review Resources:**
[Repo](https://github.com/zBlock-1/circom-rln)
[Docs](https://rate-limiting-nullifier.github.io/rln-docs/rln.html)
[Specs](htt…
-
We currently have a 2-round DKG, where we perform re-attempts as necessary.
https://eprint.iacr.org/2024/397 proposes a 1-round DKG. Since we don't vary our threshold upon re-attempt, we can do the…
-
note: tx chaining was removed after [discussion](https://github.com/monero-project/research-lab/issues/84#issuecomment-877873623) (July 18, 2020)
## Table Of Contents
- [Abstract](#Abstract)
- …
-
-
## Background
We have to prove that Rollup's data availability is from a given blob with KZG commitment
This means that the ZkVM guest has to go through the computation that generates the `Blo…