Conversation
* feat: add ZK support for Jolt integration
- Add ArkDoryProof y_com/y_blinding field accessors
- Add ArkGT/ArkG1 serialization for transcript binding
- Fix typo in transcript.rs
- Fix clippy warnings in derive crate
* fix: remove y_blinding from proof serialization
y_blinding was never used by verifier but was being serialized,
leaking the blinding factor. Now returned separately from prove().
* fix: update tests for new prove/create_evaluation_proof return type
Destructure (proof, _) tuple from prove() and create_evaluation_proof()
which now return (DoryProof, Option<F>). Also add #[cfg(feature =
"disk-persistence")] guards to tests using load_setup/save_setup.
* fix: use separate URS paths for ZK and non-ZK modes
ZK mode serializes additional fields (h1_g2_fin) making the URS format
incompatible. Now uses dory_{n}_zk.urs for ZK mode.
* chore: format code for CI compatibility
* fix: update examples and benches for new prove return type
* style: add empty .rustfmt.toml for CI consistency
markosg04
commented
Feb 27, 2026
moodlezoup
reviewed
Mar 2, 2026
moodlezoup
left a comment
moodlezoup
left a comment
There was a problem hiding this comment.
nice work! just some minor comments
| - **Performance-optimized**: Vectorized operations, optional prepared point caching, and parallelization with Rayon | ||
| - **Flexible matrix layouts**: Supports both square and non-square matrices (nu ≤ sigma) | ||
| - **Homomorphic properties**: Commitment linearity enables proof aggregation | ||
| - **Zero-knowledge mode**: Toggable hiding proofs |
There was a problem hiding this comment.
is this what you mean?
Suggested change
| - **Zero-knowledge mode**: Toggable hiding proofs | |
| - **Zero-knowledge mode**: Toggleable hiding proofs |
Comment on lines
+40
to
+49
| #[cfg(feature = "zk")] | ||
| pub e2: Option<G2>, | ||
| #[cfg(feature = "zk")] | ||
| pub y_com: Option<G1>, | ||
| #[cfg(feature = "zk")] | ||
| pub sigma1_proof: Option<Sigma1Proof<G1, G2, G1::Scalar>>, | ||
| #[cfg(feature = "zk")] | ||
| pub sigma2_proof: Option<Sigma2Proof<G1::Scalar, GT>>, | ||
| #[cfg(feature = "zk")] | ||
| pub scalar_product_proof: Option<ScalarProductProof<G1, G2, G1::Scalar, GT>>, |
Comment on lines
+60
to
+63
| assert_eq!(proof.nu, decoded.nu); | ||
| assert_eq!(proof.sigma, decoded.sigma); | ||
| assert_eq!(proof.first_messages.len(), decoded.first_messages.len()); | ||
| assert_eq!(proof.second_messages.len(), decoded.second_messages.len()); |
There was a problem hiding this comment.
for this and the other roundtrip tests in this file, can we just do assert_eq!(proof, decoded)? Would be more robust
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Introduces a hiding version of the Dory protocol