'Zero-Knowledge Proof Algorithm, PLONK —Circuit: Sin7Y Tech Review (16)' by Sin7Y_Labs sin7y blockchain
We recently investigated the Zero-Knowledge proof algorithm-PLONK and this article has discusses two critical topics of PLONK, the circuit design and the verification process of the copy constraint. Theoretically, the safest algorithm is STARKs, which does not rely on the assumption of mathematical problems. PLONK adopts the SRS concept of the concept of SONIC but dramatically improves the efficiency of the proof.
One outstanding issue of SNARKs is the centralized Trust Setup, also known as the Common Reference String . Whether PGHR13, Groth16, or GM17 algorithm, their CRS are for one-time use and non-updateable. Different problems will correspond to different CRS, becoming more problematic in some scenarios. In contrast, PLONK and SONIC have competitive advantages in response to these problems. Although they also require centralized Trust Setup, their CRS has a certain degree of universality.
In SNARKs, a circuit is composed of effective wires. In PLONK, SONIC, and HALO, a circuit is formed of gates. In SNARKs, the wire is the unit description that the values between the wires share the same witness. Therefore, there’s no need to prove consistency.As mentioned in PLONK, it is necessary to prove the validity of the constraint relationship between the gates. Before explaining the specific principles, we will go over the process of the PLONK protocol, shown in the following figure.
After a thorough analysis of Z, it is not difficult to find that Z is the ratio between the cumulative multiplication product value of the two functions . In theory, it is equal to 1. Therefore, we need to come up with a polynomial Z, which satisfies:The multiplicative cyclic group can satisfy this condition. If we design a multiplicative cyclic group H with an order of n, Z=Z) can be known based on the properties of the group. Therefore, when designing Z, we will ensure that Z=1.