Polynomial is not Divisible
Opened this issue · 0 comments
MarkCampbell90 commented
Hello,
I compiled following circom program using circom v2.1.9 and the flags --O0, --r1cs, --sym, --wasm, --c, --json
pragma circom 2.1.9;
template main_template() {
signal input a;
signal input b;
signal input c;
signal input d;
signal output out;
// var e = 1; // <------ OK
var e = 0; // <------- ERROR
var f = 1;
signal tmp0;
tmp0 <-- (a / b);
signal tmp1;
tmp1 <-- (c / d);
// out <== (tmp0 * tmp1 * e + tmp0 * f); // <----- OK
out <== tmp0 * ( tmp1 * e + f); // <----- ERROR
}
component main = main_template();
But when I try to generate and verify a proof using the generate witness generation and snarkjs with PLONK or FFLONK as proof system I get following error:
[ERROR] snarkJS: Error: Polynomial is not divisible
at Polynomial.divZh (/usr/local/lib/node_modules/snarkjs/build/cli.cjs:7694:27)
at computeT (/usr/local/lib/node_modules/snarkjs/build/cli.cjs:8734:23)
at async round3 (/usr/local/lib/node_modules/snarkjs/build/cli.cjs:8568:9)
at async plonk16Prove (/usr/local/lib/node_modules/snarkjs/build/cli.cjs:8243:5)
at async Object.plonkProve [as action] (/usr/local/lib/node_modules/snarkjs/build/cli.cjs:13586:36)
at async clProcessor (/usr/local/lib/node_modules/snarkjs/build/cli.cjs:481:27)
While playing around with it, I found out that the error disappears when:
- using the
--O1or--O2flag, - changing the RHS to
(tmp0 * tmp1 * e + tmp0 * f), - changing the value of
eto a non zero value.
The inputs seem not to affect the behavior as I can change them freely without affecting the error.
The inputs I used are:
{
"a" : 4,
"b" : 6,
"c" : 8,
"d" : 9
}
I found this behavior very strange, especially how the error is not triggered by applying any of the listed changes.
Is this something on the circom or the snarkjs side ?