arnaucube/gnark-plonky2-verifier
1
0
Fork 0
mirror of https://github.com/arnaucube/gnark-plonky2-verifier.git synced 2026-01-12 00:51:33 +01:00
Code Issues Projects Releases Wiki Activity

Rename back

Browse Source
This commit is contained in:
Uma Roy
2023-10-11 11:37:45 -07:00
parent d8b919a403
commit 3b8611c6ac
16 changed files with 80 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
benchmark.go
View File

@@ -22,7 +22,7 @@ import (
type BenchmarkPlonky2VerifierCircuit struct { type BenchmarkPlonky2VerifierCircuit struct {
Proof types.Proof Proof types.Proof
PublicInputs []gl.GoldilocksVariable `gnark:",public"` PublicInputs []gl.Variable `gnark:",public"`
verifierChip *verifier.VerifierChip `gnark:"-"` verifierChip *verifier.VerifierChip `gnark:"-"`
plonky2CircuitName string `gnark:"-"` plonky2CircuitName string `gnark:"-"`

2
benchmark_plonk.go
View File

@@ -23,7 +23,7 @@ import (
type BenchmarkPlonky2VerifierCircuitPlonk struct { type BenchmarkPlonky2VerifierCircuitPlonk struct {
Proof types.Proof Proof types.Proof
PublicInputs []gl.GoldilocksVariable `gnark:",public"` PublicInputs []gl.Variable `gnark:",public"`
verifierChip *verifier.VerifierChip `gnark:"-"` verifierChip *verifier.VerifierChip `gnark:"-"`
plonky2CircuitName string `gnark:"-"` plonky2CircuitName string `gnark:"-"`

30
challenger/challenger.go
View File

@@ -14,15 +14,15 @@ type Chip struct {
api frontend.API `gnark:"-"` api frontend.API `gnark:"-"`
poseidonChip *poseidon.GoldilocksChip poseidonChip *poseidon.GoldilocksChip
poseidonBN254Chip *poseidon.BN254Chip poseidonBN254Chip *poseidon.BN254Chip
spongeState [poseidon.SPONGE_WIDTH]gl.GoldilocksVariable spongeState [poseidon.SPONGE_WIDTH]gl.Variable
inputBuffer []gl.GoldilocksVariable inputBuffer []gl.Variable
outputBuffer []gl.GoldilocksVariable outputBuffer []gl.Variable
} }
func NewChip(api frontend.API) *Chip { func NewChip(api frontend.API) *Chip {
var spongeState [poseidon.SPONGE_WIDTH]gl.GoldilocksVariable var spongeState [poseidon.SPONGE_WIDTH]gl.Variable
var inputBuffer []gl.GoldilocksVariable var inputBuffer []gl.Variable
var outputBuffer []gl.GoldilocksVariable var outputBuffer []gl.Variable
for i := 0; i < poseidon.SPONGE_WIDTH; i++ { for i := 0; i < poseidon.SPONGE_WIDTH; i++ {
spongeState[i] = gl.Zero() spongeState[i] = gl.Zero()
} }
@@ -38,7 +38,7 @@ func NewChip(api frontend.API) *Chip {
} }
} }
func (c *Chip) ObserveElement(element gl.GoldilocksVariable) { func (c *Chip) ObserveElement(element gl.Variable) {
c.outputBuffer = clearBuffer(c.outputBuffer) c.outputBuffer = clearBuffer(c.outputBuffer)
c.inputBuffer = append(c.inputBuffer, element) c.inputBuffer = append(c.inputBuffer, element)
if len(c.inputBuffer) == poseidon.SPONGE_RATE { if len(c.inputBuffer) == poseidon.SPONGE_RATE {
@@ -46,7 +46,7 @@ func (c *Chip) ObserveElement(element gl.GoldilocksVariable) {
} }
} }
func (c *Chip) ObserveElements(elements []gl.GoldilocksVariable) { func (c *Chip) ObserveElements(elements []gl.Variable) {
for i := 0; i < len(elements); i++ { for i := 0; i < len(elements); i++ {
c.ObserveElement(elements[i]) c.ObserveElement(elements[i])
} }
@@ -84,7 +84,7 @@ func (c *Chip) ObserveOpenings(openings fri.Openings) {
} }
} }
func (c *Chip) GetChallenge() gl.GoldilocksVariable { func (c *Chip) GetChallenge() gl.Variable {
if len(c.inputBuffer) != 0 || len(c.outputBuffer) == 0 { if len(c.inputBuffer) != 0 || len(c.outputBuffer) == 0 {
c.duplexing() c.duplexing()
} }
@@ -95,8 +95,8 @@ func (c *Chip) GetChallenge() gl.GoldilocksVariable {
return challenge return challenge
} }
func (c *Chip) GetNChallenges(n uint64) []gl.GoldilocksVariable { func (c *Chip) GetNChallenges(n uint64) []gl.Variable {
challenges := make([]gl.GoldilocksVariable, n) challenges := make([]gl.Variable, n)
for i := uint64(0); i < n; i++ { for i := uint64(0); i < n; i++ {
challenges[i] = c.GetChallenge() challenges[i] = c.GetChallenge()
} }
@@ -109,13 +109,13 @@ func (c *Chip) GetExtensionChallenge() gl.QuadraticExtensionVariable {
} }
func (c *Chip) GetHash() poseidon.GoldilocksHashOut { func (c *Chip) GetHash() poseidon.GoldilocksHashOut {
return [4]gl.GoldilocksVariable{c.GetChallenge(), c.GetChallenge(), c.GetChallenge(), c.GetChallenge()} return [4]gl.Variable{c.GetChallenge(), c.GetChallenge(), c.GetChallenge(), c.GetChallenge()}
} }
func (c *Chip) GetFriChallenges( func (c *Chip) GetFriChallenges(
commitPhaseMerkleCaps []types.FriMerkleCap, commitPhaseMerkleCaps []types.FriMerkleCap,
finalPoly types.PolynomialCoeffs, finalPoly types.PolynomialCoeffs,
powWitness gl.GoldilocksVariable, powWitness gl.Variable,
degreeBits uint64, degreeBits uint64,
config types.FriConfig, config types.FriConfig,
) types.FriChallenges { ) types.FriChallenges {
@@ -142,8 +142,8 @@ func (c *Chip) GetFriChallenges(
} }
} }
func clearBuffer(buffer []gl.GoldilocksVariable) []gl.GoldilocksVariable { func clearBuffer(buffer []gl.Variable) []gl.Variable {
return make([]gl.GoldilocksVariable, 0) return make([]gl.Variable, 0)
} }
func (c *Chip) duplexing() { func (c *Chip) duplexing() {

14
fri/fri.go
View File

@@ -33,7 +33,7 @@ func NewChip(
} }
} }
func (f *Chip) assertLeadingZeros(powWitness gl.GoldilocksVariable, friConfig types.FriConfig) { func (f *Chip) assertLeadingZeros(powWitness gl.Variable, friConfig types.FriConfig) {
// Asserts that powWitness'es big-endian bit representation has at least `leading_zeros` leading zeros. // Asserts that powWitness'es big-endian bit representation has at least `leading_zeros` leading zeros.
// Note that this is assuming that the Goldilocks field is being used. Specfically that the // Note that this is assuming that the Goldilocks field is being used. Specfically that the
// field is 64 bits long // field is 64 bits long
@@ -58,7 +58,7 @@ func (f *Chip) fromOpeningsAndAlpha(
} }
func (f *Chip) verifyMerkleProofToCapWithCapIndex( func (f *Chip) verifyMerkleProofToCapWithCapIndex(
leafData []gl.GoldilocksVariable, leafData []gl.Variable,
leafIndexBits []frontend.Variable, leafIndexBits []frontend.Variable,
capIndexBits []frontend.Variable, capIndexBits []frontend.Variable,
merkleCap types.FriMerkleCap, merkleCap types.FriMerkleCap,
@@ -139,7 +139,7 @@ func (f *Chip) assertNoncanonicalIndicesOK() {
func (f *Chip) expFromBitsConstBase( func (f *Chip) expFromBitsConstBase(
base goldilocks.Element, base goldilocks.Element,
exponentBits []frontend.Variable, exponentBits []frontend.Variable,
) gl.GoldilocksVariable { ) gl.Variable {
product := gl.One() product := gl.One()
for i, bit := range exponentBits { for i, bit := range exponentBits {
// If the bit is on, we multiply product by base^pow. // If the bit is on, we multiply product by base^pow.
@@ -167,7 +167,7 @@ func (f *Chip) expFromBitsConstBase(
func (f *Chip) calculateSubgroupX( func (f *Chip) calculateSubgroupX(
xIndexBits []frontend.Variable, xIndexBits []frontend.Variable,
nLog uint64, nLog uint64,
) gl.GoldilocksVariable { ) gl.Variable {
// Compute x from its index // Compute x from its index
// `subgroup_x` is `subgroup[x_index]`, i.e., the actual field element in the domain. // `subgroup_x` is `subgroup[x_index]`, i.e., the actual field element in the domain.
// TODO - Make these as global values // TODO - Make these as global values
@@ -284,7 +284,7 @@ func (f *Chip) interpolate(
} }
func (f *Chip) computeEvaluation( func (f *Chip) computeEvaluation(
x gl.GoldilocksVariable, x gl.Variable,
xIndexWithinCosetBits []frontend.Variable, xIndexWithinCosetBits []frontend.Variable,
arityBits uint64, arityBits uint64,
evals []gl.QuadraticExtensionVariable, evals []gl.QuadraticExtensionVariable,
@@ -359,7 +359,7 @@ func (f *Chip) verifyQueryRound(
precomputedReducedEval []gl.QuadraticExtensionVariable, precomputedReducedEval []gl.QuadraticExtensionVariable,
initialMerkleCaps []types.FriMerkleCap, initialMerkleCaps []types.FriMerkleCap,
proof *types.FriProof, proof *types.FriProof,
xIndex gl.GoldilocksVariable, xIndex gl.Variable,
n uint64, n uint64,
nLog uint64, nLog uint64,
roundProof *types.FriQueryRound, roundProof *types.FriQueryRound,
@@ -437,7 +437,7 @@ func (f *Chip) verifyQueryRound(
) )
// Convert evals (array of QE) to fields by taking their 0th degree coefficients // Convert evals (array of QE) to fields by taking their 0th degree coefficients
fieldEvals := make([]gl.GoldilocksVariable, 0, 2*len(evals)) fieldEvals := make([]gl.Variable, 0, 2*len(evals))
for j := 0; j < len(evals); j++ { for j := 0; j < len(evals); j++ {
fieldEvals = append(fieldEvals, evals[j][0]) fieldEvals = append(fieldEvals, evals[j][0])
fieldEvals = append(fieldEvals, evals[j][1]) fieldEvals = append(fieldEvals, evals[j][1])

40
goldilocks/base.go
View File

@@ -50,28 +50,28 @@ func init() {
} }
// A type alias used to represent Goldilocks field elements. // A type alias used to represent Goldilocks field elements.
type GoldilocksVariable struct { type Variable struct {
Limb frontend.Variable Limb frontend.Variable
} }
// Creates a new Goldilocks field element from an existing variable. Assumes that the element is // Creates a new Goldilocks field element from an existing variable. Assumes that the element is
// already reduced. // already reduced.
func NewVariable(x frontend.Variable) GoldilocksVariable { func NewVariable(x frontend.Variable) Variable {
return GoldilocksVariable{Limb: x} return Variable{Limb: x}
} }
// The zero element in the Golidlocks field. // The zero element in the Golidlocks field.
func Zero() GoldilocksVariable { func Zero() Variable {
return NewVariable(0) return NewVariable(0)
} }
// The one element in the Goldilocks field. // The one element in the Goldilocks field.
func One() GoldilocksVariable { func One() Variable {
return NewVariable(1) return NewVariable(1)
} }
// The negative one element in the Goldilocks field. // The negative one element in the Goldilocks field.
func NegOne() GoldilocksVariable { func NegOne() Variable {
return NewVariable(MODULUS.Uint64() - 1) return NewVariable(MODULUS.Uint64() - 1)
} }
@@ -88,38 +88,38 @@ func NewGoldilocksApi(api frontend.API) *GoldilocksApi {
} }
// Adds two field elements such that x + y = z within the Golidlocks field. // Adds two field elements such that x + y = z within the Golidlocks field.
func (p *GoldilocksApi) Add(a GoldilocksVariable, b GoldilocksVariable) GoldilocksVariable { func (p *GoldilocksApi) Add(a Variable, b Variable) Variable {
return p.MulAdd(a, NewVariable(1), b) return p.MulAdd(a, NewVariable(1), b)
} }
// Adds two field elements such that x + y = z within the Golidlocks field without reducing. // Adds two field elements such that x + y = z within the Golidlocks field without reducing.
func (p *GoldilocksApi) AddNoReduce(a GoldilocksVariable, b GoldilocksVariable) GoldilocksVariable { func (p *GoldilocksApi) AddNoReduce(a Variable, b Variable) Variable {
return NewVariable(p.api.Add(a.Limb, b.Limb)) return NewVariable(p.api.Add(a.Limb, b.Limb))
} }
// Subtracts two field elements such that x + y = z within the Golidlocks field. // Subtracts two field elements such that x + y = z within the Golidlocks field.
func (p *GoldilocksApi) Sub(a GoldilocksVariable, b GoldilocksVariable) GoldilocksVariable { func (p *GoldilocksApi) Sub(a Variable, b Variable) Variable {
return p.MulAdd(b, NewVariable(MODULUS.Uint64()-1), a) return p.MulAdd(b, NewVariable(MODULUS.Uint64()-1), a)
} }
// Subtracts two field elements such that x + y = z within the Golidlocks field without reducing. // Subtracts two field elements such that x + y = z within the Golidlocks field without reducing.
func (p *GoldilocksApi) SubNoReduce(a GoldilocksVariable, b GoldilocksVariable) GoldilocksVariable { func (p *GoldilocksApi) SubNoReduce(a Variable, b Variable) Variable {
return NewVariable(p.api.Add(a.Limb, p.api.Mul(b.Limb, MODULUS.Uint64()-1))) return NewVariable(p.api.Add(a.Limb, p.api.Mul(b.Limb, MODULUS.Uint64()-1)))
} }
// Multiplies two field elements such that x * y = z within the Golidlocks field. // Multiplies two field elements such that x * y = z within the Golidlocks field.
func (p *GoldilocksApi) Mul(a GoldilocksVariable, b GoldilocksVariable) GoldilocksVariable { func (p *GoldilocksApi) Mul(a Variable, b Variable) Variable {
return p.MulAdd(a, b, Zero()) return p.MulAdd(a, b, Zero())
} }
// Multiplies two field elements such that x * y = z within the Golidlocks field without reducing. // Multiplies two field elements such that x * y = z within the Golidlocks field without reducing.
func (p *GoldilocksApi) MulNoReduce(a GoldilocksVariable, b GoldilocksVariable) GoldilocksVariable { func (p *GoldilocksApi) MulNoReduce(a Variable, b Variable) Variable {
return NewVariable(p.api.Mul(a.Limb, b.Limb)) return NewVariable(p.api.Mul(a.Limb, b.Limb))
} }
// Multiplies two field elements and adds a field element such that x * y + z = c within the // Multiplies two field elements and adds a field element such that x * y + z = c within the
// Golidlocks field. // Golidlocks field.
func (p *GoldilocksApi) MulAdd(a GoldilocksVariable, b GoldilocksVariable, c GoldilocksVariable) GoldilocksVariable { func (p *GoldilocksApi) MulAdd(a Variable, b Variable, c Variable) Variable {
result, err := p.api.Compiler().NewHint(MulAddHint, 2, a.Limb, b.Limb, c.Limb) result, err := p.api.Compiler().NewHint(MulAddHint, 2, a.Limb, b.Limb, c.Limb)
if err != nil { if err != nil {
panic(err) panic(err)
@@ -140,7 +140,7 @@ func (p *GoldilocksApi) MulAdd(a GoldilocksVariable, b GoldilocksVariable, c Gol
// Multiplies two field elements and adds a field element such that x * y + z = c within the // Multiplies two field elements and adds a field element such that x * y + z = c within the
// Golidlocks field without reducing. // Golidlocks field without reducing.
func (p *GoldilocksApi) MulAddNoReduce(a GoldilocksVariable, b GoldilocksVariable, c GoldilocksVariable) GoldilocksVariable { func (p *GoldilocksApi) MulAddNoReduce(a Variable, b Variable, c Variable) Variable {
return p.AddNoReduce(p.MulNoReduce(a, b), c) return p.AddNoReduce(p.MulNoReduce(a, b), c)
} }
@@ -168,7 +168,7 @@ func MulAddHint(_ *big.Int, inputs []*big.Int, results []*big.Int) error {
} }
// Reduces a field element x such that x % MODULUS = y. // Reduces a field element x such that x % MODULUS = y.
func (p *GoldilocksApi) Reduce(x GoldilocksVariable) GoldilocksVariable { func (p *GoldilocksApi) Reduce(x Variable) Variable {
// Witness a `quotient` and `remainder` such that: // Witness a `quotient` and `remainder` such that:
// //
// MODULUS * quotient + remainder = x // MODULUS * quotient + remainder = x
@@ -192,7 +192,7 @@ func (p *GoldilocksApi) Reduce(x GoldilocksVariable) GoldilocksVariable {
} }
// Reduces a field element x such that x % MODULUS = y. // Reduces a field element x such that x % MODULUS = y.
func (p *GoldilocksApi) ReduceWithMaxBits(x GoldilocksVariable, maxNbBits uint64) GoldilocksVariable { func (p *GoldilocksApi) ReduceWithMaxBits(x Variable, maxNbBits uint64) Variable {
// Witness a `quotient` and `remainder` such that: // Witness a `quotient` and `remainder` such that:
// //
// MODULUS * quotient + remainder = x // MODULUS * quotient + remainder = x
@@ -227,7 +227,7 @@ func ReduceHint(_ *big.Int, inputs []*big.Int, results []*big.Int) error {
} }
// Computes the inverse of a field element x such that x * x^-1 = 1. // Computes the inverse of a field element x such that x * x^-1 = 1.
func (p *GoldilocksApi) Inverse(x GoldilocksVariable) GoldilocksVariable { func (p *GoldilocksApi) Inverse(x Variable) Variable {
result, err := p.api.Compiler().NewHint(InverseHint, 1, x.Limb) result, err := p.api.Compiler().NewHint(InverseHint, 1, x.Limb)
if err != nil { if err != nil {
panic(err) panic(err)
@@ -261,7 +261,7 @@ func InverseHint(_ *big.Int, inputs []*big.Int, results []*big.Int) error {
} }
// Computes a field element raised to some power. // Computes a field element raised to some power.
func (p *GoldilocksApi) Exp(x GoldilocksVariable, k *big.Int) GoldilocksVariable { func (p *GoldilocksApi) Exp(x Variable, k *big.Int) Variable {
if k.IsUint64() && k.Uint64() == 0 { if k.IsUint64() && k.Uint64() == 0 {
return One() return One()
} }
@@ -306,7 +306,7 @@ func SplitLimbsHint(_ *big.Int, inputs []*big.Int, results []*big.Int) error {
} }
// Range checks a field element x to be less than the Golidlocks modulus 2 ^ 64 - 2 ^ 32 + 1. // Range checks a field element x to be less than the Golidlocks modulus 2 ^ 64 - 2 ^ 32 + 1.
func (p *GoldilocksApi) RangeCheck(x GoldilocksVariable) { func (p *GoldilocksApi) RangeCheck(x Variable) {
// The Goldilocks' modulus is 2^64 - 2^32 + 1, which is: // The Goldilocks' modulus is 2^64 - 2^32 + 1, which is:
// //
// 1111111111111111111111111111111100000000000000000000000000000001 // 1111111111111111111111111111111100000000000000000000000000000001
@@ -350,7 +350,7 @@ func (p *GoldilocksApi) RangeCheck(x GoldilocksVariable) {
) )
} }
func (p *GoldilocksApi) AssertIsEqual(x, y GoldilocksVariable) { func (p *GoldilocksApi) AssertIsEqual(x, y Variable) {
p.api.AssertIsEqual(x.Limb, y.Limb) p.api.AssertIsEqual(x.Limb, y.Limb)
} }

10
goldilocks/quadratic_extension.go
View File

@@ -9,13 +9,13 @@ import (
const W uint64 = 7 const W uint64 = 7
const DTH_ROOT uint64 = 18446744069414584320 const DTH_ROOT uint64 = 18446744069414584320
type QuadraticExtensionVariable [2]GoldilocksVariable type QuadraticExtensionVariable [2]Variable
func NewQuadraticExtensionVariable(x GoldilocksVariable, y GoldilocksVariable) QuadraticExtensionVariable { func NewQuadraticExtensionVariable(x Variable, y Variable) QuadraticExtensionVariable {
return QuadraticExtensionVariable{x, y} return QuadraticExtensionVariable{x, y}
} }
func (p GoldilocksVariable) ToQuadraticExtension() QuadraticExtensionVariable { func (p Variable) ToQuadraticExtension() QuadraticExtensionVariable {
return NewQuadraticExtensionVariable(p, Zero()) return NewQuadraticExtensionVariable(p, Zero())
} }
@@ -101,7 +101,7 @@ func (p *GoldilocksApi) SubMulExtension(a, b, c QuadraticExtensionVariable) Quad
// Multiplies quadratic extension variable in the Goldilocks field by a scalar. // Multiplies quadratic extension variable in the Goldilocks field by a scalar.
func (p *GoldilocksApi) ScalarMulExtension( func (p *GoldilocksApi) ScalarMulExtension(
a QuadraticExtensionVariable, a QuadraticExtensionVariable,
b GoldilocksVariable, b Variable,
) QuadraticExtensionVariable { ) QuadraticExtensionVariable {
return NewQuadraticExtensionVariable( return NewQuadraticExtensionVariable(
p.Mul(a[0], b), p.Mul(a[0], b),
@@ -111,7 +111,7 @@ func (p *GoldilocksApi) ScalarMulExtension(
// Computes an inner product over quadratic extension variable vectors in the Goldilocks field. // Computes an inner product over quadratic extension variable vectors in the Goldilocks field.
func (p *GoldilocksApi) InnerProductExtension( func (p *GoldilocksApi) InnerProductExtension(
constant GoldilocksVariable, constant Variable,
startingAcc QuadraticExtensionVariable, startingAcc QuadraticExtensionVariable,
pairs [][2]QuadraticExtensionVariable, pairs [][2]QuadraticExtensionVariable,
) QuadraticExtensionVariable { ) QuadraticExtensionVariable {

4
goldilocks/utils.go
View File

@@ -24,8 +24,8 @@ func StrArrayToFrontendVariableArray(input []string) []frontend.Variable {
return output return output
} }
func Uint64ArrayToVariableArray(input []uint64) []GoldilocksVariable { func Uint64ArrayToVariableArray(input []uint64) []Variable {
var output []GoldilocksVariable var output []Variable
for i := 0; i < len(input); i++ { for i := 0; i < len(input); i++ {
output = append(output, NewVariable(input[i])) output = append(output, NewVariable(input[i]))
} }

4
plonk/plonk.go
View File

@@ -13,8 +13,8 @@ type PlonkChip struct {
commonData types.CommonCircuitData `gnark:"-"` commonData types.CommonCircuitData `gnark:"-"`
DEGREE gl.GoldilocksVariable `gnark:"-"` DEGREE gl.Variable `gnark:"-"`
DEGREE_BITS_F gl.GoldilocksVariable `gnark:"-"` DEGREE_BITS_F gl.Variable `gnark:"-"`
DEGREE_QE gl.QuadraticExtensionVariable `gnark:"-"` DEGREE_QE gl.QuadraticExtensionVariable `gnark:"-"`
evaluateGatesChip *gates.EvaluateGatesChip evaluateGatesChip *gates.EvaluateGatesChip

8
poseidon/bn254.go
View File

@@ -39,7 +39,7 @@ func (c *BN254Chip) Poseidon(state BN254State) BN254State {
return state return state
} }
func (c *BN254Chip) HashNoPad(input []gl.GoldilocksVariable) BN254HashOut { func (c *BN254Chip) HashNoPad(input []gl.Variable) BN254HashOut {
state := BN254State{ state := BN254State{
frontend.Variable(0), frontend.Variable(0),
frontend.Variable(0), frontend.Variable(0),
@@ -69,7 +69,7 @@ func (c *BN254Chip) HashNoPad(input []gl.GoldilocksVariable) BN254HashOut {
return BN254HashOut(state[0]) return BN254HashOut(state[0])
} }
func (c *BN254Chip) HashOrNoop(input []gl.GoldilocksVariable) BN254HashOut { func (c *BN254Chip) HashOrNoop(input []gl.Variable) BN254HashOut {
if len(input) <= 3 { if len(input) <= 3 {
returnVal := frontend.Variable(0) returnVal := frontend.Variable(0)
@@ -94,10 +94,10 @@ func (c *BN254Chip) TwoToOne(left BN254HashOut, right BN254HashOut) BN254HashOut
return state[0] return state[0]
} }
func (c *BN254Chip) ToVec(hash BN254HashOut) []gl.GoldilocksVariable { func (c *BN254Chip) ToVec(hash BN254HashOut) []gl.Variable {
bits := c.api.ToBinary(hash) bits := c.api.ToBinary(hash)
returnElements := []gl.GoldilocksVariable{} returnElements := []gl.Variable{}
// Split into 7 byte chunks, since 8 byte chunks can result in collisions // Split into 7 byte chunks, since 8 byte chunks can result in collisions
chunkSize := 56 chunkSize := 56

18
poseidon/goldilocks.go
View File

@@ -11,9 +11,9 @@ const MAX_WIDTH = 12
const SPONGE_WIDTH = 12 const SPONGE_WIDTH = 12
const SPONGE_RATE = 8 const SPONGE_RATE = 8
type GoldilocksState = [SPONGE_WIDTH]gl.GoldilocksVariable type GoldilocksState = [SPONGE_WIDTH]gl.Variable
type GoldilocksStateExtension = [SPONGE_WIDTH]gl.QuadraticExtensionVariable type GoldilocksStateExtension = [SPONGE_WIDTH]gl.QuadraticExtensionVariable
type GoldilocksHashOut = [4]gl.GoldilocksVariable type GoldilocksHashOut = [4]gl.Variable
type GoldilocksChip struct { type GoldilocksChip struct {
api frontend.API `gnark:"-"` api frontend.API `gnark:"-"`
@@ -38,7 +38,7 @@ func (c *GoldilocksChip) Poseidon(input GoldilocksState) GoldilocksState {
// The input elements MUST have all it's elements be within Goldilocks field. // The input elements MUST have all it's elements be within Goldilocks field.
// The returned slice's elements will all be within Goldilocks field. // The returned slice's elements will all be within Goldilocks field.
func (c *GoldilocksChip) HashNToMNoPad(input []gl.GoldilocksVariable, nbOutputs int) []gl.GoldilocksVariable { func (c *GoldilocksChip) HashNToMNoPad(input []gl.Variable, nbOutputs int) []gl.Variable {
var state GoldilocksState var state GoldilocksState
for i := 0; i < SPONGE_WIDTH; i++ { for i := 0; i < SPONGE_WIDTH; i++ {
@@ -54,7 +54,7 @@ func (c *GoldilocksChip) HashNToMNoPad(input []gl.GoldilocksVariable, nbOutputs
state = c.Poseidon(state) state = c.Poseidon(state)
} }
var outputs []gl.GoldilocksVariable var outputs []gl.Variable
for { for {
for i := 0; i < SPONGE_RATE; i++ { for i := 0; i < SPONGE_RATE; i++ {
@@ -69,9 +69,9 @@ func (c *GoldilocksChip) HashNToMNoPad(input []gl.GoldilocksVariable, nbOutputs
// The input elements can be outside of the Goldilocks field. // The input elements can be outside of the Goldilocks field.
// The returned slice's elements will all be within Goldilocks field. // The returned slice's elements will all be within Goldilocks field.
func (c *GoldilocksChip) HashNoPad(input []gl.GoldilocksVariable) GoldilocksHashOut { func (c *GoldilocksChip) HashNoPad(input []gl.Variable) GoldilocksHashOut {
var hash GoldilocksHashOut var hash GoldilocksHashOut
inputVars := []gl.GoldilocksVariable{} inputVars := []gl.Variable{}
for i := 0; i < len(input); i++ { for i := 0; i < len(input); i++ {
inputVars = append(inputVars, c.gl.Reduce(input[i])) inputVars = append(inputVars, c.gl.Reduce(input[i]))
@@ -85,7 +85,7 @@ func (c *GoldilocksChip) HashNoPad(input []gl.GoldilocksVariable) GoldilocksHash
return hash return hash
} }
func (c *GoldilocksChip) ToVec(hash GoldilocksHashOut) []gl.GoldilocksVariable { func (c *GoldilocksChip) ToVec(hash GoldilocksHashOut) []gl.Variable {
return hash[:] return hash[:]
} }
@@ -135,7 +135,7 @@ func (c *GoldilocksChip) ConstantLayerExtension(state GoldilocksStateExtension,
return state return state
} }
func (c *GoldilocksChip) sBoxMonomial(x gl.GoldilocksVariable) gl.GoldilocksVariable { func (c *GoldilocksChip) sBoxMonomial(x gl.Variable) gl.Variable {
x2 := c.gl.MulNoReduce(x, x) x2 := c.gl.MulNoReduce(x, x)
x3 := c.gl.MulNoReduce(x, x2) x3 := c.gl.MulNoReduce(x, x2)
x3 = c.gl.ReduceWithMaxBits(x3, 192) x3 = c.gl.ReduceWithMaxBits(x3, 192)
@@ -169,7 +169,7 @@ func (c *GoldilocksChip) SBoxLayerExtension(state GoldilocksStateExtension) Gold
return state return state
} }
func (c *GoldilocksChip) mdsRowShf(r int, v [SPONGE_WIDTH]gl.GoldilocksVariable) gl.GoldilocksVariable { func (c *GoldilocksChip) mdsRowShf(r int, v [SPONGE_WIDTH]gl.Variable) gl.Variable {
res := gl.Zero() res := gl.Zero()
for i := 0; i < 12; i++ { for i := 0; i < 12; i++ {

2
poseidon/public_inputs_hash_test.go
View File

@@ -21,7 +21,7 @@ func (circuit *TestPublicInputsHashCircuit) Define(api frontend.API) error {
glAPI := gl.NewGoldilocksApi(api) glAPI := gl.NewGoldilocksApi(api)
// BN254 -> Binary(64) -> F // BN254 -> Binary(64) -> F
var input [3]gl.GoldilocksVariable var input [3]gl.Variable
for i := 0; i < 3; i++ { for i := 0; i < 3; i++ {
input[i] = gl.NewVariable(api.FromBinary(api.ToBinary(circuit.In[i], 64)...)) input[i] = gl.NewVariable(api.FromBinary(api.ToBinary(circuit.In[i], 64)...))
} }

4
types/circuit.go
View File

@@ -16,7 +16,7 @@ type Proof struct {
type ProofWithPublicInputs struct { type ProofWithPublicInputs struct {
Proof Proof Proof Proof
PublicInputs []gl.GoldilocksVariable // Length = CommonCircuitData.NumPublicInputs PublicInputs []gl.Variable // Length = CommonCircuitData.NumPublicInputs
} }
type VerifierOnlyCircuitData struct { type VerifierOnlyCircuitData struct {
@@ -46,6 +46,6 @@ type CommonCircuitData struct {
NumGateConstraints uint64 NumGateConstraints uint64
NumConstants uint64 NumConstants uint64
NumPublicInputs uint64 NumPublicInputs uint64
KIs []gl.GoldilocksVariable KIs []gl.Variable
NumPartialProducts uint64 NumPartialProducts uint64
} }

10
types/fri.go
View File

@@ -47,11 +47,11 @@ func NewFriMerkleProof(merkleProofLen uint64) FriMerkleProof {
} }
type FriEvalProof struct { type FriEvalProof struct {
Elements []gl.GoldilocksVariable // Length = [CommonCircuitData.Constants + CommonCircuitData.NumRoutedWires, CommonCircuitData.NumWires + CommonCircuitData.FriParams.Hiding ? 4 : 0, CommonCircuitData.NumChallenges * (1 + CommonCircuitData.NumPartialProducts) + salt, CommonCircuitData.NumChallenges * CommonCircuitData.QuotientDegreeFactor + salt] Elements []gl.Variable // Length = [CommonCircuitData.Constants + CommonCircuitData.NumRoutedWires, CommonCircuitData.NumWires + CommonCircuitData.FriParams.Hiding ? 4 : 0, CommonCircuitData.NumChallenges * (1 + CommonCircuitData.NumPartialProducts) + salt, CommonCircuitData.NumChallenges * CommonCircuitData.QuotientDegreeFactor + salt]
MerkleProof FriMerkleProof MerkleProof FriMerkleProof
} }
func NewFriEvalProof(elements []gl.GoldilocksVariable, merkleProof FriMerkleProof) FriEvalProof { func NewFriEvalProof(elements []gl.Variable, merkleProof FriMerkleProof) FriEvalProof {
return FriEvalProof{Elements: elements, MerkleProof: merkleProof} return FriEvalProof{Elements: elements, MerkleProof: merkleProof}
} }
@@ -88,12 +88,12 @@ type FriProof struct {
CommitPhaseMerkleCaps []FriMerkleCap // Length = Len(CommonCircuitData.FriParams.ReductionArityBits) CommitPhaseMerkleCaps []FriMerkleCap // Length = Len(CommonCircuitData.FriParams.ReductionArityBits)
QueryRoundProofs []FriQueryRound // Length = CommonCircuitData.FriConfig.FriParams.NumQueryRounds QueryRoundProofs []FriQueryRound // Length = CommonCircuitData.FriConfig.FriParams.NumQueryRounds
FinalPoly PolynomialCoeffs FinalPoly PolynomialCoeffs
PowWitness gl.GoldilocksVariable PowWitness gl.Variable
} }
type FriChallenges struct { type FriChallenges struct {
FriAlpha gl.QuadraticExtensionVariable FriAlpha gl.QuadraticExtensionVariable
FriBetas []gl.QuadraticExtensionVariable FriBetas []gl.QuadraticExtensionVariable
FriPowResponse gl.GoldilocksVariable FriPowResponse gl.Variable
FriQueryIndices []gl.GoldilocksVariable FriQueryIndices []gl.Variable
} }

6
types/plonk.go
View File

@@ -25,9 +25,9 @@ func NewOpeningSet(numConstants uint64, numRoutedWires uint64, numWires uint64,
} }
type ProofChallenges struct { type ProofChallenges struct {
PlonkBetas []gl.GoldilocksVariable PlonkBetas []gl.Variable
PlonkGammas []gl.GoldilocksVariable PlonkGammas []gl.Variable
PlonkAlphas []gl.GoldilocksVariable PlonkAlphas []gl.Variable
PlonkZeta gl.QuadraticExtensionVariable PlonkZeta gl.QuadraticExtensionVariable
FriChallenges FriChallenges FriChallenges FriChallenges
} }

4
verifier/verifier.go
View File

@@ -35,7 +35,7 @@ func NewVerifierChip(api frontend.API, commonCircuitData types.CommonCircuitData
} }
} }
func (c *VerifierChip) GetPublicInputsHash(publicInputs []gl.GoldilocksVariable) poseidon.GoldilocksHashOut { func (c *VerifierChip) GetPublicInputsHash(publicInputs []gl.Variable) poseidon.GoldilocksHashOut {
return c.poseidonGlChip.HashNoPad(publicInputs) return c.poseidonGlChip.HashNoPad(publicInputs)
} }
@@ -206,7 +206,7 @@ func (c *VerifierChip) rangeCheckProof(proof types.Proof) {
func (c *VerifierChip) Verify( func (c *VerifierChip) Verify(
proof types.Proof, proof types.Proof,
publicInputs []gl.GoldilocksVariable, publicInputs []gl.Variable,
verifierData types.VerifierOnlyCircuitData, verifierData types.VerifierOnlyCircuitData,
commonData types.CommonCircuitData, commonData types.CommonCircuitData,
) { ) {

2
verifier/verifier_test.go
View File

@@ -15,7 +15,7 @@ import (
type TestVerifierCircuit struct { type TestVerifierCircuit struct {
Proof types.Proof Proof types.Proof
PublicInputs []gl.GoldilocksVariable `gnark:",public"` PublicInputs []gl.Variable `gnark:",public"`
verifierChip *verifier.VerifierChip `gnark:"-"` verifierChip *verifier.VerifierChip `gnark:"-"`
plonky2CircuitName string `gnark:"-"` plonky2CircuitName string `gnark:"-"`