indigo gust
I have a question that relates to the public inputs and account updates in ZK SNARKS and the Mina Blockchain. In the documentation it states:
"Recall that all method arguments are private inputs. So, the verifier doesn't get to see them, and the proof doesn't say anything about them (it only says that there were some private inputs that satisfied all constraints). However, a zk proof can also have a public input. In the case of zkApps, the public input is the account update. It is passed in implicitly when you do tx.prove(). The prover function (i.e., your smart contract logic) creates its own account update and constrains it to equal the public input.
You can think of the public input as data that is shared between the prover and verifier. The verifier passes in the public input when verifying it, and the proof is valid only if it was created with the same public input. This means that this proof attests to the validity of exactly this account update."
From my understanding, executing a method means generating a zero-knowledge proof of the execution of a method, and providing an associted set of account updates. These account updates express the changes of state on the Mina Blockchain. Since one of the inputs for the proof verification step is the list of account updates, and the proof is only valid if the provided list of the account updates is valid (i.e. only if the proof is valid), then the prover and the verifier share the same piece of information: the account updates. Those account updates are produced during proof generation, and used during proof verification.
However, the documentation text seems to suggest that the public input is somehow known before executing a method? Or does this confusion derive from the fact that the method logic execution and proof generation are two separate steps? Or does it mean that the method is executed twice: once to generate the public outputs and another time to generate the proof?
Thank you!
ashen lynx