we have finally launched hub.sealcred.xyz!

remember the old days of having to grind through 1.5m constraints to create a zk proof of eth address ownership?

forget it

12k constraints is all you need to generate eth ownership zk proof

i'm going to explain how it works in the article sometime soon

🥳

cto @ bwl.gg (lunchbreak.com), 80M+ users (bdut.ch) 🙏 built @remindme, @mintit, @gpt, @healthbot, farcantasy.xyz

reading the code, it's not totally clear how you're verifying the precomputes in a way that's secure

specifically, I don't believe this is a sufficient check: https://github.com/BigWhaleLabs/seal-hub-ecdsa-verifier-contract/blob/main/contracts/CompleteECDSACheckerVerifier.sol#L100-L103

just keep getting lucky /creddd, once @ethereum researcher 

for anyone reading, we didn't develop https://github.com/personaelabs/efficient-zk-ecdsa with a direct plan for on-chain verification (b/c of massive proof input sizes)

our products (i.e. heyanoun.xyz) don't yet require this

@lsankar.eth what's the vector of attack you have in mind?

so far testing has shown that people can't use irrelevant U and/or T (check out automated tests suits, we have these specifically to test that vector of attack)

take a look at the circuits :) we ended up verifying precomputes for T in the same circuit where we verify ecdsa sig (bit.ly/3wTVzww) and we verify precomputes for U in the second circuit (bit.ly/3WWwEDa)

the check you linked to checks that the values of U are the same for both zkp's

but i'm sure you couldn't miss it