Currently, if a circuit is created with a witness assignment that doesn't satisfy the circuit, the proof creation will panic here:
https://github.com/HorizenLabs/marlin/blob/dev/src/ahp/prover.rs#L522
Due to unwrapping an InvalidCoboundaryPolynomial error.
This is theoretically correct, as the z1 poly is expected to be a coboundary polynomial iff the outer sumcheck equation is correct but from a practical standpoint we should return an error instead of panicking: a honest prover may rely on malicious external data to create the proof, that will cause the prover process to crash on purpose, and this is an unwanted behaviour.
So we need to find all other instances in the prover in which a wrong witness assignment will cause a crash, and replace the corresponding unwraps with errors throwing.
Currently, if a circuit is created with a witness assignment that doesn't satisfy the circuit, the proof creation will panic here: https://github.com/HorizenLabs/marlin/blob/dev/src/ahp/prover.rs#L522 Due to unwrapping an
InvalidCoboundaryPolynomialerror. This is theoretically correct, as the z1 poly is expected to be a coboundary polynomial iff the outer sumcheck equation is correct but from a practical standpoint we should return an error instead of panicking: a honest prover may rely on malicious external data to create the proof, that will cause the prover process to crash on purpose, and this is an unwanted behaviour. So we need to find all other instances in the prover in which a wrong witness assignment will cause a crash, and replace the corresponding unwraps with errors throwing.