Skip to content

Commit

Permalink
sync crypto3 and parallel-crypto3 #13
Browse files Browse the repository at this point in the history
  • Loading branch information
@vo-nil
vo-nil committed Sep 17, 2024
1 parent 7788127 commit ea1ea8a
Show file tree
Hide file tree
Showing 6 changed files with 81 additions and 21 deletions.
20 changes: 18 additions & 2 deletions crypto3/libs/zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,6 +182,24 @@ namespace nil {
, expand_factor(expand_factor)
{ }

params_type(
std::size_t max_degree,
std::vector<std::shared_ptr<math::evaluation_domain<FieldType>>> D,
std::vector<std::size_t> step_list_in,
std::size_t expand_factor,
std::size_t lambda,
bool use_grinding = false,
std::size_t grinding_parameter = 16
) : lambda(lambda)
, use_grinding(use_grinding)
, grinding_parameter(grinding_parameter)
, max_degree(max_degree)
, D(D)
, r(std::accumulate(step_list_in.begin(), step_list_in.end(), 0))
, step_list(step_list_in)
, expand_factor(expand_factor)
{}

bool operator==(const params_type &rhs) const {
if (D.size() != rhs.D.size()) {
return false;
Expand Down Expand Up @@ -1088,7 +1106,6 @@ namespace nil {
precommitments, fri_params, challenges, g, fri_trees, fs, final_polynomial);
}


template<typename FRI, typename PolynomialType,
typename std::enable_if<
std::is_base_of<
Expand Down Expand Up @@ -1117,7 +1134,6 @@ namespace nil {

std::vector<typename FRI::precommitment_type> fri_trees;
std::vector<PolynomialType> fs;
math::polynomial<typename FRI::field_type::value_type> final_polynomial;

// Contains fri_roots and final_polynomial.
typename FRI::commitments_part_of_proof commitments_proof;
Expand Down
1 change: 1 addition & 0 deletions crypto3/libs/zk/include/nil/crypto3/zk/commitments/polynomial/lpc.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,7 @@ namespace nil {
}

proof_type proof_eval(transcript_type &transcript) {
PROFILE_SCOPE("LPC proof_eval");

this->eval_polys();

Expand Down
7 changes: 3 additions & 4 deletions ...ypto3/libs/parallel-zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -256,7 +256,7 @@ namespace nil {
}

// For the last round it's final_polynomial's values

// Values for the next round.
polynomial_values_type y;

Expand Down Expand Up @@ -436,7 +436,7 @@ namespace nil {
if (f.size() != D->size()) {
throw std::runtime_error("Polynomial size does not match the domain size in FRI precommit.");
}

std::size_t domain_size = D->size();
std::size_t coset_size = 1 << fri_step;
std::size_t leafs_number = domain_size / coset_size;
Expand Down Expand Up @@ -782,7 +782,6 @@ namespace nil {
}
precommitment = precommit<FRI>(f, D, fri_params.step_list[i + 1]);
}

}
fs.push_back(f);
if constexpr (std::is_same<math::polynomial_dfs<typename FRI::field_type::value_type>, PolynomialType>::value) {
Expand Down Expand Up @@ -1159,7 +1158,7 @@ namespace nil {
std::vector<PolynomialType> fs;

// Contains fri_roots and final_polynomial.
typename FRI::commitments_part_of_proof commitments_proof;
typename FRI::commitments_part_of_proof commitments_proof;

std::tie(fs, fri_trees, commitments_proof) =
commit_phase<FRI, PolynomialType>(
Expand Down
51 changes: 42 additions & 9 deletions parallel-crypto3/libs/parallel-zk/include/nil/crypto3/zk/commitments/polynomial/lpc.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,7 @@ namespace nil {
BOOST_ASSERT(this->_points.size() == this->_z.get_batches_num());

// For each batch we have a merkle tree.
for(auto const& it: this->_trees) {
for (auto const& it: this->_trees) {
transcript(it.second.root());
}

Expand All @@ -168,15 +168,15 @@ namespace nil {

auto fri_proof = commit_and_fri_proof(combined_Q, transcript);
return proof_type({this->_z, fri_proof});
}
}

/** This function must be called for the cases where we want to skip the
* round proof for FRI. Must be called once per instance of prover for the aggregated FRI.
* \param[in] combined_Q - Polynomial combined_Q was already computed by the current
prover in the previous step of the aggregated FRI protocol.
* \param[in] transcript - This transcript is initialized from a challenge sent from the "Main" prover,
on which the round proof was created for the polynomial F(x) = Sum(combined_Q).
*/
*/
lpc_proof_type proof_eval_lpc_proof(
const polynomial_type& combined_Q, transcript_type &transcript) {

Expand Down Expand Up @@ -271,7 +271,9 @@ namespace nil {
);
return fri_proof;
}
/** \brief

/** \brief Computes polynomial combined_Q. In case this function changes,
the function 'compute_theta_power_for_combined_Q' below should be changed accordingly.
* \param theta The value of challenge. When called from aggregated FRI, this values is sent from
the "main prover" machine.
* \param starting_power When aggregated FRI is used, the value is not zero, it's the total degree of all
Expand All @@ -280,13 +282,12 @@ namespace nil {
polynomial_type prepare_combined_Q(
const typename field_type::value_type& theta,
std::size_t starting_power = 0) {
typename field_type::value_type theta_acc = theta.pow(starting_power);

polynomial_type combined_Q;
math::polynomial<value_type> V;

this->build_points_map();

typename field_type::value_type theta_acc = theta.pow(starting_power);
polynomial_type combined_Q;
math::polynomial<value_type> V;

auto points = this->get_unique_points();
math::polynomial<value_type> combined_Q_normal;

Expand Down Expand Up @@ -410,6 +411,7 @@ namespace nil {
Q_normal -= _fixed_polys_values[i][j] * theta_acc;
theta_acc *= theta;
}

Q_normal = Q_normal / V;
}, ThreadPool::PoolLevel::HIGH);

Expand All @@ -429,6 +431,37 @@ namespace nil {
return combined_Q;
}

// Computes and returns the maximal power of theta used to compute the value of Combined_Q.
std::size_t compute_theta_power_for_combined_Q() {
std::size_t theta_power = 0;
this->eval_polys();
this->build_points_map();

auto points = this->get_unique_points();

for (auto const &point: points) {
for (std::size_t i: this->_z.get_batches()) {
for (std::size_t j = 0; j < this->_z.get_batch_size(i); j++) {
auto iter = this->_points_map[i][j].find(point);
if (iter == this->_points_map[i][j].end())
continue;

theta_power++;
}
}
}

for (std::size_t i: this->_z.get_batches()) {
if (!_batch_fixed[i]) {
continue;
}

theta_power += this->_z.get_batch_size(i);
}

return theta_power;
}

bool verify_eval(
const proof_type &proof,
const std::map<std::size_t, commitment_type> &commitments,
Expand Down
10 changes: 9 additions & 1 deletion ...crypto3/libs/parallel-zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/proof.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
#define CRYPTO3_ZK_PLONK_PLACEHOLDER_PROOF_HPP

#include <map>
#include <vector>

namespace nil {
namespace crypto3 {
Expand Down Expand Up @@ -88,6 +89,7 @@ namespace nil {
using circuit_params_type = typename ParamsType::circuit_params_type;
using commitment_scheme_type = typename ParamsType::commitment_scheme_type;
using commitment_type = typename commitment_scheme_type::commitment_type;
using partial_proof_type = placeholder_partial_proof<FieldType, ParamsType>;

struct evaluation_proof {
// TODO: remove it!
Expand All @@ -105,6 +107,12 @@ namespace nil {

placeholder_proof() = default;

placeholder_proof(const partial_proof_type &partial_proof) :
placeholder_partial_proof<FieldType, ParamsType>(partial_proof) {}

placeholder_proof(const partial_proof_type &partial_proof, const evaluation_proof &eval_proof) :
placeholder_partial_proof<FieldType, ParamsType>(partial_proof), eval_proof(eval_proof) {}

bool operator==(const placeholder_proof &rhs) const {
return placeholder_partial_proof<FieldType, ParamsType>::operator==(rhs) &&
eval_proof == rhs.eval_proof;
Expand Down Expand Up @@ -141,7 +149,7 @@ namespace nil {

// This vector contains N partial proofs, one per prover.
std::vector<placeholder_partial_proof<FieldType, ParamsType>> partial_proofs;
typename commitment_type::aggregated_proof_type aggregated_proof;
typename commitment_scheme_type::aggregated_proof_type aggregated_proof;
};
} // namespace snark
} // namespace zk
Expand Down
13 changes: 8 additions & 5 deletions ...rypto3/libs/parallel-zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/prover.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,14 +90,15 @@ namespace nil {
constexpr static const std::size_t permutation_parts = 3;
constexpr static const std::size_t lookup_parts = 6;
constexpr static const std::size_t f_parts = 8;
public:

public:

static inline placeholder_proof<FieldType, ParamsType> process(
const typename public_preprocessor_type::preprocessed_data_type &preprocessed_public_data,
typename private_preprocessor_type::preprocessed_data_type preprocessed_private_data,
const plonk_table_description<FieldType> &table_description,
const plonk_constraint_system<FieldType> &constraint_system,
commitment_scheme_type commitment_scheme,
const commitment_scheme_type& commitment_scheme,
bool skip_commitment_scheme_eval_proofs = false
) {
auto prover = placeholder_prover<FieldType, ParamsType>(
Expand Down Expand Up @@ -209,15 +210,18 @@ namespace nil {

// 8. Run evaluation proofs
_proof.eval_proof.challenge = transcript.template challenge<FieldType>();
generate_evaluation_points();
if (!_skip_commitment_scheme_eval_proofs) {
generate_evaluation_points();

_proof.eval_proof.eval_proof = _commitment_scheme.proof_eval(transcript);
}

return _proof;
}

commitment_scheme_type& get_commitment_scheme() {
return _commitment_scheme;
}

private:
std::vector<polynomial_dfs_type> quotient_polynomial_split_dfs() {
PROFILE_SCOPE("quotient_polynomial_split_dfs");
Expand Down Expand Up @@ -395,7 +399,6 @@ namespace nil {

_commitment_scheme.append_eval_point(QUOTIENT_BATCH, _proof.eval_proof.challenge);


// fixed values' rotations (table columns)
std::size_t i = 0;
std::size_t start_index = preprocessed_public_data.identity_polynomials.size() +
Expand Down

0 comments on commit ea1ea8a

Please sign in to comment.