Feat: septic curve based continuation #1061

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merged

kunxian-xia merged 63 commits into feat/multi_shard from feat/septic_global_chip

Nov 3, 2025

Collaborator

kunxian-xia commented Sep 8, 2025 •

edited

Loading

Summary

Sub tasks

$N = 2^n$ septic curve points accumulation (in one layer) using Quark
cmd: cargo test --release --lib test_ecc_quark_prover --features "sanity-check" -- --nocapture
Global chip @kunxian-xia
- constraints
- debugging sum != p[0] + p[1]
- enable poseidon2
- Feat: integrate ecc quark prover into prover's and verifier's workflow #1093
- enable non power-of-two non-pow2 septic elliptic curve points add IOP #1081


          generate septic sum layer witnesses

755ca64

kunxian-xia marked this pull request as draft

September 8, 2025 13:51

kunxian-xia linked an issue

that may be closed by this pull request

feat: split timestamp into shard, clk #1063

Closed

kunxian-xia added 2 commits

September 10, 2025 00:07


          support ec add in tower verifier: wip

3862bc5


          ecc accumulation batched into tower verifier

3ac7ffc

kunxian-xia commented

View reviewed changes

ceno_zkvm/src/scheme/verifier.rs Outdated Show resolved Hide resolved

kunxian-xia added 11 commits

September 11, 2025 09:02

wip

c8f1013


          simplify


          batch ec add into tower prover wip-1

9dd7ade


          revisit infer_septic_addition_witness

f22d7aa


          sample random point on curve

7b366a1


          add sqrt

58d9d22


          fix ec add

463a431


          infer_ec_sum_witness unit test

56c7aa4


          return point at infinity for Default

c5c9c11


          finish infer septic addition unit test

dc4445a


          adjust the ec add sumchecks

kunxian-xia commented

View reviewed changes

ceno_zkvm/src/scheme/cpu/mod.rs Outdated Show resolved Hide resolved

kunxian-xia added 12 commits

September 23, 2025 21:14


          support jacobian coordinates

febb1f2


          infer septic sum using jacobian coordinates

a266248


          update tower verifier for jacobian coordinates

d22f76d


          jacobian coordinates in tower's sumcheck

a662a49


          add quark prover for ecc addition

502b7b2


          sanity check on quark's zerocheck

c3391bb


          delete ec addition using tower tree

ed67cd3


          delete

be0629c


          clean

74af34f


          add selector to turn off affine_add when b = 1...1

94ac488


          add quark ecc verifier

6074b14


          reorg

f3392ea

hero78119 mentioned this pull request

[milestones] ethproofs & benchmark #1095

Open

21 tasks

hero78119 reviewed

View reviewed changes

Collaborator

hero78119 left a comment

1st quick review pass, without reviewing global chip in detail

ceno_zkvm/src/scheme/septic_curve.rs

    
              /// 2. The curve's order is a large prime number of 31x7 bits

              #[derive(Clone, Debug, Default, PartialEq, Serialize, Deserialize)]

              pub struct SepticPoint<F> {

                  pub x: SepticExtension<F>,

Collaborator

hero78119 Sep 11, 2025

a tiny question: it seems SepticExtension extension field is also a field, so in future both could be define separately?, e.g.

pub struct SepticPoint<F, E<BaseField = F>> {
    pub x: E,
    pub y: E,
}

Collaborator Author

kunxian-xia Oct 28, 2025

yeah, this should work.

ceno_zkvm/src/scheme/verifier.rs Outdated Show resolved Hide resolved

ceno_zkvm/src/e2e.rs Outdated Show resolved Hide resolved


          Merge remote-tracking branch 'origin/feat/multi_shard' into feat/sept…

…ic_global_chip

kunxian-xia marked this pull request as ready for review

October 28, 2025 04:03


          chores: fix quick error in e2e (#1096)

2d8d643

hero78119 mentioned this pull request

review shard ram bus chip soundness #1097

Open

hero78119 reviewed

View reviewed changes

gkr_iop/src/circuit_builder.rs

    
                      assert_eq!(xs.len(), 7);

                      assert_eq!(ys.len(), 7);

                      assert_eq!(slopes.len(), 7);

                      assert_eq!(final_sum.len(), 7 * 2);

Collaborator

hero78119 Oct 29, 2025

nitpicks: replace with SEPTIC_EXTENSION_DEGREE

ceno_zkvm/src/instructions/global.rs

    
                          .map(|i| cb.create_witin(|| format!("slope{}", i)))

                          .collect();

                      let addr = cb.create_witin(|| "addr");

                      let is_ram_register = cb.create_witin(|| "is_ram_register");

Collaborator

hero78119 Oct 29, 2025

it seems there missing assert_bit on is_ram_register

ceno_zkvm/src/instructions/global.rs

    
                          1 - is_global_write.expr(),

                          local_clk.expr(),

                      )?;

                      // TODO: enforce shard = shard_id in the public values

Collaborator

hero78119 Oct 29, 2025 •

edited

Loading

there is api cb.query_shard_id() and we need below constrian

if is_global_write == 0, then assert_lt(global_clk, cb.query_shard_id())
if is_global_write == 1, then assert_eq(global_clk, cb.query_shard_id())

hero78119 reviewed

View reviewed changes

ceno_zkvm/src/instructions/global.rs

    
                      let addr = cb.create_witin(|| "addr");

                      let is_ram_register = cb.create_witin(|| "is_ram_register");

                      let value = UInt::new(|| "value", cb)?;

                      let shard = cb.create_witin(|| "shard");

Collaborator

hero78119 Oct 29, 2025 •

edited

Loading

follow comments here #1061 (comment)
we can remove shard and just keep global_clk

hero78119 reviewed

View reviewed changes

ceno_zkvm/src/instructions/global.rs Outdated Show resolved Hide resolved

hero78119 reviewed

View reviewed changes

ceno_zkvm/src/scheme/cpu/mod.rs

    
                              .collect_vec()

                      };

                      // build x[b,0], x[b,1], y[b,0], y[b,1]

                      let mut x0 = filter_bj(&xs, 0);

Collaborator

hero78119 Oct 29, 2025 •

edited

Loading

suggestion: will be nice to add TODO for define new api split_to_owned_even_odd in SmartSlice so we can use it like as_view_slice

hero78119 reviewed

View reviewed changes

ceno_zkvm/src/instructions/global.rs

    
                      ];

                      let prime = E::BaseField::order().to_u64_digits()[0];

                      loop {

Collaborator

hero78119 Oct 29, 2025

An improvement: we can do parallel search + find_any just like plonk3 grinding api

https://github.com/Plonky3/Plonky3/blob/658115aae28312e97cd3ef38d1ab046839f734a8/challenger/src/grinding_challenger.rs#L56-L62


          rw record ramtype expression (#1098)

9676da8

hero78119 mentioned this pull request

Feat: integrate Global chip into e2e workflow #1099

Merged

kunxian-xia and others added 2 commits

October 30, 2025 10:09


          Feat: integrate Global chip into e2e workflow (#1099)

2d5ed66


          Fix integration bugs (#1102)

a8a06a5

Co-authored-by: Ming <[email protected]>

Collaborator Author

kunxian-xia commented Oct 31, 2025 •

edited

Loading

Improvements


          extract shard id from cycle (#1101)

2214fdc

hero78119 reviewed

View reviewed changes

ceno_zkvm/src/scheme/utils.rs Outdated Show resolved Hide resolved

hero78119 reviewed

View reviewed changes

ceno_zkvm/src/scheme/hal.rs

    
                  }

              }

              #[derive(Clone)]

Collaborator

hero78119 Oct 31, 2025

this seems to be left-over

kunxian-xia and others added 2 commits

October 31, 2025 12:56


          revert stateful trait Instruction (#1105)

3860d14


          refactor ec points witness assignments (#1100)

5af8392

- simplify index computation of affine_add(left, right)
- allocate buffer once and parallel initialization

kunxian-xia mentioned this pull request

#1061 cleanup #1106

Merged

2 tasks

kunxian-xia and others added 2 commits

October 31, 2025 17:07


          #1061 cleanup (#1106)

9917b61

#1061 Cleanup

- [x] clippy fixes
- [x] remove old unused routines for generating witness for the ecc
summation tower tree. Note this approach is abandoned. We prefer to pack
$log_2(N)$ layers in one layer using the relation `p[1, b] =
ec_add(p[0,b], p[1,b])` (first proposed in Quark paper.


          bug fix of global chip (#1109)

184b82c

fix few issue reported in global chip integration test

Collaborator

hero78119 commented Nov 3, 2025 •

edited by kunxian-xia

Loading

Blocking issues

comment out goldilocks unittest/integration test in ci, as global chip not work on goldilocks for now @kunxian-xia

Later TODOs

addressed review comments in Address review comments in #1061 #1108

hero78119 reviewed

View reviewed changes

Cargo.toml Outdated Show resolved Hide resolved


          CI: disable fibonacci + goldilocks integration test (#1110)

11e42d2

# Summary

- [x] bump up `gkr-backend`.
- [x] The global chip does not support goldilocks field for now.
Therefore we need to disable `fibonacci + goldilocks` in the integration
tests.

kunxian-xia merged commit 7530159 into feat/multi_shard

4 checks passed

kunxian-xia deleted the feat/septic_global_chip branch

November 3, 2025 04:46

github-merge-queue bot pushed a commit that referenced this pull request


          continuation of multi-shard + ram bus (#1084)

1e3c940

To deal with > 1 shards and satisfy offline memory constrain
related to #1061, #1063, #699,
#698, #697, #696, #700

### change scope
- [x] separate mem bus to read/write 2 different map
- [x] add new public input 
- [x] integrate local init chip
- [x] integrate local final chip
- [x] shift opcode & mem record to shard ts
- [x] integrate mem bus chip
- [x] refactor mock prover mock proving

### benchmarks
bench on single chunk
with fibonacci on CPU: 5900XT 32 cores, 64GB RAM

| Benchmark | Median Time (s) | Median Change (%) |

|------------------------------|----------------|----------------------------------------|
| fibonacci_max_steps_1048576 | 2.8142 | +1.54% (Change within noise
threshold) |
| fibonacci_max_steps_2097152 | 4.9337 | +1.05% (Change within noise
threshold) |
| fibonacci_max_steps_4194304 | 9.1971 | -3.21% (Change within noise
threshold) |

which shows no performance impact

---------

Co-authored-by: xkx <[email protected]>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet