🖱️SNARKS & CIRCOM

Because we aren't all Vitalik, having some easy tools to abstract away the development and execution of these difficult polynomial commitments is a good idea. Circom and snarkjs come into play here.

Circom may be thought of as a compiler for a circuit language that functions similarly to the hardware description language used by electrical engineers to describe electrical circuits. Instead of an electrical circuit, we're talking about an arithmetic circuit, which is made up of components and how they're connected. The consequence of compiling a Circom circuit is an R1CS constraint system and a Wasm executable that will be used to create a witness. Of course, additional math is required to comprehend R1CS (Rank-1 constraint system). And there's a Vitalik article where there's significant cryptosystem math.

An R1CS is a sequence of groups of three vectors, and the solution to an R1CS is a vector, where must satisfy the equation, where represents the dot product - in simpler terms, if we "zip together" and by multiplying the two values in the same positions, then taking the sum of these products, then doing the same to and and then and, the third result equals the product of the first two results.

The next step is to transform this R1CS into QAP form, which uses polynomials instead of dot products to express the same logic... instead of testing each constraint separately in the R1CS, we can now check all of the constraints at once by doing a dot product check on the polynomials.We obtain a polynomial that fails one of the criteria if we attempt to fake any of the variables in the R1CS solution from which we are deriving this QAP solution - for example, change the final one to 31 instead of 30.