Let challenger observe all of the transcript

valida-xyz / valida

A STARK-based VM focused on code reuse, performance, and modularity

Apache License 2.0

262 stars 42 forks source link

Let challenger observe all of the transcript #74

Open morganthomas opened 8 months ago

morganthomas commented 8 months ago

The challenger for the Fiat-Shamir transformation needs to observe all of the pieces which are in the transcript. Otherwise, soundness bugs can result. See derive/src/lib.rs, where there are some relevant TODO comments. Review the use of the challenger to make sure that the Fiat-Shamir transformation is being performed properly, adding any observations to it as needed.

morganthomas commented 3 months ago

The challenger should also observe a digest of all constraints & trace lengths, according to a comment by Daniel Lubarov in the implementation of verify in derive/src/lib.rs.