Score:0

How does one construct a SNARK circuit for proving the knowledge of a SHA256 pre-image?

us flag

Usually one explains how the R1CS/QAPs and SNARKs work using examples of circuits with multiplication and addition nodes, and constructing polynomials from that is relatively straightforward. SHA-2 hashing uses complicated bit-wise arithmetic applied to itself multiple times, not simple multiplications and additions. How does one even construct a circuit to prove that a string hashes to a hash? Is there anywhere online I could read about this in an approachable form?

Vadym Fedyukovych avatar
in flag
Would you read source code of SHA libsnark gadget?
us flag
@VadymFedyukovych I was hoping for something like an overview and explanation of a general principle
Vadym Fedyukovych avatar
in flag
What if someone will ask you about general principles of C++ or Java programming? R1CS is the language, there are known-good examples in the gadgets library ranging from elementary to SHA (which is large). Would you start from the idea of bit representation of the input string-to-hash, considering each bit as an R1CS variable?
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.