Try   HackMD

circom-bigint audit


Goals

  • Security focused review of circom-bigint library.
  • Deliver an audit report at the end.
  • Establish a reference for Circom focused audits.
  • Veridise working on its formal verification.

What is bigint?

  • All operations are in
    Fp
    where
    p
    is a prime.
  • All numbers are integers in
    [0,p)
    (signals).
  • We need the capability to work with bigger numbers, hence bigint library.
  • A "bigint" number is represented as an array of
    k
    signals, each of which has
    n
    bits.
  • Basically, a
    k
    digit number in base
    2n
    .

Updates


Interesting findings

  • Need to document circuit templates.
  • Need to document assumptions on input size.
  • One constraint optimization in BigSubModP.

Next meeting milestone

Freeze bigint.circom.

  • Create a new branch with documented code.
  • Create github issues for bigint.circom, and move on to bigint_4x64_mult.circom.