impl KZG based multilinear pcs (#22)

2026-01-10 16:11:29 +01:00 · 2022-05-19 16:23:44 -04:00
parent e881d7fabf
commit b9527f8e37
12 changed files with 741 additions and 37 deletions
--- a/poly-iop/Cargo.toml
+++ b/poly-iop/Cargo.toml
@@ -26,8 +26,8 @@ path = "benches/bench.rs"
 harness = false

 [features]
-default = [ "parallel", "print-trace" ]
-# default = [ "parallel" ]
+# default = [ "parallel", "print-trace" ]
+default = [ "parallel" ]
 parallel = [ 
    "rayon",
    "ark-std/parallel", 
--- a/poly-iop/benches/bench.rs
+++ b/poly-iop/benches/bench.rs
@@ -1,8 +1,7 @@
-use std::time::Instant;
-
 use ark_bls12_381::Fr;
 use ark_std::test_rng;
 use poly_iop::{PolyIOP, PolyIOPErrors, SumCheck, VirtualPolynomial, ZeroCheck};
+use std::time::Instant;

 fn main() -> Result<(), PolyIOPErrors> {
    bench_sum_check()?;
@@ -27,8 +26,10 @@ fn bench_sum_check() -> Result<(), PolyIOPErrors> {
            let poly_info = poly.domain_info.clone();
            let proof = {
                let start = Instant::now();
-                let mut transcript = <PolyIOP<Fr> as SumCheck<Fr>>::init_transcript();
-                let proof = <PolyIOP<Fr> as SumCheck<Fr>>::prove(&poly, &mut transcript)?;
+                for _ in 0..repetition {
+                    let mut transcript = <PolyIOP<Fr> as SumCheck<Fr>>::init_transcript();
+                    let _proof = <PolyIOP<Fr> as SumCheck<Fr>>::prove(&poly, &mut transcript)?;
+                }

                println!(
                    "sum check proving time for {} variables and {} degree: {} ns",
@@ -36,26 +37,30 @@ fn bench_sum_check() -> Result<(), PolyIOPErrors> {
                    degree,
                    start.elapsed().as_nanos() / repetition as u128
                );
-                proof
+                let mut transcript = <PolyIOP<Fr> as SumCheck<Fr>>::init_transcript();
+                <PolyIOP<Fr> as SumCheck<Fr>>::prove(&poly, &mut transcript)?
            };

            {
                let start = Instant::now();
-                let mut transcript = <PolyIOP<Fr> as SumCheck<Fr>>::init_transcript();
-                let subclaim = <PolyIOP<Fr> as SumCheck<Fr>>::verify(
-                    asserted_sum,
-                    &proof,
-                    &poly_info,
-                    &mut transcript,
-                )?;
-                assert!(
-                    poly.evaluate(&subclaim.point).unwrap() == subclaim.expected_evaluation,
-                    "wrong subclaim"
-                );

+                for _ in 0..repetition {
+                    let mut transcript = <PolyIOP<Fr> as SumCheck<Fr>>::init_transcript();
+                    let subclaim = <PolyIOP<Fr> as SumCheck<Fr>>::verify(
+                        asserted_sum,
+                        &proof,
+                        &poly_info,
+                        &mut transcript,
+                    )?;
+                    assert!(
+                        poly.evaluate(&subclaim.point).unwrap() == subclaim.expected_evaluation,
+                        "wrong subclaim"
+                    );
+                }
                println!(
-                    "sum check verification time for {} variables: {} ns",
+                    "sum check verification time for {} variables and {} degree: {} ns",
                    nv,
+                    degree,
                    start.elapsed().as_nanos() / repetition as u128
                );
            }
@@ -106,8 +111,9 @@ fn bench_zero_check() -> Result<(), PolyIOPErrors> {
                    "wrong subclaim"
                );
                println!(
-                    "zero check verification time for {} variables: {} ns",
+                    "zero check verification time for {} variables and {} degree:: {} ns",
                    nv,
+                    degree,
                    start.elapsed().as_nanos() / repetition as u128
                );
            }
--- a/poly-iop/readme.md
+++ b/poly-iop/readme.md
@@ -3,5 +3,5 @@ Poly IOP

 Implements the following protocols

- [ ] sum checks
- [ ] zero checks
+- [x] sum checks
+- [x] zero checks
--- a/poly-iop/src/errors.rs
+++ b/poly-iop/src/errors.rs
@@ -6,17 +6,17 @@ use displaydoc::Display;
 /// A `enum` specifying the possible failure modes of the PolyIOP.
 #[derive(Display, Debug)]
 pub enum PolyIOPErrors {
-    /// Invalid Prover
+    /// Invalid Prover: {0}
    InvalidProver(String),
-    /// Invalid Verifier
+    /// Invalid Verifier: {0}
    InvalidVerifier(String),
-    /// Invalid Proof
+    /// Invalid Proof: {0}
    InvalidProof(String),
-    /// Invalid parameters
+    /// Invalid parameters: {0}
    InvalidParameters(String),
-    /// Invalid Transcript
+    /// Invalid Transcript: {0}
    InvalidTranscript(String),
-    /// An error during (de)serialization
+    /// An error during (de)serialization: {0}
    SerializationError(ark_serialize::SerializationError),
 }

--- a/poly-iop/src/lib.rs
+++ b/poly-iop/src/lib.rs
@@ -12,7 +12,7 @@ mod zero_check;
 pub use errors::PolyIOPErrors;
 pub use sum_check::SumCheck;
 pub use virtual_poly::VirtualPolynomial;
-pub use zero_check::ZeroCheck;
+pub use zero_check::{build_eq_x_r, ZeroCheck};

 /// Struct for PolyIOP protocol.
 /// It is instantiated with
--- a/poly-iop/src/zero_check/mod.rs
+++ b/poly-iop/src/zero_check/mod.rs
@@ -137,7 +137,9 @@ fn build_f_hat<F: PrimeField>(
 //      eq(x,y) = \prod_i=1^num_var (x_i * y_i + (1-x_i)*(1-y_i))
 // over r, which is
 //      eq(x,y) = \prod_i=1^num_var (x_i * r_i + (1-x_i)*(1-r_i))
-fn build_eq_x_r<F: PrimeField>(r: &[F]) -> Result<Rc<DenseMultilinearExtension<F>>, PolyIOPErrors> {
+pub fn build_eq_x_r<F: PrimeField>(
+    r: &[F],
+) -> Result<Rc<DenseMultilinearExtension<F>>, PolyIOPErrors> {
    let start = start_timer!(|| "zero check build eq_x_r");

    // we build eq(x,r) from its evaluations