Now the number of `(signature proof OR recursive proof) AND ...`
is defined by a parameter `N`.
p_root
▲
│
┌────────┐
│ F │
└────────┘
▲ ▲ ▲ ▲
┌─┘ │ │ └─┐
┌────┘ ┌─┘ └┐ └───┐
│ │ ... │ │
┌────────┐┌┴┐┌─┐┌┴┐ ┌────────┐
│ F ││.││.││.│ │ F │
└────────┘└─┘└─┘└─┘ └────────┘
▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲
┌─┘ │ └┐ └─┐ ┌─┘┌┘ └┐ └┐
│ │ │ │ │ │ │ │
p_1 p_2 ... p_n p'_1 p'_2... p'_n
where each p_i is either
- signature verification
- recursive plonky2 proof (proof that verifies previous proof)
(generated by `RecursiveCircuit::prove_step` method)
in other words, each p_i is checking:
`(signature proof OR recursive proof)`
So for example, by setting `N=2`, we have a binary-tree as we had
in the previous commit, where at each 'node' it is verifying
`(signature proof OR recursive proof) AND (signature proof OR recursive proof)`
By setting `N=3`, each node verifies
`(signature proof OR recursive proof) AND (signature proof OR recursive proof) AND (signature proof OR recursive proof)`
Each node of the tree is verifying:
`((verify left sig OR verify left proof) AND (verify right sig OR verify right proof))`.
and then it generates a new plonky2 proof, which can again be verified
in a node of the next level of the tree.
full binary tree of recursion works
arnaucube