Skip to content

Commit

Permalink
Compress proof and take advantage of known constants / 0's in gemini_…
Browse files Browse the repository at this point in the history
…a_evaluations
  • Loading branch information
feltroidprime committed Dec 16, 2024
1 parent fdb0d89 commit df5853b
Show file tree
Hide file tree
Showing 7 changed files with 260 additions and 489 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -267,7 +267,7 @@ def input_map(self) -> dict:
imap = {}

imap["p_sumcheck_evaluations"] = (structs.u256Span, hk.NUMBER_OF_ENTITIES)
imap["p_gemini_a_evaluations"] = (structs.u256Span, hk.CONST_PROOF_SIZE_LOG_N)
imap["p_gemini_a_evaluations"] = (structs.u256Span, self.vk.log_circuit_size)
imap["tp_gemini_r"] = structs.u384
imap["tp_rho"] = structs.u384
imap["tp_shplonk_z"] = structs.u384
Expand Down
34 changes: 23 additions & 11 deletions hydra/garaga/precompiled_circuits/honk.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import copy
import math
from dataclasses import dataclass, fields
from enum import Enum, auto

Expand Down Expand Up @@ -58,6 +59,10 @@ class HonkProof:
shplonk_q: G1Point
kzg_quotient: G1Point

@property
def log_circuit_size(self) -> int:
return int(math.log2(self.circuit_size))

def __post_init__(self):
assert len(self.sumcheck_univariates) == CONST_PROOF_SIZE_LOG_N
assert all(
Expand Down Expand Up @@ -244,11 +249,11 @@ def format_array(elements: list, span: bool = False) -> str:
code += f"lookup_inverses: {g1_to_g1point256(self.lookup_inverses)},\n"

# Flatten sumcheck_univariates array
code += f"sumcheck_univariates: {format_array(io.flatten(self.sumcheck_univariates), span=True)},\n"
code += f"sumcheck_univariates: {format_array(io.flatten(self.sumcheck_univariates)[:self.log_circuit_size * BATCHED_RELATION_PARTIAL_LENGTH], span=True)},\n"

code += f"sumcheck_evaluations: {format_array(self.sumcheck_evaluations, span=True)},\n"
code += f"gemini_fold_comms: array![{', '.join(g1_to_g1point256(comm) for comm in self.gemini_fold_comms)}].span(),\n"
code += f"gemini_a_evaluations: {format_array(self.gemini_a_evaluations, span=True)},\n"
code += f"gemini_fold_comms: array![{', '.join(g1_to_g1point256(comm) for comm in self.gemini_fold_comms[:self.log_circuit_size - 1])}].span(),\n"
code += f"gemini_a_evaluations: {format_array(self.gemini_a_evaluations[:self.log_circuit_size], span=True)},\n"
code += f"shplonk_q: {g1_to_g1point256(self.shplonk_q)},\n"
code += f"kzg_quotient: {g1_to_g1point256(self.kzg_quotient)},\n"
code += "};"
Expand Down Expand Up @@ -279,7 +284,9 @@ def serialize_G1Point256(g1_point: G1Point) -> list[int]:
cd.extend(serialize_G1Point256(self.lookup_inverses))
cd.extend(
io.bigint_split_array(
x=io.flatten(self.sumcheck_univariates),
x=io.flatten(self.sumcheck_univariates)[
: BATCHED_RELATION_PARTIAL_LENGTH * self.log_circuit_size
], # The rest is 0.
n_limbs=2,
base=2**128,
prepend_length=True,
Expand All @@ -292,13 +299,18 @@ def serialize_G1Point256(g1_point: G1Point) -> list[int]:
)
)

cd.append(len(self.gemini_fold_comms))
for pt in self.gemini_fold_comms:
cd.append(self.log_circuit_size - 1)
for pt in self.gemini_fold_comms[
: self.log_circuit_size - 1
]: # The rest is G(1, 2)
cd.extend(serialize_G1Point256(pt))

cd.extend(
io.bigint_split_array(
x=self.gemini_a_evaluations, n_limbs=2, base=2**128, prepend_length=True
x=self.gemini_a_evaluations[: self.log_circuit_size],
n_limbs=2,
base=2**128,
prepend_length=True,
)
)
cd.extend(serialize_G1Point256(self.shplonk_q))
Expand Down Expand Up @@ -1680,16 +1692,16 @@ def compute_shplemini_msm_scalars(
batching_challenge, inverse_vanishing_evals[i + 2]
)
scalars[NUMBER_OF_ENTITIES + i + 1] = self.neg(scaling_factor)
constant_term_accumulator = self.add(
constant_term_accumulator,
self.mul(scaling_factor, p_gemini_a_evaluations[i + 1]),
)
else:
# print(
# f"dummy round {i}, index {NUMBER_OF_ENTITIES + i + 1} is set to 0"
# )
pass

constant_term_accumulator = self.add(
constant_term_accumulator,
self.mul(scaling_factor, p_gemini_a_evaluations[i + 1]),
)
# skip last round:
if i < self.log_n - 2:
batching_challenge = self.mul(batching_challenge, tp_shplonk_nu)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -269,9 +269,8 @@ def gen_honk_verifier(
full_proof.proof.z_perm.into(),
];
let n_gem_comms = vk.log_circuit_size-1;
for i in 0_u32..n_gem_comms {{
_points.append((*full_proof.proof.gemini_fold_comms.at(i)).into());
for gem_comm in full_proof.proof.gemini_fold_comms {{
_points.append((*gem_comm).into());
}};
_points.append(BN254_G1_GENERATOR);
_points.append(full_proof.proof.kzg_quotient.into());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -183,9 +183,8 @@ mod UltraKeccakHonkVerifier {
full_proof.proof.z_perm.into(),
];

let n_gem_comms = vk.log_circuit_size - 1;
for i in 0_u32..n_gem_comms {
_points.append((*full_proof.proof.gemini_fold_comms.at(i)).into());
for gem_comm in full_proof.proof.gemini_fold_comms {
_points.append((*gem_comm).into());
};
_points.append(BN254_G1_GENERATOR);
_points.append(full_proof.proof.kzg_quotient.into());
Expand Down
Loading

0 comments on commit df5853b

Please sign in to comment.