v0.11.0

NB! This releases fixes GHSA-9xcg-3q8v-7fq6 and GHSA-q3hw-3gm4-w5cr. Additionally, gnark has undergone several audits. We have implemented many performance improvements. See the full list of changes below!

Thanks for all the external and core contributors!

What's Changed

• style: remove old todos by @gbotrel in #1106
• docs: update TODOs by @ivokub in #1109
• feat: handle invalid signature failures in ECRecover precompile by @ivokub in #1101
• docs: update documentation for ecdsa and eddsa by @yelhousni in #1113
• Update README.md by @miles-six in #1118
• perf/feature: new serialization format for constraint systems by @gbotrel in #1119
• refactor: remove todos by @yelhousni in #1111
• test: add PLONK test for public input mapping by @ivokub in #1123
• perf,feat: groth16.ProvingKey implements BinaryDumper using gnark-crypto unsafe by @gbotrel in #1124
• Perf: revisiting field extensions in std/ by @yelhousni in #1110
• perf: direct Fp6 extension for BW6-761 by @yelhousni in #1126
• Feat: implement FixedLengthSum of sha2 by @liyue201 in #821
• fix: shift constraint indices by nb of public vars by @ivokub in #1128
• fix: non-native arithmetic with variable modulus various fixes by @ivokub in #1104
• Perf: Toom-3 for Fp6 in R1CS by @yelhousni in #1131
• test: check KZG batch verify returned error in test circuit by @ivokub in #1140
• Feat/option solidity by @ThomasPiellard in #1138
• Fix/neg factorial by @Tabaie in #1158
• fix: fixes #1157 ensures calls to AttachDebugInfo are surrounded with… by @gbotrel in #1160
• chore: make function comments match function names by @threehonor in #1163
• fix(uints): constrain valueOf by @bernard-wagner in #1139
• fix: fix #1149 by removing unused code by @gbotrel in #1164
• Make ExpMod work with parametric fields parameters by @AlexandreBelling in #1182
• fix(math/bitslice): fix partition upper part range check width by @ivokub in #1165
• perf(bls12-381): eliminate finalexp ~naively by @yelhousni in #1173
• perf: replace BW6-761 final exp by a class equivalence check by @yelhousni in #1155
• fix: groth16 solidity templates by @ivokub in #1187
• perf: replace BN254 final exp by a class equivalence check by @yelhousni in #1143
• Fix: Build on 32-bit arch would raise int overflow by @doutv in #1195
• Optimize AssertIsLessOrEqual api by @lightning-li in #1194
• fix: fix OR computation in case one input is constant and other variable by @ivokub in #1181
• Audit/final commit fixes by @ThomasPiellard in #1196
• Audit/final commit by @ThomasPiellard in #1191
• feat: use blake2 for variable hashcode by @ivokub in #1197
• docs: describe potential length extension attack when using MiMC in-circuit by @ivokub in #1198
• feat: add IsOnG2 for BN254 by @ivokub in #1204
• feat: capture O variable in gate for external range checker by @ivokub in #1211
• fix: use emulated arithmetic for GLV decomp by @ivokub in #1167
• fix: use consecutive powers instead of squaring by @ivokub in #1212
• fix: conditional check in non-native IsZero for applying optimization by @ivokub in #1145
• fix: avoid malicious hint in BN254 final exp check by @yelhousni in #1214
• feat: add BN254 final exponentiation check with output by @ivokub in #1209
• fix: remove unconstrained and unused variables by @ivokub in #1218
• refactor: separate the fixed circuits for ECPairing used in zkevm by @ivokub in #1217
• fix: variable modulus subtraction padding by @ivokub in #1200
• fix: strict ModReduce in emulated fields by @ivokub in #1224
• fix: edge case with PLONK backend when 1 constraint by @ivokub in #1226
• fixes #1227: api.AssertIsLessOrEqual incorrect behavior on R1CS with constant variable by @gbotrel in #1228
• perf: optimize class equivalence check for BLS12 final exp by @yelhousni in #1207
• fix: minimum 1 bit for constant binary decomposition by @gbotrel in #1229
• fix: branch with unchecked cast could panic at compile time by @gbotrel in #1234
• fix: fixes #1246 ensure cond is boolean in api.Select by @gbotrel in #1247
• bump gnark-crypto version and match interface changes by @Tabaie in #1251
• feat test engine friendly GKR by @Tabaie in #1253
• feat add random mask to groth16 commitment by @Tabaie in #1245
• refactor: utility methods into separate internal package for reuse in std library by @ivokub in #1258
• build: update runner and go version by @gbotrel in #1260
• fix: several external typo fixes by @ivokub in #1261
• perf(bn254): optimize Miller loop by @yelhousni in #1254
• chore: explicit IO methods in interfaces by @ivokub in #1266
• docs: update README by @ivokub in #1255
• feat: allow configurable hash-to-field function for Groth16 Solidity verifier by @ivokub in #1102
• release: v0.11.0 by @ivokub in #1272

New Contributors

• @miles-six made their first contribution in #1118
• @threehonor made their first contribution in #1163
• @doutv made their first contribution in #1195

Full Changelog: v0.10.0...v0.11.0