arnaucube/Nova
1
0
Fork 0
mirror of https://github.com/arnaucube/Nova.git synced 2026-01-11 00:21:29 +01:00
Code Issues Projects Releases Wiki Activity

[refactorings] Leftovers (pot-pourri?) (#184)

Browse Source 
* test: compute_path

* refactor: path computation

- Improve path concatenation by utilizing built-in `join` method

* refactor: replace `PartialEq` with derived instance

- Derive `PartialEq` for `SatisfyingAssignment` struct
- Remove redundant manual implementation of `PartialEq`

Cargo-expand generates:
```
        #[automatically_derived]
        impl<G: ::core::cmp::PartialEq + Group> ::core::cmp::PartialEq
        for SatisfyingAssignment<G>
        where
            G::Scalar: PrimeField,
            G::Scalar: ::core::cmp::PartialEq,
            G::Scalar: ::core::cmp::PartialEq,
            G::Scalar: ::core::cmp::PartialEq,
            G::Scalar: ::core::cmp::PartialEq,
            G::Scalar: ::core::cmp::PartialEq,
        {
            #[inline]
            fn eq(&self, other: &SatisfyingAssignment<G>) -> bool {
                self.a_aux_density == other.a_aux_density
                    && self.b_input_density == other.b_input_density
                    && self.b_aux_density == other.b_aux_density && self.a == other.a
                    && self.b == other.b && self.c == other.c
                    && self.input_assignment == other.input_assignment
                    && self.aux_assignment == other.aux_assignment
            }
        }
```

* refactor: avoid default for PhantomData Unit type

* refactor: replace fold with sum where applicable

- Simplify code by replacing `fold` with `sum` in various instances

* refactor: decompression method in sumcheck.rs

* refactor: test functions to use slice instead of vector conversion

* refactor: use more references in functions

- Update parameter types to use references instead of owned values in various functions that do not need them
- Replace cloning instances with references
This commit is contained in:
François Garillot
2023-06-19 19:11:42 -04:00
committed by GitHub
parent ff0370f506
commit 1e6bf942e2
15 changed files with 110 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
benches/compressed-snark.rs
View File

@@ -90,8 +90,8 @@ fn bench_compressed_snark(c: &mut Criterion) {
let res = recursive_snark.verify(
&pp,
i + 1,
&vec![<G1 as Group>::Scalar::from(2u64)][..],
&vec![<G2 as Group>::Scalar::from(2u64)][..],
&[<G1 as Group>::Scalar::from(2u64)],
&[<G2 as Group>::Scalar::from(2u64)],
);
assert!(res.is_ok());
}

4
benches/recursive-snark.rs
View File

@@ -113,8 +113,8 @@ fn bench_recursive_snark(c: &mut Criterion) {
.verify(
black_box(&pp),
black_box(num_warmup_steps),
black_box(&vec![<G1 as Group>::Scalar::from(2u64)][..]),
black_box(&vec![<G2 as Group>::Scalar::from(2u64)][..]),
black_box(&[<G1 as Group>::Scalar::from(2u64)]),
black_box(&[<G2 as Group>::Scalar::from(2u64)]),
)
.is_ok());
});

4
examples/signature.rs
View File

@@ -233,8 +233,8 @@ pub fn verify_signature<G: NovaGroup, CS: ConstraintSystem<G::Base>>(
|lc| lc + (G::Base::from_str_vartime("2").unwrap(), CS::one()),
);
let sg = g.scalar_mul(cs.namespace(|| "[s]G"), s_bits)?;
let cpk = pk.scalar_mul(&mut cs.namespace(|| "[c]PK"), c_bits)?;
let sg = g.scalar_mul(cs.namespace(|| "[s]G"), &s_bits)?;
let cpk = pk.scalar_mul(&mut cs.namespace(|| "[c]PK"), &c_bits)?;
let rcpk = cpk.add(&mut cs.namespace(|| "R + [c]PK"), &r)?;
let (rcpk_x, rcpk_y, _) = rcpk.get_coordinates();

39
src/bellperson/shape_cs.rs
View File

@@ -308,17 +308,36 @@ fn compute_path(ns: &[String], this: &str) -> String {
"'/' is not allowed in names"
);
let mut name = String::new();
let mut needs_separation = false;
for ns in ns.iter().chain(Some(this.to_string()).iter()) {
if needs_separation {
name += "/";
}
name += ns;
needs_separation = true;
let mut name = ns.join("/");
if !name.is_empty() {
name.push('/');
}
name.push_str(this);
name
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_compute_path() {
let ns = vec!["path".to_string(), "to".to_string(), "dir".to_string()];
let this = "file";
assert_eq!(compute_path(&ns, this), "path/to/dir/file");
let ns = vec!["".to_string(), "".to_string(), "".to_string()];
let this = "file";
assert_eq!(compute_path(&ns, this), "///file");
}
#[test]
#[should_panic(expected = "'/' is not allowed in names")]
fn test_compute_path_invalid() {
let ns = vec!["path".to_string(), "to".to_string(), "dir".to_string()];
let this = "fi/le";
compute_path(&ns, this);
}
}

17
src/bellperson/solver.rs
View File

@@ -8,6 +8,7 @@ use bellperson::{
};
/// A `ConstraintSystem` which calculates witness values for a concrete instance of an R1CS circuit.
#[derive(PartialEq)]
pub struct SatisfyingAssignment<G: Group>
where
G::Scalar: PrimeField,
@@ -68,22 +69,6 @@ where
}
}
impl<G: Group> PartialEq for SatisfyingAssignment<G>
where
G::Scalar: PrimeField,
{
fn eq(&self, other: &SatisfyingAssignment<G>) -> bool {
self.a_aux_density == other.a_aux_density
&& self.b_input_density == other.b_input_density
&& self.b_aux_density == other.b_aux_density
&& self.a == other.a
&& self.b == other.b
&& self.c == other.c
&& self.input_assignment == other.input_assignment
&& self.aux_assignment == other.aux_assignment
}
}
impl<G: Group> ConstraintSystem<G::Scalar> for SatisfyingAssignment<G>
where
G::Scalar: PrimeField,

26
src/circuit.rs
View File

@@ -158,8 +158,8 @@ impl<G: Group, SC: StepCircuit<G::Base>> NovaAugmentedCircuit<G, SC> {
// Allocate the running instance
let U: AllocatedRelaxedR1CSInstance<G> = AllocatedRelaxedR1CSInstance::alloc(
cs.namespace(|| "Allocate U"),
self.inputs.get().map_or(None, |inputs| {
inputs.U.get().map_or(None, |U| Some(U.clone()))
self.inputs.get().as_ref().map_or(None, |inputs| {
inputs.U.get().as_ref().map_or(None, |U| Some(U))
}),
self.params.limb_width,
self.params.n_limbs,
@@ -168,8 +168,8 @@ impl<G: Group, SC: StepCircuit<G::Base>> NovaAugmentedCircuit<G, SC> {
// Allocate the instance to be folded in
let u = AllocatedR1CSInstance::alloc(
cs.namespace(|| "allocate instance u to fold"),
self.inputs.get().map_or(None, |inputs| {
inputs.u.get().map_or(None, |u| Some(u.clone()))
self.inputs.get().as_ref().map_or(None, |inputs| {
inputs.u.get().as_ref().map_or(None, |u| Some(u))
}),
)?;
@@ -219,9 +219,9 @@ impl<G: Group, SC: StepCircuit<G::Base>> NovaAugmentedCircuit<G, SC> {
i: AllocatedNum<G::Base>,
z_0: Vec<AllocatedNum<G::Base>>,
z_i: Vec<AllocatedNum<G::Base>>,
U: AllocatedRelaxedR1CSInstance<G>,
u: AllocatedR1CSInstance<G>,
T: AllocatedPoint<G>,
U: &AllocatedRelaxedR1CSInstance<G>,
u: &AllocatedR1CSInstance<G>,
T: &AllocatedPoint<G>,
arity: usize,
) -> Result<(AllocatedRelaxedR1CSInstance<G>, AllocatedBit), SynthesisError> {
// Check that u.x[0] = Hash(params, U, i, z0, zi)
@@ -240,7 +240,7 @@ impl<G: Group, SC: StepCircuit<G::Base>> NovaAugmentedCircuit<G, SC> {
U.absorb_in_ro(cs.namespace(|| "absorb U"), &mut ro)?;
let hash_bits = ro.squeeze(cs.namespace(|| "Input hash"), NUM_HASH_BITS)?;
let hash = le_bits_to_num(cs.namespace(|| "bits to hash"), hash_bits)?;
let hash = le_bits_to_num(cs.namespace(|| "bits to hash"), &hash_bits)?;
let check_pass = alloc_num_equals(
cs.namespace(|| "check consistency of u.X[0] with H(params, U, i, z0, zi)"),
&u.X0,
@@ -290,9 +290,9 @@ impl<G: Group, SC: StepCircuit<G::Base>> Circuit<<G as Group>::Base>
i.clone(),
z_0.clone(),
z_i.clone(),
U,
u.clone(),
T,
&U,
&u,
&T,
arity,
)?;
@@ -312,7 +312,7 @@ impl<G: Group, SC: StepCircuit<G::Base>> Circuit<<G as Group>::Base>
// Compute the U_new
let Unew = Unew_base.conditionally_select(
cs.namespace(|| "compute U_new"),
Unew_non_base,
&Unew_non_base,
&Boolean::from(is_base_case.clone()),
)?;
@@ -357,7 +357,7 @@ impl<G: Group, SC: StepCircuit<G::Base>> Circuit<<G as Group>::Base>
}
Unew.absorb_in_ro(cs.namespace(|| "absorb U_new"), &mut ro)?;
let hash_bits = ro.squeeze(cs.namespace(|| "output hash bits"), NUM_HASH_BITS)?;
let hash = le_bits_to_num(cs.namespace(|| "convert hash to num"), hash_bits)?;
let hash = le_bits_to_num(cs.namespace(|| "convert hash to num"), &hash_bits)?;
// Outputs the computed hash and u.X[1] that corresponds to the hash of the other circuit
u.X1

4
src/gadgets/ecc.rs
View File

@@ -429,7 +429,7 @@ where
pub fn scalar_mul<CS: ConstraintSystem<G::Base>>(
&self,
mut cs: CS,
scalar_bits: Vec<AllocatedBit>,
scalar_bits: &[AllocatedBit],
) -> Result<Self, SynthesisError> {
let split_len = core::cmp::min(scalar_bits.len(), (G::Base::NUM_BITS - 2) as usize);
let (incomplete_bits, complete_bits) = scalar_bits.split_at(split_len);
@@ -968,7 +968,7 @@ mod tests {
.map(|(i, bit)| AllocatedBit::alloc(cs.namespace(|| format!("bit {i}")), Some(bit)))
.collect::<Result<Vec<AllocatedBit>, SynthesisError>>()
.unwrap();
let e = a.scalar_mul(cs.namespace(|| "Scalar Mul"), bits).unwrap();
let e = a.scalar_mul(cs.namespace(|| "Scalar Mul"), &bits).unwrap();
inputize_allocted_point(&e, cs.namespace(|| "inputize e")).unwrap();
(a, e, s)
}

2
src/gadgets/nonnative/bignat.rs
View File

@@ -222,7 +222,7 @@ impl<Scalar: PrimeField> BigNat<Scalar> {
/// The value is provided by an allocated number
pub fn from_num<CS: ConstraintSystem<Scalar>>(
mut cs: CS,
n: Num<Scalar>,
n: &Num<Scalar>,
limb_width: usize,
n_limbs: usize,
) -> Result<Self, SynthesisError> {

38
src/gadgets/r1cs.rs
View File

@@ -33,7 +33,7 @@ impl<G: Group> AllocatedR1CSInstance<G> {
/// Takes the r1cs instance and creates a new allocated r1cs instance
pub fn alloc<CS: ConstraintSystem<<G as Group>::Base>>(
mut cs: CS,
u: Option<R1CSInstance<G>>,
u: Option<&R1CSInstance<G>>,
) -> Result<Self, SynthesisError> {
// Check that the incoming instance has exactly 2 io
let W = AllocatedPoint::alloc(
@@ -76,7 +76,7 @@ impl<G: Group> AllocatedRelaxedR1CSInstance<G> {
/// Allocates the given RelaxedR1CSInstance as a witness of the circuit
pub fn alloc<CS: ConstraintSystem<<G as Group>::Base>>(
mut cs: CS,
inst: Option<RelaxedR1CSInstance<G>>,
inst: Option<&RelaxedR1CSInstance<G>>,
limb_width: usize,
n_limbs: usize,
) -> Result<Self, SynthesisError> {
@@ -104,22 +104,14 @@ impl<G: Group> AllocatedRelaxedR1CSInstance<G> {
// Allocate X0 and X1. If the input instance is None, then allocate default values 0.
let X0 = BigNat::alloc_from_nat(
cs.namespace(|| "allocate X[0]"),
|| {
Ok(f_to_nat(
&inst.clone().map_or(G::Scalar::ZERO, |inst| inst.X[0]),
))
},
|| Ok(f_to_nat(&inst.map_or(G::Scalar::ZERO, |inst| inst.X[0]))),
limb_width,
n_limbs,
)?;
let X1 = BigNat::alloc_from_nat(
cs.namespace(|| "allocate X[1]"),
|| {
Ok(f_to_nat(
&inst.clone().map_or(G::Scalar::ZERO, |inst| inst.X[1]),
))
},
|| Ok(f_to_nat(&inst.map_or(G::Scalar::ZERO, |inst| inst.X[1]))),
limb_width,
n_limbs,
)?;
@@ -170,14 +162,14 @@ impl<G: Group> AllocatedRelaxedR1CSInstance<G> {
let X0 = BigNat::from_num(
cs.namespace(|| "allocate X0 from relaxed r1cs"),
Num::from(inst.X0.clone()),
&Num::from(inst.X0),
limb_width,
n_limbs,
)?;
let X1 = BigNat::from_num(
cs.namespace(|| "allocate X1 from relaxed r1cs"),
Num::from(inst.X1.clone()),
&Num::from(inst.X1),
limb_width,
n_limbs,
)?;
@@ -246,8 +238,8 @@ impl<G: Group> AllocatedRelaxedR1CSInstance<G> {
&self,
mut cs: CS,
params: AllocatedNum<G::Base>, // hash of R1CSShape of F'
u: AllocatedR1CSInstance<G>,
T: AllocatedPoint<G>,
u: &AllocatedR1CSInstance<G>,
T: &AllocatedPoint<G>,
ro_consts: ROConstantsCircuit<G>,
limb_width: usize,
n_limbs: usize,
@@ -261,14 +253,14 @@ impl<G: Group> AllocatedRelaxedR1CSInstance<G> {
ro.absorb(T.y.clone());
ro.absorb(T.is_infinity.clone());
let r_bits = ro.squeeze(cs.namespace(|| "r bits"), NUM_CHALLENGE_BITS)?;
let r = le_bits_to_num(cs.namespace(|| "r"), r_bits.clone())?;
let r = le_bits_to_num(cs.namespace(|| "r"), &r_bits)?;
// W_fold = self.W + r * u.W
let rW = u.W.scalar_mul(cs.namespace(|| "r * u.W"), r_bits.clone())?;
let rW = u.W.scalar_mul(cs.namespace(|| "r * u.W"), &r_bits)?;
let W_fold = self.W.add(cs.namespace(|| "self.W + r * u.W"), &rW)?;
// E_fold = self.E + r * T
let rT = T.scalar_mul(cs.namespace(|| "r * T"), r_bits)?;
let rT = T.scalar_mul(cs.namespace(|| "r * T"), &r_bits)?;
let E_fold = self.E.add(cs.namespace(|| "self.E + r * T"), &rT)?;
// u_fold = u_r + r
@@ -286,7 +278,7 @@ impl<G: Group> AllocatedRelaxedR1CSInstance<G> {
// Analyze r into limbs
let r_bn = BigNat::from_num(
cs.namespace(|| "allocate r_bn"),
Num::from(r.clone()),
&Num::from(r),
limb_width,
n_limbs,
)?;
@@ -302,7 +294,7 @@ impl<G: Group> AllocatedRelaxedR1CSInstance<G> {
// Analyze X0 to bignat
let X0_bn = BigNat::from_num(
cs.namespace(|| "allocate X0_bn"),
Num::from(u.X0.clone()),
&Num::from(u.X0.clone()),
limb_width,
n_limbs,
)?;
@@ -317,7 +309,7 @@ impl<G: Group> AllocatedRelaxedR1CSInstance<G> {
// Analyze X1 to bignat
let X1_bn = BigNat::from_num(
cs.namespace(|| "allocate X1_bn"),
Num::from(u.X1.clone()),
&Num::from(u.X1.clone()),
limb_width,
n_limbs,
)?;
@@ -342,7 +334,7 @@ impl<G: Group> AllocatedRelaxedR1CSInstance<G> {
pub fn conditionally_select<CS: ConstraintSystem<<G as Group>::Base>>(
&self,
mut cs: CS,
other: AllocatedRelaxedR1CSInstance<G>,
other: &AllocatedRelaxedR1CSInstance<G>,
condition: &Boolean,
) -> Result<AllocatedRelaxedR1CSInstance<G>, SynthesisError> {
let W = AllocatedPoint::conditionally_select(

2
src/gadgets/utils.rs
View File

@@ -15,7 +15,7 @@ use num_bigint::BigInt;
/// Gets as input the little indian representation of a number and spits out the number
pub fn le_bits_to_num<Scalar, CS>(
mut cs: CS,
bits: Vec<AllocatedBit>,
bits: &[AllocatedBit],
) -> Result<AllocatedNum<Scalar>, SynthesisError>
where
Scalar: PrimeField + PrimeFieldBits,

24
src/lib.rs
View File

@@ -938,8 +938,8 @@ mod tests {
let res = recursive_snark.verify(
&pp,
num_steps,
&vec![<G1 as Group>::Scalar::ZERO][..],
&vec![<G2 as Group>::Scalar::ZERO][..],
&[<G1 as Group>::Scalar::ZERO],
&[<G2 as Group>::Scalar::ZERO],
);
assert!(res.is_ok());
}
@@ -997,8 +997,8 @@ mod tests {
let res = recursive_snark.verify(
&pp,
i + 1,
&vec![<G1 as Group>::Scalar::ONE][..],
&vec![<G2 as Group>::Scalar::ZERO][..],
&[<G1 as Group>::Scalar::ONE],
&[<G2 as Group>::Scalar::ZERO],
);
assert!(res.is_ok());
}
@@ -1007,8 +1007,8 @@ mod tests {
let res = recursive_snark.verify(
&pp,
num_steps,
&vec![<G1 as Group>::Scalar::ONE][..],
&vec![<G2 as Group>::Scalar::ZERO][..],
&[<G1 as Group>::Scalar::ONE],
&[<G2 as Group>::Scalar::ZERO],
);
assert!(res.is_ok());
@@ -1084,8 +1084,8 @@ mod tests {
let res = recursive_snark.verify(
&pp,
num_steps,
&vec![<G1 as Group>::Scalar::ONE][..],
&vec![<G2 as Group>::Scalar::ZERO][..],
&[<G1 as Group>::Scalar::ONE],
&[<G2 as Group>::Scalar::ZERO],
);
assert!(res.is_ok());
@@ -1178,8 +1178,8 @@ mod tests {
let res = recursive_snark.verify(
&pp,
num_steps,
&vec![<G1 as Group>::Scalar::ONE][..],
&vec![<G2 as Group>::Scalar::ZERO][..],
&[<G1 as Group>::Scalar::ONE],
&[<G2 as Group>::Scalar::ZERO],
);
assert!(res.is_ok());
@@ -1426,8 +1426,8 @@ mod tests {
let res = recursive_snark.verify(
&pp,
num_steps,
&vec![<G1 as Group>::Scalar::ONE][..],
&vec![<G2 as Group>::Scalar::ZERO][..],
&[<G1 as Group>::Scalar::ONE],
&[<G2 as Group>::Scalar::ZERO],
);
assert!(res.is_ok());

4
src/provider/poseidon.rs
View File

@@ -65,7 +65,7 @@ where
constants,
num_absorbs,
squeezed: false,
_p: PhantomData::default(),
_p: PhantomData,
}
}
@@ -236,7 +236,7 @@ mod tests {
}
let num = ro.squeeze(NUM_CHALLENGE_BITS);
let num2_bits = ro_gadget.squeeze(&mut cs, NUM_CHALLENGE_BITS).unwrap();
let num2 = le_bits_to_num(&mut cs, num2_bits).unwrap();
let num2 = le_bits_to_num(&mut cs, &num2_bits).unwrap();
assert_eq!(num.to_repr(), num2.get_value().unwrap().to_repr());
}

12
src/spartan/mod.rs
View File

@@ -109,7 +109,7 @@ impl<G: Group> PolyEvalInstance<G> {
.iter()
.zip(powers_of_s.iter())
.map(|(e, p)| *e * p)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let c = c_vec
.iter()
.zip(powers_of_s.iter())
@@ -378,7 +378,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.iter()
.zip(powers_of_rho.iter())
.map(|(u, p)| u.e * p)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let mut polys_left: Vec<MultilinearPolynomial<G::Scalar>> = w_vec_padded
.iter()
@@ -420,7 +420,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.iter()
.zip(powers_of_gamma.iter())
.map(|(e, g_i)| *e * *g_i)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let eval_arg = EE::prove(
ck,
@@ -573,7 +573,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.iter()
.zip(powers_of_rho.iter())
.map(|(u, p)| u.e * p)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let num_rounds_z = u_vec_padded[0].x.len();
let (claim_batch_final, r_z) =
@@ -593,7 +593,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.zip(self.evals_batch.iter())
.zip(powers_of_rho.iter())
.map(|((e_i, p_i), rho_i)| *e_i * *p_i * rho_i)
.fold(G::Scalar::ZERO, |acc, item| acc + item)
.sum()
};
if claim_batch_final != claim_batch_final_expected {
@@ -615,7 +615,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.iter()
.zip(powers_of_gamma.iter())
.map(|(e, g_i)| *e * *g_i)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
// verify
EE::verify(

40
src/spartan/pp.rs
View File

@@ -863,7 +863,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARK<G, EE>
.iter()
.zip(coeffs.iter())
.map(|(c_1, c_2)| *c_1 * c_2)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let mut e = claim;
let mut r: Vec<G::Scalar> = Vec::new();
@@ -876,15 +876,9 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARK<G, EE>
evals.extend(inner.evaluation_points());
assert_eq!(evals.len(), num_claims);
let evals_combined_0 = (0..evals.len())
.map(|i| evals[i][0] * coeffs[i])
.fold(G::Scalar::ZERO, |acc, item| acc + item);
let evals_combined_2 = (0..evals.len())
.map(|i| evals[i][1] * coeffs[i])
.fold(G::Scalar::ZERO, |acc, item| acc + item);
let evals_combined_3 = (0..evals.len())
.map(|i| evals[i][2] * coeffs[i])
.fold(G::Scalar::ZERO, |acc, item| acc + item);
let evals_combined_0 = (0..evals.len()).map(|i| evals[i][0] * coeffs[i]).sum();
let evals_combined_2 = (0..evals.len()).map(|i| evals[i][1] * coeffs[i]).sum();
let evals_combined_3 = (0..evals.len()).map(|i| evals[i][2] * coeffs[i]).sum();
let evals = vec![
evals_combined_0,
@@ -1242,13 +1236,13 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.iter()
.zip(powers_of_rho.iter())
.map(|(e, p)| *e * p)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let eval_output = eval_output_vec
.iter()
.zip(powers_of_rho.iter())
.map(|(e, p)| *e * p)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let comm_output = mem_sc_inst
.comm_output_vec
@@ -1274,7 +1268,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.iter()
.zip(powers_of_rho.iter())
.map(|(e, p)| *e * p)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
// eval_output = output(r_sat)
w_u_vec.push((
@@ -1466,7 +1460,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.iter()
.zip(powers_of_rho.iter())
.map(|(u, p)| u.e * p)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let mut polys_left: Vec<MultilinearPolynomial<G::Scalar>> = w_vec_padded
.iter()
@@ -1508,7 +1502,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.iter()
.zip(powers_of_gamma.iter())
.map(|(e, g_i)| *e * *g_i)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let eval_arg = EE::prove(
ck,
@@ -1677,13 +1671,13 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
// verify claim_sat_final
let taus_bound_r_sat = EqPolynomial::new(tau.clone()).evaluate(&r_sat);
let rand_eq_bound_r_sat = EqPolynomial::new(rand_eq).evaluate(&r_sat);
let claim_mem_final_expected = (0..8)
let claim_mem_final_expected: G::Scalar = (0..8)
.map(|i| {
coeffs[i]
* rand_eq_bound_r_sat
* (self.eval_left_arr[i] * self.eval_right_arr[i] - self.eval_output_arr[i])
})
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let claim_outer_final_expected = coeffs[8]
* taus_bound_r_sat
* (self.eval_Az * self.eval_Bz - U.u * self.eval_Cz - self.eval_E);
@@ -1753,14 +1747,14 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.iter()
.zip(powers_of_rho.iter())
.map(|(e, p)| *e * p)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let eval_output = self
.eval_output_arr
.iter()
.zip(powers_of_rho.iter())
.map(|(e, p)| *e * p)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let comm_output = comm_output_vec
.iter()
@@ -1773,7 +1767,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.iter()
.zip(powers_of_rho.iter())
.map(|(e, p)| *e * p)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
// eval_output = output(r_sat)
u_vec.push(PolyEvalInstance {
@@ -1994,7 +1988,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.iter()
.zip(powers_of_rho.iter())
.map(|(u, p)| u.e * p)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
let num_rounds_z = u_vec_padded[0].x.len();
let (claim_batch_final, r_z) =
@@ -2014,7 +2008,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.zip(self.evals_batch_arr.iter())
.zip(powers_of_rho.iter())
.map(|((e_i, p_i), rho_i)| *e_i * *p_i * rho_i)
.fold(G::Scalar::ZERO, |acc, item| acc + item)
.sum()
};
if claim_batch_final != claim_batch_final_expected {
@@ -2036,7 +2030,7 @@ impl<G: Group, EE: EvaluationEngineTrait<G, CE = G::CE>> RelaxedR1CSSNARKTrait<G
.iter()
.zip(powers_of_gamma.iter())
.map(|(e, g_i)| *e * *g_i)
.fold(G::Scalar::ZERO, |acc, item| acc + item);
.sum();
// verify
EE::verify(

14
src/spartan/sumcheck.rs
View File

@@ -163,12 +163,8 @@ impl<G: Group> SumcheckProof<G> {
evals.push((eval_point_0, eval_point_2));
}
let evals_combined_0 = (0..evals.len())
.map(|i| evals[i].0 * coeffs[i])
.fold(G::Scalar::ZERO, |acc, item| acc + item);
let evals_combined_2 = (0..evals.len())
.map(|i| evals[i].1 * coeffs[i])
.fold(G::Scalar::ZERO, |acc, item| acc + item);
let evals_combined_0 = (0..evals.len()).map(|i| evals[i].0 * coeffs[i]).sum();
let evals_combined_2 = (0..evals.len()).map(|i| evals[i].1 * coeffs[i]).sum();
let evals = vec![evals_combined_0, e - evals_combined_0, evals_combined_2];
let poly = UniPoly::from_evals(&evals);
@@ -387,9 +383,9 @@ impl<G: Group> CompressedUniPoly<G> {
}
let mut coeffs: Vec<G::Scalar> = Vec::new();
coeffs.extend(vec![&self.coeffs_except_linear_term[0]]);
coeffs.extend(vec![&linear_term]);
coeffs.extend(self.coeffs_except_linear_term[1..].to_vec());
coeffs.push(self.coeffs_except_linear_term[0]);
coeffs.push(linear_term);
coeffs.extend(&self.coeffs_except_linear_term[1..]);
assert_eq!(self.coeffs_except_linear_term.len() + 1, coeffs.len());
UniPoly { coeffs }
}