ZK

Circuit

A circuit can be represented as follows:

C(x: \{ \dots \},\ w: \{ \dots \})

Here, $x$ denotes the public input, and $w$ denotes the witness (i.e., private input).

The circuit outputs $C(x, w) = 1$ if the conditions are satisfied; otherwise, it returns $0$ .

Example

Suppose you want to create a circuit that checks whether you know the square root of a value $X$ without revealing the square root itself. The circuit can be expressed as:

C(x: \{ X \},\ w: \{ y \}):\quad y^2 \stackrel{?}{=} X

This verifies that $y$ is a valid square root of the public input $X$ .

Symbols

$\mathcal{P}$ : Prover — the party who knows the witness and constructs a proof.
$\mathcal{V}$ : Verifier — the party who checks the validity of the proof.
$\mathcal{A}$ : Adversary — an attacker or a malicious party in the security model.
$\mathcal{O}$ : Oracle — an abstract function or idealized interface (e.g., random oracle).
$\pi$ : The proof generated by the prover.
$\textsf{poly}(\cdot)$ : A polynomial function, typically used to express a bound of computational power of a party. (e.g., "runs in $\textsf{poly}(\lambda)$ time").
$\lambda$ : Security parameter — determines cryptographic strength; higher $\lambda$ indicates stronger security.

PreviousMPC NextContribute to this Site!

Last updated 2 months ago