mirror of
https://github.com/arnaucube/gnark-plonky2-verifier.git
synced 2026-01-12 00:51:33 +01:00
All tests pass
This commit is contained in:
Uma Roy
38
fri/fri.go
38
fri/fri.go
@@ -18,22 +18,60 @@ type Chip struct {
|
||||
api frontend.API `gnark:"-"`
|
||||
gl gl.Chip `gnark:"-"`
|
||||
poseidonBN254Chip *poseidon.BN254Chip
|
||||
commonData *types.CommonCircuitData
|
||||
friParams *types.FriParams `gnark:"-"`
|
||||
}
|
||||
|
||||
func NewChip(
|
||||
api frontend.API,
|
||||
commonData *types.CommonCircuitData,
|
||||
friParams *types.FriParams,
|
||||
) *Chip {
|
||||
poseidonBN254Chip := poseidon.NewBN254Chip(api)
|
||||
return &Chip{
|
||||
api: api,
|
||||
poseidonBN254Chip: poseidonBN254Chip,
|
||||
commonData: commonData,
|
||||
friParams: friParams,
|
||||
gl: *gl.New(api),
|
||||
}
|
||||
}
|
||||
|
||||
func (f *Chip) GetInstance(zeta gl.QuadraticExtensionVariable) InstanceInfo {
|
||||
zetaBatch := BatchInfo{
|
||||
Point: zeta,
|
||||
Polynomials: friAllPolys(f.commonData),
|
||||
}
|
||||
|
||||
g := gl.PrimitiveRootOfUnity(f.commonData.DegreeBits)
|
||||
zetaNext := f.gl.MulExtension(
|
||||
gl.NewVariable(g.Uint64()).ToQuadraticExtension(),
|
||||
zeta,
|
||||
)
|
||||
|
||||
zetaNextBath := BatchInfo{
|
||||
Point: zetaNext,
|
||||
Polynomials: friZSPolys(f.commonData),
|
||||
}
|
||||
|
||||
return InstanceInfo{
|
||||
Oracles: friOracles(f.commonData),
|
||||
Batches: []BatchInfo{zetaBatch, zetaNextBath},
|
||||
}
|
||||
}
|
||||
|
||||
func (f *Chip) ToOpenings(c variables.OpeningSet) Openings {
|
||||
values := c.Constants // num_constants + 1
|
||||
values = append(values, c.PlonkSigmas...) // num_routed_wires
|
||||
values = append(values, c.Wires...) // num_wires
|
||||
values = append(values, c.PlonkZs...) // num_challenges
|
||||
values = append(values, c.PartialProducts...) // num_challenges * num_partial_products
|
||||
values = append(values, c.QuotientPolys...) // num_challenges * quotient_degree_factor
|
||||
zetaBatch := OpeningBatch{Values: values}
|
||||
zetaNextBatch := OpeningBatch{Values: c.PlonkZsNext}
|
||||
return Openings{Batches: []OpeningBatch{zetaBatch, zetaNextBatch}}
|
||||
}
|
||||
|
||||
func (f *Chip) assertLeadingZeros(powWitness gl.Variable, friConfig types.FriConfig) {
|
||||
// Asserts that powWitness'es big-endian bit representation has at least `leading_zeros` leading zeros.
|
||||
// Note that this is assuming that the Goldilocks field is being used. Specfically that the
|
||||
|
||||
@@ -10,24 +10,24 @@ import (
|
||||
"github.com/succinctlabs/gnark-plonky2-verifier/fri"
|
||||
gl "github.com/succinctlabs/gnark-plonky2-verifier/goldilocks"
|
||||
"github.com/succinctlabs/gnark-plonky2-verifier/poseidon"
|
||||
"github.com/succinctlabs/gnark-plonky2-verifier/types"
|
||||
"github.com/succinctlabs/gnark-plonky2-verifier/variables"
|
||||
"github.com/succinctlabs/gnark-plonky2-verifier/verifier"
|
||||
)
|
||||
|
||||
type TestFriCircuit struct {
|
||||
proofWithPIsFilename string `gnark:"-"`
|
||||
commonCircuitDataFilename string `gnark:"-"`
|
||||
verifierOnlyCircuitDataFilename string `gnark:"-"`
|
||||
ProofWithPis variables.ProofWithPublicInputs
|
||||
VerifierOnlyCircuitData variables.VerifierOnlyCircuitData
|
||||
CommonCircuitData types.CommonCircuitData
|
||||
}
|
||||
|
||||
func (circuit *TestFriCircuit) Define(api frontend.API) error {
|
||||
proofWithPis := verifier.DeserializeProofWithPublicInputs(circuit.proofWithPIsFilename)
|
||||
commonCircuitData := verifier.DeserializeCommonCircuitData(circuit.commonCircuitDataFilename)
|
||||
verifierOnlyCircuitData := verifier.DeserializeVerifierOnlyCircuitData(circuit.verifierOnlyCircuitDataFilename)
|
||||
commonCircuitData := circuit.CommonCircuitData
|
||||
verifierOnlyCircuitData := circuit.VerifierOnlyCircuitData
|
||||
proofWithPis := circuit.ProofWithPis
|
||||
|
||||
glApi := gl.New(api)
|
||||
poseidonChip := poseidon.NewGoldilocksChip(api)
|
||||
friChip := fri.NewChip(api, &commonCircuitData.FriParams)
|
||||
friChip := fri.NewChip(api, &commonCircuitData, &commonCircuitData.FriParams)
|
||||
challengerChip := challenger.NewChip(api)
|
||||
|
||||
challengerChip.ObserveBN254Hash(verifierOnlyCircuitData.CircuitDigest)
|
||||
@@ -46,7 +46,7 @@ func (circuit *TestFriCircuit) Define(api frontend.API) error {
|
||||
plonkZeta := challengerChip.GetExtensionChallenge()
|
||||
glApi.AssertIsEqual(plonkZeta[0], gl.NewVariable("3892795992421241388"))
|
||||
|
||||
challengerChip.ObserveOpenings(fri.ToOpenings(proofWithPis.Proof.Openings))
|
||||
challengerChip.ObserveOpenings(friChip.ToOpenings(proofWithPis.Proof.Openings))
|
||||
|
||||
friChallenges := challengerChip.GetFriChallenges(
|
||||
proofWithPis.Proof.OpeningProof.CommitPhaseMerkleCaps,
|
||||
@@ -94,8 +94,8 @@ func (circuit *TestFriCircuit) Define(api frontend.API) error {
|
||||
}
|
||||
|
||||
friChip.VerifyFriProof(
|
||||
fri.GetInstance(&commonCircuitData, glApi, plonkZeta, commonCircuitData.DegreeBits),
|
||||
fri.ToOpenings(proofWithPis.Proof.Openings),
|
||||
friChip.GetInstance(plonkZeta),
|
||||
friChip.ToOpenings(proofWithPis.Proof.Openings),
|
||||
&friChallenges,
|
||||
initialMerkleCaps,
|
||||
&proofWithPis.Proof.OpeningProof,
|
||||
@@ -107,16 +107,24 @@ func (circuit *TestFriCircuit) Define(api frontend.API) error {
|
||||
func TestDecodeBlockFriVerification(t *testing.T) {
|
||||
assert := test.NewAssert(t)
|
||||
|
||||
proofWithPIsFilename := "../testdata/decode_block/proof_with_public_inputs.json"
|
||||
commonCircuitDataFilename := "../testdata/decode_block/common_circuit_data.json"
|
||||
verifierOnlyCircuitDataFilename := "../testdata/decode_block/verifier_only_circuit_data.json"
|
||||
|
||||
proofWithPis := variables.DeserializeProofWithPublicInputs(types.ReadProofWithPublicInputs(proofWithPIsFilename))
|
||||
commonCircuitData := types.DeserializeCommonCircuitData(commonCircuitDataFilename)
|
||||
verifierOnlyCircuitData := variables.DeserializeVerifierOnlyCircuitData(types.ReadVerifierOnlyCircuitData(verifierOnlyCircuitDataFilename))
|
||||
|
||||
testCase := func() {
|
||||
circuit := TestFriCircuit{
|
||||
proofWithPIsFilename: "../../data/decode_block/proof_with_public_inputs.json",
|
||||
commonCircuitDataFilename: "../../data/decode_block//common_circuit_data.json",
|
||||
verifierOnlyCircuitDataFilename: "../../data/decode_block//verifier_only_circuit_data.json",
|
||||
proofWithPis,
|
||||
verifierOnlyCircuitData,
|
||||
commonCircuitData,
|
||||
}
|
||||
witness := TestFriCircuit{
|
||||
proofWithPIsFilename: "../../data/dummy_2^14_gates/proof_with_public_inputs.json",
|
||||
commonCircuitDataFilename: "../../data/dummy_2^14_gates/common_circuit_data.json",
|
||||
verifierOnlyCircuitDataFilename: ".../../data/dummy_2^14_gates/verifier_only_circuit_data.json",
|
||||
proofWithPis,
|
||||
verifierOnlyCircuitData,
|
||||
commonCircuitData,
|
||||
}
|
||||
err := test.IsSolved(&circuit, &witness, ecc.BN254.ScalarField())
|
||||
assert.NoError(err)
|
||||
|
||||
@@ -1,30 +1,9 @@
|
||||
package fri
|
||||
|
||||
import (
|
||||
gl "github.com/succinctlabs/gnark-plonky2-verifier/goldilocks"
|
||||
"github.com/succinctlabs/gnark-plonky2-verifier/variables"
|
||||
"github.com/succinctlabs/gnark-plonky2-verifier/types"
|
||||
)
|
||||
|
||||
type OpeningBatch struct {
|
||||
Values []gl.QuadraticExtensionVariable
|
||||
}
|
||||
|
||||
type Openings struct {
|
||||
Batches []OpeningBatch
|
||||
}
|
||||
|
||||
func ToOpenings(c variables.OpeningSet) Openings {
|
||||
values := c.Constants // num_constants + 1
|
||||
values = append(values, c.PlonkSigmas...) // num_routed_wires
|
||||
values = append(values, c.Wires...) // num_wires
|
||||
values = append(values, c.PlonkZs...) // num_challenges
|
||||
values = append(values, c.PartialProducts...) // num_challenges * num_partial_products
|
||||
values = append(values, c.QuotientPolys...) // num_challenges * quotient_degree_factor
|
||||
zetaBatch := OpeningBatch{Values: values}
|
||||
zetaNextBatch := OpeningBatch{Values: c.PlonkZsNext}
|
||||
return Openings{Batches: []OpeningBatch{zetaBatch, zetaNextBatch}}
|
||||
}
|
||||
|
||||
type PolynomialInfo struct {
|
||||
OracleIndex uint64
|
||||
PolynomialInfo uint64
|
||||
@@ -35,16 +14,6 @@ type OracleInfo struct {
|
||||
Blinding bool
|
||||
}
|
||||
|
||||
type BatchInfo struct {
|
||||
Point gl.QuadraticExtensionVariable
|
||||
Polynomials []PolynomialInfo
|
||||
}
|
||||
|
||||
type InstanceInfo struct {
|
||||
Oracles []OracleInfo
|
||||
Batches []BatchInfo
|
||||
}
|
||||
|
||||
type PlonkOracle struct {
|
||||
index uint64
|
||||
blinding bool
|
||||
@@ -70,7 +39,7 @@ var QUOTIENT = PlonkOracle{
|
||||
blinding: true,
|
||||
}
|
||||
|
||||
func polynomialInfoFromRange(c *variables.CommonCircuitData, oracleIdx uint64, startPolyIdx uint64, endPolyIdx uint64) []PolynomialInfo {
|
||||
func polynomialInfoFromRange(c *types.CommonCircuitData, oracleIdx uint64, startPolyIdx uint64, endPolyIdx uint64) []PolynomialInfo {
|
||||
returnArr := make([]PolynomialInfo, 0)
|
||||
for i := startPolyIdx; i < endPolyIdx; i++ {
|
||||
returnArr = append(returnArr,
|
||||
@@ -84,7 +53,7 @@ func polynomialInfoFromRange(c *variables.CommonCircuitData, oracleIdx uint64, s
|
||||
}
|
||||
|
||||
// Range of the sigma polynomials in the `constants_sigmas_commitment`.
|
||||
func sigmasRange(c *variables.CommonCircuitData) []uint64 {
|
||||
func sigmasRange(c *types.CommonCircuitData) []uint64 {
|
||||
returnArr := make([]uint64, 0)
|
||||
for i := c.NumConstants; i <= c.NumConstants+c.Config.NumRoutedWires; i++ {
|
||||
returnArr = append(returnArr, i)
|
||||
@@ -93,20 +62,20 @@ func sigmasRange(c *variables.CommonCircuitData) []uint64 {
|
||||
return returnArr
|
||||
}
|
||||
|
||||
func numPreprocessedPolys(c *variables.CommonCircuitData) uint64 {
|
||||
func numPreprocessedPolys(c *types.CommonCircuitData) uint64 {
|
||||
sigmasRange := sigmasRange(c)
|
||||
return sigmasRange[len(sigmasRange)-1]
|
||||
}
|
||||
|
||||
func numZSPartialProductsPolys(c *variables.CommonCircuitData) uint64 {
|
||||
func numZSPartialProductsPolys(c *types.CommonCircuitData) uint64 {
|
||||
return c.Config.NumChallenges * (1 + c.NumPartialProducts)
|
||||
}
|
||||
|
||||
func numQuotientPolys(c *variables.CommonCircuitData) uint64 {
|
||||
func numQuotientPolys(c *types.CommonCircuitData) uint64 {
|
||||
return c.Config.NumChallenges * c.QuotientDegreeFactor
|
||||
}
|
||||
|
||||
func friPreprocessedPolys(c *variables.CommonCircuitData) []PolynomialInfo {
|
||||
func friPreprocessedPolys(c *types.CommonCircuitData) []PolynomialInfo {
|
||||
return polynomialInfoFromRange(
|
||||
c,
|
||||
CONSTANTS_SIGMAS.index,
|
||||
@@ -115,12 +84,12 @@ func friPreprocessedPolys(c *variables.CommonCircuitData) []PolynomialInfo {
|
||||
)
|
||||
}
|
||||
|
||||
func friWirePolys(c *variables.CommonCircuitData) []PolynomialInfo {
|
||||
func friWirePolys(c *types.CommonCircuitData) []PolynomialInfo {
|
||||
numWirePolys := c.Config.NumWires
|
||||
return polynomialInfoFromRange(c, WIRES.index, 0, numWirePolys)
|
||||
}
|
||||
|
||||
func friZSPartialProductsPolys(c *variables.CommonCircuitData) []PolynomialInfo {
|
||||
func friZSPartialProductsPolys(c *types.CommonCircuitData) []PolynomialInfo {
|
||||
return polynomialInfoFromRange(
|
||||
c,
|
||||
ZS_PARTIAL_PRODUCTS.index,
|
||||
@@ -129,7 +98,7 @@ func friZSPartialProductsPolys(c *variables.CommonCircuitData) []PolynomialInfo
|
||||
)
|
||||
}
|
||||
|
||||
func friQuotientPolys(c *variables.CommonCircuitData) []PolynomialInfo {
|
||||
func friQuotientPolys(c *types.CommonCircuitData) []PolynomialInfo {
|
||||
return polynomialInfoFromRange(
|
||||
c,
|
||||
QUOTIENT.index,
|
||||
@@ -138,7 +107,7 @@ func friQuotientPolys(c *variables.CommonCircuitData) []PolynomialInfo {
|
||||
)
|
||||
}
|
||||
|
||||
func friZSPolys(c *variables.CommonCircuitData) []PolynomialInfo {
|
||||
func friZSPolys(c *types.CommonCircuitData) []PolynomialInfo {
|
||||
return polynomialInfoFromRange(
|
||||
c,
|
||||
ZS_PARTIAL_PRODUCTS.index,
|
||||
@@ -147,7 +116,7 @@ func friZSPolys(c *variables.CommonCircuitData) []PolynomialInfo {
|
||||
)
|
||||
}
|
||||
|
||||
func friOracles(c *variables.CommonCircuitData) []OracleInfo {
|
||||
func friOracles(c *types.CommonCircuitData) []OracleInfo {
|
||||
return []OracleInfo{
|
||||
{
|
||||
NumPolys: numPreprocessedPolys(c),
|
||||
@@ -168,7 +137,7 @@ func friOracles(c *variables.CommonCircuitData) []OracleInfo {
|
||||
}
|
||||
}
|
||||
|
||||
func friAllPolys(c *variables.CommonCircuitData) []PolynomialInfo {
|
||||
func friAllPolys(c *types.CommonCircuitData) []PolynomialInfo {
|
||||
returnArr := make([]PolynomialInfo, 0)
|
||||
returnArr = append(returnArr, friPreprocessedPolys(c)...)
|
||||
returnArr = append(returnArr, friWirePolys(c)...)
|
||||
@@ -177,26 +146,3 @@ func friAllPolys(c *variables.CommonCircuitData) []PolynomialInfo {
|
||||
|
||||
return returnArr
|
||||
}
|
||||
|
||||
func GetInstance(c *variables.CommonCircuitData, glApi *gl.Chip, zeta gl.QuadraticExtensionVariable, degreeBits uint64) InstanceInfo {
|
||||
zetaBatch := BatchInfo{
|
||||
Point: zeta,
|
||||
Polynomials: friAllPolys(c),
|
||||
}
|
||||
|
||||
g := gl.PrimitiveRootOfUnity(degreeBits)
|
||||
zetaNext := glApi.MulExtension(
|
||||
gl.NewVariable(g.Uint64()).ToQuadraticExtension(),
|
||||
zeta,
|
||||
)
|
||||
|
||||
zetaNextBath := BatchInfo{
|
||||
Point: zetaNext,
|
||||
Polynomials: friZSPolys(c),
|
||||
}
|
||||
|
||||
return InstanceInfo{
|
||||
Oracles: friOracles(c),
|
||||
Batches: []BatchInfo{zetaBatch, zetaNextBath},
|
||||
}
|
||||
}
|
||||
|
||||
21
fri/vars.go
Normal file
21
fri/vars.go
Normal file
@@ -0,0 +1,21 @@
|
||||
package fri
|
||||
|
||||
import gl "github.com/succinctlabs/gnark-plonky2-verifier/goldilocks"
|
||||
|
||||
type BatchInfo struct {
|
||||
Point gl.QuadraticExtensionVariable
|
||||
Polynomials []PolynomialInfo
|
||||
}
|
||||
|
||||
type InstanceInfo struct {
|
||||
Oracles []OracleInfo
|
||||
Batches []BatchInfo
|
||||
}
|
||||
|
||||
type OpeningBatch struct {
|
||||
Values []gl.QuadraticExtensionVariable
|
||||
}
|
||||
|
||||
type Openings struct {
|
||||
Batches []OpeningBatch
|
||||
}
|
||||
Reference in New Issue
Block a user