Here are my notes from the session:
Moderators: Luis Brandao and Daniel Benarroch
Scribes: Daniel Benarroch and Eduardo Moraes
General Notes
Overview of the comments by NIST (attached):
- How to bring all the comments into the Reference document?
- Want larger audience and contributors to help
R1CS vs Circuits
- Could be useful to have more clear description of r1cs representation and how it is mapped to and from circuits, as well as advantages over other representations.
- Better linkage on R1CS
- Follow comments in PDF by NIST
Comment on Taxonomy: QAP vs linear-PCP
- Succinctness and efficient verification is an important topic, which is only achieved by QAP (within all linear-PCPs)
- The Reference document should give QAP as an instantiation and not as an abstraction
- Not clear that any general linear PCP has specific properties that are useful for some constructions
- “Would like to see a comment that this is only efficient example”
Gadgets
- Not all gadgets are about SNARKs
- There are many gadgets (Proof for Shuffle) that are not necessarily related to SNARKs / NIZK
- Should we add a table about gadgets that are represented for non-generic proving systems
- Also, there are ways to optimize the gadgets, but hard to minimize the size of a circuit
- Instead, there is out-of-the box functionality
- Gadgets table is more about
1.Canonical use-cases for creating circuits
2.These are “functions” that you can call in programming language”
3.Can be seen from the point of view of composability (this is a concer, there is also many primitives that allow for composability)
4.This table is about standardization
5.Can also be seen as the specific protocols
6.Used for building specific applications
Composability: who’s responsibility is it?
- Implementation who implements the primitives,
- Applications since they compose them into circuit application
- Security since they need to define the actual security
Comment on audience of document and specific documentation (who is the reader of this?)
- Handling witnesses and private info - using legacy technology
- Building use-cases (companies and biz people not easy to read)
Branch out general constructions?
- Approaches for general functionality
- For some gadgets can use specialized primitives
Suggested Contributions
Name
Email
Specific Contribution / Action Point
| Name | Contribution / Action point | |
|---|---|---|
| Mariana Raykova | QAP vs Linear PCP efficiency and instantiation | |
| Luis Brandao | Specific comments integration from NIST | |
| Eduardo Morais | Motivation and reference of the applications (NIST Comment C12, C16) | |
| Eduardo Morais | Gadgets improvement table (NIST comment C13) | |
| Armando Fac | NIST C20 | |
| Daniel Benarroch | Describe better gadget purpose / functionality (start discussion of scope) | |
| Daniel, Angela | Applications need to be better explained and worked on, as well as the predicates | |
| Angelo de Caro | How to integrate legacy technology to applications in ZK (lego SNARK?) |
Sorry if I mispelled any name…(?)