dFRI now compiles, but has a few Todos.

NilFoundation · Feb 27, 2025 · b879431 · b879431
1 parent 8d66b4f
commit b879431
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 27 deletions.
diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/dFRI_verifier.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/dFRI_verifier.hpp
@@ -51,20 +51,20 @@ namespace nil {
                     using transcript_hash_type = typename ParamsType::transcript_hash_type;
                     using policy_type = detail::placeholder_policy<FieldType, ParamsType>;
                     using public_preprocessor_type = placeholder_public_preprocessor<FieldType, ParamsType>;
-
+                    using common_data_type = typename public_preprocessor_type::preprocessed_data_type::common_data_type;
                     using commitment_scheme_type = typename ParamsType::commitment_scheme_type;
                     using commitment_type = typename commitment_scheme_type::commitment_type;
                     using transcript_type = typename commitment_scheme_type::transcript_type;
 
                 public:
 
                    static inline bool process(
-                            const std::vector<typename public_preprocessor_type::preprocessed_data_type::common_data_type> &common_datas,
+                            const std::vector<common_data_type> &common_datas,
                             const placeholder_aggregated_proof<FieldType, ParamsType> &agg_proof,
                             const std::vector<plonk_table_description<FieldType>> &table_descriptions,
                             const std::vector<plonk_constraint_system<FieldType>> &constraint_systems,
                             std::vector<commitment_scheme_type>& commitment_schemes,
-                            std::vector<public_input_type> &public_inputs
+                            const std::vector<public_input_type> &public_inputs
                    ) {
                         const size_t N = agg_proof.partial_proofs.size();
                         std::vector<transcript::fiat_shamir_heuristic_sequential<transcript_hash_type>> transcripts(N, std::vector<std::uint8_t>({}));
@@ -75,7 +75,14 @@ namespace nil {
                         for (size_t i = 0; i < N; i++) {
                             // Create a proof from aggregated_proof.
                             typename placeholder_proof<FieldType, ParamsType>::evaluation_proof eval_proof;
-                            eval_proof.eval_proof = agg_proof.aggregated_proof.initial_proofs_per_prover[i];
+                            // eval_proof.challenge = XXX; // Do we want to set the challenge to something??????
+                            eval_proof.eval_proof.z = agg_proof.aggregated_proof.initial_proofs_per_prover[i].z;
+                            const auto& initial_fri_proofs = agg_proof.aggregated_proof.initial_proofs_per_prover[i].initial_fri_proofs.initial_proofs;
+                            eval_proof.eval_proof.fri_proof.query_proofs.resize(initial_fri_proofs.size()); 
+                            for (size_t j = 0; i < initial_fri_proofs.size(); ++j) {
+                                eval_proof.eval_proof.fri_proof.query_proofs[j].initial_proof = initial_fri_proofs[j];
+                            }
+
                             proofs.push_back(placeholder_proof<FieldType, ParamsType>(agg_proof.partial_proofs[i], eval_proof));
 
                             if (!verifier_type::verify_partial_proof(
@@ -91,7 +98,7 @@ namespace nil {
                         transcript_type transcript_for_aggregation;
 
                         for (size_t i = 0; i < N; i++) {
-                            transcript_for_aggregation(transcripts[i].challenge());
+                            transcript_for_aggregation(transcripts[i].template challenge<FieldType>());
                         }
 
                         // produce the aggregated challenge
@@ -107,12 +114,13 @@ namespace nil {
                         for (size_t i = 0; i < N; i++) {
                             // We need a fresh copy of this transcript for each prover.
                             transcript_type aggregated_transcript_copy = aggregated_transcript;
-                            if (!verifier_type::verify_consolidated_polynomial(common_datas[i], proofs[i], F_consolidated, aggregated_transcript_copy))
+                            if (!verifier_type::verify_consolidated_polynomial(common_datas[i], proofs[i], F_consolidated[i], aggregated_transcript_copy))
                                 return false;
 
                             verifier_type::prepare_polynomials(
                                 proofs[i].eval_proof,
                                 common_datas[i],
+                                table_descriptions[i],
                                 constraint_systems[i],
                                 commitment_schemes[i]);
 
@@ -139,7 +147,8 @@ namespace nil {
                             typename std::vector<std::vector<std::tuple<std::size_t, std::size_t>>> poly_map(total_points);
 
                             typename FieldType::value_type theta_acc = theta.pow(starting_indexes[i]);
-                            commitment_schemes[i].generate_U_V_polymap(U, V, poly_map, proofs[i].eval_proof.z, theta, theta_acc, starting_indexes[i]);
+                            commitment_schemes[i].generate_U_V_polymap(
+                                U, V, poly_map, proofs[i].eval_proof.eval_proof.z, theta, theta_acc, total_points, starting_indexes[i]);
 
                             // We shall sum up the values in U, and the values in V and poly_map must be the same for each prover.
                             if (i == 0) {
@@ -165,6 +174,7 @@ namespace nil {
                             }
                         }
 
+//Check Proof Of Work!
                         // TODO: finalize the last FRI part.
                         //if (!nil::crypto3::zk::algorithms::verify_eval<fri_type>(
                         //        proof.aggregated_proof.fri_proof,

diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/verifier.hpp
@@ -226,7 +226,8 @@ namespace nil {
                         const plonk_constraint_system<FieldType> &constraint_system,
                         commitment_scheme_type& commitment_scheme,
                         const std::vector<std::vector<typename FieldType::value_type>> &public_input,
-                        transcript_type &transcript
+                        transcript_type &transcript,
+                        typename FieldType::value_type& F_consolidated_out
                     ) {
                         // TODO: process rotations for public input.
 
@@ -260,9 +261,9 @@ namespace nil {
                             }
                         }
 
-                        verify_partial_proof(
+                        return verify_partial_proof(
                             common_data, proof, table_description, constraint_system,
-                            commitment_scheme, transcript);
+                            commitment_scheme, transcript, F_consolidated_out);
                     }
 
                     /** Even though this function accepts the full proof, it does only partial verifications.
@@ -450,16 +451,19 @@ namespace nil {
                                 PLONK_SPECIAL_SELECTOR_ALL_NON_FIRST_USABLE_ROWS_SELECTED, 1,
                                 plonk_variable<typename FieldType::value_type>::column_type::selector
                             );
-                            columns_at_y[key] = shifted_mask_value - common_data.lagrange_0.evaluate(proof.eval_proof.challenge * common_data.basic_domain->get_domain_element(1));
+                            columns_at_y[key] = shifted_mask_value - common_data.lagrange_0.evaluate(
+                                proof.eval_proof.challenge * common_data.basic_domain->get_domain_element(1));
                         }
 
                         // 6. lookup argument
                         bool is_lookup_enabled = (constraint_system.lookup_gates().size() > 0);
                         std::array<typename FieldType::value_type, lookup_parts> lookup_argument;
                         if (is_lookup_enabled) {
                             std::vector<typename FieldType::value_type> special_selector_values_shifted(2);
-                            special_selector_values_shifted[0] = proof.eval_proof.eval_proof.z.get(FIXED_VALUES_BATCH, 2*common_data.permuted_columns.size(), 1);
-                            special_selector_values_shifted[1] = proof.eval_proof.eval_proof.z.get(FIXED_VALUES_BATCH, 2*common_data.permuted_columns.size() + 1, 1);
+                            special_selector_values_shifted[0] = proof.eval_proof.eval_proof.z.get(
+                                FIXED_VALUES_BATCH, 2*common_data.permuted_columns.size(), 1);
+                            special_selector_values_shifted[1] = proof.eval_proof.eval_proof.z.get(
+                                FIXED_VALUES_BATCH, 2*common_data.permuted_columns.size() + 1, 1);
 
                             std::vector<typename FieldType::value_type> lookup_parts_values;
                             for( std::size_t i = common_data.permutation_parts + 1;
@@ -479,7 +483,7 @@ namespace nil {
                                 proof.commitments.at(LOOKUP_BATCH), transcript
                             );
                         }
-                        if( constraint_system.copy_constraints().size() > 0 || constraint_system.lookup_gates().size() > 0){
+                        if (constraint_system.copy_constraints().size() > 0 || constraint_system.lookup_gates().size() > 0) {
                             transcript(proof.commitments.at(PERMUTATION_BATCH));
                         }
 

diff --git a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_dFRI_test_runner.hpp b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_dFRI_test_runner.hpp
@@ -45,14 +45,12 @@ using namespace nil::crypto3;
 using namespace nil::crypto3::zk;
 using namespace nil::crypto3::zk::snark;
 
-template<typename FieldType,
+template<typename field_type,
         typename merkle_hash_type,
         typename transcript_hash_type,
         bool UseGrinding = false,
         std::size_t max_quotient_poly_chunks = 0>
 struct placeholder_dFRI_test_runner {
-    using field_type = FieldType;
-
     struct placeholder_test_params {
         constexpr static const std::size_t lambda = 40;
         constexpr static const std::size_t m = 2;
@@ -76,6 +74,11 @@ struct placeholder_dFRI_test_runner {
     using fri_type = typename lpc_scheme_type::fri_type;
     using proof_of_work_type = typename fri_type::grinding_type::output_type;
     using polynomial_type = typename lpc_scheme_type::polynomial_type;
+    using public_input_type = std::vector<std::vector<typename field_type::value_type>>;
+    using public_preprocessor_type = placeholder_public_preprocessor<field_type, lpc_placeholder_params_type>;
+    using private_preprocessor_type = placeholder_private_preprocessor<field_type, lpc_placeholder_params_type>;
+    using common_data_type = typename public_preprocessor_type::preprocessed_data_type::common_data_type;
+
     using placeholder_aggregated_proof_type = nil::crypto3::zk::snark::
                     placeholder_aggregated_proof<field_type, lpc_placeholder_params_type>;
 
@@ -106,11 +109,11 @@ struct placeholder_dFRI_test_runner {
     bool run_test() {
         lpc_scheme_type lpc_scheme1(fri_params);
 
-        typename placeholder_public_preprocessor<field_type, lpc_placeholder_params_type>::preprocessed_data_type
+        typename public_preprocessor_type::preprocessed_data_type
                 preprocessed_public_data1 = placeholder_public_preprocessor<field_type, lpc_placeholder_params_type>::process(
                 constraint_system1, assignments1.public_table(), desc1, lpc_scheme1, max_quotient_poly_chunks);
 
-        typename placeholder_private_preprocessor<field_type, lpc_placeholder_params_type>::preprocessed_data_type
+        typename private_preprocessor_type::preprocessed_data_type
                 preprocessed_private_data1 = placeholder_private_preprocessor<field_type, lpc_placeholder_params_type>::process(
                 constraint_system1, assignments1.private_table(), desc1);
 
@@ -121,11 +124,11 @@ struct placeholder_dFRI_test_runner {
 
         lpc_scheme_type lpc_scheme2(fri_params);
 
-        typename placeholder_public_preprocessor<field_type, lpc_placeholder_params_type>::preprocessed_data_type
+        typename public_preprocessor_type::preprocessed_data_type
                 preprocessed_public_data2 = placeholder_public_preprocessor<field_type, lpc_placeholder_params_type>::process(
                 constraint_system2, assignments2.public_table(), desc2, lpc_scheme2, max_quotient_poly_chunks);
 
-        typename placeholder_private_preprocessor<field_type, lpc_placeholder_params_type>::preprocessed_data_type
+        typename private_preprocessor_type::preprocessed_data_type
                 preprocessed_private_data2 = placeholder_private_preprocessor<field_type, lpc_placeholder_params_type>::process(
                 constraint_system2, assignments2.private_table(), desc2);
 
@@ -185,8 +188,8 @@ struct placeholder_dFRI_test_runner {
             lpc_scheme1.get_fri_params(), aggregated_transcript);
 
         // Generate consistency check proofs.
-        lpc_proof_type initial_proof1 = lpc_scheme1.proof_eval_lpc_proof(combined_Q1, consistency_checks_challenges);
-        lpc_proof_type initial_proof2 = lpc_scheme2.proof_eval_lpc_proof(combined_Q2, consistency_checks_challenges);
+        lpc_proof_type initial_proof1 = lpc_scheme1.proof_eval_lpc_proof(consistency_checks_challenges);
+        lpc_proof_type initial_proof2 = lpc_scheme2.proof_eval_lpc_proof(consistency_checks_challenges);
 
         // Aggregate all the parts of proofs into 1 aggregated proof.
         placeholder_aggregated_proof_type agg_proof;
@@ -201,11 +204,15 @@ struct placeholder_dFRI_test_runner {
         lpc_scheme_type verifier_lpc_scheme1(fri_params);
         lpc_scheme_type verifier_lpc_scheme2(fri_params);
 
+        std::vector<common_data_type> common_datas = {
+            *preprocessed_public_data1.common_data, *preprocessed_public_data2.common_data};
+        std::vector<plonk_table_description<field_type>> table_descriptions = {desc1, desc2};
+        std::vector<plonk_constraint_system<field_type>> constraint_systems = {constraint_system1, constraint_system2};
+        std::vector<lpc_scheme_type> commitment_schemes = {verifier_lpc_scheme1, verifier_lpc_scheme2};
+        std::vector<public_input_type> public_inputs = {assignments1.public_inputs(), assignments2.public_inputs()};
+
         bool verifier_res = placeholder_DFRI_verifier<field_type, lpc_placeholder_params_type>::process(
-                {preprocessed_public_data1.common_data, preprocessed_public_data2.common_data},
-                agg_proof, {desc1, desc2}, {constraint_system1, constraint_system2},
-                {verifier_lpc_scheme1, verifier_lpc_scheme1}
-            );
+                common_datas, agg_proof, table_descriptions, constraint_systems, commitment_schemes, public_inputs);
         return verifier_res;
     }