Discussing Geppetto solution to aggregate challenges #186
Comments
|
@nicola Have we concluded that this is the strategy we will take? If we have decided that, then I think this resolves #157. If we have concluded this, but #157 still requires more investigation into the options enumerated above, can you comment and/or update the issue there to reflect where we are at on the question? |
|
This does not resolve #157 this is one strategy to investigate and step number 1 for both aggregation or recursive composition. We are no further of where we left before, all updates are written on github |
|
Got it. Thanks. |
|
Hi all, just talked with Matteo who I knew had to deal with Snarks composition [and then with the problems of sampling the different curves]. He told me he actually did not do it in the end, but talking with Rihad he was pointed to this paper: |
|
Adding another pointer here, Dario Fiore at IMDEA mentioned Geppetto |
|
technical name for this in geppetto is: bounded proof bootstrapping |
|
Cocks-Pinch method is the one we should use to find the right curve. Luckily Scippr-lab has an implementation here: https://github.com/scipr-lab/ecfactory/tree/master/ecfactory/cocks_pinch |
|
I am a bit unclear on what the inputs to the Cocks-Pinch algorithm should be:
|
|
Zcash is thinking about his too! zcash/zcash#3425 (comment) |
|
r = 52435875175126190479447740508185965837690552500527637822603658699938581184513 |
nicola
changed the title
|
closing this, @nicola please open in a research repo if this still needs work |
From Ben: "aggregation just requires setting the field of the second snark to be the order of the curve in the first"
Next steps are:
The text was updated successfully, but these errors were encountered: