obeliskgolem
obeliskgolem
/ gist:cdc79d50e6d55180b647a4353055e72d
Last active
December 6, 2021 14:30
Another way to solve `zkhack-soundness-of-music`
View gist:cdc79d50e6d55180b647a4353055e72d
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Just noticed that in the verifier program, there are no checks against the commited points. | |
| especially the pairing that checks P == H*Z: | |
| ``` | |
| let d = E::pairing( | |
| (pk + proof.pi_input) + (pk + proof.pi_input) + proof.pi_output.mul(-E::Fr::one()).into(), | |
| E::G2Affine::prime_subgroup_generator(), | |
| ) == E::pairing(proof.pi_H, setup.rho_Z); | |
| ``` |