mikelodder7
commented
3 years ago In non-interactiveve zero-knowledge proofs, the verifier sends a challenge such that it shows the proof is fresh and the prover is not cheating. The link you provided describes that requirement. The eprint paper talks about sending a generator as well. In my case I'm computing the generator from public values and the nonce. Both methods should be secure.
Hi - I'm looking at the POKE protocol here https://www.gakonst.com/deep-dive-rsa-accumulators and there i no mention of a nonce sent from the prover to the verifier or of using a nonce in the hash functions. Can you tell me why you API's require a nonce? Thanks.