refactor: replace transcript with spongefish NARG protocol#17
Open
shreyas-londhe wants to merge 3 commits intoa16z:mainfrom
Open
refactor: replace transcript with spongefish NARG protocol#17shreyas-londhe wants to merge 3 commits intoa16z:mainfrom
shreyas-londhe wants to merge 3 commits intoa16z:mainfrom
Conversation
Replace Blake2b rolling-hash Fiat-Shamir transcript with spongefish's duplex-sponge construction. Proofs become opaque NARG byte strings. - Add spongefish dependency (pinned to commit 45df37a7) - New ProverTranscript/VerifierTranscript traits for sponge API - Domain separator with InteractionPattern enforcement via CheckedProverState/CheckedVerifierState - Scoped pattern composition for sub-protocols (sigma1, sigma2, reduce rounds, scalar product) - Remove Proof struct, blake2b transcript, ark_proof, VMVMessage - Use macros in spongefish_codecs to reduce boilerplate
- Migrate all tests to CheckedProverState/CheckedVerifierState + check_eof() - Rewrite soundness tests for byte-level NARG tampering - Update serialization tests for NARG round-trip - Update all examples and bench to use dory_prover()/dory_verifier()
6 tasks
shreyas-londhe
force-pushed
the
feat/spongefish-1-core
branch
from
2b1f1eb to
1620bf3
Compare
Expose dory_pattern(&mut PatternBuilder, sigma, zk) as the single public pattern function, matching the convention of other sub-protocol patterns. Eliminates code duplication between standalone and composable pattern builders.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Replace Blake2b rolling-hash Fiat-Shamir transcript with spongefish duplex-sponge construction. Proofs become opaque NARG byte strings — no separate
Proofstruct.Breaking change: Proof format is incompatible with previous versions. Old proofs will not verify with the new system.
Core changes
45df37a7)ProverTranscript/VerifierTranscripttraits for sponge APICheckedProverState/CheckedVerifierStateenforce declaredInteractionPatternat runtime(sigma, zk)into sponge instanceRemoved
blake2b_transcript.rs,ark_proof.rs,proof.rs,VMVMessageAdded
domain.rs— domain separator + pattern builder with scoped compositionspongefish_codecs.rs—ProverTranscript/VerifierTranscriptimpls (macro-generated)Tests & examples
CheckedProverState/CheckedVerifierState+check_eof()dory_prover()/dory_verifier()