From c1f503c75c49bae928bf84df1a0c166a7cd43276 Mon Sep 17 00:00:00 2001 From: "e.tatuzova" Date: Mon, 12 Feb 2024 13:29:00 +0400 Subject: [PATCH] LPC batching updated #65 --- .../blueprint/transpiler/evm_verifier_gen.hpp | 21 +- .../blueprint/transpiler/lpc_scheme_gen.hpp | 122 ++----- .../recursive_verifier_generator.hpp | 209 +++++------ .../templates/commitment_scheme.hpp | 332 +++++------------- .../templates/recursive_verifier.hpp | 128 +++---- include/nil/blueprint/transpiler/util.hpp | 188 +++++++++- test/detail/circuits.hpp | 1 - test/transpiler.cpp | 136 ++++--- 8 files changed, 519 insertions(+), 618 deletions(-) diff --git a/include/nil/blueprint/transpiler/evm_verifier_gen.hpp b/include/nil/blueprint/transpiler/evm_verifier_gen.hpp index f144b22..228bed0 100644 --- a/include/nil/blueprint/transpiler/evm_verifier_gen.hpp +++ b/include/nil/blueprint/transpiler/evm_verifier_gen.hpp @@ -618,7 +618,6 @@ namespace nil { ++gate_modules_count; } } - std::cout << "Finished" << std::endl; if (_term_powers.size() > 0) { std::stringstream power_functions; @@ -818,9 +817,7 @@ namespace nil { result << std::showbase << std::hex; - result << "\t\t\t// 1. 2*permutation_size" << std::endl; poly_points = 2; - while (j < 2*_permutation_size) { result << "\t\t\tpoints[" << i << "] = basic_marshalling.get_uint256_be(blob,"; result << point_offset + (poly_points-1)*32 << ");" << std::endl; @@ -831,7 +828,6 @@ namespace nil { ++j; } - result << "\t\t\t// 2. special selectors " << std::endl; poly_points = 3; j = 0; @@ -845,7 +841,6 @@ namespace nil { ++j; } - result << "\t\t\t// 3. constant columns " << std::endl; std::size_t column_rotation_offset = PlaceholderParams::witness_columns + PlaceholderParams::public_input_columns; j = 0; while (j < PlaceholderParams::arithmetization_params::constant_columns) { @@ -859,7 +854,6 @@ namespace nil { ++j; } - result << "\t\t\t// 4. selector columns " << std::endl; column_rotation_offset += PlaceholderParams::constant_columns; j = 0; while (j < PlaceholderParams::arithmetization_params::selector_columns) { @@ -919,7 +913,18 @@ namespace nil { reps["$COMMITMENT_CODE$"] = commitment_code; reps["$ETA_VALUES_VERIFICATION$"] = eta_point_verification_code(); - commitment_scheme_replaces(reps, _common_data, _lpc_scheme, _permutation_size, _use_lookups); + std::size_t _lookup_degree = _constraint_system.lookup_poly_degree_bound(); + std::size_t _rows_amount = _common_data.rows_amount; + std::size_t _quotient_degree = std::max( + (_permutation_size + 2) * (_common_data.rows_amount -1 ), + (_lookup_degree + 1) * (_common_data.rows_amount -1 ) + ); + + std::size_t _quotient_polys = (_quotient_degree % _rows_amount != 0)? (_quotient_degree / _rows_amount + 1): (_quotient_degree / _rows_amount); + + commitment_scheme_replaces( + reps, _common_data, _lpc_scheme, _permutation_size, _quotient_polys, + _use_lookups?_constraint_system.sorted_lookup_columns_number():0, _use_lookups); replace_and_print(modular_verifier_template, reps, _folder_name + "/modular_verifier.sol"); replace_and_print(modular_permutation_argument_library_template, reps, _folder_name + "/permutation_argument.sol"); @@ -962,4 +967,4 @@ namespace nil { } } -#endif //__MODULAR_CONTRACTS_TEMPLATES_HPP__ +#endif //__MODULAR_CONTRACTS_TEMPLATES_HPP__ \ No newline at end of file diff --git a/include/nil/blueprint/transpiler/lpc_scheme_gen.hpp b/include/nil/blueprint/transpiler/lpc_scheme_gen.hpp index 68ab3ba..241724f 100644 --- a/include/nil/blueprint/transpiler/lpc_scheme_gen.hpp +++ b/include/nil/blueprint/transpiler/lpc_scheme_gen.hpp @@ -44,115 +44,44 @@ namespace nil { PlaceholderParams >::preprocessed_data_type::common_data_type; - std::string rot_string (int j){ - if(j == 0) return "xi"; else - if(j == 1 ) return "mulmod(xi, omega, modulus)"; else - if(j == -1) return "mulmod(xi, inversed_omega, modulus)"; else - if(j > 0) return "mulmod(xi, field.pow_small(omega, " + to_string(j) + ", modulus), modulus)"; else - if(j < 0) return "mulmod(xi, field.pow_small(inversed_omega, " + to_string(-j) + ", modulus), modulus)"; - return ""; - } - - template void commitment_scheme_replaces( transpiler_replacements& replacements, const common_data_type &common_data, const typename PlaceholderParams::commitment_scheme_type& lpc_scheme, std::size_t permutation_size, + std::size_t quotient_polys, + std::size_t lookup_polys, bool use_lookups ){ std::set unique_points; std::vector points; - for(std::size_t i = 0; i < permutation_size*2; i++){ - points.push_back(rot_string(0) + "& _etha& "); - } - unique_points.insert(rot_string(0) + "& _etha& "); - points.push_back(rot_string(0) + "& "+ rot_string(1) + "& _etha& "); - points.push_back(rot_string(0) + "& "+ rot_string(1) + "& _etha& "); - unique_points.insert(rot_string(0) + "& "+ rot_string(1) + "& _etha& "); - - for(std::size_t i = 0; i < PlaceholderParams::constant_columns; i++){ - std::stringstream str; - for(auto j:common_data.columns_rotations[i + PlaceholderParams::witness_columns + PlaceholderParams::public_input_columns]){ - str << rot_string(j) << "& "; - } - str << "_etha& "; - unique_points.insert(str.str()); - points.push_back(str.str()); - } - - for(std::size_t i = 0; i < PlaceholderParams::selector_columns; i++){ - std::stringstream str; - for(auto j:common_data.columns_rotations[i + PlaceholderParams::witness_columns + PlaceholderParams::public_input_columns + PlaceholderParams::constant_columns]){ - str << rot_string(j) << "& "; - } - str << "_etha& "; - unique_points.insert(str.str()); - points.push_back(str.str()); - } + auto [z_points_indices, singles_strs, singles_map, poly_ids] = calculate_unique_points>( + common_data, permutation_size, use_lookups, quotient_polys, lookup_polys, + "evm" // Generator mode + ); - for(std::size_t i = 0; i < PlaceholderParams::witness_columns; i++){ - std::stringstream str; - for(auto j:common_data.columns_rotations[i]){ - str << rot_string(j) << "& "; - } - unique_points.insert(str.str()); - points.push_back(str.str()); - } - - for(std::size_t i = 0; i < PlaceholderParams::public_input_columns; i++){ - std::stringstream str; - for(auto j:common_data.columns_rotations[i + PlaceholderParams::witness_columns]){ - str << rot_string(j) << "& "; - } - unique_points.insert(str.str()); - points.push_back(str.str()); - } - - unique_points.insert(rot_string(0) + "& " + rot_string(1) + "& ");//Permutation - unique_points.insert(rot_string(0) + "& ");// Quotient - if(use_lookups) - unique_points.insert(rot_string(0) + "& " + rot_string(1) + "& " + rot_string(common_data.usable_rows_amount) + "& "); // Lookups + std::stringstream points_initializer; + std::size_t i = 0; - std::size_t permutation_point_id; - std::size_t quotient_point_id; - std::size_t lookup_point_id; - std::size_t j = 0; - for( const auto &unique_point:unique_points){ - if( unique_point == rot_string(0) + "& ") quotient_point_id = j; - if( unique_point == rot_string(0) + "& " + rot_string(1) + "& " + rot_string(common_data.usable_rows_amount) + "& " ) lookup_point_id = j; - if( unique_point == rot_string(0) + "& " + rot_string(1) + "& " ) permutation_point_id = j; - j++; + for(const auto& point: singles_strs){ + points_initializer << "\t\tresult[" << i << "] = " << point << ";" << std::endl; + i++; } std::stringstream points_ids; - for(std::size_t i = 0; i < points.size(); i++){ - std::size_t j = 0; - for(const auto &unique_point:unique_points){ - if(points[i] == unique_point){ - points_ids << std::hex << std::setw(2) << std::setfill('0') << j; - break; - } - j++; - } + for( const auto& point_id: z_points_indices){ + points_ids << std::hex << std::setw(2) << std::setfill('0') << point_id; } - std::stringstream points_initializer; - std::size_t i = 0; - for(const auto& point: unique_points){ - points_initializer << "\t\t result[" << i << "] = new uint256[](" << std::count(point.begin(), point.end(), '&') << ");" << std::endl; - std::size_t prev = 0; - std::size_t found = point.find("& "); - std::size_t j = 0; - while (found!=std::string::npos){ - points_initializer << "\t\t result[" << i << "][" << j << "] = " << point.substr(prev, found-prev) << ";" << std::endl; - prev = found + 2; - found = point.find("& ",prev); - j++; + std::stringstream poly_ids_str; + std::stringstream poly_points_num; + for(i = 0; i < poly_ids.size(); i++){ + poly_points_num << std::hex << std::setw(4) << std::setfill('0') << poly_ids[i].size(); + for(std::size_t j = 0; j < poly_ids[i].size(); j++){ + poly_ids_str << std::hex << std::setw(4) << std::setfill('0') << poly_ids[i][j] * 0x40; } - i++; } std::vector init_blob = {}; @@ -167,14 +96,13 @@ namespace nil { replacements["$D0_SIZE$"] = to_string(fri_params.D[0]->m); replacements["$D0_OMEGA$"] = to_string(fri_params.D[0]->get_domain_element(1)); replacements["$MAX_DEGREE$"] = to_string(fri_params.max_degree); - replacements["$UNIQUE_POINTS$"] = to_string(unique_points.size()); - replacements["$DIFFERENT_POINTS$"] = to_string(unique_points.size()); - replacements["$PERMUTATION_POINTS_ID$"] = to_string(permutation_point_id); - replacements["$QUOTIENT_POINTS_ID$"] = to_string(quotient_point_id); - replacements["$LOOKUP_POINTS_ID$"] = to_string(lookup_point_id); + replacements["$UNIQUE_POINTS$"] = to_string(singles_strs.size()); + replacements["$DIFFERENT_POINTS$"] = to_string(singles_strs.size()); replacements["$POINTS_IDS$"] = points_ids.str(); + replacements["$POLY_IDS$"] = poly_ids_str.str(); + replacements["$POLY_POINTS_NUM$"] = poly_points_num.str(); replacements["$POINTS_INITIALIZATION$"] = points_initializer.str(); - replacements["$ETHA$"] = to_string(etha); + replacements["$ETA$"] = to_string(etha); if( PlaceholderParams::commitment_scheme_type::fri_type::use_grinding){ auto params = PlaceholderParams::commitment_scheme_type::fri_type::grinding_type::get_params(); uint32_t mask_value = params.template get("mask", 0); @@ -204,4 +132,4 @@ namespace nil { } } -#endif //__MODULAR_CONTRACTS_TEMPLATES_HPP__ +#endif //__MODULAR_CONTRACTS_TEMPLATES_HPP__ \ No newline at end of file diff --git a/include/nil/blueprint/transpiler/recursive_verifier_generator.hpp b/include/nil/blueprint/transpiler/recursive_verifier_generator.hpp index 178c515..1511aa6 100644 --- a/include/nil/blueprint/transpiler/recursive_verifier_generator.hpp +++ b/include/nil/blueprint/transpiler/recursive_verifier_generator.hpp @@ -42,6 +42,7 @@ #include #include +#include namespace nil { namespace blueprint { @@ -65,7 +66,7 @@ namespace nil { using assignment_table_type = typename PlaceholderParams::assignment_table_type; // TODO: Move logic to utils.hpp. It's similar to EVM verifier generator - static std::string zero_indices(columns_rotations_type col_rotations){ + static std::string zero_indices(columns_rotations_type col_rotations, std::size_t permutation_size){ std::vector zero_indices; std::uint16_t fixed_values_points = 0; std::stringstream result; @@ -90,16 +91,17 @@ namespace nil { for(; i < PlaceholderParams::witness_columns + PlaceholderParams::public_input_columns; i++){ zero_indices[i] = sum + zero_indices[i]; sum += col_rotations[i].size(); - if( i != 0) result << ", "; - result << zero_indices[i]; } sum = 0; for(; i < PlaceholderParams::total_columns; i++){ zero_indices[i] = sum + zero_indices[i]; sum += col_rotations[i].size() + 1; - if( i != 0) result << ", "; - result << zero_indices[i]; + } + + for( i = 0; i < PlaceholderParams::total_columns; i++){ + if( i != 0 ) result << ", "; + result << zero_indices[i] + 4 * permutation_size + 6; } return result.str(); } @@ -218,7 +220,6 @@ namespace nil { for(std::size_t j = 0; j < eval_proof.z.get_poly_points_number(k, i); j++){ if( sum != 0 ) out << "," << std::endl; out << "\t\t\t{\"field\":\"" << eval_proof.z.get(k, i, j) << "\"}"; - //std::cout << "batch " << k << " poly " << i << " value " << eval_proof.z.get(k, i, j) << std::endl; sum++; } } @@ -233,22 +234,25 @@ namespace nil { } out << std::endl << "\t\t]}," << std::endl; out << "\t\t{\"array\": [" << std::endl; - std::size_t cur = 0; for( std::size_t i = 0; i < eval_proof.fri_proof.query_proofs.size(); i++){ + if(i != 0) out << "," << std::endl; + out << "\t\t\t{\"array\":[" << std::endl; + std::size_t cur = 0; for( const auto &[j, initial_proof]: eval_proof.fri_proof.query_proofs[i].initial_proof){ for( std::size_t k = 0; k < initial_proof.values.size(); k++){ if(cur != 0) out << "," << std::endl; BOOST_ASSERT_MSG(initial_proof.values[k].size() == 1, "Unsupported step_list[0] value"); - out << "\t\t\t{\"field\":\"" << initial_proof.values[k][0][0] << "\"}," << std::endl; - out << "\t\t\t{\"field\":\"" << initial_proof.values[k][0][1] << "\"}"; + out << "\t\t\t\t{\"field\":\"" << initial_proof.values[k][0][0] << "\"}," << std::endl; + out << "\t\t\t\t{\"field\":\"" << initial_proof.values[k][0][1] << "\"}"; cur++; cur++; } } + out << "\n\t\t\t]}"; } - out << std::endl << "\t\t]}," << std::endl; + out << std::endl << "\n\t\t]}," << std::endl; out << "\t\t{\"array\": [" << std::endl; - cur = 0; + std::size_t cur = 0; for( std::size_t i = 0; i < eval_proof.fri_proof.query_proofs.size(); i++){ for( std::size_t j = 0; j < eval_proof.fri_proof.query_proofs[i].round_proofs.size(); j++){ const auto &round_proof = eval_proof.fri_proof.query_proofs[i].round_proofs[j]; @@ -344,29 +348,30 @@ namespace nil { std::stringstream out; out << "[" << std::endl; - out << "\t{\"array\":[" << std::endl; - std::size_t cur = 0; - for(std::size_t i = 0; i < arithmetization_params::public_input_columns; i++){ - std::size_t max_non_zero = 0; - for(std::size_t j = 0; j < public_inputs[i].size(); j++){ - if( public_inputs[i][j] != 0 ) max_non_zero = j; - } - if( max_non_zero + 1 > public_input_sizes[i] ) { - std::cout << "Public input size is larger than reserved. Real size = " << max_non_zero + 1 << " reserved = " << public_input_sizes[i] << std::endl; - exit(1); - } - BOOST_ASSERT(max_non_zero <= public_input_sizes[i]); - for(std::size_t j = 0; j < public_input_sizes[i]; j++){ - if(cur != 0) out << "," << std::endl; - if( j >= public_inputs[i].size() ) - out << "\t\t{\"field\": \"" << typename field_type::value_type(0) << "\"}"; - else - out << "\t\t{\"field\": \"" << public_inputs[i][j] << "\"}"; - cur++; + if(arithmetization_params::public_input_columns != 0){ + out << "\t{\"array\":[" << std::endl; + std::size_t cur = 0; + for(std::size_t i = 0; i < arithmetization_params::public_input_columns; i++){ + std::size_t max_non_zero = 0; + for(std::size_t j = 0; j < public_inputs[i].size(); j++){ + if( public_inputs[i][j] != 0 ) max_non_zero = j; + } + if( max_non_zero + 1 > public_input_sizes[i] ) { + std::cout << "Public input size is larger than reserved. Real size = " << max_non_zero + 1 << " reserved = " << public_input_sizes[i] << std::endl; + exit(1); + } + BOOST_ASSERT(max_non_zero <= public_input_sizes[i]); + for(std::size_t j = 0; j < public_input_sizes[i]; j++){ + if(cur != 0) out << "," << std::endl; + if( j >= public_inputs[i].size() ) + out << "\t\t{\"field\": \"" << typename field_type::value_type(0) << "\"}"; + else + out << "\t\t{\"field\": \"" << public_inputs[i][j] << "\"}"; + cur++; + } } + out << std::endl << "\t]}," << std::endl; } - out << std::endl << "\t]}," << std::endl; - std::cout << "Public input: " << out.str() << std::endl; out << "\t{\"array\":[" << std::endl; out << "\t\t" << generate_hash( @@ -514,7 +519,7 @@ namespace nil { static inline std::tuple< std::vector>, std::vector, std::map - > calculate_unique_points( + > calculate_unique_point_sets( const common_data_type &common_data, std::size_t permutation_size, bool use_lookups, @@ -527,17 +532,17 @@ namespace nil { std::vector> result; std::vector points_ids; - singles["etha"] = singles.size(); + singles["eta"] = singles.size(); singles[rot_string(0)] = singles.size(); singles[rot_string(1)] = singles.size(); for(std::size_t i = 0; i < permutation_size*2; i++){ - points.push_back(rot_string(0) + "& etha& "); + points.push_back(rot_string(0) + "& eta& "); } - unique_points.insert(rot_string(0) + "& etha& "); - points.push_back(rot_string(0) + "& "+ rot_string(1) + "& etha& "); - points.push_back(rot_string(0) + "& "+ rot_string(1) + "& etha& "); - unique_points.insert(rot_string(0) + "& "+ rot_string(1) + "& etha& "); + unique_points.insert(rot_string(0) + "& eta& "); + points.push_back(rot_string(0) + "& "+ rot_string(1) + "& eta& "); + points.push_back(rot_string(0) + "& "+ rot_string(1) + "& eta& "); + unique_points.insert(rot_string(0) + "& "+ rot_string(1) + "& eta& "); for(std::size_t i = 0; i < PlaceholderParams::constant_columns; i++){ std::stringstream str; @@ -546,7 +551,7 @@ namespace nil { singles[rot_string(j)] = singles.size(); str << rot_string(j) << "& "; } - str << "etha& "; + str << "eta& "; unique_points.insert(str.str()); points.push_back(str.str()); } @@ -558,7 +563,7 @@ namespace nil { singles[rot_string(j)] = singles.size(); str << rot_string(j) << "& "; } - str << "etha& "; + str << "eta& "; unique_points.insert(str.str()); points.push_back(str.str()); } @@ -644,22 +649,7 @@ namespace nil { round_proof_layers_num += log2(fri_params.D[i]->m) -1; } - std::size_t lookup_degree = 0; - degree_visitor_type degree_visitor; - if(use_lookups){ - for(std::size_t i = 0; i < constraint_system.lookup_gates().size(); i++){ - for(std::size_t j = 0; j < constraint_system.lookup_gates()[i].constraints.size(); j++){ - std::size_t degree = 0; - for(std::size_t k = 0; k < constraint_system.lookup_gates()[i].constraints[j].lookup_input.size(); k++){ - degree = std::max(degree, std::size_t(degree_visitor.compute_max_degree(constraint_system.lookup_gates()[i].constraints[j].lookup_input[k]))); - } - lookup_degree += (degree + 1); - } - } - for(std::size_t i = 0; i < constraint_system.lookup_tables().size(); i++){ - lookup_degree += 3 * constraint_system.lookup_tables()[i].lookup_options.size(); - } - } + std::size_t lookup_degree = constraint_system.lookup_poly_degree_bound(); std::size_t rows_amount = common_data.rows_amount; std::size_t quotient_degree = std::max( @@ -753,7 +743,6 @@ namespace nil { } } } - std::cout << "Printing" << std::endl; std::stringstream lookup_shifted_options_list; cur = 0; @@ -775,68 +764,35 @@ namespace nil { cur++; } - std::vector> unique_points; - std::vector point_ids; - std::map singles; - std::tie(unique_points, point_ids, singles) = calculate_unique_points( - common_data, permutation_size, use_lookups, quotient_polys, use_lookups?constraint_system.sorted_lookup_columns_number():0 + auto [z_points_indices, singles_strs, singles_map, poly_ids] = calculate_unique_points( + common_data, permutation_size, use_lookups, quotient_polys, + use_lookups?constraint_system.sorted_lookup_columns_number():0, + "recursive" // Generator mode ); - std::string point_inds_str = ""; - for(std::size_t i = 0; i < point_ids.size(); i++){ - if( i != 0) point_inds_str += ", "; - point_inds_str += to_string(point_ids[i]); - } - std::string singles_str = ""; - for(const auto &[k, v]: singles){ + for(const auto &[k, v]: singles_map){ singles_str+= "\tsingles[" + to_string(v) + "] = " + k + ";\n"; } - std::stringstream prepare_U_V_str; - for(std::size_t i = 0; i < unique_points.size(); i++){ - prepare_U_V_str << "\tV[" << i << "] = getV"<< unique_points[i].size() << "("; - for(std::size_t j = 0; j < unique_points[i].size(); j++ ){ - if(j != 0) prepare_U_V_str << ", "; - prepare_U_V_str << "singles[" << singles[unique_points[i][j]] << "]"; + std::string lpc_poly_ids_const_arrays = ""; + for(std::size_t i = 0; i < poly_ids.size(); i++){ + lpc_poly_ids_const_arrays += "\tconstexpr std::array lpc_poly_ids" + to_string(i) + " = {"; + for(std::size_t j = 0; j < poly_ids[i].size(); j++){ + if(j != 0) lpc_poly_ids_const_arrays += ", "; + lpc_poly_ids_const_arrays += to_string(poly_ids[i][j]); } - prepare_U_V_str << ");" << std::endl << std::endl; - } - for(std::size_t ind = 0; ind < point_ids.size(); ind++){ - std::size_t i = point_ids.size() - 1 - ind; - prepare_U_V_str << "\ttmp = getU"<< unique_points[point_ids[i]].size() << "("; - for(std::size_t j = 0; j < unique_points[point_ids[i]].size(); j++ ){ - if(j != 0) prepare_U_V_str << ", "; - prepare_U_V_str << "singles[" << singles[unique_points[point_ids[i]][j]] << "]"; - } - for(std::size_t j = 0; j < unique_points[point_ids[i]].size(); j++ ){ - prepare_U_V_str << ", "; - if( j == unique_points[point_ids[i]].size() - 1 ) - prepare_U_V_str << "proof.z[z_ind]"; - else - prepare_U_V_str << "proof.z[z_ind - "<< unique_points[point_ids[i]].size() - j - 1 <<" ]"; - } - prepare_U_V_str << ");" << std::endl; - prepare_U_V_str << "\tz_ind = z_ind - " << unique_points[point_ids[i]].size() << ";" << std::endl; - for(std::size_t j = 0; j < unique_points[point_ids[i]].size(); j++ ){ - prepare_U_V_str << "\tcombined_U[" << point_ids[i] << "][" << j << "] = combined_U[" << point_ids[i] << "][" << j << "] + tmp[" << j << "] * theta_acc;" << std::endl; - } - prepare_U_V_str << "\ttheta_acc = theta_acc * challenges.lpc_theta;" << std::endl; + lpc_poly_ids_const_arrays += "};\n"; } - std::stringstream compute_combined_y; - for(std::size_t i = 0; i < point_ids.size(); i++){ - /*y[0] = y[0] * challenges.lpc_theta; - y[0] = y[0] + proof.initial_proof_values[initial_proof_ind] * V_evals[point_ids[k]][0]; - y[1] = y[1] * challenges.lpc_theta; - y[1] = y[1] + proof.initial_proof_values[initial_proof_ind+1] * V_evals[point_ids[k]][1];*/ - -// compute_combined_y << "\t\ty[0] = y[0]*challenges.lpc_theta;" << std::endl; -// compute_combined_y << "\t\ty[0] = y[0] + proof.initial_proof_values[initial_proof_ind] * V_evals[" << point_ids[i]<< "][0];" << std::endl; -// compute_combined_y << "\t\tinitial_proof_ind++;" << std::endl; -// compute_combined_y << "\t\ty[1] = y[1]*challenges.lpc_theta;" << std::endl; -// compute_combined_y << "\t\ty[1] = y[1] + proof.initial_proof_values[initial_proof_ind] * V_evals[" << point_ids[i]<< "][1];" << std::endl; -// compute_combined_y << "\t\tinitial_proof_ind++;" << std::endl; + std::stringstream prepare_U_V_str; + prepare_U_V_str << "\tpallas::base_field_type::value_type theta_acc = pallas::base_field_type::value_type(1);\n\n"; + for(std::size_t i = 0; i < singles_strs.size();i++){ + for(std::size_t j = 0; j get_domain_element(1)) + "_cppui255)"; reps["$OMEGA$"] = "pallas::base_field_type::value_type(0x" + to_hex_string(common_data.basic_domain->get_domain_element(1)) + "_cppui255)"; reps["$FRI_ROUNDS$"] = to_string(fri_params.r); - reps["$UNIQUE_POINTS$"] = to_string(unique_points.size()); - reps["$POINTS_IDS$"] = point_inds_str; - reps["$SINGLES_AMOUNT$"] = to_string(singles.size()); + reps["$UNIQUE_POINTS$"] = to_string(singles_strs.size()); + reps["$SINGLES_AMOUNT$"] = to_string(singles_strs.size()); reps["$SINGLES_COMPUTATION$"] = singles_str; reps["$PREPARE_U_AND_V$"] = prepare_U_V_str.str(); - reps["$COMPUTE_COMBINED_Y$"] = compute_combined_y.str(); reps["$SORTED_COLUMNS$"] = to_string(constraint_system.sorted_lookup_columns_number()); reps["$SORTED_ALPHAS$"] = to_string(use_lookups? constraint_system.sorted_lookup_columns_number() - 1: 1); reps["$LOOKUP_TABLE_AMOUNT$"] = to_string(constraint_system.lookup_tables().size()); @@ -925,6 +896,10 @@ namespace nil { reps["$BATCHES_AMOUNT_LIST$"] = batches_size_list; reps["$PUBLIC_INPUT_SIZES$"] = public_input_sizes_str; reps["$FULL_PUBLIC_INPUT_SIZE$"] = to_string(full_public_input_size); + reps["$LPC_POLY_IDS_CONSTANT_ARRAYS$"] = lpc_poly_ids_const_arrays; + reps["$LPC_Y_COMPUTATION$"] = lpc_y_computation.str(); + reps["$PUBLIC_INPUT_CHECK$"] = arithmetization_params::public_input_columns == 0 ? "" :public_input_check_str; + reps["$PUBLIC_INPUT_INPUT$"] = arithmetization_params::public_input_columns == 0 ? "" : public_input_input_str; result = replace_all(result, reps); return result; diff --git a/include/nil/blueprint/transpiler/templates/commitment_scheme.hpp b/include/nil/blueprint/transpiler/templates/commitment_scheme.hpp index 22e4c5b..d438915 100644 --- a/include/nil/blueprint/transpiler/templates/commitment_scheme.hpp +++ b/include/nil/blueprint/transpiler/templates/commitment_scheme.hpp @@ -49,16 +49,16 @@ library modular_commitment_scheme_$TEST_NAME$ { uint256 constant max_degree = $MAX_DEGREE$; uint256 constant D0_omega = $D0_OMEGA$; uint256 constant unique_points = $UNIQUE_POINTS$; - uint256 constant permutation_point = $PERMUTATION_POINTS_ID$; - uint256 constant quotient_point = $QUOTIENT_POINTS_ID$; - uint256 constant lookup_point = $LOOKUP_POINTS_ID$; - bytes constant points_ids = hex"$POINTS_IDS$"; uint256 constant omega = $OMEGA$; - uint256 constant _etha = $ETHA$; + uint256 constant _eta = $ETA$; + bytes constant point_ids = hex"$POINTS_IDS$"; // 1 byte -- point id + bytes constant poly_points_num = hex"$POLY_POINTS_NUM$"; // 2 byte lengths + bytes constant poly_ids = hex"$POLY_IDS$"; // 2 byte poly_id 2 byte struct commitment_state{ bytes leaf_data; uint256 roots_offset; + uint256 query_proof_offset; uint256 initial_data_offset; uint256 initial_proof_offset; uint256 round_proof_offset; @@ -74,226 +74,50 @@ library modular_commitment_scheme_$TEST_NAME$ { uint256 domain_size; uint256[] final_polynomial; uint256 leaf_length; - uint256[][unique_points] denominators; - uint256[unique_points] factors; - uint256[][unique_points] combined_U; - uint256[][unique_points] unique_eval_points; + uint256[2][unique_points] denominators; + uint256[unique_points] U; + uint256[unique_points] unique_eval_points; + uint256[unique_points] theta_factors; uint256[2] y; + uint256[2] Q; uint256 j; uint256 offset; + uint16[][unique_points] poly_inds; } - function calculate_2points_interpolation(uint256[] memory xi, uint256[2] memory z) - internal pure returns(uint256[2] memory U){ -// require( xi.length == 2 ); - unchecked { - U[0] = addmod(mulmod(z[0], xi[1], modulus),modulus - mulmod(z[1], xi[0], modulus), modulus); - U[1] = addmod(z[1], modulus - z[0], modulus); - } - } - -// coeffs for zs on each degree can be precomputed if necessary - function calculate_3points_interpolation(uint256[] memory xi, uint256[3] memory z) - internal pure returns(uint256[3] memory U){ -// require( xi.length == 3 ); - unchecked { - z[0] = mulmod(z[0], addmod(xi[1], modulus - xi[2], modulus), modulus); - z[1] = mulmod(z[1], addmod(xi[2], modulus - xi[0], modulus), modulus); - z[2] = mulmod(z[2], addmod(xi[0], modulus - xi[1], modulus), modulus); - - U[0] = mulmod(z[0], mulmod(xi[1], xi[2], modulus), modulus); - U[0] = addmod(U[0], mulmod(z[1], mulmod(xi[0], xi[2], modulus), modulus), modulus); - U[0] = addmod(U[0], mulmod(z[2], mulmod(xi[0], xi[1], modulus), modulus), modulus); - U[1] = modulus - mulmod(z[0], addmod(xi[1], xi[2], modulus), modulus); - U[1] = addmod(U[1], modulus - mulmod(z[1], addmod(xi[0], xi[2], modulus), modulus), modulus); - U[1] = addmod(U[1], modulus - mulmod(z[2], addmod(xi[0], xi[1], modulus), modulus), modulus); - - U[2] = addmod(z[0], addmod(z[1], z[2], modulus), modulus); - } - } - - function prepare_eval_points(uint256[][unique_points] memory result, uint256 xi) internal view { + function prepare_eval_points(uint256[unique_points] memory result, uint256 xi, uint256 eta) internal view { uint256 inversed_omega = field.inverse_static(omega, modulus); $POINTS_INITIALIZATION$ } - function prepare_U_V(bytes calldata blob, commitment_state memory state, uint256 xi) internal view returns(bool result){ - unchecked { - result = true; - uint64 ind = 0; - prepare_eval_points(state.unique_eval_points, xi); - // Prepare denominators - for( ind = 0; ind < state.unique_eval_points.length;){ - state.denominators[ind] = new uint256[](state.unique_eval_points[ind].length + 1); - if( state.unique_eval_points[ind].length == 1 ){ - state.factors[ind] = 1; - state.denominators[ind][0] = modulus - state.unique_eval_points[ind][0]; - state.denominators[ind][1] = 1; - } else - if( state.unique_eval_points[ind].length == 2 ){ - // xi1 - xi0 - state.factors[ind] = - addmod(state.unique_eval_points[ind][1], modulus - state.unique_eval_points[ind][0], modulus); - state.denominators[ind][2] = 1; - - state.denominators[ind][1] = - modulus - addmod(state.unique_eval_points[ind][0], state.unique_eval_points[ind][1], modulus); - - state.denominators[ind][0] = - mulmod(state.unique_eval_points[ind][0], state.unique_eval_points[ind][1], modulus); - state.denominators[ind][0] = mulmod(state.denominators[ind][0], state.factors[ind], modulus); - state.denominators[ind][1] = mulmod(state.denominators[ind][1], state.factors[ind], modulus); - state.denominators[ind][2] = mulmod(state.denominators[ind][2], state.factors[ind], modulus); - } else - if( state.unique_eval_points[ind].length == 3 ){ - state.factors[ind] = modulus - - mulmod( - mulmod( - addmod(state.unique_eval_points[ind][0], modulus - state.unique_eval_points[ind][1], modulus), - addmod(state.unique_eval_points[ind][1], modulus - state.unique_eval_points[ind][2], modulus), - modulus - ), - addmod(state.unique_eval_points[ind][2], modulus - state.unique_eval_points[ind][0], modulus), - modulus - ); - state.denominators[ind][3] = 1; - state.denominators[ind][2] = - modulus - addmod( - state.unique_eval_points[ind][0], - addmod(state.unique_eval_points[ind][1],state.unique_eval_points[ind][2], modulus), - modulus - ); - state.denominators[ind][1] = - addmod( - mulmod(state.unique_eval_points[ind][0], state.unique_eval_points[ind][1], modulus), - addmod( - mulmod(state.unique_eval_points[ind][0], state.unique_eval_points[ind][2], modulus), - mulmod(state.unique_eval_points[ind][1], state.unique_eval_points[ind][2], modulus), - modulus - ), - modulus - ); - state.denominators[ind][0] = - modulus - mulmod( - state.unique_eval_points[ind][0], - mulmod(state.unique_eval_points[ind][1],state.unique_eval_points[ind][2], modulus), - modulus - ); - state.denominators[ind][0] = mulmod(state.denominators[ind][0], state.factors[ind], modulus); - state.denominators[ind][1] = mulmod(state.denominators[ind][1], state.factors[ind], modulus); - state.denominators[ind][2] = mulmod(state.denominators[ind][2], state.factors[ind], modulus); - state.denominators[ind][3] = mulmod(state.denominators[ind][3], state.factors[ind], modulus); - } else { - console.log("UNPROCESSED number of evaluation points"); - return false; - } - ind++; - } - - // Prepare combined U - for( uint256 ind = 0; ind < unique_points;){ - uint256[] memory point = state.unique_eval_points[ind]; - state.combined_U[ind] = new uint256[](state.unique_eval_points[ind].length); - uint64 cur = 0; - uint256 offset = 0x8; - for( uint256 k = 0; k < batches_num;){ - for( uint256 i = 0; i < state.batch_sizes[k];){ - uint256 cur_point = 0; - if(cur < points_ids.length ) cur_point = uint8(points_ids[cur]); - else if(k == 2) cur_point = permutation_point; - else if(k == 3) cur_point = quotient_point; - else if(k == 4) cur_point = lookup_point; - else console.log("Wrong index"); - - polynomial.multiply_poly_on_coeff( - state.combined_U[ind], - state.theta, - modulus - ); - if( cur_point == ind ){ - if( point.length == 1 ){ - state.combined_U[ind][0] = addmod( - state.combined_U[ind][0], - basic_marshalling.get_uint256_be(blob, offset), - modulus - ); - } else - if( point.length == 2 ){ - uint256[2] memory tmp; - tmp[0] = basic_marshalling.get_uint256_be(blob, offset); - tmp[1] = basic_marshalling.get_uint256_be(blob, offset + 0x20); - tmp = calculate_2points_interpolation( - point, tmp); - state.combined_U[ind][0] = addmod(state.combined_U[ind][0], tmp[0], modulus); - state.combined_U[ind][1] = addmod(state.combined_U[ind][1], tmp[1], modulus); - } else - if( point.length == 3){ - uint256[3] memory tmp; - tmp[0] = basic_marshalling.get_uint256_be(blob, offset); - tmp[1] = basic_marshalling.get_uint256_be(blob, offset + 0x20); - tmp[2] = basic_marshalling.get_uint256_be(blob, offset + 0x40); - tmp = calculate_3points_interpolation( - point, tmp); - state.combined_U[ind][0] = addmod(state.combined_U[ind][0], tmp[0], modulus); - state.combined_U[ind][1] = addmod(state.combined_U[ind][1], tmp[1], modulus); - state.combined_U[ind][2] = addmod(state.combined_U[ind][2], tmp[2], modulus); - } else { - return false; - } - } - offset += state.unique_eval_points[cur_point].length * 0x20; - i++;cur++; - } - k++; - } - ind++; - } - } - } - - function compute_combined_Q(bytes calldata blob,commitment_state memory state) internal view returns(uint256[2] memory y){ - unchecked { - uint256[2][unique_points] memory values; - { - uint256 offset = state.initial_data_offset - state.poly_num * 0x40; // Save initial data offset for future use; - uint256 cur = 0; - for(uint256 b = 0; b < batches_num;){ - for(uint256 j = 0; j < state.batch_sizes[b];){ - uint256 cur_point = 0; - if(cur < points_ids.length ) cur_point = uint8(points_ids[cur]); - else if(b == 2) cur_point = permutation_point; - else if(b == 3) cur_point = quotient_point; - else if(b == 4) cur_point = lookup_point; - else console.log("Wrong index"); - - for(uint256 k = 0; k < unique_points; ){ - values[k][0] = mulmod(values[k][0], state.theta, modulus); - values[k][1] = mulmod(values[k][1], state.theta, modulus); - k++; - } - - values[cur_point][0] = addmod(values[cur_point][0], basic_marshalling.get_uint256_be(blob, offset), modulus); - values[cur_point][1] = addmod(values[cur_point][1], basic_marshalling.get_uint256_be(blob, offset + 0x20), modulus); - offset += 0x40;j++; cur++; + function prepare_Y(bytes calldata blob, uint256 offset, commitment_state memory state) internal pure { + unchecked{ + state.y[0] = 0; + state.y[1] = 0; + for(uint256 cur_point = unique_points; cur_point > 0; ){ + cur_point--; + for(uint256 cur_poly = state.poly_inds[cur_point].length; cur_poly > 0;){ + cur_poly--; + uint256 cur_offset = state.poly_inds[cur_point][cur_poly]; + cur_offset = state.query_proof_offset + cur_offset; + state.Q[0] = mulmod(state.Q[0], state.theta, modulus); + state.Q[1] = mulmod(state.Q[1], state.theta, modulus); + state.Q[0] = addmod(state.Q[0], basic_marshalling.get_uint256_be(blob, cur_offset), modulus); + state.Q[1] = addmod(state.Q[1], basic_marshalling.get_uint256_be(blob, cur_offset + 0x20), modulus); } - b++; + state.Q[0] = addmod(state.Q[0], modulus - state.U[cur_point], modulus); + state.Q[1] = addmod(state.Q[1], modulus - state.U[cur_point], modulus); + state.Q[0] = mulmod(state.Q[0], state.denominators[cur_point][0], modulus); + state.Q[1] = mulmod(state.Q[1], state.denominators[cur_point][1], modulus); + state.Q[0] = mulmod(state.Q[0], state.theta_factors[cur_point], modulus); + state.Q[1] = mulmod(state.Q[1], state.theta_factors[cur_point], modulus); + state.y[0] = addmod(state.y[0], state.Q[0], modulus); + state.y[1] = addmod(state.y[1], state.Q[1], modulus); + state.Q[0] = 0; + state.Q[1] = 0; } } - for(uint256 p = 0; p < unique_points; ){ - uint256[2] memory tmp = values[p]; - tmp[0] = mulmod(tmp[0], state.factors[p], modulus); - tmp[1] = mulmod(tmp[1], state.factors[p], modulus); - uint256 s = state.x; - tmp[0] = addmod(tmp[0], modulus - polynomial.evaluate(state.combined_U[p], s , modulus), modulus); - tmp[1] = addmod(tmp[1], modulus - polynomial.evaluate(state.combined_U[p], modulus - s, modulus), modulus); - tmp[0] = mulmod(tmp[0], field.inverse_static(polynomial.evaluate(state.denominators[p], s, modulus), modulus), modulus); - tmp[1] = mulmod(tmp[1], field.inverse_static(polynomial.evaluate(state.denominators[p], modulus - s, modulus), modulus), modulus); - y[0] = addmod(y[0], tmp[0], modulus); - y[1] = addmod(y[1], tmp[1], modulus); - p++; - } - } } function initialize( @@ -301,8 +125,8 @@ library modular_commitment_scheme_$TEST_NAME$ { ) internal returns(bytes32 tr_state_after){ types.transcript_data memory tr_state; tr_state.current_challenge = tr_state_before; - uint256 etha = transcript.get_field_challenge(tr_state, modulus); - require(etha == _etha, "Wrong etha"); + uint256 eta = transcript.get_field_challenge(tr_state, modulus); + require(eta == _eta, "Wrong eta"); tr_state_after = tr_state.current_challenge; } @@ -433,12 +257,13 @@ unchecked { tr_state.current_challenge = transcript_state; commitment_state memory state; - $ETA_VALUES_VERIFICATION$ - { uint256 offset; - if (challenge!= transcript.get_field_challenge(tr_state, modulus)) return false; + if (challenge!= transcript.get_field_challenge(tr_state, modulus)) { + console.log("Wrong challenge"); + return false; + } for(uint8 i = 0; i < batches_num;){ transcript.update_transcript_b32(tr_state, bytes32(commitments[i])); @@ -447,7 +272,7 @@ unchecked { state.theta = transcript.get_field_challenge(tr_state, modulus); state.points_num = basic_marshalling.get_length(blob, 0x0); - offset = 0x8 + state.points_num*0x20 + 0x8; + offset = 0x10 + state.points_num * 0x20; for(uint8 i = 0; i < batches_num;){ state.batch_sizes[i] = uint64(uint8(blob[offset + 0x1])); if( state.batch_sizes[i] > state.max_batch ) state.max_batch = state.batch_sizes[i]; @@ -477,8 +302,8 @@ unchecked { offset += 0x8; state.initial_proof_offset = offset; - for(uint8 i = 0; i < lambda;){ - for(uint j = 0; j < batches_num;){ + for(uint256 i = 0; i < lambda;){ + for(uint256 j = 0; j < batches_num;){ if(basic_marshalling.get_uint256_be(blob, offset + 0x10) != commitments[j] ) return false; offset = merkle_verifier.skip_merkle_proof_be(blob, offset); j++; @@ -509,15 +334,46 @@ unchecked { return false; } - if( !prepare_U_V(blob, state, challenge) ) return false; + prepare_eval_points(state.unique_eval_points, challenge, _eta); + { + uint256 sum; + + for(uint256 i = 0; i < state.unique_eval_points.length;){ + state.theta_factors[i] = field.pow_small(state.theta, sum, modulus); + sum += (uint256(uint8(poly_points_num[2*i])) << 8) + uint256(uint8(poly_points_num[2*i + 1])); + i++; + } + uint256 off = point_ids.length * 0x20 - 0x18; + for(uint256 i = 0; i < point_ids.length;){ + uint256 p = uint256(uint8(point_ids[point_ids.length - i - 1])); + state.U[p] = mulmod(state.U[p], state.theta, modulus); + state.U[p] = addmod(state.U[p], basic_marshalling.get_uint256_be(blob, off), modulus); + off -= 0x20; + i++; + } + for(uint256 i = 0; i < state.unique_eval_points.length;){ + i++; + } + } +$ETA_VALUES_VERIFICATION$ + + uint64 cur = 0; + for(uint64 p = 0; p < unique_points; p++){ + state.poly_inds[p] = new uint16[]((uint16(uint8(poly_points_num[2*p])) << 8) + uint16(uint8(poly_points_num[2*p + 1]))); + for(uint64 i = 0; i < state.poly_inds[p].length; i++){ + state.poly_inds[p][i] = (uint16(uint8(poly_ids[cur])) << 8) + uint16(uint8(poly_ids[cur + 1])); + cur+=2; + } + } state.leaf_data = new bytes(state.max_batch * 0x40 + 0x40); - for(uint256 i = 0; i < lambda;){ + for(uint64 i = 0; i < lambda;){ // Initial proofs + state.query_proof_offset = state.initial_data_offset; state.x_index = uint256(transcript.get_integral_challenge_be(tr_state, 8)) % D0_size; state.x = field.pow_small(D0_omega, state.x_index, modulus); state.domain_size = D0_size >> 1; - for(uint256 j = 0; j < batches_num;){ + for(uint64 j = 0; j < batches_num;){ if( state.x_index < state.domain_size ){ if(!copy_pairs_and_check(blob, state.initial_data_offset, state.leaf_data, state.batch_sizes[j], state.initial_proof_offset)){ console.log("Error in initial mekle proof"); @@ -534,18 +390,23 @@ unchecked { state.initial_proof_offset = merkle_verifier.skip_merkle_proof_be(blob, state.initial_proof_offset); j++; } - { - state.y = compute_combined_Q(blob, state); - if( state.x_index < state.domain_size ){ - if( !copy_memory_pair_and_check(blob, state.round_proof_offset, state.leaf_data, state.y) ){ - console.log("Not validated!"); - return false; - } - }else{ - if( !copy_reverted_memory_pair_and_check(blob, state.round_proof_offset, state.leaf_data, state.y) ){ - console.log("Not validated!"); - return false; - } + + for( uint64 p = 0; p < unique_points; p++){ + state.denominators[p][0] = addmod(state.x, modulus - state.unique_eval_points[p], modulus); + state.denominators[p][1] = addmod(modulus - state.x, modulus - state.unique_eval_points[p], modulus); + state.denominators[p][0] = field.inverse_static(state.denominators[p][0], modulus); + state.denominators[p][1] = field.inverse_static(state.denominators[p][1], modulus); + } + prepare_Y(blob, state.query_proof_offset, state); + if( state.x_index < state.domain_size ){ + if( !copy_memory_pair_and_check(blob, state.round_proof_offset, state.leaf_data, state.y) ){ + console.log("Not validated!"); + return false; + } + }else{ + if( !copy_reverted_memory_pair_and_check(blob, state.round_proof_offset, state.leaf_data, state.y) ){ + console.log("Not validated!"); + return false; } } if( !colinear_check(state.x, state.y, state.alphas[0], basic_marshalling.get_uint256_be(blob,state.round_data_offset)) ){ @@ -589,7 +450,6 @@ unchecked { return false; } state.round_data_offset += 0x40; - i++; } return true; diff --git a/include/nil/blueprint/transpiler/templates/recursive_verifier.hpp b/include/nil/blueprint/transpiler/templates/recursive_verifier.hpp index 9462faa..28c2be3 100644 --- a/include/nil/blueprint/transpiler/templates/recursive_verifier.hpp +++ b/include/nil/blueprint/transpiler/templates/recursive_verifier.hpp @@ -6,7 +6,6 @@ namespace nil { namespace blueprint { std::string lookup_vars = R"( -#ifdef __USE_LOOKUPS__ const size_t lookup_table_amount = $LOOKUP_TABLE_AMOUNT$; const size_t lookup_gate_amount = $LOOKUP_GATE_AMOUNT$; constexpr std::array lookup_options_amount_list = {$LOOKUP_OPTIONS_AMOUNT_LIST$}; @@ -34,22 +33,19 @@ constexpr std::size_t input_size_shifted_lookup_table_selectors = lookup_table_a constexpr std::size_t input_size_shifted_lookup_table_lookup_options = lookup_table_columns_amount; constexpr std::size_t input_size_sorted = m_parameter * 3 - 1; -#endif +$LPC_POLY_IDS_CONSTANT_ARRAYS$ )"; std::string lookup_expressions = R"( -#ifdef __USE_LOOKUPS__ std::array calculate_lookup_expressions(std::array z){ std::array expressions; $LOOKUP_EXPRESSIONS_BODY$ return expressions; } -#endif )"; std::string lookup_code = R"( -#ifdef __USE_LOOKUPS__ { std::array alphas = challenges.lookup_alphas; std::array lookup_gate_selectors; @@ -148,9 +144,24 @@ std::array calcu F[5] = lookup_argument[2]; F[6] = lookup_argument[3]; } -#endif )"; + std::string public_input_check_str = R"( + //Check public input + std::size_t cur = 0; + for( std::size_t i = 0; i < public_input_amount; i++){ + pallas::base_field_type::value_type Omega(1); + pallas::base_field_type::value_type result(0); + for( std::size_t j = 0; j < public_input_sizes[i]; j++){ + result += public_input[cur] * Omega / (challenges.xi - Omega); + Omega *= omega; + cur++; + } + __builtin_assigner_exit_check(rows_amount * proof.z[zero_indices[witness_amount + i]] == precomputed_values.Z_at_xi * result); + } +)"; + std::string public_input_input_str = "\tstd::array public_input,\n"; + std::string recursive_verifier_template = R"( #include #include @@ -203,7 +214,6 @@ const pallas::base_field_type::value_type omega = $OMEGA$; const size_t fri_rounds = $FRI_ROUNDS$; const std::array gates_sizes = {$GATES_SIZES$}; const size_t unique_points = $UNIQUE_POINTS$; -const std::array point_ids = {$POINTS_IDS$}; const size_t singles_amount = $SINGLES_AMOUNT$; const std::array batches_amount_list = {$BATCHES_AMOUNT_LIST$}; @@ -214,17 +224,17 @@ struct placeholder_proof_type{ pallas::base_field_type::value_type challenge; std::array z; std::array fri_roots; - std::array initial_proof_values; - std::array round_proof_values; - std::array initial_proof_positions; - std::array initial_proof_hashes; - std::array round_merkle_proof_positions; - std::array round_proof_hashes; + std::array, lambda> initial_proof_values; // lambda times + std::array round_proof_values; // lambda times + std::array initial_proof_positions; // lambda times + std::array initial_proof_hashes; // lambda times + std::array round_merkle_proof_positions; // lambda times + std::array round_proof_hashes; // lambda times std::array final_polynomial; }; struct placeholder_challenges_type{ - pallas::base_field_type::value_type fri_etha; + pallas::base_field_type::value_type eta; pallas::base_field_type::value_type perm_beta; pallas::base_field_type::value_type perm_gamma; pallas::base_field_type::value_type lookup_theta; @@ -330,23 +340,17 @@ pallas::base_field_type::value_type pow9(pallas::base_field_type::value_type x){ } pallas::base_field_type::value_type pow(pallas::base_field_type::value_type x, size_t p){ - pallas::base_field_type::value_type result = 1; - std::size_t mask = 1; - while(mask < p){mask = mask * 2;} // 8 - while(mask > 1){ - result = result * result; - mask = mask / 2; - if( p >= mask ){ - result = result * x; - p = p - mask; - } - } + if( p == 0 ) return pallas::base_field_type::value_type(1); + if( p == 1 ) return x; + pallas::base_field_type::value_type result = pow(x, p/2); + result = result * result; + if( p%2 == 1 ) result = result * x; return result; } std::array fill_singles( pallas::base_field_type::value_type xi, - pallas::base_field_type::value_type etha + pallas::base_field_type::value_type eta ){ std::array singles; $SINGLES_COMPUTATION$; @@ -369,8 +373,7 @@ placeholder_challenges_type generate_challenges( transcript(tr_state, vk[1]); // LPC additional point - challenges.fri_etha = transcript_challenge(tr_state); - + challenges.eta = transcript_challenge(tr_state); transcript(tr_state, proof.commitments[0]); challenges.perm_beta = transcript_challenge(tr_state); @@ -610,7 +613,7 @@ typedef __attribute__((ext_vector_type(2))) [[circuit]] bool placeholder_verifier( - std::array public_input, + $PUBLIC_INPUT_INPUT$ std::array vk, placeholder_proof_type proof ) { @@ -620,15 +623,9 @@ typedef __attribute__((ext_vector_type(2))) precomputed_values_type precomputed_values; std::tie(precomputed_values.l0, precomputed_values.Z_at_xi) = xi_polys(challenges.xi); + $PUBLIC_INPUT_CHECK$ + std::array F;// = {0,0,0,0,0,0,0,0}; - F[0] = pallas::base_field_type::value_type(0); - F[1] = pallas::base_field_type::value_type(0); - F[2] = pallas::base_field_type::value_type(0); - F[3] = pallas::base_field_type::value_type(0); - F[4] = pallas::base_field_type::value_type(0); - F[5] = pallas::base_field_type::value_type(0); - F[6] = pallas::base_field_type::value_type(0); - F[7] = pallas::base_field_type::value_type(0); // Call permutation argument placeholder_permutation_argument_input_type perm_arg_input; @@ -636,7 +633,7 @@ typedef __attribute__((ext_vector_type(2))) perm_arg_input.thetas[1] = challenges.perm_gamma; for( std::size_t i = 0; i < permutation_size; i++ ){ - perm_arg_input.xi_values[i] = proof.z[4*permutation_size + 6 + zero_indices[i]]; + perm_arg_input.xi_values[i] = proof.z[zero_indices[i]]; perm_arg_input.id_perm[i] = proof.z[2*i]; perm_arg_input.sigma_perm[i] = proof.z[2*permutation_size + 2*i]; } @@ -666,7 +663,7 @@ typedef __attribute__((ext_vector_type(2))) constraints = calculate_constraints(proof.z); for( std::size_t i = 0; i < gates_amount; i++ ){ - selectors[i] = proof.z[4 * permutation_size + 6 + zero_indices[witness_amount + public_input_amount + constant_amount + gates_selector_indices[i]]]; + selectors[i] = proof.z[zero_indices[witness_amount + public_input_amount + constant_amount + gates_selector_indices[i]]]; } F[7] = gate_argument_verifier( @@ -692,19 +689,8 @@ typedef __attribute__((ext_vector_type(2))) __builtin_assigner_exit_check(precomputed_values.F_consolidated == precomputed_values.T_consolidated * precomputed_values.Z_at_xi); // Commitment scheme - std::array singles = fill_singles(challenges.xi, challenges.fri_etha); - std::array, unique_points> V; - std::array, poly_num> U; - std::array, unique_points> combined_U; - std::size_t z_ind = points_num - 1; - pallas::base_field_type::value_type theta_acc(1); - std::array tmp; - - for(std::size_t u = 0; u < unique_points; u++){ - combined_U[u][0] = pallas::base_field_type::value_type(0); - combined_U[u][1] = pallas::base_field_type::value_type(0); - combined_U[u][2] = pallas::base_field_type::value_type(0); - } + std::array singles = fill_singles(challenges.xi, challenges.eta); + std::array U; $PREPARE_U_AND_V$ @@ -718,14 +704,15 @@ typedef __attribute__((ext_vector_type(2))) for(std::size_t i = 0; i < lambda; i++){ __builtin_assigner_fri_cosets(res.data(), D0_log, D0_omega, challenges.fri_x_indices[i]); + cur_val = 0; pallas::base_field_type::value_type hash_state; for(std::size_t b = 0; b < batches_num; b++){ pallas::base_field_type::value_type hash_state(0); if(res[0][2] == pallas::base_field_type::value_type(0)){ - hash_state = calculate_leaf_hash(proof.initial_proof_values, cur_val, batches_amount_list[b] *2); + hash_state = calculate_leaf_hash(proof.initial_proof_values[i], cur_val, batches_amount_list[b] *2); } else if(res[0][2] == pallas::base_field_type::value_type(1)){ - hash_state = calculate_reversed_leaf_hash(proof.initial_proof_values, cur_val, batches_amount_list[b] *2); + hash_state = calculate_reversed_leaf_hash(proof.initial_proof_values[i], cur_val, batches_amount_list[b] *2); } cur_val += batches_amount_list[b] *2; for(std::size_t r = i * initial_merkle_proofs_position_num/lambda; r < (i + 1)* initial_merkle_proofs_position_num/lambda ; r++){ @@ -742,30 +729,11 @@ typedef __attribute__((ext_vector_type(2))) __builtin_assigner_exit_check(hash_state == proof.commitments[b-1]); } - std::array y; - y[0] = pallas::base_field_type::value_type(0); - y[1] = pallas::base_field_type::value_type(0); - std::array, unique_points> V_evals; - std::size_t ind = 0; - pallas::base_field_type::value_type theta_acc(1); - - for(std::size_t u = 0; u < unique_points; u++){ - V_evals[u][0] = pallas::base_field_type::value_type(1) / eval4(V[u], res[0][0]); - V_evals[u][1] = pallas::base_field_type::value_type(1) / eval4(V[u], res[0][1]); - y[0] = y[0] - eval3(combined_U[u], res[0][0]) * V_evals[u][0]; - y[1] = y[1] - eval3(combined_U[u], res[0][1]) * V_evals[u][1]; - } - - initial_proof_ind = initial_proof_ind + poly_num * 2; - std::size_t in = initial_proof_ind - 1; - for(int k = poly_num; k > 0;){ - k--; - y[0] = y[0] + theta_acc * proof.initial_proof_values[in-1] * V_evals[point_ids[k]][0]; - y[1] = y[1] + theta_acc * proof.initial_proof_values[in] * V_evals[point_ids[k]][1]; - in -= 2; - theta_acc = theta_acc * challenges.lpc_theta; - } - + std::array y = {0,0}; + theta_acc = pallas::base_field_type::value_type(1); + pallas::base_field_type::value_type Q0; + pallas::base_field_type::value_type Q1; +$LPC_Y_COMPUTATION$ std::size_t D = D0_log - 1; pallas::base_field_type::value_type rhash; for(std::size_t j = 0; j < fri_rounds; j++){ @@ -816,7 +784,7 @@ typedef __attribute__((ext_vector_type(2))) factor = factor * x; } __builtin_assigner_exit_check(interpolant == y[1]); - } + } return true; } @@ -825,4 +793,4 @@ typedef __attribute__((ext_vector_type(2))) } } -#endif //__RECURSIVE_VERIFIER_TEMPLATE_HPP__ +#endif //__RECURSIVE_VERIFIER_TEMPLATE_HPP__ \ No newline at end of file diff --git a/include/nil/blueprint/transpiler/util.hpp b/include/nil/blueprint/transpiler/util.hpp index 48271b6..504d819 100644 --- a/include/nil/blueprint/transpiler/util.hpp +++ b/include/nil/blueprint/transpiler/util.hpp @@ -30,8 +30,8 @@ #include #include #include - -#include +#include +//#include namespace nil { namespace blueprint { @@ -49,6 +49,29 @@ namespace nil { return strstr.str(); } + static inline std::string rot_string (int j, std::size_t rows_amount, std::string mode){ + int abs_j = j>0? j: -j; + int other_j = rows_amount - abs_j; + if(other_j < abs_j) { + j = j > 0? -other_j: other_j; + } + + if( mode == "recursive"){ + if(j == 0) return "xi"; else + if(j == 1 ) return "xi*omega"; else + if(j == -1) return "xi/omega"; else + if(j > 0) return "xi*pow(omega, " + to_string(j) + ")"; else + if(j < 0) return "xi/pow(omega, " + to_string(-j) + ")"; + } else if(mode == "evm") { + if(j == 0) return "xi"; else + if(j == 1 ) return "mulmod(xi, omega, modulus)"; else + if(j == -1) return "mulmod(xi, inversed_omega, modulus)"; else + if(j > 0) return "mulmod(xi, field.pow_small(omega, " + to_string(j) + ", modulus), modulus)"; else + if(j < 0) return "mulmod(xi, field.pow_small(inversed_omega, " + to_string(-j) + ", modulus), modulus)"; + } + return ""; + } + void replace_and_print(std::string input, transpiler_replacements reps, std::string output_file_name){ std::string code = input; @@ -70,6 +93,167 @@ namespace nil { return code; } + + + // Tuple of singles, poly ids with singles> + template + static std::tuple, std::vector, std::map, std::vector>> + calculate_unique_points( + const CommonDataType &common_data, + std::size_t permutation_size, + bool use_lookups, + std::size_t quotient_size, + std::size_t sorted_size, + std::string mode + ){ + std::vector z_points_indices; + std::vector singles; + std::map singles_map; + std::vector> poly_ids; + std::size_t rows_amount = common_data.rows_amount; + + singles.push_back(rot_string(0, rows_amount, mode)); + singles_map[rot_string(0, rows_amount, mode)] = singles_map.size(); + + singles.push_back("eta"); + singles_map["eta"] = singles_map.size(); + poly_ids.resize(singles.size()); + + // Sigma and permutation polys + std::size_t count = 0; + for( std::size_t i = 0; i < permutation_size; i++){ + poly_ids[singles_map[rot_string(0, rows_amount, mode)]].push_back(count); + poly_ids[singles_map["eta"]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(0, rows_amount, mode)]); + z_points_indices.push_back(singles_map["eta"]); + poly_ids[singles_map["eta"]].push_back(count+1); + poly_ids[singles_map[rot_string(0, rows_amount, mode)]].push_back(count+1); + z_points_indices.push_back(singles_map[rot_string(0, rows_amount, mode)]); + z_points_indices.push_back(singles_map["eta"]); + count += 2; + } + + // Special selectors + singles.push_back(rot_string(1, rows_amount, mode)); + singles_map[rot_string(1, rows_amount, mode)] = singles_map.size(); + poly_ids.resize(singles.size()); + + poly_ids[singles_map["eta"]].push_back(count); + poly_ids[singles_map[rot_string(0, rows_amount, mode)]].push_back(count); + poly_ids[singles_map[rot_string(1, rows_amount, mode)]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(0, rows_amount, mode)]); + z_points_indices.push_back(singles_map[rot_string(1, rows_amount, mode)]); + z_points_indices.push_back(singles_map["eta"]); + count++; + poly_ids[singles_map["eta"]].push_back(count); + poly_ids[singles_map[rot_string(0, rows_amount, mode)]].push_back(count); + poly_ids[singles_map[rot_string(1, rows_amount, mode)]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(0, rows_amount, mode)]); + z_points_indices.push_back(singles_map[rot_string(1, rows_amount, mode)]); + z_points_indices.push_back(singles_map["eta"]); + count++; + + for(std::size_t i = 0; i < PlaceholderParams::constant_columns; i++){ + std::stringstream str; + for(auto j:common_data.columns_rotations[i + PlaceholderParams::witness_columns + PlaceholderParams::public_input_columns]){ + if(singles_map.find(rot_string(j, rows_amount, mode)) == singles_map.end()){ + singles_map[rot_string(j, rows_amount, mode)] = singles_map.size(); + singles.push_back(rot_string(j, rows_amount, mode)); + poly_ids.resize(singles.size()); + } + poly_ids[singles_map[rot_string(j, rows_amount, mode)]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(j, rows_amount, mode)]); + } + poly_ids[singles_map["eta"]].push_back(count); + z_points_indices.push_back(singles_map["eta"]); + count++; + } + + for(std::size_t i = 0; i < PlaceholderParams::selector_columns; i++){ + std::stringstream str; + for(auto j:common_data.columns_rotations[i + PlaceholderParams::witness_columns + PlaceholderParams::public_input_columns + PlaceholderParams::constant_columns]){ + if(singles_map.find(rot_string(j, rows_amount, mode)) == singles_map.end()){ + singles_map[rot_string(j, rows_amount, mode)] = singles_map.size(); + singles.push_back(rot_string(j, rows_amount, mode)); + poly_ids.resize(singles.size()); + } + poly_ids[singles_map[rot_string(j, rows_amount, mode)]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(j, rows_amount, mode)]); + } + poly_ids[singles_map["eta"]].push_back(count); + z_points_indices.push_back(singles_map["eta"]); + count++; + } + + for(std::size_t i = 0; i < PlaceholderParams::witness_columns; i++){ + std::stringstream str; + for(auto j:common_data.columns_rotations[i]){ + if(singles_map.find(rot_string(j, rows_amount, mode)) == singles_map.end()){ + singles_map[rot_string(j, rows_amount, mode)] = singles_map.size(); + singles.push_back(rot_string(j, rows_amount, mode)); + poly_ids.resize(singles.size()); + } + poly_ids[singles_map[rot_string(j, rows_amount, mode)]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(j, rows_amount, mode)]); + } + count++; + } + + for(std::size_t i = 0; i < PlaceholderParams::public_input_columns; i++){ + std::stringstream str; + for(auto j:common_data.columns_rotations[i + PlaceholderParams::witness_columns]){ + if(singles_map.find(rot_string(j, rows_amount, mode)) == singles_map.end()){ + singles_map[rot_string(j, rows_amount, mode)] = singles_map.size(); + singles.push_back(rot_string(j, rows_amount, mode)); + poly_ids.resize(singles.size()); + } + poly_ids[singles_map[rot_string(j, rows_amount, mode)]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(j, rows_amount, mode)]); + } + count++; + } + + // Permutation argument + poly_ids[singles_map[rot_string(0, rows_amount, mode)]].push_back(count); + poly_ids[singles_map[rot_string(1, rows_amount, mode)]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(0, rows_amount, mode)]); + z_points_indices.push_back(singles_map[rot_string(1, rows_amount, mode)]); + count++; + + // Lookup permutation + if(use_lookups){ + poly_ids[singles_map[rot_string(0, rows_amount, mode)]].push_back(count); + poly_ids[singles_map[rot_string(1, rows_amount, mode)]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(0, rows_amount, mode)]); + z_points_indices.push_back(singles_map[rot_string(1, rows_amount, mode)]); + count++; + } + // Quotient + for(std::size_t i = 0; i < quotient_size; i++){ + poly_ids[singles_map[rot_string(0, rows_amount, mode)]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(0, rows_amount, mode)]); + count++; + } + // Lookup batch + if(use_lookups){ + if(singles_map.find(rot_string(common_data.usable_rows_amount, rows_amount, mode)) == singles_map.end()){ + singles_map[rot_string(common_data.usable_rows_amount, rows_amount, mode)] = singles.size(); + singles.push_back(rot_string(common_data.usable_rows_amount, rows_amount, mode)); + poly_ids.resize(singles.size()); + } + for( std::size_t i = 0; i < sorted_size; i++ ){ + poly_ids[singles_map[rot_string(0, rows_amount, mode)]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(0, rows_amount, mode)]); + poly_ids[singles_map[rot_string(1, rows_amount, mode)]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(1, rows_amount, mode)]); + poly_ids[singles_map[rot_string(common_data.usable_rows_amount, rows_amount, mode)]].push_back(count); + z_points_indices.push_back(singles_map[rot_string(common_data.usable_rows_amount, rows_amount, mode)]); + count++; + } + } + + return std::make_tuple(z_points_indices, singles, singles_map, poly_ids); + } } } diff --git a/test/detail/circuits.hpp b/test/detail/circuits.hpp index 9d09ac7..f19ae0f 100644 --- a/test/detail/circuits.hpp +++ b/test/detail/circuits.hpp @@ -924,7 +924,6 @@ namespace nil { typename FieldType::value_type zero = FieldType::value_type::zero(); auto r = rnd() % 7; - table[0] = std::vector(16); std::size_t j = 0; for( std::size_t i = 0; i < 7; i++){ if( j == r ) j++; diff --git a/test/transpiler.cpp b/test/transpiler.cpp index 5d7d177..450c519 100644 --- a/test/transpiler.cpp +++ b/test/transpiler.cpp @@ -71,7 +71,7 @@ #include #include -// #include +#include #include "./detail/circuits.hpp" @@ -103,22 +103,16 @@ inline std::vector generate_random_step_list(const std::size_t r, c } template -typename fri_type::params_type create_fri_params(std::size_t degree_log, const int max_step = 1) { - typename fri_type::params_type params; - math::polynomial q = {0, 0, 1}; - - std::size_t expand_factor = 4; +typename fri_type::params_type create_fri_params( + std::size_t degree_log, const int max_step = 1, std::size_t expand_factor = 4) { std::size_t r = degree_log - 1; - std::vector>> domain_set = - math::calculate_domain_set(degree_log + expand_factor, r); - - params.r = r; - params.D = domain_set; - params.max_degree = (1 << degree_log) - 1; - params.step_list = generate_random_step_list(r, max_step); - - return params; + return typename fri_type::params_type( + (1 << degree_log) - 1, // max_degree + math::calculate_domain_set(degree_log + expand_factor, r), + generate_random_step_list(r, max_step), + expand_factor + ); } // ******************************************************************************* @@ -672,7 +666,6 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { } BOOST_AUTO_TEST_SUITE_END() -#if 0 BOOST_AUTO_TEST_SUITE(recursive_circuit1) using Endianness = nil::marshalling::option::big_endian; using TTypeBase = nil::marshalling::field_type; @@ -716,6 +709,9 @@ BOOST_AUTO_TEST_SUITE(recursive_circuit1) using lpc_scheme_type = typename commitments::lpc_commitment_scheme; using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; using policy_type = zk::snark::detail::placeholder_policy; + using proof_type = nil::crypto3::zk::snark::placeholder_proof; + using common_data_type = nil::crypto3::zk::snark::placeholder_public_preprocessor::preprocessed_data_type::common_data_type; + BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { auto circuit = circuit_test_1(test_global_alg_rnd_engine); plonk_table_description desc; @@ -746,8 +742,8 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { std::string cpp_path = "./circuit1/placeholder_verifier.cpp"; std::ofstream output_file; output_file.open(cpp_path); - output_file << nil::blueprint::recursive_verifier_generator::generate_recursive_verifier( - constraint_system, preprocessed_public_data.common_data, lpc_scheme, columns_with_copy_constraints.size() + output_file << nil::blueprint::recursive_verifier_generator::generate_recursive_verifier( + constraint_system, preprocessed_public_data.common_data, lpc_scheme, columns_with_copy_constraints.size(), {preprocessed_public_data.common_data.usable_rows_amount + 1} ); output_file.close(); } @@ -757,7 +753,7 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { constraint_system, assignments.private_table(), desc); auto proof = placeholder_prover::process( - preprocessed_public_data, preprocessed_private_data, desc, constraint_system, assignments, lpc_scheme); + preprocessed_public_data, preprocessed_private_data, desc, constraint_system, lpc_scheme); bool verifier_res = placeholder_verifier::process( preprocessed_public_data, proof, constraint_system, lpc_scheme); @@ -767,24 +763,11 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { std::string inp_path = "./circuit1/placeholder_verifier.inp"; std::ofstream output_file; output_file.open(inp_path); - output_file << nil::blueprint::recursive_verifier_generator::generate_input( - {}, preprocessed_public_data.common_data.vk, proof + output_file << nil::blueprint::recursive_verifier_generator::generate_input( + preprocessed_public_data.common_data.vk, assignments.public_inputs(), proof, {preprocessed_public_data.common_data.usable_rows_amount + 1} ); output_file.close(); } - -/* auto printer = nil::blueprint::evm_verifier_printer( - constraint_system, - lpc_preprocessed_public_data.common_data, - lpc_scheme, - columns_with_copy_constraints.size(), - "circuit1", - 26, // gates library size threshold - 60, // lookups library size threshold - 13, // gates inline size threshold - 15 // lookups inline size threshold - ); - printer.print();*/ } BOOST_AUTO_TEST_SUITE_END() @@ -829,6 +812,8 @@ BOOST_AUTO_TEST_SUITE(recursive_circuit2) using lpc_scheme_type = typename commitments::lpc_commitment_scheme; using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; using policy_type = zk::snark::detail::placeholder_policy; + using proof_type = nil::crypto3::zk::snark::placeholder_proof; + using common_data_type = nil::crypto3::zk::snark::placeholder_public_preprocessor::preprocessed_data_type::common_data_type; BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { auto pi0 = test_global_alg_rnd_engine(); @@ -861,8 +846,8 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { std::string cpp_path = "./circuit2/placeholder_verifier.cpp"; std::ofstream output_file; output_file.open(cpp_path); - output_file << nil::blueprint::recursive_verifier_generator::generate_recursive_verifier( - constraint_system, preprocessed_public_data.common_data, lpc_scheme, columns_with_copy_constraints.size() + output_file << nil::blueprint::recursive_verifier_generator::generate_recursive_verifier( + constraint_system, preprocessed_public_data.common_data, lpc_scheme, columns_with_copy_constraints.size(), {3} ); output_file.close(); } @@ -872,7 +857,7 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { constraint_system, assignments.private_table(), desc); auto proof = placeholder_prover::process( - preprocessed_public_data, preprocessed_private_data, desc, constraint_system, assignments, lpc_scheme); + preprocessed_public_data, preprocessed_private_data, desc, constraint_system, lpc_scheme); bool verifier_res = placeholder_verifier::process( preprocessed_public_data, proof, constraint_system, lpc_scheme); @@ -881,23 +866,10 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { std::string inp_path = "./circuit2/placeholder_verifier.inp"; std::ofstream output_file; output_file.open(inp_path); - output_file << nil::blueprint::recursive_verifier_generator::generate_input( - {}, preprocessed_public_data.common_data.vk, proof + output_file << nil::blueprint::recursive_verifier_generator::generate_input( + preprocessed_public_data.common_data.vk, assignments.public_inputs(), proof, {3} ); output_file.close(); - -/* auto printer = nil::blueprint::evm_verifier_printer( - constraint_system, - lpc_preprocessed_public_data.common_data, - lpc_scheme, - columns_with_copy_constraints.size(), - "circuit2", - 26, // gates library size threshold - 60, // lookups library size threshold - 13, // gates inline size threshold - 15 // lookups inline size threshold - ); - printer.print();*/ } BOOST_AUTO_TEST_SUITE_END() @@ -942,6 +914,9 @@ BOOST_AUTO_TEST_SUITE(recursive_circuit3) using lpc_scheme_type = typename commitments::lpc_commitment_scheme; using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; using policy_type = zk::snark::detail::placeholder_policy; + using proof_type = nil::crypto3::zk::snark::placeholder_proof; + using common_data_type = nil::crypto3::zk::snark::placeholder_public_preprocessor::preprocessed_data_type::common_data_type; + BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { auto circuit = circuit_test_3(); plonk_table_description desc; @@ -964,13 +939,14 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { typename placeholder_public_preprocessor::preprocessed_data_type preprocessed_public_data = placeholder_public_preprocessor::process( - constraint_system, assignments.public_table(), desc, lpc_scheme, columns_with_copy_constraints.size()); + constraint_system, assignments.public_table(), desc, lpc_scheme, columns_with_copy_constraints.size() + ); { std::string cpp_path = "./circuit3/placeholder_verifier.cpp"; std::ofstream output_file; output_file.open(cpp_path); - output_file << nil::blueprint::recursive_verifier_generator::generate_recursive_verifier( - constraint_system, preprocessed_public_data.common_data, lpc_scheme, permutation_size + output_file << nil::blueprint::recursive_verifier_generator::generate_recursive_verifier( + constraint_system, preprocessed_public_data.common_data, lpc_scheme, columns_with_copy_constraints.size(), std::array() ); output_file.close(); } @@ -980,7 +956,7 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { constraint_system, assignments.private_table(), desc); auto proof = placeholder_prover::process( - preprocessed_public_data, preprocessed_private_data, desc, constraint_system, assignments, lpc_scheme); + preprocessed_public_data, preprocessed_private_data, desc, constraint_system, lpc_scheme); bool verifier_res = placeholder_verifier::process( preprocessed_public_data, proof, constraint_system, lpc_scheme); @@ -990,8 +966,8 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { std::string inp_path = "./circuit3/placeholder_verifier.inp"; std::ofstream output_file; output_file.open(inp_path); - output_file << nil::blueprint::recursive_verifier_generator::generate_input( - {}, preprocessed_public_data.common_data.vk, proof + output_file << nil::blueprint::recursive_verifier_generator::generate_input( + preprocessed_public_data.common_data.vk, assignments.public_inputs(), proof, std::array() ); output_file.close(); } @@ -1037,6 +1013,9 @@ BOOST_AUTO_TEST_SUITE(recursive_circuit4) using lpc_scheme_type = typename commitments::lpc_commitment_scheme; using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; using policy_type = zk::snark::detail::placeholder_policy; + using proof_type = nil::crypto3::zk::snark::placeholder_proof; + using common_data_type = nil::crypto3::zk::snark::placeholder_public_preprocessor::preprocessed_data_type::common_data_type; + BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { auto circuit = circuit_test_4(test_global_alg_rnd_engine, test_global_rnd_engine); @@ -1064,8 +1043,8 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { std::string cpp_path = "./circuit4/placeholder_verifier.cpp"; std::ofstream output_file; output_file.open(cpp_path); - output_file << nil::blueprint::recursive_verifier_generator::generate_recursive_verifier( - constraint_system, preprocessed_public_data.common_data, lpc_scheme, permutation_size + output_file << nil::blueprint::recursive_verifier_generator::generate_recursive_verifier( + constraint_system, preprocessed_public_data.common_data, lpc_scheme, columns_with_copy_constraints.size(), std::array() ); output_file.close(); } @@ -1075,7 +1054,7 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { constraint_system, assignments.private_table(), desc); auto proof = placeholder_prover::process( - preprocessed_public_data, preprocessed_private_data, desc, constraint_system, assignments, lpc_scheme); + preprocessed_public_data, preprocessed_private_data, desc, constraint_system, lpc_scheme); bool verifier_res = placeholder_verifier::process( preprocessed_public_data, proof, constraint_system, lpc_scheme); @@ -1085,8 +1064,8 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { std::string inp_path = "./circuit4/placeholder_verifier.inp"; std::ofstream output_file; output_file.open(inp_path); - output_file << nil::blueprint::recursive_verifier_generator::generate_input( - {}, preprocessed_public_data.common_data.vk, proof + output_file << nil::blueprint::recursive_verifier_generator::generate_input( + preprocessed_public_data.common_data.vk, assignments.public_inputs(), proof, std::array() ); output_file.close(); } @@ -1134,6 +1113,9 @@ BOOST_AUTO_TEST_SUITE(recursive_circuit6) using lpc_scheme_type = typename commitments::lpc_commitment_scheme; using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; using policy_type = zk::snark::detail::placeholder_policy; + using proof_type = nil::crypto3::zk::snark::placeholder_proof; + using common_data_type = nil::crypto3::zk::snark::placeholder_public_preprocessor::preprocessed_data_type::common_data_type; + BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { auto circuit = circuit_test_6(test_global_alg_rnd_engine, test_global_rnd_engine); @@ -1161,20 +1143,18 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { std::string cpp_path = "./circuit6/placeholder_verifier.cpp"; std::ofstream output_file; output_file.open(cpp_path); - output_file << nil::blueprint::recursive_verifier_generator::generate_recursive_verifier( - constraint_system, preprocessed_public_data.common_data, lpc_scheme, permutation_size + output_file << nil::blueprint::recursive_verifier_generator::generate_recursive_verifier( + constraint_system, preprocessed_public_data.common_data, lpc_scheme, columns_with_copy_constraints.size(), std::array() ); output_file.close(); } - std::cout << std::endl << std::endl; - typename placeholder_private_preprocessor::preprocessed_data_type preprocessed_private_data = placeholder_private_preprocessor::process( constraint_system, assignments.private_table(), desc); auto proof = placeholder_prover::process( - preprocessed_public_data, preprocessed_private_data, desc, constraint_system, assignments, lpc_scheme); + preprocessed_public_data, preprocessed_private_data, desc, constraint_system, lpc_scheme); bool verifier_res = placeholder_verifier::process( preprocessed_public_data, proof, constraint_system, lpc_scheme); @@ -1184,8 +1164,8 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { std::string inp_path = "./circuit6/placeholder_verifier.inp"; std::ofstream output_file; output_file.open(inp_path); - output_file << nil::blueprint::recursive_verifier_generator::generate_input( - {}, preprocessed_public_data.common_data.vk, proof + output_file << nil::blueprint::recursive_verifier_generator::generate_input( + preprocessed_public_data.common_data.vk, assignments.public_inputs(), proof, std::array() ); output_file.close(); } @@ -1233,6 +1213,9 @@ BOOST_AUTO_TEST_SUITE(recursive_circuit7) using lpc_scheme_type = typename commitments::lpc_commitment_scheme; using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; using policy_type = zk::snark::detail::placeholder_policy; + using proof_type = nil::crypto3::zk::snark::placeholder_proof; + using common_data_type = nil::crypto3::zk::snark::placeholder_public_preprocessor::preprocessed_data_type::common_data_type; + BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { auto circuit = circuit_test_7(test_global_alg_rnd_engine, test_global_rnd_engine); plonk_table_description desc; @@ -1262,8 +1245,8 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { std::string cpp_path = "./circuit7/placeholder_verifier.cpp"; std::ofstream output_file; output_file.open(cpp_path); - output_file << nil::blueprint::recursive_verifier_generator::generate_recursive_verifier( - constraint_system, preprocessed_public_data.common_data, lpc_scheme, permutation_size + output_file << nil::blueprint::recursive_verifier_generator::generate_recursive_verifier( + constraint_system, preprocessed_public_data.common_data, lpc_scheme, columns_with_copy_constraints.size(), std::array() ); output_file.close(); } @@ -1273,7 +1256,7 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { constraint_system, assignments.private_table(), desc); auto proof = placeholder_prover::process( - preprocessed_public_data, preprocessed_private_data, desc, constraint_system, assignments, lpc_scheme); + preprocessed_public_data, preprocessed_private_data, desc, constraint_system, lpc_scheme); bool verifier_res = placeholder_verifier::process( preprocessed_public_data, proof, constraint_system, lpc_scheme); @@ -1283,11 +1266,10 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { std::string inp_path = "./circuit7/placeholder_verifier.inp"; std::ofstream output_file; output_file.open(inp_path); - output_file << nil::blueprint::recursive_verifier_generator::generate_input( - {}, preprocessed_public_data.common_data.vk, proof + output_file << nil::blueprint::recursive_verifier_generator::generate_input( + preprocessed_public_data.common_data.vk, assignments.public_inputs(), proof, std::array() ); output_file.close(); } } -BOOST_AUTO_TEST_SUITE_END() -#endif +BOOST_AUTO_TEST_SUITE_END() \ No newline at end of file