|
|
|
|
|
|
by knazarov
565 days ago
|
|
|
In order to verify the proof, you only need a "commitment" to the fact that you passed specific input data. This can be in the form of calculating a cryptographic hash. Imagine that you represent a program and data as a flat byte array (which is the typical case for risc-v). Your program contains a prologue at the very start (0x0) that calculates the hash of the rest of the memory and checks that the hash is equal to some value hardcoded right after the prologue and if it doesn't match - then it panics. Then if you can prove that the VM followed all steps exactly as the hardware architecture prescribes, it's just impossible for the result to be any other way. What you need now is to only send to other side this prologue together with the hash. You don't have to reveal the rest of the memory. Of course I'm simplifying a bit, but I hope the idea is clear. |
|
|