From 07f0e920786a4308556aa3a73293a53c62b9e785 Mon Sep 17 00:00:00 2001 From: "e.tatuzova" Date: Mon, 23 Oct 2023 15:57:38 +0400 Subject: [PATCH 1/5] Add gate argument multiplication on mask #207 --- .../plonk/placeholder/gates_argument.hpp | 10 +++- .../systems/plonk/placeholder/prover.hpp | 55 +++++++++++-------- .../systems/plonk/placeholder/verifier.hpp | 54 +++++++++--------- 3 files changed, 69 insertions(+), 50 deletions(-) diff --git a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/gates_argument.hpp b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/gates_argument.hpp index 15d0add45..74d470f5c 100644 --- a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/gates_argument.hpp +++ b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/gates_argument.hpp @@ -123,6 +123,7 @@ namespace nil { &column_polynomials, std::shared_ptr> original_domain, std::uint32_t max_gates_degree, + const polynomial_dfs_type &mask_polynomial, transcript_type& transcript) { PROFILE_PLACEHOLDER_SCOPE("gate_argument_time"); @@ -146,7 +147,7 @@ namespace nil { degree_limits.push_back(max_degree / 2); extended_domain_sizes.push_back(max_domain_size / 2); - std::vector> expressions(extended_domain_sizes.size()); + std::vector> expressions(extended_domain_sizes.size()); auto theta_acc = FieldType::value_type::one(); @@ -161,7 +162,7 @@ namespace nil { const auto& gates = constraint_system.gates(); for (const auto& gate: gates) { - std::vector> gate_results(extended_domain_sizes.size()); + std::vector> gate_results(extended_domain_sizes.size()); for (const auto& constraint : gate.constraints) { auto next_term = converter.convert(constraint) * value_type_to_polynomial_dfs(theta_acc); @@ -201,10 +202,11 @@ namespace nil { expressions[i], [&assignments=variable_values, domain_size=extended_domain_sizes[i]](const polynomial_dfs_variable_type &var) { return assignments[var]; }); - + F[0] += evaluator.evaluate(); } + F[0] *= mask_polynomial; return F; } @@ -212,6 +214,7 @@ namespace nil { verify_eval(const std::vector>> &gates, typename policy_type::evaluation_map &evaluations, const typename FieldType::value_type &challenge, + typename FieldType::value_type mask_value, transcript_type &transcript) { typename FieldType::value_type theta = transcript.template challenge(); @@ -236,6 +239,7 @@ namespace nil { F[0] += gate_result; } + F[0] *= mask_value; return F; } }; diff --git a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/prover.hpp b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/prover.hpp index d1153cece..de0ea793d 100644 --- a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/prover.hpp +++ b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/prover.hpp @@ -105,7 +105,7 @@ namespace nil { &constraint_system, const typename policy_type::variable_assignment_type &assignments, commitment_scheme_type commitment_scheme - ) { + ) { auto prover = placeholder_prover( preprocessed_public_data, preprocessed_private_data, table_description, @@ -120,7 +120,7 @@ namespace nil { const plonk_constraint_system &constraint_system, const typename policy_type::variable_assignment_type &assignments, const commitment_scheme_type &commitment_scheme - ) + ) : preprocessed_public_data(preprocessed_public_data) , preprocessed_private_data(preprocessed_private_data) , table_description(table_description) @@ -128,12 +128,12 @@ namespace nil { , assignments(assignments) , _commitment_scheme(commitment_scheme) , _polynomial_table(preprocessed_private_data.private_polynomial_table, - preprocessed_public_data.public_polynomial_table) + preprocessed_public_data.public_polynomial_table) , _is_lookup_enabled(constraint_system.lookup_gates().size() > 0) , transcript(std::vector()) { // 1. Add circuit definition to transcript - // transcript(short_description); + // transcript(short_description); transcript(preprocessed_public_data.common_data.vk.constraint_system_hash); transcript(preprocessed_public_data.common_data.vk.fixed_values_commitment); @@ -177,10 +177,18 @@ namespace nil { transcript(_proof.commitments[PERMUTATION_BATCH]); // 6. circuit-satisfability + + polynomial_dfs_type mask_polynomial( + 0, preprocessed_public_data.common_data.basic_domain->m, + typename FieldType::value_type(1) + ); + mask_polynomial -= preprocessed_public_data.q_last; + mask_polynomial -= preprocessed_public_data.q_blind; _F_dfs[7] = placeholder_gates_argument::prove_eval( constraint_system, _polynomial_table, preprocessed_public_data.common_data.basic_domain, preprocessed_public_data.common_data.max_gates_degree, + mask_polynomial, transcript )[0]; @@ -190,7 +198,7 @@ namespace nil { #endif // 7. Aggregate quotient polynomial - std::vector T_splitted_dfs = + std::vector T_splitted_dfs = quotient_polynomial_split_dfs(); _proof.commitments[QUOTIENT_BATCH] = T_commit(T_splitted_dfs); @@ -200,10 +208,10 @@ namespace nil { _proof.eval_proof.challenge = transcript.template challenge(); generate_evaluation_points(); - + { PROFILE_PLACEHOLDER_SCOPE("commitment scheme proof eval time"); - _proof.eval_proof.eval_proof = _commitment_scheme.proof_eval(transcript); + _proof.eval_proof.eval_proof = _commitment_scheme.proof_eval(transcript); } return _proof; } @@ -211,7 +219,7 @@ namespace nil { private: std::vector quotient_polynomial_split_dfs() { // TODO: pass max_degree parameter placeholder - std::vector T_splitted = detail::split_polynomial( + std::vector T_splitted = detail::split_polynomial( quotient_polynomial(), table_description.rows_amount - 1 ); @@ -221,7 +229,8 @@ namespace nil { for (std::size_t k = 0; k < T_splitted.size(); k++) { T_splitted_dfs[k].from_coefficients(T_splitted[k]); } - return T_splitted_dfs; + + return T_splitted_dfs; } polynomial_type quotient_polynomial() { @@ -242,13 +251,14 @@ namespace nil { } polynomial_type F_consolidated_normal(F_consolidated_dfs.coefficients()); + polynomial_type T_consolidated = F_consolidated_normal / preprocessed_public_data.common_data.Z; return T_consolidated; } - - typename placeholder_lookup_argument::prover_lookup_result + + typename placeholder_lookup_argument::prover_lookup_result lookup_argument() { PROFILE_PLACEHOLDER_SCOPE("lookup_argument_time"); @@ -283,6 +293,7 @@ namespace nil { for (std::size_t i = 0; i < f_parts; i++) { for (std::size_t j = 0; j < table_description.rows_amount; j++) { if (_F_dfs[i].evaluate(preprocessed_public_data.common_data.basic_domain->get_domain_element(j)) != FieldType::value_type::zero()) { + std::cout << "_F_dfs[" << i << "] on row " << j << " = " << _F_dfs[i].evaluate(preprocessed_public_data.common_data.basic_domain->get_domain_element(j)) << std::endl; } } } @@ -318,8 +329,8 @@ namespace nil { for (int rotation: variable_values_rotation) { _commitment_scheme.append_eval_point( - VARIABLE_VALUES_BATCH, - variable_values_index, + VARIABLE_VALUES_BATCH, + variable_values_index, _proof.eval_proof.challenge * _omega.pow(rotation) ); } @@ -336,10 +347,10 @@ namespace nil { _commitment_scheme.append_eval_point(QUOTIENT_BATCH, _proof.eval_proof.challenge); - + // fixed values' rotations (table columns) std::size_t i = 0; - std::size_t start_index = preprocessed_public_data.identity_polynomials.size() + + std::size_t start_index = preprocessed_public_data.identity_polynomials.size() + preprocessed_public_data.permutation_polynomials.size() + 2; for( i = 0; i < start_index; i++){ @@ -349,8 +360,8 @@ namespace nil { // For special selectors _commitment_scheme.append_eval_point(FIXED_VALUES_BATCH, start_index - 2, _proof.eval_proof.challenge * _omega); _commitment_scheme.append_eval_point(FIXED_VALUES_BATCH, start_index - 1, _proof.eval_proof.challenge * _omega); - - for (std::size_t ind = 0; + + for (std::size_t ind = 0; ind < constant_columns + preprocessed_public_data.public_polynomial_table.selectors().size(); ind++, i++ ) { @@ -359,8 +370,8 @@ namespace nil { for (int rotation: fixed_values_rotation) { _commitment_scheme.append_eval_point( - FIXED_VALUES_BATCH, - start_index + ind, + FIXED_VALUES_BATCH, + start_index + ind, _proof.eval_proof.challenge * _omega.pow(rotation) ); } @@ -369,7 +380,7 @@ namespace nil { std::vector> compute_evaluation_points_public() { std::vector> evaluation_points_public( - preprocessed_public_data.identity_polynomials.size() + + preprocessed_public_data.identity_polynomials.size() + preprocessed_public_data.permutation_polynomials.size(), _challenge_point); @@ -386,7 +397,7 @@ namespace nil { } evaluation_points_public.push_back(std::move(point)); } - + for (std::size_t k = 0, rotation_index = witness_columns + public_input_columns + constant_columns; k < preprocessed_public_data.public_polynomial_table.selectors().size(); k++, rotation_index++) { const std::set& rotations = preprocessed_public_data.common_data.columns_rotations[rotation_index]; @@ -411,7 +422,7 @@ namespace nil { const plonk_table_description &table_description; const plonk_constraint_system &constraint_system; const typename policy_type::variable_assignment_type &assignments; - + // Members created during proof generation. plonk_polynomial_dfs_table _polynomial_table; placeholder_proof _proof; diff --git a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp index 8ed232fef..5aca27fb0 100644 --- a/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp +++ b/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp @@ -74,7 +74,7 @@ namespace nil { auto _omega = preprocessed_public_data.common_data.basic_domain->get_domain_element(1); // variable_values' rotations - for (std::size_t variable_values_index = 0; + for (std::size_t variable_values_index = 0; variable_values_index < witness_columns + public_input_columns; variable_values_index++ ) { @@ -83,8 +83,8 @@ namespace nil { for (int rotation: variable_values_rotation) { _commitment_scheme.append_eval_point( - VARIABLE_VALUES_BATCH, - variable_values_index, + VARIABLE_VALUES_BATCH, + variable_values_index, challenge * _omega.pow(rotation) ); } @@ -104,7 +104,7 @@ namespace nil { // fixed values' rotations (table columns) std::size_t i = 0; - std::size_t start_index = preprocessed_public_data.identity_polynomials.size() + + std::size_t start_index = preprocessed_public_data.identity_polynomials.size() + preprocessed_public_data.permutation_polynomials.size() + 2; for( i = 0; i < start_index; i++){ @@ -114,7 +114,7 @@ namespace nil { _commitment_scheme.append_eval_point(FIXED_VALUES_BATCH, start_index - 2, challenge * _omega); _commitment_scheme.append_eval_point(FIXED_VALUES_BATCH, start_index - 1, challenge * _omega); - for (std::size_t ind = 0; + for (std::size_t ind = 0; ind < constant_columns + preprocessed_public_data.public_polynomial_table.selectors().size(); ind++, i++ ) { @@ -123,14 +123,14 @@ namespace nil { for (int rotation: fixed_values_rotation) { _commitment_scheme.append_eval_point( - FIXED_VALUES_BATCH, - start_index + ind, + FIXED_VALUES_BATCH, + start_index + ind, challenge * _omega.pow(rotation) ); } } } - + static inline bool process( const typename public_preprocessor_type::preprocessed_data_type &preprocessed_public_data, const placeholder_proof &proof, @@ -152,20 +152,20 @@ namespace nil { omega_pow = omega_pow * omega; } value *= numerator; - if( value != proof.eval_proof.eval_proof.z.get(VARIABLE_VALUES_BATCH, ParamsType::arithmetization_params::witness_columns + i, 0) ) + if( value != proof.eval_proof.eval_proof.z.get(VARIABLE_VALUES_BATCH, ParamsType::arithmetization_params::witness_columns + i, 0) ) return false; } return process(preprocessed_public_data, proof, constraint_system, commitment_scheme); } - + static inline bool process( const typename public_preprocessor_type::preprocessed_data_type &preprocessed_public_data, const placeholder_proof &proof, const plonk_constraint_system &constraint_system, commitment_scheme_type commitment_scheme - ) { + ) { // 1. Add circuit definition to transcript - // transcript(short_description); + // transcript(short_description); std::vector init_blob = {}; transcript::fiat_shamir_heuristic_sequential transcript(init_blob); transcript(preprocessed_public_data.common_data.vk.constraint_system_hash); @@ -200,7 +200,7 @@ namespace nil { std::array permutation_argument = placeholder_permutation_argument::verify_eval( preprocessed_public_data, proof.eval_proof.challenge, f, - proof.eval_proof.eval_proof.z.get(PERMUTATION_BATCH, 0, 0), + proof.eval_proof.eval_proof.z.get(PERMUTATION_BATCH, 0, 0), proof.eval_proof.eval_proof.z.get(PERMUTATION_BATCH, 0, 1), transcript ); @@ -218,7 +218,7 @@ namespace nil { ++j; } } - + for (std::size_t i = 0; i < 0 + public_input_columns; i++) { std::size_t i_global_index = witness_columns + i; @@ -267,7 +267,7 @@ namespace nil { FieldType, commitment_scheme_type, ParamsType >::verify_eval( - preprocessed_public_data, + preprocessed_public_data, constraint_system.lookup_gates(), constraint_system.lookup_tables(), proof.eval_proof.challenge, columns_at_y, @@ -281,8 +281,13 @@ namespace nil { // 7. gate argument std::array gate_argument = placeholder_gates_argument::verify_eval( - constraint_system.gates(), columns_at_y, proof.eval_proof.challenge, transcript); - + constraint_system.gates(), columns_at_y, proof.eval_proof.challenge, + FieldType::value_type::one() - + preprocessed_public_data.q_last.evaluate(proof.eval_proof.challenge) - + preprocessed_public_data.q_blind.evaluate(proof.eval_proof.challenge), + transcript + ); + std::array alphas = transcript.template challenges(); @@ -292,17 +297,17 @@ namespace nil { auto challenge = transcript.template challenge(); BOOST_ASSERT(challenge == proof.eval_proof.challenge); - commitment_scheme.set_batch_size(VARIABLE_VALUES_BATCH, proof.eval_proof.eval_proof.z.get_batch_size(VARIABLE_VALUES_BATCH)); - commitment_scheme.set_batch_size(PERMUTATION_BATCH, proof.eval_proof.eval_proof.z.get_batch_size(PERMUTATION_BATCH)); - commitment_scheme.set_batch_size(QUOTIENT_BATCH, proof.eval_proof.eval_proof.z.get_batch_size(QUOTIENT_BATCH)); + commitment_scheme.set_batch_size(VARIABLE_VALUES_BATCH, proof.eval_proof.eval_proof.z.get_batch_size(VARIABLE_VALUES_BATCH)); + commitment_scheme.set_batch_size(PERMUTATION_BATCH, proof.eval_proof.eval_proof.z.get_batch_size(PERMUTATION_BATCH)); + commitment_scheme.set_batch_size(QUOTIENT_BATCH, proof.eval_proof.eval_proof.z.get_batch_size(QUOTIENT_BATCH)); if(is_lookup_enabled) - commitment_scheme.set_batch_size(LOOKUP_BATCH, proof.eval_proof.eval_proof.z.get_batch_size(LOOKUP_BATCH)); + commitment_scheme.set_batch_size(LOOKUP_BATCH, proof.eval_proof.eval_proof.z.get_batch_size(LOOKUP_BATCH)); generate_evaluation_points(commitment_scheme, preprocessed_public_data, constraint_system, challenge, is_lookup_enabled); typename FieldType::value_type omega = preprocessed_public_data.common_data.basic_domain->get_domain_element(1); - std::map commitments = proof.commitments; + std::map commitments = proof.commitments; commitments[FIXED_VALUES_BATCH] = preprocessed_public_data.common_data.commitments.fixed_values; if (!commitment_scheme.verify_eval( proof.eval_proof.eval_proof, commitments, transcript )) { return false; @@ -324,15 +329,14 @@ namespace nil { F_consolidated = F_consolidated + alphas[i] * F[i]; } - // TODO: correct work with max_degree! typename FieldType::value_type T_consolidated = FieldType::value_type::zero(); for (std::size_t i = 0; i < proof.eval_proof.eval_proof.z.get_batch_size(QUOTIENT_BATCH); i++) { T_consolidated = T_consolidated + proof.eval_proof.eval_proof.z.get(QUOTIENT_BATCH, i, 0) * challenge.pow((preprocessed_public_data.common_data.rows_amount) * i); } -// + // Z is polynomial -1, 0 ...., 0, 1 - typename FieldType::value_type Z_at_challenge = preprocessed_public_data.common_data.Z.evaluate(challenge); + typename FieldType::value_type Z_at_challenge = preprocessed_public_data.common_data.Z.evaluate(challenge); if (F_consolidated != Z_at_challenge * T_consolidated) { return false; } From b51868a2640c26938d169789d960b775d705abf6 Mon Sep 17 00:00:00 2001 From: "e.tatuzova" Date: Mon, 23 Oct 2023 23:43:57 +0400 Subject: [PATCH 2/5] Padding rows >= usable_rows with random numbers #211 --- .../arithmetization/plonk/assignment.hpp | 21 +- .../snark/arithmetization/plonk/padding.hpp | 62 +++ test/systems/plonk/placeholder/circuits.hpp | 427 ++++++------------ .../systems/plonk/placeholder/performance.cpp | 87 ++-- .../systems/plonk/placeholder/placeholder.cpp | 205 ++++----- 5 files changed, 358 insertions(+), 444 deletions(-) diff --git a/include/nil/crypto3/zk/snark/arithmetization/plonk/assignment.hpp b/include/nil/crypto3/zk/snark/arithmetization/plonk/assignment.hpp index 1842dc5b3..bdc341190 100644 --- a/include/nil/crypto3/zk/snark/arithmetization/plonk/assignment.hpp +++ b/include/nil/crypto3/zk/snark/arithmetization/plonk/assignment.hpp @@ -84,7 +84,7 @@ namespace nil { const ColumnType& operator[](std::uint32_t index) const { if (index < ArithmetizationParams::witness_columns) return _witnesses[index]; - throw std::out_of_range("Public table index out of range."); + throw std::out_of_range("Public table index out of range."); } constexpr std::uint32_t size() const { @@ -98,6 +98,11 @@ namespace nil { friend std::uint32_t basic_padding( plonk_table &table); + friend std::uint32_t zk_padding( + plonk_table &table, + typename nil::crypto3::random::algebraic_engine alg_rnd + ); + friend struct nil::blueprint::assignment>; }; @@ -200,7 +205,7 @@ namespace nil { if (index < selectors_amount()) { return selector(index); } - throw std::out_of_range("Public table index out of range."); + throw std::out_of_range("Public table index out of range."); } constexpr std::uint32_t size() const { @@ -218,6 +223,11 @@ namespace nil { friend std::uint32_t basic_padding( plonk_table &table); + friend std::uint32_t zk_padding( + plonk_table &table, + typename nil::crypto3::random::algebraic_engine alg_rnd + ); + friend struct nil::blueprint::assignment>; }; @@ -292,7 +302,7 @@ namespace nil { index -= _private_table.size(); if (index < _public_table.size()) return _public_table[index]; - throw std::out_of_range("Private table index out of range."); + throw std::out_of_range("Private table index out of range."); } const private_table_type& private_table() const { @@ -371,6 +381,11 @@ namespace nil { friend std::uint32_t basic_padding( plonk_table &table); + + friend std::uint32_t zk_padding( + plonk_table &table, + typename nil::crypto3::random::algebraic_engine alg_rnd + ); }; template diff --git a/include/nil/crypto3/zk/snark/arithmetization/plonk/padding.hpp b/include/nil/crypto3/zk/snark/arithmetization/plonk/padding.hpp index 7dac40938..69e41ae49 100644 --- a/include/nil/crypto3/zk/snark/arithmetization/plonk/padding.hpp +++ b/include/nil/crypto3/zk/snark/arithmetization/plonk/padding.hpp @@ -76,6 +76,68 @@ namespace nil { return padded_rows_amount; } + + template + std::uint32_t zk_padding( + plonk_table &table, + typename nil::crypto3::random::algebraic_engine alg_rnd = nil::crypto3::random::algebraic_engine() + ) { + std::uint32_t usable_rows_amount = table.rows_amount(); + + std::uint32_t padded_rows_amount = std::pow(2, std::ceil(std::log2(usable_rows_amount))); + if (padded_rows_amount == usable_rows_amount) + padded_rows_amount *= 2; + + if (padded_rows_amount < 8) + padded_rows_amount = 8; + + //std::cout << "usable_rows_amount = " << usable_rows_amount << std::endl; + //std::cout << "padded_rows_amount = " << padded_rows_amount << std::endl; + + for (std::uint32_t w_index = 0; w_index < table._private_table.witnesses_amount(); w_index++) { + table._private_table._witnesses[w_index].resize(usable_rows_amount, FieldType::value_type::zero()); + } + + for (std::uint32_t pi_index = 0; pi_index < table._public_table.public_inputs_amount(); pi_index++) { + table._public_table._public_inputs[pi_index].resize(usable_rows_amount, FieldType::value_type::zero()); + } + + for (std::uint32_t c_index = 0; c_index < table._public_table.constants_amount(); c_index++) { + table._public_table._constants[c_index].resize(usable_rows_amount, FieldType::value_type::zero()); + } + + for (std::uint32_t s_index = 0; s_index < table._public_table.selectors_amount(); s_index++) { + table._public_table._selectors[s_index].resize(usable_rows_amount, FieldType::value_type::zero()); + } + + + for (std::uint32_t w_index = 0; w_index < table._private_table.witnesses_amount(); w_index++) { + table._private_table._witnesses[w_index].resize(padded_rows_amount); + for(std::size_t i = usable_rows_amount; i < padded_rows_amount; i++) { + table._private_table._witnesses[w_index][i] = alg_rnd(); + } + } + + for (std::uint32_t pi_index = 0; pi_index < table._public_table.public_inputs_amount(); pi_index++) { + table._public_table._public_inputs[pi_index].resize(padded_rows_amount, FieldType::value_type::zero()); + } + + for (std::uint32_t c_index = 0; c_index < table._public_table.constants_amount(); c_index++) { + table._public_table._constants[c_index].resize(padded_rows_amount); + for(std::size_t i = usable_rows_amount; i < padded_rows_amount; i++) { + table._public_table._constants[c_index][i] = alg_rnd(); + } + } + + for (std::uint32_t s_index = 0; s_index < table._public_table.selectors_amount(); s_index++) { + table._public_table._selectors[s_index].resize(padded_rows_amount); + for(std::size_t i = usable_rows_amount; i < padded_rows_amount; i++) { + table._public_table._selectors[s_index][i] = alg_rnd(); + } + } + + return padded_rows_amount; + } } // namespace snark } // namespace zk } // namespace crypto3 diff --git a/test/systems/plonk/placeholder/circuits.hpp b/test/systems/plonk/placeholder/circuits.hpp index 197954658..787748475 100644 --- a/test/systems/plonk/placeholder/circuits.hpp +++ b/test/systems/plonk/placeholder/circuits.hpp @@ -44,6 +44,7 @@ #include #include #include +#include #include #include #include @@ -53,7 +54,7 @@ namespace nil { namespace crypto3 { namespace zk { namespace snark { - template + template class circuit_description { typedef zk::snark::detail::placeholder_policy policy_type; @@ -61,12 +62,8 @@ namespace nil { constexpr static const std::size_t public_columns = ParamsType::public_input_columns; public: - const std::size_t table_rows = 1 << rows_log; - - std::shared_ptr> domain; - - typename FieldType::value_type omega; - typename FieldType::value_type delta; + std::size_t table_rows; + std::size_t usable_rows = usable_rows_amount; typename policy_type::variable_assignment_type table; @@ -76,10 +73,7 @@ namespace nil { std::vector> lookup_tables; - circuit_description() - : domain(math::make_evaluation_domain(table_rows)) - , omega(domain->get_domain_element(1)) - , delta(algebra::fields::arithmetic_params::multiplicative_generator) { + circuit_description() : table_rows(0){ } }; @@ -95,41 +89,40 @@ namespace nil { // ADD: x + y = z // MUL: x * y = z //---------------------------------------------------------------------------// - constexpr static const std::size_t witness_columns_1 = 3; - constexpr static const std::size_t public_columns_1 = 1; - constexpr static const std::size_t constant_columns_1 = 0; - constexpr static const std::size_t selector_columns_1 = 2; + const std::size_t witness_columns_1 = 3; + const std::size_t public_columns_1 = 1; + const std::size_t constant_columns_1 = 0; + const std::size_t selector_columns_1 = 2; + const std::size_t rows_amount_1 = 13; using arithmetization_params_1 = plonk_arithmetization_params; template - circuit_description, 4, 4> circuit_test_1( + circuit_description, rows_amount_1, 4> circuit_test_1( typename nil::crypto3::random::algebraic_engine alg_rnd = nil::crypto3::random::algebraic_engine(), boost::random::mt11213b rnd = boost::random::mt11213b() ) { using assignment_type = typename FieldType::value_type; - constexpr static const std::size_t rows_log = 4; + constexpr static const std::size_t usable_rows = 13; constexpr static const std::size_t permutation = 4; constexpr static const std::size_t witness_columns = witness_columns_1; constexpr static const std::size_t public_columns = public_columns_1; constexpr static const std::size_t constant_columns = constant_columns_1; constexpr static const std::size_t selector_columns = selector_columns_1; - constexpr static const std::size_t table_columns = + constexpr static const std::size_t table_columns = witness_columns + public_columns + constant_columns; typedef placeholder_circuit_params circuit_params; - - circuit_description test_circuit; - + circuit_description test_circuit; std::array, table_columns> table; - std::vector q_add(test_circuit.table_rows); - std::vector q_mul(test_circuit.table_rows); + std::vector q_add(test_circuit.usable_rows); + std::vector q_mul(test_circuit.usable_rows); for (std::size_t j = 0; j < table_columns; j++) { - table[j].resize(test_circuit.table_rows); + table[j].resize(test_circuit.usable_rows); } // init values @@ -142,7 +135,7 @@ namespace nil { q_mul[0] = FieldType::value_type::zero(); // fill rows with ADD gate - for (std::size_t i = 1; i < test_circuit.table_rows - 5; i++) { + for (std::size_t i = 1; i < test_circuit.usable_rows - 5; i++) { table[0][i] = alg_rnd(); table[1][i] = alg_rnd(); table[2][i] = table[0][i] + table[1][i]; @@ -150,15 +143,15 @@ namespace nil { q_add[i] = one; q_mul[i] = FieldType::value_type::zero(); - plonk_variable x(1, i, false, + plonk_variable x(1, i, false, plonk_variable::column_type::witness); - plonk_variable y(2, i - 1, false, + plonk_variable y(2, i - 1, false, plonk_variable::column_type::witness); //test_circuit.copy_constraints.push_back(plonk_copy_constraint(x, y)); } // fill rows with MUL gate - for (std::size_t i = test_circuit.table_rows - 5; i < test_circuit.table_rows - 3; i++) { + for (std::size_t i = test_circuit.table_rows - 5; i < test_circuit.table_rows; i++) { table[0][i] = alg_rnd(); table[1][i] = alg_rnd(); table[2][i] = table[0][i] * table[1][i]; @@ -166,9 +159,9 @@ namespace nil { q_add[i] = FieldType::value_type::zero(); q_mul[i] = one; - plonk_variable x(1, i, false, + plonk_variable x(1, i, false, plonk_variable::column_type::witness); - plonk_variable y(0, 0, false, + plonk_variable y(0, 0, false, plonk_variable::column_type::public_input); //test_circuit.copy_constraints.push_back(plonk_copy_constraint(x, y)); } @@ -193,7 +186,7 @@ namespace nil { plonk_public_assignment_table( public_input_assignment, constant_assignment, selectors_assignment)); -// test_circuit.init(); + test_circuit.table_rows = zk_padding>(test_circuit.table); plonk_variable w0(0, 0, true, plonk_variable::column_type::witness); plonk_variable w1(1, 0, true, plonk_variable::column_type::witness); @@ -210,7 +203,7 @@ namespace nil { plonk_constraint mul_constraint; typename plonk_constraint::term_type w0_term(w0); - typename plonk_constraint::term_type w1_term(w1); + typename plonk_constraint::term_type w1_term(w1); mul_constraint += w0_term * w1_term; mul_constraint -= w2; @@ -237,39 +230,38 @@ namespace nil { constexpr static const std::size_t public_columns_t = 1; constexpr static const std::size_t constant_columns_t = 0; constexpr static const std::size_t selector_columns_t = 2; + constexpr static const std::size_t usable_rows_t = 5; using arithmetization_params_t = plonk_arithmetization_params; template - circuit_description, 4, 4> + circuit_description, 5, 4> circuit_test_t( typename FieldType::value_type pi0 = 0, typename nil::crypto3::random::algebraic_engine alg_rnd = nil::crypto3::random::algebraic_engine(), - boost::random::mt11213b rnd = boost::random::mt11213b() + boost::random::mt11213b rnd = boost::random::mt11213b() ) { using assignment_type = typename FieldType::value_type; - constexpr static const std::size_t rows_log = 4; constexpr static const std::size_t permutation = 4; - constexpr static const std::size_t witness_columns = witness_columns_t; constexpr static const std::size_t public_columns = public_columns_t; constexpr static const std::size_t constant_columns = constant_columns_t; constexpr static const std::size_t selector_columns = selector_columns_t; - constexpr static const std::size_t table_columns = + constexpr static const std::size_t table_columns = witness_columns + public_columns + constant_columns; typedef placeholder_circuit_params circuit_params; - circuit_description test_circuit; + circuit_description test_circuit; std::array, table_columns> table; - std::vector q_add(test_circuit.table_rows); - std::vector q_mul(test_circuit.table_rows); + std::vector q_add(test_circuit.usable_rows); + std::vector q_mul(test_circuit.usable_rows); for (std::size_t j = 0; j < table_columns; j++) { - table[j].resize(test_circuit.table_rows); + table[j].resize(test_circuit.usable_rows); } // init values @@ -282,7 +274,7 @@ namespace nil { q_mul[0] = FieldType::value_type::zero(); // fill rows with ADD gate - for (std::size_t i = 1; i < test_circuit.table_rows - 5; i++) { + for (std::size_t i = 1; i < 3; i++) { table[0][i] = algebra::random_element(); table[1][i] = table[2][i - 1]; table[2][i] = table[0][i] + table[1][i]; @@ -290,15 +282,15 @@ namespace nil { q_add[i] = one; q_mul[i] = FieldType::value_type::zero(); - plonk_variable x(1, i, false, + plonk_variable x(1, i, false, plonk_variable::column_type::witness); - plonk_variable y(2, i - 1, false, + plonk_variable y(2, i - 1, false, plonk_variable::column_type::witness); test_circuit.copy_constraints.push_back(plonk_copy_constraint(x, y)); } // fill rows with MUL gate - for (std::size_t i = test_circuit.table_rows - 5; i < test_circuit.table_rows - 3; i++) { + for (std::size_t i = 3; i < 5; i++) { table[0][i] = algebra::random_element(); table[1][i] = table[3][0]; table[2][i] = table[0][i] * table[1][i] + table[0][i - 1]; @@ -306,9 +298,9 @@ namespace nil { q_add[i] = FieldType::value_type::zero(); q_mul[i] = one; - plonk_variable x(1, i, false, + plonk_variable x(1, i, false, plonk_variable::column_type::witness); - plonk_variable y(0, 0, false, + plonk_variable y(0, 0, false, plonk_variable::column_type::public_input); test_circuit.copy_constraints.push_back(plonk_copy_constraint(x, y)); } @@ -334,6 +326,7 @@ namespace nil { plonk_private_assignment_table(private_assignment), plonk_public_assignment_table( public_input_assignment, constant_assignment, selectors_assignment)); + test_circuit.table_rows = zk_padding>(test_circuit.table); plonk_variable w0(0, 0, true, plonk_variable::column_type::witness); @@ -355,14 +348,14 @@ namespace nil { plonk_constraint mul_constraint; typename plonk_constraint::term_type w0_term(w0); - typename plonk_constraint::term_type w1_term(w1); + typename plonk_constraint::term_type w1_term(w1); mul_constraint += w0_term * w1_term; mul_constraint -= w2; mul_constraint += w0_prev; std::vector> mul_gate_costraints {mul_constraint}; plonk_gate> mul_gate(1, mul_gate_costraints); - test_circuit.gates.push_back(mul_gate); + //test_circuit.gates.push_back(mul_gate); return test_circuit; } @@ -372,47 +365,48 @@ namespace nil { constexpr static const std::size_t public_columns_3 = 0; constexpr static const std::size_t constant_columns_3 = 3; constexpr static const std::size_t selector_columns_3 = 2; + constexpr static const std::size_t usable_rows_3 = 4; + constexpr static const std::size_t permutation_size_3 = 3; using arithmetization_params_3 = plonk_arithmetization_params; template - circuit_description, 3, 3> circuit_test_3( + circuit_description, usable_rows_3, permutation_size_3> circuit_test_3( typename nil::crypto3::random::algebraic_engine alg_rnd = nil::crypto3::random::algebraic_engine(), boost::random::mt11213b rnd = boost::random::mt11213b() ) { using assignment_type = typename FieldType::value_type; using field_type = typename FieldType::value_type; - constexpr static const std::size_t rows_log = 3; - constexpr static const std::size_t permutation = 3; - + constexpr static const std::size_t permutation = permutation_size_3; constexpr static const std::size_t witness_columns = witness_columns_3; constexpr static const std::size_t public_columns = public_columns_3; constexpr static const std::size_t constant_columns = constant_columns_3; constexpr static const std::size_t selector_columns = selector_columns_3; - constexpr static const std::size_t table_columns = + constexpr static const std::size_t table_columns = witness_columns + public_columns + constant_columns; + constexpr static const std::size_t usable_rows = usable_rows_3; typedef placeholder_circuit_params circuit_params; - circuit_description test_circuit; + circuit_description test_circuit; std::array, table_columns> table; for (std::size_t j = 0; j < table_columns; j++) { - table[j].resize(test_circuit.table_rows); + table[j].resize(test_circuit.usable_rows); } // lookup inputs typename FieldType::value_type one = FieldType::value_type::one(); typename FieldType::value_type zero = FieldType::value_type::zero(); - table[0] = {1, 0, 0, 0, 0, 0, 0, 0}; // Witness 1 - table[1] = {0, 0, 0, 0, 0, 0, 0, 0}; - table[2] = {0, 0, 0, 0, 0, 0, 0, 0}; + table[0] = {1, 0, 0, 0}; // Witness 1 + table[1] = {0, 0, 0, 0}; + table[2] = {0, 0, 0, 0}; - table[3] = {0, 1, 0, 1, 0, 0, 0, 0}; //Lookup values - table[4] = {0, 0, 1, 0, 0, 0, 0, 0}; //Lookup values - table[5] = {0, 1, 0, 0, 0, 0, 0, 0}; //Lookup values + table[3] = {0, 1, 0, 1}; //Lookup values + table[4] = {0, 0, 1, 0}; //Lookup values + table[5] = {0, 1, 0, 0}; //Lookup values std::array, witness_columns> private_assignment; for (std::size_t i = 0; i < witness_columns; i++) { @@ -425,17 +419,11 @@ namespace nil { std::array, constant_columns> constant_assignment; std::vector sel_lookup(test_circuit.table_rows); - sel_lookup[0] = one; - sel_lookup[1] = zero; - sel_lookup[2] = zero; - sel_lookup[3] = zero; + sel_lookup = {1, 0, 0, 0}; selectors_assignment[0] = sel_lookup; std::vector sel_lookup_table(test_circuit.table_rows); - sel_lookup_table[0] = zero; - sel_lookup_table[1] = one; - sel_lookup_table[2] = one; - sel_lookup_table[3] = one; + sel_lookup_table = {0, 1, 1, 1}; selectors_assignment[1] = sel_lookup_table; for (std::size_t i = 0; i < constant_columns; i++) { @@ -445,6 +433,7 @@ namespace nil { plonk_private_assignment_table(private_assignment), plonk_public_assignment_table( public_input_assignment, constant_assignment, selectors_assignment)); + test_circuit.table_rows = zk_padding(test_circuit.table); plonk_variable w0(0, 0, true, plonk_variable::column_type::witness); plonk_variable w1(1, 0, true, plonk_variable::column_type::witness); @@ -473,8 +462,8 @@ namespace nil { return test_circuit; } - // Binary multiplication. - // b_i -- random binaries, + // Binary multiplication. + // b_i -- random binaries, // r_i ordinary random numbers. // One gate: w1*w2 - w3 = 0 // ---------------------------------------------------------------------------------- @@ -499,7 +488,7 @@ namespace nil { circuit_description, 3, 3> circuit_test_4( typename nil::crypto3::random::algebraic_engine alg_rnd = nil::crypto3::random::algebraic_engine(), - boost::random::mt11213b rnd = boost::random::mt11213b() + boost::random::mt11213b rnd = boost::random::mt11213b() ) { using assignment_type = typename FieldType::value_type; @@ -510,7 +499,7 @@ namespace nil { constexpr static const std::size_t public_columns = public_columns_4; constexpr static const std::size_t constant_columns = constant_columns_4; constexpr static const std::size_t selector_columns = selector_columns_4; - constexpr static const std::size_t table_columns = + constexpr static const std::size_t table_columns = witness_columns + public_columns + constant_columns; typedef placeholder_circuit_params circuit_params; @@ -529,9 +518,9 @@ namespace nil { table[1] = {rnd() % 2, rnd() % 2, rnd(), rnd() % 2, rnd() % 2, 0, 0, 0};; table[2] = {table[0][0] * table[1][0], table[0][1] * table[1][1], table[0][2] * table[1][2], table[0][3] * table[1][3], table[0][4] * table[1][4], 0, 0, 0}; - + //lookup values - // Reserved zero row for unselected lookup input rows + // Reserved zero row for unselected lookup input rows table[3] = {0, 0, 0, 1, 1, 0, 0, 0}; table[4] = {0, 0, 1, 0, 1, 0, 0, 0}; table[5] = {0, 0, 0, 0, 1, 0, 0, 0}; @@ -576,7 +565,7 @@ namespace nil { plonk_constraint mul_constraint; typename plonk_constraint::term_type w0_term(w0); - typename plonk_constraint::term_type w1_term(w1); + typename plonk_constraint::term_type w1_term(w1); mul_constraint += w0_term * w1_term; mul_constraint -= w2; @@ -602,161 +591,14 @@ namespace nil { return test_circuit; } - - // Lookup complex test - // 1. Lookup gate with 4 constraints - // 1.1 w1 \in table 1 - // 1.2 w3 \in table1 - // 1.3 w1 \in table 2 - // 1.4 w1, w2, w3 \in table 3 - // 2. Lookup gate with 2 constraints - // 2.1 w2 \in table 1 - // 2.2 w2 \in table 2 - // --------------------------------------------------------------------------- - // | Table tag 0 | Table tag 1 | W1 | W2 | W3 | Lookup tag | L1 | L2 | L3 | - // --------------------------------------------------------------------------- - // | 1 | 1 | 1 | 2 | 123 | 0 | 0 | 0 | 0 | - // | 2 | 1 | 124| 2 | 3 | 1 | 1 | 0 | 0 | - // | 1 | 1 | 3 | 4 | 125 | 1 | 2 | 0 | 0 | - // | 2 | 1 | 127| 4 | 5 | 1 | 3 | 0 | 0 | - // | 1 | 2 | 5 | 6 | 128 | 1 | 4 | 0 | 0 | - // | 3 | 2 | 6 | 7 | 129 | 1 | 5 | 0 | 0 | - // | 3 | 2 | 7 | 8 | 130 | 2 | 6 | 0 | 0 | - // | 3 | 2 | 8 | 9 | 131 | 2 | 7 | 0 | 0 | - // | 3 | 2 | 9 | 10 | 132 | 2 | 8 | 0 | 0 | - // | 4 | 0 | 0 | 0 | 1 | 2 | 9 | 0 | 0 | - // | 4 | 0 | 0 | 1 | 0 | 2 | 10| 0 | 0 | - // | 4 | 0 | 1 | 0 | 0 | 3 | 0 | 0 | 1 | - // | 4 | 0 | 1 | 1 | 1 | 3 | 1 | 0 | 0 | - // | 0 | 0 | 0 | 0 | 128| 3 | 0 | 1 | 0 | - // | 0 | 0 | 0 | 0 | 129| 3 | 1 | 1 | 1 | - // | 0 | 0 | 0 | 0 | 130| 0 | 0 | 0 | 0 | - ///--------------------------------------------------------------------------- - constexpr static const std::size_t witness_columns_5= 3; - constexpr static const std::size_t public_columns_5 = 0; - constexpr static const std::size_t constant_columns_5 = 3; - constexpr static const std::size_t selector_columns_5 = 3; - - using arithmetization_params_5 = plonk_arithmetization_params; - - template - circuit_description, 4, 3> circuit_test_5() { - using assignment_type = typename FieldType::value_type; - - constexpr static const std::size_t rows_log = 4; - constexpr static const std::size_t permutation = 3; - - constexpr static const std::size_t witness_columns = witness_columns_5; - constexpr static const std::size_t public_columns = public_columns_5; - constexpr static const std::size_t constant_columns = constant_columns_5; - constexpr static const std::size_t selector_columns = selector_columns_5; - constexpr static const std::size_t table_columns = - witness_columns + public_columns + constant_columns + selector_columns; - - typedef placeholder_circuit_params circuit_params; - - circuit_description test_circuit; - - std::array, table_columns> table; - for (std::size_t j = 0; j < table_columns; j++) { - table[j].resize(test_circuit.table_rows); - } - - // lookup inputs - typename FieldType::value_type one = FieldType::value_type::one(); - typename FieldType::value_type zero = FieldType::value_type::zero(); - - // Witness - table[0] = { 1, 124, 3, 127, 5, 6, 7, 8, 9, 0, 0, 1, 1, 131, 133, 135}; // W0 - table[1] = { 2, 2, 4, 4, 6, 7, 8, 9, 10, 0, 1, 0, 1, 132, 134, 136}; // W1 - table[2] = {123, 3, 125, 5, 129, 130, 131, 132, 10, 1, 0, 0, 0, 128, 129, 130}; // W2 - - // Tags - table[3] = { 0, 1, 1, 1, 1, 1, 2, 2, 2, 2, 2, 3, 3, 3, 3, 0}; // Lookup table tag - table[4] = { 1, 2, 1, 2, 1, 3, 3, 3, 3, 4, 4, 4, 4, 0, 0, 136}; // Lookup tag1 - table[5] = { 1, 1, 1, 1, 2, 2, 2, 2, 2, 0, 0, 0, 0, 0, 0, 130}; // Lookup tag2 - - // Lookups - table[6] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 0, 0, 1, 1, 0}; // L1 - table[7] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 136}; // L2 - table[8] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 130}; // L3 - - std::array, witness_columns> private_assignment; - for (std::size_t i = 0; i < witness_columns; i++) { - private_assignment[i] = table[i]; - } - - - std::array, selector_columns> selectors_assignment; - std::array, public_columns> public_input_assignment = {}; - std::array, constant_columns> constant_assignment; - - for (std::size_t i = 0; i < selector_columns; i++) { - selectors_assignment[i] = table[witness_columns + i]; - } - - for (std::size_t i = 0; i < constant_columns; i++) { - constant_assignment[i] = table[witness_columns + selector_columns + i]; - } - - test_circuit.table = plonk_assignment_table( - plonk_private_assignment_table(private_assignment), - plonk_public_assignment_table( - public_input_assignment, constant_assignment, selectors_assignment)); - - plonk_variable w0(0, 0, true, - plonk_variable::column_type::witness); - plonk_variable w1(1, 0, true, - plonk_variable::column_type::witness); - plonk_variable w2(2, 0, true, - plonk_variable::column_type::witness); - - plonk_variable l0(0, 0, true, - plonk_variable::column_type::constant); - plonk_variable l1(1, 0, true, - plonk_variable::column_type::constant); - plonk_variable l2(2, 0, true, - plonk_variable::column_type::constant); - - std::vector> lookup_constraints0(4); - lookup_constraints0[0].lookup_input.push_back(typename plonk_constraint::term_type(w0)); - lookup_constraints0[0].table_id = 1; - lookup_constraints0[1].lookup_input.push_back(typename plonk_constraint::term_type(w2)); - lookup_constraints0[1].table_id = 1; - lookup_constraints0[2].lookup_input.push_back(typename plonk_constraint::term_type(w1)); - lookup_constraints0[2].table_id = 2; - lookup_constraints0[3].lookup_input.push_back(typename plonk_constraint::term_type(w0)); - lookup_constraints0[3].lookup_input.push_back(typename plonk_constraint::term_type(w1)); - lookup_constraints0[3].lookup_input.push_back(typename plonk_constraint::term_type(w2)); - lookup_constraints0[3].table_id = 3; - plonk_lookup_gate> lookup_gate0(1, lookup_constraints0); - - std::vector> lookup_constraints1(2); - lookup_constraints1[0].lookup_input.push_back(typename plonk_constraint::term_type(w1)); - lookup_constraints1[0].table_id = 1; - lookup_constraints1[1].lookup_input.push_back(typename plonk_constraint::term_type(w1)); - lookup_constraints1[1].table_id = 2; - plonk_lookup_gate> lookup_gate1(2, lookup_constraints1); - - test_circuit.lookup_gates.push_back(lookup_gate0); - test_circuit.lookup_gates.push_back(lookup_gate1); - - plonk_lookup_table lookup_table({l0, l1, l2}, 0); - test_circuit.lookup_table = lookup_table; - - return test_circuit; - } - //---------------------------------------------------------------------------// // Test fibonacci circuit - // i | GATE | w_0 | public | q_add | - // 0 | -- | f(0) | a | 0 | - // 1 | FIB | f(1) | b | 1 | - // ... | FIB | | 0 | 1 | - // k-2 | FIB | f(k-2) | 0 | 0 | - // k-1 | -- | f(k-1) | 0 | 0 | + // i | GATE | w_0 | public | q_add | + // 0 | -- | f(0) | a | 0 | + // 1 | FIB | f(1) | b | 1 | + // ... | FIB | | 0 | 1 | + // k-2 | FIB | f(k-2) | 0 | 0 | + // k-1 | -- | f(k-1) | 0 | 0 | // // public input is copy constrainted to f(0) and f(1) // FIB: w_0(i-1) + w_0(i) == w_0(i+1) @@ -769,8 +611,8 @@ namespace nil { using arithmetization_params_fib = plonk_arithmetization_params; - template - circuit_description, rows_log, 2> + template + circuit_description, usable_rows, 2> circuit_test_fib() { using assignment_type = typename FieldType::value_type; @@ -780,20 +622,19 @@ namespace nil { constexpr static const std::size_t public_columns = public_columns_fib; constexpr static const std::size_t constant_columns = constant_columns_fib; constexpr static const std::size_t selector_columns = selector_columns_fib; - constexpr static const std::size_t table_columns = + constexpr static const std::size_t table_columns = witness_columns + public_columns + selector_columns; typedef placeholder_circuit_params circuit_params; - circuit_description test_circuit; + circuit_description test_circuit; std::array, table_columns> table; - std::vector q_add(test_circuit.table_rows); - std::vector q_mul(test_circuit.table_rows); + std::vector q_add(test_circuit.usable_rows); + std::vector q_mul(test_circuit.usable_rows); for (std::size_t j = 0; j < table_columns; j++) { - table[j].resize(test_circuit.table_rows); + table[j].resize(test_circuit.usable_rows); } - // init values typename FieldType::value_type zero = FieldType::value_type::zero(); typename FieldType::value_type one = FieldType::value_type::one(); @@ -807,7 +648,7 @@ namespace nil { // selector table[2][0] = zero; - table[2][0] = one; + table[2][1] = one; plonk_variable x0(0, 0, false, plonk_variable::column_type::witness); plonk_variable x1(0, 1, false, plonk_variable::column_type::witness); @@ -817,15 +658,11 @@ namespace nil { // test_circuit.copy_constraints.push_back(plonk_copy_constraint(x0, p0)); // test_circuit.copy_constraints.push_back(plonk_copy_constraint(x1, p1)); - for (std::size_t i = 2; i < test_circuit.table_rows - 1; i++) { + for (std::size_t i = 2; i < test_circuit.usable_rows - 1; i++) { table[0][i] = table[0][i-2] + table[0][i-1]; table[1][i] = zero; - table[2][i] = one; + table[2][i-1] = one; } - table[2][test_circuit.table_rows - 4] = zero; - table[2][test_circuit.table_rows - 3] = zero; - table[2][test_circuit.table_rows - 2] = zero; - table[2][test_circuit.table_rows - 1] = zero; std::array, witness_columns> private_assignment; private_assignment[0] = table[0]; @@ -839,18 +676,20 @@ namespace nil { public_input_assignment[0] = table[1]; selectors_assignment[0] = table[2]; + test_circuit.table = plonk_assignment_table( plonk_private_assignment_table(private_assignment), plonk_public_assignment_table( public_input_assignment, constant_assignment, selectors_assignment)); + test_circuit.table_rows = zk_padding>(test_circuit.table); plonk_variable w0(0, -1, true, plonk_variable::column_type::witness); plonk_variable w1(0, 0, true, plonk_variable::column_type::witness); plonk_variable w2(0, 1, true, plonk_variable::column_type::witness); typename plonk_constraint::term_type w0_term(w0); - typename plonk_constraint::term_type w1_term(w1); - typename plonk_constraint::term_type w2_term(w2); + typename plonk_constraint::term_type w1_term(w1); + typename plonk_constraint::term_type w2_term(w2); plonk_constraint fib_constraint; fib_constraint += w0_term; @@ -860,7 +699,7 @@ namespace nil { std::vector> fib_costraints {fib_constraint}; plonk_gate> fib_gate(0, fib_costraints); test_circuit.gates.push_back(fib_gate); - + return test_circuit; } @@ -873,7 +712,7 @@ namespace nil { // Lookup gate2: // w1{-1} + w1 \in Table 2 // --------------------------------------------------------------------------------- - // | s1 | s2 | W1 | W2 | LT1 | L1 | L2 | L3 | + // | s1 | s2 | W1 | W2 | LT1 | L1 | L2 | L3 | // --------------------------------------------------------------------------------- // | 1 | 0 | r1 | 7 | 0 | 0 | 0 | 0 | -- reserved for unselected rows // | 1 | 1 | r2 | r1+r2 | 1 | 2 | 7 | 12 | -- reserved for unselected rows @@ -887,54 +726,55 @@ namespace nil { constexpr static const std::size_t public_columns_6 = 0; constexpr static const std::size_t constant_columns_6 = 3; constexpr static const std::size_t selector_columns_6 = 3; + constexpr static const std::size_t usable_rows_6 = 6; using arithmetization_params_6 = plonk_arithmetization_params; template circuit_description, 3, 3> circuit_test_6( + arithmetization_params_6>, usable_rows_6, 3> circuit_test_6( typename nil::crypto3::random::algebraic_engine alg_rnd = nil::crypto3::random::algebraic_engine(), boost::random::mt11213b rnd = boost::random::mt11213b() ) { using assignment_type = typename FieldType::value_type; - constexpr static const std::size_t rows_log = 3; constexpr static const std::size_t permutation = 3; constexpr static const std::size_t witness_columns = witness_columns_6; constexpr static const std::size_t public_columns = public_columns_6; constexpr static const std::size_t constant_columns = constant_columns_6; constexpr static const std::size_t selector_columns = selector_columns_6; - constexpr static const std::size_t table_columns = + constexpr static const std::size_t table_columns = witness_columns + public_columns + constant_columns + selector_columns; + constexpr static const std::size_t usable_rows = usable_rows_6; typedef placeholder_circuit_params circuit_params; - circuit_description test_circuit; + circuit_description test_circuit; std::array, table_columns> table; for (std::size_t j = 0; j < table_columns; j++) { - table[j].resize(test_circuit.table_rows); + table[j].resize(test_circuit.usable_rows); } // lookup inputs typename FieldType::value_type one = FieldType::value_type::one(); typename FieldType::value_type zero = FieldType::value_type::zero(); - table[0] = {rnd() % 5 + 2, rnd() % 5 + 2, rnd() % 5 + 2, rnd() % 5 + 2, rnd() % 5 + 2, rnd() % 5 + 2, 0, 0}; - table[1] = {7, table[0][0] + table[0][1], table[0][1] + table[0][2], table[0][2] + table[0][3], table[0][3] + table[0][4], table[0][4] + table[0][5], 0, 0};; + table[0] = {rnd() % 5 + 2, rnd() % 5 + 2, rnd() % 5 + 2, rnd() % 5 + 2, rnd() % 5 + 2, rnd() % 5 + 2}; + table[1] = {7, table[0][0] + table[0][1], table[0][1] + table[0][2], table[0][2] + table[0][3], table[0][3] + table[0][4], table[0][4] + table[0][5]}; + - // selectors - // Reserved zero row for unselected lookup input rows - table[2] = {0, 1, 1, 1, 1, 1, 0, 0}; // LT1 - table[3] = {1, 1, 1, 1, 1, 1, 0, 0}; // For the first lookup gate - table[4] = {0, 1, 1, 1, 1, 1, 0, 0}; // For the second lookup gate + // Reserved zero row for unselected lookup input rows + table[2] = {0, 1, 1, 1, 1, 1}; // LT1 + table[3] = {1, 1, 1, 1, 1, 1}; // For the first lookup gate + table[4] = {0, 1, 1, 1, 1, 1}; // For the second lookup gate // Lookup values - table[5] = {0, 2, 3, 4, 5, 6, 0, 0}; // L1 - table[6] = {0, 7, 8, 9, 10, 11, 0, 0}; // L2 - table[7] = {0, 12, 12, 12, 12, 12, 0, 0}; // L3 + table[5] = {0, 2, 3, 4, 5, 6}; // L1 + table[6] = {0, 7, 8, 9, 10, 11}; // L2 + table[7] = {0, 12, 12, 12, 12, 12}; // L3 std::array, witness_columns> private_assignment; for (std::size_t i = 0; i < witness_columns; i++) { @@ -956,6 +796,7 @@ namespace nil { plonk_private_assignment_table(private_assignment), plonk_public_assignment_table( public_input_assignment, constant_assignment, selectors_assignment)); + test_circuit.table_rows = zk_padding(test_circuit.table); plonk_variable w0( 0, 0, true, plonk_variable::column_type::witness); plonk_variable w0_1(0,-1, true, plonk_variable::column_type::witness); @@ -1017,54 +858,54 @@ namespace nil { // | s0 | s1 | s2 | s3 | W1 | W2 | LT1 | LT2 | L1 | L2 | L3 | L4 | L5 | L6 | L7 // ---------------------------------------------------------------------------------------- // | 1 | 1 | 0 | 0 | 1 | 2^w1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 -- reserved for unselected rows - // | 1 | 1 | 0 | 1 | 2 | 2^w1 | 1 | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 + // | 1 | 1 | 0 | 1 | 2 | 2^w1 | 1 | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 // | 1 | 1 | 0 | 1 | 3 | 2^w1 | 1 | 0 | 0 | 2 | 3 | 4 | 5 | 6 | 7 // | 1 | 1 | 1 | 1 | 4 | 2^w1 | 1 | 0 | 0 | 1 | 3 | 4 | 5 | 6 | 7 -- unselected for lookups // | 1 | 1 | 1 | 1 | 5 | 2^w1 | 1 | 0 | 0 | 1 | 2 | 4 | 5 | 6 | 7 // | 1 | 1 | 1 | 1 | 6 | 2^w1 | 1 | 0 | 0 | 1 | 2 | 3 | 4 | 6 | 7 // | 1 | 0 | 1 | 1 | 7 | 2^w1 | 1 | 0 | 0 | 1 | 2 | 3 | 4 | 5 | 7 // | 1 | 0 | 1 | 1 | 0 | 2^w1 | 1 | 0 | 0 | 1 | 2 | 3 | 4 | 5 | 6 - // | 1 | 0 | 1 | 1 | 1 | 2^w1 | 0 | 1 | 0 | 1 | 6 | 64| 1 | 64 |4096 - // | 1 | 0 | 1 | 1 | 2 | 2^w1 | 0 | 1 | 1 | 2 | 7 | 128| 2 |128 |8192 - // | 1 | 0 | 1 | 1 | 3 | 2^w1 | 0 | 1 | 2 | 4 | 7 | 128| 4 |256 |16384 - // | 1 | 0 | 0 | 1 | 4 | 2^w1 | 0 | 1 | 3 | 8 | 7 | 128| 8 |512 |16384 - // | 1 | 0 | 0 | 1 | 5 | 2^w1 | 0 | 1 | 4 | 16 | 7 | 128| 16 |1024|16384 - // | 1 | 0 | 0 | 1 | 6 | 2^w1 | 0 | 1 | 5 | 32 | 7 | 128| 32 |2048|16384 + // | 1 | 0 | 1 | 1 | 1 | 2^w1 | 0 | 1 | 0 | 1 | 6 | 64| 1 | 64 |4096 + // | 1 | 0 | 1 | 1 | 2 | 2^w1 | 0 | 1 | 1 | 2 | 7 | 128| 2 |128 |8192 + // | 1 | 0 | 1 | 1 | 3 | 2^w1 | 0 | 1 | 2 | 4 | 7 | 128| 4 |256 |16384 + // | 1 | 0 | 0 | 1 | 4 | 2^w1 | 0 | 1 | 3 | 8 | 7 | 128| 8 |512 |16384 + // | 1 | 0 | 0 | 1 | 5 | 2^w1 | 0 | 1 | 4 | 16 | 7 | 128| 16 |1024|16384 + // | 1 | 0 | 0 | 1 | 6 | 2^w1 | 0 | 1 | 5 | 32 | 7 | 128| 32 |2048|16384 // --------------------------------------------------------------------------------- - constexpr static const std::size_t witness_columns_7= 2; constexpr static const std::size_t public_columns_7 = 0; constexpr static const std::size_t constant_columns_7 = 7; constexpr static const std::size_t selector_columns_7 = 6; + constexpr static const std::size_t usable_rows_7 = 14; using arithmetization_params_7 = plonk_arithmetization_params; template circuit_description, 4, 3> circuit_test_7( + arithmetization_params_7>, usable_rows_7, 3> circuit_test_7( typename nil::crypto3::random::algebraic_engine alg_rnd = nil::crypto3::random::algebraic_engine(), boost::random::mt11213b rnd = boost::random::mt11213b() ) { using assignment_type = typename FieldType::value_type; - constexpr static const std::size_t rows_log = 4; constexpr static const std::size_t permutation = 3; constexpr static const std::size_t witness_columns = witness_columns_7; constexpr static const std::size_t public_columns = public_columns_7; constexpr static const std::size_t constant_columns = constant_columns_7; constexpr static const std::size_t selector_columns = selector_columns_7; - constexpr static const std::size_t table_columns = + constexpr static const std::size_t table_columns = witness_columns + public_columns + constant_columns + selector_columns; + constexpr static const std::size_t usable_rows = usable_rows_7; typedef placeholder_circuit_params circuit_params; - circuit_description test_circuit; + circuit_description test_circuit; std::array, table_columns> table; for (std::size_t j = 0; j < table_columns; j++) { - table[j].resize(test_circuit.table_rows); + table[j].resize(test_circuit.usable_rows); } // lookup inputs @@ -1086,24 +927,24 @@ namespace nil { } // selectors - // Reserved zero row for unselected lookup input rows + // Reserved zero row for unselected lookup input rows std::array, selector_columns> selectors_assignment; - selectors_assignment[0] = {0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 0, 0 }; // Selector for single gate - selectors_assignment[1] = {0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0 }; // Selector lookup gate with multiple rotations - selectors_assignment[2] = {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0 }; // Selector for gate w1 = 2^w0 - selectors_assignment[3] = {0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0 }; // Selector for gate w1_{-1} * w1 \in Table 3 - selectors_assignment[4] = {0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0 }; // Selector for lookup tables 2, 3 - selectors_assignment[5] = {0, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0 }; // Selector for lookup table with 7 columns + selectors_assignment[0] = {0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1 }; // Selector for single gate + selectors_assignment[1] = {0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0 }; // Selector lookup gate with multiple rotations + selectors_assignment[2] = {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 }; // Selector for gate w1 = 2^w0 + selectors_assignment[3] = {0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 }; // Selector for gate w1_{-1} * w1 \in Table 3 + selectors_assignment[4] = {0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1 }; // Selector for lookup tables 2, 3 + selectors_assignment[5] = {0, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0 }; // Selector for lookup table with 7 columns // Lookup values std::array, constant_columns> constant_assignment; - constant_assignment[0] = {0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 2, 3, 4, 5, 0, 0 }; // Lookup tables - constant_assignment[1] = {0, 2, 2, 1, 1, 1, 1, 1, 1, 2, 4, 8, 16, 32, 0, 0 }; // Lookup tables - constant_assignment[2] = {0, 3, 3, 3, 2, 2, 2, 2, 6, 7, 7, 7, 7, 7, 0, 0 }; // Lookup tables - constant_assignment[3] = {0, 4, 4, 4, 4, 3, 3, 3, 64, 128, 128, 128, 128, 128, 0, 0 }; // Lookup tables - constant_assignment[4] = {0, 5, 5, 5, 5, 5, 4, 4, 1, 2, 4, 8, 16, 32, 0, 0 }; // Lookup tables - constant_assignment[5] = {0, 6, 6, 6, 6, 6, 6, 5, 64, 128, 256, 512, 1024, 2048, 0, 0 }; // Lookup tables - constant_assignment[6] = {0, 7, 7, 7, 7, 7, 7, 7,4096,8192,16384,16384,16384,16384, 0, 0 }; // Lookup tables + constant_assignment[0] = {0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 2, 3, 4, 5 }; // Lookup tables + constant_assignment[1] = {0, 2, 2, 1, 1, 1, 1, 1, 1, 2, 4, 8, 16, 32 }; // Lookup tables + constant_assignment[2] = {0, 3, 3, 3, 2, 2, 2, 2, 6, 7, 7, 7, 7, 7 }; // Lookup tables + constant_assignment[3] = {0, 4, 4, 4, 4, 3, 3, 3, 64, 128, 128, 128, 128, 128 }; // Lookup tables + constant_assignment[4] = {0, 5, 5, 5, 5, 5, 4, 4, 1, 2, 4, 8, 16, 32 }; // Lookup tables + constant_assignment[5] = {0, 6, 6, 6, 6, 6, 6, 5, 64, 128, 256, 512, 1024, 2048 }; // Lookup tables + constant_assignment[6] = {0, 7, 7, 7, 7, 7, 7, 7,4096,8192,16384,16384,16384,16384 }; // Lookup tables std::array, witness_columns> private_assignment; for (std::size_t i = 0; i < witness_columns; i++) { @@ -1117,6 +958,7 @@ namespace nil { plonk_private_assignment_table(private_assignment), plonk_public_assignment_table( public_input_assignment, constant_assignment, selectors_assignment)); + test_circuit.table_rows = zk_padding(test_circuit.table); plonk_variable w0( 0, 0, true, plonk_variable::column_type::witness); plonk_variable w0__7(0,-7, true, plonk_variable::column_type::witness); @@ -1165,7 +1007,7 @@ namespace nil { plonk_variable w1__1( 1, -1, true, plonk_variable::column_type::witness); plonk_lookup_constraint lookup_constraint3; typename plonk_constraint::term_type w1__1_term(w1__1); - typename plonk_constraint::term_type w1_term(w1); + typename plonk_constraint::term_type w1_term(w1); lookup_constraint3.lookup_input = {w1__1_term* w1_term}; lookup_constraint3.table_id = 3; @@ -1195,5 +1037,4 @@ namespace nil { } // namespace crypto3 } // namespace nil - #endif // CRYPTO3_ZK_TEST_PLONK_CIRCUITS_HPP diff --git a/test/systems/plonk/placeholder/performance.cpp b/test/systems/plonk/placeholder/performance.cpp index 385fb0aff..6a4a1cce8 100644 --- a/test/systems/plonk/placeholder/performance.cpp +++ b/test/systems/plonk/placeholder/performance.cpp @@ -116,19 +116,19 @@ class placeholder_performance_test_base { static typename fri_type::params_type create_fri_params(std::size_t degree_log, const int max_step = 1) { typename fri_type::params_type params; math::polynomial q = {0, 0, 1}; - + constexpr std::size_t expand_factor = 7; - + std::size_t r = degree_log - 1; - + std::vector>> domain_set = math::calculate_domain_set(degree_log + expand_factor, r); - + params.r = r; params.D = domain_set; params.max_degree = (1 << degree_log) - 1; params.step_list = generate_random_step_list(r, max_step); - + return params; } }; @@ -139,7 +139,7 @@ class placeholder_performance_test : public placeholder_performance_test_base { // using curve_type = algebra::curves::bls12<381>; using curve_type = algebra::curves::pallas; using field_type = typename curve_type::base_field_type; - + using hash_type = hashes::keccak_1600<256>; static constexpr std::size_t m = 2; @@ -150,12 +150,12 @@ class placeholder_performance_test : public placeholder_performance_test_base { static constexpr std::size_t ConstantColumns = 5; static constexpr std::size_t SelectorColumns = 35; - using lpc_params_type = commitments::list_polynomial_commitment_params< + using lpc_params_type = commitments::list_polynomial_commitment_params< hash_type, hash_type, lambda, m, true /* use grinding */>; using arithmetization_params_type = zk::snark::plonk_arithmetization_params< WitnessColumns, PublicInputColumns, ConstantColumns, SelectorColumns>; - + using lpc_type = commitments::list_polynomial_commitment; using lpc_scheme_type = typename commitments::lpc_commitment_scheme; using circuit_params_type = placeholder_circuit_params; @@ -178,41 +178,41 @@ class placeholder_performance_test : public placeholder_performance_test_base { void run_placeholder_perf_test(std::string test_name, std::string circuit_file_path, std::string assignment_table_file_path) { - + std::cout << std::endl << "Running '" << test_name << "' performance test" << std::endl; - + load_circuit(circuit_file_path); load_assignment_table(assignment_table_file_path); compute_columns_rotations(); - + std::size_t table_rows_log = std::ceil(std::log2(table_description.rows_amount)); - typename lpc_type::fri_type::params_type fri_params = + typename lpc_type::fri_type::params_type fri_params = create_fri_params(table_rows_log); - std::size_t permutation_size = table_description.witness_columns + + std::size_t permutation_size = table_description.witness_columns + table_description.public_input_columns + table_description.constant_columns; std::cout << "table_rows_log = " << table_rows_log << std::endl; - + lpc_scheme_type lpc_scheme(fri_params); transcript_type lpc_transcript; - + auto lpc_preprocessed_public_data = placeholder_public_preprocessor::process( constraint_system, assignments.public_table(), table_description, lpc_scheme, permutation_size ); std::cout << "max_gates_degree = " << lpc_preprocessed_public_data.common_data.max_gates_degree << std::endl; - + auto lpc_preprocessed_private_data = placeholder_private_preprocessor::process( constraint_system, assignments.private_table(), table_description ); - + auto lpc_proof = placeholder_prover::process( lpc_preprocessed_public_data, lpc_preprocessed_private_data, table_description, constraint_system, assignments, lpc_scheme ); - + bool verifier_res = placeholder_verifier::process( lpc_preprocessed_public_data, lpc_proof, constraint_system, lpc_scheme ); @@ -227,7 +227,7 @@ class placeholder_performance_test : public placeholder_performance_test_base { char c; char c1; uint8_t b; - + ifile >> c; if (c != '0') return false; @@ -248,16 +248,16 @@ class placeholder_performance_test : public placeholder_performance_test_base { } return true; } - + void load_assignment_table(std::string assignment_file_path) { std::ifstream iassignment; iassignment.open(assignment_file_path); - BOOST_CHECK(iassignment); + BOOST_CHECK(iassignment); std::vector v; - BOOST_CHECK(read_buffer_from_file(iassignment, v)); - + BOOST_CHECK(read_buffer_from_file(iassignment, v)); + iassignment.close(); assignment_table_marshalling_type marshalled_data; @@ -265,19 +265,19 @@ class placeholder_performance_test : public placeholder_performance_test_base { auto status = marshalled_data.read(read_iter, v.size()); std::tie(table_description.usable_rows_amount, assignments) = marshalling::types::make_assignment_table(marshalled_data); - + table_description.rows_amount = assignments.rows_amount(); } - + void load_circuit(std::string circuit_file_path) { std::ifstream ifile; ifile.open(circuit_file_path); - BOOST_CHECK(ifile.is_open()); + BOOST_CHECK(ifile.is_open()); std::vector v; - BOOST_CHECK(read_buffer_from_file(ifile, v)); + BOOST_CHECK(read_buffer_from_file(ifile, v)); ifile.close(); - + circuit_marshalling_type marshalled_data; auto read_iter = v.begin(); auto status = marshalled_data.read(read_iter, v.size()); @@ -287,7 +287,7 @@ class placeholder_performance_test : public placeholder_performance_test_base { void compute_columns_rotations() { using variable_type = typename zk::snark::plonk_variable; - + for (const auto& gate: constraint_system.gates()) { for (const auto& constraint: gate.constraints) { math::expression_for_each_variable_visitor visitor( @@ -300,7 +300,7 @@ class placeholder_performance_test : public placeholder_performance_test_base { visitor.visit(constraint); } } - + // TODO update for lookups //for (const auto& gate: constraint_system.lookup_gates()) { // for (const auto& constraint: gate.constraints) { @@ -372,7 +372,7 @@ struct placeholder_fibonacci_params { }; using circuit_fib_params = placeholder_circuit_params< - field_type, + field_type, typename placeholder_fibonacci_params::arithmetization_params >; @@ -381,10 +381,10 @@ constexpr static const std::size_t table_columns = using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; -using lpc_params_type = commitments::list_polynomial_commitment_params< +using lpc_params_type = commitments::list_polynomial_commitment_params< typename placeholder_fibonacci_params::merkle_hash_type, - typename placeholder_fibonacci_params::transcript_hash_type, - placeholder_fibonacci_params::lambda, + typename placeholder_fibonacci_params::transcript_hash_type, + placeholder_fibonacci_params::lambda, placeholder_fibonacci_params::m >; @@ -393,18 +393,19 @@ using lpc_scheme_type = typename commitments::lpc_commitment_scheme; using lpc_placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; using policy_type = zk::snark::detail::placeholder_policy; -BOOST_FIXTURE_TEST_CASE(placeholder_large_fibonacci_test, placeholder_performance_test_base) { - constexpr std::size_t rows_log = 10; - std::cout << std::endl << "Fibonacci test rows_log = "<< rows_log << std::endl; +const std::size_t rows_amount = 987; - auto circuit = circuit_test_fib(); - typename lpc_type::fri_type::params_type fri_params = - create_fri_params(rows_log); +BOOST_FIXTURE_TEST_CASE(placeholder_large_fibonacci_test, placeholder_performance_test_base) { + auto circuit = circuit_test_fib(); plonk_table_description desc; - desc.rows_amount = 1 << rows_log; - desc.usable_rows_amount = desc.rows_amount - 3; + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(desc.rows_amount); + + typename lpc_type::fri_type::params_type fri_params = + create_fri_params(table_rows_log); typename policy_type::constraint_system_type constraint_system( circuit.gates, circuit.copy_constraints, circuit.lookup_gates); @@ -425,7 +426,7 @@ BOOST_FIXTURE_TEST_CASE(placeholder_large_fibonacci_test, placeholder_performanc ); auto lpc_proof = placeholder_prover::process( - lpc_preprocessed_public_data, lpc_preprocessed_private_data, desc, + lpc_preprocessed_public_data, lpc_preprocessed_private_data, desc, constraint_system, assignments, lpc_scheme ); diff --git a/test/systems/plonk/placeholder/placeholder.cpp b/test/systems/plonk/placeholder/placeholder.cpp index 69a16be50..6c008f5d2 100644 --- a/test/systems/plonk/placeholder/placeholder.cpp +++ b/test/systems/plonk/placeholder/placeholder.cpp @@ -228,13 +228,9 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit1) using field_type = typename curve_type::base_field_type; using merkle_hash_type = hashes::keccak_1600<512>; using transcript_hash_type = hashes::keccak_1600<512>; - constexpr static const std::size_t table_rows_log = 4; struct placeholder_test_params { - constexpr static const std::size_t table_rows = 1 << table_rows_log; - constexpr static const std::size_t permutation_size = 4; - constexpr static const std::size_t usable_rows = (1 << table_rows_log) - 3; - + constexpr static const std::size_t usable_rows = 13; constexpr static const std::size_t witness_columns = witness_columns_1; constexpr static const std::size_t public_input_columns = public_columns_1; @@ -250,10 +246,10 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit1) typedef placeholder_circuit_params circuit_params; using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; - using lpc_params_type = commitments::list_polynomial_commitment_params< + using lpc_params_type = commitments::list_polynomial_commitment_params< merkle_hash_type, - transcript_hash_type, - placeholder_test_params::lambda, + transcript_hash_type, + placeholder_test_params::lambda, placeholder_test_params::m >; @@ -267,8 +263,9 @@ BOOST_FIXTURE_TEST_CASE(prover_test, test_initializer) { plonk_table_description desc; - desc.rows_amount = placeholder_test_params::table_rows; - desc.usable_rows_amount = placeholder_test_params::usable_rows; + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(desc.rows_amount); typename policy_type::constraint_system_type constraint_system(circuit.gates, circuit.copy_constraints, circuit.lookup_gates); typename policy_type::variable_assignment_type assignments = circuit.table; @@ -303,11 +300,6 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit2) using curve_type = algebra::curves::bls12<381>; using field_type = typename curve_type::scalar_field_type; - constexpr static const std::size_t table_rows_log = 4; - constexpr static const std::size_t table_rows = 1 << table_rows_log; - constexpr static const std::size_t permutation_size = 4; - constexpr static const std::size_t usable_rows = (1 << table_rows_log) - 3; - struct placeholder_test_params { using merkle_hash_type = hashes::keccak_1600<512>; using transcript_hash_type = hashes::keccak_1600<512>; @@ -324,7 +316,7 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit2) constexpr static const std::size_t m = 2; }; using circuit_t_params = placeholder_circuit_params< - field_type, + field_type, typename placeholder_test_params::arithmetization_params >; @@ -335,10 +327,10 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit2) using placeholder_params_type = nil::crypto3::zk::snark::placeholder_params; using policy_type = zk::snark::detail::placeholder_policy; - using lpc_params_type = commitments::list_polynomial_commitment_params< + using lpc_params_type = commitments::list_polynomial_commitment_params< typename placeholder_test_params::merkle_hash_type, - typename placeholder_test_params::transcript_hash_type, - placeholder_test_params::lambda, + typename placeholder_test_params::transcript_hash_type, + placeholder_test_params::lambda, placeholder_test_params::m >; @@ -355,8 +347,9 @@ BOOST_FIXTURE_TEST_CASE(prover_test, test_initializer){ auto circuit = circuit_test_t(pi0, test_global_alg_rnd_engine); plonk_table_description desc; - desc.rows_amount = table_rows; - desc.usable_rows_amount = usable_rows; + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(desc.rows_amount); typename policy_type::constraint_system_type constraint_system(circuit.gates, circuit.copy_constraints, circuit.lookup_gates); typename policy_type::variable_assignment_type assignments = circuit.table; @@ -406,7 +399,7 @@ BOOST_FIXTURE_TEST_CASE(prover_test, test_initializer){ public_input = {{{pi0, 1}}}; verifier_res = placeholder_verifier::process( preprocessed_public_data, proof, constraint_system, commitment_scheme, public_input - ); + ); BOOST_CHECK(!verifier_res); // LPC commitment scheme @@ -457,16 +450,16 @@ BOOST_FIXTURE_TEST_CASE(prover_test, test_initializer){ BOOST_CHECK(verifier_res); } - BOOST_AUTO_TEST_CASE(permutation_polynomials_test) { - constexpr std::size_t argument_size = 3; + constexpr std::size_t argument_size = 4; - auto circuit = circuit_test_t(); + typename field_type::value_type pi0 = test_global_alg_rnd_engine(); + auto circuit = circuit_test_t(pi0, test_global_alg_rnd_engine); plonk_table_description desc; - - desc.rows_amount = table_rows; - desc.usable_rows_amount = usable_rows; + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(desc.rows_amount); typename policy_type::constraint_system_type constraint_system(circuit.gates, circuit.copy_constraints, circuit.lookup_gates); @@ -495,7 +488,7 @@ BOOST_AUTO_TEST_CASE(permutation_polynomials_test) { std::shared_ptr> domain = lpc_preprocessed_public_data.common_data.basic_domain; typename field_type::value_type id_res = field_type::value_type::one(); typename field_type::value_type sigma_res = field_type::value_type::one(); - for (std::size_t i = 0; i < table_rows; i++) { + for (std::size_t i = 0; i < desc.rows_amount; i++) { for (auto &identity_polynomial : lpc_preprocessed_public_data.identity_polynomials) { id_res = id_res * identity_polynomial.evaluate(domain->get_domain_element(i)); } @@ -512,7 +505,7 @@ BOOST_AUTO_TEST_CASE(permutation_polynomials_test) { id_res = field_type::value_type::one(); sigma_res = field_type::value_type::one(); - for (std::size_t i = 0; i < table_rows; i++) { + for (std::size_t i = 0; i < desc.rows_amount; i++) { for (std::size_t j = 0; j < lpc_preprocessed_public_data.identity_polynomials.size(); j++) { id_res = id_res * (polynomial_table[j].evaluate(domain->get_domain_element(i)) + @@ -555,16 +548,17 @@ BOOST_AUTO_TEST_CASE(placeholder_split_polynomial_test) { BOOST_AUTO_TEST_CASE(permutation_argument_test) { auto circuit = circuit_test_t(); - constexpr std::size_t argument_size = 3; + plonk_table_description desc; + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(desc.rows_amount); + + const std::size_t argument_size = 3; + const std::size_t permutation_size = 4; auto fri_params = create_fri_params(table_rows_log); lpc_scheme_type lpc_scheme(fri_params); - plonk_table_description desc; - - desc.rows_amount = table_rows; - desc.usable_rows_amount = usable_rows; - typename policy_type::constraint_system_type constraint_system(circuit.gates, circuit.copy_constraints, circuit.lookup_gates); typename policy_type::variable_assignment_type assignments = circuit.table; @@ -575,7 +569,7 @@ BOOST_AUTO_TEST_CASE(permutation_argument_test) { typename placeholder_public_preprocessor::preprocessed_data_type preprocessed_public_data = placeholder_public_preprocessor::process( - constraint_system, assignments.public_table(), desc, lpc_scheme, columns_with_copy_constraints.size() + constraint_system, assignments.public_table(), desc, lpc_scheme, permutation_size ); typename placeholder_private_preprocessor::preprocessed_data_type @@ -602,11 +596,13 @@ BOOST_AUTO_TEST_CASE(permutation_argument_test) { f_at_y[i] = polynomial_table[i].evaluate(y); } + auto omega = preprocessed_public_data.common_data.basic_domain->get_domain_element(1); + typename field_type::value_type v_p_at_y = prover_res.permutation_polynomial_dfs.evaluate(y); - typename field_type::value_type v_p_at_y_shifted = prover_res.permutation_polynomial_dfs.evaluate(circuit.omega * y); + typename field_type::value_type v_p_at_y_shifted = prover_res.permutation_polynomial_dfs.evaluate(omega * y); auto permutation_commitment = lpc_scheme.commit(PERMUTATION_BATCH); - std::array verifier_res = + std::array verifier_res = placeholder_permutation_argument::verify_eval( preprocessed_public_data, y, f_at_y, v_p_at_y, v_p_at_y_shifted, verifier_transcript ); @@ -618,8 +614,11 @@ BOOST_AUTO_TEST_CASE(permutation_argument_test) { for (int i = 0; i < argument_size; i++) { BOOST_CHECK(prover_res.F_dfs[i].evaluate(y) == verifier_res[i]); for (std::size_t j = 0; j < desc.rows_amount; j++) { - BOOST_CHECK( - prover_res.F_dfs[i].evaluate(preprocessed_public_data.common_data.basic_domain->get_domain_element(j)) == field_type::value_type::zero()); + if(prover_res.F_dfs[i].evaluate(preprocessed_public_data.common_data.basic_domain->get_domain_element(j)) != 0){ + BOOST_CHECK( + prover_res.F_dfs[i].evaluate(preprocessed_public_data.common_data.basic_domain->get_domain_element(j)) == field_type::value_type::zero() + ); + } } } } @@ -652,10 +651,10 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit3) using circuit_params = placeholder_circuit_params; using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; - using lpc_params_type = commitments::list_polynomial_commitment_params< + using lpc_params_type = commitments::list_polynomial_commitment_params< typename placeholder_test_params::merkle_hash_type, - typename placeholder_test_params::transcript_hash_type, - placeholder_test_params::lambda, + typename placeholder_test_params::transcript_hash_type, + placeholder_test_params::lambda, placeholder_test_params::m, true >; @@ -674,8 +673,8 @@ BOOST_FIXTURE_TEST_CASE(prover_test, test_initializer) { desc.usable_rows_amount = usable_rows; typename policy_type::constraint_system_type constraint_system( - circuit.gates, - circuit.copy_constraints, + circuit.gates, + circuit.copy_constraints, circuit.lookup_gates, circuit.lookup_tables ); @@ -685,7 +684,7 @@ BOOST_FIXTURE_TEST_CASE(prover_test, test_initializer) { lpc_scheme_type lpc_scheme(fri_params); std::vector columns_with_copy_constraints = {0, 1, 2, 3}; - + typename placeholder_public_preprocessor::preprocessed_data_type preprocessed_public_data = placeholder_public_preprocessor::process( constraint_system, assignments.public_table(), desc, lpc_scheme, columns_with_copy_constraints.size()); @@ -712,8 +711,8 @@ BOOST_AUTO_TEST_CASE(lookup_test) { desc.usable_rows_amount = usable_rows; typename policy_type::constraint_system_type constraint_system( - circuit.gates, - circuit.copy_constraints, + circuit.gates, + circuit.copy_constraints, circuit.lookup_gates, circuit.lookup_tables ); @@ -745,6 +744,7 @@ BOOST_AUTO_TEST_CASE(lookup_test) { placeholder_lookup_argument::prove_eval( constraint_system, preprocessed_public_data, polynomial_table, lpc_scheme, prover_transcript ); + auto omega = preprocessed_public_data.common_data.basic_domain->get_domain_element(1); // Challenge phase typename field_type::value_type y = algebra::random_element(); @@ -755,7 +755,7 @@ BOOST_AUTO_TEST_CASE(lookup_test) { for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { auto key = std::make_tuple(i, rotation, plonk_variable::column_type::witness); - columns_at_y[key] = polynomial_table.witness(i).evaluate(y * circuit.omega.pow(rotation)); + columns_at_y[key] = polynomial_table.witness(i).evaluate(y * omega.pow(rotation)); } } @@ -767,7 +767,7 @@ BOOST_AUTO_TEST_CASE(lookup_test) { for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { auto key = std::make_tuple(i, rotation, plonk_variable::column_type::constant); - columns_at_y[key] = polynomial_table.constant(i).evaluate(y * circuit.omega.pow(rotation)); + columns_at_y[key] = polynomial_table.constant(i).evaluate(y * omega.pow(rotation)); } } @@ -780,34 +780,34 @@ BOOST_AUTO_TEST_CASE(lookup_test) { for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { auto key = std::make_tuple(i, rotation, plonk_variable::column_type::selector); - columns_at_y[key] = polynomial_table.selector(i).evaluate(y * circuit.omega.pow(rotation)); + columns_at_y[key] = polynomial_table.selector(i).evaluate(y * omega.pow(rotation)); } } lpc_scheme.append_eval_point(LOOKUP_BATCH, y); - lpc_scheme.append_eval_point(LOOKUP_BATCH, y * circuit.omega); - lpc_scheme.append_eval_point(LOOKUP_BATCH, y * circuit.omega.pow(usable_rows)); + lpc_scheme.append_eval_point(LOOKUP_BATCH, y * omega); + lpc_scheme.append_eval_point(LOOKUP_BATCH, y * omega.pow(usable_rows)); lpc_scheme.commit(PERMUTATION_BATCH); lpc_scheme.append_eval_point(PERMUTATION_BATCH, y); - lpc_scheme.append_eval_point(PERMUTATION_BATCH, y * circuit.omega); + lpc_scheme.append_eval_point(PERMUTATION_BATCH, y * omega); transcript_type transcript; auto lpc_proof = lpc_scheme.proof_eval(transcript); // Prepare sorted and V_L values - + auto special_selectors = (field_type::value_type::one() - (preprocessed_public_data.q_last.evaluate(y) + preprocessed_public_data.q_blind.evaluate(y))); auto half = prover_res.F_dfs[2].evaluate(y) * special_selectors.inversed(); - std::array verifier_res = + std::array verifier_res = placeholder_lookup_argument::verify_eval( - preprocessed_public_data, - constraint_system.lookup_gates(), - constraint_system.lookup_tables(), + preprocessed_public_data, + constraint_system.lookup_gates(), + constraint_system.lookup_tables(), y, columns_at_y, lpc_proof.z.get(LOOKUP_BATCH), lpc_proof.z.get(PERMUTATION_BATCH, 0), - prover_res.lookup_commitment, + prover_res.lookup_commitment, verifier_transcript ); @@ -816,7 +816,7 @@ BOOST_AUTO_TEST_CASE(lookup_test) { BOOST_CHECK(verifier_next_challenge == prover_next_challenge); for (int i = 0; i < argument_size; i++) { - BOOST_CHECK(prover_res.F_dfs[i].evaluate(y) == verifier_res[i]); + BOOST_CHECK(prover_res.F_dfs[i].evaluate(y) == verifier_res[i]); for (std::size_t j = 0; j < desc.rows_amount; j++) { if(prover_res.F_dfs[i].evaluate(preprocessed_public_data.common_data.basic_domain->get_domain_element(j)) != field_type::value_type::zero()){ std::cout << "!["<< i << "][" << j << "]" << std::endl; @@ -828,7 +828,6 @@ BOOST_AUTO_TEST_CASE(lookup_test) { } BOOST_AUTO_TEST_SUITE_END() - BOOST_AUTO_TEST_SUITE(placeholder_circuit4) using curve_type = algebra::curves::pallas; using field_type = typename curve_type::base_field_type; @@ -856,10 +855,10 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit4) using circuit_params = placeholder_circuit_params; using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; - using lpc_params_type = commitments::list_polynomial_commitment_params< + using lpc_params_type = commitments::list_polynomial_commitment_params< typename placeholder_test_params::merkle_hash_type, - typename placeholder_test_params::transcript_hash_type, - placeholder_test_params::lambda, + typename placeholder_test_params::transcript_hash_type, + placeholder_test_params::lambda, placeholder_test_params::m, true >; @@ -878,8 +877,8 @@ BOOST_FIXTURE_TEST_CASE(prover_test, test_initializer) { desc.usable_rows_amount = usable_rows; typename policy_type::constraint_system_type constraint_system( - circuit.gates, - circuit.copy_constraints, + circuit.gates, + circuit.copy_constraints, circuit.lookup_gates, circuit.lookup_tables ); @@ -916,8 +915,8 @@ BOOST_AUTO_TEST_CASE(lookup_test) { desc.usable_rows_amount = usable_rows; typename policy_type::constraint_system_type constraint_system( - circuit.gates, - circuit.copy_constraints, + circuit.gates, + circuit.copy_constraints, circuit.lookup_gates, circuit.lookup_tables ); @@ -951,6 +950,7 @@ BOOST_AUTO_TEST_CASE(lookup_test) { ); // Challenge phase + auto omega = preprocessed_public_data.common_data.basic_domain->get_domain_element(1); typename field_type::value_type y = algebra::random_element(); typename policy_type::evaluation_map columns_at_y; for (std::size_t i = 0; i < placeholder_test_params::witness_columns; i++) { @@ -959,7 +959,7 @@ BOOST_AUTO_TEST_CASE(lookup_test) { for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { auto key = std::make_tuple(i, rotation, plonk_variable::column_type::witness); - columns_at_y[key] = polynomial_table.witness(i).evaluate(y * circuit.omega.pow(rotation)); + columns_at_y[key] = polynomial_table.witness(i).evaluate(y * omega.pow(rotation)); } } @@ -971,10 +971,11 @@ BOOST_AUTO_TEST_CASE(lookup_test) { for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { auto key = std::make_tuple(i, rotation, plonk_variable::column_type::constant); - columns_at_y[key] = polynomial_table.constant(i).evaluate(y * circuit.omega.pow(rotation)); + columns_at_y[key] = polynomial_table.constant(i).evaluate(y * omega.pow(rotation)); } } + for (std::size_t i = 0; i < placeholder_test_params::selector_columns; i++) { std::size_t i_global_index = placeholder_test_params::witness_columns + @@ -984,33 +985,33 @@ BOOST_AUTO_TEST_CASE(lookup_test) { for (int rotation : preprocessed_public_data.common_data.columns_rotations[i_global_index]) { auto key = std::make_tuple(i, rotation, plonk_variable::column_type::selector); - columns_at_y[key] = polynomial_table.selector(i).evaluate(y * circuit.omega.pow(rotation)); + columns_at_y[key] = polynomial_table.selector(i).evaluate(y * omega.pow(rotation)); } } lpc_scheme.append_eval_point(LOOKUP_BATCH, y); - lpc_scheme.append_eval_point(LOOKUP_BATCH, y * circuit.omega); - lpc_scheme.append_eval_point(LOOKUP_BATCH, y * circuit.omega.pow(usable_rows)); + lpc_scheme.append_eval_point(LOOKUP_BATCH, y * omega); + lpc_scheme.append_eval_point(LOOKUP_BATCH, y * omega.pow(usable_rows)); lpc_scheme.commit(PERMUTATION_BATCH); lpc_scheme.append_eval_point(PERMUTATION_BATCH, y); - lpc_scheme.append_eval_point(PERMUTATION_BATCH, y * circuit.omega); + lpc_scheme.append_eval_point(PERMUTATION_BATCH, y * omega); auto lpc_proof = lpc_scheme.proof_eval(transcript); // Prepare sorted, V_L and V_S values. - + auto special_selectors = (field_type::value_type::one() - (preprocessed_public_data.q_last.evaluate(y) + preprocessed_public_data.q_blind.evaluate(y))); auto half = prover_res.F_dfs[2].evaluate(y) * special_selectors.inversed(); - std::array verifier_res = + std::array verifier_res = placeholder_lookup_argument::verify_eval( - preprocessed_public_data, - constraint_system.lookup_gates(), - constraint_system.lookup_tables(), + preprocessed_public_data, + constraint_system.lookup_gates(), + constraint_system.lookup_tables(), y, columns_at_y, lpc_proof.z.get(LOOKUP_BATCH), lpc_proof.z.get(PERMUTATION_BATCH, 0), - prover_res.lookup_commitment, + prover_res.lookup_commitment, verifier_transcript ); @@ -1019,7 +1020,7 @@ BOOST_AUTO_TEST_CASE(lookup_test) { BOOST_CHECK(verifier_next_challenge == prover_next_challenge); for (int i = 0; i < argument_size; i++) { - BOOST_CHECK(prover_res.F_dfs[i].evaluate(y) == verifier_res[i]); + BOOST_CHECK(prover_res.F_dfs[i].evaluate(y) == verifier_res[i]); for (std::size_t j = 0; j < desc.rows_amount; j++) { if(prover_res.F_dfs[i].evaluate(preprocessed_public_data.common_data.basic_domain->get_domain_element(j)) != field_type::value_type::zero()){ std::cout << "!["<< i << "][" << j << "]" << std::endl; @@ -1035,11 +1036,6 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit6) using curve_type = algebra::curves::pallas; using field_type = typename curve_type::base_field_type; - constexpr static const std::size_t table_rows_log = 3; - constexpr static const std::size_t table_rows = 1 << table_rows_log; - constexpr static const std::size_t permutation_size = 3; - constexpr static const std::size_t usable_rows = 6; - struct placeholder_test_params { using merkle_hash_type = hashes::keccak_1600<512>; using transcript_hash_type = hashes::keccak_1600<512>; @@ -1058,10 +1054,10 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit6) using circuit_params = placeholder_circuit_params; using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; - using lpc_params_type = commitments::list_polynomial_commitment_params< + using lpc_params_type = commitments::list_polynomial_commitment_params< typename placeholder_test_params::merkle_hash_type, - typename placeholder_test_params::transcript_hash_type, - placeholder_test_params::lambda, + typename placeholder_test_params::transcript_hash_type, + placeholder_test_params::lambda, placeholder_test_params::m, true >; @@ -1076,12 +1072,13 @@ BOOST_FIXTURE_TEST_CASE(prover_test, test_initializer) { plonk_table_description desc; - desc.rows_amount = table_rows; - desc.usable_rows_amount = usable_rows; + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(circuit.table_rows); typename policy_type::constraint_system_type constraint_system( - circuit.gates, - circuit.copy_constraints, + circuit.gates, + circuit.copy_constraints, circuit.lookup_gates, circuit.lookup_tables ); @@ -1114,10 +1111,7 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit7) using curve_type = algebra::curves::pallas; using field_type = typename curve_type::base_field_type; - constexpr static const std::size_t table_rows_log = 4; - constexpr static const std::size_t table_rows = 1 << table_rows_log; constexpr static const std::size_t permutation_size = 3; - constexpr static const std::size_t usable_rows = 14; struct placeholder_test_params { using merkle_hash_type = hashes::keccak_1600<512>; @@ -1137,10 +1131,10 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit7) using circuit_params = placeholder_circuit_params; using transcript_type = typename transcript::fiat_shamir_heuristic_sequential; - using lpc_params_type = commitments::list_polynomial_commitment_params< + using lpc_params_type = commitments::list_polynomial_commitment_params< typename placeholder_test_params::merkle_hash_type, - typename placeholder_test_params::transcript_hash_type, - placeholder_test_params::lambda, + typename placeholder_test_params::transcript_hash_type, + placeholder_test_params::lambda, placeholder_test_params::m, true >; @@ -1154,12 +1148,13 @@ BOOST_FIXTURE_TEST_CASE(prover_test, test_initializer) { auto circuit = circuit_test_7(test_global_alg_rnd_engine, test_global_rnd_engine); plonk_table_description desc; - desc.rows_amount = table_rows; - desc.usable_rows_amount = usable_rows; + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(circuit.table_rows); typename policy_type::constraint_system_type constraint_system( - circuit.gates, - circuit.copy_constraints, + circuit.gates, + circuit.copy_constraints, circuit.lookup_gates, circuit.lookup_tables ); From 3f9a4de4d8685a2775f94400c725e4087c15ccbe Mon Sep 17 00:00:00 2001 From: "e.tatuzova" Date: Tue, 24 Oct 2023 00:08:29 +0400 Subject: [PATCH 3/5] Derandomize placeholder_placeholder_test #211 --- test/systems/plonk/placeholder/circuits.hpp | 16 +++++++++------- test/systems/plonk/placeholder/placeholder.cpp | 4 ++-- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/test/systems/plonk/placeholder/circuits.hpp b/test/systems/plonk/placeholder/circuits.hpp index 787748475..dcd2c2c26 100644 --- a/test/systems/plonk/placeholder/circuits.hpp +++ b/test/systems/plonk/placeholder/circuits.hpp @@ -186,7 +186,7 @@ namespace nil { plonk_public_assignment_table( public_input_assignment, constant_assignment, selectors_assignment)); - test_circuit.table_rows = zk_padding>(test_circuit.table); + test_circuit.table_rows = zk_padding>(test_circuit.table, alg_rnd); plonk_variable w0(0, 0, true, plonk_variable::column_type::witness); plonk_variable w1(1, 0, true, plonk_variable::column_type::witness); @@ -326,7 +326,7 @@ namespace nil { plonk_private_assignment_table(private_assignment), plonk_public_assignment_table( public_input_assignment, constant_assignment, selectors_assignment)); - test_circuit.table_rows = zk_padding>(test_circuit.table); + test_circuit.table_rows = zk_padding>(test_circuit.table, alg_rnd); plonk_variable w0(0, 0, true, plonk_variable::column_type::witness); @@ -433,7 +433,7 @@ namespace nil { plonk_private_assignment_table(private_assignment), plonk_public_assignment_table( public_input_assignment, constant_assignment, selectors_assignment)); - test_circuit.table_rows = zk_padding(test_circuit.table); + test_circuit.table_rows = zk_padding(test_circuit.table, alg_rnd); plonk_variable w0(0, 0, true, plonk_variable::column_type::witness); plonk_variable w1(1, 0, true, plonk_variable::column_type::witness); @@ -613,7 +613,9 @@ namespace nil { template circuit_description, usable_rows, 2> - circuit_test_fib() { + circuit_test_fib( + typename nil::crypto3::random::algebraic_engine alg_rnd = nil::crypto3::random::algebraic_engine() + ) { using assignment_type = typename FieldType::value_type; constexpr static const std::size_t permutation = 2; @@ -681,7 +683,7 @@ namespace nil { plonk_private_assignment_table(private_assignment), plonk_public_assignment_table( public_input_assignment, constant_assignment, selectors_assignment)); - test_circuit.table_rows = zk_padding>(test_circuit.table); + test_circuit.table_rows = zk_padding>(test_circuit.table, alg_rnd); plonk_variable w0(0, -1, true, plonk_variable::column_type::witness); plonk_variable w1(0, 0, true, plonk_variable::column_type::witness); @@ -796,7 +798,7 @@ namespace nil { plonk_private_assignment_table(private_assignment), plonk_public_assignment_table( public_input_assignment, constant_assignment, selectors_assignment)); - test_circuit.table_rows = zk_padding(test_circuit.table); + test_circuit.table_rows = zk_padding(test_circuit.table, alg_rnd); plonk_variable w0( 0, 0, true, plonk_variable::column_type::witness); plonk_variable w0_1(0,-1, true, plonk_variable::column_type::witness); @@ -958,7 +960,7 @@ namespace nil { plonk_private_assignment_table(private_assignment), plonk_public_assignment_table( public_input_assignment, constant_assignment, selectors_assignment)); - test_circuit.table_rows = zk_padding(test_circuit.table); + test_circuit.table_rows = zk_padding(test_circuit.table, alg_rnd); plonk_variable w0( 0, 0, true, plonk_variable::column_type::witness); plonk_variable w0__7(0,-7, true, plonk_variable::column_type::witness); diff --git a/test/systems/plonk/placeholder/placeholder.cpp b/test/systems/plonk/placeholder/placeholder.cpp index 6c008f5d2..17a2f8ba8 100644 --- a/test/systems/plonk/placeholder/placeholder.cpp +++ b/test/systems/plonk/placeholder/placeholder.cpp @@ -665,7 +665,7 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit3) using policy_type = zk::snark::detail::placeholder_policy; BOOST_FIXTURE_TEST_CASE(prover_test, test_initializer) { - auto circuit = circuit_test_3(); + auto circuit = circuit_test_3(test_global_alg_rnd_engine); plonk_table_description desc; @@ -1068,7 +1068,7 @@ BOOST_AUTO_TEST_SUITE(placeholder_circuit6) using policy_type = zk::snark::detail::placeholder_policy; BOOST_FIXTURE_TEST_CASE(prover_test, test_initializer) { - auto circuit = circuit_test_6(); + auto circuit = circuit_test_6(test_global_alg_rnd_engine); plonk_table_description desc; From 5f9cd979ab6fba76d921c31e9c333496dfa90d88 Mon Sep 17 00:00:00 2001 From: "e.tatuzova" Date: Tue, 24 Oct 2023 00:20:40 +0400 Subject: [PATCH 4/5] crypto3_zk_systems_plonk_plonk_constraint_test updated #211 --- test/systems/plonk/plonk_constraint.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/systems/plonk/plonk_constraint.cpp b/test/systems/plonk/plonk_constraint.cpp index a82f4ceac..19da5e8cc 100644 --- a/test/systems/plonk/plonk_constraint.cpp +++ b/test/systems/plonk/plonk_constraint.cpp @@ -38,6 +38,8 @@ #include #include +#include + #include #include #include From 9afd8e9df894a0d47235d66bcbd6c609e79e52b9 Mon Sep 17 00:00:00 2001 From: "e.tatuzova" Date: Tue, 24 Oct 2023 10:25:46 +0400 Subject: [PATCH 5/5] Add some includes #211 --- include/nil/crypto3/zk/snark/arithmetization/plonk/padding.hpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/nil/crypto3/zk/snark/arithmetization/plonk/padding.hpp b/include/nil/crypto3/zk/snark/arithmetization/plonk/padding.hpp index 69e41ae49..f5e8697bf 100644 --- a/include/nil/crypto3/zk/snark/arithmetization/plonk/padding.hpp +++ b/include/nil/crypto3/zk/snark/arithmetization/plonk/padding.hpp @@ -26,6 +26,9 @@ #ifndef CRYPTO3_ZK_PLONK_PADDING_HPP #define CRYPTO3_ZK_PLONK_PADDING_HPP +#include +#include + namespace nil { namespace crypto3 { namespace zk {