[plonk]: multiplicative group starts with one instead of omega

[alxiong]

As pointed out by CommonPrefix team:

the current multiplicative subgroup start from g^0 instead of \omega= g^1 as described by the original paper. While this choice shouldn't affect security, it's still nicer to be more faithful to the paper.

[alxiong]

@chancharles92 I think the reason why we were starting from g^0 is due to the default behavior of Radix2EvaluationDomain::new() when iterating over its elements, starts with pow=0

I now become a bit hesitant to change, because shifting the entire evaluation domain, means overriding the iterator. (EvaluationDomain doesn't work like a vector where you would just rotate left, but as an iterator, so we would have to change this in our forked of arkwork) I mean it's doable, but add more complexity.

maybe we should simply argue that, this slight deviation from the original paper is fine. (secure and minimal inconsistency), wdyt?

[mrain]

I would vote that we keep our current form, and a mark by the side noting the difference from the original paper.

[chancharles92]

Agree, let's keep it and maybe add a comment in the API.

[alxiong]

let's keep it and maybe add a comment in the API.

I wouldn't worry too much about this. it's not that informative. closing this issue now.