Skip to content

Harden BLS12-381 Groth16 and PlonK for testnet readiness#9

Merged
satran004 merged 6 commits into
mainfrom
feat/plonk_enhancements
Jun 29, 2026
Merged

Harden BLS12-381 Groth16 and PlonK for testnet readiness#9
satran004 merged 6 commits into
mainfrom
feat/plonk_enhancements

Conversation

@satran004

Copy link
Copy Markdown
Member

Summary

This PR implements the BLS12-381 Groth16 and PlonK public-testnet readiness work from ADR-0022 through ADR-0025.

It hardens the supported Cardano BLS12-381 paths end to end across prover setup, importers/codecs, off-chain verifiers, on-chain Julc validators, documentation, and release gates. BN254 is moved behind explicit legacy opt-in because Cardano currently exposes only BLS12-381 builtins.

Key Changes

Groth16 hardening

  • Adds stricter BLS12-381 Groth16 public-input range checks.
  • Rejects non-canonical, infinity, off-curve, and off-subgroup proof/VK points.
  • Hardens both pure Java and native/blst verifier paths.
  • Hardens Groth16BLS12381Lib for on-chain scalar and point validation.
  • Adds Groth16 on-chain negative tests, including malformed and infinity points.
  • Disables accidental BN254 use through explicit legacy opt-in policy.

PlonK hardening

  • Hardens BLS12-381 PlonK prover/setup and verifier paths.
  • Adds independent snarkjs BLS12-381 PlonK verifier test vectors.
  • Adds Cardano-profile PlonK proof/VK conversion for on-chain use.
  • Adds bounded multi-public-input PlonK verifier profiles.
  • Adds script-parameter and datum-input PlonK MPI validator variants.
  • Moves the transcript prototype out of deployable main sources.
  • Adds PlonkBLS12381Lib as a reusable Julc @OnchainLibrary.
  • Refactors built-in PlonK validators to delegate to the reusable library.
  • Adds guard tests so non-verifying PlonK prototypes cannot be deployed.

Trusted setup and cache

  • Requires explicit insecure setup opt-in for development Powers of Tau / SRS generation.
  • Splits Groth16 and PlonK setup cache APIs for clarity.
  • Adds versioned, hash-bound setup/SRS cache payloads.
  • Revalidates cached BLS12-381 points on load.
  • Stops persisting tauScalar in default cache files.
  • Adds explicitly named insecure dev-only tau persistence API.

Codec and importer hardening

  • Adds bounded reads and typed failures for untrusted inputs.
  • Hardens R1CS, zkey, ptau, witness, JSON, and CBOR decoding paths.
  • Adds canonical field parsing and duplicate-key rejection.
  • Adds zkey hash pinning and BLS12-381 point validation where applicable.

Documentation and ADRs

  • Adds ADRs 0022, 0023, 0024, and 0025.
  • Adds PlonK hardening review/response and production-readiness notes.
  • Adds beginner trusted-setup/SRS guide.
  • Updates user docs to distinguish public-testnet readiness from value-bearing/mainnet readiness.
  • Documents that reusable on-chain verifier libraries verify only the cryptographic proof statement; application validators must enforce replay/nullifier/
    authorization policy.

Validation

Downstream validation was also performed in zeroj-usecases using the locally published artifact:

  • Proof-of-reserves PlonK local tests
  • Compliance-credential PlonK local tests
  • Proof-of-reserves PlonK Yaci DevKit E2E
  • Compliance-credential PlonK Yaci DevKit E2E

@satran004 satran004 merged commit f2c4158 into main Jun 29, 2026
9 checks passed
@satran004 satran004 deleted the feat/plonk_enhancements branch June 29, 2026 18:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant