## Table of Contents

These will be a series post about FFT and the math structure behind it. My goal are:

- Going back fundamentally to the polynomial ring and isomorphism.
- Analyse the fft implementations in Plonky3, Gnark-crypto, arkworks

However, …

Skip to content
# Shuang's Crypto Notes

## FFT Part 1: 8 Points NTT Butterfly

## Table of Contents

## Rust Basics

## Table of Contents

##### Traits

## GKR –Part1: Arithmetization

##### Notations representing index of gates

## Upon understanding the attack on Nova — Part 1

## Nova from scratch

## About Halo2 multipoints openning

## Wormhole

## STARK 101 coding note

## Table of Contents

### low degree polynomials extension

## zkVM

## Table of Contents

## What is

…
## A rough description for STARK

Learning new things!

These will be a series post about FFT and the math structure behind it. My goal are:

- Going back fundamentally to the polynomial ring and isomorphism.
- Analyse the fft implementations in Plonky3, Gnark-crypto, arkworks

However, …

**Definition**: Traits are a way to define shared behavior in Rust. They define a set of methods that a type must implement in order to fulfill the

Take example circuit in figure 1, following the Arithmetization described in post, a step by step description of GKR arithmetication of a concrete example.

\(q’\in \{0,1\}^{b_N}\): The index of one of the \(N\) identical copies of the base circuit \(C_0\) within \(C\).…

To understand the attack on Nova, I figure out I need to understand the role of the hash function and the validation check of hash function in Nova, from the first paper where the “cycle of curves” is not introduced, the circuit is illustrated as

to …

After understanding of the folding scheme of relaxed R1CS, of which the key idea is you can “fold” two proofs to be one, with this ability of relaxed R1CS in mind, how can one build a recursive proof from scratch? in this note I will describe several attempts to build …

explain the multipoints opening of Halo 2, I don’t think Halo2 book explain this part clearly, and perhaps, neither my note.

the key, is the homomorphism of the commitment scheme. and combine the evaluation at different points, and combine the different polynomial evaluated at the same points. Later if I …

A user want to send a message from one chain to another chain

- Emitter: a contract calls the publishMessage in the core contract
- the core contract publish the emitter address, sequencenumber and consistencyLevel (The number of blocks / slots which should pass before this message is considered confirmed.) into blockchain

resource

https://starkware.co/stark-101

interpolate the trace points into a polynomial in …

how to build zkVM:

Stark can be described in 5 steps in a high level:

- Computation program
- generate an execution trace and a set of polynomial constraints, AIR (Algebraic Intermediate Representation) (no circuit)
- Transfer the execution trace to be a polynomial, extend it to a larger domain
- compute the composition polynomial, which is the