mirror of
https://github.com/arnaucube/gnark-plonky2-verifier.git
synced 2026-01-12 17:11:31 +01:00
Poseidon BN128 (#20)
* initial commit of poseidon bn128 * got challenger working * deserialize is working * cleaned up deserialization function a bit * fixed challenger * add in the hack to the challenges * fixed some bugs in poseidon_bn128 * fri verification is working * some changes for benchmarking * added decode_block plonky2 data * initial commit for poseidon_mds_gate * updated gate test cases * working poseidon mds gate * full verifier test case working
This commit is contained in:
Kevin Jue
GitHub
@@ -17,9 +17,8 @@ type FriChip struct {
|
||||
api frontend.API `gnark:"-"`
|
||||
fieldAPI field.FieldAPI `gnark:"-"`
|
||||
qeAPI *field.QuadraticExtensionAPI `gnark:"-"`
|
||||
hashAPI *poseidon.HashAPI `gnark:"-"`
|
||||
|
||||
poseidonChip *poseidon.PoseidonChip
|
||||
poseidonBN128Chip *poseidon.PoseidonBN128Chip
|
||||
|
||||
friParams *common.FriParams `gnark:"-"`
|
||||
}
|
||||
@@ -28,17 +27,15 @@ func NewFriChip(
|
||||
api frontend.API,
|
||||
fieldAPI field.FieldAPI,
|
||||
qeAPI *field.QuadraticExtensionAPI,
|
||||
hashAPI *poseidon.HashAPI,
|
||||
poseidonChip *poseidon.PoseidonChip,
|
||||
poseidonBN128Chip *poseidon.PoseidonBN128Chip,
|
||||
friParams *common.FriParams,
|
||||
) *FriChip {
|
||||
return &FriChip{
|
||||
api: api,
|
||||
fieldAPI: fieldAPI,
|
||||
qeAPI: qeAPI,
|
||||
hashAPI: hashAPI,
|
||||
poseidonChip: poseidonChip,
|
||||
friParams: friParams,
|
||||
api: api,
|
||||
fieldAPI: fieldAPI,
|
||||
qeAPI: qeAPI,
|
||||
poseidonBN128Chip: poseidonBN128Chip,
|
||||
friParams: friParams,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -63,66 +60,15 @@ func (f *FriChip) fromOpeningsAndAlpha(openings *FriOpenings, alpha field.Quadra
|
||||
return reducedOpenings
|
||||
}
|
||||
|
||||
func (f *FriChip) hashOrNoop(data []field.F) poseidon.Hash {
|
||||
var elements poseidon.Hash
|
||||
if len(data) <= 4 {
|
||||
// Pad the data to have a size of 4
|
||||
for i, inputElement := range data {
|
||||
elements[i] = inputElement
|
||||
}
|
||||
for i := len(data); i < 4; i++ {
|
||||
elements[i] = field.ZERO_F
|
||||
}
|
||||
|
||||
return elements
|
||||
} else {
|
||||
hashOutput := f.poseidonChip.HashNToMNoPad(data, 4)
|
||||
|
||||
if len(hashOutput) != len(elements) {
|
||||
panic("The length of hashOutput and elements is different")
|
||||
}
|
||||
|
||||
for i, hashField := range hashOutput {
|
||||
elements[i] = hashField
|
||||
}
|
||||
|
||||
return elements
|
||||
}
|
||||
}
|
||||
|
||||
func (f *FriChip) verifyMerkleProofToCapWithCapIndex(leafData []field.F, leafIndexBits []frontend.Variable, capIndexBits []frontend.Variable, merkleCap common.MerkleCap, proof *common.MerkleProof) {
|
||||
currentDigest := f.hashOrNoop(leafData)
|
||||
fourZeros := [4]field.F{field.ZERO_F, field.ZERO_F, field.ZERO_F, field.ZERO_F}
|
||||
currentDigest := f.poseidonBN128Chip.HashOrNoop(leafData)
|
||||
for i, sibling := range proof.Siblings {
|
||||
bit := leafIndexBits[i]
|
||||
|
||||
var leftSiblingState poseidon.PoseidonState
|
||||
copy(leftSiblingState[0:4], sibling[0:4])
|
||||
copy(leftSiblingState[4:8], currentDigest[0:4])
|
||||
copy(leftSiblingState[8:12], fourZeros[0:4])
|
||||
|
||||
leftHash := f.poseidonChip.Poseidon(leftSiblingState)
|
||||
|
||||
var leftHashCompress poseidon.Hash
|
||||
leftHashCompress[0] = leftHash[0]
|
||||
leftHashCompress[1] = leftHash[1]
|
||||
leftHashCompress[2] = leftHash[2]
|
||||
leftHashCompress[3] = leftHash[3]
|
||||
|
||||
var rightSiblingState poseidon.PoseidonState
|
||||
copy(rightSiblingState[0:4], currentDigest[0:4])
|
||||
copy(rightSiblingState[4:8], sibling[0:4])
|
||||
copy(rightSiblingState[8:12], fourZeros[0:4])
|
||||
|
||||
rightHash := f.poseidonChip.Poseidon(rightSiblingState)
|
||||
|
||||
var rightHashCompress poseidon.Hash
|
||||
rightHashCompress[0] = rightHash[0]
|
||||
rightHashCompress[1] = rightHash[1]
|
||||
rightHashCompress[2] = rightHash[2]
|
||||
rightHashCompress[3] = rightHash[3]
|
||||
|
||||
currentDigest = f.hashAPI.SelectHash(bit, leftHashCompress, rightHashCompress)
|
||||
// TODO: Don't need to do two hashes by using a trick that the plonky2 verifier circuit does
|
||||
// https://github.com/mir-protocol/plonky2/blob/973624f12d2d12d74422b3ea051358b9eaacb050/plonky2/src/gates/poseidon.rs#L298
|
||||
leftHash := f.poseidonBN128Chip.TwoToOne(sibling, currentDigest)
|
||||
rightHash := f.poseidonBN128Chip.TwoToOne(currentDigest, sibling)
|
||||
currentDigest = f.api.Select(bit, leftHash, rightHash)
|
||||
}
|
||||
|
||||
// We assume that the cap_height is 4. Create two levels of the Lookup2 circuit
|
||||
@@ -136,19 +82,19 @@ func (f *FriChip) verifyMerkleProofToCapWithCapIndex(leafData []field.F, leafInd
|
||||
}
|
||||
|
||||
const NUM_LEAF_LOOKUPS = 4
|
||||
var leafLookups [NUM_LEAF_LOOKUPS]poseidon.Hash
|
||||
var leafLookups [NUM_LEAF_LOOKUPS]poseidon.PoseidonBN128HashOut
|
||||
// First create the "leaf" lookup2 circuits
|
||||
// The will use the least significant bits of the capIndexBits array
|
||||
for i := 0; i < NUM_LEAF_LOOKUPS; i++ {
|
||||
leafLookups[i] = f.hashAPI.Lookup2Hash(
|
||||
leafLookups[i] = f.api.Lookup2(
|
||||
capIndexBits[0], capIndexBits[1],
|
||||
merkleCap[i*NUM_LEAF_LOOKUPS], merkleCap[i*NUM_LEAF_LOOKUPS+1], merkleCap[i*NUM_LEAF_LOOKUPS+2], merkleCap[i*NUM_LEAF_LOOKUPS+3],
|
||||
)
|
||||
}
|
||||
|
||||
// Use the most 2 significant bits of the capIndexBits array for the "root" lookup
|
||||
merkleCapEntry := f.hashAPI.Lookup2Hash(capIndexBits[2], capIndexBits[3], leafLookups[0], leafLookups[1], leafLookups[2], leafLookups[3])
|
||||
f.hashAPI.AssertIsEqualHash(currentDigest, merkleCapEntry)
|
||||
merkleCapEntry := f.api.Lookup2(capIndexBits[2], capIndexBits[3], leafLookups[0], leafLookups[1], leafLookups[2], leafLookups[3])
|
||||
f.api.AssertIsEqual(currentDigest, merkleCapEntry)
|
||||
}
|
||||
|
||||
func (f *FriChip) verifyInitialProof(xIndexBits []frontend.Variable, proof *common.FriInitialTreeProof, initialMerkleCaps []common.MerkleCap, capIndexBits []frontend.Variable) {
|
||||
@@ -422,7 +368,8 @@ func (f *FriChip) verifyQueryRound(
|
||||
roundProof *common.FriQueryRound,
|
||||
) {
|
||||
f.assertNoncanonicalIndicesOK()
|
||||
xIndexBits := f.fieldAPI.ToBits(xIndex)
|
||||
xIndex = f.fieldAPI.Reduce(xIndex)
|
||||
xIndexBits := f.fieldAPI.ToBits(xIndex)[0 : f.friParams.DegreeBits+f.friParams.Config.RateBits]
|
||||
capIndexBits := xIndexBits[len(xIndexBits)-int(f.friParams.Config.CapHeight):]
|
||||
|
||||
f.verifyInitialProof(xIndexBits, &roundProof.InitialTreesProof, initialMerkleCaps, capIndexBits)
|
||||
|
||||
@@ -9,6 +9,7 @@ import (
|
||||
"github.com/succinctlabs/gnark-plonky2-verifier/poseidon"
|
||||
"github.com/succinctlabs/gnark-plonky2-verifier/verifier/common"
|
||||
"github.com/succinctlabs/gnark-plonky2-verifier/verifier/internal/fri"
|
||||
"github.com/succinctlabs/gnark-plonky2-verifier/verifier/internal/plonk"
|
||||
"github.com/succinctlabs/gnark-plonky2-verifier/verifier/utils"
|
||||
)
|
||||
|
||||
@@ -16,12 +17,6 @@ type TestFriCircuit struct {
|
||||
proofWithPIsFilename string `gnark:"-"`
|
||||
commonCircuitDataFilename string `gnark:"-"`
|
||||
verifierOnlyCircuitDataFilename string `gnark:"-"`
|
||||
|
||||
PlonkZeta field.QuadraticExtension
|
||||
FriAlpha field.QuadraticExtension
|
||||
FriBetas []field.QuadraticExtension
|
||||
FriPOWResponse field.F
|
||||
FriQueryIndices []field.F
|
||||
}
|
||||
|
||||
func (circuit *TestFriCircuit) Define(api frontend.API) error {
|
||||
@@ -31,16 +26,44 @@ func (circuit *TestFriCircuit) Define(api frontend.API) error {
|
||||
|
||||
fieldAPI := field.NewFieldAPI(api)
|
||||
qeAPI := field.NewQuadraticExtensionAPI(api, fieldAPI, commonCircuitData.DegreeBits)
|
||||
hashAPI := poseidon.NewHashAPI(fieldAPI)
|
||||
poseidonChip := poseidon.NewPoseidonChip(api, fieldAPI, qeAPI)
|
||||
friChip := fri.NewFriChip(api, fieldAPI, qeAPI, hashAPI, poseidonChip, &commonCircuitData.FriParams)
|
||||
poseidonBN128Chip := poseidon.NewPoseidonBN128Chip(api, fieldAPI)
|
||||
friChip := fri.NewFriChip(api, fieldAPI, qeAPI, poseidonBN128Chip, &commonCircuitData.FriParams)
|
||||
challengerChip := plonk.NewChallengerChip(api, fieldAPI, poseidonChip, poseidonBN128Chip)
|
||||
|
||||
friChallenges := common.FriChallenges{
|
||||
FriAlpha: circuit.FriAlpha,
|
||||
FriBetas: circuit.FriBetas,
|
||||
FriPowResponse: circuit.FriPOWResponse,
|
||||
FriQueryIndices: circuit.FriQueryIndices,
|
||||
}
|
||||
challengerChip.ObserveBN128Hash(verifierOnlyCircuitData.CircuitDigest)
|
||||
challengerChip.ObserveHash(poseidonChip.HashNoPad(proofWithPis.PublicInputs))
|
||||
challengerChip.ObserveCap(proofWithPis.Proof.WiresCap)
|
||||
plonkBetas := challengerChip.GetNChallenges(commonCircuitData.Config.NumChallenges) // For plonk betas
|
||||
fieldAPI.AssertIsEqual(plonkBetas[0], field.NewFieldConst(17615363392879944733))
|
||||
plonkGammas := challengerChip.GetNChallenges(commonCircuitData.Config.NumChallenges) // For plonk gammas
|
||||
fieldAPI.AssertIsEqual(plonkGammas[0], field.NewFieldConst(15174493176564484303))
|
||||
|
||||
challengerChip.ObserveCap(proofWithPis.Proof.PlonkZsPartialProductsCap)
|
||||
plonkAlphas := challengerChip.GetNChallenges(commonCircuitData.Config.NumChallenges) // For plonk alphas
|
||||
fieldAPI.AssertIsEqual(plonkAlphas[0], field.NewFieldConst(9276470834414745550))
|
||||
|
||||
challengerChip.ObserveCap(proofWithPis.Proof.QuotientPolysCap)
|
||||
plonkZeta := challengerChip.GetExtensionChallenge()
|
||||
fieldAPI.AssertIsEqual(plonkZeta[0], field.NewFieldConst(3892795992421241388))
|
||||
|
||||
challengerChip.ObserveOpenings(fri.ToFriOpenings(proofWithPis.Proof.Openings))
|
||||
|
||||
friChallenges := challengerChip.GetFriChallenges(
|
||||
proofWithPis.Proof.OpeningProof.CommitPhaseMerkleCaps,
|
||||
proofWithPis.Proof.OpeningProof.FinalPoly,
|
||||
proofWithPis.Proof.OpeningProof.PowWitness,
|
||||
commonCircuitData.DegreeBits,
|
||||
commonCircuitData.Config.FriConfig,
|
||||
)
|
||||
|
||||
fieldAPI.AssertIsEqual(friChallenges.FriAlpha[0], field.NewFieldConst(885535811531859621))
|
||||
|
||||
fieldAPI.AssertIsEqual(friChallenges.FriBetas[0][0], field.NewFieldConst(5231781384587895507))
|
||||
|
||||
fieldAPI.AssertIsEqual(friChallenges.FriPowResponse, field.NewFieldConst(70715523064019))
|
||||
|
||||
fieldAPI.AssertIsEqual(friChallenges.FriQueryIndices[0], field.NewFieldConst(11890500485816111017))
|
||||
|
||||
initialMerkleCaps := []common.MerkleCap{
|
||||
verifierOnlyCircuitData.ConstantSigmasCap,
|
||||
@@ -49,8 +72,27 @@ func (circuit *TestFriCircuit) Define(api frontend.API) error {
|
||||
proofWithPis.Proof.QuotientPolysCap,
|
||||
}
|
||||
|
||||
// Seems like there is a bug in the emulated field code.
|
||||
// Add ZERO to all of the fri challenges values to reduce them.
|
||||
plonkZeta[0] = fieldAPI.Add(plonkZeta[0], field.ZERO_F)
|
||||
plonkZeta[1] = fieldAPI.Add(plonkZeta[1], field.ZERO_F)
|
||||
|
||||
friChallenges.FriAlpha[0] = fieldAPI.Add(friChallenges.FriAlpha[0], field.ZERO_F)
|
||||
friChallenges.FriAlpha[1] = fieldAPI.Add(friChallenges.FriAlpha[1], field.ZERO_F)
|
||||
|
||||
for i := 0; i < len(friChallenges.FriBetas); i++ {
|
||||
friChallenges.FriBetas[i][0] = fieldAPI.Add(friChallenges.FriBetas[i][0], field.ZERO_F)
|
||||
friChallenges.FriBetas[i][1] = fieldAPI.Add(friChallenges.FriBetas[i][1], field.ZERO_F)
|
||||
}
|
||||
|
||||
friChallenges.FriPowResponse = fieldAPI.Add(friChallenges.FriPowResponse, field.ZERO_F)
|
||||
|
||||
for i := 0; i < len(friChallenges.FriQueryIndices); i++ {
|
||||
friChallenges.FriQueryIndices[i] = fieldAPI.Add(friChallenges.FriQueryIndices[i], field.ZERO_F)
|
||||
}
|
||||
|
||||
friChip.VerifyFriProof(
|
||||
fri.GetFriInstance(&commonCircuitData, qeAPI, circuit.PlonkZeta, commonCircuitData.DegreeBits),
|
||||
fri.GetFriInstance(&commonCircuitData, qeAPI, plonkZeta, commonCircuitData.DegreeBits),
|
||||
fri.ToFriOpenings(proofWithPis.Proof.Openings),
|
||||
&friChallenges,
|
||||
initialMerkleCaps,
|
||||
@@ -60,182 +102,19 @@ func (circuit *TestFriCircuit) Define(api frontend.API) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func TestFibonacciFriProof(t *testing.T) {
|
||||
func TestDecodeBlockFriVerification(t *testing.T) {
|
||||
assert := test.NewAssert(t)
|
||||
|
||||
testCase := func() {
|
||||
circuit := TestFriCircuit{
|
||||
proofWithPIsFilename: "./data/fibonacci/proof_with_public_inputs.json",
|
||||
commonCircuitDataFilename: "./data/fibonacci/common_circuit_data.json",
|
||||
verifierOnlyCircuitDataFilename: "./data/fibonacci/verifier_only_circuit_data.json",
|
||||
PlonkZeta: field.QuadraticExtension{
|
||||
field.NewFieldConstFromString("14887793628029982930"),
|
||||
field.NewFieldConstFromString("1136137158284059037"),
|
||||
},
|
||||
FriAlpha: field.QuadraticExtension{
|
||||
field.NewFieldConstFromString("14641715242626918707"),
|
||||
field.NewFieldConstFromString("10574243340537902930"),
|
||||
},
|
||||
FriBetas: []field.QuadraticExtension{},
|
||||
FriPOWResponse: field.NewFieldConst(82451580476419),
|
||||
FriQueryIndices: []field.F{
|
||||
field.NewFieldConst(6790812084677375942),
|
||||
field.NewFieldConst(12394212020331474798),
|
||||
field.NewFieldConst(16457600747000998582),
|
||||
field.NewFieldConst(1543271328932331916),
|
||||
field.NewFieldConst(12115726870906958644),
|
||||
field.NewFieldConst(6775897107605342797),
|
||||
field.NewFieldConst(15989401564746021030),
|
||||
field.NewFieldConst(10691676456016926845),
|
||||
field.NewFieldConst(1632499470630032007),
|
||||
field.NewFieldConst(1317292355445098328),
|
||||
field.NewFieldConst(18391440812534384252),
|
||||
field.NewFieldConst(17321705613231354333),
|
||||
field.NewFieldConst(6176487551308859603),
|
||||
field.NewFieldConst(7119835651572002873),
|
||||
field.NewFieldConst(3903019169623116693),
|
||||
field.NewFieldConst(4886491111111487546),
|
||||
field.NewFieldConst(4087641893164620518),
|
||||
field.NewFieldConst(13801643080324181364),
|
||||
field.NewFieldConst(16993775312274189321),
|
||||
field.NewFieldConst(9268202926222765679),
|
||||
field.NewFieldConst(10683001302406181735),
|
||||
field.NewFieldConst(13359465725531647963),
|
||||
field.NewFieldConst(4523327590105620849),
|
||||
field.NewFieldConst(4883588003760409588),
|
||||
field.NewFieldConst(187699146998097671),
|
||||
field.NewFieldConst(14489263557623716717),
|
||||
field.NewFieldConst(11748359318238148146),
|
||||
field.NewFieldConst(13636347200053048758),
|
||||
},
|
||||
}
|
||||
witness := TestFriCircuit{}
|
||||
err := test.IsSolved(&circuit, &witness, field.TEST_CURVE.ScalarField())
|
||||
assert.NoError(err)
|
||||
}
|
||||
|
||||
testCase()
|
||||
}
|
||||
|
||||
func TestDummyFriProof(t *testing.T) {
|
||||
assert := test.NewAssert(t)
|
||||
|
||||
testCase := func() {
|
||||
circuit := TestFriCircuit{
|
||||
proofWithPIsFilename: "../../data/dummy_2^14_gates/proof_with_public_inputs.json",
|
||||
commonCircuitDataFilename: "../../data/dummy_2^14_gates/common_circuit_data.json",
|
||||
verifierOnlyCircuitDataFilename: "../../data/dummy_2^14_gates/verifier_only_circuit_data.json",
|
||||
PlonkZeta: field.QuadraticExtension{
|
||||
field.NewFieldConstFromString("17377750363769967882"),
|
||||
field.NewFieldConstFromString("11921191651424768462"),
|
||||
},
|
||||
FriAlpha: field.QuadraticExtension{
|
||||
field.NewFieldConstFromString("16721004555774385479"),
|
||||
field.NewFieldConstFromString("10688151135543754663"),
|
||||
},
|
||||
FriBetas: []field.QuadraticExtension{
|
||||
{
|
||||
field.NewFieldConstFromString("3312441922957827805"),
|
||||
field.NewFieldConstFromString("15128092514958289671"),
|
||||
},
|
||||
{
|
||||
field.NewFieldConstFromString("13630530769060141802"),
|
||||
field.NewFieldConstFromString("14559883974933163008"),
|
||||
},
|
||||
{
|
||||
field.NewFieldConstFromString("16146508250083930687"),
|
||||
field.NewFieldConstFromString("5176346568444408396"),
|
||||
},
|
||||
},
|
||||
FriPOWResponse: field.NewFieldConst(4389),
|
||||
FriQueryIndices: []field.F{
|
||||
field.NewFieldConstFromString("16334967868590615051"),
|
||||
field.NewFieldConstFromString("2911473540496037915"),
|
||||
field.NewFieldConstFromString("14887216056886344225"),
|
||||
field.NewFieldConstFromString("7808811227805914295"),
|
||||
field.NewFieldConstFromString("2018594961417375749"),
|
||||
field.NewFieldConstFromString("3733368398777208435"),
|
||||
field.NewFieldConstFromString("2623035669037055104"),
|
||||
field.NewFieldConstFromString("299243030573481514"),
|
||||
field.NewFieldConstFromString("7189789717962704433"),
|
||||
field.NewFieldConstFromString("14566344026886816268"),
|
||||
field.NewFieldConstFromString("12555390069003437453"),
|
||||
field.NewFieldConstFromString("17225508403199418233"),
|
||||
field.NewFieldConstFromString("5088797913879903292"),
|
||||
field.NewFieldConstFromString("9715691392773433023"),
|
||||
field.NewFieldConstFromString("7565836764713256165"),
|
||||
field.NewFieldConstFromString("1500143546029322929"),
|
||||
field.NewFieldConstFromString("1245802417104422080"),
|
||||
field.NewFieldConstFromString("6831959786661245110"),
|
||||
field.NewFieldConstFromString("17271054758535453780"),
|
||||
field.NewFieldConstFromString("6225460404576395409"),
|
||||
field.NewFieldConstFromString("15932661092896277351"),
|
||||
field.NewFieldConstFromString("12452534049198240575"),
|
||||
field.NewFieldConstFromString("4225199666055520177"),
|
||||
field.NewFieldConstFromString("13235091290587791090"),
|
||||
field.NewFieldConstFromString("2562357622728700774"),
|
||||
field.NewFieldConstFromString("17676678042980201498"),
|
||||
field.NewFieldConstFromString("5837067135702409874"),
|
||||
field.NewFieldConstFromString("11238419549114325157"),
|
||||
},
|
||||
proofWithPIsFilename: "../../data/decode_block/proof_with_public_inputs.json",
|
||||
commonCircuitDataFilename: "../../data/decode_block//common_circuit_data.json",
|
||||
verifierOnlyCircuitDataFilename: "../../data/decode_block//verifier_only_circuit_data.json",
|
||||
}
|
||||
witness := TestFriCircuit{
|
||||
proofWithPIsFilename: "../../data/dummy_2^14_gates/proof_with_public_inputs.json",
|
||||
commonCircuitDataFilename: "../../data/dummy_2^14_gates/common_circuit_data.json",
|
||||
verifierOnlyCircuitDataFilename: ".../../data/dummy_2^14_gates/verifier_only_circuit_data.json",
|
||||
PlonkZeta: field.QuadraticExtension{
|
||||
field.NewFieldConstFromString("17377750363769967882"),
|
||||
field.NewFieldConstFromString("11921191651424768462"),
|
||||
},
|
||||
FriAlpha: field.QuadraticExtension{
|
||||
field.NewFieldConstFromString("16721004555774385479"),
|
||||
field.NewFieldConstFromString("10688151135543754663"),
|
||||
},
|
||||
FriBetas: []field.QuadraticExtension{
|
||||
{
|
||||
field.NewFieldConstFromString("3312441922957827805"),
|
||||
field.NewFieldConstFromString("15128092514958289671"),
|
||||
},
|
||||
{
|
||||
field.NewFieldConstFromString("13630530769060141802"),
|
||||
field.NewFieldConstFromString("14559883974933163008"),
|
||||
},
|
||||
{
|
||||
field.NewFieldConstFromString("16146508250083930687"),
|
||||
field.NewFieldConstFromString("5176346568444408396"),
|
||||
},
|
||||
},
|
||||
FriPOWResponse: field.NewFieldConst(4389),
|
||||
FriQueryIndices: []field.F{
|
||||
field.NewFieldConstFromString("16334967868590615051"),
|
||||
field.NewFieldConstFromString("2911473540496037915"),
|
||||
field.NewFieldConstFromString("14887216056886344225"),
|
||||
field.NewFieldConstFromString("7808811227805914295"),
|
||||
field.NewFieldConstFromString("2018594961417375749"),
|
||||
field.NewFieldConstFromString("3733368398777208435"),
|
||||
field.NewFieldConstFromString("2623035669037055104"),
|
||||
field.NewFieldConstFromString("299243030573481514"),
|
||||
field.NewFieldConstFromString("7189789717962704433"),
|
||||
field.NewFieldConstFromString("14566344026886816268"),
|
||||
field.NewFieldConstFromString("12555390069003437453"),
|
||||
field.NewFieldConstFromString("17225508403199418233"),
|
||||
field.NewFieldConstFromString("5088797913879903292"),
|
||||
field.NewFieldConstFromString("9715691392773433023"),
|
||||
field.NewFieldConstFromString("7565836764713256165"),
|
||||
field.NewFieldConstFromString("1500143546029322929"),
|
||||
field.NewFieldConstFromString("1245802417104422080"),
|
||||
field.NewFieldConstFromString("6831959786661245110"),
|
||||
field.NewFieldConstFromString("17271054758535453780"),
|
||||
field.NewFieldConstFromString("6225460404576395409"),
|
||||
field.NewFieldConstFromString("15932661092896277351"),
|
||||
field.NewFieldConstFromString("12452534049198240575"),
|
||||
field.NewFieldConstFromString("4225199666055520177"),
|
||||
field.NewFieldConstFromString("13235091290587791090"),
|
||||
field.NewFieldConstFromString("2562357622728700774"),
|
||||
field.NewFieldConstFromString("17676678042980201498"),
|
||||
field.NewFieldConstFromString("5837067135702409874"),
|
||||
field.NewFieldConstFromString("11238419549114325157"),
|
||||
},
|
||||
}
|
||||
err := test.IsSolved(&circuit, &witness, field.TEST_CURVE.ScalarField())
|
||||
assert.NoError(err)
|
||||
|
||||
Reference in New Issue
Block a user