diff --git a/plonky2_verifier/plonk.go b/plonky2_verifier/plonk.go index 175cfd8..05b2535 100644 --- a/plonky2_verifier/plonk.go +++ b/plonky2_verifier/plonk.go @@ -116,30 +116,19 @@ func (p *PlonkChip) checkPartialProducts( return partialProductChecks } -func (p *PlonkChip) evaluateGateConstraints( - commonData CommonCircuitData, - x QuadraticExtension, - vars EvaluationVars, - localZs []QuadraticExtension, - nextZs []QuadraticExtension, - partialProducts []QuadraticExtension, - sSigmas []QuadraticExtension, - betas []F, - gammas []F, - alphas []F, -) []QuadraticExtension { - constraints := make([]QuadraticExtension, commonData.NumGateConstraints) +func (p *PlonkChip) evaluateGateConstraints(vars EvaluationVars) []QuadraticExtension { + constraints := make([]QuadraticExtension, p.commonData.NumGateConstraints) - for i, gate := range commonData.Gates { - selectorIndex := commonData.SelectorsInfo.selectorIndices[i] + for i, gate := range p.commonData.Gates { + selectorIndex := p.commonData.SelectorsInfo.selectorIndices[i] gateConstraints := p.evalFiltered( gate, vars, uint64(i), selectorIndex, - commonData.SelectorsInfo.groups[selectorIndex], - commonData.SelectorsInfo.NumSelectors(), + p.commonData.SelectorsInfo.groups[selectorIndex], + p.commonData.SelectorsInfo.NumSelectors(), ) for _, constraint := range gateConstraints { @@ -151,8 +140,8 @@ func (p *PlonkChip) evaluateGateConstraints( return constraints } -func (p *PlonkChip) evalVanishingPoly(proofChallenges ProofChallenges, openings OpeningSet, zetaPowN QuadraticExtension) []QuadraticExtension { - // TODO: evaluate_gate_constraints logic should be implemented here. See https://github.com/mir-protocol/plonky2/blob/main/plonky2/src/plonk/vanishing_poly.rs#L39 +func (p *PlonkChip) evalVanishingPoly(vars EvaluationVars, proofChallenges ProofChallenges, openings OpeningSet, zetaPowN QuadraticExtension) []QuadraticExtension { + constraintTerms := p.evaluateGateConstraints(vars) // Calculate the k[i] * x sIDs := make([]QuadraticExtension, p.commonData.Config.NumRoutedWires) @@ -212,6 +201,7 @@ func (p *PlonkChip) evalVanishingPoly(proofChallenges ProofChallenges, openings vanishingTerms := append(vanishingZ1Terms, vanishingPartialProductsTerms...) vanishingTerms = append(vanishingTerms, []QuadraticExtension{p.qeAPI.ZERO_QE, p.qeAPI.ZERO_QE, p.qeAPI.ZERO_QE, p.qeAPI.ZERO_QE}...) + vanishingTerms = append(vanishingTerms, constraintTerms...) reducedValues := make([]QuadraticExtension, p.commonData.Config.NumChallenges) for i := uint64(0); i < p.commonData.Config.NumChallenges; i++ { @@ -234,11 +224,19 @@ func (p *PlonkChip) evalVanishingPoly(proofChallenges ProofChallenges, openings return reducedValues } -func (p *PlonkChip) Verify(proofChallenges ProofChallenges, openings OpeningSet) { +func (p *PlonkChip) Verify(proofChallenges ProofChallenges, openings OpeningSet, publicInputsHash Hash) { // Calculate zeta^n zetaPowN := p.expPowerOf2Extension(proofChallenges.PlonkZeta) - vanishingPolysZeta := p.evalVanishingPoly(proofChallenges, openings, zetaPowN) + localConstants := openings.Constants + localWires := openings.Wires + vars := EvaluationVars{ + localConstants, + localWires, + publicInputsHash, + } + + vanishingPolysZeta := p.evalVanishingPoly(vars, proofChallenges, openings, zetaPowN) // Calculate Z(H) zHZeta := p.qeAPI.SubExtension(zetaPowN, p.qeAPI.ONE_QE) diff --git a/plonky2_verifier/plonk_test.go b/plonky2_verifier/plonk_test.go index 1c75e5a..d710068 100644 --- a/plonky2_verifier/plonk_test.go +++ b/plonky2_verifier/plonk_test.go @@ -2,6 +2,7 @@ package plonky2_verifier import ( . "gnark-plonky2-verifier/field" + "gnark-plonky2-verifier/poseidon" "testing" "github.com/consensys/gnark/frontend" @@ -34,7 +35,10 @@ func (circuit *TestPlonkCircuit) Define(api frontend.API) error { plonkChip := NewPlonkChip(api, qe, commonCircuitData) - plonkChip.Verify(proofChallenges, proofWithPis.Proof.Openings) + poseidonChip := poseidon.NewPoseidonChip(api, field) + publicInputsHash := poseidonChip.HashNoPad(proofWithPis.PublicInputs) + + plonkChip.Verify(proofChallenges, proofWithPis.Proof.Openings, publicInputsHash) return nil } diff --git a/plonky2_verifier/public_input.go b/plonky2_verifier/public_input.go index a96df1e..962c557 100644 --- a/plonky2_verifier/public_input.go +++ b/plonky2_verifier/public_input.go @@ -15,7 +15,7 @@ func (p *PublicInputGate) EvalUnfiltered(pc *PlonkChip, vars EvaluationVars) []Q constraints := []QuadraticExtension{} wires := p.WiresPublicInputsHash() - hash_parts := vars.publicInputsHash.elements + hash_parts := vars.publicInputsHash for i := 0; i < 4; i++ { wire := wires[i] hash_part := hash_parts[i] diff --git a/plonky2_verifier/vars.go b/plonky2_verifier/vars.go index 2a77e65..1c78511 100644 --- a/plonky2_verifier/vars.go +++ b/plonky2_verifier/vars.go @@ -4,14 +4,10 @@ import ( . "gnark-plonky2-verifier/field" ) -type HashOut struct { - elements [4]F -} - type EvaluationVars struct { localConstants []QuadraticExtension localWires []QuadraticExtension - publicInputsHash HashOut + publicInputsHash Hash } func (e *EvaluationVars) RemovePrefix(numSelectors uint64) { diff --git a/plonky2_verifier/verifier.go b/plonky2_verifier/verifier.go index e8daf1e..c3d8fc6 100644 --- a/plonky2_verifier/verifier.go +++ b/plonky2_verifier/verifier.go @@ -73,7 +73,7 @@ func (c *VerifierChip) Verify(proofWithPis ProofWithPublicInputs, verifierData V publicInputsHash := c.GetPublicInputsHash(proofWithPis.PublicInputs) proofChallenges := c.GetChallenges(proofWithPis, publicInputsHash, commonData) - c.plonkChip.Verify(proofChallenges, proofWithPis.Proof.Openings) + c.plonkChip.Verify(proofChallenges, proofWithPis.Proof.Openings, publicInputsHash) initialMerkleCaps := []MerkleCap{ verifierData.ConstantSigmasCap,