From bc5e701a8940fdfb6332cbc494c84e0865874067 Mon Sep 17 00:00:00 2001 From: David Florness Date: Sun, 9 Feb 2020 22:40:52 -0700 Subject: [PATCH] OreSec talk: start section on zero-knowledge --- doc/oresec-talk/tallyard.tex | 39 ++++++++++++++++++++++++++++++++++-- 1 file changed, 37 insertions(+), 2 deletions(-) diff --git a/doc/oresec-talk/tallyard.tex b/doc/oresec-talk/tallyard.tex index 5d45d04..eb901da 100644 --- a/doc/oresec-talk/tallyard.tex +++ b/doc/oresec-talk/tallyard.tex @@ -326,9 +326,44 @@ \end{frame} \begin{frame}{The Remedy} - The definitive answer: + Where I got all of the following material: \pause - \url{https://vitalik.ca/general/2017/11/09/starks\_part\_1.html} + \url{https://vitalik.ca/general/2017/11/09/starks\_part\_1.html} \pause + + The following material was very rushed. +\end{frame} + +\begin{frame} + \begin{itemize} + \item We want to prove that a given $P_i$ constant term is valid + \textit{without} revealing what it is. This is equivalent to checking + whether $P_i(0)$ is valid. This is the essence of a Zero-Knowledge Proof. + \pause + \item Now, let $C(x)$ be a \textit{constraint checking polynomial} that is + zero if $x$ is a valid constant and nonzero otherwise. For example, if we + assume a valid constant is one that is either a zero or one, we can + construct $C(x)$ very simply: + \begin{equation*} + C(x) = (x - 0) (x - 1) = x^2 - x + \end{equation*} \pause + \item Now, we can restate the problem as: we need to prove that $C(P(x)) = 0$ + when $x = 0$. + \end{itemize} +\end{frame} + +\begin{frame} + \begin{itemize} + \item Let $Z(x) = x$ \pause + \item It's a known mathematical fact that any polynomial that is zero at $x=0$ + must be a multiple of $Z$. Therefore, there exists some $D(x)$ such that + \begin{equation*} + C(P(x)) = Z(x) \cdot D(x) + \end{equation*} + \item \pause Before anything, everyone ``commits''~\footnote{see commitment + schemes} to their polynomial by creating a merkle tree of the outputs of + $P(x)$ and $D(x)$ values and sending the root of the tree to + everyone. \pause + \end{itemize} \end{frame} \end{document} \ No newline at end of file -- 2.38.4