Is it possible to use giza to prove specific cario program?

[jayhaizeizai]

Using verify command can ensure proof is generated for a cairo program, but not clearly one specific cairo program.
Is it possible to use giza to prove the proof is generated by specific program? Like using Program Hash or something?

[maxgillett]

Hi @jayhaizeizai, very sorry for the late reply. It's possible in Giza to prove that you executed a specific Cairo program by supplying the memory values that encode the program instructions (which are just normal field elements) as public memory values. These values are reduced to a single field element using verifier randomness and constrained in this piece of code:

giza/air/src/lib.rs

Line 140 in 5794cc9

Assertion::single(P_M_LAST, last_step, num / den),

If the prover gives the verifier a proof with public input matching a different program, then the proof cannot be successfully verified.

It's also possible to keep this program input private, and expose a hash of the program that was executed using the output builtin. This can be achieved by using a bootloader program, as described in section 2.2.1 of the Cairo whitepaper.