search

arkworks-rs / groth16

A Rust implementation of the Groth16 zkSNARK
https://www.arkworks.rs
Apache License 2.0
252 stars 101 forks source link

Made E::G1 and E::G2 generators input to groth16::generate_parameters #21

Closed rozbb closed 3 years ago

rozbb commented 3 years ago

I need this change because I'd like to generate ProvingKeys and VerifyingKeys for different circuits while ensuring they all share alpha_g1, beta_g1, gamma_g1, and delta_g1 (and all the _g2 versions too ofc). This is for some aggregate proving technique I'm working on.

A simple non-solution is to just pass an RNG with a known seed to generate_parameters whenever I need this property, but the issue is that g1_generator and g2_generator are not the first elements to be generated from the RNG (t is first), and so if the circuit sizes were different, we would get different generators.

So this is a simple solution for me: pass in the generators explicitly, and then use a real RNG to select t. An alternative solution is to just sample g1_generator and g2_generator at the top of the function instead of later. But that solution may be worse for me, because it would result in identical t values across circuits of the same size (which is bad? I can't tell).

Open to suggestions!

rozbb commented 3 years ago

Rebased

weikengchen commented 3 years ago

The code looks good. Sorry for the delay 👍

weikengchen commented 3 years ago

I forgot to update the CHANGELOG. Will do it soon.