Closed davidnevadoc closed 2 years ago
markulf
commented
2 years ago In order to be self-contained, but also to be able to adapt notation and if necessary fix confusions it might be good to re-describe these techniques, or the exact ones we implement, in our Plonk book. Or course with proper reference to the original.
markulf
commented
2 years ago We need to update the add_blinder function here (https://github.com/ZK-Garage/plonk/pull/58), and undo some of the changes to reduce the degree of polynomials.
mathcrypto
commented
2 years ago this article
In order to be self-contained, but also to be able to adapt notation and if necessary fix confusions it might be good to re-describe these techniques, or the exact ones we implement, in our Plonk book. Or course with proper reference to the original.
I will describe the new method in the book @markulf cause the one currently describes is based on the original Plonk design
We are currently blinding the wire and permutation polynomials with the method proposed in the Plonk paper. This method consists of adding a multiple (of the appropriate degree) of the vanishing polynomial. Having 4 wires (instead of 3) makes this method quite inconvenient as it raises the degree of the quotient polynomial above
4n. This forces us to use an8nsized domain for the FFTs which negatively impacts performance.The current blinders will be switched with the method described in this article as suggested by @lopeetall .