diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp index b0b895f586..19162bd299 100644 --- a/crypto3/libs/zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp +++ b/crypto3/libs/zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp @@ -182,24 +182,6 @@ namespace nil { , expand_factor(expand_factor) { } - params_type( - std::size_t max_degree, - std::vector>> D, - std::vector step_list_in, - std::size_t expand_factor, - std::size_t lambda, - bool use_grinding = false, - std::size_t grinding_parameter = 16 - ) : lambda(lambda) - , use_grinding(use_grinding) - , grinding_parameter(grinding_parameter) - , max_degree(max_degree) - , D(D) - , r(std::accumulate(step_list_in.begin(), step_list_in.end(), 0)) - , step_list(step_list_in) - , expand_factor(expand_factor) - {} - bool operator==(const params_type &rhs) const { if (D.size() != rhs.D.size()) { return false; diff --git a/parallel-crypto3/libs/parallel-zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp b/parallel-crypto3/libs/parallel-zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp index 2cf028fe6a..4123cee72a 100644 --- a/parallel-crypto3/libs/parallel-zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp +++ b/parallel-crypto3/libs/parallel-zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp @@ -185,24 +185,6 @@ namespace nil { , expand_factor(expand_factor) { } - params_type( - std::size_t max_degree, - std::vector>> D, - std::vector step_list_in, - std::size_t expand_factor, - std::size_t lambda, - bool use_grinding = false, - std::size_t grinding_parameter = 16 - ) : lambda(lambda) - , use_grinding(use_grinding) - , grinding_parameter(grinding_parameter) - , max_degree(max_degree) - , D(D) - , r(std::accumulate(step_list_in.begin(), step_list_in.end(), 0)) - , step_list(step_list_in) - , expand_factor(expand_factor) - {} - bool operator==(const params_type &rhs) const { if (D.size() != rhs.D.size()) { return false; diff --git a/proof-producer/README.md b/proof-producer/README.md index ecf9335b0b..92548d7e6d 100644 --- a/proof-producer/README.md +++ b/proof-producer/README.md @@ -1,15 +1,26 @@ # Proof producer for the =nil; Proof Market -This repository contains the proof producer for the =nil; [Proof Market](https://proof.market/), which is a part of the =nil; [zkllvm toolchain](https://github.com/NilFoundation/zkLLVM) for zk-enabled applications development. +This repository contains the proof producer for the =nil; +[Proof Market](https://proof.market/), which is a part of the =nil; +[zkllvm toolchain](https://github.com/NilFoundation/zkLLVM) for zk-enabled +applications development. # How to use -The input for the proof producer is a circified version of the algorithm to be proven. This circified version of the algorithm is generated by the [zkllvm](https://raw.githubusercontent.com/NilFoundation/zkllvm) toolchain. +The input for the proof producer is a circified version of the algorithm to be +proven. This circified version of the algorithm is generated by the +[zkllvm](https://raw.githubusercontent.com/NilFoundation/zkllvm) toolchain. -Typically, you want to use the proof producer to participate in the =nil; Proof Market. In this case, you need to have a valid account on the =nil; Proof Market, which you can create through the [Proof Market web interface](https://proof.market/) or by using the [Proof Market CLI](https://github.com/NilFoundation/proof-market-toolchain/). +Typically, you want to use the proof producer to participate in the =nil; +Proof Market. In this case, you need to have a valid account on the =nil; +Proof Market, which you can create through the +[Proof Market web interface](https://proof.market/) or by using the +[Proof Market CLI](https://github.com/NilFoundation/proof-market-toolchain/). # Installation -All parts of the zkLLVM toolchain are distributed in form of deb packages. To install them, you need to add the =nil; repository to your systems package manager: +All parts of the zkLLVM toolchain are distributed in form of deb packages. +To install them, you need to add the =nil; repository to your systems package +manager: ```bash echo 'deb [trusted=yes] http://deb.nil.foundation/ubuntu/ all main' >>/etc/apt/sources.list @@ -24,15 +35,22 @@ apt install proof-producer # Usage -The proof producer is a command line tool. To see the list of available options, run: +The proof producer is a command line tool. To see the list of available +options, run: ```bash proof-generator --help ``` -To produce a proof, you need to provide the proof producer with the file with the circuit definition and the assignment table with the values of the execution trace. You generate them from the [zkllvm examples](https://github.com/NilFoundation/zkLLVM) or download the existing ones using the [Proof Market CLI](https://github.com/NilFoundation/proof-market-toolchain/). +To produce a proof, you need to provide the proof producer with the file with +the circuit definition and the assignment table with the values of the +execution trace. You generate them from the +[zkllvm examples](https://github.com/NilFoundation/zkLLVM) or download the +existing ones using the +[Proof Market CLI](https://github.com/NilFoundation/proof-market-toolchain/). -When you have the circuit definition and the assignment table, you can produce a proof by running: +When you have the circuit definition and the assignment table, you can produce +a proof by running: ```bash proof-generator --circuit --assignment --proof @@ -42,36 +60,90 @@ proof-generator --circuit --assignment --proof # Sample calls to proof-producer -In all the calls you can change the executable name from proof-producer-single-threaded to proof-producer-multi-threaded to run on all the CPUs of your machine. +In all the calls you can change the executable name from +proof-producer-single-threaded to proof-producer-multi-threaded to run on all +the CPUs of your machine. Generate a proof and verify it: ```bash -./build/bin/proof-producer/proof-producer-single-threaded --circuit="circuit.crct" --assignment-table="assignment.tbl" --proof="proof.bin" -q 10 +./build/bin/proof-producer/proof-producer-single-threaded \ + --circuit="circuit.crct" \ + --assignment-table="assignment.tbl" \ + --proof="proof.bin" -q 10 ``` Making a call to preprocessor: ```bash -./build/bin/proof-producer/proof-producer-single-threaded --stage="preprocess" --circuit="circuit.crct" --assignment-table="assignment.tbl" --common-data="preprocessed_common_data.dat" --preprocessed-data="preprocessed.dat" --commitment-state-file="commitment_state.dat" --assignment-description-file="assignment-description.dat" -q 10 +./build/bin/proof-producer/proof-producer-single-threaded \ + --stage="preprocess" \ + --circuit="circuit.crct" \ + --assignment-table="assignment.tbl" \ + --common-data="preprocessed_common_data.dat" \ + --preprocessed-data="preprocessed.dat" \ + --commitment-state-file="commitment_state.dat" \ + --assignment-description-file="assignment-description.dat" \ + -q 10 ``` Making a call to prover: ```bash -./build/bin/proof-producer/proof-producer-single-threaded --stage="prove" --circuit="circuit.crct" --assignment-table="assignment.tbl" --common-data="preprocessed_common_data.dat" --preprocessed-data="preprocessed.dat" --commitment-state-file="commitment_state.dat" --proof="proof.bin" -q 10 +./build/bin/proof-producer/proof-producer-single-threaded \ + --stage="prove" \ + --circuit="circuit.crct" \ + --assignment-table="assignment.tbl" \ + --common-data="preprocessed_common_data.dat" \ + --preprocessed-data="preprocessed.dat" \ + --commitment-state-file="commitment_state.dat" \ + --proof="proof.bin" \ + -q 10 ``` Verify generated proof: ```bash -./build/bin/proof-producer/proof-producer-single-threaded --stage="verify" --circuit="circuit.crct" --common-data="preprocessed_common_data.dat" --proof="proof.bin" --assignment-description-file="assignment-description.dat" -q 10 +./build/bin/proof-producer/proof-producer-single-threaded \ + --stage="verify" \ + --circuit="circuit.crct" \ + --common-data="preprocessed_common_data.dat" \ + --proof="proof.bin" \ + --assignment-description-file="assignment-description.dat" \ + -q 10 +``` + +Partial proof: +```bash +./build/bin/proof-producer/proof-producer-single-threaded \ + --stage partial-prove \ + --grind-param 16 \ + --max-quotient-chunks 10 \ + --circuit circuits-and-assignments/$CIRCUIT/circuit.crct \ + --assignment-table circuits-and-assignments/$CIRCUIT/assignment.tbl \ + --common-data $CIRCUIT-common_data.dat \ + --preprocessed-data $CIRCUIT-preprocessed.dat \ + --commitment-state-file $CIRCUIT-commitment_state.dat \ + --assignment-description-file $CIRCUIT-assignment-description.dat \ + --challenge-file $CIRCUIT-challenge.dat \ + --theta-power-file $CIRCUIT-theta-power.txt \ + --proof $CIRCUIT-proof.dat \ + --json $CIRCUIT-proof.json ``` Aggregate challenges, done once on the main prover ```bash -./build/bin/proof-producer/proof-producer-single-threaded --stage="generate-aggregated-challenge" --input-challenge-files challenge1.dat challenge2.dat --aggregated-challenge-file="aggregated_challenge.dat" +./build/bin/proof-producer/proof-producer-single-threaded \ + --stage="generate-aggregated-challenge" \ + --input-challenge-files challenge1.dat \ + --input-challenge-files challenge2.dat \ + --aggregated-challenge-file="aggregated_challenge.dat" ``` Compute polynomial combined_Q, done on each prover ```bash -./build/bin/proof-producer/proof-producer-single-threaded --stage="generate-combined-Q" --aggregated-challenge-file="aggregated_challenge.dat" --combined-Q-starting-power=0 --commitment-state-file="commitment_state.dat" --combined-Q-polynomial-file="combined-Q.dat" +./build/bin/proof-producer/proof-producer-single-threaded \ + --stage="generate-combined-Q" \ + --aggregated-challenge-file="aggregated_challenge.dat" \ + --combined-Q-starting-power=0 \ + --commitment-state-file="commitment_state.dat" \ + --combined-Q-polynomial-file="combined-Q.dat" ```