folding verification

src/folding.rs

@@ -1,25 +1,49 @@
-use ark_bn254::{Bn254, constraints::GVar, Fr, G1Projective as G1};
+use ark_bn254::{constraints::GVar, Bn254, Fr, G1Projective as G1};
 use ark_grumpkin::{constraints::GVar as GVar2, Projective as G2};
 use rand::rngs::OsRng;
 use sonobe::{
     commitment::{kzg::KZG, pedersen::Pedersen},
     folding::nova::{Nova, PreprocessorParam},
-    FoldingScheme,
     frontend::circom::CircomFCircuit,
     transcript::poseidon::poseidon_canonical_config,
+    FoldingScheme,
 };
 
 pub type NovaFolding =
     Nova<G1, GVar, G2, GVar2, CircomFCircuit<Fr>, KZG<'static, Bn254>, Pedersen<G2>, false>;
+pub type NovaVerifierParam =
+    <NovaFolding as FoldingScheme<G1, G2, CircomFCircuit<Fr>>>::VerifierParam;
 
 pub fn prepare_folding(
     circuit: &CircomFCircuit<Fr>,
     start_ivc_state: Vec<Fr>,
     rng: &mut OsRng,
-) -> NovaFolding {
+) -> (NovaFolding, NovaVerifierParam) {
     let nova_preprocess_params =
         PreprocessorParam::new(poseidon_canonical_config::<Fr>(), circuit.clone());
     let nova_params = NovaFolding::preprocess(&mut *rng, &nova_preprocess_params)
         .expect("Failed to preprocess Nova");
-    NovaFolding::init(&nova_params, circuit.clone(), start_ivc_state).expect("Failed to init Nova")
+    let folding = NovaFolding::init(&nova_params, circuit.clone(), start_ivc_state)
+        .expect("Failed to init Nova");
+
+    (folding, nova_params.1)
+}
+
+pub fn verify_folding(
+    folding: &NovaFolding,
+    folding_vp: NovaVerifierParam,
+    start_ivc_state: Vec<Fr>,
+    num_steps: u32,
+) {
+    let (running_instance, incoming_instance, cyclefold_instance) = folding.instances();
+    NovaFolding::verify(
+        folding_vp,
+        start_ivc_state,
+        folding.state(),
+        Fr::from(num_steps),
+        running_instance,
+        incoming_instance,
+        cyclefold_instance,
+    )
+    .expect("Failed to verify folded proof");
 }

src/main.rs

@@ -3,8 +3,11 @@ use std::time::Instant;
 use ark_bn254::Fr;
 use num_traits::identities::Zero;
 use sonobe::FoldingScheme;
-
-use crate::{circuit::create_circuit, folding::prepare_folding, input::prepare_input};
+use crate::{
+    circuit::create_circuit,
+    folding::{prepare_folding, verify_folding},
+    input::prepare_input,
+};
 
 fn measure<T, Action: FnOnce() -> T>(action_name: &str, action: Action) -> T {
     let start = Instant::now();
@@ -23,15 +26,20 @@ fn main() {
     let circuit = measure("Prepare circuit", create_circuit);
 
     let start_ivc_state = vec![Fr::zero(); 2];
-    let mut folding = measure("Prepare folding", || {
-        prepare_folding(&circuit, start_ivc_state, &mut rng)
+    let (mut folding, folding_vp) = measure("Prepare folding", || {
+        prepare_folding(&circuit, start_ivc_state.clone(), &mut rng)
     });
 
-    for (i, external_inputs_at_step) in prepare_input()[..5].iter().enumerate() {
+    let num_steps = 5;
+    for (i, external_inputs_at_step) in prepare_input()[..num_steps].iter().enumerate() {
         measure(&format!("Nova::prove_step {i}"), || {
             folding
                 .prove_step(rng, external_inputs_at_step.clone(), None)
                 .expect("Failed to prove step")
         });
     }
+
+    measure("Folding verification", || {
+        verify_folding(&folding, folding_vp, start_ivc_state, num_steps as u32)
+    });
 }