For STARK proof verification, we need three things:
- Carry data between transactions (to split the verifier into multiple transactions). This is because working with a 1000-element size stack is very limiting
- Being able to Merkle-decommit data and perform algebraic checks on it
- Derive randomness from a Fiat-Shamir hash accumulation
I think PAIRCOMMIT doesn’t give you item 2, but maybe it’s fine if you store only 4 bytes of elements per leaf. Even then, I am not sure how to use it to achieve item 3 (because the hash, which is a large element, is used to derive other data for the rest of the protocol)
Regarding item 1, I am not sure how to achieve this with CTV+CSFS alone