Logo

    Testudo Design Doc

    Constraints

    Filecoin proofs with Testudo

    • must be comparable with Bellman Groth16 on verification, proof size, trusted setup
    • must improve at least 4x in terms of proving time with no change in hardware
    • should be backward compatible with the existing sectors
    • should have minimal audit need

    v0.1

    Features

    • Proving
      • run Spartan prover except the polynomial commitment i.e. the two sumchecks
      • generate a Groth16 proof for the satisfiability of the Spartan verifier circuit
      • commit to the witness polynomial with PST
      • prove correct opening of the witness polynomial at a given point r
    • Verification
      • verify the Groth16 proof (same as v0.1)
      • verify the evaluation of the witness polynomial at rrr

    v0.2

    • Proving
      • run Spartan prover except the polynomial commitment i.e. the two sumchecks (same as v0.1)
      • generate a Groth16 proof for the satisfiability of the Spartan verifier circuit (same as v0.1)
      • committing to a polynomial qqq of square root size the witness polynomial using a MIPP proof
      • prove correct opening of qqq at a given point rrr
    • Verification
      • verify the Groth16 proof (same as v0.1)
      • verify the evaluation of polynomial qqq at rrr and the MIPP proof

    CryptoNet is a Protocol Labs initiative.