You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Soon, the Cardano blockchain will fork to give it low level BLS12-381 bindings to verify in its smart-contract language (Plutus) pairing-based crypto protocols. In light of this, I would love to connect the Circom + SnarkJS ecosystem to Cardano. To explore this viability, I already did some integration work and managed to fork SnarkJS so that the fiat shamir argument matches how Cardano needs to verify this.
To be more specific, I changed the hash function to use blake2b-224 (which directly maps into the bls scalar field for convenience), this is cost wise/gas wise also cheaper to run than Keccak onchain. Besides that, the low-level bindings of the BLS ops in Plutus, only allow a smart contract to retrieve points in their compressed form. This means that I had to change the transcript to not use x and y in the base field, but the compressed version, where we encode y in the leading bits of x.
This together allowed to make an initial POC implementation of a smart contract that runs Plonk (via Circom + snarkJS) on one of the testnet of Cardano (SanchoNet), where these BLS bindings are already present.
I would love to help, of course :)
The text was updated successfully, but these errors were encountered:
Hi,
Soon, the Cardano blockchain will fork to give it low level BLS12-381 bindings to verify in its smart-contract language (Plutus) pairing-based crypto protocols. In light of this, I would love to connect the Circom + SnarkJS ecosystem to Cardano. To explore this viability, I already did some integration work and managed to fork SnarkJS so that the fiat shamir argument matches how Cardano needs to verify this.
To be more specific, I changed the hash function to use blake2b-224 (which directly maps into the bls scalar field for convenience), this is cost wise/gas wise also cheaper to run than Keccak onchain. Besides that, the low-level bindings of the BLS ops in Plutus, only allow a smart contract to retrieve points in their compressed form. This means that I had to change the transcript to not use x and y in the base field, but the compressed version, where we encode y in the leading bits of x.
This together allowed to make an initial POC implementation of a smart contract that runs Plonk (via Circom + snarkJS) on one of the testnet of Cardano (SanchoNet), where these BLS bindings are already present.
I would love to help, of course :)
The text was updated successfully, but these errors were encountered: