Implementing command compute-combined-Q for aggregated FRI.

NilFoundation · Sep 16, 2024 · 978d402 · 978d402
1 parent 0d2e6a1
commit 978d402
Show file tree

Hide file tree

Showing 7 changed files with 496 additions and 134 deletions.
diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/commitments/polynomial/lpc.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/commitments/polynomial/lpc.hpp
@@ -269,7 +269,8 @@ namespace nil {
                         return fri_proof;
                     }
 
-                    /** \brief 
+                    /** \brief Computes polynomial combined_Q. In case this function changes, 
+                               the function 'compute_theta_power_for_combined_Q' below should be changed accordingly. 
                      *  \param theta The value of challenge. When called from aggregated FRI, this values is sent from
                                 the "main prover" machine.
                      *  \param starting_power When aggregated FRI is used, the value is not zero, it's the total degree of all
@@ -350,6 +351,35 @@ namespace nil {
                         return combined_Q;
                     }
 
+                    // Computes and returns the maximal power of theta used to compute the value of Combined_Q.
+                    std::size_t compute_theta_power_for_combined_Q() const {
+                        std::size_t theta_power = 0;
+                        this->build_points_map();
+
+                        auto points = this->get_unique_points();
+
+                        for (auto const &point: points) {
+                            for (std::size_t i: this->_z.get_batches()) {
+                                for (std::size_t j = 0; j < this->_z.get_batch_size(i); j++) {
+                                    auto iter = this->_points_map[i][j].find(point);
+                                    if (iter == this->_points_map[i][j].end())
+                                        continue;
+
+                                    theta_power++;
+                                }
+                            }
+                        }
+
+                        for (std::size_t i: this->_z.get_batches()) {
+                            if (!_batch_fixed[i])
+                                continue;
+
+                            theta_power += this->_z.get_batch_size(i);
+                        }
+
+                        return theta_power;
+                    }
+
                     bool verify_eval(
                         const proof_type &proof,
                         const std::map<std::size_t, commitment_type> &commitments,

diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/proof.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/proof.hpp
@@ -141,7 +141,7 @@ namespace nil {
 
                     // This vector contains N partial proofs, one per prover.
                     std::vector<placeholder_partial_proof<FieldType, ParamsType>> partial_proofs;
-                    typename commitment_type::aggregated_proof_type aggregated_proof;
+                    typename commitment_scheme_type::aggregated_proof_type aggregated_proof;
                 };
             }    // namespace snark
         }        // namespace zk

diff --git a/proof-producer/README.md b/proof-producer/README.md
@@ -39,21 +39,39 @@ proof-generator --circuit <circuit-file> --assignment <assignment-file> --proof
 ```
 
 # Building from source
-1. Install dependencies:
-    ```
-    sudo apt-get install \
-        build-essential \
-        libsctp-dev \
-        libssl-dev \
-        libicu-dev \
-        lsb-release \
-        gnutls-dev \
-        pkg-config
-    ```
-
-2. Build with CMake:
-    ```mkdir build
-    cd build
-    cmake ..
-    make -j $(nrpoc)
-    ```
+
+# Sample calls to proof-producer
+
+In all the calls you can change the executable name from proof-producer-single-threaded to proof-producer-multi-threaded to run on all the CPUs of your machine.
+
+Generate a proof and verify it:
+```bash
+./build/bin/proof-producer/proof-producer-single-threaded --circuit="circuit.crct" --assignment-table="assignment.tbl" --proof="proof.bin" -q 10
+```
+
+Making a call to preprocessor:
+
+```bash
+./build/bin/proof-producer/proof-producer-single-threaded --stage="preprocess" --circuit="circuit.crct" --assignment-table="assignment.tbl" --common-data="preprocessed_common_data.dat" --preprocessed-data="preprocessed.dat" --commitment-state-file="commitment_state.dat" --assignment-description-file="assignment-description.dat" -q 10
+```
+
+Making a call to prover:
+
+```bash
+./build/bin/proof-producer/proof-producer-single-threaded --stage="prove" --circuit="circuit.crct" --assignment-table="assignment.tbl" --common-data="preprocessed_common_data.dat" --preprocessed-data="preprocessed.dat" --commitment-state-file="commitment_state.dat" --proof="proof.bin" -q 10
+```
+
+Verify generated proof:
+```bash
+./build/bin/proof-producer/proof-producer-single-threaded --stage="verify" --circuit="circuit.crct" --common-data="preprocessed_common_data.dat" --proof="proof.bin" --assignment-description-file="assignment-description.dat" -q 10
+```
+
+Aggregate challenges, done once on the main prover
+```bash
+./build/bin/proof-producer/proof-producer-single-threaded --stage="generate-aggregated-challenge" --input-challenge-files challenge1.dat challenge2.dat --aggregated-challenge-file="aggregated_challenge.dat"
+```
+
+Compute polynomial combined_Q, done on each prover
+```bash
+./build/bin/proof-producer/proof-producer-single-threaded --stage="generate-combined-Q" --aggregated-challenge-file="aggregated_challenge.dat" --combined-Q-starting-power=0  --commitment-state-file="commitment_state.dat" --combined-Q-polynomial-file="combined-Q.dat"
+```
diff --git a/proof-producer/bin/proof-producer/include/nil/proof-generator/arg_parser.hpp b/proof-producer/bin/proof-producer/include/nil/proof-generator/arg_parser.hpp
@@ -34,14 +34,22 @@ namespace nil {
             typename tuple_to_variant<typename transform_tuple<HashTypes, to_type_identity>::type>::type;
 
         struct ProverOptions {
+            std::string stage = "all";
             boost::filesystem::path proof_file_path = "proof.bin";
             boost::filesystem::path json_file_path = "proof.json";
             boost::filesystem::path preprocessed_common_data_path = "preprocessed_common_data.dat";
+            boost::filesystem::path preprocessed_public_data_path = "preprocessed_data.dat";
+            boost::filesystem::path commitment_scheme_state_path = "commitment_scheme_state.dat";
             boost::filesystem::path circuit_file_path;
             boost::filesystem::path assignment_table_file_path;
+            boost::filesystem::path assignment_description_file_path;
+            std::vector<boost::filesystem::path> input_challenge_files;
+            boost::filesystem::path aggregated_challenge_file = "aggregated_challenge.dat";
+
+            boost::filesystem::path combined_Q_polynomial_file = "combined_Q.dat";
+            std::size_t combined_Q_starting_power;
+
             boost::log::trivial::severity_level log_level = boost::log::trivial::severity_level::info;
-            bool skip_verification = false;
-            bool verification_only = false;
             CurvesVariant elliptic_curve_type = type_identity<nil::crypto3::algebra::curves::pallas>{};
             HashesVariant hash_type = type_identity<nil::crypto3::hashes::keccak_1600<256>>{};