SlideShare a Scribd company logo

Halo2 Verifier in Move from ZERO to ONE.pptx

F
funfriendcjf

A generalized halo2 verifier written in Move

Technology
1 of 22
Download to read offline
halo2-verifier.move from 0 to 1 by @nanne007
Agenda • What’s halo2-verifier • Why we do this • How we did this - the detailed implementation • Problems we solve • Problems still remains • What’s next
Halo2 • PLONKish arithmetization with support of custom gates and lookup arguments.
Prover • Commit to polynomials encoding the main components of the circuit. • Evaluate the above polynomials at all necessary points. • Create an opening proof for the multipoint opening argument using some polynomial commitment scheme like kzg. Verifier • Read Commitments to polynomials encoding the circuit. • Read evaluation of the above polynomials at all necessary points. • Verify the opening proof against the multipoint opening argument using the same polynomial commitment scheme in prover.
halo2-verifier.move i s a set o f l i brari es t o : • expressing halo2 circuits directly in move. • verify proofs generated by halo2 protocol. • also, provides common crypto libraries, like implementation of msm, gwc/shplonk.
Why we do this T H E M O T I V A T I O N O F H A L O 2 V E R I F I E R I N M O V E For proof verification of zkmove which built upon halo2. So that we can integrate zkmove into move-based blockchains move ecosystem still lacks of public libraries for zkp. And we want to change the situations. A common implementation for halo2 verifier is a good start. And we can do that!
How we reach the goal S T E P incomplete support of crypto primitives Identify the key problem. S T E P study the system so we can get to the details. Deep understanding of halo2 S T E P add bn254 support to aptos Solve the key problem first. S T E P Move is good, but can be better. Implement the main components. S T E P the inconsistency of curve serializations The devil is in the detail. 1 2 3 4 5
Key problem W h e r e t o g e t t h e B N 2 5 4 p r i m i t i v e s
Key problem W h e r e t o g e t t h e B N 2 5 4 p r i m i t i v e s • There is NONE!
Key problem W h e r e t o g e t t h e B N 2 5 4 p r i m i t i v e s • There is NONE! • Cooperate with APOTS to add bn254 feature set.
MSM The Components • Following the structures of halo2 in Rust which already has a clean codebase. • Implement them one by one. • Do testing on the Move impl: make sure they have the same results of corresponding components of halo2. Permutation Expressio n Lookup Transcript Vanishing Shplonk Query
Make it Universal d e p l o y o n c e , r e u s e e v e r y w h e r e .
Make it Universal d e p l o y o n c e , r e u s e e v e r y w h e r e . • Abstract necessary circuit’s info into Resource
Make it Universal d e p l o y o n c e , r e u s e e v e r y w h e r e . • Abstract necessary circuit’s info into Resource
The Expression Problem • No way to express nested structures in Move pub enum Expression<F> { /// This is a constant polynomial Constant(F), /// This is a fixed column queried at a certain relative location Fixed(FixedQuery), /// This is an advice (witness) column queried Advice(AdviceQuery), /// This is an instance (external) column queried Instance(InstanceQuery), /// This is a challenge Challenge(Challenge), /// This is a negated polynomial Negated(Box<Expression<F>>), /// This is the sum of two polynomials Sum(Box<Expression<F>>, Box<Expression<F>>), /// This is the product of two polynomials Product(Box<Expression<F>>, Box<Expression<F>>), /// This is a scaled polynomial Scaled(Box<Expression<F>>, F),
The Expression Problem • No way to express nested structures in Move pub enum Expression<F> { /// This is a constant polynomial Constant(F), /// This is a fixed column queried at a certain relative location Fixed(FixedQuery), /// This is an advice (witness) column queried Advice(AdviceQuery), /// This is an instance (external) column queried Instance(InstanceQuery), /// This is a challenge Challenge(Challenge), /// This is a negated polynomial Negated(Box<Expression<F>>), /// This is the sum of two polynomials Sum(Box<Expression<F>>, Box<Expression<F>>), /// This is the product of two polynomials Product(Box<Expression<F>>, Box<Expression<F>>), /// This is a scaled polynomial Scaled(Box<Expression<F>>, F), 2 * x_2 * x_3 + 3 * x_0 * x_1 * x_3 + 5 * x_2 * (x_3 + x_4) Transform expression to multivariate polynomial
The chaos of curve serialization • y^2 = x^3 + ax + b • In serialization form, only store x with a bit to indicate the sign of y. • Different crypto libraries have no agreement on which bit to use. • In halo2-verifier.move, we had to re-serialize from halo2curves ---> arkworks.
Problems still remain w h i c h n e e d t o b e a d d r e s s e d n e x t 2. heavy gas cost mainly due to the pure move implementation of `pow` function. 1. cannot support too complex circuits It’s not possible to verify proofs exceeding 64k.
• Optimization! • Real user cases! like zk-email for aptos. • Expand to other move blockchains, like sui, movement. What's Next for halo2-verifier
References • zkmove website: https://www.zkmove.net/ • halo2-verifier.move: https://github.com/zkmove/halo2-verifier.move • halo2: https://zcash.github.io/halo2/design/proving-system.html • aptos cryptography: https://github.com/aptos-labs/aptos-core/tree/main/aptos- move/framework/aptos-stdlib/sources/cryptography • curve serialization: https://github.com/privacy-scaling-explorations/halo2curves/issues/109
About • A few fellows experienced with Move and ZKP, • With the goal of creating safe, efficient and trustless protocols. • And we’re recruiting talents to build with us!
Questions? We hope you learned something new.

Recommended

09 implementing+subprograms
09 implementing+subprograms09 implementing+subprograms
09 implementing+subprogramsbaran19901990
 
Intro. to static analysis
Intro. to static analysisIntro. to static analysis
Intro. to static analysisChong-Kuan Chen
 
Backdoors to Satisfiability
Backdoors to SatisfiabilityBackdoors to Satisfiability
Backdoors to Satisfiabilitymsramanujan
 
Memory Management with Java and C++
Memory Management with Java and C++Memory Management with Java and C++
Memory Management with Java and C++Mohammad Shaker
 
Functional Operations - Susan Potter
Functional Operations - Susan PotterFunctional Operations - Susan Potter
Functional Operations - Susan Potterdistributed matters
 
Topological Sort Algorithm.pptx
Topological Sort Algorithm.pptxTopological Sort Algorithm.pptx
Topological Sort Algorithm.pptxMuhammadShafi89
 
shellScriptAlt.pptx
shellScriptAlt.pptxshellScriptAlt.pptx
shellScriptAlt.pptxNiladriDey18
 
Verilog HDL
Verilog HDLVerilog HDL
Verilog HDLMantra VLSI
 

Recommended

09 implementing+subprograms
09 implementing+subprograms09 implementing+subprograms
09 implementing+subprogramsbaran19901990
 
Intro. to static analysis
Intro. to static analysisIntro. to static analysis
Intro. to static analysisChong-Kuan Chen
 
Backdoors to Satisfiability
Backdoors to SatisfiabilityBackdoors to Satisfiability
Backdoors to Satisfiabilitymsramanujan
 
Memory Management with Java and C++
Memory Management with Java and C++Memory Management with Java and C++
Memory Management with Java and C++Mohammad Shaker
 
Functional Operations - Susan Potter
Functional Operations - Susan PotterFunctional Operations - Susan Potter
Functional Operations - Susan Potterdistributed matters
 
Topological Sort Algorithm.pptx
Topological Sort Algorithm.pptxTopological Sort Algorithm.pptx
Topological Sort Algorithm.pptxMuhammadShafi89
 
shellScriptAlt.pptx
shellScriptAlt.pptxshellScriptAlt.pptx
shellScriptAlt.pptxNiladriDey18
 
Verilog HDL
Verilog HDLVerilog HDL
Verilog HDLMantra VLSI
 
1 hour dive into erlang
1 hour dive into erlang1 hour dive into erlang
1 hour dive into erlangJoan Valduvieco
 
1 hour dive into Erlang/OTP
1 hour dive into Erlang/OTP1 hour dive into Erlang/OTP
1 hour dive into Erlang/OTPJordi Llonch
 
Dsoop (co 221) 1
Dsoop (co 221) 1Dsoop (co 221) 1
Dsoop (co 221) 1Puja Koch
 
Computer Organization1CS1400Feng JiangBoolean al.docx
Computer Organization1CS1400Feng JiangBoolean al.docxComputer Organization1CS1400Feng JiangBoolean al.docx
Computer Organization1CS1400Feng JiangBoolean al.docxladonnacamplin
 
Php Crash Course - Macq Electronique 2010
Php Crash Course - Macq Electronique 2010Php Crash Course - Macq Electronique 2010
Php Crash Course - Macq Electronique 2010Michelangelo van Dam
 
C language
C languageC language
C languageRobo India
 
XPDDS17: uniprof: Transparent Unikernel Performance Profiling and Debugging -...
XPDDS17: uniprof: Transparent Unikernel Performance Profiling and Debugging -...XPDDS17: uniprof: Transparent Unikernel Performance Profiling and Debugging -...
XPDDS17: uniprof: Transparent Unikernel Performance Profiling and Debugging -...The Linux Foundation
 
Fortran & Link with Library & Brief Explanation of MKL BLAS
Fortran & Link with Library & Brief Explanation of MKL BLASFortran & Link with Library & Brief Explanation of MKL BLAS
Fortran & Link with Library & Brief Explanation of MKL BLASJongsu "Liam" Kim
 
Ruby basics
Ruby basicsRuby basics
Ruby basicsTushar Pal
 
Java script – basic auroskills (2)
Java script – basic auroskills (2)Java script – basic auroskills (2)
Java script – basic auroskills (2)BoneyGawande
 
Ver1-iitkgp.ppt
Ver1-iitkgp.pptVer1-iitkgp.ppt
Ver1-iitkgp.pptSouvikSaha842368
 
Practical unit testing 2014
Practical unit testing 2014Practical unit testing 2014
Practical unit testing 2014Andrew Fray
 
Introduction to Scala Implicits, Pimp my library and Typeclasses
Introduction to Scala Implicits, Pimp my library and TypeclassesIntroduction to Scala Implicits, Pimp my library and Typeclasses
Introduction to Scala Implicits, Pimp my library and TypeclassesJordi Pradel
 
Introduction to Groovy (Serbian Developer Conference 2013)
Introduction to Groovy (Serbian Developer Conference 2013)Introduction to Groovy (Serbian Developer Conference 2013)
Introduction to Groovy (Serbian Developer Conference 2013)Joachim Baumann
 
127 Ch 2: Stack overflows on Linux
127 Ch 2: Stack overflows on Linux127 Ch 2: Stack overflows on Linux
127 Ch 2: Stack overflows on LinuxSam Bowne
 
Verilog Lecture2 thhts
Verilog Lecture2 thhtsVerilog Lecture2 thhts
Verilog Lecture2 thhtsBéo Tú
 
Inside LoLA - Experiences from building a state space tool for place transiti...
Inside LoLA - Experiences from building a state space tool for place transiti...Inside LoLA - Experiences from building a state space tool for place transiti...
Inside LoLA - Experiences from building a state space tool for place transiti...Universität Rostock
 
Wrapper induction construct wrappers automatically to extract information f...
Wrapper induction construct wrappers automatically to extract information f...Wrapper induction construct wrappers automatically to extract information f...
Wrapper induction construct wrappers automatically to extract information f...George Ang
 
vlsi design using verilog presentaion 1
vlsi design using verilog presentaion 1vlsi design using verilog presentaion 1
vlsi design using verilog presentaion 1MANDHASAIGOUD1
 
Orthogonal Functional Architecture
Orthogonal Functional ArchitectureOrthogonal Functional Architecture
Orthogonal Functional ArchitectureJohn De Goes
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 

More Related Content

Similar to Halo2 Verifier in Move from ZERO to ONE.pptx

1 hour dive into Erlang/OTP
1 hour dive into Erlang/OTP1 hour dive into Erlang/OTP
1 hour dive into Erlang/OTPJordi Llonch
 
Dsoop (co 221) 1
Dsoop (co 221) 1Dsoop (co 221) 1
Dsoop (co 221) 1Puja Koch
 
Computer Organization1CS1400Feng JiangBoolean al.docx
Computer Organization1CS1400Feng JiangBoolean al.docxComputer Organization1CS1400Feng JiangBoolean al.docx
Computer Organization1CS1400Feng JiangBoolean al.docxladonnacamplin
 
Php Crash Course - Macq Electronique 2010
Php Crash Course - Macq Electronique 2010Php Crash Course - Macq Electronique 2010
Php Crash Course - Macq Electronique 2010Michelangelo van Dam
 
XPDDS17: uniprof: Transparent Unikernel Performance Profiling and Debugging -...
XPDDS17: uniprof: Transparent Unikernel Performance Profiling and Debugging -...XPDDS17: uniprof: Transparent Unikernel Performance Profiling and Debugging -...
XPDDS17: uniprof: Transparent Unikernel Performance Profiling and Debugging -...The Linux Foundation
 
Fortran & Link with Library & Brief Explanation of MKL BLAS
Fortran & Link with Library & Brief Explanation of MKL BLASFortran & Link with Library & Brief Explanation of MKL BLAS
Fortran & Link with Library & Brief Explanation of MKL BLASJongsu "Liam" Kim
 
Java script – basic auroskills (2)
Java script – basic auroskills (2)Java script – basic auroskills (2)
Java script – basic auroskills (2)BoneyGawande
 
Practical unit testing 2014
Practical unit testing 2014Practical unit testing 2014
Practical unit testing 2014Andrew Fray
 
Introduction to Scala Implicits, Pimp my library and Typeclasses
Introduction to Scala Implicits, Pimp my library and TypeclassesIntroduction to Scala Implicits, Pimp my library and Typeclasses
Introduction to Scala Implicits, Pimp my library and TypeclassesJordi Pradel
 
Introduction to Groovy (Serbian Developer Conference 2013)
Introduction to Groovy (Serbian Developer Conference 2013)Introduction to Groovy (Serbian Developer Conference 2013)
Introduction to Groovy (Serbian Developer Conference 2013)Joachim Baumann
 
127 Ch 2: Stack overflows on Linux
127 Ch 2: Stack overflows on Linux127 Ch 2: Stack overflows on Linux
127 Ch 2: Stack overflows on LinuxSam Bowne
 
Verilog Lecture2 thhts
Verilog Lecture2 thhtsVerilog Lecture2 thhts
Verilog Lecture2 thhtsBéo Tú
 
Inside LoLA - Experiences from building a state space tool for place transiti...
Inside LoLA - Experiences from building a state space tool for place transiti...Inside LoLA - Experiences from building a state space tool for place transiti...
Inside LoLA - Experiences from building a state space tool for place transiti...Universität Rostock
 
Wrapper induction construct wrappers automatically to extract information f...
Wrapper induction construct wrappers automatically to extract information f...Wrapper induction construct wrappers automatically to extract information f...
Wrapper induction construct wrappers automatically to extract information f...George Ang
 
vlsi design using verilog presentaion 1
vlsi design using verilog presentaion 1vlsi design using verilog presentaion 1
vlsi design using verilog presentaion 1MANDHASAIGOUD1
 
Orthogonal Functional Architecture
Orthogonal Functional ArchitectureOrthogonal Functional Architecture
Orthogonal Functional ArchitectureJohn De Goes
 

Similar to Halo2 Verifier in Move from ZERO to ONE.pptx (20)

1 hour dive into erlang
1 hour dive into erlang1 hour dive into erlang
1 hour dive into erlang
 
1 hour dive into Erlang/OTP
1 hour dive into Erlang/OTP1 hour dive into Erlang/OTP
1 hour dive into Erlang/OTP
 
Dsoop (co 221) 1
Dsoop (co 221) 1Dsoop (co 221) 1
Dsoop (co 221) 1
 
Computer Organization1CS1400Feng JiangBoolean al.docx
Computer Organization1CS1400Feng JiangBoolean al.docxComputer Organization1CS1400Feng JiangBoolean al.docx
Computer Organization1CS1400Feng JiangBoolean al.docx
 
Php Crash Course - Macq Electronique 2010
Php Crash Course - Macq Electronique 2010Php Crash Course - Macq Electronique 2010
Php Crash Course - Macq Electronique 2010
 
C language
C languageC language
C language
 
XPDDS17: uniprof: Transparent Unikernel Performance Profiling and Debugging -...
XPDDS17: uniprof: Transparent Unikernel Performance Profiling and Debugging -...XPDDS17: uniprof: Transparent Unikernel Performance Profiling and Debugging -...
XPDDS17: uniprof: Transparent Unikernel Performance Profiling and Debugging -...
 
Fortran & Link with Library & Brief Explanation of MKL BLAS
Fortran & Link with Library & Brief Explanation of MKL BLASFortran & Link with Library & Brief Explanation of MKL BLAS
Fortran & Link with Library & Brief Explanation of MKL BLAS
 
Ruby basics
Ruby basicsRuby basics
Ruby basics
 
Java script – basic auroskills (2)
Java script – basic auroskills (2)Java script – basic auroskills (2)
Java script – basic auroskills (2)
 
Ver1-iitkgp.ppt
Ver1-iitkgp.pptVer1-iitkgp.ppt
Ver1-iitkgp.ppt
 
Practical unit testing 2014
Practical unit testing 2014Practical unit testing 2014
Practical unit testing 2014
 
Introduction to Scala Implicits, Pimp my library and Typeclasses
Introduction to Scala Implicits, Pimp my library and TypeclassesIntroduction to Scala Implicits, Pimp my library and Typeclasses
Introduction to Scala Implicits, Pimp my library and Typeclasses
 
Introduction to Groovy (Serbian Developer Conference 2013)
Introduction to Groovy (Serbian Developer Conference 2013)Introduction to Groovy (Serbian Developer Conference 2013)
Introduction to Groovy (Serbian Developer Conference 2013)
 
127 Ch 2: Stack overflows on Linux
127 Ch 2: Stack overflows on Linux127 Ch 2: Stack overflows on Linux
127 Ch 2: Stack overflows on Linux
 
Verilog Lecture2 thhts
Verilog Lecture2 thhtsVerilog Lecture2 thhts
Verilog Lecture2 thhts
 
Inside LoLA - Experiences from building a state space tool for place transiti...
Inside LoLA - Experiences from building a state space tool for place transiti...Inside LoLA - Experiences from building a state space tool for place transiti...
Inside LoLA - Experiences from building a state space tool for place transiti...
 
Wrapper induction construct wrappers automatically to extract information f...
Wrapper induction construct wrappers automatically to extract information f...Wrapper induction construct wrappers automatically to extract information f...
Wrapper induction construct wrappers automatically to extract information f...
 
vlsi design using verilog presentaion 1
vlsi design using verilog presentaion 1vlsi design using verilog presentaion 1
vlsi design using verilog presentaion 1
 
Orthogonal Functional Architecture
Orthogonal Functional ArchitectureOrthogonal Functional Architecture
Orthogonal Functional Architecture
 

Recently uploaded

Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

Recently uploaded (20)

Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 

Halo2 Verifier in Move from ZERO to ONE.pptx

  • 2. Agenda • What’s halo2-verifier • Why we do this • How we did this - the detailed implementation • Problems we solve • Problems still remains • What’s next
  • 3. Halo2 • PLONKish arithmetization with support of custom gates and lookup arguments.
  • 4. Prover • Commit to polynomials encoding the main components of the circuit. • Evaluate the above polynomials at all necessary points. • Create an opening proof for the multipoint opening argument using some polynomial commitment scheme like kzg. Verifier • Read Commitments to polynomials encoding the circuit. • Read evaluation of the above polynomials at all necessary points. • Verify the opening proof against the multipoint opening argument using the same polynomial commitment scheme in prover.
  • 5. halo2-verifier.move i s a set o f l i brari es t o : • expressing halo2 circuits directly in move. • verify proofs generated by halo2 protocol. • also, provides common crypto libraries, like implementation of msm, gwc/shplonk.
  • 6. Why we do this T H E M O T I V A T I O N O F H A L O 2 V E R I F I E R I N M O V E For proof verification of zkmove which built upon halo2. So that we can integrate zkmove into move-based blockchains move ecosystem still lacks of public libraries for zkp. And we want to change the situations. A common implementation for halo2 verifier is a good start. And we can do that!
  • 7. How we reach the goal S T E P incomplete support of crypto primitives Identify the key problem. S T E P study the system so we can get to the details. Deep understanding of halo2 S T E P add bn254 support to aptos Solve the key problem first. S T E P Move is good, but can be better. Implement the main components. S T E P the inconsistency of curve serializations The devil is in the detail. 1 2 3 4 5
  • 8. Key problem W h e r e t o g e t t h e B N 2 5 4 p r i m i t i v e s
  • 9. Key problem W h e r e t o g e t t h e B N 2 5 4 p r i m i t i v e s • There is NONE!
  • 10. Key problem W h e r e t o g e t t h e B N 2 5 4 p r i m i t i v e s • There is NONE! • Cooperate with APOTS to add bn254 feature set.
  • 11. MSM The Components • Following the structures of halo2 in Rust which already has a clean codebase. • Implement them one by one. • Do testing on the Move impl: make sure they have the same results of corresponding components of halo2. Permutation Expressio n Lookup Transcript Vanishing Shplonk Query
  • 12. Make it Universal d e p l o y o n c e , r e u s e e v e r y w h e r e .
  • 13. Make it Universal d e p l o y o n c e , r e u s e e v e r y w h e r e . • Abstract necessary circuit’s info into Resource
  • 14. Make it Universal d e p l o y o n c e , r e u s e e v e r y w h e r e . • Abstract necessary circuit’s info into Resource
  • 15. The Expression Problem • No way to express nested structures in Move pub enum Expression<F> { /// This is a constant polynomial Constant(F), /// This is a fixed column queried at a certain relative location Fixed(FixedQuery), /// This is an advice (witness) column queried Advice(AdviceQuery), /// This is an instance (external) column queried Instance(InstanceQuery), /// This is a challenge Challenge(Challenge), /// This is a negated polynomial Negated(Box<Expression<F>>), /// This is the sum of two polynomials Sum(Box<Expression<F>>, Box<Expression<F>>), /// This is the product of two polynomials Product(Box<Expression<F>>, Box<Expression<F>>), /// This is a scaled polynomial Scaled(Box<Expression<F>>, F),
  • 16. The Expression Problem • No way to express nested structures in Move pub enum Expression<F> { /// This is a constant polynomial Constant(F), /// This is a fixed column queried at a certain relative location Fixed(FixedQuery), /// This is an advice (witness) column queried Advice(AdviceQuery), /// This is an instance (external) column queried Instance(InstanceQuery), /// This is a challenge Challenge(Challenge), /// This is a negated polynomial Negated(Box<Expression<F>>), /// This is the sum of two polynomials Sum(Box<Expression<F>>, Box<Expression<F>>), /// This is the product of two polynomials Product(Box<Expression<F>>, Box<Expression<F>>), /// This is a scaled polynomial Scaled(Box<Expression<F>>, F), 2 * x_2 * x_3 + 3 * x_0 * x_1 * x_3 + 5 * x_2 * (x_3 + x_4) Transform expression to multivariate polynomial
  • 17. The chaos of curve serialization • y^2 = x^3 + ax + b • In serialization form, only store x with a bit to indicate the sign of y. • Different crypto libraries have no agreement on which bit to use. • In halo2-verifier.move, we had to re-serialize from halo2curves ---> arkworks.
  • 18. Problems still remain w h i c h n e e d t o b e a d d r e s s e d n e x t 2. heavy gas cost mainly due to the pure move implementation of `pow` function. 1. cannot support too complex circuits It’s not possible to verify proofs exceeding 64k.
  • 19. • Optimization! • Real user cases! like zk-email for aptos. • Expand to other move blockchains, like sui, movement. What's Next for halo2-verifier
  • 20. References • zkmove website: https://www.zkmove.net/ • halo2-verifier.move: https://github.com/zkmove/halo2-verifier.move • halo2: https://zcash.github.io/halo2/design/proving-system.html • aptos cryptography: https://github.com/aptos-labs/aptos-core/tree/main/aptos- move/framework/aptos-stdlib/sources/cryptography • curve serialization: https://github.com/privacy-scaling-explorations/halo2curves/issues/109
  • 21. About • A few fellows experienced with Move and ZKP, • With the goal of creating safe, efficient and trustless protocols. • And we’re recruiting talents to build with us!
  • 22. Questions? We hope you learned something new.