diff --git a/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp b/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp index a08ade37..4df7190a 100644 --- a/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp +++ b/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp @@ -1030,8 +1030,8 @@ namespace nil { std::size_t id1 = s_indices[j][0] < s_indices[j][1] ? 1 : 0; Q[j][0] -= combined_U[p]; Q[j][1] -= combined_U[p]; - Q[j][0] /= denominators[p].evaluate(s[j][id0]); - Q[j][1] /= denominators[p].evaluate(s[j][id1]); + Q[j][0] *= denominators[p].evaluate(s[j][id0]).inversed(); + Q[j][1] *= denominators[p].evaluate(s[j][id1]).inversed(); y[j][0] += Q[j][0]; y[j][1] += Q[j][1]; } diff --git a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/lookup_argument.hpp b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/lookup_argument.hpp index c8e14b22..969bf547 100644 --- a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/lookup_argument.hpp +++ b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/lookup_argument.hpp @@ -262,7 +262,7 @@ namespace nil { auto reduced_g = reduce_dfs_polynomial_domain(g, basic_domain->m); auto reduced_h = reduce_dfs_polynomial_domain(h, basic_domain->m); for( std::size_t j = 0; j < preprocessed_data.common_data.desc.usable_rows_amount; j++){ - current_poly[j] = (previous_poly[j] * reduced_g[j]) / reduced_h[j]; + current_poly[j] = (previous_poly[j] * reduced_g[j]) * reduced_h[j].inversed(); } commitment_scheme.append_to_batch(PERMUTATION_BATCH, current_poly); auto par = lookup_alphas[i] * (previous_poly * g - current_poly * h); diff --git a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/permutation_argument.hpp b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/permutation_argument.hpp index 1a9b5538..fa60e433 100644 --- a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/permutation_argument.hpp +++ b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/permutation_argument.hpp @@ -129,7 +129,7 @@ namespace nil { nom *= g_v[i][j - 1]; denom *= h_v[i][j - 1]; } - V_P[j] = V_P[j - 1] * nom / denom; + V_P[j] = V_P[j - 1] * nom * denom.inversed(); } // 4. Compute and add commitment to $V_P$ to $\text{transcript}$. @@ -198,7 +198,7 @@ namespace nil { auto reduced_g = reduce_dfs_polynomial_domain(g, basic_domain->m); auto reduced_h = reduce_dfs_polynomial_domain(h, basic_domain->m); for(std::size_t j = 0; j < preprocessed_data.common_data.desc.usable_rows_amount; j++){ - current_poly[j] = (previous_poly[j] * reduced_g[j]) / reduced_h[j]; + current_poly[j] = (previous_poly[j] * reduced_g[j]) * reduced_h[j].inversed(); } commitment_scheme.append_to_batch(PERMUTATION_BATCH, current_poly); auto part = permutation_alphas[i] * (previous_poly * g - current_poly * h); diff --git a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp index 175fd8b2..65045c78 100644 --- a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp +++ b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp @@ -151,7 +151,7 @@ namespace nil { auto omega = common_data.basic_domain->get_domain_element(1); auto challenge = proof.eval_proof.challenge; auto numerator = challenge.pow(table_description.rows_amount) - FieldType::value_type::one(); - numerator /= typename FieldType::value_type(table_description.rows_amount); + numerator *= typename FieldType::value_type(table_description.rows_amount).inversed(); // If public input sizes are set, all of them should be set. if(constraint_system.public_input_sizes_num() != 0 && constraint_system.public_input_sizes_num() != table_description.public_input_columns){ @@ -165,7 +165,7 @@ namespace nil { max_size = std::min(max_size, constraint_system.public_input_size(i)); auto omega_pow = FieldType::value_type::one(); for( std::size_t j = 0; j < max_size; ++j ){ - value += (public_input[i][j] * omega_pow) / (challenge - omega_pow); + value += (public_input[i][j] * omega_pow) * (challenge - omega_pow).inversed(); omega_pow = omega_pow * omega; } value *= numerator; diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 1c30abf2..bf327279 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -103,7 +103,12 @@ set(TESTS_NAMES "systems/plonk/pickles/to_field" "systems/plonk/pickles/to_group" - "systems/plonk/placeholder/placeholder" + "systems/plonk/placeholder/placeholder_circuits" + "systems/plonk/placeholder/placeholder_lookup_argument" + "systems/plonk/placeholder/placeholder_gate_argument" + "systems/plonk/placeholder/placeholder_permutation_argument" + "systems/plonk/placeholder/placeholder_kzg" + "systems/plonk/placeholder/placeholder_hashes" # "systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/r1cs_mp_ppzkpcd" # "systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/r1cs_sp_ppzkpcd" diff --git a/test/systems/plonk/placeholder/placeholder_circuits.cpp b/test/systems/plonk/placeholder/placeholder_circuits.cpp new file mode 100644 index 00000000..e5690319 --- /dev/null +++ b/test/systems/plonk/placeholder/placeholder_circuits.cpp @@ -0,0 +1,341 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2022 Mikhail Komarov +// Copyright (c) 2022 Nikita Kaskov +// Copyright (c) 2022 Ilia Shirobokov +// Copyright (c) 2022 Alisa Cherniaeva +// Copyright (c) 2022 Ilias Khairullin +// Copyright (c) 2023 Elena Tatuzova +// Copyright (c) 2024 Vasiliy Olekhov +// +// MIT License +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in all +// copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +// SOFTWARE. +//---------------------------------------------------------------------------// + +#define BOOST_TEST_MODULE placeholder_circuits_test + +#include +#include +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +/* +#include +#include +#include +*/ +#include +#include +#include + +#include +#include +#include + +#include + +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "circuits.hpp" + +using namespace nil::crypto3; +using namespace nil::crypto3::zk; +using namespace nil::crypto3::zk::snark; + +template +struct placeholder_test_runner { + using field_type = FieldType; + + struct placeholder_test_params { + constexpr static const std::size_t usable_rows = 13; + + constexpr static const std::size_t witness_columns = WitnessColumns; + constexpr static const std::size_t public_input_columns = PublicInputColumns; + constexpr static const std::size_t constant_columns = ConstantColumns; + constexpr static const std::size_t selector_columns = SelectorColumns; + + constexpr static const std::size_t lambda = 40; + constexpr static const std::size_t m = 2; + }; + + typedef placeholder_circuit_params circuit_params; + using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; + + using lpc_params_type = commitments::list_polynomial_commitment_params< + merkle_hash_type, + transcript_hash_type, + placeholder_test_params::m + >; + + using lpc_type = commitments::list_polynomial_commitment; + using lpc_scheme_type = typename commitments::lpc_commitment_scheme; + using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; + using policy_type = zk::snark::detail::placeholder_policy; + using circuit_type = circuit_description, usable_rows_amount>; + + placeholder_test_runner(const circuit_type& circuit_in, std::size_t usable_rows, std::size_t table_rows) + : circuit(circuit_in) + , desc(WitnessColumns, PublicInputColumns, ConstantColumns, SelectorColumns) + , constraint_system(circuit.gates, circuit.copy_constraints, circuit.lookup_gates, circuit.lookup_tables) + , assignments(circuit.table) + , table_rows_log(std::log2(table_rows)) + , fri_params(1,table_rows_log, placeholder_test_params::lambda, 4) + { + desc.rows_amount = table_rows; + desc.usable_rows_amount = usable_rows; + } + + bool run_test() { + lpc_scheme_type lpc_scheme(fri_params); + + typename placeholder_public_preprocessor::preprocessed_data_type + lpc_preprocessed_public_data = placeholder_public_preprocessor::process( + constraint_system, assignments.move_public_table(), desc, lpc_scheme, max_quotient_poly_chunks + ); + + typename placeholder_private_preprocessor::preprocessed_data_type + lpc_preprocessed_private_data = placeholder_private_preprocessor::process( + constraint_system, assignments.move_private_table(), desc + ); + + auto lpc_proof = placeholder_prover::process( + lpc_preprocessed_public_data, std::move(lpc_preprocessed_private_data), desc, constraint_system, lpc_scheme + ); + + bool verifier_res = placeholder_verifier::process( + lpc_preprocessed_public_data.common_data, lpc_proof, desc, constraint_system, lpc_scheme + ); + return verifier_res; + } + + circuit_type circuit; + plonk_table_description desc; + typename policy_type::constraint_system_type constraint_system; + typename policy_type::variable_assignment_type assignments; + std::size_t table_rows_log; + typename lpc_type::fri_type::params_type fri_params; +}; + + + +BOOST_AUTO_TEST_SUITE(placeholder_circuit1) + +using curve_type = algebra::curves::pallas; +using field_type = typename curve_type::base_field_type; +using poseidon_type = hashes::poseidon>; + +using TestRunners = boost::mpl::list< + placeholder_test_runner< + algebra::curves::pallas::base_field_type, + poseidon_type, + poseidon_type, + witness_columns_1, + public_columns_1, + constant_columns_1, + selector_columns_1, + rows_amount_1 + >, + placeholder_test_runner< + algebra::curves::pallas::base_field_type, + hashes::keccak_1600<512>, + hashes::keccak_1600<512>, + witness_columns_1, + public_columns_1, + constant_columns_1, + selector_columns_1, + rows_amount_1 + > +>; + +BOOST_AUTO_TEST_CASE_TEMPLATE(prover_test, TestRunner, TestRunners) { + test_tools::random_test_initializer random_test_initializer; + auto circuit = circuit_test_1( + random_test_initializer.alg_random_engines.template get_alg_engine(), + random_test_initializer.generic_random_engine + ); + TestRunner test_runner(circuit, circuit.usable_rows, circuit.table_rows); + BOOST_CHECK(test_runner.run_test()); +} +BOOST_AUTO_TEST_SUITE_END() + + +BOOST_AUTO_TEST_SUITE(placeholder_circuit3) + +using curve_type = algebra::curves::pallas; +using field_type = typename curve_type::base_field_type; +using poseidon_type = hashes::poseidon>; +const size_t usable_rows_3 = 4; + +using TestRunners = boost::mpl::list< + placeholder_test_runner< + algebra::curves::pallas::base_field_type, + poseidon_type, + poseidon_type, + witness_columns_3, + public_columns_3, + constant_columns_3, + selector_columns_3, + usable_rows_3 + >, + placeholder_test_runner< + algebra::curves::pallas::base_field_type, + hashes::keccak_1600<512>, + hashes::keccak_1600<512>, + witness_columns_3, + public_columns_3, + constant_columns_3, + selector_columns_3, + usable_rows_3 + > +>; +BOOST_AUTO_TEST_CASE_TEMPLATE(prover_test, TestRunner, TestRunners) { + test_tools::random_test_initializer random_test_initializer; + auto circuit = circuit_test_3( + random_test_initializer.alg_random_engines.template get_alg_engine(), + random_test_initializer.generic_random_engine + ); + TestRunner test_runner(circuit, usable_rows_3, 1 << 3); + BOOST_CHECK(test_runner.run_test()); +} +BOOST_AUTO_TEST_SUITE_END() + +BOOST_AUTO_TEST_SUITE(placeholder_circuit4) + +using curve_type = algebra::curves::pallas; +using field_type = typename curve_type::base_field_type; +using poseidon_type = hashes::poseidon>; +const size_t usable_rows_4 = 5; + +using TestRunners = boost::mpl::list< + placeholder_test_runner, + placeholder_test_runner, hashes::keccak_1600<512>, witness_columns_4, public_columns_4, constant_columns_4, selector_columns_4, usable_rows_4> + >; +BOOST_AUTO_TEST_CASE_TEMPLATE(prover_test, TestRunner, TestRunners) { + test_tools::random_test_initializer random_test_initializer; + auto circuit = circuit_test_4( + random_test_initializer.alg_random_engines.template get_alg_engine(), + random_test_initializer.generic_random_engine + ); + TestRunner test_runner(circuit, usable_rows_4, 1 << 3); + BOOST_CHECK(test_runner.run_test()); +} +BOOST_AUTO_TEST_SUITE_END() + +BOOST_AUTO_TEST_SUITE(placeholder_circuit5) +using curve_type = algebra::curves::pallas; +using field_type = typename curve_type::base_field_type; +using poseidon_type = hashes::poseidon>; + +using TestRunners = boost::mpl::list< + placeholder_test_runner, + placeholder_test_runner, hashes::keccak_1600<512>, witness_columns_5, public_columns_5, constant_columns_5, selector_columns_5, usable_rows_5, false, 10> +>; +BOOST_AUTO_TEST_CASE_TEMPLATE(prover_test, TestRunner, TestRunners) { + test_tools::random_test_initializer random_test_initializer; + auto circuit = circuit_test_5( + random_test_initializer.alg_random_engines.template get_alg_engine(), + random_test_initializer.generic_random_engine + ); + TestRunner test_runner(circuit, circuit.usable_rows, circuit.table_rows); + BOOST_CHECK(test_runner.run_test()); +} +BOOST_AUTO_TEST_SUITE_END() + +BOOST_AUTO_TEST_SUITE(placeholder_circuit6) + +using curve_type = algebra::curves::pallas; +using field_type = typename curve_type::base_field_type; +using poseidon_type = hashes::poseidon>; + +using TestRunners = boost::mpl::list< + placeholder_test_runner, + placeholder_test_runner, hashes::keccak_1600<512>, witness_columns_6, public_columns_6, constant_columns_6, selector_columns_6, usable_rows_6, true> +>; +BOOST_AUTO_TEST_CASE_TEMPLATE(prover_test, TestRunner, TestRunners) { + test_tools::random_test_initializer random_test_initializer; + auto circuit = circuit_test_6( + random_test_initializer.alg_random_engines.template get_alg_engine(), + random_test_initializer.generic_random_engine + ); + TestRunner test_runner(circuit, circuit.usable_rows, circuit.table_rows); + BOOST_CHECK(test_runner.run_test()); +} +BOOST_AUTO_TEST_SUITE_END() + +BOOST_AUTO_TEST_SUITE(placeholder_circuit7) + +using curve_type = algebra::curves::pallas; +using field_type = typename curve_type::base_field_type; +using poseidon_type = hashes::poseidon>; + +using TestRunners = boost::mpl::list< + placeholder_test_runner, + placeholder_test_runner, hashes::keccak_1600<512>, witness_columns_7, public_columns_7, constant_columns_7, selector_columns_7, usable_rows_7, true, 8>, + placeholder_test_runner, hashes::keccak_1600<512>, witness_columns_7, public_columns_7, constant_columns_7, selector_columns_7, usable_rows_7, true, 10>, + placeholder_test_runner, hashes::keccak_1600<512>, witness_columns_7, public_columns_7, constant_columns_7, selector_columns_7, usable_rows_7, true, 30>, + placeholder_test_runner, hashes::keccak_1600<512>, witness_columns_7, public_columns_7, constant_columns_7, selector_columns_7, usable_rows_7, true, 50> + >; +BOOST_AUTO_TEST_CASE_TEMPLATE(prover_test, TestRunner, TestRunners) { + test_tools::random_test_initializer random_test_initializer; + auto circuit = circuit_test_7( + random_test_initializer.alg_random_engines.template get_alg_engine(), + random_test_initializer.generic_random_engine + ); + TestRunner test_runner(circuit, circuit.usable_rows, circuit.table_rows); + BOOST_CHECK(test_runner.run_test()); +} +BOOST_AUTO_TEST_SUITE_END() diff --git a/test/systems/plonk/placeholder/placeholder_gate_argument.cpp b/test/systems/plonk/placeholder/placeholder_gate_argument.cpp new file mode 100644 index 00000000..3cb95a17 --- /dev/null +++ b/test/systems/plonk/placeholder/placeholder_gate_argument.cpp @@ -0,0 +1,255 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2022 Mikhail Komarov +// Copyright (c) 2022 Nikita Kaskov +// Copyright (c) 2022 Ilia Shirobokov +// Copyright (c) 2022 Alisa Cherniaeva +// Copyright (c) 2022 Ilias Khairullin +// Copyright (c) 2023 Elena Tatuzova +// Copyright (c) 2024 Vasiliy Olekhov +// +// MIT License +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in all +// copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +// SOFTWARE. +//---------------------------------------------------------------------------// + +#define BOOST_TEST_MODULE placeholder_gate_argument_test + +#include +#include +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +/* +#include +#include +#include +*/ +#include +#include +#include + +#include +#include +#include + +#include + +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "circuits.hpp" + +using namespace nil::crypto3; +using namespace nil::crypto3::zk; +using namespace nil::crypto3::zk::snark; + +BOOST_AUTO_TEST_SUITE(placeholder_gate_argument) + using curve_type = algebra::curves::bls12<381>; + using field_type = typename curve_type::scalar_field_type; + + struct placeholder_test_params { + using merkle_hash_type = hashes::keccak_1600<512>; + using transcript_hash_type = hashes::keccak_1600<512>; + + constexpr static const std::size_t witness_columns = 3; + constexpr static const std::size_t public_input_columns = 1; + constexpr static const std::size_t constant_columns = 0; + constexpr static const std::size_t selector_columns = 2; + + constexpr static const std::size_t lambda = 10; + constexpr static const std::size_t m = 2; + }; + using circuit_t_params = placeholder_circuit_params; + + using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; + + using commitment_scheme_params_type = nil::crypto3::zk::commitments::commitment_scheme_params_type>; + using placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; + using policy_type = zk::snark::detail::placeholder_policy; + + using lpc_params_type = commitments::list_polynomial_commitment_params< + typename placeholder_test_params::merkle_hash_type, + typename placeholder_test_params::transcript_hash_type, + placeholder_test_params::m + >; + + using lpc_type = commitments::list_polynomial_commitment; + using lpc_scheme_type = typename commitments::lpc_commitment_scheme; + using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; + + using kzg_type = commitments::batched_kzg; + using kzg_scheme_type = typename commitments::kzg_commitment_scheme; + using kzg_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; + +BOOST_FIXTURE_TEST_CASE(placeholder_gate_argument_test, test_tools::random_test_initializer) { + auto pi0 = alg_random_engines.template get_alg_engine()(); + auto circuit = circuit_test_t( + pi0, + alg_random_engines.template get_alg_engine(), + generic_random_engine + ); + + plonk_table_description desc( + placeholder_test_params::witness_columns, + placeholder_test_params::public_input_columns, + placeholder_test_params::constant_columns, + placeholder_test_params::selector_columns + ); + + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(desc.rows_amount); + + typename policy_type::constraint_system_type constraint_system( + circuit.gates, circuit.copy_constraints, circuit.lookup_gates); + typename policy_type::variable_assignment_type assignments = circuit.table; + + typename lpc_type::fri_type::params_type fri_params(1, table_rows_log, placeholder_test_params::lambda, 4); + lpc_scheme_type lpc_scheme(fri_params); + + std::vector init_blob {0, 1, 2, 3, 4, 5, 6, 7, 8, 9}; + transcript_type transcript(init_blob); + + typename placeholder_public_preprocessor::preprocessed_data_type + preprocessed_public_data = placeholder_public_preprocessor::process( + constraint_system, assignments.public_table(), desc, lpc_scheme + ); + + typename placeholder_private_preprocessor::preprocessed_data_type + preprocessed_private_data = placeholder_private_preprocessor::process( + constraint_system, assignments.private_table(), desc + ); + + auto polynomial_table = + plonk_polynomial_dfs_table( + preprocessed_private_data.private_polynomial_table, preprocessed_public_data.public_polynomial_table); + + transcript::fiat_shamir_heuristic_sequential prover_transcript = transcript; + transcript::fiat_shamir_heuristic_sequential verifier_transcript = transcript; + + math::polynomial_dfs mask_polynomial( + 0, preprocessed_public_data.common_data.basic_domain->m, + typename field_type::value_type(1) + ); + mask_polynomial -= preprocessed_public_data.q_last; + mask_polynomial -= preprocessed_public_data.q_blind; + + std::array, 1> prover_res = + placeholder_gates_argument::prove_eval( + constraint_system, polynomial_table, preprocessed_public_data.common_data.basic_domain, + preprocessed_public_data.common_data.max_gates_degree, mask_polynomial, prover_transcript); + + // Challenge phase + typename field_type::value_type y = algebra::random_element(); + typename field_type::value_type omega = preprocessed_public_data.common_data.basic_domain->get_domain_element(1); + + typename policy_type::evaluation_map columns_at_y; + for (std::size_t i = 0; i < placeholder_test_params::witness_columns; i++) { + + std::size_t i_global_index = i; + + for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { + auto key = std::make_tuple(i, rotation, plonk_variable::column_type::witness); + columns_at_y[key] = polynomial_table.witness(i).evaluate(y * omega.pow(rotation)); + } + } + for (std::size_t i = 0; i < 0 + placeholder_test_params::public_input_columns; i++) { + + std::size_t i_global_index = placeholder_test_params::witness_columns + i; + + for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { + + auto key = std::make_tuple(i, rotation, plonk_variable::column_type::public_input); + + columns_at_y[key] = polynomial_table.public_input(i).evaluate(y * omega.pow(rotation)); + } + } + for (std::size_t i = 0; i < 0 + placeholder_test_params::constant_columns; i++) { + + std::size_t i_global_index = + placeholder_test_params::witness_columns + placeholder_test_params::public_input_columns + i; + + for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { + auto key = std::make_tuple(i, rotation, plonk_variable::column_type::constant); + + columns_at_y[key] = polynomial_table.constant(i).evaluate(y * omega.pow(rotation)); + } + } + for (std::size_t i = 0; i < placeholder_test_params::selector_columns; i++) { + + std::size_t i_global_index = placeholder_test_params::witness_columns + + placeholder_test_params::constant_columns + + placeholder_test_params::public_input_columns + i; + + for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { + auto key = std::make_tuple(i, rotation, plonk_variable::column_type::selector); + + columns_at_y[key] = polynomial_table.selector(i).evaluate(y * omega.pow(rotation)); + } + } + + auto mask_value = field_type::value_type::one() - preprocessed_public_data.q_last.evaluate(y) - + preprocessed_public_data.q_blind.evaluate(y); + std::array verifier_res = + placeholder_gates_argument::verify_eval( + constraint_system.gates(), columns_at_y, y, mask_value, verifier_transcript); + + typename field_type::value_type verifier_next_challenge = verifier_transcript.template challenge(); + typename field_type::value_type prover_next_challenge = prover_transcript.template challenge(); + BOOST_CHECK(verifier_next_challenge == prover_next_challenge); + + BOOST_CHECK(prover_res[0].evaluate(y) == verifier_res[0]); +} + +BOOST_AUTO_TEST_SUITE_END() diff --git a/test/systems/plonk/placeholder/placeholder_goldilocks.cpp b/test/systems/plonk/placeholder/placeholder_goldilocks.cpp new file mode 100644 index 00000000..99c9d227 --- /dev/null +++ b/test/systems/plonk/placeholder/placeholder_goldilocks.cpp @@ -0,0 +1,123 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2022 Mikhail Komarov +// Copyright (c) 2022 Nikita Kaskov +// Copyright (c) 2022 Ilia Shirobokov +// Copyright (c) 2022 Alisa Cherniaeva +// Copyright (c) 2022 Ilias Khairullin +// Copyright (c) 2023 Elena Tatuzova +// Copyright (c) 2024 Vasiliy Olekhov +// +// MIT License +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in all +// copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +// SOFTWARE. +//---------------------------------------------------------------------------// + +#define BOOST_TEST_MODULE placeholder_goldilocks_test + +#include +#include +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +/* +#include +#include +#include +*/ +#include +#include +#include + +#include +#include +#include + +#include + +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "circuits.hpp" + +using namespace nil::crypto3; +using namespace nil::crypto3::zk; +using namespace nil::crypto3::zk::snark; + +BOOST_AUTO_TEST_SUITE(placeholder_circuit1_goldilocks) + +using field_type = typename algebra::fields::goldilocks64; +using poseidon_type = hashes::poseidon>; + +using TestRunners = boost::mpl::list< + placeholder_test_runner< + field_type, + hashes::keccak_1600<512>, + hashes::keccak_1600<512>, + witness_columns_1, + public_columns_1, + constant_columns_1, + selector_columns_1, + rows_amount_1 + > +>; +BOOST_AUTO_TEST_CASE_TEMPLATE(prover_test, TestRunner, TestRunners) { + test_tools::random_test_initializer random_test_initializer; + auto circuit = circuit_test_1( + random_test_initializer.alg_random_engines.template get_alg_engine(), + random_test_initializer.generic_random_engine + ); + TestRunner test_runner(circuit, circuit.usable_rows, circuit.table_rows); + BOOST_CHECK(test_runner.run_test()); +} +BOOST_AUTO_TEST_SUITE_END() diff --git a/test/systems/plonk/placeholder/placeholder_hashes.cpp b/test/systems/plonk/placeholder/placeholder_hashes.cpp new file mode 100644 index 00000000..2f1197ca --- /dev/null +++ b/test/systems/plonk/placeholder/placeholder_hashes.cpp @@ -0,0 +1,213 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2022 Mikhail Komarov +// Copyright (c) 2022 Nikita Kaskov +// Copyright (c) 2022 Ilia Shirobokov +// Copyright (c) 2022 Alisa Cherniaeva +// Copyright (c) 2022 Ilias Khairullin +// Copyright (c) 2023 Elena Tatuzova +// Copyright (c) 2024 Vasiliy Olekhov +// +// MIT License +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in all +// copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +// SOFTWARE. +//---------------------------------------------------------------------------// + +#define BOOST_TEST_MODULE placeholder_hashes_test + +#include +#include +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +/* +#include +#include +#include +*/ +#include +#include +#include + +#include +#include +#include + +#include + +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "circuits.hpp" + +using namespace nil::crypto3; +using namespace nil::crypto3::zk; +using namespace nil::crypto3::zk::snark; + +template +struct placeholder_test_runner { + using field_type = FieldType; + + struct placeholder_test_params { + constexpr static const std::size_t usable_rows = 13; + + constexpr static const std::size_t witness_columns = WitnessColumns; + constexpr static const std::size_t public_input_columns = PublicInputColumns; + constexpr static const std::size_t constant_columns = ConstantColumns; + constexpr static const std::size_t selector_columns = SelectorColumns; + + constexpr static const std::size_t lambda = 40; + constexpr static const std::size_t m = 2; + }; + + typedef placeholder_circuit_params circuit_params; + using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; + + using lpc_params_type = commitments::list_polynomial_commitment_params< + merkle_hash_type, + transcript_hash_type, + placeholder_test_params::m + >; + + using lpc_type = commitments::list_polynomial_commitment; + using lpc_scheme_type = typename commitments::lpc_commitment_scheme; + using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; + using policy_type = zk::snark::detail::placeholder_policy; + using circuit_type = circuit_description, usable_rows_amount>; + + placeholder_test_runner(const circuit_type& circuit_in, std::size_t usable_rows, std::size_t table_rows) + : circuit(circuit_in) + , desc(WitnessColumns, PublicInputColumns, ConstantColumns, SelectorColumns) + , constraint_system(circuit.gates, circuit.copy_constraints, circuit.lookup_gates, circuit.lookup_tables) + , assignments(circuit.table) + , table_rows_log(std::log2(table_rows)) + , fri_params(1,table_rows_log, placeholder_test_params::lambda, 4) + { + desc.rows_amount = table_rows; + desc.usable_rows_amount = usable_rows; + } + + bool run_test() { + lpc_scheme_type lpc_scheme(fri_params); + + typename placeholder_public_preprocessor::preprocessed_data_type + lpc_preprocessed_public_data = placeholder_public_preprocessor::process( + constraint_system, assignments.move_public_table(), desc, lpc_scheme, max_quotient_poly_chunks + ); + + typename placeholder_private_preprocessor::preprocessed_data_type + lpc_preprocessed_private_data = placeholder_private_preprocessor::process( + constraint_system, assignments.move_private_table(), desc + ); + + auto lpc_proof = placeholder_prover::process( + lpc_preprocessed_public_data, std::move(lpc_preprocessed_private_data), desc, constraint_system, lpc_scheme + ); + + bool verifier_res = placeholder_verifier::process( + lpc_preprocessed_public_data.common_data, lpc_proof, desc, constraint_system, lpc_scheme + ); + return verifier_res; + } + + circuit_type circuit; + plonk_table_description desc; + typename policy_type::constraint_system_type constraint_system; + typename policy_type::variable_assignment_type assignments; + std::size_t table_rows_log; + typename lpc_type::fri_type::params_type fri_params; +}; + + +BOOST_AUTO_TEST_SUITE(placeholder_hashes_test) + +using curve_type = algebra::curves::pallas; +using field_type = typename curve_type::base_field_type; +using poseidon_type = hashes::poseidon>; + +using TestRunners = boost::mpl::list< + placeholder_test_runner< + algebra::curves::pallas::base_field_type, + poseidon_type, + poseidon_type, + witness_columns_1, + public_columns_1, + constant_columns_1, + selector_columns_1, + rows_amount_1 + >, + placeholder_test_runner< + algebra::curves::pallas::base_field_type, + hashes::keccak_1600<512>, + hashes::keccak_1600<512>, + witness_columns_1, + public_columns_1, + constant_columns_1, + selector_columns_1, + rows_amount_1 + > +>; + +BOOST_AUTO_TEST_CASE_TEMPLATE(prover_test, TestRunner, TestRunners) { + test_tools::random_test_initializer random_test_initializer; + auto circuit = circuit_test_1( + random_test_initializer.alg_random_engines.template get_alg_engine(), + random_test_initializer.generic_random_engine + ); + TestRunner test_runner(circuit, circuit.usable_rows, circuit.table_rows); + BOOST_CHECK(test_runner.run_test()); +} +BOOST_AUTO_TEST_SUITE_END() + diff --git a/test/systems/plonk/placeholder/placeholder_kzg.cpp b/test/systems/plonk/placeholder/placeholder_kzg.cpp new file mode 100644 index 00000000..b3108c67 --- /dev/null +++ b/test/systems/plonk/placeholder/placeholder_kzg.cpp @@ -0,0 +1,425 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2022 Mikhail Komarov +// Copyright (c) 2022 Nikita Kaskov +// Copyright (c) 2022 Ilia Shirobokov +// Copyright (c) 2022 Alisa Cherniaeva +// Copyright (c) 2022 Ilias Khairullin +// Copyright (c) 2023 Elena Tatuzova +// Copyright (c) 2024 Vasiliy Olekhov +// +// MIT License +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in all +// copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +// SOFTWARE. +//---------------------------------------------------------------------------// + +#define BOOST_TEST_MODULE placeholder_kzg_test + +#include +#include +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +/* +#include +#include +#include +*/ +#include +#include +#include + +#include +#include +#include + +#include + +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "circuits.hpp" + +using namespace nil::crypto3; +using namespace nil::crypto3::zk; +using namespace nil::crypto3::zk::snark; + +template +typename kzg_type::params_type create_kzg_params(std::size_t degree_log) { + // TODO: what cases t != d? + typename kzg_type::field_type::value_type alpha (7); + std::size_t d = 1 << degree_log; + + typename kzg_type::params_type params(d, d, alpha); + return params; +} + +template +typename kzg_type::params_type create_kzg_v2_params(std::size_t degree_log) { + // TODO: what cases t != d? + typename kzg_type::field_type::value_type alpha (7); + std::size_t d = 1 << degree_log; + + typename kzg_type::params_type params(d, 1, alpha); + return params; +} + + +template< + typename curve_type, + typename merkle_hash_type, + typename transcript_hash_type, + std::size_t WitnessColumns, + std::size_t PublicInputColumns, + std::size_t ConstantColumns, + std::size_t SelectorColumns, + std::size_t usable_rows_amount, + std::size_t permutation, + bool UseGrinding = false> +struct placeholder_kzg_test_runner { + using field_type = typename curve_type::scalar_field_type; + + struct placeholder_test_params { + constexpr static const std::size_t usable_rows = usable_rows_amount; + + constexpr static const std::size_t witness_columns = WitnessColumns; + constexpr static const std::size_t public_input_columns = PublicInputColumns; + constexpr static const std::size_t constant_columns = ConstantColumns; + constexpr static const std::size_t selector_columns = SelectorColumns; + }; + + using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; + + using circuit_params = placeholder_circuit_params; + + using kzg_type = commitments::batched_kzg; + using kzg_scheme_type = typename commitments::kzg_commitment_scheme; + using kzg_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; + + using policy_type = zk::snark::detail::placeholder_policy; + + using circuit_type = + circuit_description, + usable_rows_amount>; + + placeholder_kzg_test_runner() + : desc(WitnessColumns, PublicInputColumns, ConstantColumns, SelectorColumns) + { + } + + bool run_test() { + test_tools::random_test_initializer random_test_initializer; + auto pi0 = random_test_initializer.alg_random_engines.template get_alg_engine()(); + auto circuit = circuit_test_t( + pi0, + random_test_initializer.alg_random_engines.template get_alg_engine(), + random_test_initializer.generic_random_engine + ); + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(circuit.table_rows); + + typename policy_type::constraint_system_type constraint_system(circuit.gates, circuit.copy_constraints, circuit.lookup_gates); + typename policy_type::variable_assignment_type assignments = circuit.table; + + bool verifier_res; + + // KZG commitment scheme + auto kzg_params = create_kzg_params(table_rows_log); + kzg_scheme_type kzg_scheme(kzg_params); + + typename placeholder_public_preprocessor::preprocessed_data_type + kzg_preprocessed_public_data = + placeholder_public_preprocessor::process( + constraint_system, assignments.public_table(), desc, kzg_scheme + ); + + typename placeholder_private_preprocessor::preprocessed_data_type + kzg_preprocessed_private_data = placeholder_private_preprocessor::process( + constraint_system, assignments.private_table(), desc + ); + + auto kzg_proof = placeholder_prover::process( + kzg_preprocessed_public_data, std::move(kzg_preprocessed_private_data), desc, constraint_system, kzg_scheme + ); + + verifier_res = placeholder_verifier::process( + kzg_preprocessed_public_data.common_data, kzg_proof, desc, constraint_system, kzg_scheme + ); + return verifier_res; + } + + plonk_table_description desc; +}; + + +BOOST_AUTO_TEST_SUITE(placeholder_circuit2_kzg) + + using TestRunners = boost::mpl::list< + placeholder_kzg_test_runner< + algebra::curves::bls12<381>, + hashes::keccak_1600<256>, + hashes::keccak_1600<256>, + witness_columns_t, + public_columns_t, + constant_columns_t, + selector_columns_t, + usable_rows_t, + true> + /* + , placeholder_kzg_test_runner< + algebra::curves::alt_bn128_254, + hashes::keccak_1600<256>, + hashes::keccak_1600<256>, + witness_columns_t, + public_columns_t, + constant_columns_t, + selector_columns_t, + usable_rows_t, + 4, true>*/ + , placeholder_kzg_test_runner< + algebra::curves::mnt4_298, + hashes::keccak_1600<256>, + hashes::keccak_1600<256>, + witness_columns_t, + public_columns_t, + constant_columns_t, + selector_columns_t, + usable_rows_t, + true> + , placeholder_kzg_test_runner< + algebra::curves::mnt6_298, + hashes::keccak_1600<256>, + hashes::keccak_1600<256>, + witness_columns_t, + public_columns_t, + constant_columns_t, + selector_columns_t, + usable_rows_t, + true> + /*, -- Not yet implemented + placeholder_kzg_test_runner< + algebra::curves::mnt6_298, + hashes::poseidon>, + hashes::poseidon>, + witness_columns_t, + public_columns_t, + constant_columns_t, + selector_columns_t, + usable_rows_t, + 4, + true> + */ + >; + +BOOST_AUTO_TEST_CASE_TEMPLATE(prover_test, TestRunner, TestRunners) { + TestRunner test_runner; + BOOST_CHECK(test_runner.run_test()); +} +BOOST_AUTO_TEST_SUITE_END() + + +template< + typename curve_type, + typename merkle_hash_type, + typename transcript_hash_type, + std::size_t WitnessColumns, + std::size_t PublicInputColumns, + std::size_t ConstantColumns, + std::size_t SelectorColumns, + std::size_t usable_rows_amount, + std::size_t permutation, + bool UseGrinding = false> +struct placeholder_kzg_test_runner_v2 { + using field_type = typename curve_type::scalar_field_type; + + struct placeholder_test_params { + constexpr static const std::size_t usable_rows = usable_rows_amount; + + constexpr static const std::size_t witness_columns = WitnessColumns; + constexpr static const std::size_t public_input_columns = PublicInputColumns; + constexpr static const std::size_t constant_columns = ConstantColumns; + constexpr static const std::size_t selector_columns = SelectorColumns; + }; + + using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; + + using circuit_params = placeholder_circuit_params; + + using kzg_type = commitments::batched_kzg; + using kzg_scheme_type = typename commitments::kzg_commitment_scheme_v2; + using kzg_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; + + using policy_type = zk::snark::detail::placeholder_policy; + + using circuit_type = + circuit_description, + usable_rows_amount>; + + placeholder_kzg_test_runner_v2() + : desc(WitnessColumns, PublicInputColumns, ConstantColumns, SelectorColumns) + { + } + + bool run_test() { + test_tools::random_test_initializer random_test_initializer; + auto pi0 = random_test_initializer.alg_random_engines.template get_alg_engine()(); + auto circuit = circuit_test_t( + pi0, + random_test_initializer.alg_random_engines.template get_alg_engine(), + random_test_initializer.generic_random_engine + ); + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(circuit.table_rows); + + typename policy_type::constraint_system_type constraint_system(circuit.gates, circuit.copy_constraints, circuit.lookup_gates); + typename policy_type::variable_assignment_type assignments = circuit.table; + + bool verifier_res; + + // KZG commitment scheme + auto kzg_params = create_kzg_v2_params(table_rows_log); + kzg_scheme_type kzg_scheme(kzg_params); + + typename placeholder_public_preprocessor::preprocessed_data_type + kzg_preprocessed_public_data = + placeholder_public_preprocessor::process( + constraint_system, assignments.public_table(), desc, kzg_scheme + ); + + typename placeholder_private_preprocessor::preprocessed_data_type + kzg_preprocessed_private_data = placeholder_private_preprocessor::process( + constraint_system, assignments.private_table(), desc + ); + + auto kzg_proof = placeholder_prover::process( + kzg_preprocessed_public_data, std::move(kzg_preprocessed_private_data), desc, constraint_system, kzg_scheme + ); + + verifier_res = placeholder_verifier::process( + kzg_preprocessed_public_data.common_data, kzg_proof, desc, constraint_system, kzg_scheme + ); + return verifier_res; + } + + plonk_table_description desc; +}; + + +BOOST_AUTO_TEST_SUITE(placeholder_circuit2_kzg_v2) + + using TestRunners = boost::mpl::list< + placeholder_kzg_test_runner_v2< + algebra::curves::bls12_381, + hashes::keccak_1600<256>, + hashes::keccak_1600<256>, + witness_columns_t, + public_columns_t, + constant_columns_t, + selector_columns_t, + usable_rows_t, + true> +/* , placeholder_kzg_test_runner< + algebra::curves::alt_bn128_254, + hashes::keccak_1600<256>, + hashes::keccak_1600<256>, + witness_columns_t, + public_columns_t, + constant_columns_t, + selector_columns_t, + usable_rows_t, + 4, true>*/ + , placeholder_kzg_test_runner< + algebra::curves::mnt4_298, + hashes::keccak_1600<256>, + hashes::keccak_1600<256>, + witness_columns_t, + public_columns_t, + constant_columns_t, + selector_columns_t, + usable_rows_t, + true> + , placeholder_kzg_test_runner_v2< + algebra::curves::mnt6_298, + hashes::keccak_1600<256>, + hashes::keccak_1600<256>, + witness_columns_t, + public_columns_t, + constant_columns_t, + selector_columns_t, + usable_rows_t, + true> + /*, -- Not yet implemented + placeholder_kzg_test_runner< + algebra::curves::mnt6_298, + hashes::poseidon>, + hashes::poseidon>, + witness_columns_t, + public_columns_t, + constant_columns_t, + selector_columns_t, + usable_rows_t, + 4, + true> + */ + >; + +BOOST_AUTO_TEST_CASE_TEMPLATE(prover_test, TestRunner, TestRunners) { + TestRunner test_runner; + BOOST_CHECK(test_runner.run_test()); +} + +BOOST_AUTO_TEST_SUITE_END() diff --git a/test/systems/plonk/placeholder/placeholder_lookup_argument.cpp b/test/systems/plonk/placeholder/placeholder_lookup_argument.cpp new file mode 100644 index 00000000..2d8a952a --- /dev/null +++ b/test/systems/plonk/placeholder/placeholder_lookup_argument.cpp @@ -0,0 +1,450 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2022 Mikhail Komarov +// Copyright (c) 2022 Nikita Kaskov +// Copyright (c) 2022 Ilia Shirobokov +// Copyright (c) 2022 Alisa Cherniaeva +// Copyright (c) 2022 Ilias Khairullin +// Copyright (c) 2023 Elena Tatuzova +// Copyright (c) 2024 Vasiliy Olekhov +// +// MIT License +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in all +// copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +// SOFTWARE. +//---------------------------------------------------------------------------// + +#define BOOST_TEST_MODULE placeholder_lookup_argument_test + +#include +#include +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +/* +#include +#include +#include +*/ +#include +#include +#include + +#include +#include +#include + +#include + +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "circuits.hpp" + +using namespace nil::crypto3; +using namespace nil::crypto3::zk; +using namespace nil::crypto3::zk::snark; + +BOOST_AUTO_TEST_SUITE(placeholder_circuit3_lookup_test) + using curve_type = algebra::curves::pallas; + using field_type = typename curve_type::base_field_type; + + constexpr static const std::size_t table_rows_log = 3; + constexpr static const std::size_t table_rows = 1 << table_rows_log; + constexpr static const std::size_t usable_rows = 4; + + struct placeholder_test_params { + using merkle_hash_type = hashes::keccak_1600<512>; + using transcript_hash_type = hashes::keccak_1600<512>; + + constexpr static const std::size_t witness_columns = witness_columns_3; + constexpr static const std::size_t public_input_columns = public_columns_3; + constexpr static const std::size_t constant_columns = constant_columns_3; + constexpr static const std::size_t selector_columns = selector_columns_3; + + constexpr static const std::size_t lambda = 40; + constexpr static const std::size_t m = 2; + }; + + using circuit_params = placeholder_circuit_params; + using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; + using lpc_params_type = commitments::list_polynomial_commitment_params< + typename placeholder_test_params::merkle_hash_type, + typename placeholder_test_params::transcript_hash_type, + placeholder_test_params::m + >; + + using lpc_type = commitments::list_polynomial_commitment; + using lpc_scheme_type = typename commitments::lpc_commitment_scheme; + using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; + using policy_type = zk::snark::detail::placeholder_policy; + +BOOST_FIXTURE_TEST_CASE(lookup_test, test_tools::random_test_initializer) { + auto circuit = circuit_test_3( + alg_random_engines.template get_alg_engine(), + generic_random_engine + ); + constexpr std::size_t argument_size = 4; + + plonk_table_description desc( + placeholder_test_params::witness_columns, + placeholder_test_params::public_input_columns, + placeholder_test_params::constant_columns, + placeholder_test_params::selector_columns + ); + + desc.rows_amount = table_rows; + desc.usable_rows_amount = usable_rows; + + typename policy_type::constraint_system_type constraint_system( + circuit.gates, + circuit.copy_constraints, + circuit.lookup_gates, + circuit.lookup_tables + ); + typename policy_type::variable_assignment_type assignments = circuit.table; + + typename lpc_type::fri_type::params_type fri_params(1, table_rows_log, placeholder_test_params::lambda, 4, true); + lpc_scheme_type lpc_scheme(fri_params); + + typename placeholder_public_preprocessor::preprocessed_data_type + preprocessed_public_data = placeholder_public_preprocessor::process( + constraint_system, assignments.public_table(), desc, lpc_scheme ); + + typename placeholder_private_preprocessor::preprocessed_data_type + preprocessed_private_data = placeholder_private_preprocessor::process( + constraint_system, assignments.private_table(), desc); + + auto polynomial_table = + plonk_polynomial_dfs_table( + preprocessed_private_data.private_polynomial_table, preprocessed_public_data.public_polynomial_table + ); + + std::vector init_blob {0, 1, 2, 3, 4, 5, 6, 7, 8, 9}; + transcript_type prover_transcript(init_blob); + transcript_type verifier_transcript(init_blob); + + placeholder_lookup_argument_prover lookup_prover( + constraint_system, preprocessed_public_data, polynomial_table, lpc_scheme, prover_transcript); + auto prover_res = lookup_prover.prove_eval(); + auto omega = preprocessed_public_data.common_data.basic_domain->get_domain_element(1); + + // Challenge phase + typename field_type::value_type y = algebra::random_element(); + typename policy_type::evaluation_map columns_at_y; + for (std::size_t i = 0; i < placeholder_test_params::witness_columns; i++) { + + std::size_t i_global_index = i; + + for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { + auto key = std::make_tuple(i, rotation, plonk_variable::column_type::witness); + columns_at_y[key] = polynomial_table.witness(i).evaluate(y * omega.pow(rotation)); + } + } + + for (std::size_t i = 0; i < 0 + placeholder_test_params::constant_columns; i++) { + + std::size_t i_global_index = placeholder_test_params::witness_columns + + placeholder_test_params::public_input_columns + i; + + for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { + auto key = std::make_tuple(i, rotation, plonk_variable::column_type::constant); + + columns_at_y[key] = polynomial_table.constant(i).evaluate(y * omega.pow(rotation)); + } + } + + for (std::size_t i = 0; i < placeholder_test_params::selector_columns; i++) { + + std::size_t i_global_index = placeholder_test_params::witness_columns + + placeholder_test_params::constant_columns + + placeholder_test_params::public_input_columns + i; + + for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { + auto key = std::make_tuple(i, rotation, plonk_variable::column_type::selector); + + columns_at_y[key] = polynomial_table.selector(i).evaluate(y * omega.pow(rotation)); + } + } + + lpc_scheme.append_eval_point(LOOKUP_BATCH, y); + lpc_scheme.append_eval_point(LOOKUP_BATCH, y * omega); + lpc_scheme.append_eval_point(LOOKUP_BATCH, y * omega.pow(usable_rows)); + + lpc_scheme.commit(PERMUTATION_BATCH); + lpc_scheme.append_eval_point(PERMUTATION_BATCH, y); + lpc_scheme.append_eval_point(PERMUTATION_BATCH, preprocessed_public_data.common_data.permutation_parts, y * omega); + + transcript_type transcript; + lpc_scheme.setup(transcript, preprocessed_public_data.common_data.commitment_scheme_data); + auto lpc_proof = lpc_scheme.proof_eval(transcript); + // Prepare sorted and V_L values + std::vector special_selector_values(3); + special_selector_values[0] = preprocessed_public_data.common_data.lagrange_0.evaluate(y); + special_selector_values[1] = preprocessed_public_data.q_last.evaluate(y); + special_selector_values[2] = preprocessed_public_data.q_blind.evaluate(y); + + std::vector special_selector_values_shifted(2); + special_selector_values_shifted[0] = preprocessed_public_data.q_last.evaluate(y * omega); + special_selector_values_shifted[1] = preprocessed_public_data.q_blind.evaluate(y * omega); + + placeholder_lookup_argument_verifier lookup_verifier; + std::array verifier_res = lookup_verifier.verify_eval( + preprocessed_public_data.common_data, + special_selector_values, special_selector_values_shifted, + constraint_system, + y, columns_at_y, lpc_proof.z.get(LOOKUP_BATCH), + lpc_proof.z.get(PERMUTATION_BATCH, preprocessed_public_data.common_data.permutation_parts), + {}, + prover_res.lookup_commitment, + verifier_transcript + ); + + typename field_type::value_type verifier_next_challenge = verifier_transcript.template challenge(); + typename field_type::value_type prover_next_challenge = prover_transcript.template challenge(); + BOOST_CHECK(verifier_next_challenge == prover_next_challenge); + + for (int i = 0; i < argument_size; i++) { + BOOST_CHECK(prover_res.F_dfs[i].evaluate(y) == verifier_res[i]); + if( prover_res.F_dfs[i].evaluate(y) != verifier_res[i] ){ + std::cout << prover_res.F_dfs[i].evaluate(y) << "!=" << verifier_res[i] << std::endl; + } + for (std::size_t j = 0; j < desc.rows_amount; j++) { + if(prover_res.F_dfs[i].evaluate(preprocessed_public_data.common_data.basic_domain->get_domain_element(j)) != field_type::value_type::zero()){ + std::cout << "!["<< i << "][" << j << "]" << std::endl; + + } + BOOST_CHECK(prover_res.F_dfs[i].evaluate(preprocessed_public_data.common_data.basic_domain->get_domain_element(j)) == field_type::value_type::zero()); + } + } +} +BOOST_AUTO_TEST_SUITE_END() + +BOOST_AUTO_TEST_SUITE(placeholder_circuit4_lookup_test) + using curve_type = algebra::curves::pallas; + using field_type = typename curve_type::base_field_type; + + constexpr static const std::size_t table_rows_log = 3; + constexpr static const std::size_t table_rows = 1 << table_rows_log; + constexpr static const std::size_t usable_rows = 5; + + struct placeholder_test_params { + using merkle_hash_type = hashes::keccak_1600<512>; + using transcript_hash_type = hashes::keccak_1600<512>; + + constexpr static const std::size_t witness_columns = witness_columns_4; + constexpr static const std::size_t public_input_columns = public_columns_4; + constexpr static const std::size_t constant_columns = constant_columns_4; + constexpr static const std::size_t selector_columns = selector_columns_4; + + constexpr static const std::size_t lambda = 40; + constexpr static const std::size_t m = 2; + }; + + using circuit_params = placeholder_circuit_params; + using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; + using lpc_params_type = commitments::list_polynomial_commitment_params< + typename placeholder_test_params::merkle_hash_type, + typename placeholder_test_params::transcript_hash_type, + placeholder_test_params::m + >; + + using lpc_type = commitments::list_polynomial_commitment; + using lpc_scheme_type = typename commitments::lpc_commitment_scheme; + using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; + using policy_type = zk::snark::detail::placeholder_policy; + +BOOST_FIXTURE_TEST_CASE(lookup_test, test_tools::random_test_initializer) { + auto circuit = circuit_test_4( + alg_random_engines.template get_alg_engine(), + generic_random_engine + ); + constexpr std::size_t argument_size = 4; + + plonk_table_description desc( + placeholder_test_params::witness_columns, + placeholder_test_params::public_input_columns, + placeholder_test_params::constant_columns, + placeholder_test_params::selector_columns + ); + + desc.rows_amount = table_rows; + desc.usable_rows_amount = usable_rows; + + typename policy_type::constraint_system_type constraint_system( + circuit.gates, + circuit.copy_constraints, + circuit.lookup_gates, + circuit.lookup_tables + ); + typename policy_type::variable_assignment_type assignments = circuit.table; + + typename lpc_type::fri_type::params_type fri_params(1, table_rows_log, placeholder_test_params::lambda, 4); + lpc_scheme_type lpc_scheme(fri_params); + + transcript_type transcript; + + typename placeholder_public_preprocessor::preprocessed_data_type + preprocessed_public_data = placeholder_public_preprocessor::process( + constraint_system, assignments.public_table(), desc, lpc_scheme); + + typename placeholder_private_preprocessor::preprocessed_data_type + preprocessed_private_data = placeholder_private_preprocessor::process( + constraint_system, assignments.private_table(), desc); + lpc_scheme.setup(transcript, preprocessed_public_data.common_data.commitment_scheme_data); + + auto polynomial_table = + plonk_polynomial_dfs_table( + preprocessed_private_data.private_polynomial_table, preprocessed_public_data.public_polynomial_table); + + std::vector init_blob {0, 1, 2, 3, 4, 5, 6, 7, 8, 9}; + transcript_type prover_transcript(init_blob); + transcript_type verifier_transcript(init_blob); + + placeholder_lookup_argument_prover prover( + constraint_system, preprocessed_public_data, polynomial_table, lpc_scheme, prover_transcript); + auto prover_res = prover.prove_eval(); + + // Challenge phase + auto omega = preprocessed_public_data.common_data.basic_domain->get_domain_element(1); + typename field_type::value_type y = alg_random_engines.template get_alg_engine()(); + typename policy_type::evaluation_map columns_at_y; + for (std::size_t i = 0; i < placeholder_test_params::witness_columns; i++) { + + std::size_t i_global_index = i; + + for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { + auto key = std::make_tuple(i, rotation, plonk_variable::column_type::witness); + columns_at_y[key] = polynomial_table.witness(i).evaluate(y * omega.pow(rotation)); + } + } + + for (std::size_t i = 0; i < 0 + placeholder_test_params::constant_columns; i++) { + + std::size_t i_global_index = placeholder_test_params::witness_columns + + placeholder_test_params::public_input_columns + i; + + for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { + auto key = std::make_tuple(i, rotation, plonk_variable::column_type::constant); + + columns_at_y[key] = polynomial_table.constant(i).evaluate(y * omega.pow(rotation)); + } + } + + + for (std::size_t i = 0; i < placeholder_test_params::selector_columns; i++) { + + std::size_t i_global_index = placeholder_test_params::witness_columns + + placeholder_test_params::constant_columns + + placeholder_test_params::public_input_columns + i; + + for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { + auto key = std::make_tuple(i, rotation, plonk_variable::column_type::selector); + + columns_at_y[key] = polynomial_table.selector(i).evaluate(y * omega.pow(rotation)); + } + } + + lpc_scheme.append_eval_point(LOOKUP_BATCH, y); + lpc_scheme.append_eval_point(LOOKUP_BATCH, y * omega); + lpc_scheme.append_eval_point(LOOKUP_BATCH, y * omega.pow(usable_rows)); + + lpc_scheme.commit(PERMUTATION_BATCH); + lpc_scheme.append_eval_point(PERMUTATION_BATCH, y); + lpc_scheme.append_eval_point(PERMUTATION_BATCH, y * omega); + + auto lpc_proof = lpc_scheme.proof_eval(transcript); + // Prepare sorted, V_L and V_S values. + + auto special_selectors = (field_type::value_type::one() - (preprocessed_public_data.q_last.evaluate(y) + + preprocessed_public_data.q_blind.evaluate(y))); + auto half = prover_res.F_dfs[2].evaluate(y) * special_selectors.inversed(); + + std::vector special_selector_values(3); + special_selector_values[0] = preprocessed_public_data.common_data.lagrange_0.evaluate(y); + special_selector_values[1] = preprocessed_public_data.q_last.evaluate(y); + special_selector_values[2] = preprocessed_public_data.q_blind.evaluate(y); + + std::vector special_selector_values_shifted(2); + special_selector_values_shifted[0] = preprocessed_public_data.q_last.evaluate(y * omega); + special_selector_values_shifted[1] = preprocessed_public_data.q_blind.evaluate(y * omega); + + placeholder_lookup_argument_verifier verifier; + std::array verifier_res = verifier.verify_eval( + preprocessed_public_data.common_data, + special_selector_values, special_selector_values_shifted, + constraint_system, + y, columns_at_y, lpc_proof.z.get(LOOKUP_BATCH), + lpc_proof.z.get(PERMUTATION_BATCH, 0), + {}, + prover_res.lookup_commitment, + verifier_transcript + ); + + typename field_type::value_type verifier_next_challenge = verifier_transcript.template challenge(); + typename field_type::value_type prover_next_challenge = prover_transcript.template challenge(); + BOOST_CHECK(verifier_next_challenge == prover_next_challenge); + + for (std::size_t i = 0; i < argument_size; i++) { + BOOST_CHECK(prover_res.F_dfs[i].evaluate(y) == verifier_res[i]); + for (std::size_t j = 0; j < desc.rows_amount; j++) { + if (prover_res.F_dfs[i].evaluate(preprocessed_public_data.common_data.basic_domain->get_domain_element(j)) != + field_type::value_type::zero()){ + std::cout << "!["<< i << "][" << j << "]" << std::endl; + } + BOOST_CHECK( + prover_res.F_dfs[i].evaluate(preprocessed_public_data.common_data.basic_domain->get_domain_element(j)) == + field_type::value_type::zero()); + } + } +} +BOOST_AUTO_TEST_SUITE_END() diff --git a/test/systems/plonk/placeholder/placeholder_permutation_argument.cpp b/test/systems/plonk/placeholder/placeholder_permutation_argument.cpp new file mode 100644 index 00000000..8710c9a1 --- /dev/null +++ b/test/systems/plonk/placeholder/placeholder_permutation_argument.cpp @@ -0,0 +1,334 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2022 Mikhail Komarov +// Copyright (c) 2022 Nikita Kaskov +// Copyright (c) 2022 Ilia Shirobokov +// Copyright (c) 2022 Alisa Cherniaeva +// Copyright (c) 2022 Ilias Khairullin +// Copyright (c) 2023 Elena Tatuzova +// Copyright (c) 2024 Vasiliy Olekhov +// +// MIT License +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in all +// copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +// SOFTWARE. +//---------------------------------------------------------------------------// + +#define BOOST_TEST_MODULE placeholder_permutation_test + +#include +#include +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +/* +#include +#include +#include +*/ +#include +#include +#include + +#include +#include +#include + +#include + +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "circuits.hpp" + +using namespace nil::crypto3; +using namespace nil::crypto3::zk; +using namespace nil::crypto3::zk::snark; + +BOOST_AUTO_TEST_SUITE(permutation_argument) + using curve_type = algebra::curves::bls12<381>; + using field_type = typename curve_type::scalar_field_type; + + struct placeholder_test_params { + using merkle_hash_type = hashes::keccak_1600<512>; + using transcript_hash_type = hashes::keccak_1600<512>; + + constexpr static const std::size_t witness_columns = 3; + constexpr static const std::size_t public_input_columns = 1; + constexpr static const std::size_t constant_columns = 0; + constexpr static const std::size_t selector_columns = 2; + + constexpr static const std::size_t lambda = 10; + constexpr static const std::size_t m = 2; + }; + using circuit_t_params = placeholder_circuit_params; + + using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; + + using commitment_scheme_params_type = nil::crypto3::zk::commitments::commitment_scheme_params_type>; + using placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; + using policy_type = zk::snark::detail::placeholder_policy; + + using lpc_params_type = commitments::list_polynomial_commitment_params< + typename placeholder_test_params::merkle_hash_type, + typename placeholder_test_params::transcript_hash_type, + placeholder_test_params::m + >; + + using lpc_type = commitments::list_polynomial_commitment; + using lpc_scheme_type = typename commitments::lpc_commitment_scheme; + using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; + + using kzg_type = commitments::batched_kzg; + using kzg_scheme_type = typename commitments::kzg_commitment_scheme; + using kzg_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; + +BOOST_FIXTURE_TEST_CASE(permutation_polynomials_test, test_tools::random_test_initializer) { + typename field_type::value_type pi0 = alg_random_engines.template get_alg_engine()(); + auto circuit = circuit_test_t( + pi0, + alg_random_engines.template get_alg_engine(), + generic_random_engine + ); + + plonk_table_description desc( + placeholder_test_params::witness_columns, + placeholder_test_params::public_input_columns, + placeholder_test_params::constant_columns, + placeholder_test_params::selector_columns + ); + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(desc.rows_amount); + + typename policy_type::constraint_system_type constraint_system(circuit.gates, circuit.copy_constraints, + circuit.lookup_gates); + typename policy_type::variable_assignment_type assignments = circuit.table; + + typename lpc_type::fri_type::params_type fri_params(1,table_rows_log, placeholder_test_params::lambda, 4); + lpc_scheme_type lpc_scheme(fri_params); + transcript_type lpc_transcript; + + typename placeholder_public_preprocessor::preprocessed_data_type + lpc_preprocessed_public_data = placeholder_public_preprocessor::process( + constraint_system, assignments.move_public_table(), desc, lpc_scheme + ); + + typename placeholder_private_preprocessor::preprocessed_data_type + lpc_preprocessed_private_data = placeholder_private_preprocessor::process( + constraint_system, assignments.move_private_table(), desc + ); + + auto polynomial_table = + plonk_polynomial_dfs_table( + lpc_preprocessed_private_data.private_polynomial_table, lpc_preprocessed_public_data.public_polynomial_table); + + std::shared_ptr> domain = lpc_preprocessed_public_data.common_data.basic_domain; + typename field_type::value_type id_res = field_type::value_type::one(); + typename field_type::value_type sigma_res = field_type::value_type::one(); + for (std::size_t i = 0; i < desc.rows_amount; i++) { + for (auto &identity_polynomial : lpc_preprocessed_public_data.identity_polynomials) { + id_res = id_res * identity_polynomial.evaluate(domain->get_domain_element(i)); + } + + for (auto &permutation_polynomial : lpc_preprocessed_public_data.permutation_polynomials) { + sigma_res = sigma_res * permutation_polynomial.evaluate(domain->get_domain_element(i)); + } + } + BOOST_CHECK_MESSAGE(id_res == sigma_res, "Simple check"); + + typename field_type::value_type beta = algebra::random_element(); + typename field_type::value_type gamma = algebra::random_element(); + + id_res = field_type::value_type::one(); + sigma_res = field_type::value_type::one(); + const auto &permuted_columns = lpc_preprocessed_public_data.common_data.permuted_columns; + + for (std::size_t i = 0; i < desc.rows_amount; i++) { + for (std::size_t j = 0; j < lpc_preprocessed_public_data.identity_polynomials.size(); j++) { + id_res = id_res * + (polynomial_table[permuted_columns[j]].evaluate(domain->get_domain_element(i)) + + beta * lpc_preprocessed_public_data.identity_polynomials[j].evaluate(domain->get_domain_element(i)) + + gamma); + } + + for (std::size_t j = 0; j < lpc_preprocessed_public_data.permutation_polynomials.size(); j++) { + sigma_res = + sigma_res * + (polynomial_table[permuted_columns[j]].evaluate(domain->get_domain_element(i)) + + beta * lpc_preprocessed_public_data.permutation_polynomials[j].evaluate(domain->get_domain_element(i)) + + gamma); + } + } + BOOST_CHECK_MESSAGE(id_res == sigma_res, "Complex check"); +} + +BOOST_FIXTURE_TEST_CASE(placeholder_split_polynomial_test, test_tools::random_test_initializer) { + math::polynomial f = {1, 3, 4, 1, 5, 6, 7, 2, 8, 7, 5, 6, 1, 2, 1, 1}; + std::size_t expected_size = 4; + std::size_t max_degree = 3; + + std::vector> f_splitted = + zk::snark::detail::split_polynomial(f, max_degree); + + BOOST_CHECK(f_splitted.size() == expected_size); + + typename field_type::value_type y = alg_random_engines.template get_alg_engine()(); + + typename field_type::value_type f_at_y = f.evaluate(y); + typename field_type::value_type f_splitted_at_y = field_type::value_type::zero(); + for (std::size_t i = 0; i < f_splitted.size(); i++) { + f_splitted_at_y = f_splitted_at_y + f_splitted[i].evaluate(y) * y.pow((max_degree + 1) * i); + } + + BOOST_CHECK(f_at_y == f_splitted_at_y); +} + +BOOST_FIXTURE_TEST_CASE(permutation_argument_test, test_tools::random_test_initializer) { + auto pi0 = alg_random_engines.template get_alg_engine()(); + auto circuit = circuit_test_t( + pi0, + alg_random_engines.template get_alg_engine(), + generic_random_engine + ); + + plonk_table_description desc( + placeholder_test_params::witness_columns, + placeholder_test_params::public_input_columns, + placeholder_test_params::constant_columns, + placeholder_test_params::selector_columns + ); + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(desc.rows_amount); + + const std::size_t argument_size = 3; + + typename lpc_type::fri_type::params_type fri_params(1, table_rows_log, placeholder_test_params::lambda, 4); + lpc_scheme_type lpc_scheme(fri_params); + + typename policy_type::constraint_system_type constraint_system(circuit.gates, circuit.copy_constraints, + circuit.lookup_gates); + typename policy_type::variable_assignment_type assignments = circuit.table; + + transcript_type transcript; + + typename placeholder_public_preprocessor::preprocessed_data_type + preprocessed_public_data = placeholder_public_preprocessor::process( + constraint_system, assignments.move_public_table(), desc, lpc_scheme + ); + + typename placeholder_private_preprocessor::preprocessed_data_type + preprocessed_private_data = placeholder_private_preprocessor::process( + constraint_system, assignments.move_private_table(), desc + ); + + auto polynomial_table = + plonk_polynomial_dfs_table( + preprocessed_private_data.private_polynomial_table, preprocessed_public_data.public_polynomial_table); + + std::vector init_blob {0, 1, 2, 3, 4, 5, 6, 7, 8, 9}; + transcript::fiat_shamir_heuristic_sequential prover_transcript(init_blob); + transcript::fiat_shamir_heuristic_sequential verifier_transcript(init_blob); + + typename placeholder_permutation_argument::prover_result_type prover_res = + placeholder_permutation_argument::prove_eval( + constraint_system, preprocessed_public_data, desc, polynomial_table, lpc_scheme, prover_transcript); + + // Challenge phase + const auto &permuted_columns = preprocessed_public_data.common_data.permuted_columns; + + typename field_type::value_type y = algebra::random_element(); + std::vector f_at_y(permuted_columns.size()); + std::vector S_id(permuted_columns.size()); + std::vector S_sigma(permuted_columns.size()); + for (std::size_t i = 0; i < permuted_columns.size(); i++) { + f_at_y[i] = polynomial_table[permuted_columns[i]].evaluate(y); + S_id[i] = preprocessed_public_data.identity_polynomials[i].evaluate(y); + S_sigma[i] = preprocessed_public_data.permutation_polynomials[i].evaluate(y); + } + + auto omega = preprocessed_public_data.common_data.basic_domain->get_domain_element(1); + + typename field_type::value_type v_p_at_y = prover_res.permutation_polynomial_dfs.evaluate(y); + typename field_type::value_type v_p_at_y_shifted = prover_res.permutation_polynomial_dfs.evaluate(omega * y); + + std::vector special_selector_values(3); + special_selector_values[0] = preprocessed_public_data.common_data.lagrange_0.evaluate(y); + special_selector_values[1] = preprocessed_public_data.q_last.evaluate(y); + special_selector_values[2] = preprocessed_public_data.q_blind.evaluate(y); + + + auto permutation_commitment = lpc_scheme.commit(PERMUTATION_BATCH); + std::array verifier_res = + placeholder_permutation_argument::verify_eval( + preprocessed_public_data.common_data, + S_id, S_sigma, + special_selector_values, + y, f_at_y, v_p_at_y, v_p_at_y_shifted, {}, verifier_transcript + ); + + typename field_type::value_type verifier_next_challenge = verifier_transcript.template challenge(); + typename field_type::value_type prover_next_challenge = prover_transcript.template challenge(); + BOOST_CHECK(verifier_next_challenge == prover_next_challenge); + + for (std::size_t i = 0; i < argument_size; i++) { + BOOST_CHECK(prover_res.F_dfs[i].evaluate(y) == verifier_res[i]); + for (std::size_t j = 0; j < desc.rows_amount; j++) { + BOOST_CHECK( + prover_res.F_dfs[i].evaluate(preprocessed_public_data.common_data.basic_domain->get_domain_element(j)) == field_type::value_type::zero() + ); + } + } +} + +BOOST_AUTO_TEST_SUITE_END()