ParamsVerifierKZG is ParamsKZG even though it could be smaller #280
Assignees
Labels
tech-debt
Tech-debt related issues
Comments
|
Indeed this is true, and we should be able to improve it. The best option I think is to quickly state a brief draft of the proposal on how to solve this. And discuss over the idea. cc: @han0110 @kilic maybe there's some extra things that you want to add prior. |
|
@DamianStraszak As far as I remember |
Closed
|
I believe |
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
ParamsKZGis a potentially huge piece of data and in the current implementation there is no way to avoid passing it as an argument to theverify_prooffunction, which is supposed to be blazingly fast (and it is!) so there is no point for it taking arguments that it's not even consuming.This is because this function takes
params: Scheme::ParamsVerifieras an argument and for KZG this is the fullParamsKZG(so2^kelements) because of this line https://github.com/privacy-scaling-explorations/halo2/blob/main/halo2_backend/src/poly/kzg/commitment.rs#L273. Note that in reality it would be enough forParamsVerifierKZGto be of constant size -- just a few group elements, because that's what you need to verify KZG commitments.There was this issue #45 back in the days that kind of improved the situation. While the proof system has been adjusted for KZG, there is still the burden of supporting
V::QUERY_INSTANCE = trueinverify_proofso unfortunately this didn't fully solve the problem.This problem is kind of solvable using some dirty tricks, but I think there should be something that we can do to make it pretty. Currently this issue causes me and my team a lot of pain :)
Is this a problem that is annoying anyone besides me? Would there be interest in some discussion and potentially a PR that would attempt to solve it? I would love to hear some opinions.
The text was updated successfully, but these errors were encountered: