Learning new things!
The elliptic curve is defined by an equation, but when it comes to practices, it is discrete and finite, i.e, we cannot work on elliptic curves that are defined on \(\mathbb{R}\), instead, we defined it on a field \(\mathbb{F}_p\) .
The points on the curve …
In abstract algebra, a field is a set equipped with two operations, usually called addition and multiplication. These operations satisfy several properties, which we outline below.
We give a commit-and-prove zero-knowledge argument Protocol for the satisfiability of a QAP for an arithmetic circuit \(C\). For wires in the circuit \(\{a_i\}_{i=0}^n\), we denote the input witnesses are \(\{a_i\}_{i=0}^k\), the inner circuit witnesses are \(\{a_{i}\}_{i=k+1}^l\) and the statements wires are \(\{a_{i}\}_{i=l+1}^n\). The quadratic arithmetic program, Pedersen commitment and …
To commit to degree \(\leq l\) polynomials, we need to construct Structured Reference Strings: \( (g, g^\tau, g^{\tau^2} , …, g^{\tau^l})=(g^{\tau^i})_{i\in [0,l]}\)
Note 1: The trapdoor \(\tau\) is generated by distributed protocols, for instance, ….
Note 2: …
Let \(C: \ \mathbb{F}^n \ \rightarrow \ \mathbb{F}^k\) be a map which takes \(n\) arguments from a finite field \(\mathbb{F}\) as inputs and compute \(k\) outputs in \(\mathbb{F}\). \(C\) is an arithmetic circuit if the outputs are determined by the operations \(+\) and \(\times\) to the