Closed lazovicff closed 3 years ago
Hi, I noticed that neither the Prover nor the Verifier is checking if LinearCombination evaluates to 0 inside the constrain function. Since we are proving membership in a Merkle tree, the calculated root has to be the same as the real root (https://github.com/edgeware-builders/anon/blob/master/pallets/merkle/src/lib.rs#L473)
0
Without this functionality, the prover can prove anything without the verifier reporting any errors. Any advice on how to evaluate LinearCombination inside the Verifier?
Hi, I noticed that neither the Prover nor the Verifier is checking if LinearCombination evaluates to
0inside the constrain function. Since we are proving membership in a Merkle tree, the calculated root has to be the same as the real root (https://github.com/edgeware-builders/anon/blob/master/pallets/merkle/src/lib.rs#L473)Without this functionality, the prover can prove anything without the verifier reporting any errors. Any advice on how to evaluate LinearCombination inside the Verifier?