Wikipedia:Reference desk/Archives/Computing/2024 July 15
Computing desk | ||
---|---|---|
< July 14 | << Jun | July | Aug >> | July 16 > |
Welcome to the Wikipedia Computing Reference Desk Archives |
---|
The page you are currently viewing is a transcluded archive page. While you can leave answers for any questions shown below, please ask new questions on one of the current reference desk pages. |
July 15
[edit]Given the results from powers of tau in the trusted setup ceremony ; the verifying and the proving key, how can I find the point [f] resulting from the trusted setup in Groth16 ?
[edit]- Moved to here from the Mathematics section of the Reference desk — --Lambiam 13:35, 16 July 2024 (UTC)
For each circuits, Groth16 requires to compute a point f such as f=s×G. While revealing the scalar s used for computing f would allow to produce fake proofs, f can be exposed to the public.
But how to retrieve the point f for a given circuit as a circuit user ? In which parameter ? The circuit in question is created using the circom prover. 2A01:E0A:401:A7C0:6867:6FFB:B9F6:EFF9 (talk) 11:10, 13 July 2024 (UTC)
- Can you give us a reference to a source defining Groth16? --Lambiam 12:35, 13 July 2024 (UTC)
- Sorry, the f point I was talking about is defined here. The full definition is the scientific paper from Jens Groth, but that’s little use to find where do I get the information from a compiled Groth16 circuit program written in the circom1 language (I’m meaning getting the info from the generated files) 2A01:E0A:401:A7C0:6867:6FFB:B9F6:EFF9 (talk) 14:55, 13 July 2024 (UTC)
- I am afraid that only someone familiar with the operation of the compiler will be able to answer the question. You could have two compilers that both work fine but store the information differently. If the information can be retrieved from the generated files, it could be anywhere, depending on what the creators of the compiler thought would be a good way. --Lambiam 17:49, 13 July 2024 (UTC)
- The compiler generetes a proving key and verifying key and .params bloat for veryfying the result of the trusted setup ceremony (no backdoors).
- Groth16 is an algorithm independant of any compilers. In fact, the Zcash circuit was handwritten by mathematicians. Compilers are for automatically converting programs into polynomials qap.
- What I m meaning is I don t even know what value I should use to get the target point [f] https://www.rareskills.io/post/groth16 2A01:E0A:401:A7C0:D92C:BB7D:5A96:D97D (talk) 11:11, 14 July 2024 (UTC)
- I assumed the information would be encoded somewhere in the compiled Groth16 circuit program, not necessarily in a compiler-independent way. Also, while the mathematical algorithm is (obviously) independent of any compilers, it can presumably be implemented by programs that are not necessarily identical.
- The link is not particularly helpful. We learn that [f] stands for an elliptic curve point in G1, but after this disclosure there is no mention whatsoever of how [f] plays a role in whatever. The original Groth16 paper does not mention [f] at all. Since you refer to it as "the target point", a term not used in either source, you apparently have another source of information. --Lambiam 13:09, 14 July 2024 (UTC)
- That s what I was thinking (same thing as you). Looks loke the point appears under a different name in the paper.
- There s more information about G1 and G2 in https://eprint.iacr.org/2016/260.pdf, but I fail to understand the mathematical notations. 2A01:E0A:401:A7C0:617D:B5C5:ED6:3001 (talk) 18:32, 14 July 2024 (UTC)
- This is what I referred to above as "The original Groth16 paper". It does not mention [f].
- Suppose for a minute you succeed in figuring out how to find [f]. What good would this do? What could you use your knowledge of [f] for and how, precisely, could you use it? --Lambiam 12:08, 15 July 2024 (UTC)
- Since it’s not on the paper, it’s referred on the paper under an other name : there’s several blog talking about it under an other name.
- Knowing it would allow to compute a solution for the verifying’s key pairing without the proving key. 2A01:E0A:401:A7C0:9CB:33F3:E8EB:8A5D (talk) 09:08, 16 July 2024 (UTC)
- This is what I referred to above as "The original Groth16 paper". It does not mention [f].
- I am afraid that only someone familiar with the operation of the compiler will be able to answer the question. You could have two compilers that both work fine but store the information differently. If the information can be retrieved from the generated files, it could be anywhere, depending on what the creators of the compiler thought would be a good way. --Lambiam 17:49, 13 July 2024 (UTC)
- Sorry, the f point I was talking about is defined here. The full definition is the scientific paper from Jens Groth, but that’s little use to find where do I get the information from a compiled Groth16 circuit program written in the circom1 language (I’m meaning getting the info from the generated files) 2A01:E0A:401:A7C0:6867:6FFB:B9F6:EFF9 (talk) 14:55, 13 July 2024 (UTC)
IPv6 shortening ("::/64")
[edit]I'm going to use examples from Wikipedia itself, but this is not a question about how Wikipedia works - instead, I'm asking about IPv6. At WP:AIV, there's an automatic option to shorten an IPv6 to just 64 bits (16 characters), followed by two colons "::" and then "/64".
Normally, it seems that despite removing detail, all the edits from that shortened IP are from the same person. Is this always true, and if so, what's the purpose of these extra characters at the end? Cheers. LucasR muteacc (talk) 05:32, 15 July 2024 (UTC)
- They may be from the same person but from different IP addresses. They may also be from different persons. For example, I see no reason to think that all contributions from the range 2001:8A0:FA6F:1600::/64 are from the same person; all that is certain is that they share their ISP. Edits may be from different users even when from exactly the same IP address. --Lambiam 10:00, 15 July 2024 (UTC)
- The "A:B:...:D::/N" notation denotes a range of IPv6 addresses, specifically the addresses who first N bits in hexadecimal are AB...D. (A base-10 example might be if, for numbers between 0 and 999999, 17::/2 represented the range of all numbers who first 2 digits are 17, or the numbers 170000 to 179999. That's numbers; in general since it uses binary a /N IPv6 range will contain addresses.)
- Meanwhile, the reason those addresses are commonly shortened is because Internet Service Providers will usually grant customers a range of IPv6 addresses instead of a single one. E.g. I could be granted a /67 range of addresses, meaning my IP address could shift to any IP address beginning with some preset 67 bits; that then in theory gives me addresses I could come from, or about 2 quintillion. But
- the first 67 bits will be constant (unless the ISP gives me a new range); and
- (I'm not 100% certain about this but I think) it's doubtful I'm using all 2 quintillion addresses at the same time, so the ISP could also quietly take part of the range I'm not currently using and give it to someone else who's in need of a range.
- That's how you can end up with /64 ranges generally corresponding to individual people, but also multiple people possibly falling under the same range. But regardless, a person's full IPv6 address (at that moment) will still always be the entire 128-bit (16-character) string. 2603:8001:4542:28FB:69D8:B1B6:9002:A492 (talk) 15:42, 15 July 2024 (UTC) (Send talk messages here)
ChatGPT/AI detectors
[edit]What do people think is the best AI detector? I frequently use gptzero.me, but zerogpt.com gives me different values. Thanks! Drmies (talk) 15:02, 15 July 2024 (UTC)
- Here are some comparisons: [1], [2], [3], [4], [5]. Originality.ai is on all lists and the most often at the top. It is not free (but you can test it for free). Here is a comparison of 10 free AI content detectors. --Lambiam 21:51, 15 July 2024 (UTC)
- Thanks, User:Lambiam! Drmies (talk) 01:22, 16 July 2024 (UTC)