Also tweak formatting formatting of block entry to drop "[0]} and better align with block exit.
Tested only on Linux, might generate compile or (informative) runtime errors on other platforms.
* Use and clean up .d(ependency) files for executables's objects too.
* Rename OBJS and SRCS to LIB_OBJS and LIB_SRCS to clarify these don't include executables.
* Also, add index to libsnark.a and allow it as a target even if doing a non-static build.
- Reflect many of the recent additions and refactoring in libsnark
(at least at the level of brief mentions and pointers).
- More build instructions/hints.
- Minor cleanups.
- Refactor CXXFLAGS so that feature flags and optimization flags can be easily overriden from command line
- Add NO_SUPERCOP=1 option
- Avoid need to manually create ./depinst directory when ./prepare-depends is not needed (i.e., when BN128 and SUPERCOP are not used)
- Fix the flags for static build
- Build executables that need GTest even if we used an existing GTest rather than compiling it
- Minor cleanups and comments
A soundness bug in the input consistency check, found by Bryan Parno,
has been fixed. We thank Bryan for identifying the bug and for helping
us fix it.
Technical details: The bug affected the R1CS-to-QAP reduction, in that
some rank-1 constraint systems produced distinct, but not linearly
independent, QAP polynomials. The fix ensures independence. The cost
is an increase of QAP degree from cs.num_constraints()+1 to
cs.num_constraints()+cs.num_inputs()+1. Typically, cs.num_inputs() is
dominated by cs.num_constraints() so the degree increase is
negligible. Concretely, our experiments show that the increase is
typically less than 0.007% for all applications reported by us thus
far, including Zerocash [BCGGMTV14, S&P], SNARKs for TinyRAM [BCTV14,
USENIX Security], and Scalable Zero-Knowledge [BCTV14, CRYPTO].
See Remark 2.5 in the (revised) extended version of "Succinct
Non-Interactive Zero Knowledge for a von Neumann Architecture", at
http://eprint.iacr.org/2013/879 .
out common parts cp_handler's and placing them in compliance predicate
base class. Update compliance_predicate interfaces to account for the
simpler, improved workflow (see changes in tally_cp_handler/run_r1cs_ppzkpcd).
building a O(n)-sized linear combination by repeatedly concatenating
O(1)-sized linear combinations is O(n^2) operation. (This is akin to
the caveat for Python strings.)
This commit optimizes the constructions of CRH and packing gadgets to
be quasi-linear time operations, down from previously quadratic time.
Eran Tromer
Madars Virza
mbb
Madars Virza
Gordon Stewart