Double blinding

2026-01-05 07:13:08 +00:00 · 2021-05-06 00:00:08 +02:00 · 2021-05-06 00:00:08 +02:00 · 03d761ead6
commit 03d761ead6
parent 5706c424f4
2 changed files with 12 additions and 5 deletions
--- a/src/fri/verifier.rs
+++ b/src/fri/verifier.rs
@ -151,7 +151,7 @@ fn fri_combine_initial<F: Field>(
        .map(|(v, _)| v)
        .flatten()
        .rev()
-        .skip(if config.blinding { 1 } else { 0 })
+        .skip(if config.blinding { 2 } else { 0 }) // If blinding, the last two element are salt.
        .fold(F::ZERO, |acc, &e| alpha * acc + e);
    let numerator = e - interpolant.eval(subgroup_x);
    let denominator = points.iter().map(|&(x, _)| subgroup_x - x).product();
--- a/src/polynomial/commitment.rs
+++ b/src/polynomial/commitment.rs
@ -29,11 +29,18 @@ impl<F: Field> ListPolynomialCommitment<F> {
                    .coset_fft(F::MULTIPLICATIVE_GROUP_GENERATOR)
                    .values
            })
-            .chain(fri_config.blinding.then(|| {
-                (0..(degree << fri_config.rate_bits))
-                    .map(|_| F::rand())
+            .chain(if fri_config.blinding {
+                // If blinding, salt with two random elements to each leaf vector.
+                (0..2)
+                    .map(|_| {
+                        (0..(degree << fri_config.rate_bits))
+                            .map(|_| F::rand())
+                            .collect()
+                    })
                    .collect()
-            }))
+            } else {
+                Vec::new()
+            })
            .collect::<Vec<_>>();

        let mut leaves = transpose(&lde_values);