Skip to content

Instantly share code, notes, and snippets.

@kayabaNerve

kayabaNerve/.md Secret

Created November 30, 2024 04:46
Show Gist options
  • Save kayabaNerve/6173fa623ac0f6a9cd4269c16f3ffd48 to your computer and use it in GitHub Desktop.
Save kayabaNerve/6173fa623ac0f6a9cd4269c16f3ffd48 to your computer and use it in GitHub Desktop.
Review of Veridise's Work on Logarithmic Derivatives by Cypher Stack

Veridise published the next step of work regarding our usage of the divisor field of an elliptic curve to prove scalar multiplications. Specifically, it covers how taking the logarithmic derivative of the evaluation, and the usage of finite fields instead of integers, is secure.

This step of work was one of two remaining steps. While we had a quote for the entire scope of remaining work, it was split into two scopes as this scope was deemed sane yet the (now) remaining scope still needed further discussions with Veridise for clarity purposes and accuracy of the overall quote.

This scope of work achieved consensus within a MRL meeting.

Cypher Stack has quoted 70 XMR to perform this review. This is more than we paid for the work itself, yet it is still a fair rate and likely easily explained by how our prior reviewer of divisors, Aaron Feickert, is no longer at Cypher Stack. This causes any review to first include familiarization with the topic.

One concern raised was if we should wait until the resolution of all work to contract review to ensure we don't end up with yet another reviewer when the time comes. I'd advocate for this review now in order to minimize the delays faced and to potentially shape the next step of work. If this review completes before the next step of work completes, it has the opportunity to improve how the next step of work is conducted. That would imply we should wait entirely to perform the next scope of work, yet I personally would prefer the minimization of latency. I solely consider any potential benefit from the review occurring before further work completes a pleasant occurrence if it happens, not anything mandatory.

@j-berman
Copy link

j-berman commented Dec 4, 2024

One concern raised was if we should wait until the resolution of all work to contract review to ensure we don't end up with yet another reviewer when the time comes.

Starting review of just divisors sooner rather than later is arguably more likely to 1) accelerate the timeline to complete review of both divisors + R1CS formalization, and 2) be more cost effective.

On (1) accelerating the timeline to complete review of both divisors AND R1CS formalization:

  1. R1CS formalization is not ready to be reviewed yet; it is the next FCMP++ research task (see: https://gist.github.com/kayabaNerve/175a00de6edd3a64458dacb4f5e481e0).
  2. @kayabaNerve estimates Veridise will likely take longer to complete R1CS than Cypher Stack will take to complete this review of divisors.
  3. We don't have another candidate available who is already familiar with the existing work.

Given these facts, contracting Cypher Stack to start divisors review now will likely accelerate the timeline to complete all work. In the ideal case, we hire Cypher Stack again to review Veridise's R1CS formalization once that is complete and can be properly scoped. In the worst case, we need to hire someone new to get familiar with the work from scratch above, but given above, waiting until R1CS formalization is ready to be reviewed may very likely end up pushing the timeline back.

On (2) yielding a more cost effective path:

Given that Veridise's original quote to complete all formalization tasks in one package deal was actually significantly higher than the piecemeal prices summed up (by $15k), we have evidence that piecemeal pricing can actually be more cost effective. This makes sense because it is easier to scope smaller tasks and accurately estimate time to complete.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment