Closed kenshamir closed 5 years ago
n
is (implicitly) part of the statement to be proved ("the inner product of these vectors of length n is ..."), so the code should verify that the witness data satisfies it. Otherwise you could imagine something like a prover which claims to be performing an inner product proof on vectors of length 1024 but actually supplies a proof about vectors of length 0 (whose inner product is 1), or something like that.
On this line: https://github.com/dalek-cryptography/bulletproofs/blob/main/src/inner_product_proof.rs#L197
What is the rationale to providing
n
if it can be derived from the information already given1 << lg_n)
?