Current decider circuit has a lot of public inputs, which increase the gas cost of the verification method in the solidity contract, since for the Groth16 verification we compute a scalar mult (of BN254's G1) for each input in the contract.
Next step is to do the usual trick in these cases: moving most of those public inputs to be 'private inputs' in the DeciderEthCircuit, and computing a hash of them, which is the actual public input of the circuit. Thin in-circuit the old-public-inputs are now private inputs, which are hashed and check to match the hash-value that is a public input. The hash used can be a sha256, which is available both in solidity and in arkworks r1cs constraints.
The idea is that it is cheaper to hash all those inputs in the contract and feed the hash as public input to the Groth16 proof verification (onchain), rather than not computing the hash and having to do a scalar mult for each public input.
Current decider circuit has a lot of public inputs, which increase the gas cost of the verification method in the solidity contract, since for the Groth16 verification we compute a scalar mult (of BN254's G1) for each input in the contract.
Next step is to do the usual trick in these cases: moving most of those public inputs to be 'private inputs' in the DeciderEthCircuit, and computing a hash of them, which is the actual public input of the circuit. Thin in-circuit the old-public-inputs are now private inputs, which are hashed and check to match the hash-value that is a public input. The hash used can be a sha256, which is available both in solidity and in arkworks r1cs constraints.
The idea is that it is cheaper to hash all those inputs in the contract and feed the hash as public input to the Groth16 proof verification (onchain), rather than not computing the hash and having to do a scalar mult for each public input.
This should be done both in the current Nova decider circuit & HyperNova decider circuit, along as the solidity verifier template, and should reduce substantially the gas cost of onchain verification.