Expand description
Batch STARK prover and verifier (multiple AIR instances, shared LogUp).
§Security Considerations
§Post-Quantum Security
Same as uni-stark: SHAKE256, FRI-based PCS; no classical-only primitives.
§Constant-Time
Use constant-time operations for secret witness data in any instance.
§Memory and Zeroization
Wrap each instance’s trace in a zeroizing type when sensitive; supports preprocessing.
§Input Validation
Per-instance limits inherited from uni-stark; batch structure validated.
§Side-Channel Resistance
Same guidance as uni-stark; multi-AIR batching does not weaken resistance.
§Threat Model
Quantum adversaries; multi-AIR batching with shared LogUp and optional preprocessing.
Re-exports§
pub use common::CommonData;pub use common::ProverData;pub use common::ProverOnlyData;pub use common::get_perm_challenges;pub use config::Challenge;pub use config::Commitment;pub use config::PcsProof;pub use proof::BatchCommitments;pub use proof::BatchOpenedValues;pub use proof::BatchProof;pub use prover::StarkInstance;pub use prover::prove_batch;pub use verifier::verify_batch;
Modules§
- check_
constraints - Debug-only constraint checker for batch STARK.
- common
- config
- folder
- proof
- prover
- symbolic
- verifier