From 859f33d4c25f4926fb499622912853c998b209cf Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Wed, 18 Sep 2024 10:48:41 +0000
Subject: [PATCH 01/25] create a gemini prover and cleanup

---
 barretenberg/cpp/CMakePresets.json            |   2 +-
 .../commitment_key.test.hpp                   |  12 +-
 .../commitment_schemes/gemini/gemini.cpp      |  93 +++-
 .../commitment_schemes/gemini/gemini.hpp      |  94 ++--
 .../commitment_schemes/gemini/gemini.test.cpp |  85 +---
 .../commitment_schemes/ipa/ipa.test.cpp       | 111 ++---
 .../commitment_schemes/kzg/kzg.test.cpp       | 116 +----
 .../shplonk/shplemini_verifier.test.cpp       | 454 +++++++++---------
 .../commitment_schemes/wrapper.hpp            |  14 -
 .../shplemini.test.cpp                        |   6 +-
 .../barretenberg/polynomials/polynomial.hpp   |   7 +
 .../stdlib_circuit_builders/ultra_flavor.hpp  |   5 +-
 12 files changed, 447 insertions(+), 552 deletions(-)
 delete mode 100644 barretenberg/cpp/src/barretenberg/commitment_schemes/wrapper.hpp

diff --git a/barretenberg/cpp/CMakePresets.json b/barretenberg/cpp/CMakePresets.json
index 140b5780ed01..b45ca9cea38f 100644
--- a/barretenberg/cpp/CMakePresets.json
+++ b/barretenberg/cpp/CMakePresets.json
@@ -98,7 +98,7 @@
       "displayName": "Debugging build with Clang-16",
       "description": "Build with globally installed Clang-16 in debug mode",
       "inherits": "clang16",
-      "binaryDir": "build-debug",
+      "binaryDir": "build",
       "environment": {
         "CMAKE_BUILD_TYPE": "Debug",
         "CFLAGS": "-gdwarf-4",
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp
index 76956dd7ae92..d40cf153d54d 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp
@@ -139,14 +139,12 @@ template <typename Curve> class CommitmentTest : public ::testing::Test {
      * @brief Ensures that a set of opening pairs is correct by checking that evaluations are
      * correct by recomputing them from each witness polynomial.
      */
-    void verify_batch_opening_pair(std::span<const OpeningPair<Curve>> opening_pairs,
-                                   std::span<const Polynomial> witnesses)
+    void verify_batch_opening_pair(std::vector<ProverOpeningClaim<Curve>> opening_claims)
     {
-        const size_t num_pairs = opening_pairs.size();
-        ASSERT_EQ(witnesses.size(), num_pairs);
-
-        for (size_t j = 0; j < num_pairs; ++j) {
-            this->verify_opening_pair(opening_pairs[j], witnesses[j]);
+        for (auto claim : opening_claims) {
+            auto& [x, y] = claim.opening_pair;
+            Fr y_expected = claim.polynomial.evaluate(x);
+            EXPECT_EQ(y, y_expected) << "OpeningPair: evaluations mismatch";
         }
     }
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp
index 679857e1d66e..1518dcf4e15c 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp
@@ -1,10 +1,8 @@
-
 #include "gemini.hpp"
 #include "barretenberg/common/thread.hpp"
 
 #include <bit>
 #include <memory>
-#include <vector>
 
 /**
  * @brief Protocol for opening several multi-linear polynomials at the same point.
@@ -16,7 +14,7 @@
  * f₀, …, fₖ₋₁ = multilinear polynomials,
  * g₀, …, gₕ₋₁ = shifted multilinear polynomial,
  *  Each gⱼ is the left-shift of some f↺ᵢ, and gⱼ points to the same memory location as fᵢ.
- * v₀, …, vₖ₋₁, v↺₀, …, v↺ₕ₋₁ = multilinear evalutions s.t. fⱼ(u) = vⱼ, and gⱼ(u) = f↺ⱼ(u) = v↺ⱼ
+ * v₀, …, vₖ₋₁, v↺₀, …, v↺ₕ₋₁ = multilinear evalutions  s.t. fⱼ(u) = vⱼ, and gⱼ(u) = f↺ⱼ(u) = v↺ⱼ
  *
  * We use a challenge ρ to create a random linear combination of all fⱼ,
  * and actually define A₀ = F + G↺, where
@@ -43,6 +41,55 @@
  * since they are linear-combinations of the commitments [fⱼ] and [gⱼ].
  */
 namespace bb {
+template <typename Curve>
+std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
+    const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
+    std::span<Fr> multilinear_challenge,
+    std::span<Fr> multilinear_evaluations, /* u */
+    RefSpan<Polynomial> f_polynomials,     // unshifted
+    RefSpan<Polynomial> g_polynomials,     // to-be-shifted
+    std::shared_ptr<NativeTranscript>& transcript)
+{
+    ASSERT(multilinear_evaluations.size() == f_polynomials.size() + g_polynomials.size());
+    Fr rho = transcript->template get_challenge<Fr>("rho");
+    std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
+
+    // Compute batched multivariate evaluation
+    Fr batched_evaluation = Fr::zero();
+    for (size_t i = 0; i < rhos.size(); ++i) {
+        batched_evaluation += multilinear_evaluations[i] * rhos[i];
+    }
+
+    size_t log_n = multilinear_challenge.size();
+    size_t n = 1 << log_n;
+    // Compute batched polynomials
+    Polynomial batched_unshifted(n);
+    // TODO(mara): use shiftable, after you understand how it works
+    Polynomial batched_to_be_shifted = Polynomial::shiftable(1 << log_n);
+
+    const size_t num_unshifted = f_polynomials.size();
+    const size_t num_to_be_shifted = g_polynomials.size();
+    for (size_t i = 0; i < num_unshifted; i++) {
+        batched_unshifted.add_scaled(f_polynomials[i], rhos[i]);
+    }
+    for (size_t i = 0; i < num_to_be_shifted; i++) {
+        batched_to_be_shifted.add_scaled(g_polynomials[i], rhos[num_unshifted + i]);
+    }
+
+    // log_n + 2
+    auto fold_polynomials =
+        compute_fold_polynomials(multilinear_challenge, std::move(batched_unshifted), std::move(batched_to_be_shifted));
+
+    // Commit to the folded polynomials (except the first two, explain why the first two are left out) and send the
+    // commitment to the verifier
+    for (size_t l = 0; l < log_n - 1; l++) {
+        transcript->send_to_verifier("Gemini:FOLD_" + std::to_string(l + 1),
+                                     commitment_key->commit(fold_polynomials[l + 2]));
+    }
+    const Fr r_challenge = transcript->template get_challenge<Fr>("Gemini:r");
+    return compute_fold_polynomial_evaluations(
+        multilinear_challenge, std::move(fold_polynomials), r_challenge, transcript);
+};
 
 /**
  * @brief Computes d-1 fold polynomials Fold_i, i = 1, ..., d-1
@@ -53,9 +100,10 @@ namespace bb {
  * @return std::vector<Polynomial>
  */
 template <typename Curve>
-std::vector<typename GeminiProver_<Curve>::Polynomial> GeminiProver_<Curve>::compute_gemini_polynomials(
+std::vector<typename GeminiProver_<Curve>::Polynomial> GeminiProver_<Curve>::compute_fold_polynomials(
     std::span<const Fr> mle_opening_point, Polynomial&& batched_unshifted, Polynomial&& batched_to_be_shifted)
 {
+
     const size_t num_variables = mle_opening_point.size(); // m
 
     const size_t num_threads = get_num_cpus_pow2();
@@ -141,13 +189,16 @@ std::vector<typename GeminiProver_<Curve>::Polynomial> GeminiProver_<Curve>::com
  * @param r_challenge univariate opening challenge
  */
 template <typename Curve>
-GeminiProverOutput<Curve> GeminiProver_<Curve>::compute_fold_polynomial_evaluations(
-    std::span<const Fr> mle_opening_point, std::vector<Polynomial>&& gemini_polynomials, const Fr& r_challenge)
+std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::compute_fold_polynomial_evaluations(
+    std::span<const Fr> mle_opening_point,
+    std::vector<Polynomial>&& fold_polynomials,
+    const Fr& r_challenge,
+    std::shared_ptr<NativeTranscript>& transcript)
 {
     const size_t num_variables = mle_opening_point.size(); // m
 
-    Polynomial& batched_F = gemini_polynomials[0]; // F(X) = ∑ⱼ ρʲ   fⱼ(X)
-    Polynomial& batched_G = gemini_polynomials[1]; // G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X)
+    Polynomial& batched_F = fold_polynomials[0]; // F(X) = ∑ⱼ ρʲ   fⱼ(X)
+    Polynomial& batched_G = fold_polynomials[1]; // G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X)
 
     // Compute univariate opening queries rₗ = r^{2ˡ} for l = 0, 1, ..., m-1
     std::vector<Fr> r_squares = gemini::powers_of_evaluation_challenge(r_challenge, num_variables);
@@ -156,36 +207,36 @@ GeminiProverOutput<Curve> GeminiProver_<Curve>::compute_fold_polynomial_evaluati
     Fr r_inv = r_challenge.invert();
     batched_G *= r_inv;
 
-    // Construct A₀₊ = F + G/r and A₀₋ = F - G/r in place in gemini_polynomials
+    // Construct A₀₊ = F + G/r and A₀₋ = F - G/r in place in fold_polynomials
     Polynomial tmp = batched_F;
-    Polynomial& A_0_pos = gemini_polynomials[0];
+    Polynomial& A_0_pos = fold_polynomials[0];
 
     // A₀₊(X) = F(X) + G(X)/r, s.t. A₀₊(r) = A₀(r)
     A_0_pos += batched_G;
 
     // Perform a swap so that tmp = G(X)/r and A_0_neg = F(X)
     std::swap(tmp, batched_G);
-    Polynomial& A_0_neg = gemini_polynomials[1];
+    Polynomial& A_0_neg = fold_polynomials[1];
 
     // A₀₋(X) = F(X) - G(X)/r, s.t. A₀₋(-r) = A₀(-r)
     A_0_neg -= tmp;
 
-    std::vector<OpeningPair<Curve>> fold_poly_opening_pairs;
-    fold_poly_opening_pairs.reserve(num_variables + 1);
+    std::vector<Claim> opening_claims;
+    opening_claims.reserve(num_variables + 1);
 
     // Compute first opening pair {r, A₀(r)}
-    fold_poly_opening_pairs.emplace_back(
-        OpeningPair<Curve>{ r_challenge, gemini_polynomials[0].evaluate(r_challenge) });
-
+    Fr evaluation = fold_polynomials[0].evaluate(r_challenge);
+    opening_claims.emplace_back(
+        Claim{ fold_polynomials[0], { r_challenge, fold_polynomials[0].evaluate(r_challenge) } });
     // Compute the remaining m opening pairs {−r^{2ˡ}, Aₗ(−r^{2ˡ})}, l = 0, ..., m-1.
     for (size_t l = 0; l < num_variables; ++l) {
-        fold_poly_opening_pairs.emplace_back(
-            OpeningPair<Curve>{ -r_squares[l], gemini_polynomials[l + 1].evaluate(-r_squares[l]) });
+        evaluation = fold_polynomials[l + 1].evaluate(-r_squares[l]);
+        transcript->send_to_verifier("Gemini:a_" + std::to_string(l + 1), evaluation);
+        opening_claims.emplace_back(Claim{ fold_polynomials[l + 1], { -r_squares[l], evaluation } });
     }
 
-    return { fold_poly_opening_pairs, std::move(gemini_polynomials) };
+    return opening_claims;
 };
-
 template class GeminiProver_<curve::BN254>;
 template class GeminiProver_<curve::Grumpkin>;
-}; // namespace bb
+} // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
index bc3034bc7533..89c1dc8acf99 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
@@ -1,6 +1,6 @@
 #pragma once
 
-#include "../claim.hpp"
+#include "barretenberg/commitment_schemes/claim.hpp"
 #include "barretenberg/polynomials/polynomial.hpp"
 #include "barretenberg/transcript/transcript.hpp"
 
@@ -57,10 +57,6 @@ namespace bb {
  * ]
  * @tparam Curve CommitmentScheme parameters
  */
-template <typename Curve> struct GeminiProverOutput {
-    std::vector<OpeningPair<Curve>> opening_pairs;
-    std::vector<Polynomial<typename Curve::ScalarField>> witnesses;
-};
 
 namespace gemini {
 /**
@@ -102,15 +98,25 @@ template <class Fr> inline std::vector<Fr> powers_of_evaluation_challenge(const
 template <typename Curve> class GeminiProver_ {
     using Fr = typename Curve::ScalarField;
     using Polynomial = bb::Polynomial<Fr>;
+    using Claim = ProverOpeningClaim<Curve>;
 
   public:
-    static std::vector<Polynomial> compute_gemini_polynomials(std::span<const Fr> mle_opening_point,
-                                                              Polynomial&& batched_unshifted,
-                                                              Polynomial&& batched_to_be_shifted);
+    static std::vector<Polynomial> compute_fold_polynomials(std::span<const Fr> multilinear_evaluations,
+                                                            Polynomial&& batched_unshifted,
+                                                            Polynomial&& batched_to_be_shifted);
+
+    static std::vector<Claim> compute_fold_polynomial_evaluations(std::span<const Fr> multilinear_evaluations,
+                                                                  std::vector<Polynomial>&& gemini_polynomials,
+                                                                  const Fr& r_challenge,
+                                                                  std::shared_ptr<NativeTranscript>& transcript);
 
-    static GeminiProverOutput<Curve> compute_fold_polynomial_evaluations(std::span<const Fr> mle_opening_point,
-                                                                         std::vector<Polynomial>&& gemini_polynomials,
-                                                                         const Fr& r_challenge);
+    // TODO(Mara):  consider if we should template this by transcript to use with a test transcript
+    static std::vector<Claim> prove(const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
+                                    std::span<Fr> multilinear_challenge,
+                                    std::span<Fr> multilinear_evaluations,
+                                    RefSpan<Polynomial> f_polynomials,
+                                    RefSpan<Polynomial> g_polynomials,
+                                    std::shared_ptr<NativeTranscript>& transcript);
 }; // namespace bb
 
 template <typename Curve> class GeminiVerifier_ {
@@ -122,22 +128,42 @@ template <typename Curve> class GeminiVerifier_ {
     /**
      * @brief Returns univariate opening claims for the Fold polynomials to be checked later
      *
-     * @param mle_opening_point the MLE evaluation point u
+     * @param multilinear_evaluations the MLE evaluation point u
      * @param batched_evaluation batched evaluation from multivariate evals at the point u
-     * @param batched_f batched commitment to unshifted polynomials
-     * @param batched_g batched commitment to to-be-shifted polynomials
+     * @param batched_commitment_unshifted batched commitment to unshifted polynomials
+     * @param batched_commitment_to_be_shifted batched commitment to to-be-shifted polynomials
      * @param proof commitments to the m-1 folded polynomials, and alleged evaluations.
      * @param transcript
      * @return Fold polynomial opening claims: (r, A₀(r), C₀₊), (-r, A₀(-r), C₀₋), and
      * (Cⱼ, Aⱼ(-r^{2ʲ}), -r^{2}), j = [1, ..., m-1]
      */
-    static std::vector<OpeningClaim<Curve>> reduce_verification(std::span<const Fr> mle_opening_point, /* u */
-                                                                Fr& batched_evaluation,                /* all */
-                                                                GroupElement& batched_f,               /* unshifted */
-                                                                GroupElement& batched_g, /* to-be-shifted */
+    static std::vector<OpeningClaim<Curve>> reduce_verification(std::span<Fr> multilinear_challenge,
+                                                                std::span<Fr> multilinear_evaluations, /* u */
+                                                                RefSpan<GroupElement> unshifted_commitments,
+                                                                RefSpan<GroupElement> to_be_shifted_commitments,
                                                                 auto& transcript)
     {
-        const size_t num_variables = mle_opening_point.size();
+        const size_t num_variables = multilinear_challenge.size();
+
+        Fr rho = transcript->template get_challenge<Fr>("rho");
+        std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
+
+        GroupElement batched_commitment_unshifted = GroupElement::zero();
+        GroupElement batched_commitment_to_be_shifted = GroupElement::zero();
+
+        Fr batched_evaluation = Fr::zero();
+        for (size_t i = 0; i < multilinear_evaluations.size(); ++i) {
+            batched_evaluation += multilinear_evaluations[i] * rhos[i];
+        }
+
+        const size_t num_unshifted = unshifted_commitments.size();
+        const size_t num_to_be_shifted = to_be_shifted_commitments.size();
+        for (size_t i = 0; i < num_unshifted; i++) {
+            batched_commitment_unshifted += unshifted_commitments[i] * rhos[i];
+        }
+        for (size_t i = 0; i < num_to_be_shifted; i++) {
+            batched_commitment_to_be_shifted += to_be_shifted_commitments[i] * rhos[num_unshifted + i];
+        }
 
         // Get polynomials Fold_i, i = 1,...,m-1 from transcript
         const std::vector<Commitment> commitments = get_gemini_commitments(num_variables, transcript);
@@ -149,12 +175,13 @@ template <typename Curve> class GeminiVerifier_ {
         // Get evaluations a_i, i = 0,...,m-1 from transcript
         const std::vector<Fr> evaluations = get_gemini_evaluations(num_variables, transcript);
         // Compute evaluation A₀(r)
-        auto a_0_pos =
-            compute_gemini_batched_univariate_evaluation(batched_evaluation, mle_opening_point, r_squares, evaluations);
+        auto a_0_pos = compute_gemini_batched_univariate_evaluation(
+            batched_evaluation, multilinear_challenge, r_squares, evaluations);
 
         // C₀_r_pos = ∑ⱼ ρʲ⋅[fⱼ] + r⁻¹⋅∑ⱼ ρᵏ⁺ʲ [gⱼ]
         // C₀_r_pos = ∑ⱼ ρʲ⋅[fⱼ] - r⁻¹⋅∑ⱼ ρᵏ⁺ʲ [gⱼ]
-        auto [c0_r_pos, c0_r_neg] = compute_simulated_commitments(batched_f, batched_g, r);
+        auto [c0_r_pos, c0_r_neg] =
+            compute_simulated_commitments(batched_commitment_unshifted, batched_commitment_to_be_shifted, r);
 
         std::vector<OpeningClaim<Curve>> fold_polynomial_opening_claims;
         fold_polynomial_opening_claims.reserve(num_variables + 1);
@@ -246,14 +273,13 @@ template <typename Curve> class GeminiVerifier_ {
     /**
      * @brief Computes two commitments to A₀ partially evaluated in r and -r.
      *
-     * @param batched_f batched commitment to non-shifted polynomials
-     * @param batched_g batched commitment to to-be-shifted polynomials
+     * @param batched_commitment_unshifted batched commitment to non-shifted polynomials
+     * @param batched_commitment_to_be_shifted batched commitment to to-be-shifted polynomials
      * @param r evaluation point at which we have partially evaluated A₀ at r and -r.
      * @return std::pair<Commitment, Commitment>  c0_r_pos, c0_r_neg
      */
-    static std::pair<GroupElement, GroupElement> compute_simulated_commitments(GroupElement& batched_f,
-                                                                               GroupElement& batched_g,
-                                                                               Fr r)
+    static std::pair<GroupElement, GroupElement> compute_simulated_commitments(
+        GroupElement& batched_commitment_unshifted, GroupElement& batched_commitment_to_be_shifted, Fr r)
     {
         // C₀ᵣ₊ = [F] + r⁻¹⋅[G]
         GroupElement C0_r_pos;
@@ -265,7 +291,7 @@ template <typename Curve> class GeminiVerifier_ {
         // TODO(#673): The following if-else represents the stldib/native code paths. Once the "native" verifier is
         // achieved through a builder Simulator, the stdlib codepath should become the only codepath.
         if constexpr (Curve::is_stdlib_type) {
-            std::vector<GroupElement> commitments = { batched_f, batched_g };
+            std::vector<GroupElement> commitments = { batched_commitment_unshifted, batched_commitment_to_be_shifted };
             auto builder = r.get_context();
             auto one = Fr(builder, 1);
             // TODO(#707): these batch muls include the use of 1 as a scalar. This is handled appropriately as a non-mul
@@ -274,12 +300,12 @@ template <typename Curve> class GeminiVerifier_ {
             C0_r_pos = GroupElement::batch_mul(commitments, { one, r_inv });
             C0_r_neg = GroupElement::batch_mul(commitments, { one, -r_inv });
         } else {
-            C0_r_pos = batched_f;
-            C0_r_neg = batched_f;
-            if (!batched_g.is_point_at_infinity()) {
-                batched_g = batched_g * r_inv;
-                C0_r_pos += batched_g;
-                C0_r_neg -= batched_g;
+            C0_r_pos = batched_commitment_unshifted;
+            C0_r_neg = batched_commitment_unshifted;
+            if (!batched_commitment_to_be_shifted.is_point_at_infinity()) {
+                batched_commitment_to_be_shifted = batched_commitment_to_be_shifted * r_inv;
+                C0_r_pos += batched_commitment_to_be_shifted;
+                C0_r_neg -= batched_commitment_to_be_shifted;
             }
         }
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
index 1da66356c642..a7a7a86b4837 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
@@ -16,67 +16,28 @@ template <class Curve> class GeminiTest : public CommitmentTest<Curve> {
     using GroupElement = typename Curve::Element;
 
   public:
-    void execute_gemini_and_verify_claims(size_t log_n,
-                                          std::vector<Fr> multilinear_evaluation_point,
-                                          std::vector<Fr> multilinear_evaluations,
-                                          std::vector<Polynomial<Fr>> multilinear_polynomials,
-                                          std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted,
-                                          std::vector<GroupElement> multilinear_commitments,
-                                          std::vector<GroupElement> multilinear_commitments_to_be_shifted)
+    void execute_gemini_and_verify_claims([[maybe_unused]] size_t log_n,
+                                          std::vector<Fr>& multilinear_evaluation_point,
+                                          std::vector<Fr>& multilinear_evaluations,
+                                          std::vector<Polynomial<Fr>>& multilinear_polynomials,
+                                          std::vector<Polynomial<Fr>>& multilinear_polynomials_to_be_shifted,
+                                          std::vector<GroupElement>& multilinear_commitments,
+                                          std::vector<GroupElement>& multilinear_commitments_to_be_shifted)
     {
         auto prover_transcript = NativeTranscript::prover_init_empty();
 
-        const Fr rho = Fr::random_element();
-
-        std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
-
-        // Compute batched multivariate evaluation
-        Fr batched_evaluation = Fr::zero();
-        for (size_t i = 0; i < multilinear_evaluations.size(); ++i) {
-            batched_evaluation += multilinear_evaluations[i] * rhos[i];
-        }
-
-        Polynomial<Fr> batched_unshifted(1 << log_n);
-        Polynomial<Fr> batched_to_be_shifted = Polynomial<Fr>::shiftable(1 << log_n);
-        GroupElement batched_commitment_unshifted = GroupElement::zero();
-        GroupElement batched_commitment_to_be_shifted = GroupElement::zero();
-        const size_t num_unshifted = multilinear_polynomials.size();
-        const size_t num_shifted = multilinear_polynomials_to_be_shifted.size();
-        for (size_t i = 0; i < num_unshifted; ++i) {
-            batched_unshifted.add_scaled(multilinear_polynomials[i], rhos[i]);
-            batched_commitment_unshifted += multilinear_commitments[i] * rhos[i];
-        }
-        for (size_t i = 0; i < num_shifted; ++i) {
-            size_t rho_idx = num_unshifted + i;
-            batched_to_be_shifted.add_scaled(multilinear_polynomials_to_be_shifted[i], rhos[rho_idx]);
-            batched_commitment_to_be_shifted += multilinear_commitments_to_be_shifted[i] * rhos[rho_idx];
-        }
-
         // Compute:
         // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
         // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-        auto gemini_polynomials = GeminiProver::compute_gemini_polynomials(
-            multilinear_evaluation_point, std::move(batched_unshifted), std::move(batched_to_be_shifted));
-
-        for (size_t l = 0; l < log_n - 1; ++l) {
-            std::string label = "FOLD_" + std::to_string(l + 1);
-            auto commitment = this->ck()->commit(gemini_polynomials[l + 2]);
-            prover_transcript->send_to_verifier(label, commitment);
-        }
-
-        const Fr r_challenge = prover_transcript->get_challenge<Fr>("Gemini:r");
-
-        auto prover_output = GeminiProver::compute_fold_polynomial_evaluations(
-            multilinear_evaluation_point, std::move(gemini_polynomials), r_challenge);
-
-        for (size_t l = 0; l < log_n; ++l) {
-            std::string label = "Gemini:a_" + std::to_string(l);
-            const auto& evaluation = prover_output.opening_pairs[l + 1].evaluation;
-            prover_transcript->send_to_verifier(label, evaluation);
-        }
+        auto prover_output = GeminiProver::prove(this->commitment_key,
+                                                 multilinear_evaluation_point,
+                                                 multilinear_evaluations,
+                                                 RefVector(multilinear_polynomials),
+                                                 RefVector(multilinear_polynomials_to_be_shifted),
+                                                 prover_transcript);
 
         // Check that the Fold polynomials have been evaluated correctly in the prover
-        this->verify_batch_opening_pair(prover_output.opening_pairs, prover_output.witnesses);
+        this->verify_batch_opening_pair(prover_output);
 
         auto verifier_transcript = NativeTranscript::verifier_init_empty(prover_transcript);
 
@@ -84,19 +45,17 @@ template <class Curve> class GeminiTest : public CommitmentTest<Curve> {
         // - Single opening pair: {r, \hat{a}_0}
         // - 2 partially evaluated Fold polynomial commitments [Fold_{r}^(0)] and [Fold_{-r}^(0)]
         // Aggregate: d+1 opening pairs and d+1 Fold poly commitments into verifier claim
-        auto verifier_claim = GeminiVerifier::reduce_verification(multilinear_evaluation_point,
-                                                                  batched_evaluation,
-                                                                  batched_commitment_unshifted,
-                                                                  batched_commitment_to_be_shifted,
-                                                                  verifier_transcript);
+        auto verifier_claims = GeminiVerifier::reduce_verification(multilinear_evaluation_point,
+                                                                   multilinear_evaluations,
+                                                                   RefVector(multilinear_commitments),
+                                                                   RefVector(multilinear_commitments_to_be_shifted),
+                                                                   verifier_transcript);
 
         // Check equality of the opening pairs computed by prover and verifier
-        for (size_t i = 0; i < (log_n + 1); ++i) {
-            ASSERT_EQ(prover_output.opening_pairs[i], verifier_claim[i].opening_pair);
+        for (auto [prover_claim, verifier_claim] : zip_view(prover_output, verifier_claims)) {
+            ASSERT_EQ(prover_claim.opening_pair, verifier_claim.opening_pair);
+            this->verify_opening_claim(verifier_claim, prover_claim.polynomial);
         }
-
-        // Explicitly verify the claims computed by the verfier
-        this->verify_batch_opening_claim(verifier_claim, prover_output.witnesses);
     }
 };
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
index c8ad9c652db3..5905b5a7288d 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
@@ -77,8 +77,8 @@ TEST_F(IPATest, OpenZeroPolynomial)
     EXPECT_TRUE(result);
 }
 
-// This test makes sure that even if the whole vector \vec{b} generated from the x, at which we open the polynomial, is
-// zero, IPA behaves
+// This test makes sure that even if the whole vector \vec{b} generated from the x, at which we open the polynomial,
+// is zero, IPA behaves
 TEST_F(IPATest, OpenAtZero)
 {
     using IPA = IPA<Curve>;
@@ -244,8 +244,6 @@ TEST_F(IPATest, GeminiShplonkIPAWithShift)
     const size_t n = 8;
     const size_t log_n = 3;
 
-    Fr rho = Fr::random_element();
-
     // Generate multilinear polynomials, their commitments (genuine and mocked) and evaluations (genuine) at a random
     // point.
     auto mle_opening_point = this->random_evaluation_point(log_n); // sometimes denoted 'u'
@@ -261,59 +259,29 @@ TEST_F(IPATest, GeminiShplonkIPAWithShift)
 
     std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval2_shift };
 
-    std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
-
-    Fr batched_evaluation = Fr::zero();
-    for (size_t i = 0; i < rhos.size(); ++i) {
-        batched_evaluation += multilinear_evaluations[i] * rhos[i];
-    }
-
-    Polynomial batched_unshifted(n);
-    Polynomial batched_to_be_shifted = Polynomial::shiftable(n);
-    batched_unshifted.add_scaled(poly1, rhos[0]);
-    batched_unshifted.add_scaled(poly2, rhos[1]);
-    batched_to_be_shifted.add_scaled(poly2, rhos[2]);
-
-    GroupElement batched_commitment_unshifted = GroupElement::zero();
-    GroupElement batched_commitment_to_be_shifted = GroupElement::zero();
-    batched_commitment_unshifted = commitment1 * rhos[0] + commitment2 * rhos[1];
-    batched_commitment_to_be_shifted = commitment2 * rhos[2];
-
     auto prover_transcript = NativeTranscript::prover_init_empty();
 
-    auto gemini_polynomials = GeminiProver::compute_gemini_polynomials(
-        mle_opening_point, std::move(batched_unshifted), std::move(batched_to_be_shifted));
+    // Run the full prover PCS protocol:
 
-    for (size_t l = 0; l < log_n - 1; ++l) {
-        std::string label = "FOLD_" + std::to_string(l + 1);
-        auto commitment = this->ck()->commit(gemini_polynomials[l + 2]);
-        prover_transcript->send_to_verifier(label, commitment);
-    }
-
-    const Fr r_challenge = prover_transcript->template get_challenge<Fr>("Gemini:r");
-
-    const auto [gemini_opening_pairs, gemini_witnesses] = GeminiProver::compute_fold_polynomial_evaluations(
-        mle_opening_point, std::move(gemini_polynomials), r_challenge);
+    // Compute:
+    // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
+    // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
+    auto prover_opening_claims = GeminiProver::prove(this->ck(),
+                                                     mle_opening_point,
+                                                     multilinear_evaluations,
+                                                     RefArray{ poly1, poly2 },
+                                                     RefArray{ poly2 },
+                                                     prover_transcript);
 
-    std::vector<ProverOpeningClaim<Curve>> opening_claims;
-
-    for (size_t l = 0; l < log_n; ++l) {
-        std::string label = "Gemini:a_" + std::to_string(l);
-        const auto& evaluation = gemini_opening_pairs[l + 1].evaluation;
-        prover_transcript->send_to_verifier(label, evaluation);
-        opening_claims.push_back({ gemini_witnesses[l], gemini_opening_pairs[l] });
-    }
-    opening_claims.push_back({ gemini_witnesses[log_n], gemini_opening_pairs[log_n] });
-
-    const auto opening_claim = ShplonkProver::prove(this->ck(), opening_claims, prover_transcript);
+    const auto opening_claim = ShplonkProver::prove(this->ck(), prover_opening_claims, prover_transcript);
     IPA::compute_opening_proof(this->ck(), opening_claim, prover_transcript);
 
     auto verifier_transcript = NativeTranscript::verifier_init_empty(prover_transcript);
 
     auto gemini_verifier_claim = GeminiVerifier::reduce_verification(mle_opening_point,
-                                                                     batched_evaluation,
-                                                                     batched_commitment_unshifted,
-                                                                     batched_commitment_to_be_shifted,
+                                                                     multilinear_evaluations,
+                                                                     RefArray{ commitment1, commitment2 },
+                                                                     RefArray{ commitment2 },
                                                                      verifier_transcript);
 
     const auto shplonk_verifier_claim =
@@ -348,45 +316,20 @@ TEST_F(IPATest, ShpleminiIPAWithShift)
     std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval2_shift };
 
     auto prover_transcript = NativeTranscript::prover_init_empty();
-    Fr rho = prover_transcript->template get_challenge<Fr>("rho");
-    std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
-
-    Fr batched_evaluation = Fr::zero();
-    for (size_t i = 0; i < rhos.size(); ++i) {
-        batched_evaluation += multilinear_evaluations[i] * rhos[i];
-    }
-
-    Polynomial batched_unshifted(n);
-    Polynomial batched_to_be_shifted = Polynomial::shiftable(n);
-    batched_unshifted.add_scaled(poly1, rhos[0]);
-    batched_unshifted.add_scaled(poly2, rhos[1]);
-    batched_to_be_shifted.add_scaled(poly2, rhos[2]);
-
-    auto gemini_polynomials = GeminiProver::compute_gemini_polynomials(
-        mle_opening_point, std::move(batched_unshifted), std::move(batched_to_be_shifted));
 
-    for (size_t l = 0; l < log_n - 1; ++l) {
-        std::string label = "FOLD_" + std::to_string(l + 1);
-        auto commitment = this->ck()->commit(gemini_polynomials[l + 2]);
-        prover_transcript->send_to_verifier(label, commitment);
-    }
-
-    const Fr r_challenge = prover_transcript->template get_challenge<Fr>("Gemini:r");
-
-    const auto [gemini_opening_pairs, gemini_witnesses] = GeminiProver::compute_fold_polynomial_evaluations(
-        mle_opening_point, std::move(gemini_polynomials), r_challenge);
+    // Run the full prover PCS protocol:
 
-    std::vector<ProverOpeningClaim<Curve>> opening_claims;
-
-    for (size_t l = 0; l < log_n; ++l) {
-        std::string label = "Gemini:a_" + std::to_string(l);
-        const auto& evaluation = gemini_opening_pairs[l + 1].evaluation;
-        prover_transcript->send_to_verifier(label, evaluation);
-        opening_claims.push_back({ gemini_witnesses[l], gemini_opening_pairs[l] });
-    }
-    opening_claims.push_back({ gemini_witnesses[log_n], gemini_opening_pairs[log_n] });
+    // Compute:
+    // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
+    // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
+    auto prover_opening_claims = GeminiProver::prove(this->ck(),
+                                                     mle_opening_point,
+                                                     multilinear_evaluations,
+                                                     RefArray{ poly1, poly2 },
+                                                     RefArray{ poly2 },
+                                                     prover_transcript);
 
-    const auto opening_claim = ShplonkProver::prove(this->ck(), opening_claims, prover_transcript);
+    const auto opening_claim = ShplonkProver::prove(this->ck(), prover_opening_claims, prover_transcript);
     IPA::compute_opening_proof(this->ck(), opening_claim, prover_transcript);
 
     auto verifier_transcript = NativeTranscript::verifier_init_empty(prover_transcript);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
index ded35bb6a425..92e7f2614e6b 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
@@ -69,8 +69,6 @@ TYPED_TEST(KZGTest, GeminiShplonkKzgWithShift)
     const size_t n = 16;
     const size_t log_n = 4;
 
-    Fr rho = Fr::random_element();
-
     // Generate multilinear polynomials, their commitments (genuine and mocked) and evaluations (genuine) at a random
     // point.
     auto mle_opening_point = this->random_evaluation_point(log_n); // sometimes denoted 'u'
@@ -87,27 +85,6 @@ TYPED_TEST(KZGTest, GeminiShplonkKzgWithShift)
     // Collect multilinear evaluations for input to prover
     std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval2_shift };
 
-    std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
-
-    // Compute batched multivariate evaluation
-    Fr batched_evaluation = Fr::zero();
-    for (size_t i = 0; i < rhos.size(); ++i) {
-        batched_evaluation += multilinear_evaluations[i] * rhos[i];
-    }
-
-    // Compute batched polynomials
-    Polynomial batched_unshifted(n);
-    Polynomial batched_to_be_shifted = Polynomial::shiftable(n);
-    batched_unshifted.add_scaled(poly1, rhos[0]);
-    batched_unshifted.add_scaled(poly2, rhos[1]);
-    batched_to_be_shifted.add_scaled(poly2, rhos[2]);
-
-    // Compute batched commitments
-    GroupElement batched_commitment_unshifted = GroupElement::zero();
-    GroupElement batched_commitment_to_be_shifted = GroupElement::zero();
-    batched_commitment_unshifted = commitment1 * rhos[0] + commitment2 * rhos[1];
-    batched_commitment_to_be_shifted = commitment2 * rhos[2];
-
     auto prover_transcript = NativeTranscript::prover_init_empty();
 
     // Run the full prover PCS protocol:
@@ -115,33 +92,17 @@ TYPED_TEST(KZGTest, GeminiShplonkKzgWithShift)
     // Compute:
     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-    auto gemini_polynomials = GeminiProver::compute_gemini_polynomials(
-        mle_opening_point, std::move(batched_unshifted), std::move(batched_to_be_shifted));
-
-    for (size_t l = 0; l < log_n - 1; ++l) {
-        std::string label = "FOLD_" + std::to_string(l + 1);
-        auto commitment = this->ck()->commit(gemini_polynomials[l + 2]);
-        prover_transcript->send_to_verifier(label, commitment);
-    }
-
-    const Fr r_challenge = prover_transcript->template get_challenge<Fr>("Gemini:r");
-
-    const auto [gemini_opening_pairs, gemini_witnesses] = GeminiProver::compute_fold_polynomial_evaluations(
-        mle_opening_point, std::move(gemini_polynomials), r_challenge);
-
-    std::vector<ProverOpeningClaim<TypeParam>> opening_claims;
-    for (size_t l = 0; l < log_n; ++l) {
-        std::string label = "Gemini:a_" + std::to_string(l);
-        const auto& evaluation = gemini_opening_pairs[l + 1].evaluation;
-        prover_transcript->send_to_verifier(label, evaluation);
-        opening_claims.push_back({ gemini_witnesses[l], gemini_opening_pairs[l] });
-    }
-    opening_claims.push_back({ gemini_witnesses[log_n], gemini_opening_pairs[log_n] });
+    auto prover_opening_claims = GeminiProver::prove(this->ck(),
+                                                     mle_opening_point,
+                                                     multilinear_evaluations,
+                                                     RefArray{ poly1, poly2 },
+                                                     RefArray{ poly2 },
+                                                     prover_transcript);
 
     // Shplonk prover output:
     // - opening pair: (z_challenge, 0)
     // - witness: polynomial Q - Q_z
-    const auto opening_claim = ShplonkProver::prove(this->ck(), opening_claims, prover_transcript);
+    const auto opening_claim = ShplonkProver::prove(this->ck(), prover_opening_claims, prover_transcript);
 
     // KZG prover:
     // - Adds commitment [W] to transcript
@@ -154,9 +115,9 @@ TYPED_TEST(KZGTest, GeminiShplonkKzgWithShift)
     // Gemini verifier output:
     // - claim: d+1 commitments to Fold_{r}^(0), Fold_{-r}^(0), Fold^(l), d+1 evaluations a_0_pos, a_l, l = 0:d-1
     auto gemini_verifier_claim = GeminiVerifier::reduce_verification(mle_opening_point,
-                                                                     batched_evaluation,
-                                                                     batched_commitment_unshifted,
-                                                                     batched_commitment_to_be_shifted,
+                                                                     multilinear_evaluations,
+                                                                     RefArray{ commitment1, commitment2 },
+                                                                     RefArray{ commitment2 },
                                                                      verifier_transcript);
 
     // Shplonk verifier claim: commitment [Q] - [Q_z], opening point (z_challenge, 0)
@@ -179,15 +140,13 @@ TYPED_TEST(KZGTest, ShpleminiKzgWithShift)
     using ShpleminiVerifier = ShpleminiVerifier_<TypeParam>;
     using KZG = KZG<TypeParam>;
     using Fr = typename TypeParam::ScalarField;
-    using GroupElement = typename TypeParam::Element;
+    // using GroupElement = typename TypeParam::Element;
     using Commitment = typename TypeParam::AffineElement;
     using Polynomial = typename bb::Polynomial<Fr>;
 
     const size_t n = 16;
     const size_t log_n = 4;
-    auto prover_transcript = NativeTranscript::prover_init_empty();
-    // Get batching challenge
-    Fr rho = prover_transcript->template get_challenge<Fr>("rho");
+
     // Generate multilinear polynomials, their commitments (genuine and mocked) and evaluations (genuine) at a random
     // point.
     auto mle_opening_point = this->random_evaluation_point(log_n); // sometimes denoted 'u'
@@ -205,59 +164,24 @@ TYPED_TEST(KZGTest, ShpleminiKzgWithShift)
     // Collect multilinear evaluations for input to prover
     std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval2_shift };
 
-    std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
-
-    // Compute batched multivariate evaluation
-    Fr batched_evaluation = Fr::zero();
-    for (size_t i = 0; i < rhos.size(); ++i) {
-        batched_evaluation += multilinear_evaluations[i] * rhos[i];
-    }
-
-    // Compute batched polynomials
-    Polynomial batched_unshifted(n);
-    Polynomial batched_to_be_shifted = Polynomial::shiftable(n);
-    batched_unshifted.add_scaled(poly1, rhos[0]);
-    batched_unshifted.add_scaled(poly2, rhos[1]);
-    batched_to_be_shifted.add_scaled(poly2, rhos[2]);
-
-    // Compute batched commitments
-    GroupElement batched_commitment_unshifted = GroupElement::zero();
-    GroupElement batched_commitment_to_be_shifted = GroupElement::zero();
-    batched_commitment_unshifted = commitment1 * rhos[0] + commitment2 * rhos[1];
-    batched_commitment_to_be_shifted = commitment2 * rhos[2];
+    auto prover_transcript = NativeTranscript::prover_init_empty();
 
     // Run the full prover PCS protocol:
 
     // Compute:
     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-    auto gemini_polynomials = GeminiProver::compute_gemini_polynomials(
-        mle_opening_point, std::move(batched_unshifted), std::move(batched_to_be_shifted));
-
-    for (size_t l = 0; l < log_n - 1; ++l) {
-        std::string label = "FOLD_" + std::to_string(l + 1);
-        auto commitment = this->ck()->commit(gemini_polynomials[l + 2]);
-        prover_transcript->send_to_verifier(label, commitment);
-    }
-
-    const Fr r_challenge = prover_transcript->template get_challenge<Fr>("Gemini:r");
-
-    const auto [gemini_opening_pairs, gemini_witnesses] = GeminiProver::compute_fold_polynomial_evaluations(
-        mle_opening_point, std::move(gemini_polynomials), r_challenge);
-
-    std::vector<ProverOpeningClaim<TypeParam>> opening_claims;
-    for (size_t l = 0; l < log_n; ++l) {
-        std::string label = "Gemini:a_" + std::to_string(l);
-        const auto& evaluation = gemini_opening_pairs[l + 1].evaluation;
-        prover_transcript->send_to_verifier(label, evaluation);
-        opening_claims.push_back({ gemini_witnesses[l], gemini_opening_pairs[l] });
-    }
-    opening_claims.push_back({ gemini_witnesses[log_n], gemini_opening_pairs[log_n] });
+    auto prover_opening_claims = GeminiProver::prove(this->ck(),
+                                                     mle_opening_point,
+                                                     multilinear_evaluations,
+                                                     RefArray{ poly1, poly2 },
+                                                     RefArray{ poly2 },
+                                                     prover_transcript);
 
     // Shplonk prover output:
     // - opening pair: (z_challenge, 0)
     // - witness: polynomial Q - Q_z
-    const auto opening_claim = ShplonkProver::prove(this->ck(), opening_claims, prover_transcript);
+    const auto opening_claim = ShplonkProver::prove(this->ck(), prover_opening_claims, prover_transcript);
 
     // KZG prover:
     // - Adds commitment [W] to transcript
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp
index 45292861fae7..c04359b5a2a9 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp
@@ -1,228 +1,228 @@
 
-#include "shplemini_verifier.hpp"
-#include "../commitment_key.test.hpp"
-#include "../gemini/gemini.hpp"
-#include "../kzg/kzg.hpp"
-#include "../shplonk/shplonk.hpp"
-#include "../utils/batch_mul_native.hpp"
-#include "barretenberg/commitment_schemes/claim.hpp"
-#include "barretenberg/ecc/curves/bn254/g1.hpp"
-
-#include <gtest/gtest.h>
-#include <vector>
-
-namespace bb {
-
-template <class Curve> class ShpleminiTest : public CommitmentTest<Curve> {
-  public:
-    using Fr = typename Curve::ScalarField;
-    using Commitment = typename Curve::AffineElement;
-    using GroupElement = typename Curve::Element;
-    using Polynomial = bb::Polynomial<Fr>;
-};
-
-using CurveTypes = ::testing::Types<curve::BN254, curve::Grumpkin>;
-
-TYPED_TEST_SUITE(ShpleminiTest, CurveTypes);
-
-// This test checks that batch_multivariate_opening_claims method operates correctly
-TYPED_TEST(ShpleminiTest, CorrectnessOfMultivariateClaimBatching)
-{
-    using ShpleminiVerifier = ShpleminiVerifier_<TypeParam>;
-    using Fr = typename TypeParam::ScalarField;
-    using GroupElement = typename TypeParam::Element;
-    using Commitment = typename TypeParam::AffineElement;
-    using Polynomial = typename bb::Polynomial<Fr>;
-    using Utils = CommitmentSchemesUtils<TypeParam>;
-
-    const size_t n = 16;
-    const size_t log_n = 4;
-
-    // Generate mock challenges
-    Fr rho = Fr::random_element();
-    Fr gemini_eval_challenge = Fr::random_element();
-    Fr shplonk_batching_challenge = Fr::random_element();
-    Fr shplonk_eval_challenge = Fr::random_element();
-
-    // Generate multilinear polynomials and compute their commitments
-    auto mle_opening_point = this->random_evaluation_point(log_n);
-    auto poly1 = Polynomial::random(n);
-    auto poly2 = Polynomial::random(n, /*shiftable*/ 1);
-    Polynomial poly3(n);
-
-    Commitment commitment1 = this->commit(poly1);
-    Commitment commitment2 = this->commit(poly2);
-    Commitment commitment3 = this->commit(poly3);
-    EXPECT_TRUE(commitment3.is_point_at_infinity());
-
-    std::vector<Commitment> unshifted_commitments = { commitment1, commitment2, commitment3 };
-    std::vector<Commitment> shifted_commitments = { commitment2, commitment3 };
-
-    // Evaluate the polynomials at the multivariate challenge, poly3 is not evaluated, because it is 0.
-    auto eval1 = poly1.evaluate_mle(mle_opening_point);
-    auto eval2 = poly2.evaluate_mle(mle_opening_point);
-    Fr eval3{ 0 };
-    Fr eval3_shift{ 0 };
-    auto eval2_shift = poly2.evaluate_mle(mle_opening_point, true);
-
-    // Collect multilinear evaluations
-    std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval3, eval2_shift, eval3_shift };
-    std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
-
-    // Compute batched multivariate evaluation
-    Fr batched_evaluation =
-        std::inner_product(multilinear_evaluations.begin(), multilinear_evaluations.end(), rhos.begin(), Fr::zero());
-
-    // Compute batched commitments manually
-    GroupElement batched_commitment_unshifted = commitment1 * rhos[0] + commitment2 * rhos[1] + commitment3 * rhos[2];
-    GroupElement batched_commitment_to_be_shifted = commitment2 * rhos[3] + commitment3 * rhos[4];
-
-    // Compute expected result manually
-    GroupElement commitment_to_univariate =
-        batched_commitment_unshifted + batched_commitment_to_be_shifted * gemini_eval_challenge.invert();
-    GroupElement commitment_to_univariate_neg =
-        batched_commitment_unshifted - batched_commitment_to_be_shifted * gemini_eval_challenge.invert();
-
-    GroupElement expected_result =
-        commitment_to_univariate * (shplonk_eval_challenge - gemini_eval_challenge).invert() +
-        commitment_to_univariate_neg *
-            (shplonk_batching_challenge * (shplonk_eval_challenge + gemini_eval_challenge).invert());
-
-    // Run the ShepliminiVerifier batching method
-    std::vector<Commitment> commitments;
-    std::vector<Fr> scalars;
-    Fr verifier_batched_evaluation{ 0 };
-
-    Fr unshifted_scalar = (shplonk_eval_challenge - gemini_eval_challenge).invert() +
-                          shplonk_batching_challenge * (shplonk_eval_challenge + gemini_eval_challenge).invert();
-
-    Fr shifted_scalar = gemini_eval_challenge.invert() *
-                        ((shplonk_eval_challenge - gemini_eval_challenge).invert() -
-                         shplonk_batching_challenge * (shplonk_eval_challenge + gemini_eval_challenge).invert());
-
-    ShpleminiVerifier::batch_multivariate_opening_claims(RefVector(unshifted_commitments),
-                                                         RefVector(shifted_commitments),
-                                                         RefVector(multilinear_evaluations),
-                                                         rho,
-                                                         unshifted_scalar,
-                                                         shifted_scalar,
-                                                         commitments,
-                                                         scalars,
-                                                         verifier_batched_evaluation);
-
-    // Final pairing check
-    GroupElement shplemini_result = Utils::batch_mul_native(commitments, scalars);
-
-    EXPECT_EQ(commitments.size(), unshifted_commitments.size() + shifted_commitments.size());
-    EXPECT_EQ(batched_evaluation, verifier_batched_evaluation);
-    EXPECT_EQ(-expected_result, shplemini_result);
-}
-
-TYPED_TEST(ShpleminiTest, CorrectnessOfGeminiClaimBatching)
-{
-    using GeminiProver = GeminiProver_<TypeParam>;
-    using ShpleminiVerifier = ShpleminiVerifier_<TypeParam>;
-    using ShplonkVerifier = ShplonkVerifier_<TypeParam>;
-    using Fr = typename TypeParam::ScalarField;
-    using GroupElement = typename TypeParam::Element;
-    using Commitment = typename TypeParam::AffineElement;
-    using Polynomial = typename bb::Polynomial<Fr>;
-    using Utils = CommitmentSchemesUtils<TypeParam>;
-
-    const size_t n = 16;
-    const size_t log_n = 4;
-
-    // Generate mock challenges
-    Fr rho = Fr::random_element();
-    Fr gemini_eval_challenge = Fr::random_element();
-    Fr shplonk_batching_challenge = Fr::random_element();
-    Fr shplonk_eval_challenge = Fr::random_element();
-
-    // Generate multilinear polynomials and compute their commitments
-    auto mle_opening_point = this->random_evaluation_point(log_n);
-    auto poly1 = Polynomial::random(n);
-    auto poly2 = Polynomial::random(n, /*shiftable*/ 1);
-    Polynomial poly3 = Polynomial::shiftable(n);
-
-    // Evaluate the polynomials at the multivariate challenge, poly3 is not evaluated, because it is 0.
-    auto eval1 = poly1.evaluate_mle(mle_opening_point);
-    auto eval2 = poly2.evaluate_mle(mle_opening_point);
-    Fr eval3{ 0 };
-    Fr eval3_shift{ 0 };
-    auto eval2_shift = poly2.evaluate_mle(mle_opening_point, true);
-
-    // Collect multilinear evaluations
-    std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval3, eval2_shift, eval3_shift };
-    std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
-
-    Polynomial batched_unshifted(n);
-    Polynomial batched_to_be_shifted = Polynomial::shiftable(n);
-    batched_unshifted.add_scaled(poly1, rhos[0]);
-    batched_unshifted.add_scaled(poly2, rhos[1]);
-    batched_unshifted.add_scaled(poly3, rhos[2]);
-    batched_to_be_shifted.add_scaled(poly2, rhos[3]);
-    batched_to_be_shifted.add_scaled(poly3, rhos[4]);
-
-    // Compute:
-    // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
-    // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-    auto gemini_polynomials = GeminiProver::compute_gemini_polynomials(
-        mle_opening_point, std::move(batched_unshifted), std::move(batched_to_be_shifted));
-
-    std::vector<Commitment> prover_commitments;
-    for (size_t l = 0; l < log_n - 1; ++l) {
-        auto commitment = this->ck()->commit(gemini_polynomials[l + 2]);
-        prover_commitments.emplace_back(commitment);
-    }
-
-    const auto [gemini_opening_pairs, gemini_witnesses] = GeminiProver::compute_fold_polynomial_evaluations(
-        mle_opening_point, std::move(gemini_polynomials), gemini_eval_challenge);
-
-    std::vector<Fr> prover_evaluations;
-    std::vector<ProverOpeningClaim<TypeParam>> opening_claims;
-    for (size_t l = 0; l < log_n; ++l) {
-        const auto& evaluation = gemini_opening_pairs[l + 1].evaluation;
-        prover_evaluations.emplace_back(evaluation);
-    }
-
-    std::vector<Fr> r_squares = gemini::powers_of_evaluation_challenge(gemini_eval_challenge, log_n);
-
-    GroupElement expected_result = GroupElement::zero();
-    std::vector<Fr> expected_inverse_vanishing_evals(log_n + 1);
-    // Compute expected inverses
-    expected_inverse_vanishing_evals[0] = (shplonk_eval_challenge - r_squares[0]).invert();
-    expected_inverse_vanishing_evals[1] = (shplonk_eval_challenge + r_squares[0]).invert();
-    expected_inverse_vanishing_evals[2] = (shplonk_eval_challenge + r_squares[1]).invert();
-    expected_inverse_vanishing_evals[3] = (shplonk_eval_challenge + r_squares[2]).invert();
-    expected_inverse_vanishing_evals[4] = (shplonk_eval_challenge + r_squares[3]).invert();
-
-    Fr current_challenge{ shplonk_batching_challenge * shplonk_batching_challenge };
-    for (size_t idx = 0; idx < prover_commitments.size(); ++idx) {
-        expected_result -= prover_commitments[idx] * current_challenge * expected_inverse_vanishing_evals[idx + 2];
-        current_challenge *= shplonk_batching_challenge;
-    }
-
-    // Run the ShepliminiVerifier batching method
-    std::vector<Fr> inverse_vanishing_evals =
-        ShplonkVerifier::compute_inverted_gemini_denominators(log_n + 1, shplonk_eval_challenge, r_squares);
-
-    std::vector<Commitment> commitments;
-    std::vector<Fr> scalars;
-    Fr expected_constant_term_accumulator{ 0 };
-
-    ShpleminiVerifier::batch_gemini_claims_received_from_prover(log_n,
-                                                                prover_commitments,
-                                                                prover_evaluations,
-                                                                inverse_vanishing_evals,
-                                                                shplonk_batching_challenge,
-                                                                commitments,
-                                                                scalars,
-                                                                expected_constant_term_accumulator);
-
-    EXPECT_EQ(commitments.size(), prover_commitments.size());
-    // Compute the group element using the output of Shplemini method
-    GroupElement shplemini_result = Utils::batch_mul_native(commitments, scalars);
-
-    EXPECT_EQ(shplemini_result, expected_result);
-}
-} // namespace bb
+// #include "shplemini_verifier.hpp"
+// #include "../commitment_key.test.hpp"
+// #include "../gemini/gemini.hpp"
+// #include "../kzg/kzg.hpp"
+// #include "../shplonk/shplonk.hpp"
+// #include "../utils/batch_mul_native.hpp"
+// #include "barretenberg/commitment_schemes/claim.hpp"
+// #include "barretenberg/ecc/curves/bn254/g1.hpp"
+
+// #include <gtest/gtest.h>
+// #include <vector>
+
+// namespace bb {
+
+// template <class Curve> class ShpleminiTest : public CommitmentTest<Curve> {
+//   public:
+//     using Fr = typename Curve::ScalarField;
+//     using Commitment = typename Curve::AffineElement;
+//     using GroupElement = typename Curve::Element;
+//     using Polynomial = bb::Polynomial<Fr>;
+// };
+
+// using CurveTypes = ::testing::Types<curve::BN254, curve::Grumpkin>;
+
+// TYPED_TEST_SUITE(ShpleminiTest, CurveTypes);
+
+// // This test checks that batch_multivariate_opening_claims method operates correctly
+// TYPED_TEST(ShpleminiTest, CorrectnessOfMultivariateClaimBatching)
+// {
+//     using ShpleminiVerifier = ShpleminiVerifier_<TypeParam>;
+//     using Fr = typename TypeParam::ScalarField;
+//     using GroupElement = typename TypeParam::Element;
+//     using Commitment = typename TypeParam::AffineElement;
+//     using Polynomial = typename bb::Polynomial<Fr>;
+//     using Utils = CommitmentSchemesUtils<TypeParam>;
+
+//     const size_t n = 16;
+//     const size_t log_n = 4;
+
+//     // Generate mock challenges
+//     Fr rho = Fr::random_element();
+//     Fr gemini_eval_challenge = Fr::random_element();
+//     Fr shplonk_batching_challenge = Fr::random_element();
+//     Fr shplonk_eval_challenge = Fr::random_element();
+
+//     // Generate multilinear polynomials and compute their commitments
+//     auto mle_opening_point = this->random_evaluation_point(log_n);
+//     auto poly1 = Polynomial::random(n);
+//     auto poly2 = Polynomial::random(n, /*shiftable*/ 1);
+//     Polynomial poly3(n);
+
+//     Commitment commitment1 = this->commit(poly1);
+//     Commitment commitment2 = this->commit(poly2);
+//     Commitment commitment3 = this->commit(poly3);
+//     EXPECT_TRUE(commitment3.is_point_at_infinity());
+
+//     std::vector<Commitment> unshifted_commitments = { commitment1, commitment2, commitment3 };
+//     std::vector<Commitment> shifted_commitments = { commitment2, commitment3 };
+
+//     // Evaluate the polynomials at the multivariate challenge, poly3 is not evaluated, because it is 0.
+//     auto eval1 = poly1.evaluate_mle(mle_opening_point);
+//     auto eval2 = poly2.evaluate_mle(mle_opening_point);
+//     Fr eval3{ 0 };
+//     Fr eval3_shift{ 0 };
+//     auto eval2_shift = poly2.evaluate_mle(mle_opening_point, true);
+
+//     // Collect multilinear evaluations
+//     std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval3, eval2_shift, eval3_shift };
+//     std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
+
+//     // Compute batched multivariate evaluation
+//     Fr batched_evaluation =
+//         std::inner_product(multilinear_evaluations.begin(), multilinear_evaluations.end(), rhos.begin(), Fr::zero());
+
+//     // Compute batched commitments manually
+//     GroupElement batched_commitment_unshifted = commitment1 * rhos[0] + commitment2 * rhos[1] + commitment3 *
+//     rhos[2]; GroupElement batched_commitment_to_be_shifted = commitment2 * rhos[3] + commitment3 * rhos[4];
+
+//     // Compute expected result manually
+//     GroupElement commitment_to_univariate =
+//         batched_commitment_unshifted + batched_commitment_to_be_shifted * gemini_eval_challenge.invert();
+//     GroupElement commitment_to_univariate_neg =
+//         batched_commitment_unshifted - batched_commitment_to_be_shifted * gemini_eval_challenge.invert();
+
+//     GroupElement expected_result =
+//         commitment_to_univariate * (shplonk_eval_challenge - gemini_eval_challenge).invert() +
+//         commitment_to_univariate_neg *
+//             (shplonk_batching_challenge * (shplonk_eval_challenge + gemini_eval_challenge).invert());
+
+//     // Run the ShepliminiVerifier batching method
+//     std::vector<Commitment> commitments;
+//     std::vector<Fr> scalars;
+//     Fr verifier_batched_evaluation{ 0 };
+
+//     Fr unshifted_scalar = (shplonk_eval_challenge - gemini_eval_challenge).invert() +
+//                           shplonk_batching_challenge * (shplonk_eval_challenge + gemini_eval_challenge).invert();
+
+//     Fr shifted_scalar = gemini_eval_challenge.invert() *
+//                         ((shplonk_eval_challenge - gemini_eval_challenge).invert() -
+//                          shplonk_batching_challenge * (shplonk_eval_challenge + gemini_eval_challenge).invert());
+
+//     ShpleminiVerifier::batch_multivariate_opening_claims(RefVector(unshifted_commitments),
+//                                                          RefVector(shifted_commitments),
+//                                                          RefVector(multilinear_evaluations),
+//                                                          rho,
+//                                                          unshifted_scalar,
+//                                                          shifted_scalar,
+//                                                          commitments,
+//                                                          scalars,
+//                                                          verifier_batched_evaluation);
+
+//     // Final pairing check
+//     GroupElement shplemini_result = Utils::batch_mul_native(commitments, scalars);
+
+//     EXPECT_EQ(commitments.size(), unshifted_commitments.size() + shifted_commitments.size());
+//     EXPECT_EQ(batched_evaluation, verifier_batched_evaluation);
+//     EXPECT_EQ(-expected_result, shplemini_result);
+// }
+
+// TYPED_TEST(ShpleminiTest, CorrectnessOfGeminiClaimBatching)
+// {
+//     using GeminiProver = GeminiProver_<TypeParam>;
+//     using ShpleminiVerifier = ShpleminiVerifier_<TypeParam>;
+//     using ShplonkVerifier = ShplonkVerifier_<TypeParam>;
+//     using Fr = typename TypeParam::ScalarField;
+//     using GroupElement = typename TypeParam::Element;
+//     using Commitment = typename TypeParam::AffineElement;
+//     using Polynomial = typename bb::Polynomial<Fr>;
+//     using Utils = CommitmentSchemesUtils<TypeParam>;
+
+//     const size_t n = 16;
+//     const size_t log_n = 4;
+
+//     // Generate mock challenges
+//     Fr rho = Fr::random_element();
+//     Fr gemini_eval_challenge = Fr::random_element();
+//     Fr shplonk_batching_challenge = Fr::random_element();
+//     Fr shplonk_eval_challenge = Fr::random_element();
+
+//     // Generate multilinear polynomials and compute their commitments
+//     auto mle_opening_point = this->random_evaluation_point(log_n);
+//     auto poly1 = Polynomial::random(n);
+//     auto poly2 = Polynomial::random(n, /*shiftable*/ 1);
+//     Polynomial poly3 = Polynomial::shiftable(n);
+
+//     // Evaluate the polynomials at the multivariate challenge, poly3 is not evaluated, because it is 0.
+//     auto eval1 = poly1.evaluate_mle(mle_opening_point);
+//     auto eval2 = poly2.evaluate_mle(mle_opening_point);
+//     Fr eval3{ 0 };
+//     Fr eval3_shift{ 0 };
+//     auto eval2_shift = poly2.evaluate_mle(mle_opening_point, true);
+
+//     // Collect multilinear evaluations
+//     std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval3, eval2_shift, eval3_shift };
+//     std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
+
+//     Polynomial batched_unshifted(n);
+//     Polynomial batched_to_be_shifted = Polynomial::shiftable(n);
+//     batched_unshifted.add_scaled(poly1, rhos[0]);
+//     batched_unshifted.add_scaled(poly2, rhos[1]);
+//     batched_unshifted.add_scaled(poly3, rhos[2]);
+//     batched_to_be_shifted.add_scaled(poly2, rhos[3]);
+//     batched_to_be_shifted.add_scaled(poly3, rhos[4]);
+
+//     // Compute:
+//     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
+//     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
+//     auto gemini_polynomials = GeminiProver::compute_fold_polynomials(
+//         mle_opening_point, std::move(batched_unshifted), std::move(batched_to_be_shifted));
+
+//     std::vector<Commitment> prover_commitments;
+//     for (size_t l = 0; l < log_n - 1; ++l) {
+//         auto commitment = this->ck()->commit(gemini_polynomials[l + 2]);
+//         prover_commitments.emplace_back(commitment);
+//     }
+
+//     const auto [gemini_opening_pairs, gemini_witnesses] = GeminiProver::compute_fold_polynomial_evaluations(
+//         mle_opening_point, std::move(gemini_polynomials), gemini_eval_challenge);
+
+//     std::vector<Fr> prover_evaluations;
+//     std::vector<ProverOpeningClaim<TypeParam>> opening_claims;
+//     for (size_t l = 0; l < log_n; ++l) {
+//         const auto& evaluation = gemini_opening_pairs[l + 1].evaluation;
+//         prover_evaluations.emplace_back(evaluation);
+//     }
+
+//     std::vector<Fr> r_squares = gemini::powers_of_evaluation_challenge(gemini_eval_challenge, log_n);
+
+//     GroupElement expected_result = GroupElement::zero();
+//     std::vector<Fr> expected_inverse_vanishing_evals(log_n + 1);
+//     // Compute expected inverses
+//     expected_inverse_vanishing_evals[0] = (shplonk_eval_challenge - r_squares[0]).invert();
+//     expected_inverse_vanishing_evals[1] = (shplonk_eval_challenge + r_squares[0]).invert();
+//     expected_inverse_vanishing_evals[2] = (shplonk_eval_challenge + r_squares[1]).invert();
+//     expected_inverse_vanishing_evals[3] = (shplonk_eval_challenge + r_squares[2]).invert();
+//     expected_inverse_vanishing_evals[4] = (shplonk_eval_challenge + r_squares[3]).invert();
+
+//     Fr current_challenge{ shplonk_batching_challenge * shplonk_batching_challenge };
+//     for (size_t idx = 0; idx < prover_commitments.size(); ++idx) {
+//         expected_result -= prover_commitments[idx] * current_challenge * expected_inverse_vanishing_evals[idx + 2];
+//         current_challenge *= shplonk_batching_challenge;
+//     }
+
+//     // Run the ShepliminiVerifier batching method
+//     std::vector<Fr> inverse_vanishing_evals =
+//         ShplonkVerifier::compute_inverted_gemini_denominators(log_n + 1, shplonk_eval_challenge, r_squares);
+
+//     std::vector<Commitment> commitments;
+//     std::vector<Fr> scalars;
+//     Fr expected_constant_term_accumulator{ 0 };
+
+//     ShpleminiVerifier::batch_gemini_claims_received_from_prover(log_n,
+//                                                                 prover_commitments,
+//                                                                 prover_evaluations,
+//                                                                 inverse_vanishing_evals,
+//                                                                 shplonk_batching_challenge,
+//                                                                 commitments,
+//                                                                 scalars,
+//                                                                 expected_constant_term_accumulator);
+
+//     EXPECT_EQ(commitments.size(), prover_commitments.size());
+//     // Compute the group element using the output of Shplemini method
+//     GroupElement shplemini_result = Utils::batch_mul_native(commitments, scalars);
+
+//     EXPECT_EQ(shplemini_result, expected_result);
+// }
+// } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/wrapper.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/wrapper.hpp
deleted file mode 100644
index ded625f8e399..000000000000
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/wrapper.hpp
+++ /dev/null
@@ -1,14 +0,0 @@
-#pragma once
-
-#include "barretenberg/ecc/curves/bn254/g1.hpp"
-#include "gemini/gemini.hpp"
-
-namespace bb {
-
-struct OpeningProof {
-    std::vector<bb::g1::affine_element> gemini;
-    bb::g1::affine_element shplonk;
-    bb::g1::affine_element kzg;
-};
-
-} // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
index 050a2603972f..e1ef297a3880 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
@@ -108,7 +108,7 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
     };
 
     // Compute d-1 polynomials Fold^(i), i = 1, ..., d-1.
-    auto fold_polynomials = GeminiProver::compute_gemini_polynomials(
+    auto fold_polynomials = GeminiProver::compute_fold_polynomials(
         u_challenge, std::move(batched_poly_unshifted), std::move(batched_poly_to_be_shifted));
     // Comute and add to trasnscript the commitments [Fold^(i)], i = 1, ..., d-1
     for (size_t l = 0; l < log_circuit_size - 1; ++l) {
@@ -117,8 +117,8 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
     }
     const NativeFr r_challenge = prover_transcript->template get_challenge<NativeFr>("Gemini:r");
 
-    const auto [gemini_opening_pairs, gemini_witnesses] =
-        GeminiProver::compute_fold_polynomial_evaluations(u_challenge, std::move(fold_polynomials), r_challenge);
+    const auto [gemini_opening_pairs, gemini_witnesses] = GeminiProver::compute_fold_polynomial_evaluations(
+        u_challenge, std::move(fold_polynomials), r_challenge, prover_transcript);
 
     std::vector<ProverOpeningClaim<NativeCurve>> opening_claims;
     for (size_t l = 0; l < log_circuit_size; ++l) {
diff --git a/barretenberg/cpp/src/barretenberg/polynomials/polynomial.hpp b/barretenberg/cpp/src/barretenberg/polynomials/polynomial.hpp
index fa6608456c5f..894be20c83ed 100644
--- a/barretenberg/cpp/src/barretenberg/polynomials/polynomial.hpp
+++ b/barretenberg/cpp/src/barretenberg/polynomials/polynomial.hpp
@@ -69,6 +69,13 @@ template <typename Fr> class Polynomial {
         : Polynomial(coefficients, coefficients.size())
     {}
 
+    /**
+     * @brief Utility to efficiently construct a shift from the original polynomial.
+     *
+     * @details  We define the shift of a polynomial F(X) as G(X) = F(X) / X.
+     * @param virtual_size the size of the polynomial to be shifted
+     * @return Polynomial
+     */
     static Polynomial shiftable(size_t virtual_size)
     {
         return Polynomial(/*actual size*/ virtual_size - 1, virtual_size, /*shiftable offset*/ 1);
diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
index 2bb9cb89721d..fe5dbe526c99 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
@@ -38,8 +38,9 @@ class UltraFlavor {
     // Indicates that this flavor runs with non-ZK Sumcheck.
     static constexpr bool HasZK = false;
     static constexpr size_t NUM_WIRES = CircuitBuilder::NUM_WIRES;
-    // The number of multivariate polynomials on which a sumcheck prover sumcheck operates (including shifts). We often
-    // need containers of this size to hold related data, so we choose a name more agnostic than `NUM_POLYNOMIALS`.
+    // The number of multivariate polynomials on which a sumcheck prover sumcheck operates (witness polynomials,
+    // precomputed polynomials and shifts). We often need containers of this size to hold related data, so we choose a
+    // name more agnostic than `NUM_POLYNOMIALS`.
     static constexpr size_t NUM_ALL_ENTITIES = 44;
     // The number of polynomials precomputed to describe a circuit and to aid a prover in constructing a satisfying
     // assignment of witnesses. We again choose a neutral name.

From 7dd17f0c2c40e289c3576213e53854bc1bf4f376 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Wed, 18 Sep 2024 13:06:12 +0000
Subject: [PATCH 02/25] fix shplemini

---
 .../commitment_schemes/gemini/gemini.cpp      |  14 +-
 .../commitment_schemes/gemini/gemini.hpp      |   3 +-
 .../shplonk/shplemini_verifier.test.cpp       | 453 +++++++++---------
 .../shplemini.test.cpp                        |  46 +-
 .../barretenberg/polynomials/polynomial.hpp   |   1 -
 5 files changed, 241 insertions(+), 276 deletions(-)

diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp
index 1518dcf4e15c..3fe4d8425efd 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp
@@ -87,8 +87,12 @@ std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
                                      commitment_key->commit(fold_polynomials[l + 2]));
     }
     const Fr r_challenge = transcript->template get_challenge<Fr>("Gemini:r");
-    return compute_fold_polynomial_evaluations(
-        multilinear_challenge, std::move(fold_polynomials), r_challenge, transcript);
+    std::vector<Claim> claims =
+        compute_fold_polynomial_evaluations(multilinear_challenge, std::move(fold_polynomials), r_challenge);
+    for (size_t l = 1; l <= log_n; l++) {
+        transcript->send_to_verifier("Gemini:a_" + std::to_string(l), claims[l].opening_pair.evaluation);
+    }
+    return claims;
 };
 
 /**
@@ -190,10 +194,7 @@ std::vector<typename GeminiProver_<Curve>::Polynomial> GeminiProver_<Curve>::com
  */
 template <typename Curve>
 std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::compute_fold_polynomial_evaluations(
-    std::span<const Fr> mle_opening_point,
-    std::vector<Polynomial>&& fold_polynomials,
-    const Fr& r_challenge,
-    std::shared_ptr<NativeTranscript>& transcript)
+    std::span<const Fr> mle_opening_point, std::vector<Polynomial>&& fold_polynomials, const Fr& r_challenge)
 {
     const size_t num_variables = mle_opening_point.size(); // m
 
@@ -231,7 +232,6 @@ std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::compute_
     // Compute the remaining m opening pairs {−r^{2ˡ}, Aₗ(−r^{2ˡ})}, l = 0, ..., m-1.
     for (size_t l = 0; l < num_variables; ++l) {
         evaluation = fold_polynomials[l + 1].evaluate(-r_squares[l]);
-        transcript->send_to_verifier("Gemini:a_" + std::to_string(l + 1), evaluation);
         opening_claims.emplace_back(Claim{ fold_polynomials[l + 1], { -r_squares[l], evaluation } });
     }
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
index 89c1dc8acf99..e6d19e0dddb5 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
@@ -107,8 +107,7 @@ template <typename Curve> class GeminiProver_ {
 
     static std::vector<Claim> compute_fold_polynomial_evaluations(std::span<const Fr> multilinear_evaluations,
                                                                   std::vector<Polynomial>&& gemini_polynomials,
-                                                                  const Fr& r_challenge,
-                                                                  std::shared_ptr<NativeTranscript>& transcript);
+                                                                  const Fr& r_challenge);
 
     // TODO(Mara):  consider if we should template this by transcript to use with a test transcript
     static std::vector<Claim> prove(const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp
index c04359b5a2a9..194c9f7d3610 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp
@@ -1,228 +1,227 @@
 
-// #include "shplemini_verifier.hpp"
-// #include "../commitment_key.test.hpp"
-// #include "../gemini/gemini.hpp"
-// #include "../kzg/kzg.hpp"
-// #include "../shplonk/shplonk.hpp"
-// #include "../utils/batch_mul_native.hpp"
-// #include "barretenberg/commitment_schemes/claim.hpp"
-// #include "barretenberg/ecc/curves/bn254/g1.hpp"
-
-// #include <gtest/gtest.h>
-// #include <vector>
-
-// namespace bb {
-
-// template <class Curve> class ShpleminiTest : public CommitmentTest<Curve> {
-//   public:
-//     using Fr = typename Curve::ScalarField;
-//     using Commitment = typename Curve::AffineElement;
-//     using GroupElement = typename Curve::Element;
-//     using Polynomial = bb::Polynomial<Fr>;
-// };
-
-// using CurveTypes = ::testing::Types<curve::BN254, curve::Grumpkin>;
-
-// TYPED_TEST_SUITE(ShpleminiTest, CurveTypes);
-
-// // This test checks that batch_multivariate_opening_claims method operates correctly
-// TYPED_TEST(ShpleminiTest, CorrectnessOfMultivariateClaimBatching)
-// {
-//     using ShpleminiVerifier = ShpleminiVerifier_<TypeParam>;
-//     using Fr = typename TypeParam::ScalarField;
-//     using GroupElement = typename TypeParam::Element;
-//     using Commitment = typename TypeParam::AffineElement;
-//     using Polynomial = typename bb::Polynomial<Fr>;
-//     using Utils = CommitmentSchemesUtils<TypeParam>;
-
-//     const size_t n = 16;
-//     const size_t log_n = 4;
-
-//     // Generate mock challenges
-//     Fr rho = Fr::random_element();
-//     Fr gemini_eval_challenge = Fr::random_element();
-//     Fr shplonk_batching_challenge = Fr::random_element();
-//     Fr shplonk_eval_challenge = Fr::random_element();
-
-//     // Generate multilinear polynomials and compute their commitments
-//     auto mle_opening_point = this->random_evaluation_point(log_n);
-//     auto poly1 = Polynomial::random(n);
-//     auto poly2 = Polynomial::random(n, /*shiftable*/ 1);
-//     Polynomial poly3(n);
-
-//     Commitment commitment1 = this->commit(poly1);
-//     Commitment commitment2 = this->commit(poly2);
-//     Commitment commitment3 = this->commit(poly3);
-//     EXPECT_TRUE(commitment3.is_point_at_infinity());
-
-//     std::vector<Commitment> unshifted_commitments = { commitment1, commitment2, commitment3 };
-//     std::vector<Commitment> shifted_commitments = { commitment2, commitment3 };
-
-//     // Evaluate the polynomials at the multivariate challenge, poly3 is not evaluated, because it is 0.
-//     auto eval1 = poly1.evaluate_mle(mle_opening_point);
-//     auto eval2 = poly2.evaluate_mle(mle_opening_point);
-//     Fr eval3{ 0 };
-//     Fr eval3_shift{ 0 };
-//     auto eval2_shift = poly2.evaluate_mle(mle_opening_point, true);
-
-//     // Collect multilinear evaluations
-//     std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval3, eval2_shift, eval3_shift };
-//     std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
-
-//     // Compute batched multivariate evaluation
-//     Fr batched_evaluation =
-//         std::inner_product(multilinear_evaluations.begin(), multilinear_evaluations.end(), rhos.begin(), Fr::zero());
-
-//     // Compute batched commitments manually
-//     GroupElement batched_commitment_unshifted = commitment1 * rhos[0] + commitment2 * rhos[1] + commitment3 *
-//     rhos[2]; GroupElement batched_commitment_to_be_shifted = commitment2 * rhos[3] + commitment3 * rhos[4];
-
-//     // Compute expected result manually
-//     GroupElement commitment_to_univariate =
-//         batched_commitment_unshifted + batched_commitment_to_be_shifted * gemini_eval_challenge.invert();
-//     GroupElement commitment_to_univariate_neg =
-//         batched_commitment_unshifted - batched_commitment_to_be_shifted * gemini_eval_challenge.invert();
-
-//     GroupElement expected_result =
-//         commitment_to_univariate * (shplonk_eval_challenge - gemini_eval_challenge).invert() +
-//         commitment_to_univariate_neg *
-//             (shplonk_batching_challenge * (shplonk_eval_challenge + gemini_eval_challenge).invert());
-
-//     // Run the ShepliminiVerifier batching method
-//     std::vector<Commitment> commitments;
-//     std::vector<Fr> scalars;
-//     Fr verifier_batched_evaluation{ 0 };
-
-//     Fr unshifted_scalar = (shplonk_eval_challenge - gemini_eval_challenge).invert() +
-//                           shplonk_batching_challenge * (shplonk_eval_challenge + gemini_eval_challenge).invert();
-
-//     Fr shifted_scalar = gemini_eval_challenge.invert() *
-//                         ((shplonk_eval_challenge - gemini_eval_challenge).invert() -
-//                          shplonk_batching_challenge * (shplonk_eval_challenge + gemini_eval_challenge).invert());
-
-//     ShpleminiVerifier::batch_multivariate_opening_claims(RefVector(unshifted_commitments),
-//                                                          RefVector(shifted_commitments),
-//                                                          RefVector(multilinear_evaluations),
-//                                                          rho,
-//                                                          unshifted_scalar,
-//                                                          shifted_scalar,
-//                                                          commitments,
-//                                                          scalars,
-//                                                          verifier_batched_evaluation);
-
-//     // Final pairing check
-//     GroupElement shplemini_result = Utils::batch_mul_native(commitments, scalars);
-
-//     EXPECT_EQ(commitments.size(), unshifted_commitments.size() + shifted_commitments.size());
-//     EXPECT_EQ(batched_evaluation, verifier_batched_evaluation);
-//     EXPECT_EQ(-expected_result, shplemini_result);
-// }
-
-// TYPED_TEST(ShpleminiTest, CorrectnessOfGeminiClaimBatching)
-// {
-//     using GeminiProver = GeminiProver_<TypeParam>;
-//     using ShpleminiVerifier = ShpleminiVerifier_<TypeParam>;
-//     using ShplonkVerifier = ShplonkVerifier_<TypeParam>;
-//     using Fr = typename TypeParam::ScalarField;
-//     using GroupElement = typename TypeParam::Element;
-//     using Commitment = typename TypeParam::AffineElement;
-//     using Polynomial = typename bb::Polynomial<Fr>;
-//     using Utils = CommitmentSchemesUtils<TypeParam>;
-
-//     const size_t n = 16;
-//     const size_t log_n = 4;
-
-//     // Generate mock challenges
-//     Fr rho = Fr::random_element();
-//     Fr gemini_eval_challenge = Fr::random_element();
-//     Fr shplonk_batching_challenge = Fr::random_element();
-//     Fr shplonk_eval_challenge = Fr::random_element();
-
-//     // Generate multilinear polynomials and compute their commitments
-//     auto mle_opening_point = this->random_evaluation_point(log_n);
-//     auto poly1 = Polynomial::random(n);
-//     auto poly2 = Polynomial::random(n, /*shiftable*/ 1);
-//     Polynomial poly3 = Polynomial::shiftable(n);
-
-//     // Evaluate the polynomials at the multivariate challenge, poly3 is not evaluated, because it is 0.
-//     auto eval1 = poly1.evaluate_mle(mle_opening_point);
-//     auto eval2 = poly2.evaluate_mle(mle_opening_point);
-//     Fr eval3{ 0 };
-//     Fr eval3_shift{ 0 };
-//     auto eval2_shift = poly2.evaluate_mle(mle_opening_point, true);
-
-//     // Collect multilinear evaluations
-//     std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval3, eval2_shift, eval3_shift };
-//     std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
-
-//     Polynomial batched_unshifted(n);
-//     Polynomial batched_to_be_shifted = Polynomial::shiftable(n);
-//     batched_unshifted.add_scaled(poly1, rhos[0]);
-//     batched_unshifted.add_scaled(poly2, rhos[1]);
-//     batched_unshifted.add_scaled(poly3, rhos[2]);
-//     batched_to_be_shifted.add_scaled(poly2, rhos[3]);
-//     batched_to_be_shifted.add_scaled(poly3, rhos[4]);
-
-//     // Compute:
-//     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
-//     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-//     auto gemini_polynomials = GeminiProver::compute_fold_polynomials(
-//         mle_opening_point, std::move(batched_unshifted), std::move(batched_to_be_shifted));
-
-//     std::vector<Commitment> prover_commitments;
-//     for (size_t l = 0; l < log_n - 1; ++l) {
-//         auto commitment = this->ck()->commit(gemini_polynomials[l + 2]);
-//         prover_commitments.emplace_back(commitment);
-//     }
-
-//     const auto [gemini_opening_pairs, gemini_witnesses] = GeminiProver::compute_fold_polynomial_evaluations(
-//         mle_opening_point, std::move(gemini_polynomials), gemini_eval_challenge);
-
-//     std::vector<Fr> prover_evaluations;
-//     std::vector<ProverOpeningClaim<TypeParam>> opening_claims;
-//     for (size_t l = 0; l < log_n; ++l) {
-//         const auto& evaluation = gemini_opening_pairs[l + 1].evaluation;
-//         prover_evaluations.emplace_back(evaluation);
-//     }
-
-//     std::vector<Fr> r_squares = gemini::powers_of_evaluation_challenge(gemini_eval_challenge, log_n);
-
-//     GroupElement expected_result = GroupElement::zero();
-//     std::vector<Fr> expected_inverse_vanishing_evals(log_n + 1);
-//     // Compute expected inverses
-//     expected_inverse_vanishing_evals[0] = (shplonk_eval_challenge - r_squares[0]).invert();
-//     expected_inverse_vanishing_evals[1] = (shplonk_eval_challenge + r_squares[0]).invert();
-//     expected_inverse_vanishing_evals[2] = (shplonk_eval_challenge + r_squares[1]).invert();
-//     expected_inverse_vanishing_evals[3] = (shplonk_eval_challenge + r_squares[2]).invert();
-//     expected_inverse_vanishing_evals[4] = (shplonk_eval_challenge + r_squares[3]).invert();
-
-//     Fr current_challenge{ shplonk_batching_challenge * shplonk_batching_challenge };
-//     for (size_t idx = 0; idx < prover_commitments.size(); ++idx) {
-//         expected_result -= prover_commitments[idx] * current_challenge * expected_inverse_vanishing_evals[idx + 2];
-//         current_challenge *= shplonk_batching_challenge;
-//     }
-
-//     // Run the ShepliminiVerifier batching method
-//     std::vector<Fr> inverse_vanishing_evals =
-//         ShplonkVerifier::compute_inverted_gemini_denominators(log_n + 1, shplonk_eval_challenge, r_squares);
-
-//     std::vector<Commitment> commitments;
-//     std::vector<Fr> scalars;
-//     Fr expected_constant_term_accumulator{ 0 };
-
-//     ShpleminiVerifier::batch_gemini_claims_received_from_prover(log_n,
-//                                                                 prover_commitments,
-//                                                                 prover_evaluations,
-//                                                                 inverse_vanishing_evals,
-//                                                                 shplonk_batching_challenge,
-//                                                                 commitments,
-//                                                                 scalars,
-//                                                                 expected_constant_term_accumulator);
-
-//     EXPECT_EQ(commitments.size(), prover_commitments.size());
-//     // Compute the group element using the output of Shplemini method
-//     GroupElement shplemini_result = Utils::batch_mul_native(commitments, scalars);
-
-//     EXPECT_EQ(shplemini_result, expected_result);
-// }
-// } // namespace bb
+#include "shplemini_verifier.hpp"
+#include "../commitment_key.test.hpp"
+#include "../gemini/gemini.hpp"
+#include "../kzg/kzg.hpp"
+#include "../shplonk/shplonk.hpp"
+#include "../utils/batch_mul_native.hpp"
+#include "barretenberg/commitment_schemes/claim.hpp"
+#include "barretenberg/ecc/curves/bn254/g1.hpp"
+
+#include <gtest/gtest.h>
+#include <vector>
+
+namespace bb {
+
+template <class Curve> class ShpleminiTest : public CommitmentTest<Curve> {
+  public:
+    using Fr = typename Curve::ScalarField;
+    using Commitment = typename Curve::AffineElement;
+    using GroupElement = typename Curve::Element;
+    using Polynomial = bb::Polynomial<Fr>;
+};
+
+using CurveTypes = ::testing::Types<curve::BN254, curve::Grumpkin>;
+
+TYPED_TEST_SUITE(ShpleminiTest, CurveTypes);
+
+// This test checks that batch_multivariate_opening_claims method operates correctly
+TYPED_TEST(ShpleminiTest, CorrectnessOfMultivariateClaimBatching)
+{
+    using ShpleminiVerifier = ShpleminiVerifier_<TypeParam>;
+    using Fr = typename TypeParam::ScalarField;
+    using GroupElement = typename TypeParam::Element;
+    using Commitment = typename TypeParam::AffineElement;
+    using Polynomial = typename bb::Polynomial<Fr>;
+    using Utils = CommitmentSchemesUtils<TypeParam>;
+
+    const size_t n = 16;
+    const size_t log_n = 4;
+
+    // Generate mock challenges
+    Fr rho = Fr::random_element();
+    Fr gemini_eval_challenge = Fr::random_element();
+    Fr shplonk_batching_challenge = Fr::random_element();
+    Fr shplonk_eval_challenge = Fr::random_element();
+
+    // Generate multilinear polynomials and compute their commitments
+    auto mle_opening_point = this->random_evaluation_point(log_n);
+    auto poly1 = Polynomial::random(n);
+    auto poly2 = Polynomial::random(n, /*shiftable*/ 1);
+    Polynomial poly3(n);
+
+    Commitment commitment1 = this->commit(poly1);
+    Commitment commitment2 = this->commit(poly2);
+    Commitment commitment3 = this->commit(poly3);
+    EXPECT_TRUE(commitment3.is_point_at_infinity());
+
+    std::vector<Commitment> unshifted_commitments = { commitment1, commitment2, commitment3 };
+    std::vector<Commitment> shifted_commitments = { commitment2, commitment3 };
+
+    // Evaluate the polynomials at the multivariate challenge, poly3 is not evaluated, because it is 0.
+    auto eval1 = poly1.evaluate_mle(mle_opening_point);
+    auto eval2 = poly2.evaluate_mle(mle_opening_point);
+    Fr eval3{ 0 };
+    Fr eval3_shift{ 0 };
+    auto eval2_shift = poly2.evaluate_mle(mle_opening_point, true);
+
+    // Collect multilinear evaluations
+    std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval3, eval2_shift, eval3_shift };
+    std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
+
+    // Compute batched multivariate evaluation
+    Fr batched_evaluation =
+        std::inner_product(multilinear_evaluations.begin(), multilinear_evaluations.end(), rhos.begin(), Fr::zero());
+
+    // Compute batched commitments manually
+    GroupElement batched_commitment_unshifted = commitment1 * rhos[0] + commitment2 * rhos[1] + commitment3 * rhos[2];
+    GroupElement batched_commitment_to_be_shifted = commitment2 * rhos[3] + commitment3 * rhos[4];
+
+    // Compute expected result manually
+    GroupElement commitment_to_univariate =
+        batched_commitment_unshifted + batched_commitment_to_be_shifted * gemini_eval_challenge.invert();
+    GroupElement commitment_to_univariate_neg =
+        batched_commitment_unshifted - batched_commitment_to_be_shifted * gemini_eval_challenge.invert();
+
+    GroupElement expected_result =
+        commitment_to_univariate * (shplonk_eval_challenge - gemini_eval_challenge).invert() +
+        commitment_to_univariate_neg *
+            (shplonk_batching_challenge * (shplonk_eval_challenge + gemini_eval_challenge).invert());
+
+    // Run the ShepliminiVerifier batching method
+    std::vector<Commitment> commitments;
+    std::vector<Fr> scalars;
+    Fr verifier_batched_evaluation{ 0 };
+
+    Fr unshifted_scalar = (shplonk_eval_challenge - gemini_eval_challenge).invert() +
+                          shplonk_batching_challenge * (shplonk_eval_challenge + gemini_eval_challenge).invert();
+
+    Fr shifted_scalar = gemini_eval_challenge.invert() *
+                        ((shplonk_eval_challenge - gemini_eval_challenge).invert() -
+                         shplonk_batching_challenge * (shplonk_eval_challenge + gemini_eval_challenge).invert());
+
+    ShpleminiVerifier::batch_multivariate_opening_claims(RefVector(unshifted_commitments),
+                                                         RefVector(shifted_commitments),
+                                                         RefVector(multilinear_evaluations),
+                                                         rho,
+                                                         unshifted_scalar,
+                                                         shifted_scalar,
+                                                         commitments,
+                                                         scalars,
+                                                         verifier_batched_evaluation);
+
+    // Final pairing check
+    GroupElement shplemini_result = Utils::batch_mul_native(commitments, scalars);
+
+    EXPECT_EQ(commitments.size(), unshifted_commitments.size() + shifted_commitments.size());
+    EXPECT_EQ(batched_evaluation, verifier_batched_evaluation);
+    EXPECT_EQ(-expected_result, shplemini_result);
+}
+
+TYPED_TEST(ShpleminiTest, CorrectnessOfGeminiClaimBatching)
+{
+    using GeminiProver = GeminiProver_<TypeParam>;
+    using ShpleminiVerifier = ShpleminiVerifier_<TypeParam>;
+    using ShplonkVerifier = ShplonkVerifier_<TypeParam>;
+    using Fr = typename TypeParam::ScalarField;
+    using GroupElement = typename TypeParam::Element;
+    using Commitment = typename TypeParam::AffineElement;
+    using Polynomial = typename bb::Polynomial<Fr>;
+    using Utils = CommitmentSchemesUtils<TypeParam>;
+
+    const size_t n = 16;
+    const size_t log_n = 4;
+
+    // Generate mock challenges
+    Fr rho = Fr::random_element();
+    Fr gemini_eval_challenge = Fr::random_element();
+    Fr shplonk_batching_challenge = Fr::random_element();
+    Fr shplonk_eval_challenge = Fr::random_element();
+
+    // Generate multilinear polynomials and compute their commitments
+    auto mle_opening_point = this->random_evaluation_point(log_n);
+    auto poly1 = Polynomial::random(n);
+    auto poly2 = Polynomial::random(n, /*shiftable*/ 1);
+    Polynomial poly3 = Polynomial::shiftable(n);
+
+    // Evaluate the polynomials at the multivariate challenge, poly3 is not evaluated, because it is 0.
+    auto eval1 = poly1.evaluate_mle(mle_opening_point);
+    auto eval2 = poly2.evaluate_mle(mle_opening_point);
+    Fr eval3{ 0 };
+    Fr eval3_shift{ 0 };
+    auto eval2_shift = poly2.evaluate_mle(mle_opening_point, true);
+
+    // Collect multilinear evaluations
+    std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval3, eval2_shift, eval3_shift };
+    std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
+
+    Polynomial batched_unshifted(n);
+    Polynomial batched_to_be_shifted = Polynomial::shiftable(n);
+    batched_unshifted.add_scaled(poly1, rhos[0]);
+    batched_unshifted.add_scaled(poly2, rhos[1]);
+    batched_unshifted.add_scaled(poly3, rhos[2]);
+    batched_to_be_shifted.add_scaled(poly2, rhos[3]);
+    batched_to_be_shifted.add_scaled(poly3, rhos[4]);
+
+    // Compute:
+    // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
+    // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
+    auto gemini_polynomials = GeminiProver::compute_fold_polynomials(
+        mle_opening_point, std::move(batched_unshifted), std::move(batched_to_be_shifted));
+
+    std::vector<Commitment> prover_commitments;
+    for (size_t l = 0; l < log_n - 1; ++l) {
+        auto commitment = this->ck()->commit(gemini_polynomials[l + 2]);
+        prover_commitments.emplace_back(commitment);
+    }
+
+    const auto opening_claims = GeminiProver::compute_fold_polynomial_evaluations(
+        mle_opening_point, std::move(gemini_polynomials), gemini_eval_challenge);
+
+    std::vector<Fr> prover_evaluations;
+    for (size_t l = 0; l < log_n; ++l) {
+        const auto& evaluation = opening_claims[l + 1].opening_pair.evaluation;
+        prover_evaluations.emplace_back(evaluation);
+    }
+
+    std::vector<Fr> r_squares = gemini::powers_of_evaluation_challenge(gemini_eval_challenge, log_n);
+
+    GroupElement expected_result = GroupElement::zero();
+    std::vector<Fr> expected_inverse_vanishing_evals(log_n + 1);
+    // Compute expected inverses
+    expected_inverse_vanishing_evals[0] = (shplonk_eval_challenge - r_squares[0]).invert();
+    expected_inverse_vanishing_evals[1] = (shplonk_eval_challenge + r_squares[0]).invert();
+    expected_inverse_vanishing_evals[2] = (shplonk_eval_challenge + r_squares[1]).invert();
+    expected_inverse_vanishing_evals[3] = (shplonk_eval_challenge + r_squares[2]).invert();
+    expected_inverse_vanishing_evals[4] = (shplonk_eval_challenge + r_squares[3]).invert();
+
+    Fr current_challenge{ shplonk_batching_challenge * shplonk_batching_challenge };
+    for (size_t idx = 0; idx < prover_commitments.size(); ++idx) {
+        expected_result -= prover_commitments[idx] * current_challenge * expected_inverse_vanishing_evals[idx + 2];
+        current_challenge *= shplonk_batching_challenge;
+    }
+
+    // Run the ShepliminiVerifier batching method
+    std::vector<Fr> inverse_vanishing_evals =
+        ShplonkVerifier::compute_inverted_gemini_denominators(log_n + 1, shplonk_eval_challenge, r_squares);
+
+    std::vector<Commitment> commitments;
+    std::vector<Fr> scalars;
+    Fr expected_constant_term_accumulator{ 0 };
+
+    ShpleminiVerifier::batch_gemini_claims_received_from_prover(log_n,
+                                                                prover_commitments,
+                                                                prover_evaluations,
+                                                                inverse_vanishing_evals,
+                                                                shplonk_batching_challenge,
+                                                                commitments,
+                                                                scalars,
+                                                                expected_constant_term_accumulator);
+
+    EXPECT_EQ(commitments.size(), prover_commitments.size());
+    // Compute the group element using the output of Shplemini method
+    GroupElement shplemini_result = Utils::batch_mul_native(commitments, scalars);
+
+    EXPECT_EQ(shplemini_result, expected_result);
+}
+} // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
index e1ef297a3880..bbc04a799b79 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
@@ -90,49 +90,17 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
 
     // Initialize an empty NativeTranscript
     auto prover_transcript = NativeTranscript::prover_init_empty();
-
-    NativeFr rho = prover_transcript->template get_challenge<NativeFr>("rho");
-    std::vector<NativeFr> rhos = gemini::powers_of_rho(rho, NUM_SHIFTED + NUM_UNSHIFTED);
-    // Batch the unshifted polynomials and the to-be-shifted polynomials using ρ
-    Polynomial batched_poly_unshifted(N);
-    size_t poly_idx = 0;
-    for (auto& unshifted_poly : f_polynomials) {
-        batched_poly_unshifted.add_scaled(unshifted_poly, rhos[poly_idx]);
-        ++poly_idx;
-    }
-
-    Polynomial batched_poly_to_be_shifted = Polynomial::shiftable(N); // batched to-be-shifted polynomials
-    for (auto& to_be_shifted_poly : g_polynomials) {
-        batched_poly_to_be_shifted.add_scaled(to_be_shifted_poly, rhos[poly_idx]);
-        ++poly_idx;
-    };
-
-    // Compute d-1 polynomials Fold^(i), i = 1, ..., d-1.
-    auto fold_polynomials = GeminiProver::compute_fold_polynomials(
-        u_challenge, std::move(batched_poly_unshifted), std::move(batched_poly_to_be_shifted));
-    // Comute and add to trasnscript the commitments [Fold^(i)], i = 1, ..., d-1
-    for (size_t l = 0; l < log_circuit_size - 1; ++l) {
-        NativeCommitment current_commitment = commitment_key->commit(fold_polynomials[l + 2]);
-        prover_transcript->send_to_verifier("Gemini:FOLD_" + std::to_string(l + 1), current_commitment);
-    }
-    const NativeFr r_challenge = prover_transcript->template get_challenge<NativeFr>("Gemini:r");
-
-    const auto [gemini_opening_pairs, gemini_witnesses] = GeminiProver::compute_fold_polynomial_evaluations(
-        u_challenge, std::move(fold_polynomials), r_challenge, prover_transcript);
-
-    std::vector<ProverOpeningClaim<NativeCurve>> opening_claims;
-    for (size_t l = 0; l < log_circuit_size; ++l) {
-        std::string label = "Gemini:a_" + std::to_string(l);
-        const auto& evaluation = gemini_opening_pairs[l + 1].evaluation;
-        prover_transcript->send_to_verifier(label, evaluation);
-        opening_claims.push_back({ gemini_witnesses[l], gemini_opening_pairs[l] });
-    }
-    opening_claims.push_back({ gemini_witnesses[log_circuit_size], gemini_opening_pairs[log_circuit_size] });
+    auto prover_opening_claims = GeminiProver::prove(commitment_key,
+                                                     u_challenge,
+                                                     claimed_evaluations,
+                                                     RefVector(f_polynomials),
+                                                     RefVector(g_polynomials),
+                                                     prover_transcript);
 
     // Shplonk prover output:
     // - opening pair: (z_challenge, 0)
     // - witness: polynomial Q - Q_z
-    ShplonkProver::prove(commitment_key, opening_claims, prover_transcript);
+    ShplonkProver::prove(commitment_key, prover_opening_claims, prover_transcript);
 
     Builder builder;
     StdlibProof<Builder> stdlib_proof = bb::convert_proof_to_witness(&builder, prover_transcript->proof_data);
diff --git a/barretenberg/cpp/src/barretenberg/polynomials/polynomial.hpp b/barretenberg/cpp/src/barretenberg/polynomials/polynomial.hpp
index 894be20c83ed..9ed1c255b2cc 100644
--- a/barretenberg/cpp/src/barretenberg/polynomials/polynomial.hpp
+++ b/barretenberg/cpp/src/barretenberg/polynomials/polynomial.hpp
@@ -72,7 +72,6 @@ template <typename Fr> class Polynomial {
     /**
      * @brief Utility to efficiently construct a shift from the original polynomial.
      *
-     * @details  We define the shift of a polynomial F(X) as G(X) = F(X) / X.
      * @param virtual_size the size of the polynomial to be shifted
      * @return Polynomial
      */

From 1f5c083051da4b5f470757f03e2185451bde1109 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Wed, 18 Sep 2024 13:26:53 +0000
Subject: [PATCH 03/25] cleanup

---
 .../commitment_schemes/gemini/gemini.cpp      | 33 ++++++++-----------
 .../commitment_schemes/gemini/gemini.hpp      | 16 ++++-----
 .../commitment_schemes/gemini/gemini.test.cpp | 18 +++-------
 .../shplonk/shplemini_verifier.hpp            | 12 +++----
 .../shplonk/shplemini_verifier.test.cpp       |  6 ++--
 .../src/barretenberg/eccvm/eccvm_prover.hpp   |  3 --
 6 files changed, 35 insertions(+), 53 deletions(-)

diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp
index 3fe4d8425efd..2a9abea0c523 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp
@@ -1,9 +1,6 @@
 #include "gemini.hpp"
 #include "barretenberg/common/thread.hpp"
 
-#include <bit>
-#include <memory>
-
 /**
  * @brief Protocol for opening several multi-linear polynomials at the same point.
  *
@@ -51,6 +48,9 @@ std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
     std::shared_ptr<NativeTranscript>& transcript)
 {
     ASSERT(multilinear_evaluations.size() == f_polynomials.size() + g_polynomials.size());
+    const size_t log_n = multilinear_challenge.size();
+    const size_t n = 1 << log_n;
+
     Fr rho = transcript->template get_challenge<Fr>("rho");
     std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
 
@@ -60,11 +60,8 @@ std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
         batched_evaluation += multilinear_evaluations[i] * rhos[i];
     }
 
-    size_t log_n = multilinear_challenge.size();
-    size_t n = 1 << log_n;
     // Compute batched polynomials
     Polynomial batched_unshifted(n);
-    // TODO(mara): use shiftable, after you understand how it works
     Polynomial batched_to_be_shifted = Polynomial::shiftable(1 << log_n);
 
     const size_t num_unshifted = f_polynomials.size();
@@ -76,12 +73,9 @@ std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
         batched_to_be_shifted.add_scaled(g_polynomials[i], rhos[num_unshifted + i]);
     }
 
-    // log_n + 2
     auto fold_polynomials =
         compute_fold_polynomials(multilinear_challenge, std::move(batched_unshifted), std::move(batched_to_be_shifted));
 
-    // Commit to the folded polynomials (except the first two, explain why the first two are left out) and send the
-    // commitment to the verifier
     for (size_t l = 0; l < log_n - 1; l++) {
         transcript->send_to_verifier("Gemini:FOLD_" + std::to_string(l + 1),
                                      commitment_key->commit(fold_polynomials[l + 2]));
@@ -89,9 +83,11 @@ std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
     const Fr r_challenge = transcript->template get_challenge<Fr>("Gemini:r");
     std::vector<Claim> claims =
         compute_fold_polynomial_evaluations(multilinear_challenge, std::move(fold_polynomials), r_challenge);
+
     for (size_t l = 1; l <= log_n; l++) {
         transcript->send_to_verifier("Gemini:a_" + std::to_string(l), claims[l].opening_pair.evaluation);
     }
+
     return claims;
 };
 
@@ -107,7 +103,6 @@ template <typename Curve>
 std::vector<typename GeminiProver_<Curve>::Polynomial> GeminiProver_<Curve>::compute_fold_polynomials(
     std::span<const Fr> mle_opening_point, Polynomial&& batched_unshifted, Polynomial&& batched_to_be_shifted)
 {
-
     const size_t num_variables = mle_opening_point.size(); // m
 
     const size_t num_threads = get_num_cpus_pow2();
@@ -119,12 +114,12 @@ std::vector<typename GeminiProver_<Curve>::Polynomial> GeminiProver_<Curve>::com
     // The first two are populated here with the batched unshifted and to-be-shifted polynomial respectively.
     // They will eventually contain the full batched polynomial A₀ partially evaluated at the challenges r,-r.
     // This function populates the other m-1 polynomials with the foldings of A₀.
-    std::vector<Polynomial> gemini_polynomials;
-    gemini_polynomials.reserve(num_variables + 1);
+    std::vector<Polynomial> fold_polynomials;
+    fold_polynomials.reserve(num_variables + 1);
 
     // F(X) = ∑ⱼ ρʲ fⱼ(X) and G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X)
-    Polynomial& batched_F = gemini_polynomials.emplace_back(std::move(batched_unshifted));
-    Polynomial& batched_G = gemini_polynomials.emplace_back(std::move(batched_to_be_shifted));
+    Polynomial& batched_F = fold_polynomials.emplace_back(std::move(batched_unshifted));
+    Polynomial& batched_G = fold_polynomials.emplace_back(std::move(batched_to_be_shifted));
     constexpr size_t offset_to_folded = 2; // Offset because of F an G
     // A₀(X) = F(X) + G↺(X) = F(X) + G(X)/X.
     Polynomial A_0 = batched_F;
@@ -136,7 +131,7 @@ std::vector<typename GeminiProver_<Curve>::Polynomial> GeminiProver_<Curve>::com
         const size_t n_l = 1 << (num_variables - l - 1);
 
         // A_l_fold = Aₗ₊₁(X) = (1-uₗ)⋅even(Aₗ)(X) + uₗ⋅odd(Aₗ)(X)
-        gemini_polynomials.emplace_back(Polynomial(n_l));
+        fold_polynomials.emplace_back(Polynomial(n_l));
     }
 
     // A_l = Aₗ(X) is the polynomial being folded
@@ -158,7 +153,7 @@ std::vector<typename GeminiProver_<Curve>::Polynomial> GeminiProver_<Curve>::com
         const Fr u_l = mle_opening_point[l];
 
         // A_l_fold = Aₗ₊₁(X) = (1-uₗ)⋅even(Aₗ)(X) + uₗ⋅odd(Aₗ)(X)
-        auto A_l_fold = gemini_polynomials[l + offset_to_folded].data();
+        auto A_l_fold = fold_polynomials[l + offset_to_folded].data();
 
         parallel_for(num_used_threads, [&](size_t i) {
             size_t current_chunk_size = (i == (num_used_threads - 1)) ? last_chunk_size : chunk_size;
@@ -175,20 +170,20 @@ std::vector<typename GeminiProver_<Curve>::Polynomial> GeminiProver_<Curve>::com
         A_l = A_l_fold;
     }
 
-    return gemini_polynomials;
+    return fold_polynomials;
 };
 
 /**
  * @brief Computes/aggragates d+1 Fold polynomials and their opening pairs (challenge, evaluation)
  *
- * @details This function assumes that, upon input, last d-1 entries in gemini_polynomials are Fold_i.
+ * @details This function assumes that, upon input, last d-1 entries in fold_polynomials are Fold_i.
  * The first two entries are assumed to be, respectively, the batched unshifted and batched to-be-shifted
  * polynomials F(X) = ∑ⱼ ρʲfⱼ(X) and G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X). This function completes the computation
  * of the first two Fold polynomials as F + G/r and F - G/r. It then evaluates each of the d+1
  * fold polynomials at, respectively, the points r, rₗ = r^{2ˡ} for l = 0, 1, ..., d-1.
  *
  * @param mle_opening_point u = (u₀,...,uₘ₋₁) is the MLE opening point
- * @param gemini_polynomials vector of polynomials whose first two elements are F(X) = ∑ⱼ ρʲfⱼ(X)
+ * @param fold_polynomials vector of polynomials whose first two elements are F(X) = ∑ⱼ ρʲfⱼ(X)
  * and G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X), and the next d-1 elements are Fold_i, i = 1, ..., d-1.
  * @param r_challenge univariate opening challenge
  */
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
index e6d19e0dddb5..9e208baf4a1a 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
@@ -4,8 +4,6 @@
 #include "barretenberg/polynomials/polynomial.hpp"
 #include "barretenberg/transcript/transcript.hpp"
 
-#include <vector>
-
 /**
  * @brief Protocol for opening several multi-linear polynomials at the same point.
  *
@@ -106,7 +104,7 @@ template <typename Curve> class GeminiProver_ {
                                                             Polynomial&& batched_to_be_shifted);
 
     static std::vector<Claim> compute_fold_polynomial_evaluations(std::span<const Fr> multilinear_evaluations,
-                                                                  std::vector<Polynomial>&& gemini_polynomials,
+                                                                  std::vector<Polynomial>&& fold_polynomials,
                                                                   const Fr& r_challenge);
 
     // TODO(Mara):  consider if we should template this by transcript to use with a test transcript
@@ -165,7 +163,7 @@ template <typename Curve> class GeminiVerifier_ {
         }
 
         // Get polynomials Fold_i, i = 1,...,m-1 from transcript
-        const std::vector<Commitment> commitments = get_gemini_commitments(num_variables, transcript);
+        const std::vector<Commitment> commitments = get_fold_commitments(num_variables, transcript);
 
         // compute vector of powers of random evaluation point r
         const Fr r = transcript->template get_challenge<Fr>("Gemini:r");
@@ -198,16 +196,16 @@ template <typename Curve> class GeminiVerifier_ {
         return fold_polynomial_opening_claims;
     }
 
-    static std::vector<Commitment> get_gemini_commitments(const size_t log_circuit_size, auto& transcript)
+    static std::vector<Commitment> get_fold_commitments(const size_t log_circuit_size, auto& transcript)
     {
-        std::vector<Commitment> gemini_commitments;
-        gemini_commitments.reserve(log_circuit_size - 1);
+        std::vector<Commitment> fold_commitments;
+        fold_commitments.reserve(log_circuit_size - 1);
         for (size_t i = 0; i < log_circuit_size - 1; ++i) {
             const Commitment commitment =
                 transcript->template receive_from_prover<Commitment>("Gemini:FOLD_" + std::to_string(i + 1));
-            gemini_commitments.emplace_back(commitment);
+            fold_commitments.emplace_back(commitment);
         }
-        return gemini_commitments;
+        return fold_commitments;
     }
     static std::vector<Fr> get_gemini_evaluations(const size_t log_circuit_size, auto& transcript)
     {
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
index a7a7a86b4837..881e70769cfb 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
@@ -3,9 +3,6 @@
 #include "../commitment_key.test.hpp"
 #include "barretenberg/polynomials/polynomial.hpp"
 #include "barretenberg/transcript/transcript.hpp"
-#include <cstddef>
-#include <gtest/gtest.h>
-#include <span>
 
 using namespace bb;
 
@@ -16,8 +13,7 @@ template <class Curve> class GeminiTest : public CommitmentTest<Curve> {
     using GroupElement = typename Curve::Element;
 
   public:
-    void execute_gemini_and_verify_claims([[maybe_unused]] size_t log_n,
-                                          std::vector<Fr>& multilinear_evaluation_point,
+    void execute_gemini_and_verify_claims(std::vector<Fr>& multilinear_evaluation_point,
                                           std::vector<Fr>& multilinear_evaluations,
                                           std::vector<Polynomial<Fr>>& multilinear_polynomials,
                                           std::vector<Polynomial<Fr>>& multilinear_polynomials_to_be_shifted,
@@ -82,8 +78,7 @@ TYPED_TEST(GeminiTest, Single)
     std::vector<GroupElement> multilinear_commitments = { commitment };
     std::vector<GroupElement> multilinear_commitments_to_be_shifted = {};
 
-    this->execute_gemini_and_verify_claims(log_n,
-                                           u,
+    this->execute_gemini_and_verify_claims(u,
                                            multilinear_evaluations,
                                            multilinear_polynomials,
                                            multilinear_polynomials_to_be_shifted,
@@ -114,8 +109,7 @@ TYPED_TEST(GeminiTest, SingleShift)
     std::vector<GroupElement> multilinear_commitments = {};
     std::vector<GroupElement> multilinear_commitments_to_be_shifted = { commitment };
 
-    this->execute_gemini_and_verify_claims(log_n,
-                                           u,
+    this->execute_gemini_and_verify_claims(u,
                                            multilinear_evaluations,
                                            multilinear_polynomials,
                                            multilinear_polynomials_to_be_shifted,
@@ -149,8 +143,7 @@ TYPED_TEST(GeminiTest, Double)
     std::vector<GroupElement> multilinear_commitments = { commitment1, commitment2 };
     std::vector<GroupElement> multilinear_commitments_to_be_shifted = {};
 
-    this->execute_gemini_and_verify_claims(log_n,
-                                           u,
+    this->execute_gemini_and_verify_claims(u,
                                            multilinear_evaluations,
                                            multilinear_polynomials,
                                            multilinear_polynomials_to_be_shifted,
@@ -185,8 +178,7 @@ TYPED_TEST(GeminiTest, DoubleWithShift)
     std::vector<GroupElement> multilinear_commitments = { commitment1, commitment2 };
     std::vector<GroupElement> multilinear_commitments_to_be_shifted = { commitment2 };
 
-    this->execute_gemini_and_verify_claims(log_n,
-                                           u,
+    this->execute_gemini_and_verify_claims(u,
                                            multilinear_evaluations,
                                            multilinear_polynomials,
                                            multilinear_polynomials_to_be_shifted,
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.hpp
index 53893f7b0cb7..842e91f8b53c 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.hpp
@@ -93,8 +93,8 @@ template <typename Curve> class ShpleminiVerifier_ {
 
         // Process Gemini transcript data:
         // - Get Gemini commitments (com(A₁), com(A₂), … , com(Aₙ₋₁))
-        const std::vector<Commitment> gemini_commitments =
-            GeminiVerifier::get_gemini_commitments(log_circuit_size, transcript);
+        const std::vector<Commitment> fold_commitments =
+            GeminiVerifier::get_fold_commitments(log_circuit_size, transcript);
         // - Get Gemini evaluation challenge for Aᵢ, i = 0, … , d−1
         const Fr gemini_evaluation_challenge = transcript->template get_challenge<Fr>("Gemini:r");
         // - Get evaluations (A₀(−r), A₁(−r²), ... , Aₙ₋₁(−r²⁽ⁿ⁻¹⁾))
@@ -152,7 +152,7 @@ template <typename Curve> class ShpleminiVerifier_ {
         // Place the commitments to Gemini Aᵢ to the vector of commitments, compute the contributions from
         // Aᵢ(−r²ⁱ) for i=1, … , n−1 to the constant term accumulator, add corresponding scalars
         batch_gemini_claims_received_from_prover(log_circuit_size,
-                                                 gemini_commitments,
+                                                 fold_commitments,
                                                  gemini_evaluations,
                                                  inverse_vanishing_evals,
                                                  shplonk_batching_challenge,
@@ -283,7 +283,7 @@ template <typename Curve> class ShpleminiVerifier_ {
      * and adds them to the 'constant_term_accumulator'.
      *
      * @param log_circuit_size The logarithm of the circuit size, determining the depth of the Gemini protocol.
-     * @param gemini_commitments A vector containing the commitments to the Gemini fold polynomials \f$ A_i \f$.
+     * @param fold_commitments A vector containing the commitments to the Gemini fold polynomials \f$ A_i \f$.
      * @param gemini_evaluations A vector containing the evaluations of the Gemini fold polynomials \f$ A_i \f$ at
      * points \f$ -r^{2^i} \f$.
      * @param inverse_vanishing_evals A vector containing the inverse evaluations of the vanishing polynomial.
@@ -293,7 +293,7 @@ template <typename Curve> class ShpleminiVerifier_ {
      * @param constant_term_accumulator The accumulator for the summands of the constant term.
      */
     static void batch_gemini_claims_received_from_prover(const size_t log_circuit_size,
-                                                         const std::vector<Commitment>& gemini_commitments,
+                                                         const std::vector<Commitment>& fold_commitments,
                                                          const std::vector<Fr>& gemini_evaluations,
                                                          const std::vector<Fr>& inverse_vanishing_evals,
                                                          const Fr& shplonk_batching_challenge,
@@ -313,7 +313,7 @@ template <typename Curve> class ShpleminiVerifier_ {
             // Update the batching challenge
             current_batching_challenge *= shplonk_batching_challenge;
             // Move com(Aᵢ) to the 'commitments' vector
-            commitments.emplace_back(std::move(gemini_commitments[j]));
+            commitments.emplace_back(std::move(fold_commitments[j]));
         }
     }
 };
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp
index 194c9f7d3610..01f9961127ae 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp
@@ -166,17 +166,17 @@ TYPED_TEST(ShpleminiTest, CorrectnessOfGeminiClaimBatching)
     // Compute:
     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-    auto gemini_polynomials = GeminiProver::compute_fold_polynomials(
+    auto fold_polynomials = GeminiProver::compute_fold_polynomials(
         mle_opening_point, std::move(batched_unshifted), std::move(batched_to_be_shifted));
 
     std::vector<Commitment> prover_commitments;
     for (size_t l = 0; l < log_n - 1; ++l) {
-        auto commitment = this->ck()->commit(gemini_polynomials[l + 2]);
+        auto commitment = this->ck()->commit(fold_polynomials[l + 2]);
         prover_commitments.emplace_back(commitment);
     }
 
     const auto opening_claims = GeminiProver::compute_fold_polynomial_evaluations(
-        mle_opening_point, std::move(gemini_polynomials), gemini_eval_challenge);
+        mle_opening_point, std::move(fold_polynomials), gemini_eval_challenge);
 
     std::vector<Fr> prover_evaluations;
     for (size_t l = 0; l < log_n; ++l) {
diff --git a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.hpp b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.hpp
index 52d243ca06c6..6a01c6af112e 100644
--- a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.hpp
+++ b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.hpp
@@ -53,9 +53,6 @@ class ECCVMProver {
 
     CommitmentLabels commitment_labels;
 
-    // Container for d + 1 Fold polynomials produced by Gemini
-    std::vector<Polynomial> gemini_polynomials;
-
     Polynomial batched_quotient_Q; // batched quotient poly computed by Shplonk
     FF nu_challenge;               // needed in both Shplonk rounds
 

From 318f98b1132cc477ce28bd709686604f8ab74e1d Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Wed, 18 Sep 2024 13:33:16 +0000
Subject: [PATCH 04/25] more cleanup

---
 barretenberg/cpp/CMakePresets.json              |  2 +-
 .../commitment_schemes/commitment_key.test.hpp  | 17 -----------------
 .../commitment_schemes/ipa/ipa.test.cpp         |  4 ++--
 .../commitment_schemes/kzg/kzg.test.cpp         |  2 --
 4 files changed, 3 insertions(+), 22 deletions(-)

diff --git a/barretenberg/cpp/CMakePresets.json b/barretenberg/cpp/CMakePresets.json
index f841f6954b95..643e4590ae2c 100644
--- a/barretenberg/cpp/CMakePresets.json
+++ b/barretenberg/cpp/CMakePresets.json
@@ -98,7 +98,7 @@
       "displayName": "Debugging build with Clang-16",
       "description": "Build with globally installed Clang-16 in debug mode",
       "inherits": "clang16",
-      "binaryDir": "build",
+      "binaryDir": "build-debug",
       "environment": {
         "CMAKE_BUILD_TYPE": "Debug",
         "CFLAGS": "-gdwarf-4",
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp
index d40cf153d54d..27ec8408c12d 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp
@@ -81,15 +81,6 @@ template <typename Curve> class CommitmentTest : public ::testing::Test {
         return { x, y };
     }
 
-    std::pair<OpeningClaim<Curve>, Polynomial> random_claim(const size_t n)
-    {
-        auto polynomial = Polynomial::random(n);
-        auto opening_pair = random_eval(polynomial);
-        auto commitment = commit(polynomial);
-        auto opening_claim = OpeningClaim<Curve>{ opening_pair, commitment };
-        return { opening_claim, polynomial };
-    };
-
     std::vector<Fr> random_evaluation_point(const size_t num_variables)
     {
         std::vector<Fr> u(num_variables);
@@ -106,17 +97,9 @@ template <typename Curve> class CommitmentTest : public ::testing::Test {
         Fr y_expected = witness.evaluate(x);
         EXPECT_EQ(y, y_expected) << "OpeningClaim: evaluations mismatch";
         Commitment commitment_expected = commit(witness);
-        // found it
         EXPECT_EQ(commitment, commitment_expected) << "OpeningClaim: commitment mismatch";
     }
 
-    void verify_opening_pair(const OpeningPair<Curve>& opening_pair, const Polynomial& witness)
-    {
-        auto& [x, y] = opening_pair;
-        Fr y_expected = witness.evaluate(x);
-        EXPECT_EQ(y, y_expected) << "OpeningPair: evaluations mismatch";
-    }
-
     /**
      * @brief Ensures that a 'BatchOpeningClaim' is correct by checking that
      * - all evaluations are correct by recomputing them from each witness polynomial.
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
index 5905b5a7288d..eb448f4e7091 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
@@ -77,8 +77,8 @@ TEST_F(IPATest, OpenZeroPolynomial)
     EXPECT_TRUE(result);
 }
 
-// This test makes sure that even if the whole vector \vec{b} generated from the x, at which we open the polynomial,
-// is zero, IPA behaves
+// This test makes sure that even if the whole vector \vec{b} generated from the x, at which we open the polynomial, is
+// zero, IPA behaves
 TEST_F(IPATest, OpenAtZero)
 {
     using IPA = IPA<Curve>;
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
index 92e7f2614e6b..60f41bdb7f59 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
@@ -140,13 +140,11 @@ TYPED_TEST(KZGTest, ShpleminiKzgWithShift)
     using ShpleminiVerifier = ShpleminiVerifier_<TypeParam>;
     using KZG = KZG<TypeParam>;
     using Fr = typename TypeParam::ScalarField;
-    // using GroupElement = typename TypeParam::Element;
     using Commitment = typename TypeParam::AffineElement;
     using Polynomial = typename bb::Polynomial<Fr>;
 
     const size_t n = 16;
     const size_t log_n = 4;
-
     // Generate multilinear polynomials, their commitments (genuine and mocked) and evaluations (genuine) at a random
     // point.
     auto mle_opening_point = this->random_evaluation_point(log_n); // sometimes denoted 'u'

From d3bd8a8617dfcf0b2e4684e6c07657b88dacbf19 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Wed, 18 Sep 2024 13:48:37 +0000
Subject: [PATCH 05/25] wops, I forgot to commit an undo for a function removal

---
 .../commitment_schemes/commitment_key.test.hpp             | 7 +++++++
 .../src/barretenberg/commitment_schemes/gemini/gemini.hpp  | 1 -
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp
index 27ec8408c12d..16464cda07fe 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp
@@ -100,6 +100,13 @@ template <typename Curve> class CommitmentTest : public ::testing::Test {
         EXPECT_EQ(commitment, commitment_expected) << "OpeningClaim: commitment mismatch";
     }
 
+    void verify_opening_pair(const OpeningPair<Curve>& opening_pair, const Polynomial& witness)
+    {
+        auto& [x, y] = opening_pair;
+        Fr y_expected = witness.evaluate(x);
+        EXPECT_EQ(y, y_expected) << "OpeningPair: evaluations mismatch";
+    }
+
     /**
      * @brief Ensures that a 'BatchOpeningClaim' is correct by checking that
      * - all evaluations are correct by recomputing them from each witness polynomial.
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
index 9e208baf4a1a..e38f6891bd65 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
@@ -107,7 +107,6 @@ template <typename Curve> class GeminiProver_ {
                                                                   std::vector<Polynomial>&& fold_polynomials,
                                                                   const Fr& r_challenge);
 
-    // TODO(Mara):  consider if we should template this by transcript to use with a test transcript
     static std::vector<Claim> prove(const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
                                     std::span<Fr> multilinear_challenge,
                                     std::span<Fr> multilinear_evaluations,

From 171aaac0995dc1d0fa92771f54ae9f64e1631065 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Wed, 18 Sep 2024 14:17:49 +0000
Subject: [PATCH 06/25] make ultra keccak depend on ultra flavor

---
 .../ultra_keccak_flavor.hpp                   | 501 +-----------------
 1 file changed, 2 insertions(+), 499 deletions(-)

diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp
index 0b9485e41227..744bc57140da 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp
@@ -19,370 +19,13 @@
 #include "barretenberg/relations/relation_parameters.hpp"
 #include "barretenberg/relations/ultra_arithmetic_relation.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_circuit_builder.hpp"
+#include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
 #include "barretenberg/transcript/transcript.hpp"
 
 namespace bb {
 
-class UltraKeccakFlavor {
+class UltraKeccakFlavor : public bb::UltraFlavor {
   public:
-    using CircuitBuilder = UltraCircuitBuilder;
-    using Curve = curve::BN254;
-    using FF = Curve::ScalarField;
-    using GroupElement = Curve::Element;
-    using Commitment = Curve::AffineElement;
-    using PCS = KZG<Curve>;
-    using Polynomial = bb::Polynomial<FF>;
-    using CommitmentKey = bb::CommitmentKey<Curve>;
-    using VerifierCommitmentKey = bb::VerifierCommitmentKey<Curve>;
-
-    // Indicates that this flavor runs with non-ZK Sumcheck.
-    static constexpr bool HasZK = false;
-    static constexpr size_t NUM_WIRES = CircuitBuilder::NUM_WIRES;
-    // The number of multivariate polynomials on which a sumcheck prover sumcheck operates (including shifts). We often
-    // need containers of this size to hold related data, so we choose a name more agnostic than `NUM_POLYNOMIALS`.
-    static constexpr size_t NUM_ALL_ENTITIES = 44;
-    // The number of polynomials precomputed to describe a circuit and to aid a prover in constructing a satisfying
-    // assignment of witnesses. We again choose a neutral name.
-    static constexpr size_t NUM_PRECOMPUTED_ENTITIES = 27;
-    // The total number of witness entities not including shifts.
-    static constexpr size_t NUM_WITNESS_ENTITIES = 8;
-    // The total number of witnesses including shifts and derived entities.
-    static constexpr size_t NUM_ALL_WITNESS_ENTITIES = 13;
-    // Total number of folded polynomials, which is just all polynomials except the shifts
-    static constexpr size_t NUM_FOLDED_ENTITIES = NUM_PRECOMPUTED_ENTITIES + NUM_WITNESS_ENTITIES;
-
-    using GrandProductRelations = std::tuple<bb::UltraPermutationRelation<FF>>;
-    // define the tuple of Relations that comprise the Sumcheck relation
-    // Note: made generic for use in MegaRecursive.
-    template <typename FF>
-    using Relations_ = std::tuple<bb::UltraArithmeticRelation<FF>,
-                                  bb::UltraPermutationRelation<FF>,
-                                  bb::LogDerivLookupRelation<FF>,
-                                  bb::DeltaRangeConstraintRelation<FF>,
-                                  bb::EllipticRelation<FF>,
-                                  bb::AuxiliaryRelation<FF>,
-                                  bb::Poseidon2ExternalRelation<FF>,
-                                  bb::Poseidon2InternalRelation<FF>>;
-
-    using Relations = Relations_<FF>;
-
-    static constexpr size_t MAX_PARTIAL_RELATION_LENGTH = compute_max_partial_relation_length<Relations>();
-    static_assert(MAX_PARTIAL_RELATION_LENGTH == 7);
-    static constexpr size_t MAX_TOTAL_RELATION_LENGTH = compute_max_total_relation_length<Relations>();
-    static_assert(MAX_TOTAL_RELATION_LENGTH == 11);
-    static constexpr size_t NUM_SUBRELATIONS = compute_number_of_subrelations<Relations>();
-    // For instances of this flavour, used in folding, we need a unique sumcheck batching challenge for each
-    // subrelation. This is because using powers of alpha would increase the degree of Protogalaxy polynomial $G$ (the
-    // combiner) too much.
-    using RelationSeparator = std::array<FF, NUM_SUBRELATIONS - 1>;
-
-    // BATCHED_RELATION_PARTIAL_LENGTH = algebraic degree of sumcheck relation *after* multiplying by the `pow_zeta`
-    // random polynomial e.g. For \sum(x) [A(x) * B(x) + C(x)] * PowZeta(X), relation length = 2 and random relation
-    // length = 3
-    static constexpr size_t BATCHED_RELATION_PARTIAL_LENGTH = MAX_PARTIAL_RELATION_LENGTH + 1;
-    static constexpr size_t NUM_RELATIONS = std::tuple_size_v<Relations>;
-
-    template <size_t NUM_KEYS>
-    using ProtogalaxyTupleOfTuplesOfUnivariatesNoOptimisticSkipping =
-        decltype(create_protogalaxy_tuple_of_tuples_of_univariates<Relations, NUM_KEYS>());
-    template <size_t NUM_KEYS>
-    using ProtogalaxyTupleOfTuplesOfUnivariates =
-        decltype(create_protogalaxy_tuple_of_tuples_of_univariates<Relations,
-                                                                   NUM_KEYS,
-                                                                   /*optimised=*/true>());
-    using SumcheckTupleOfTuplesOfUnivariates = decltype(create_sumcheck_tuple_of_tuples_of_univariates<Relations>());
-    using TupleOfArraysOfValues = decltype(create_tuple_of_arrays_of_values<Relations>());
-
-    // Whether or not the first row of the execution trace is reserved for 0s to enable shifts
-    static constexpr bool has_zero_row = true;
-
-    static constexpr bool is_decider = true;
-
-    /**
-     * @brief A base class labelling precomputed entities and (ordered) subsets of interest.
-     * @details Used to build the proving key and verification key.
-     */
-    template <typename DataType_> class PrecomputedEntities : public PrecomputedEntitiesBase {
-      public:
-        using DataType = DataType_;
-        DEFINE_FLAVOR_MEMBERS(DataType,
-                              q_m,                  // column 0
-                              q_c,                  // column 1
-                              q_l,                  // column 2
-                              q_r,                  // column 3
-                              q_o,                  // column 4
-                              q_4,                  // column 5
-                              q_arith,              // column 6
-                              q_delta_range,        // column 7
-                              q_elliptic,           // column 8
-                              q_aux,                // column 9
-                              q_lookup,             // column 10
-                              q_poseidon2_external, // column 11
-                              q_poseidon2_internal, // column 12
-                              sigma_1,              // column 13
-                              sigma_2,              // column 14
-                              sigma_3,              // column 15
-                              sigma_4,              // column 16
-                              id_1,                 // column 17
-                              id_2,                 // column 18
-                              id_3,                 // column 19
-                              id_4,                 // column 20
-                              table_1,              // column 21
-                              table_2,              // column 22
-                              table_3,              // column 23
-                              table_4,              // column 24
-                              lagrange_first,       // column 25
-                              lagrange_last)        // column 26
-
-        static constexpr CircuitType CIRCUIT_TYPE = CircuitBuilder::CIRCUIT_TYPE;
-
-        auto get_selectors()
-        {
-            return RefArray{ q_m,
-                             q_c,
-                             q_l,
-                             q_r,
-                             q_o,
-                             q_4,
-                             q_arith,
-                             q_delta_range,
-                             q_elliptic,
-                             q_aux,
-                             q_lookup,
-                             q_poseidon2_external,
-                             q_poseidon2_internal };
-        };
-        auto get_sigma_polynomials() { return RefArray{ sigma_1, sigma_2, sigma_3, sigma_4 }; };
-        auto get_id_polynomials() { return RefArray{ id_1, id_2, id_3, id_4 }; };
-
-        auto get_table_polynomials() { return RefArray{ table_1, table_2, table_3, table_4 }; };
-    };
-
-    /**
-     * @brief Container for all witness polynomials used/constructed by the prover.
-     * @details Shifts are not included here since they do not occupy their own memory.
-     */
-    template <typename DataType> class WitnessEntities {
-      public:
-        DEFINE_FLAVOR_MEMBERS(DataType,
-                              w_l,                // column 0
-                              w_r,                // column 1
-                              w_o,                // column 2
-                              w_4,                // column 3
-                              z_perm,             // column 4
-                              lookup_inverses,    // column 5
-                              lookup_read_counts, // column 6
-                              lookup_read_tags)   // column 7
-
-        auto get_wires() { return RefArray{ w_l, w_r, w_o, w_4 }; };
-
-        MSGPACK_FIELDS(w_l, w_r, w_o, w_4, z_perm, lookup_inverses, lookup_read_counts, lookup_read_tags);
-    };
-
-    /**
-     * @brief Class for ShiftedEntities, containing shifted witness and table polynomials.
-     */
-    template <typename DataType> class ShiftedEntities {
-      public:
-        DEFINE_FLAVOR_MEMBERS(DataType,
-                              table_1_shift, // column 0
-                              table_2_shift, // column 1
-                              table_3_shift, // column 2
-                              table_4_shift, // column 3
-                              w_l_shift,     // column 4
-                              w_r_shift,     // column 5
-                              w_o_shift,     // column 6
-                              w_4_shift,     // column 7
-                              z_perm_shift)  // column 10
-
-        auto get_shifted()
-        {
-            return RefArray{ table_1_shift, table_2_shift, table_3_shift, table_4_shift, w_l_shift,
-                             w_r_shift,     w_o_shift,     w_4_shift,     z_perm_shift };
-        };
-    };
-
-    /**
-     * @brief A base class labelling all entities (for instance, all of the polynomials used by the prover during
-     * sumcheck) in this Honk variant along with particular subsets of interest
-     * @details Used to build containers for: the prover's polynomial during sumcheck; the sumcheck's folded
-     * polynomials; the univariates consturcted during during sumcheck; the evaluations produced by sumcheck.
-     *
-     * Symbolically we have: AllEntities = PrecomputedEntities + WitnessEntities + "ShiftedEntities". It could be
-     * implemented as such, but we have this now.
-     */
-    template <typename DataType>
-    class AllEntities : public PrecomputedEntities<DataType>,
-                        public WitnessEntities<DataType>,
-                        public ShiftedEntities<DataType> {
-      public:
-        DEFINE_COMPOUND_GET_ALL(PrecomputedEntities<DataType>, WitnessEntities<DataType>, ShiftedEntities<DataType>)
-
-        auto get_wires() { return RefArray{ this->w_l, this->w_r, this->w_o, this->w_4 }; };
-        auto get_selectors() { return PrecomputedEntities<DataType>::get_selectors(); }
-        auto get_sigmas() { return RefArray{ this->sigma_1, this->sigma_2, this->sigma_3, this->sigma_4 }; };
-        auto get_ids() { return RefArray{ this->id_1, this->id_2, this->id_3, this->id_4 }; };
-        auto get_tables() { return RefArray{ this->table_1, this->table_2, this->table_3, this->table_4 }; };
-        auto get_unshifted()
-        {
-            return concatenate(PrecomputedEntities<DataType>::get_all(), WitnessEntities<DataType>::get_all());
-        };
-
-        auto get_precomputed() { return PrecomputedEntities<DataType>::get_all(); }
-
-        auto get_witness() { return WitnessEntities<DataType>::get_all(); };
-        auto get_to_be_shifted()
-        {
-            return RefArray{ this->table_1, this->table_2, this->table_3, this->table_4, this->w_l,
-                             this->w_r,     this->w_o,     this->w_4,     this->z_perm };
-        };
-        auto get_shifted() { return ShiftedEntities<DataType>::get_all(); };
-    };
-
-  public:
-    /**
-     * @brief A field element for each entity of the flavor. These entities represent the prover polynomials
-     * evaluated at one point.
-     */
-    class AllValues : public AllEntities<FF> {
-      public:
-        using Base = AllEntities<FF>;
-        using Base::Base;
-    };
-
-    /**
-     * @brief A container for polynomials handles.
-     */
-    // TODO(https://github.com/AztecProtocol/barretenberg/issues/966): use inheritance
-    class ProverPolynomials : public AllEntities<Polynomial> {
-      public:
-        // Define all operations as default, except copy construction/assignment
-        ProverPolynomials() = default;
-        ProverPolynomials(size_t circuit_size)
-        { // Initialize all unshifted polynomials to the zero polynomial and initialize the
-          // shifted polys
-
-            for (auto& poly : get_to_be_shifted()) {
-                poly = Polynomial{ /*memory size*/ circuit_size - 1,
-                                   /*largest possible index*/ circuit_size,
-                                   /* offset */ 1 };
-            }
-            for (auto& poly : get_unshifted()) {
-                if (poly.is_empty()) {
-                    // Not set above
-                    poly = Polynomial{ /*memory size*/ circuit_size, /*largest possible index*/ circuit_size };
-                }
-            }
-            set_shifted();
-        }
-        ProverPolynomials& operator=(const ProverPolynomials&) = delete;
-        ProverPolynomials(const ProverPolynomials& o) = delete;
-        ProverPolynomials(ProverPolynomials&& o) noexcept = default;
-        ProverPolynomials& operator=(ProverPolynomials&& o) noexcept = default;
-        ~ProverPolynomials() = default;
-        [[nodiscard]] size_t get_polynomial_size() const { return q_c.size(); }
-        [[nodiscard]] AllValues get_row(const size_t row_idx) const
-        {
-            BB_OP_COUNT_TIME();
-            AllValues result;
-            for (auto [result_field, polynomial] : zip_view(result.get_all(), get_all())) {
-                result_field = polynomial[row_idx];
-            }
-            return result;
-        }
-
-        // Set all shifted polynomials based on their to-be-shifted counterpart
-        void set_shifted()
-        {
-            for (auto [shifted, to_be_shifted] : zip_view(get_shifted(), get_to_be_shifted())) {
-                shifted = to_be_shifted.shifted();
-            }
-        }
-    };
-    /**
-     * @brief The proving key is responsible for storing the polynomials used by the prover.
-     *
-     */
-    class ProvingKey : public ProvingKey_<FF, CommitmentKey> {
-      public:
-        using Base = ProvingKey_<FF, CommitmentKey>;
-
-        ProvingKey() = default;
-        ProvingKey(const size_t circuit_size,
-                   const size_t num_public_inputs,
-                   std::shared_ptr<CommitmentKey> commitment_key = nullptr)
-            : Base(circuit_size, num_public_inputs, commitment_key)
-            , polynomials(circuit_size){};
-
-        std::vector<uint32_t> memory_read_records;
-        std::vector<uint32_t> memory_write_records;
-        ProverPolynomials polynomials; // storage for all polynomials evaluated by the prover
-
-        /**
-         * @brief Add RAM/ROM memory records to the fourth wire polynomial
-         *
-         * @details This operation must be performed after the first three wires have been
-         * committed to, hence the dependence on the `eta` challenge.
-         *
-         * @tparam Flavor
-         * @param eta challenge produced after commitment to first three wire polynomials
-         */
-        void add_ram_rom_memory_records_to_wire_4(const FF& eta, const FF& eta_two, const FF& eta_three)
-        {
-            // The memory record values are computed at the indicated indices as
-            // w4 = w3 * eta^3 + w2 * eta^2 + w1 * eta + read_write_flag;
-            // (See the Auxiliary relation for details)
-            auto wires = polynomials.get_wires();
-
-            // Compute read record values
-            for (const auto& gate_idx : memory_read_records) {
-                wires[3].at(gate_idx) += wires[2][gate_idx] * eta_three;
-                wires[3].at(gate_idx) += wires[1][gate_idx] * eta_two;
-                wires[3].at(gate_idx) += wires[0][gate_idx] * eta;
-            }
-
-            // Compute write record values
-            for (const auto& gate_idx : memory_write_records) {
-                wires[3].at(gate_idx) += wires[2][gate_idx] * eta_three;
-                wires[3].at(gate_idx) += wires[1][gate_idx] * eta_two;
-                wires[3].at(gate_idx) += wires[0][gate_idx] * eta;
-                wires[3].at(gate_idx) += 1;
-            }
-        }
-
-        /**
-         * @brief Compute the inverse polynomial used in the log derivative lookup argument
-         *
-         * @tparam Flavor
-         * @param beta
-         * @param gamma
-         */
-        void compute_logderivative_inverses(const RelationParameters<FF>& relation_parameters)
-        {
-            // Compute inverses for conventional lookups
-            compute_logderivative_inverse<UltraKeccakFlavor, LogDerivLookupRelation<FF>>(
-                this->polynomials, relation_parameters, this->circuit_size);
-        }
-
-        /**
-         * @brief Computes public_input_delta and the permutation grand product polynomial
-         *
-         * @param relation_parameters
-         */
-        void compute_grand_product_polynomials(RelationParameters<FF>& relation_parameters)
-        {
-            auto public_input_delta = compute_public_input_delta<UltraKeccakFlavor>(this->public_inputs,
-                                                                                    relation_parameters.beta,
-                                                                                    relation_parameters.gamma,
-                                                                                    this->circuit_size,
-                                                                                    this->pub_inputs_offset);
-            relation_parameters.public_input_delta = public_input_delta;
-
-            // Compute permutation and lookup grand product polynomials
-            compute_grand_products<UltraKeccakFlavor>(this->polynomials, relation_parameters);
-        }
-    };
-
     /**
      * @brief The verification key is responsible for storing the commitments to the precomputed (non-witnessk)
      * polynomials used by the verifier.
@@ -509,146 +152,6 @@ class UltraKeccakFlavor {
                        lagrange_last);
     };
 
-    /**
-     * @brief A container for storing the partially evaluated multivariates produced by sumcheck.
-     */
-    class PartiallyEvaluatedMultivariates : public AllEntities<Polynomial> {
-
-      public:
-        PartiallyEvaluatedMultivariates() = default;
-        PartiallyEvaluatedMultivariates(const size_t circuit_size)
-        {
-            // Storage is only needed after the first partial evaluation, hence polynomials of
-            // size (n / 2)
-            for (auto& poly : this->get_all()) {
-                poly = Polynomial(circuit_size / 2);
-            }
-        }
-    };
-
-    /**
-     * @brief A container for univariates used during Protogalaxy folding and sumcheck.
-     * @details During folding and sumcheck, the prover evaluates the relations on these univariates.
-     */
-    template <size_t LENGTH> using ProverUnivariates = AllEntities<bb::Univariate<FF, LENGTH>>;
-    /**
-     * @brief A container for univariates used during Protogalaxy folding and sumcheck.
-     * @details During folding and sumcheck, the prover evaluates the relations on these univariates.
-     */
-    template <size_t LENGTH, size_t SKIP_COUNT>
-    using ProverUnivariatesWithOptimisticSkipping = AllEntities<bb::Univariate<FF, LENGTH, 0, SKIP_COUNT>>;
-
-    /**
-     * @brief A container for univariates produced during the hot loop in sumcheck.
-     */
-    using ExtendedEdges = ProverUnivariates<MAX_PARTIAL_RELATION_LENGTH>;
-
-    /**
-     * @brief A container for the witness commitments.
-     */
-    using WitnessCommitments = WitnessEntities<Commitment>;
-
-    /**
-     * @brief A container for commitment labels.
-     * @note It's debatable whether this should inherit from AllEntities. since most entries are not strictly needed. It
-     * has, however, been useful during debugging to have these labels available.
-     *
-     */
-    class CommitmentLabels : public AllEntities<std::string> {
-      public:
-        CommitmentLabels()
-        {
-            w_l = "W_L";
-            w_r = "W_R";
-            w_o = "W_O";
-            w_4 = "W_4";
-            z_perm = "Z_PERM";
-            lookup_inverses = "LOOKUP_INVERSES";
-            lookup_read_counts = "LOOKUP_READ_COUNTS";
-            lookup_read_tags = "LOOKUP_READ_TAGS";
-
-            q_c = "Q_C";
-            q_l = "Q_L";
-            q_r = "Q_R";
-            q_o = "Q_O";
-            q_4 = "Q_4";
-            q_m = "Q_M";
-            q_arith = "Q_ARITH";
-            q_delta_range = "Q_SORT";
-            q_elliptic = "Q_ELLIPTIC";
-            q_aux = "Q_AUX";
-            q_lookup = "Q_LOOKUP";
-            q_poseidon2_external = "Q_POSEIDON2_EXTERNAL";
-            q_poseidon2_internal = "Q_POSEIDON2_INTERNAL";
-            sigma_1 = "SIGMA_1";
-            sigma_2 = "SIGMA_2";
-            sigma_3 = "SIGMA_3";
-            sigma_4 = "SIGMA_4";
-            id_1 = "ID_1";
-            id_2 = "ID_2";
-            id_3 = "ID_3";
-            id_4 = "ID_4";
-            table_1 = "TABLE_1";
-            table_2 = "TABLE_2";
-            table_3 = "TABLE_3";
-            table_4 = "TABLE_4";
-            lagrange_first = "LAGRANGE_FIRST";
-            lagrange_last = "LAGRANGE_LAST";
-        };
-    };
-
-    /**
-     * @brief A container encapsulating all the commitments that the verifier receives (to precomputed polynomials and
-     * witness polynomials).
-     *
-     */
-    template <typename Commitment, typename VerificationKey>
-    class VerifierCommitments_ : public AllEntities<Commitment> {
-      public:
-        VerifierCommitments_(const std::shared_ptr<VerificationKey>& verification_key,
-                             const std::optional<WitnessCommitments>& witness_commitments = std::nullopt)
-        {
-            this->q_m = verification_key->q_m;
-            this->q_c = verification_key->q_c;
-            this->q_l = verification_key->q_l;
-            this->q_r = verification_key->q_r;
-            this->q_o = verification_key->q_o;
-            this->q_4 = verification_key->q_4;
-            this->q_arith = verification_key->q_arith;
-            this->q_delta_range = verification_key->q_delta_range;
-            this->q_elliptic = verification_key->q_elliptic;
-            this->q_aux = verification_key->q_aux;
-            this->q_lookup = verification_key->q_lookup;
-            this->q_poseidon2_external = verification_key->q_poseidon2_external;
-            this->q_poseidon2_internal = verification_key->q_poseidon2_internal;
-            this->sigma_1 = verification_key->sigma_1;
-            this->sigma_2 = verification_key->sigma_2;
-            this->sigma_3 = verification_key->sigma_3;
-            this->sigma_4 = verification_key->sigma_4;
-            this->id_1 = verification_key->id_1;
-            this->id_2 = verification_key->id_2;
-            this->id_3 = verification_key->id_3;
-            this->id_4 = verification_key->id_4;
-            this->table_1 = verification_key->table_1;
-            this->table_2 = verification_key->table_2;
-            this->table_3 = verification_key->table_3;
-            this->table_4 = verification_key->table_4;
-            this->lagrange_first = verification_key->lagrange_first;
-            this->lagrange_last = verification_key->lagrange_last;
-
-            if (witness_commitments.has_value()) {
-                auto commitments = witness_commitments.value();
-                this->w_l = commitments.w_l;
-                this->w_r = commitments.w_r;
-                this->w_o = commitments.w_o;
-                this->lookup_inverses = commitments.lookup_inverses;
-                this->lookup_read_counts = commitments.lookup_read_counts;
-                this->lookup_read_tags = commitments.lookup_read_tags;
-                this->w_4 = commitments.w_4;
-                this->z_perm = commitments.z_perm;
-            }
-        }
-    };
     // Specialize for Ultra (general case used in UltraRecursive).
     using VerifierCommitments = VerifierCommitments_<Commitment, VerificationKey>;
 

From 8024311d55a56395bfaca59db29a0e5e89242133 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Thu, 19 Sep 2024 14:27:45 +0000
Subject: [PATCH 07/25] ultra keccak with gemini, not working yet

---
 .../commitment_schemes/gemini/gemini.cpp      | 235 +----------------
 .../commitment_schemes/gemini/gemini.hpp      |  15 +-
 .../commitment_schemes/gemini/gemini.test.cpp |   9 +-
 .../commitment_schemes/gemini/gemini_impl.hpp | 240 ++++++++++++++++++
 .../commitment_schemes/ipa/ipa.test.cpp       |  16 +-
 .../commitment_schemes/kzg/kzg.test.cpp       |  32 +--
 .../{shplemini_verifier.hpp => shplemini.hpp} | 134 +++++++---
 ...i_verifier.test.cpp => shplemini.test.cpp} |   2 +-
 .../commitment_schemes/shplonk/shplonk.hpp    |   6 +-
 .../zeromorph/zeromorph.hpp                   |  30 ++-
 .../zeromorph/zeromorph.test.cpp              |  19 +-
 .../shplemini.test.cpp                        |  23 +-
 .../zeromorph.test.cpp                        |  19 +-
 .../src/barretenberg/eccvm/eccvm_prover.cpp   |  16 +-
 .../src/barretenberg/eccvm/eccvm_verifier.cpp |   3 +-
 .../execution_trace/execution_trace.cpp       |   2 +
 .../cpp/src/barretenberg/flavor/flavor.hpp    |  10 +-
 .../eccvm_recursive_verifier.cpp              |   3 +-
 .../decider_recursive_verifier.cpp            |   3 +-
 .../ultra_recursive_verifier.cpp              |   3 +-
 .../circuit_builders/circuit_builders_fwd.hpp |   1 +
 .../translator_recursive_verifier.cpp         |   4 +-
 .../stdlib_circuit_builders/mega_flavor.hpp   |   2 +
 .../stdlib_circuit_builders/ultra_flavor.hpp  |   2 +
 .../ultra_keccak_with_gemini_flavor.hpp       |  11 +
 .../translator_vm/translator_flavor.hpp       |   2 +
 .../translator_vm/translator_prover.cpp       |  22 +-
 .../translator_vm/translator_verifier.cpp     |   3 +-
 .../ultra_honk/decider_prover.cpp             |  18 +-
 .../ultra_honk/decider_prover.hpp             |   1 +
 .../ultra_honk/decider_proving_key.cpp        |   1 +
 .../ultra_honk/decider_proving_key.hpp        |   1 +
 .../ultra_honk/decider_verifier.cpp           |  20 +-
 .../barretenberg/ultra_honk/oink_prover.cpp   |   1 +
 .../barretenberg/ultra_honk/oink_prover.hpp   |   1 +
 .../barretenberg/ultra_honk/oink_verifier.cpp |   1 +
 .../barretenberg/ultra_honk/oink_verifier.hpp |   1 +
 .../ultra_honk/ultra_honk.test.cpp            |   2 +-
 .../barretenberg/ultra_honk/ultra_prover.cpp  |   1 +
 .../barretenberg/ultra_honk/ultra_prover.hpp  |   1 +
 .../ultra_honk/ultra_verifier.cpp             |   1 +
 .../barretenberg/vm/avm/generated/prover.cpp  |   3 +-
 .../vm/avm/generated/verifier.cpp             |   3 +-
 .../avm/recursion/avm_recursive_verifier.cpp  |   3 +-
 .../bb-pil-backend/templates/prover.cpp.hbs   |   3 +-
 .../bb-pil-backend/templates/verifier.cpp.hbs |   3 +-
 46 files changed, 518 insertions(+), 414 deletions(-)
 create mode 100644 barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
 rename barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/{shplemini_verifier.hpp => shplemini.hpp} (74%)
 rename barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/{shplemini_verifier.test.cpp => shplemini.test.cpp} (99%)
 create mode 100644 barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp

diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp
index 2a9abea0c523..982c37c56821 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.cpp
@@ -1,237 +1,6 @@
-#include "gemini.hpp"
 #include "barretenberg/common/thread.hpp"
-
-/**
- * @brief Protocol for opening several multi-linear polynomials at the same point.
- *
- *
- * m = number of variables
- * n = 2ᵐ
- * u = (u₀,...,uₘ₋₁)
- * f₀, …, fₖ₋₁ = multilinear polynomials,
- * g₀, …, gₕ₋₁ = shifted multilinear polynomial,
- *  Each gⱼ is the left-shift of some f↺ᵢ, and gⱼ points to the same memory location as fᵢ.
- * v₀, …, vₖ₋₁, v↺₀, …, v↺ₕ₋₁ = multilinear evalutions  s.t. fⱼ(u) = vⱼ, and gⱼ(u) = f↺ⱼ(u) = v↺ⱼ
- *
- * We use a challenge ρ to create a random linear combination of all fⱼ,
- * and actually define A₀ = F + G↺, where
- *   F  = ∑ⱼ ρʲ fⱼ
- *   G  = ∑ⱼ ρᵏ⁺ʲ gⱼ,
- *   G↺ = is the shift of G
- * where fⱼ is normal, and gⱼ is shifted.
- * The evaluations are also batched, and
- *   v  = ∑ ρʲ⋅vⱼ + ∑ ρᵏ⁺ʲ⋅v↺ⱼ = F(u) + G↺(u)
- *
- * The prover then creates the folded polynomials A₀, ..., Aₘ₋₁,
- * and opens them at different points, as univariates.
- *
- * We open A₀ as univariate at r and -r.
- * Since A₀ = F + G↺, but the verifier only has commitments to the gⱼs,
- * we need to partially evaluate A₀ at both evaluation points.
- * As univariate, we have
- *  A₀(X) = F(X) + G↺(X) = F(X) + G(X)/X
- * So we define
- *  - A₀₊(X) = F(X) + G(X)/r
- *  - A₀₋(X) = F(X) − G(X)/r
- * So that A₀₊(r) = A₀(r) and A₀₋(-r) = A₀(-r).
- * The verifier is able to computed the simulated commitments to A₀₊(X) and A₀₋(X)
- * since they are linear-combinations of the commitments [fⱼ] and [gⱼ].
- */
+#include "gemini_impl.hpp"
 namespace bb {
-template <typename Curve>
-std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
-    const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
-    std::span<Fr> multilinear_challenge,
-    std::span<Fr> multilinear_evaluations, /* u */
-    RefSpan<Polynomial> f_polynomials,     // unshifted
-    RefSpan<Polynomial> g_polynomials,     // to-be-shifted
-    std::shared_ptr<NativeTranscript>& transcript)
-{
-    ASSERT(multilinear_evaluations.size() == f_polynomials.size() + g_polynomials.size());
-    const size_t log_n = multilinear_challenge.size();
-    const size_t n = 1 << log_n;
-
-    Fr rho = transcript->template get_challenge<Fr>("rho");
-    std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
-
-    // Compute batched multivariate evaluation
-    Fr batched_evaluation = Fr::zero();
-    for (size_t i = 0; i < rhos.size(); ++i) {
-        batched_evaluation += multilinear_evaluations[i] * rhos[i];
-    }
-
-    // Compute batched polynomials
-    Polynomial batched_unshifted(n);
-    Polynomial batched_to_be_shifted = Polynomial::shiftable(1 << log_n);
-
-    const size_t num_unshifted = f_polynomials.size();
-    const size_t num_to_be_shifted = g_polynomials.size();
-    for (size_t i = 0; i < num_unshifted; i++) {
-        batched_unshifted.add_scaled(f_polynomials[i], rhos[i]);
-    }
-    for (size_t i = 0; i < num_to_be_shifted; i++) {
-        batched_to_be_shifted.add_scaled(g_polynomials[i], rhos[num_unshifted + i]);
-    }
-
-    auto fold_polynomials =
-        compute_fold_polynomials(multilinear_challenge, std::move(batched_unshifted), std::move(batched_to_be_shifted));
-
-    for (size_t l = 0; l < log_n - 1; l++) {
-        transcript->send_to_verifier("Gemini:FOLD_" + std::to_string(l + 1),
-                                     commitment_key->commit(fold_polynomials[l + 2]));
-    }
-    const Fr r_challenge = transcript->template get_challenge<Fr>("Gemini:r");
-    std::vector<Claim> claims =
-        compute_fold_polynomial_evaluations(multilinear_challenge, std::move(fold_polynomials), r_challenge);
-
-    for (size_t l = 1; l <= log_n; l++) {
-        transcript->send_to_verifier("Gemini:a_" + std::to_string(l), claims[l].opening_pair.evaluation);
-    }
-
-    return claims;
-};
-
-/**
- * @brief Computes d-1 fold polynomials Fold_i, i = 1, ..., d-1
- *
- * @param mle_opening_point multilinear opening point 'u'
- * @param batched_unshifted F(X) = ∑ⱼ ρʲ   fⱼ(X)
- * @param batched_to_be_shifted G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X)
- * @return std::vector<Polynomial>
- */
-template <typename Curve>
-std::vector<typename GeminiProver_<Curve>::Polynomial> GeminiProver_<Curve>::compute_fold_polynomials(
-    std::span<const Fr> mle_opening_point, Polynomial&& batched_unshifted, Polynomial&& batched_to_be_shifted)
-{
-    const size_t num_variables = mle_opening_point.size(); // m
-
-    const size_t num_threads = get_num_cpus_pow2();
-    constexpr size_t efficient_operations_per_thread = 64; // A guess of the number of operation for which there
-                                                           // would be a point in sending them to a separate thread
-
-    // Allocate space for m+1 Fold polynomials
-    //
-    // The first two are populated here with the batched unshifted and to-be-shifted polynomial respectively.
-    // They will eventually contain the full batched polynomial A₀ partially evaluated at the challenges r,-r.
-    // This function populates the other m-1 polynomials with the foldings of A₀.
-    std::vector<Polynomial> fold_polynomials;
-    fold_polynomials.reserve(num_variables + 1);
-
-    // F(X) = ∑ⱼ ρʲ fⱼ(X) and G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X)
-    Polynomial& batched_F = fold_polynomials.emplace_back(std::move(batched_unshifted));
-    Polynomial& batched_G = fold_polynomials.emplace_back(std::move(batched_to_be_shifted));
-    constexpr size_t offset_to_folded = 2; // Offset because of F an G
-    // A₀(X) = F(X) + G↺(X) = F(X) + G(X)/X.
-    Polynomial A_0 = batched_F;
-    A_0 += batched_G.shifted();
-
-    // Allocate everything before parallel computation
-    for (size_t l = 0; l < num_variables - 1; ++l) {
-        // size of the previous polynomial/2
-        const size_t n_l = 1 << (num_variables - l - 1);
-
-        // A_l_fold = Aₗ₊₁(X) = (1-uₗ)⋅even(Aₗ)(X) + uₗ⋅odd(Aₗ)(X)
-        fold_polynomials.emplace_back(Polynomial(n_l));
-    }
-
-    // A_l = Aₗ(X) is the polynomial being folded
-    // in the first iteration, we take the batched polynomial
-    // in the next iteration, it is the previously folded one
-    auto A_l = A_0.data();
-    for (size_t l = 0; l < num_variables - 1; ++l) {
-        // size of the previous polynomial/2
-        const size_t n_l = 1 << (num_variables - l - 1);
-
-        // Use as many threads as it is useful so that 1 thread doesn't process 1 element, but make sure that there is
-        // at least 1
-        size_t num_used_threads = std::min(n_l / efficient_operations_per_thread, num_threads);
-        num_used_threads = num_used_threads ? num_used_threads : 1;
-        size_t chunk_size = n_l / num_used_threads;
-        size_t last_chunk_size = (n_l % chunk_size) ? (n_l % num_used_threads) : chunk_size;
-
-        // Openning point is the same for all
-        const Fr u_l = mle_opening_point[l];
-
-        // A_l_fold = Aₗ₊₁(X) = (1-uₗ)⋅even(Aₗ)(X) + uₗ⋅odd(Aₗ)(X)
-        auto A_l_fold = fold_polynomials[l + offset_to_folded].data();
-
-        parallel_for(num_used_threads, [&](size_t i) {
-            size_t current_chunk_size = (i == (num_used_threads - 1)) ? last_chunk_size : chunk_size;
-            for (std::ptrdiff_t j = (std::ptrdiff_t)(i * chunk_size);
-                 j < (std::ptrdiff_t)((i * chunk_size) + current_chunk_size);
-                 j++) {
-                // fold(Aₗ)[j] = (1-uₗ)⋅even(Aₗ)[j] + uₗ⋅odd(Aₗ)[j]
-                //            = (1-uₗ)⋅Aₗ[2j]      + uₗ⋅Aₗ[2j+1]
-                //            = Aₗ₊₁[j]
-                A_l_fold[j] = A_l[j << 1] + u_l * (A_l[(j << 1) + 1] - A_l[j << 1]);
-            }
-        });
-        // set Aₗ₊₁ = Aₗ for the next iteration
-        A_l = A_l_fold;
-    }
-
-    return fold_polynomials;
-};
-
-/**
- * @brief Computes/aggragates d+1 Fold polynomials and their opening pairs (challenge, evaluation)
- *
- * @details This function assumes that, upon input, last d-1 entries in fold_polynomials are Fold_i.
- * The first two entries are assumed to be, respectively, the batched unshifted and batched to-be-shifted
- * polynomials F(X) = ∑ⱼ ρʲfⱼ(X) and G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X). This function completes the computation
- * of the first two Fold polynomials as F + G/r and F - G/r. It then evaluates each of the d+1
- * fold polynomials at, respectively, the points r, rₗ = r^{2ˡ} for l = 0, 1, ..., d-1.
- *
- * @param mle_opening_point u = (u₀,...,uₘ₋₁) is the MLE opening point
- * @param fold_polynomials vector of polynomials whose first two elements are F(X) = ∑ⱼ ρʲfⱼ(X)
- * and G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X), and the next d-1 elements are Fold_i, i = 1, ..., d-1.
- * @param r_challenge univariate opening challenge
- */
-template <typename Curve>
-std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::compute_fold_polynomial_evaluations(
-    std::span<const Fr> mle_opening_point, std::vector<Polynomial>&& fold_polynomials, const Fr& r_challenge)
-{
-    const size_t num_variables = mle_opening_point.size(); // m
-
-    Polynomial& batched_F = fold_polynomials[0]; // F(X) = ∑ⱼ ρʲ   fⱼ(X)
-    Polynomial& batched_G = fold_polynomials[1]; // G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X)
-
-    // Compute univariate opening queries rₗ = r^{2ˡ} for l = 0, 1, ..., m-1
-    std::vector<Fr> r_squares = gemini::powers_of_evaluation_challenge(r_challenge, num_variables);
-
-    // Compute G/r
-    Fr r_inv = r_challenge.invert();
-    batched_G *= r_inv;
-
-    // Construct A₀₊ = F + G/r and A₀₋ = F - G/r in place in fold_polynomials
-    Polynomial tmp = batched_F;
-    Polynomial& A_0_pos = fold_polynomials[0];
-
-    // A₀₊(X) = F(X) + G(X)/r, s.t. A₀₊(r) = A₀(r)
-    A_0_pos += batched_G;
-
-    // Perform a swap so that tmp = G(X)/r and A_0_neg = F(X)
-    std::swap(tmp, batched_G);
-    Polynomial& A_0_neg = fold_polynomials[1];
-
-    // A₀₋(X) = F(X) - G(X)/r, s.t. A₀₋(-r) = A₀(-r)
-    A_0_neg -= tmp;
-
-    std::vector<Claim> opening_claims;
-    opening_claims.reserve(num_variables + 1);
-
-    // Compute first opening pair {r, A₀(r)}
-    Fr evaluation = fold_polynomials[0].evaluate(r_challenge);
-    opening_claims.emplace_back(
-        Claim{ fold_polynomials[0], { r_challenge, fold_polynomials[0].evaluate(r_challenge) } });
-    // Compute the remaining m opening pairs {−r^{2ˡ}, Aₗ(−r^{2ˡ})}, l = 0, ..., m-1.
-    for (size_t l = 0; l < num_variables; ++l) {
-        evaluation = fold_polynomials[l + 1].evaluate(-r_squares[l]);
-        opening_claims.emplace_back(Claim{ fold_polynomials[l + 1], { -r_squares[l], evaluation } });
-    }
-
-    return opening_claims;
-};
 template class GeminiProver_<curve::BN254>;
 template class GeminiProver_<curve::Grumpkin>;
-} // namespace bb
+}; // namespace bb
\ No newline at end of file
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
index e38f6891bd65..ce0fa0e2e91f 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
@@ -99,20 +99,23 @@ template <typename Curve> class GeminiProver_ {
     using Claim = ProverOpeningClaim<Curve>;
 
   public:
-    static std::vector<Polynomial> compute_fold_polynomials(std::span<const Fr> multilinear_evaluations,
+    static std::vector<Polynomial> compute_fold_polynomials(const size_t log_N,
+                                                            std::span<const Fr> multilinear_challenge,
                                                             Polynomial&& batched_unshifted,
                                                             Polynomial&& batched_to_be_shifted);
 
-    static std::vector<Claim> compute_fold_polynomial_evaluations(std::span<const Fr> multilinear_evaluations,
+    static std::vector<Claim> compute_fold_polynomial_evaluations(const size_t log_N,
                                                                   std::vector<Polynomial>&& fold_polynomials,
                                                                   const Fr& r_challenge);
 
-    static std::vector<Claim> prove(const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
-                                    std::span<Fr> multilinear_challenge,
-                                    std::span<Fr> multilinear_evaluations,
+    template <typename Transcript>
+    static std::vector<Claim> prove(const Fr circuit_size,
                                     RefSpan<Polynomial> f_polynomials,
                                     RefSpan<Polynomial> g_polynomials,
-                                    std::shared_ptr<NativeTranscript>& transcript);
+                                    RefSpan<Fr> multilinear_evaluations,
+                                    std::span<Fr> multilinear_challenge,
+                                    const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
+                                    const std::shared_ptr<Transcript>& transcript);
 }; // namespace bb
 
 template <typename Curve> class GeminiVerifier_ {
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
index 881e70769cfb..7d0b29a26a9f 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
@@ -1,4 +1,4 @@
-#include "gemini.hpp"
+#include "gemini_impl.hpp"
 
 #include "../commitment_key.test.hpp"
 #include "barretenberg/polynomials/polynomial.hpp"
@@ -25,11 +25,12 @@ template <class Curve> class GeminiTest : public CommitmentTest<Curve> {
         // Compute:
         // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
         // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-        auto prover_output = GeminiProver::prove(this->commitment_key,
-                                                 multilinear_evaluation_point,
-                                                 multilinear_evaluations,
+        auto prover_output = GeminiProver::prove(1 << multilinear_evaluation_point.size(),
                                                  RefVector(multilinear_polynomials),
                                                  RefVector(multilinear_polynomials_to_be_shifted),
+                                                 RefVector(multilinear_evaluations),
+                                                 multilinear_evaluation_point,
+                                                 this->commitment_key,
                                                  prover_transcript);
 
         // Check that the Fold polynomials have been evaluated correctly in the prover
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
new file mode 100644
index 000000000000..5876f5ac51b2
--- /dev/null
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
@@ -0,0 +1,240 @@
+#pragma once
+#include "barretenberg/common/thread.hpp"
+#include "gemini.hpp"
+
+/**
+ * @brief Protocol for opening several multi-linear polynomials at the same point.
+ *
+ *
+ * m = number of variables
+ * n = 2ᵐ
+ * u = (u₀,...,uₘ₋₁)
+ * f₀, …, fₖ₋₁ = multilinear polynomials,
+ * g₀, …, gₕ₋₁ = shifted multilinear polynomial,
+ *  Each gⱼ is the left-shift of some f↺ᵢ, and gⱼ points to the same memory location as fᵢ.
+ * v₀, …, vₖ₋₁, v↺₀, …, v↺ₕ₋₁ = multilinear evalutions  s.t. fⱼ(u) = vⱼ, and gⱼ(u) = f↺ⱼ(u) = v↺ⱼ
+ *
+ * We use a challenge ρ to create a random linear combination of all fⱼ,
+ * and actually define A₀ = F + G↺, where
+ *   F  = ∑ⱼ ρʲ fⱼ
+ *   G  = ∑ⱼ ρᵏ⁺ʲ gⱼ,
+ *   G↺ = is the shift of G
+ * where fⱼ is normal, and gⱼ is shifted.
+ * The evaluations are also batched, and
+ *   v  = ∑ ρʲ⋅vⱼ + ∑ ρᵏ⁺ʲ⋅v↺ⱼ = F(u) + G↺(u)
+ *
+ * The prover then creates the folded polynomials A₀, ..., Aₘ₋₁,
+ * and opens them at different points, as univariates.
+ *
+ * We open A₀ as univariate at r and -r.
+ * Since A₀ = F + G↺, but the verifier only has commitments to the gⱼs,
+ * we need to partially evaluate A₀ at both evaluation points.
+ * As univariate, we have
+ *  A₀(X) = F(X) + G↺(X) = F(X) + G(X)/X
+ * So we define
+ *  - A₀₊(X) = F(X) + G(X)/r
+ *  - A₀₋(X) = F(X) − G(X)/r
+ * So that A₀₊(r) = A₀(r) and A₀₋(-r) = A₀(-r).
+ * The verifier is able to computed the simulated commitments to A₀₊(X) and A₀₋(X)
+ * since they are linear-combinations of the commitments [fⱼ] and [gⱼ].
+ */
+namespace bb {
+template <typename Curve>
+template <typename Transcript>
+std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
+    [[maybe_unused]] Fr circuit_size,    // Will be used when constant proof sizes are in
+    RefSpan<Polynomial> f_polynomials,   // unshifted
+    RefSpan<Polynomial> g_polynomials,   // to-be-shifted
+    RefSpan<Fr> multilinear_evaluations, /* u */
+    std::span<Fr> multilinear_challenge,
+    const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
+    const std::shared_ptr<Transcript>& transcript)
+{
+    ASSERT(multilinear_evaluations.size() == f_polynomials.size() + g_polynomials.size());
+    size_t log_n = numeric::get_msb(static_cast<uint32_t>(circuit_size));
+    size_t n = 1 << log_n;
+
+    Fr rho = transcript->template get_challenge<Fr>("rho");
+    std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
+
+    // Compute batched multivariate evaluation
+    Fr batched_evaluation = Fr::zero();
+    for (size_t i = 0; i < rhos.size(); ++i) {
+        batched_evaluation += multilinear_evaluations[i] * rhos[i];
+    }
+
+    // Compute batched polynomials
+    Polynomial batched_unshifted(n);
+    Polynomial batched_to_be_shifted = Polynomial::shiftable(1 << log_n);
+
+    const size_t num_unshifted = f_polynomials.size();
+    const size_t num_to_be_shifted = g_polynomials.size();
+    for (size_t i = 0; i < num_unshifted; i++) {
+        batched_unshifted.add_scaled(f_polynomials[i], rhos[i]);
+    }
+    for (size_t i = 0; i < num_to_be_shifted; i++) {
+        batched_to_be_shifted.add_scaled(g_polynomials[i], rhos[num_unshifted + i]);
+    }
+
+    auto fold_polynomials = compute_fold_polynomials(
+        log_n, multilinear_challenge, std::move(batched_unshifted), std::move(batched_to_be_shifted));
+
+    for (size_t l = 0; l < log_n - 1; l++) {
+        transcript->send_to_verifier("Gemini:FOLD_" + std::to_string(l + 1),
+                                     commitment_key->commit(fold_polynomials[l + 2]));
+    }
+    const Fr r_challenge = transcript->template get_challenge<Fr>("Gemini:r");
+    std::vector<Claim> claims = compute_fold_polynomial_evaluations(log_n, std::move(fold_polynomials), r_challenge);
+
+    for (size_t l = 1; l <= log_n; l++) {
+        transcript->send_to_verifier("Gemini:a_" + std::to_string(l), claims[l].opening_pair.evaluation);
+    }
+
+    return claims;
+};
+
+/**
+ * @brief Computes d-1 fold polynomials Fold_i, i = 1, ..., d-1
+ *
+ * @param mle_opening_point multilinear opening point 'u'
+ * @param batched_unshifted F(X) = ∑ⱼ ρʲ   fⱼ(X)
+ * @param batched_to_be_shifted G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X)
+ * @return std::vector<Polynomial>
+ */
+template <typename Curve>
+std::vector<typename GeminiProver_<Curve>::Polynomial> GeminiProver_<Curve>::compute_fold_polynomials(
+    const size_t log_N,
+    std::span<const Fr> mle_opening_point,
+    Polynomial&& batched_unshifted,
+    Polynomial&& batched_to_be_shifted)
+{
+    const size_t num_variables = log_N;
+
+    const size_t num_threads = get_num_cpus_pow2();
+    constexpr size_t efficient_operations_per_thread = 64; // A guess of the number of operation for which there
+                                                           // would be a point in sending them to a separate thread
+
+    // Allocate space for m+1 Fold polynomials
+    //
+    // The first two are populated here with the batched unshifted and to-be-shifted polynomial respectively.
+    // They will eventually contain the full batched polynomial A₀ partially evaluated at the challenges r,-r.
+    // This function populates the other m-1 polynomials with the foldings of A₀.
+    std::vector<Polynomial> fold_polynomials;
+    fold_polynomials.reserve(num_variables + 1);
+
+    // F(X) = ∑ⱼ ρʲ fⱼ(X) and G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X)
+    Polynomial& batched_F = fold_polynomials.emplace_back(std::move(batched_unshifted));
+    Polynomial& batched_G = fold_polynomials.emplace_back(std::move(batched_to_be_shifted));
+    constexpr size_t offset_to_folded = 2; // Offset because of F an G
+    // A₀(X) = F(X) + G↺(X) = F(X) + G(X)/X.
+    Polynomial A_0 = batched_F;
+    A_0 += batched_G.shifted();
+
+    // Allocate everything before parallel computation
+    for (size_t l = 0; l < num_variables - 1; ++l) {
+        // size of the previous polynomial/2
+        const size_t n_l = 1 << (num_variables - l - 1);
+
+        // A_l_fold = Aₗ₊₁(X) = (1-uₗ)⋅even(Aₗ)(X) + uₗ⋅odd(Aₗ)(X)
+        fold_polynomials.emplace_back(Polynomial(n_l));
+    }
+
+    // A_l = Aₗ(X) is the polynomial being folded
+    // in the first iteration, we take the batched polynomial
+    // in the next iteration, it is the previously folded one
+    auto A_l = A_0.data();
+    for (size_t l = 0; l < num_variables - 1; ++l) {
+        // size of the previous polynomial/2
+        const size_t n_l = 1 << (num_variables - l - 1);
+
+        // Use as many threads as it is useful so that 1 thread doesn't process 1 element, but make sure that there is
+        // at least 1
+        size_t num_used_threads = std::min(n_l / efficient_operations_per_thread, num_threads);
+        num_used_threads = num_used_threads ? num_used_threads : 1;
+        size_t chunk_size = n_l / num_used_threads;
+        size_t last_chunk_size = (n_l % chunk_size) ? (n_l % num_used_threads) : chunk_size;
+
+        // Openning point is the same for all
+        const Fr u_l = mle_opening_point[l];
+
+        // A_l_fold = Aₗ₊₁(X) = (1-uₗ)⋅even(Aₗ)(X) + uₗ⋅odd(Aₗ)(X)
+        auto A_l_fold = fold_polynomials[l + offset_to_folded].data();
+
+        parallel_for(num_used_threads, [&](size_t i) {
+            size_t current_chunk_size = (i == (num_used_threads - 1)) ? last_chunk_size : chunk_size;
+            for (std::ptrdiff_t j = (std::ptrdiff_t)(i * chunk_size);
+                 j < (std::ptrdiff_t)((i * chunk_size) + current_chunk_size);
+                 j++) {
+                // fold(Aₗ)[j] = (1-uₗ)⋅even(Aₗ)[j] + uₗ⋅odd(Aₗ)[j]
+                //            = (1-uₗ)⋅Aₗ[2j]      + uₗ⋅Aₗ[2j+1]
+                //            = Aₗ₊₁[j]
+                A_l_fold[j] = A_l[j << 1] + u_l * (A_l[(j << 1) + 1] - A_l[j << 1]);
+            }
+        });
+        // set Aₗ₊₁ = Aₗ for the next iteration
+        A_l = A_l_fold;
+    }
+
+    return fold_polynomials;
+};
+
+/**
+ * @brief Computes/aggragates d+1 Fold polynomials and their opening pairs (challenge, evaluation)
+ *
+ * @details This function assumes that, upon input, last d-1 entries in fold_polynomials are Fold_i.
+ * The first two entries are assumed to be, respectively, the batched unshifted and batched to-be-shifted
+ * polynomials F(X) = ∑ⱼ ρʲfⱼ(X) and G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X). This function completes the computation
+ * of the first two Fold polynomials as F + G/r and F - G/r. It then evaluates each of the d+1
+ * fold polynomials at, respectively, the points r, rₗ = r^{2ˡ} for l = 0, 1, ..., d-1.
+ *
+ * @param mle_opening_point u = (u₀,...,uₘ₋₁) is the MLE opening point
+ * @param fold_polynomials vector of polynomials whose first two elements are F(X) = ∑ⱼ ρʲfⱼ(X)
+ * and G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X), and the next d-1 elements are Fold_i, i = 1, ..., d-1.
+ * @param r_challenge univariate opening challenge
+ */
+template <typename Curve>
+std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::compute_fold_polynomial_evaluations(
+    const size_t log_N, std::vector<Polynomial>&& fold_polynomials, const Fr& r_challenge)
+{
+    const size_t num_variables = log_N;
+
+    Polynomial& batched_F = fold_polynomials[0]; // F(X) = ∑ⱼ ρʲ   fⱼ(X)
+    Polynomial& batched_G = fold_polynomials[1]; // G(X) = ∑ⱼ ρᵏ⁺ʲ gⱼ(X)
+
+    // Compute univariate opening queries rₗ = r^{2ˡ} for l = 0, 1, ..., m-1
+    std::vector<Fr> r_squares = gemini::powers_of_evaluation_challenge(r_challenge, num_variables);
+
+    // Compute G/r
+    Fr r_inv = r_challenge.invert();
+    batched_G *= r_inv;
+
+    // Construct A₀₊ = F + G/r and A₀₋ = F - G/r in place in fold_polynomials
+    Polynomial tmp = batched_F;
+    Polynomial& A_0_pos = fold_polynomials[0];
+
+    // A₀₊(X) = F(X) + G(X)/r, s.t. A₀₊(r) = A₀(r)
+    A_0_pos += batched_G;
+
+    // Perform a swap so that tmp = G(X)/r and A_0_neg = F(X)
+    std::swap(tmp, batched_G);
+    Polynomial& A_0_neg = fold_polynomials[1];
+
+    // A₀₋(X) = F(X) - G(X)/r, s.t. A₀₋(-r) = A₀(-r)
+    A_0_neg -= tmp;
+
+    std::vector<Claim> opening_claims;
+    opening_claims.reserve(num_variables + 1);
+
+    // Compute first opening pair {r, A₀(r)}
+    Fr evaluation = fold_polynomials[0].evaluate(r_challenge);
+    opening_claims.emplace_back(
+        Claim{ fold_polynomials[0], { r_challenge, fold_polynomials[0].evaluate(r_challenge) } });
+    // Compute the remaining m opening pairs {−r^{2ˡ}, Aₗ(−r^{2ˡ})}, l = 0, ..., m-1.
+    for (size_t l = 0; l < num_variables; ++l) {
+        evaluation = fold_polynomials[l + 1].evaluate(-r_squares[l]);
+        opening_claims.emplace_back(Claim{ fold_polynomials[l + 1], { -r_squares[l], evaluation } });
+    }
+
+    return opening_claims;
+};
+} // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
index eb448f4e7091..d41af0eefb3c 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
@@ -1,6 +1,6 @@
 
 #include "../gemini/gemini.hpp"
-#include "../shplonk/shplemini_verifier.hpp"
+#include "../shplonk/shplemini.hpp"
 #include "../shplonk/shplonk.hpp"
 #include "./mock_transcript.hpp"
 #include "barretenberg/commitment_schemes/commitment_key.test.hpp"
@@ -266,11 +266,12 @@ TEST_F(IPATest, GeminiShplonkIPAWithShift)
     // Compute:
     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-    auto prover_opening_claims = GeminiProver::prove(this->ck(),
-                                                     mle_opening_point,
-                                                     multilinear_evaluations,
+    auto prover_opening_claims = GeminiProver::prove(n,
                                                      RefArray{ poly1, poly2 },
                                                      RefArray{ poly2 },
+                                                     RefVector(multilinear_evaluations),
+                                                     mle_opening_point,
+                                                     this->ck(),
                                                      prover_transcript);
 
     const auto opening_claim = ShplonkProver::prove(this->ck(), prover_opening_claims, prover_transcript);
@@ -322,11 +323,12 @@ TEST_F(IPATest, ShpleminiIPAWithShift)
     // Compute:
     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-    auto prover_opening_claims = GeminiProver::prove(this->ck(),
-                                                     mle_opening_point,
-                                                     multilinear_evaluations,
+    auto prover_opening_claims = GeminiProver::prove(n,
                                                      RefArray{ poly1, poly2 },
                                                      RefArray{ poly2 },
+                                                     RefVector(multilinear_evaluations),
+                                                     mle_opening_point,
+                                                     this->ck(),
                                                      prover_transcript);
 
     const auto opening_claim = ShplonkProver::prove(this->ck(), prover_opening_claims, prover_transcript);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
index 60f41bdb7f59..87278deef5d3 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
@@ -1,7 +1,7 @@
 
 #include "kzg.hpp"
 #include "../gemini/gemini.hpp"
-#include "../shplonk/shplemini_verifier.hpp"
+#include "../shplonk/shplemini.hpp"
 #include "../shplonk/shplonk.hpp"
 
 #include "../commitment_key.test.hpp"
@@ -92,11 +92,12 @@ TYPED_TEST(KZGTest, GeminiShplonkKzgWithShift)
     // Compute:
     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-    auto prover_opening_claims = GeminiProver::prove(this->ck(),
-                                                     mle_opening_point,
-                                                     multilinear_evaluations,
+    auto prover_opening_claims = GeminiProver::prove(n,
                                                      RefArray{ poly1, poly2 },
                                                      RefArray{ poly2 },
+                                                     RefVector(multilinear_evaluations),
+                                                     mle_opening_point,
+                                                     this->ck(),
                                                      prover_transcript);
 
     // Shplonk prover output:
@@ -169,11 +170,12 @@ TYPED_TEST(KZGTest, ShpleminiKzgWithShift)
     // Compute:
     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-    auto prover_opening_claims = GeminiProver::prove(this->ck(),
-                                                     mle_opening_point,
-                                                     multilinear_evaluations,
+    auto prover_opening_claims = GeminiProver::prove(n,
                                                      RefArray{ poly1, poly2 },
                                                      RefArray{ poly2 },
+                                                     RefVector(multilinear_evaluations),
+                                                     mle_opening_point,
+                                                     this->ck(),
                                                      prover_transcript);
 
     // Shplonk prover output:
@@ -191,14 +193,14 @@ TYPED_TEST(KZGTest, ShpleminiKzgWithShift)
 
     // Gemini verifier output:
     // - claim: d+1 commitments to Fold_{r}^(0), Fold_{-r}^(0), Fold^(l), d+1 evaluations a_0_pos, a_l, l = 0:d-1
-    const auto batch_opening_claim = ShpleminiVerifier::compute_batch_opening_claim(log_n,
-                                                                                    RefVector(unshifted_commitments),
-                                                                                    RefVector(shifted_commitments),
-                                                                                    RefVector(multilinear_evaluations),
-                                                                                    mle_opening_point,
-                                                                                    this->vk()->get_g1_identity(),
-                                                                                    verifier_transcript);
-    const auto pairing_points = KZG::reduce_verify_batch_opening_claim(batch_opening_claim, verifier_transcript);
+    const auto batch_opening_claim = ShpleminiVerifier::verify(log_n,
+                                                               RefVector(unshifted_commitments),
+                                                               RefVector(shifted_commitments),
+                                                               RefVector(multilinear_evaluations),
+                                                               mle_opening_point,
+                                                               this->vk()->get_g1_identity(),
+                                                               verifier_transcript);
+    const auto pairing_points = KZG::reduce_verify(batch_opening_claim, verifier_transcript);
     // Final pairing check: e([Q] - [Q_z] + z[W], [1]_2) = e([W], [x]_2)
 
     EXPECT_EQ(this->vk()->pairing_check(pairing_points[0], pairing_points[1]), true);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
similarity index 74%
rename from barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.hpp
rename to barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
index 721d65a2cc0d..071ec824f1d8 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
@@ -1,12 +1,45 @@
 #pragma once
 #include "barretenberg/commitment_schemes/claim.hpp"
 #include "barretenberg/commitment_schemes/commitment_key.hpp"
-#include "barretenberg/commitment_schemes/gemini/gemini.hpp"
+#include "barretenberg/commitment_schemes/gemini/gemini_impl.hpp"
 #include "barretenberg/commitment_schemes/shplonk/shplonk.hpp"
 #include "barretenberg/commitment_schemes/verification_key.hpp"
 #include "barretenberg/transcript/transcript.hpp"
 
 namespace bb {
+
+template <typename Curve> class ShpleminiProver_ {
+  public:
+    using FF = typename Curve::ScalarField;
+    using GroupElement = typename Curve::Element;
+    using Commitment = typename Curve::AffineElement;
+    using Polynomial = bb::Polynomial<FF>;
+    using OpeningClaim = ProverOpeningClaim<Curve>;
+
+    using VK = CommitmentKey<Curve>;
+    using ShplonkProver = ShplonkProver_<Curve>;
+    using GeminiProver = GeminiProver_<Curve>;
+
+    template <typename Transcript>
+    static OpeningClaim prove(FF circuit_size,
+                              RefSpan<Polynomial> f_polynomials,
+                              RefSpan<Polynomial> g_polynomials,
+                              RefSpan<FF> multilinear_evaluations,
+                              std::span<FF> multilinear_challenge,
+                              const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
+                              const std::shared_ptr<Transcript>& transcript)
+    {
+        std::vector<OpeningClaim> opening_claims = GeminiProver::prove(circuit_size,
+                                                                       f_polynomials,
+                                                                       g_polynomials,
+                                                                       multilinear_evaluations,
+                                                                       multilinear_challenge,
+                                                                       commitment_key,
+                                                                       transcript);
+        OpeningClaim batched_claim = ShplonkProver::prove(commitment_key, opening_claims, transcript);
+        return batched_claim;
+    };
+};
 /**
  * \brief An efficient verifier for the evaluation proofs of multilinear polynomials and their shifts.
  *
@@ -14,24 +47,24 @@ namespace bb {
  * \subsection Context
  *
  * This Verifier combines verifiers from four protocols:
- * 1. **Batch opening protocol**: Reduces various evaluation claims of multilinear polynomials and their shifts to the
- *    opening claim of a single batched polynomial.
- * 2. **Gemini protocol**: Reduces the batched polynomial opening claim to a claim about openings of Gemini univariate
- *    polynomials.
- * 3. **Shplonk protocol**: Reduces the opening of Gemini univariate polynomials at different points to a single opening
- *    of a batched univariate polynomial. Outputs \f$ \text{shplonk_opening_claim} \f$.
+ * 1. **Batch opening protocol**: Reduces various evaluation claims of multilinear polynomials and their shifts to
+ * the opening claim of a single batched polynomial.
+ * 2. **Gemini protocol**: Reduces the batched polynomial opening claim to a claim about openings of Gemini
+ * univariate polynomials.
+ * 3. **Shplonk protocol**: Reduces the opening of Gemini univariate polynomials at different points to a single
+ * opening of a batched univariate polynomial. Outputs \f$ \text{shplonk_opening_claim} \f$.
  * 4. **KZG or IPA protocol**: Verifies the evaluation of the univariate batched by Shplonk.
  *
  * **Important Observation**: From step 1 to step 4, the Verifier is not required to hash any results of its group
- * operations. Therefore, they could be performed at the very end, i.e. by the opening protocol of a chosen univariate
- * PCS. Because of this and the shape of the pairing check in Shplonk, various batch_mul calls could be reduced to a
- * single batch_mul call. This way we minimize the number of gates in the resulting recursive verifier circuits and save
- * some group operations in the native setting.
+ * operations. Therefore, they could be performed at the very end, i.e. by the opening protocol of a chosen
+ * univariate PCS. Because of this and the shape of the pairing check in Shplonk, various batch_mul calls could be
+ * reduced to a single batch_mul call. This way we minimize the number of gates in the resulting recursive verifier
+ * circuits and save some group operations in the native setting.
  *
- * \remark The sequence of steps could be performed by performing batching of unshifted and shifted polynomials, feeding
- * it to the existing GeminiVerifier, whose output would be passed to the ShplonkVerifier and then to the reduce_verify
- * method of a chosen PCS. However, it would be less efficient than ShpleminiVerifier in terms of group and field
- * operations.
+ * \remark The sequence of steps could be performed by performing batching of unshifted and shifted polynomials,
+ * feeding it to the existing GeminiVerifier, whose output would be passed to the ShplonkVerifier and then to the
+ * reduce_verify method of a chosen PCS. However, it would be less efficient than ShpleminiVerifier in terms of
+ * group and field operations.
  *
  * \subsection Implementation
  *
@@ -46,19 +79,19 @@ namespace bb {
  *    - Compute the evaluation of the Gemini batched univariate.
  * 4. Output a \ref bb::BatchOpeningClaim<Curve> "batch opening claim", which is a atriple \f$ (\text{commitments},
  * \text{scalars}, \text{shplonk_evaluation_point}) \f$ that satisfies the following: \f[ \text{batch_mul}
- * (\text{commitments},\ \text{scalars}) = \text{shplonk_opening_claim}.\text{point} \f] and the sizes of 'commitments'
- * and 'scalars' are equal to: \f[
+ * (\text{commitments},\ \text{scalars}) = \text{shplonk_opening_claim}.\text{point} \f] and the sizes of
+ * 'commitments' and 'scalars' are equal to: \f[
  * \#\text{claimed_evaluations} + \text{log_circuit_size} + 2
  * \f]
  *
  * The output triple is either fed to the corresponding \ref bb::KZG< Curve_ >::reduce_verify_batch_opening_claim
- * "KZG method" or \ref bb::IPA< Curve_ >::reduce_verify_batch_opening_claim "IPA method". In the case of KZG, we reduce
- * \f$ 6 \f$ batch_mul calls needed for the verification of the multivariate evaluation claims to the single batch_mul
- * described above. In the case of IPA, the total number of batch_mul calls needed to verify the multivariate evaluation
- * claims is reduced by \f$ 5 \f$.
+ * "KZG method" or \ref bb::IPA< Curve_ >::reduce_verify_batch_opening_claim "IPA method". In the case of KZG, we
+ * reduce \f$ 6 \f$ batch_mul calls needed for the verification of the multivariate evaluation claims to the single
+ * batch_mul described above. In the case of IPA, the total number of batch_mul calls needed to verify the
+ * multivariate evaluation claims is reduced by \f$ 5 \f$.
  *
- * TODO (https://github.com/AztecProtocol/barretenberg/issues/1084) Reduce the size of batch_mul further by eliminating
- * shifted commitments.
+ * TODO (https://github.com/AztecProtocol/barretenberg/issues/1084) Reduce the size of batch_mul further by
+ * eliminating shifted commitments.
  */
 
 template <typename Curve> class ShpleminiVerifier_ {
@@ -70,6 +103,37 @@ template <typename Curve> class ShpleminiVerifier_ {
     using GeminiVerifier = GeminiVerifier_<Curve>;
 
   public:
+    template <typename Transcript>
+    static OpeningClaim<Curve> verify(const Fr circuit_size,
+                                      RefSpan<Commitment> unshifted_commitments,
+                                      RefSpan<Commitment> shifted_commitments,
+                                      RefSpan<Fr> claimed_evaluations,
+                                      const std::vector<Fr>& multivariate_challenge,
+                                      const Commitment& g1_identity,
+                                      std::shared_ptr<Transcript>& transcript)
+    {
+        Fr log_N = numeric::get_msb(static_cast<uint32_t>(circuit_size));
+
+        BatchOpeningClaim<Curve> batch_opening_claim = compute_batch_opening_claim(log_N,
+                                                                                   unshifted_commitments,
+                                                                                   shifted_commitments,
+                                                                                   claimed_evaluations,
+                                                                                   multivariate_challenge,
+                                                                                   g1_identity,
+                                                                                   transcript);
+
+        GroupElement commitment;
+        if constexpr (Curve::is_stdlib_type) {
+            commitment = GroupElement::batch_mul(batch_opening_claim.commitments,
+                                                 batch_opening_claim.scalars,
+                                                 /*max_num_bits=*/0,
+                                                 /*with_edgecases=*/true);
+        } else {
+            commitment = batch_mul_native(batch_opening_claim.commitments, batch_opening_claim.scalars);
+        }
+
+        return { { batch_opening_claim.evaluation_point, Fr(0) }, commitment };
+    }
     template <typename Transcript>
     static BatchOpeningClaim<Curve> compute_batch_opening_claim(const Fr log_N,
                                                                 RefSpan<Commitment> unshifted_commitments,
@@ -135,8 +199,8 @@ template <typename Curve> class ShpleminiVerifier_ {
             gemini_evaluation_challenge.invert() *
             (inverse_vanishing_evals[0] - shplonk_batching_challenge * inverse_vanishing_evals[1]);
 
-        // Place the commitments to prover polynomials in the commitments vector. Compute the evaluation of the batched
-        // multilinear polynomial. Populate the vector of scalars for the final batch mul
+        // Place the commitments to prover polynomials in the commitments vector. Compute the evaluation of the
+        // batched multilinear polynomial. Populate the vector of scalars for the final batch mul
         Fr batched_evaluation{ 0 };
         batch_multivariate_opening_claims(unshifted_commitments,
                                           shifted_commitments,
@@ -175,8 +239,8 @@ template <typename Curve> class ShpleminiVerifier_ {
         return { commitments, scalars, shplonk_evaluation_challenge };
     };
     /**
-     * @brief Populates the vectors of commitments and scalars, and computes the evaluation of the batched multilinear
-     * polynomial at the sumcheck challenge.
+     * @brief Populates the vectors of commitments and scalars, and computes the evaluation of the batched
+     * multilinear polynomial at the sumcheck challenge.
      *
      * @details This function iterates over all commitments and the claimed evaluations of the corresponding
      * polynomials. The following notations are used:
@@ -257,11 +321,11 @@ template <typename Curve> class ShpleminiVerifier_ {
         }
     }
     /**
-     * @brief Populates the 'commitments' and 'scalars' vectors with the commitments to Gemini fold polynomials \f$ A_i
-     * \f$.
+     * @brief Populates the 'commitments' and 'scalars' vectors with the commitments to Gemini fold polynomials \f$
+     * A_i \f$.
      *
-     * @details Once the commitments to Gemini "fold" polynomials \f$ A_i \f$ and their evaluations at \f$ -r^{2^i} \f$,
-     * where \f$ i = 1, \ldots, n-1 \f$, are received by the verifier, it performs the following operations:
+     * @details Once the commitments to Gemini "fold" polynomials \f$ A_i \f$ and their evaluations at \f$ -r^{2^i}
+     * \f$, where \f$ i = 1, \ldots, n-1 \f$, are received by the verifier, it performs the following operations:
      *
      * 1. Moves the vector
      * \f[
@@ -316,4 +380,12 @@ template <typename Curve> class ShpleminiVerifier_ {
         }
     }
 };
+
+// TODO: temporary hack
+template <typename Curve> class Shplemini_ {
+  public:
+    using Prover = ShpleminiProver_<Curve>;
+    using Verifier = ShpleminiVerifier_<Curve>;
+};
+
 } // namespace bb
\ No newline at end of file
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
similarity index 99%
rename from barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp
rename to barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
index c19a9bbcb7de..f71245ed4072 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini_verifier.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
@@ -1,5 +1,5 @@
 
-#include "shplemini_verifier.hpp"
+#include "shplemini.hpp"
 #include "../commitment_key.test.hpp"
 #include "../gemini/gemini.hpp"
 #include "../kzg/kzg.hpp"
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp
index 5526feca2c3f..f8db79c9a2a2 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp
@@ -126,9 +126,10 @@ template <typename Curve> class ShplonkProver_ {
      * @param transcript
      * @return ProverOpeningClaim<Curve>
      */
+    template <typename Transcript>
     static ProverOpeningClaim<Curve> prove(const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
                                            std::span<ProverOpeningClaim<Curve>> opening_claims,
-                                           auto& transcript)
+                                           const std::shared_ptr<Transcript>& transcript)
     {
         const Fr nu = transcript->template get_challenge<Fr>("Shplonk:nu");
         auto batched_quotient = compute_batched_quotient(opening_claims, nu);
@@ -159,9 +160,10 @@ template <typename Curve> class ShplonkVerifier_ {
      * @param transcript
      * @return OpeningClaim
      */
+    template <typename Transcript>
     static OpeningClaim<Curve> reduce_verification(Commitment g1_identity,
                                                    std::span<const OpeningClaim<Curve>> claims,
-                                                   auto& transcript)
+                                                   std::shared_ptr<Transcript>& transcript)
     {
 
         const size_t num_claims = claims.size();
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
index e1ee3b92fcdf..9ef6903db264 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
@@ -336,8 +336,7 @@ template <typename Curve> class ZeroMorphProver_ {
     static OpeningClaim prove(FF circuit_size,
                               RefSpan<Polynomial> f_polynomials,
                               RefSpan<Polynomial> g_polynomials,
-                              RefSpan<FF> f_evaluations,
-                              RefSpan<FF> g_shift_evaluations,
+                              RefSpan<FF> multilinear_evaluations,
                               std::span<FF> multilinear_challenge,
                               const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
                               const std::shared_ptr<Transcript>& transcript,
@@ -371,17 +370,20 @@ template <typename Curve> class ZeroMorphProver_ {
         FF batched_evaluation{ 0 };
         Polynomial f_batched(N); // batched unshifted polynomials
         FF batching_scalar{ 1 };
-        for (auto [f_poly, f_eval] : zip_view(f_polynomials, f_evaluations)) {
+        size_t evaluation_idx = 0;
+        for (auto f_poly : f_polynomials) {
             f_batched.add_scaled(f_poly, batching_scalar);
-            batched_evaluation += batching_scalar * f_eval;
+            batched_evaluation += batching_scalar * multilinear_evaluations[evaluation_idx];
             batching_scalar *= rho;
+            evaluation_idx++;
         }
 
         Polynomial g_batched{ N - 1, N, 1 }; // batched to-be-shifted polynomials
-        for (auto [g_poly, g_shift_eval] : zip_view(g_polynomials, g_shift_evaluations)) {
+        for (auto g_poly : g_polynomials) {
             g_batched.add_scaled(g_poly, batching_scalar);
-            batched_evaluation += batching_scalar * g_shift_eval;
+            batched_evaluation += batching_scalar * multilinear_evaluations[evaluation_idx];
             batching_scalar *= rho;
+            evaluation_idx++;
         };
 
         size_t num_groups = concatenation_groups.size();
@@ -722,8 +724,7 @@ template <typename Curve> class ZeroMorphVerifier_ {
     static OpeningClaim<Curve> verify(FF circuit_size,
                                       RefSpan<Commitment> unshifted_commitments,
                                       RefSpan<Commitment> to_be_shifted_commitments,
-                                      RefSpan<FF> unshifted_evaluations,
-                                      RefSpan<FF> shifted_evaluations,
+                                      RefSpan<FF> multilinear_evaluations,
                                       std::span<FF> multivariate_challenge,
                                       const Commitment& g1_identity,
                                       const std::shared_ptr<Transcript>& transcript,
@@ -742,11 +743,7 @@ template <typename Curve> class ZeroMorphVerifier_ {
         // Construct batched evaluation v = sum_{i=0}^{m-1}\rho^i*f_i(u) + sum_{i=0}^{l-1}\rho^{m+i}*h_i(u)
         FF batched_evaluation = FF(0);
         FF batching_scalar = FF(1);
-        for (auto& value : unshifted_evaluations) {
-            batched_evaluation += value * batching_scalar;
-            batching_scalar *= rho;
-        }
-        for (auto& value : shifted_evaluations) {
+        for (auto& value : multilinear_evaluations) {
             batched_evaluation += value * batching_scalar;
             batching_scalar *= rho;
         }
@@ -808,4 +805,11 @@ template <typename Curve> class ZeroMorphVerifier_ {
     }
 };
 
+// This is temporary
+template <typename Curve> class ZeroMorph_ {
+  public:
+    using Prover = ZeroMorphProver_<Curve>;
+    using Verifier = ZeroMorphVerifier_<Curve>;
+};
+
 } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.test.cpp
index 1f060410679b..ab793cde8be5 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.test.cpp
@@ -208,13 +208,15 @@ template <class PCS> class ZeroMorphTest : public CommitmentTest<typename PCS::C
                           std::vector<Fr> u_challenge)
     {
         auto prover_transcript = NativeTranscript::prover_init_empty();
+        std::vector<Fr> multilinear_evaluations(unshifted.evaluations);
+        multilinear_evaluations.insert(
+            multilinear_evaluations.end(), shifted.evaluations.begin(), shifted.evaluations.end());
 
         // Execute Prover protocol
         auto prover_opening_claim = ZeroMorphProver::prove(N,
                                                            RefVector(unshifted.polynomials), // unshifted
                                                            RefVector(shifted.polynomials),   // to-be shifted
-                                                           RefVector(unshifted.evaluations), // unshifted
-                                                           RefVector(shifted.evaluations),   // shifted
+                                                           RefVector(multilinear_evaluations),
                                                            u_challenge,
                                                            this->commitment_key,
                                                            prover_transcript);
@@ -226,8 +228,7 @@ template <class PCS> class ZeroMorphTest : public CommitmentTest<typename PCS::C
         auto verifier_opening_claim = ZeroMorphVerifier::verify(N,
                                                                 RefVector(unshifted.commitments), // unshifted
                                                                 RefVector(shifted.commitments),   // to-be-shifted
-                                                                RefVector(unshifted.evaluations), // unshifted
-                                                                RefVector(shifted.evaluations),   // shifted
+                                                                RefVector(multilinear_evaluations),
                                                                 u_challenge,
                                                                 this->vk()->get_g1_identity(),
                                                                 verifier_transcript);
@@ -235,7 +236,6 @@ template <class PCS> class ZeroMorphTest : public CommitmentTest<typename PCS::C
 
         bool verified = false;
         if constexpr (std::same_as<PCS, KZG<curve::BN254>>) {
-
             result = PCS::reduce_verify(verifier_opening_claim, verifier_transcript);
             verified = this->vk()->pairing_check(result[0], result[1]);
         } else {
@@ -257,6 +257,9 @@ template <class PCS> class ZeroMorphTest : public CommitmentTest<typename PCS::C
                                              size_t NUM_CONCATENATED)
     {
         ConcatenationInputs concatenation = concatenation_inputs(u_challenge, NUM_CONCATENATED);
+        std::vector<Fr> multilinear_evaluations(unshifted.evaluations);
+        multilinear_evaluations.insert(
+            multilinear_evaluations.end(), shifted.evaluations.begin(), shifted.evaluations.end());
 
         auto prover_transcript = NativeTranscript::prover_init_empty();
 
@@ -265,8 +268,7 @@ template <class PCS> class ZeroMorphTest : public CommitmentTest<typename PCS::C
             ZeroMorphProver::prove(N,
                                    RefVector(unshifted.polynomials), // unshifted
                                    RefVector(shifted.polynomials),   // to-be-shifted
-                                   RefVector(unshifted.evaluations), // unshifted
-                                   RefVector(shifted.evaluations),   // shifted
+                                   RefVector(multilinear_evaluations),
                                    u_challenge,
                                    this->commitment_key,
                                    prover_transcript,
@@ -281,8 +283,7 @@ template <class PCS> class ZeroMorphTest : public CommitmentTest<typename PCS::C
             ZeroMorphVerifier::verify(N,
                                       RefVector(unshifted.commitments), // unshifted
                                       RefVector(shifted.commitments),   // to-be-shifted
-                                      RefVector(unshifted.evaluations), // unshifted
-                                      RefVector(shifted.evaluations),   // shifted
+                                      RefVector(multilinear_evaluations),
                                       u_challenge,
                                       this->vk()->get_g1_identity(),
                                       verifier_transcript,
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
index bbc04a799b79..282963fb5ff5 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
@@ -1,9 +1,9 @@
+#include "barretenberg/commitment_schemes/shplonk/shplemini.hpp"
 #include "barretenberg/circuit_checker/circuit_checker.hpp"
 #include "barretenberg/commitment_schemes/commitment_key.test.hpp"
 #include "barretenberg/commitment_schemes/gemini/gemini.hpp"
 #include "barretenberg/commitment_schemes/ipa/ipa.hpp"
 #include "barretenberg/commitment_schemes/kzg/kzg.hpp"
-#include "barretenberg/commitment_schemes/shplonk/shplemini_verifier.hpp"
 #include "barretenberg/commitment_schemes/shplonk/shplonk.hpp"
 #include "barretenberg/srs/global_crs.hpp"
 #include "barretenberg/stdlib/primitives/curves/bn254.hpp"
@@ -33,8 +33,7 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
     using NativeCurve = typename Curve::NativeCurve;
     using NativePCS = std::conditional_t<std::same_as<NativeCurve, curve::BN254>, KZG<NativeCurve>, IPA<NativeCurve>>;
     using CommitmentKey = typename NativePCS::CK;
-    using GeminiProver = GeminiProver_<NativeCurve>;
-    using ShplonkProver = ShplonkProver_<NativeCurve>;
+    using ShpleminiProver = ShpleminiProver_<NativeCurve>;
     using ShpleminiVerifier = ShpleminiVerifier_<Curve>;
     using Fr = typename Curve::ScalarField;
     using NativeFr = typename Curve::NativeCurve::ScalarField;
@@ -90,17 +89,13 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
 
     // Initialize an empty NativeTranscript
     auto prover_transcript = NativeTranscript::prover_init_empty();
-    auto prover_opening_claims = GeminiProver::prove(commitment_key,
-                                                     u_challenge,
-                                                     claimed_evaluations,
-                                                     RefVector(f_polynomials),
-                                                     RefVector(g_polynomials),
-                                                     prover_transcript);
-
-    // Shplonk prover output:
-    // - opening pair: (z_challenge, 0)
-    // - witness: polynomial Q - Q_z
-    ShplonkProver::prove(commitment_key, prover_opening_claims, prover_transcript);
+    auto prover_opening_claims = ShpleminiProver::prove(N,
+                                                        RefVector(f_polynomials),
+                                                        RefVector(g_polynomials),
+                                                        RefVector(claimed_evaluations),
+                                                        u_challenge,
+                                                        commitment_key,
+                                                        prover_transcript);
 
     Builder builder;
     StdlibProof<Builder> stdlib_proof = bb::convert_proof_to_witness(&builder, prover_transcript->proof_data);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
index a31be135de53..25ed21a16717 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
@@ -51,10 +51,10 @@ TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
 
     // Construct some random multilinear polynomials f_i and their evaluations v_i = f_i(u)
     std::vector<Polynomial> f_polynomials; // unshifted polynomials
-    std::vector<NativeFr> v_evaluations;
+    std::vector<NativeFr> multilinear_evaluations;
     for (size_t i = 0; i < NUM_UNSHIFTED; ++i) {
         f_polynomials.emplace_back(Polynomial::random(N, /* starting index for shift */ 1));
-        v_evaluations.emplace_back(f_polynomials[i].evaluate_mle(u_challenge));
+        multilinear_evaluations.emplace_back(f_polynomials[i].evaluate_mle(u_challenge));
     }
     // Construct some "shifted" multilinear polynomials h_i as the left-shift-by-1 of f_i
     std::vector<Polynomial> g_polynomials; // to-be-shifted polynomials
@@ -64,7 +64,7 @@ TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
         for (size_t i = 0; i < NUM_SHIFTED; ++i) {
             g_polynomials.emplace_back(f_polynomials[i]);
             h_polynomials.emplace_back(g_polynomials[i].shifted());
-            w_evaluations.emplace_back(h_polynomials[i].evaluate_mle(u_challenge));
+            multilinear_evaluations.emplace_back(h_polynomials[i].evaluate_mle(u_challenge));
         }
     }
 
@@ -88,8 +88,7 @@ TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
     ZeroMorphProver::prove(N,
                            RefVector(f_polynomials),
                            RefVector(g_polynomials),
-                           RefVector(v_evaluations),
-                           RefVector(w_evaluations),
+                           RefVector(multilinear_evaluations),
                            u_challenge,
                            commitment_key,
                            prover_transcript);
@@ -120,8 +119,7 @@ TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
     };
     auto stdlib_f_commitments = commitments_to_witnesses(f_commitments);
     auto stdlib_g_commitments = commitments_to_witnesses(g_commitments);
-    auto stdlib_v_evaluations = elements_to_witness(v_evaluations);
-    auto stdlib_w_evaluations = elements_to_witness(w_evaluations);
+    auto stdlib_multilinear_evaluations = elements_to_witness(multilinear_evaluations);
 
     std::vector<Fr> u_challenge_in_circuit(CONST_PROOF_SIZE_LOG_N);
     std::fill_n(u_challenge_in_circuit.begin(), CONST_PROOF_SIZE_LOG_N, Fr::from_witness(&builder, 0));
@@ -130,12 +128,9 @@ TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
     [[maybe_unused]] auto opening_claim = ZeroMorphVerifier::verify(Fr::from_witness(&builder, N),
                                                                     RefVector(stdlib_f_commitments), // unshifted
                                                                     RefVector(stdlib_g_commitments), // to-be-shifted
-                                                                    RefVector(stdlib_v_evaluations), // unshifted
-                                                                    RefVector(stdlib_w_evaluations), // shifted
+                                                                    RefVector(stdlib_multilinear_evaluations),
                                                                     u_challenge_in_circuit,
                                                                     Commitment::one(&builder),
-                                                                    stdlib_verifier_transcript,
-                                                                    {},
-                                                                    {});
+                                                                    stdlib_verifier_transcript);
     EXPECT_TRUE(CircuitChecker::check(builder));
 }
diff --git a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.cpp b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.cpp
index 76a64e54fd64..92cc3e005c7f 100644
--- a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.cpp
@@ -119,15 +119,13 @@ void ECCVMProver::execute_pcs_rounds()
 
     // Execute the ZeroMorph protocol to produce a univariate opening claim for the multilinear evaluations produced by
     // Sumcheck
-    auto multivariate_to_univariate_opening_claim =
-        ZeroMorph::prove(key->circuit_size,
-                         key->polynomials.get_unshifted(),
-                         key->polynomials.get_to_be_shifted(),
-                         sumcheck_output.claimed_evaluations.get_unshifted(),
-                         sumcheck_output.claimed_evaluations.get_shifted(),
-                         sumcheck_output.challenge,
-                         commitment_key,
-                         transcript);
+    auto multivariate_to_univariate_opening_claim = ZeroMorph::prove(key->circuit_size,
+                                                                     key->polynomials.get_unshifted(),
+                                                                     key->polynomials.get_to_be_shifted(),
+                                                                     sumcheck_output.claimed_evaluations.get_all(),
+                                                                     sumcheck_output.challenge,
+                                                                     commitment_key,
+                                                                     transcript);
 
     // Batch open the transcript polynomials as univariates for Translator consistency check. Since IPA cannot
     // currently handle polynomials for which the latter half of the coefficients are 0, we hackily
diff --git a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.cpp b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.cpp
index 26bd5ac6ce61..ffaf81848d46 100644
--- a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.cpp
@@ -64,8 +64,7 @@ bool ECCVMVerifier::verify_proof(const HonkProof& proof)
     auto multivariate_to_univariate_opening_claim = ZeroMorph::verify(circuit_size,
                                                                       commitments.get_unshifted(),
                                                                       commitments.get_to_be_shifted(),
-                                                                      claimed_evaluations.get_unshifted(),
-                                                                      claimed_evaluations.get_shifted(),
+                                                                      claimed_evaluations.get_all(),
                                                                       multivariate_challenge,
                                                                       key->pcs_verification_key->get_g1_identity(),
                                                                       transcript);
diff --git a/barretenberg/cpp/src/barretenberg/execution_trace/execution_trace.cpp b/barretenberg/cpp/src/barretenberg/execution_trace/execution_trace.cpp
index 70146181fccb..f3f54b8eaecf 100644
--- a/barretenberg/cpp/src/barretenberg/execution_trace/execution_trace.cpp
+++ b/barretenberg/cpp/src/barretenberg/execution_trace/execution_trace.cpp
@@ -4,6 +4,7 @@
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp"
+#include "barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp"
 namespace bb {
 
 template <class Flavor>
@@ -149,6 +150,7 @@ void ExecutionTrace_<Flavor>::add_ecc_op_wires_to_proving_key(Builder& builder,
 
 template class ExecutionTrace_<UltraFlavor>;
 template class ExecutionTrace_<UltraKeccakFlavor>;
+template class ExecutionTrace_<UltraKeccakWithGeminiFlavor>;
 template class ExecutionTrace_<MegaFlavor>;
 template class ExecutionTrace_<plonk::flavor::Standard>;
 template class ExecutionTrace_<plonk::flavor::Ultra>;
diff --git a/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp b/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp
index cc443d58fa6d..cbcffa46d04e 100644
--- a/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp
@@ -328,6 +328,7 @@ class UltraFlavor;
 class UltraFlavorWithZK;
 class ECCVMFlavor;
 class UltraKeccakFlavor;
+class UltraKeccakWithGeminiFlavor;
 class MegaFlavor;
 class TranslatorFlavor;
 class AvmFlavor;
@@ -358,16 +359,16 @@ template <typename T>
 concept IsPlonkFlavor = IsAnyOf<T, plonk::flavor::Standard, plonk::flavor::Ultra>;
 
 template <typename T>
-concept IsUltraPlonkFlavor = IsAnyOf<T, plonk::flavor::Ultra, UltraKeccakFlavor>;
+concept IsUltraPlonkFlavor = IsAnyOf<T, plonk::flavor::Ultra, UltraKeccakFlavor, UltraKeccakWithGeminiFlavor>;
 
 template <typename T>
-concept IsUltraPlonkOrHonk = IsAnyOf<T, plonk::flavor::Ultra, UltraFlavor, UltraKeccakFlavor, UltraFlavorWithZK, MegaFlavor>;
+concept IsUltraPlonkOrHonk = IsAnyOf<T, plonk::flavor::Ultra, UltraFlavor, UltraKeccakFlavor, UltraKeccakWithGeminiFlavor, UltraFlavorWithZK, MegaFlavor>;
 
 template <typename T>
-concept IsHonkFlavor = IsAnyOf<T, UltraFlavor, UltraKeccakFlavor, UltraFlavorWithZK, MegaFlavor>;
+concept IsHonkFlavor = IsAnyOf<T, UltraFlavor, UltraKeccakFlavor,UltraKeccakWithGeminiFlavor, UltraFlavorWithZK, MegaFlavor>;
 
 template <typename T>
-concept IsUltraFlavor = IsAnyOf<T, UltraFlavor, UltraKeccakFlavor, UltraFlavorWithZK, MegaFlavor>;
+concept IsUltraFlavor = IsAnyOf<T, UltraFlavor, UltraKeccakFlavor, UltraFlavorWithZK, UltraKeccakWithGeminiFlavor,MegaFlavor>;
 
 template <typename T>
 concept IsGoblinFlavor = IsAnyOf<T, MegaFlavor,
@@ -395,6 +396,7 @@ template <typename T> concept IsGrumpkinFlavor = IsAnyOf<T, ECCVMFlavor>;
 template <typename T> concept IsFoldingFlavor = IsAnyOf<T, UltraFlavor,
                                                            // Note(md): must be here to use oink prover
                                                            UltraKeccakFlavor,
+UltraKeccakWithGeminiFlavor,
                                                            UltraFlavorWithZK,
                                                            MegaFlavor,
                                                            UltraRecursiveFlavor_<UltraCircuitBuilder>,
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.cpp
index eeb04cddc997..5b0ceba14acf 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.cpp
@@ -75,8 +75,7 @@ template <typename Flavor> void ECCVMRecursiveVerifier_<Flavor>::verify_proof(co
     auto multivariate_to_univariate_opening_claim = ZeroMorph::verify(circuit_size,
                                                                       commitments.get_unshifted(),
                                                                       commitments.get_to_be_shifted(),
-                                                                      claimed_evaluations.get_unshifted(),
-                                                                      claimed_evaluations.get_shifted(),
+                                                                      claimed_evaluations.get_all(),
                                                                       multivariate_challenge,
                                                                       key->pcs_verification_key->get_g1_identity(),
                                                                       transcript);
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/decider_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/decider_recursive_verifier.cpp
index 96cc81cd8599..871d4a569d67 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/decider_recursive_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/decider_recursive_verifier.cpp
@@ -35,8 +35,7 @@ std::array<typename Flavor::GroupElement, 2> DeciderRecursiveVerifier_<Flavor>::
     auto opening_claim = ZeroMorph::verify(accumulator->verification_key->circuit_size,
                                            commitments.get_unshifted(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_unshifted(),
-                                           claimed_evaluations.get_shifted(),
+                                           claimed_evaluations.get_all(),
                                            multivariate_challenge,
                                            Commitment::one(builder),
                                            transcript);
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.cpp
index a728f3e3f7ed..302c81c8dc9d 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.cpp
@@ -95,8 +95,7 @@ UltraRecursiveVerifier_<Flavor>::AggregationObject UltraRecursiveVerifier_<Flavo
     auto opening_claim = ZeroMorph::verify(key->circuit_size,
                                            commitments.get_unshifted(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_unshifted(),
-                                           claimed_evaluations.get_shifted(),
+                                           claimed_evaluations.get_all(),
                                            multivariate_challenge,
                                            Commitment::one(builder),
                                            transcript);
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/circuit_builders/circuit_builders_fwd.hpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/circuit_builders/circuit_builders_fwd.hpp
index c3ea08590fdb..45f4c61d0bed 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/circuit_builders/circuit_builders_fwd.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/circuit_builders/circuit_builders_fwd.hpp
@@ -13,6 +13,7 @@ namespace bb {
 class StandardFlavor;
 class UltraFlavor;
 class UltraKeccakFlavor;
+class UltraKeccakWithGeminiFlavor;
 
 class Bn254FrParams;
 class Bn254FqParams;
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp
index 234122e1ec32..8ecfb904450a 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp
@@ -1,3 +1,4 @@
+
 #include "./translator_recursive_verifier.hpp"
 #include "barretenberg/commitment_schemes/zeromorph/zeromorph.hpp"
 #include "barretenberg/common/throw_or_abort.hpp"
@@ -120,8 +121,7 @@ std::array<typename Flavor::GroupElement, 2> TranslatorRecursiveVerifier_<Flavor
     auto opening_claim = ZeroMorph::verify(circuit_size,
                                            commitments.get_unshifted_without_concatenated(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_unshifted_without_concatenated(),
-                                           claimed_evaluations.get_shifted(),
+                                           claimed_evaluations.get_all_without_concatenated(),
                                            multivariate_challenge,
                                            Commitment::one(builder),
                                            transcript,
diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp
index 566c3e7d6d7c..1b315f2b2b6a 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp
@@ -1,5 +1,6 @@
 #pragma once
 #include "barretenberg/commitment_schemes/kzg/kzg.hpp"
+#include "barretenberg/commitment_schemes/zeromorph/zeromorph.hpp"
 #include "barretenberg/common/ref_vector.hpp"
 #include "barretenberg/flavor/flavor.hpp"
 #include "barretenberg/flavor/flavor_macros.hpp"
@@ -31,6 +32,7 @@ class MegaFlavor {
     using FF = Curve::ScalarField;
     using GroupElement = Curve::Element;
     using Commitment = Curve::AffineElement;
+    using BatchedMultilinearEvaluationScheme = ZeroMorph_<Curve>;
     using PCS = KZG<Curve>;
     using Polynomial = bb::Polynomial<FF>;
     using CommitmentKey = bb::CommitmentKey<Curve>;
diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
index fe5dbe526c99..114bd2c7eb43 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
@@ -1,5 +1,6 @@
 #pragma once
 #include "barretenberg/commitment_schemes/kzg/kzg.hpp"
+#include "barretenberg/commitment_schemes/zeromorph/zeromorph.hpp"
 #include "barretenberg/ecc/curves/bn254/g1.hpp"
 #include "barretenberg/flavor/flavor.hpp"
 #include "barretenberg/flavor/flavor_macros.hpp"
@@ -30,6 +31,7 @@ class UltraFlavor {
     using FF = Curve::ScalarField;
     using GroupElement = Curve::Element;
     using Commitment = Curve::AffineElement;
+    using BatchedMultilinearEvaluationScheme = ZeroMorph_<Curve>;
     using PCS = KZG<Curve>;
     using Polynomial = bb::Polynomial<FF>;
     using CommitmentKey = bb::CommitmentKey<Curve>;
diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp
new file mode 100644
index 000000000000..db8c5c47f0c7
--- /dev/null
+++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp
@@ -0,0 +1,11 @@
+#pragma once
+#include "barretenberg/commitment_schemes/shplonk/shplemini.hpp"
+#include "barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp"
+namespace bb {
+
+class UltraKeccakWithGeminiFlavor : public bb::UltraKeccakFlavor {
+  public:
+    using Curve = bb::UltraKeccakFlavor::Curve;
+    using BatchedMultilinearEvaluationScheme = Shplemini_<Curve>;
+};
+} // namespace bb
\ No newline at end of file
diff --git a/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp b/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp
index 205d0dd98536..1086d4b20bf2 100644
--- a/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp
@@ -683,6 +683,8 @@ class TranslatorFlavor {
                              this->ordered_range_constraints_4 };
         };
 
+        auto get_all_without_concatenated() { return concatenate(get_unshifted_without_concatenated(), get_shifted()); }
+
         // Gemini-specific getters.
         auto get_unshifted()
         {
diff --git a/barretenberg/cpp/src/barretenberg/translator_vm/translator_prover.cpp b/barretenberg/cpp/src/barretenberg/translator_vm/translator_prover.cpp
index b172d003f774..42b6e6f1cce0 100644
--- a/barretenberg/cpp/src/barretenberg/translator_vm/translator_prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/translator_vm/translator_prover.cpp
@@ -176,18 +176,16 @@ void TranslatorProver::execute_pcs_rounds()
 {
     using Curve = typename Flavor::Curve;
     using ZeroMorph = ZeroMorphProver_<Curve>;
-    auto prover_opening_claim =
-        ZeroMorph::prove(key->circuit_size,
-                         key->polynomials.get_unshifted_without_concatenated(),
-                         key->polynomials.get_to_be_shifted(),
-                         sumcheck_output.claimed_evaluations.get_unshifted_without_concatenated(),
-                         sumcheck_output.claimed_evaluations.get_shifted(),
-                         sumcheck_output.challenge,
-                         commitment_key,
-                         transcript,
-                         key->polynomials.get_concatenated_constraints(),
-                         sumcheck_output.claimed_evaluations.get_concatenated_constraints(),
-                         key->polynomials.get_concatenation_groups());
+    auto prover_opening_claim = ZeroMorph::prove(key->circuit_size,
+                                                 key->polynomials.get_unshifted_without_concatenated(),
+                                                 key->polynomials.get_to_be_shifted(),
+                                                 sumcheck_output.claimed_evaluations.get_all(),
+                                                 sumcheck_output.challenge,
+                                                 commitment_key,
+                                                 transcript,
+                                                 key->polynomials.get_concatenated_constraints(),
+                                                 sumcheck_output.claimed_evaluations.get_concatenated_constraints(),
+                                                 key->polynomials.get_concatenation_groups());
     PCS::compute_opening_proof(commitment_key, prover_opening_claim, transcript);
 }
 
diff --git a/barretenberg/cpp/src/barretenberg/translator_vm/translator_verifier.cpp b/barretenberg/cpp/src/barretenberg/translator_vm/translator_verifier.cpp
index 59429a359275..894db1bd9f94 100644
--- a/barretenberg/cpp/src/barretenberg/translator_vm/translator_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/translator_vm/translator_verifier.cpp
@@ -116,8 +116,7 @@ bool TranslatorVerifier::verify_proof(const HonkProof& proof)
     auto opening_claim = ZeroMorph::verify(circuit_size,
                                            commitments.get_unshifted_without_concatenated(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_unshifted_without_concatenated(),
-                                           claimed_evaluations.get_shifted(),
+                                           claimed_evaluations.get_all_without_concatenated(),
                                            multivariate_challenge,
                                            Commitment::one(),
                                            transcript,
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp
index 5d8defd5036e..6eb5004ac84b 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp
@@ -47,15 +47,14 @@ template <IsUltraFlavor Flavor> void DeciderProver_<Flavor>::execute_relation_ch
  * */
 template <IsUltraFlavor Flavor> void DeciderProver_<Flavor>::execute_pcs_rounds()
 {
-    using ZeroMorph = ZeroMorphProver_<Curve>;
-    auto prover_opening_claim = ZeroMorph::prove(proving_key->proving_key.circuit_size,
-                                                 proving_key->proving_key.polynomials.get_unshifted(),
-                                                 proving_key->proving_key.polynomials.get_to_be_shifted(),
-                                                 sumcheck_output.claimed_evaluations.get_unshifted(),
-                                                 sumcheck_output.claimed_evaluations.get_shifted(),
-                                                 sumcheck_output.challenge,
-                                                 commitment_key,
-                                                 transcript);
+    using Prover = Flavor::BatchedMultilinearEvaluationScheme::Prover;
+    auto prover_opening_claim = Prover::prove(proving_key->proving_key.circuit_size,
+                                              proving_key->proving_key.polynomials.get_unshifted(),
+                                              proving_key->proving_key.polynomials.get_to_be_shifted(),
+                                              sumcheck_output.claimed_evaluations.get_all(),
+                                              sumcheck_output.challenge,
+                                              commitment_key,
+                                              transcript);
     PCS::compute_opening_proof(commitment_key, prover_opening_claim, transcript);
 }
 
@@ -81,6 +80,7 @@ template <IsUltraFlavor Flavor> HonkProof DeciderProver_<Flavor>::construct_proo
 
 template class DeciderProver_<UltraFlavor>;
 template class DeciderProver_<UltraKeccakFlavor>;
+template class DeciderProver_<UltraKeccakWithGeminiFlavor>;
 template class DeciderProver_<MegaFlavor>;
 
 } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.hpp
index c85a9520d47c..854b64ab3f7b 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.hpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.hpp
@@ -4,6 +4,7 @@
 #include "barretenberg/relations/relation_parameters.hpp"
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
+#include "barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp"
 #include "barretenberg/sumcheck/sumcheck_output.hpp"
 #include "barretenberg/transcript/transcript.hpp"
 #include "barretenberg/ultra_honk/decider_proving_key.hpp"
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.cpp
index 1dcdaad737b2..2f0519bfa14c 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.cpp
@@ -82,6 +82,7 @@ void DeciderProvingKey_<Flavor>::construct_databus_polynomials(Circuit& circuit)
 
 template class DeciderProvingKey_<UltraFlavor>;
 template class DeciderProvingKey_<UltraKeccakFlavor>;
+template class DeciderProvingKey_<UltraKeccakWithGeminiFlavor>;
 template class DeciderProvingKey_<MegaFlavor>;
 
 } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.hpp
index fa2e344b5a3f..ad94c467a988 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.hpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.hpp
@@ -9,6 +9,7 @@
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp"
+#include "barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp"
 
 namespace bb {
 /**
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
index 8fb81f8749c6..b9e2687bf095 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
@@ -36,8 +36,8 @@ template <typename Flavor> bool DeciderVerifier_<Flavor>::verify_proof(const Dec
 template <typename Flavor> bool DeciderVerifier_<Flavor>::verify()
 {
     using PCS = typename Flavor::PCS;
-    using Curve = typename Flavor::Curve;
-    using ZeroMorph = ZeroMorphVerifier_<Curve>;
+    // using Curve = typename Flavor::Curve;
+    using Verifier = Flavor::BatchedMultilinearEvaluationScheme::Verifier;
     using VerifierCommitments = typename Flavor::VerifierCommitments;
 
     VerifierCommitments commitments{ accumulator->verification_key, accumulator->witness_commitments };
@@ -56,14 +56,13 @@ template <typename Flavor> bool DeciderVerifier_<Flavor>::verify()
 
     // Execute ZeroMorph rounds. See https://hackmd.io/dlf9xEwhTQyE3hiGbq4FsA?view for a complete description of the
     // unrolled protocol.
-    auto opening_claim = ZeroMorph::verify(accumulator->verification_key->circuit_size,
-                                           commitments.get_unshifted(),
-                                           commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_unshifted(),
-                                           claimed_evaluations.get_shifted(),
-                                           multivariate_challenge,
-                                           Commitment::one(),
-                                           transcript);
+    auto opening_claim = Verifier::verify(accumulator->verification_key->circuit_size,
+                                          commitments.get_unshifted(),
+                                          commitments.get_to_be_shifted(),
+                                          claimed_evaluations.get_all(),
+                                          multivariate_challenge,
+                                          Commitment::one(),
+                                          transcript);
     auto pairing_points = PCS::reduce_verify(opening_claim, transcript);
 
     auto verified = pcs_verification_key->pairing_check(pairing_points[0], pairing_points[1]);
@@ -73,6 +72,7 @@ template <typename Flavor> bool DeciderVerifier_<Flavor>::verify()
 
 template class DeciderVerifier_<UltraFlavor>;
 template class DeciderVerifier_<UltraKeccakFlavor>;
+template class DeciderVerifier_<UltraKeccakWithGeminiFlavor>;
 template class DeciderVerifier_<MegaFlavor>;
 
 } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.cpp
index 26e0f1cca5af..d2aa66e2b692 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.cpp
@@ -220,6 +220,7 @@ template <IsUltraFlavor Flavor> typename Flavor::RelationSeparator OinkProver<Fl
 
 template class OinkProver<UltraFlavor>;
 template class OinkProver<UltraKeccakFlavor>;
+template class OinkProver<UltraKeccakWithGeminiFlavor>;
 template class OinkProver<MegaFlavor>;
 
 } // namespace bb
\ No newline at end of file
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.hpp
index e252f7d904df..67834691ca74 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.hpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.hpp
@@ -22,6 +22,7 @@
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp"
+#include "barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp"
 #include "barretenberg/transcript/transcript.hpp"
 #include "barretenberg/ultra_honk/decider_proving_key.hpp"
 
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.cpp
index 227fa145a44c..6d18e3e74bcb 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.cpp
@@ -157,6 +157,7 @@ template <IsUltraFlavor Flavor> typename Flavor::RelationSeparator OinkVerifier<
 
 template class OinkVerifier<UltraFlavor>;
 template class OinkVerifier<UltraKeccakFlavor>;
+template class OinkVerifier<UltraKeccakWithGeminiFlavor>;
 template class OinkVerifier<MegaFlavor>;
 
 } // namespace bb
\ No newline at end of file
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.hpp
index fab7bcdff19d..4a3a48053026 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.hpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.hpp
@@ -6,6 +6,7 @@
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp"
+#include "barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp"
 #include "barretenberg/ultra_honk/decider_verification_key.hpp"
 
 namespace bb {
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp
index 62dfe74c9c1e..3381db58fb29 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp
@@ -47,7 +47,7 @@ template <typename Flavor> class UltraHonkTests : public ::testing::Test {
     static void SetUpTestSuite() { bb::srs::init_crs_factory("../srs_db/ignition"); }
 };
 
-using FlavorTypes = testing::Types<UltraFlavor, UltraKeccakFlavor>;
+using FlavorTypes = testing::Types<UltraFlavor, UltraKeccakFlavor, UltraKeccakWithGeminiFlavor>;
 TYPED_TEST_SUITE(UltraHonkTests, FlavorTypes);
 
 /**
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.cpp
index 2470b6a1c15d..7f7cb2f078bd 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.cpp
@@ -61,5 +61,6 @@ template <IsUltraFlavor Flavor> HonkProof UltraProver_<Flavor>::construct_proof(
 template class UltraProver_<UltraFlavor>;
 template class UltraProver_<UltraKeccakFlavor>;
 template class UltraProver_<MegaFlavor>;
+template class UltraProver_<UltraKeccakWithGeminiFlavor>;
 
 } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.hpp
index 6ab19509eb65..31f92818d352 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.hpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.hpp
@@ -4,6 +4,7 @@
 #include "barretenberg/relations/relation_parameters.hpp"
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
+#include "barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp"
 #include "barretenberg/sumcheck/sumcheck_output.hpp"
 #include "barretenberg/transcript/transcript.hpp"
 #include "barretenberg/ultra_honk/decider_proving_key.hpp"
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_verifier.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_verifier.cpp
index 6bd5b3fc3f19..e6689259a3e8 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_verifier.cpp
@@ -30,6 +30,7 @@ template <typename Flavor> bool UltraVerifier_<Flavor>::verify_proof(const HonkP
 
 template class UltraVerifier_<UltraFlavor>;
 template class UltraVerifier_<UltraKeccakFlavor>;
+template class UltraVerifier_<UltraKeccakWithGeminiFlavor>;
 template class UltraVerifier_<MegaFlavor>;
 
 } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/prover.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/prover.cpp
index 488bf1fc4b31..42fcce31b73d 100644
--- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/prover.cpp
@@ -130,8 +130,7 @@ void AvmProver::execute_pcs_rounds()
     auto prover_opening_claim = ZeroMorph::prove(key->circuit_size,
                                                  prover_polynomials.get_unshifted(),
                                                  prover_polynomials.get_to_be_shifted(),
-                                                 sumcheck_output.claimed_evaluations.get_unshifted(),
-                                                 sumcheck_output.claimed_evaluations.get_shifted(),
+                                                 sumcheck_output.claimed_evaluations.get_all(),
                                                  sumcheck_output.challenge,
                                                  commitment_key,
                                                  transcript);
diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.cpp
index bd132af86f62..c9295321a278 100644
--- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.cpp
@@ -140,8 +140,7 @@ bool AvmVerifier::verify_proof(const HonkProof& proof,
     auto opening_claim = ZeroMorph::verify(circuit_size,
                                            commitments.get_unshifted(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_unshifted(),
-                                           claimed_evaluations.get_shifted(),
+                                           claimed_evaluations.get_all(),
                                            multivariate_challenge,
                                            key->pcs_verification_key->get_g1_identity(),
                                            transcript);
diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.cpp
index 9148e568668c..a8fd0916fa1c 100644
--- a/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.cpp
@@ -85,8 +85,7 @@ AvmRecursiveVerifier_<Flavor>::AggregationObject AvmRecursiveVerifier_<Flavor>::
     auto opening_claim = Zeromorph::verify(circuit_size,
                                            commitments.get_unshifted(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_unshifted(),
-                                           claimed_evaluations.get_shifted(),
+                                           claimed_evaluations.get_all(),
                                            multivariate_challenge,
                                            Commitment::one(builder),
                                            transcript);
diff --git a/bb-pilcom/bb-pil-backend/templates/prover.cpp.hbs b/bb-pilcom/bb-pil-backend/templates/prover.cpp.hbs
index c8eada2e5062..8cf91ca2c2f4 100644
--- a/bb-pilcom/bb-pil-backend/templates/prover.cpp.hbs
+++ b/bb-pilcom/bb-pil-backend/templates/prover.cpp.hbs
@@ -131,8 +131,7 @@ void {{name}}Prover::execute_pcs_rounds()
     auto prover_opening_claim = ZeroMorph::prove(key->circuit_size,
                                                     prover_polynomials.get_unshifted(),
                                                     prover_polynomials.get_to_be_shifted(),
-                                                    sumcheck_output.claimed_evaluations.get_unshifted(),
-                                                    sumcheck_output.claimed_evaluations.get_shifted(),
+                                                    sumcheck_output.claimed_evaluations.get_all(),
                                                     sumcheck_output.challenge,
                                                     commitment_key,
                                                     transcript);
diff --git a/bb-pilcom/bb-pil-backend/templates/verifier.cpp.hbs b/bb-pilcom/bb-pil-backend/templates/verifier.cpp.hbs
index dbb2ad78685e..fb977f1b586c 100644
--- a/bb-pilcom/bb-pil-backend/templates/verifier.cpp.hbs
+++ b/bb-pilcom/bb-pil-backend/templates/verifier.cpp.hbs
@@ -119,8 +119,7 @@ bool {{name}}Verifier::verify_proof(const HonkProof& proof, [[maybe_unused]] con
     auto opening_claim = ZeroMorph::verify(circuit_size,
                                            commitments.get_unshifted(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_unshifted(),
-                                           claimed_evaluations.get_shifted(),
+                                           claimed_evaluations.get_all(),
                                            multivariate_challenge,
                                            key->pcs_verification_key->get_g1_identity(),
                                            transcript);

From a40cba3b061c94ea28f36e11c13a19d3dbc391c4 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Fri, 20 Sep 2024 11:41:06 +0000
Subject: [PATCH 08/25] get rid of a separate flavor, will just delete zm from
 the contract, something still makes proof not verify

---
 .../commitment_schemes/gemini/gemini.hpp      |  2 +-
 .../commitment_schemes/ipa/ipa.test.cpp       |  2 +-
 .../commitment_schemes/kzg/kzg.test.cpp       | 16 +++----
 .../commitment_schemes/shplonk/shplemini.hpp  | 47 +++----------------
 .../shplonk/shplemini.test.cpp                |  6 +--
 .../zeromorph/zeromorph.hpp                   |  7 ---
 .../shplemini.test.cpp                        |  2 +-
 .../execution_trace/execution_trace.cpp       |  2 -
 .../cpp/src/barretenberg/flavor/flavor.hpp    | 10 ++--
 .../circuit_builders/circuit_builders_fwd.hpp |  1 -
 .../stdlib_circuit_builders/mega_flavor.hpp   |  1 -
 .../stdlib_circuit_builders/ultra_flavor.hpp  |  1 -
 .../ultra_keccak_with_gemini_flavor.hpp       | 11 -----
 .../barretenberg/transcript/transcript.hpp    |  2 +-
 .../ultra_honk/decider_prover.cpp             | 19 ++++----
 .../ultra_honk/decider_prover.hpp             |  2 +-
 .../ultra_honk/decider_proving_key.cpp        |  1 -
 .../ultra_honk/decider_proving_key.hpp        |  1 -
 .../ultra_honk/decider_verifier.cpp           | 36 +++++++++-----
 .../ultra_honk/decider_verifier.hpp           |  1 +
 .../barretenberg/ultra_honk/oink_prover.cpp   |  1 -
 .../barretenberg/ultra_honk/oink_prover.hpp   |  1 -
 .../barretenberg/ultra_honk/oink_verifier.cpp |  1 -
 .../barretenberg/ultra_honk/oink_verifier.hpp |  1 -
 .../ultra_honk/ultra_honk.test.cpp            |  2 +-
 .../barretenberg/ultra_honk/ultra_prover.cpp  |  1 -
 .../barretenberg/ultra_honk/ultra_prover.hpp  |  1 -
 .../ultra_honk/ultra_verifier.cpp             |  1 -
 28 files changed, 63 insertions(+), 116 deletions(-)
 delete mode 100644 barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp

diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
index ce0fa0e2e91f..ea90f07cb82b 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
@@ -213,7 +213,7 @@ template <typename Curve> class GeminiVerifier_ {
     {
         std::vector<Fr> gemini_evaluations;
         gemini_evaluations.reserve(log_circuit_size);
-        for (size_t i = 0; i < log_circuit_size; ++i) {
+        for (size_t i = 1; i <= log_circuit_size; ++i) {
             const Fr evaluation = transcript->template receive_from_prover<Fr>("Gemini:a_" + std::to_string(i));
             gemini_evaluations.emplace_back(evaluation);
         }
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
index d41af0eefb3c..0b1fec24c903 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
@@ -336,7 +336,7 @@ TEST_F(IPATest, ShpleminiIPAWithShift)
 
     auto verifier_transcript = NativeTranscript::verifier_init_empty(prover_transcript);
 
-    const auto batch_opening_claim = ShpleminiVerifier::compute_batch_opening_claim(log_n,
+    const auto batch_opening_claim = ShpleminiVerifier::compute_batch_opening_claim(n,
                                                                                     RefVector(unshifted_commitments),
                                                                                     RefVector(shifted_commitments),
                                                                                     RefVector(multilinear_evaluations),
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
index 87278deef5d3..10230931c1a9 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
@@ -193,14 +193,14 @@ TYPED_TEST(KZGTest, ShpleminiKzgWithShift)
 
     // Gemini verifier output:
     // - claim: d+1 commitments to Fold_{r}^(0), Fold_{-r}^(0), Fold^(l), d+1 evaluations a_0_pos, a_l, l = 0:d-1
-    const auto batch_opening_claim = ShpleminiVerifier::verify(log_n,
-                                                               RefVector(unshifted_commitments),
-                                                               RefVector(shifted_commitments),
-                                                               RefVector(multilinear_evaluations),
-                                                               mle_opening_point,
-                                                               this->vk()->get_g1_identity(),
-                                                               verifier_transcript);
-    const auto pairing_points = KZG::reduce_verify(batch_opening_claim, verifier_transcript);
+    const auto batch_opening_claim = ShpleminiVerifier::compute_batch_opening_claim(n,
+                                                                                    RefVector(unshifted_commitments),
+                                                                                    RefVector(shifted_commitments),
+                                                                                    RefVector(multilinear_evaluations),
+                                                                                    mle_opening_point,
+                                                                                    this->vk()->get_g1_identity(),
+                                                                                    verifier_transcript);
+    const auto pairing_points = KZG::reduce_verify_batch_opening_claim(batch_opening_claim, verifier_transcript);
     // Final pairing check: e([Q] - [Q_z] + z[W], [1]_2) = e([W], [x]_2)
 
     EXPECT_EQ(this->vk()->pairing_check(pairing_points[0], pairing_points[1]), true);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
index 071ec824f1d8..8d4edab4ce82 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
@@ -104,38 +104,7 @@ template <typename Curve> class ShpleminiVerifier_ {
 
   public:
     template <typename Transcript>
-    static OpeningClaim<Curve> verify(const Fr circuit_size,
-                                      RefSpan<Commitment> unshifted_commitments,
-                                      RefSpan<Commitment> shifted_commitments,
-                                      RefSpan<Fr> claimed_evaluations,
-                                      const std::vector<Fr>& multivariate_challenge,
-                                      const Commitment& g1_identity,
-                                      std::shared_ptr<Transcript>& transcript)
-    {
-        Fr log_N = numeric::get_msb(static_cast<uint32_t>(circuit_size));
-
-        BatchOpeningClaim<Curve> batch_opening_claim = compute_batch_opening_claim(log_N,
-                                                                                   unshifted_commitments,
-                                                                                   shifted_commitments,
-                                                                                   claimed_evaluations,
-                                                                                   multivariate_challenge,
-                                                                                   g1_identity,
-                                                                                   transcript);
-
-        GroupElement commitment;
-        if constexpr (Curve::is_stdlib_type) {
-            commitment = GroupElement::batch_mul(batch_opening_claim.commitments,
-                                                 batch_opening_claim.scalars,
-                                                 /*max_num_bits=*/0,
-                                                 /*with_edgecases=*/true);
-        } else {
-            commitment = batch_mul_native(batch_opening_claim.commitments, batch_opening_claim.scalars);
-        }
-
-        return { { batch_opening_claim.evaluation_point, Fr(0) }, commitment };
-    }
-    template <typename Transcript>
-    static BatchOpeningClaim<Curve> compute_batch_opening_claim(const Fr log_N,
+    static BatchOpeningClaim<Curve> compute_batch_opening_claim(const Fr N,
                                                                 RefSpan<Commitment> unshifted_commitments,
                                                                 RefSpan<Commitment> shifted_commitments,
                                                                 RefSpan<Fr> claimed_evaluations,
@@ -143,13 +112,16 @@ template <typename Curve> class ShpleminiVerifier_ {
                                                                 const Commitment& g1_identity,
                                                                 std::shared_ptr<Transcript>& transcript)
     {
+
         // Extract log_circuit_size
         size_t log_circuit_size{ 0 };
+        info(N);
         if constexpr (Curve::is_stdlib_type) {
-            log_circuit_size = static_cast<uint32_t>(log_N.get_value());
+            log_circuit_size = numeric::get_msb(static_cast<uint32_t>(N.get_value()));
         } else {
-            log_circuit_size = static_cast<uint32_t>(log_N);
+            log_circuit_size = numeric::get_msb(static_cast<uint32_t>(N));
         }
+        info(log_circuit_size);
 
         // Get the challenge ρ to batch commitments to multilinear polynomials and their shifts
         const Fr multivariate_batching_challenge = transcript->template get_challenge<Fr>("rho");
@@ -381,11 +353,4 @@ template <typename Curve> class ShpleminiVerifier_ {
     }
 };
 
-// TODO: temporary hack
-template <typename Curve> class Shplemini_ {
-  public:
-    using Prover = ShpleminiProver_<Curve>;
-    using Verifier = ShpleminiVerifier_<Curve>;
-};
-
 } // namespace bb
\ No newline at end of file
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
index f71245ed4072..9edded91b10c 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
@@ -165,7 +165,7 @@ TYPED_TEST(ShpleminiTest, CorrectnessOfGeminiClaimBatching)
     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
     auto fold_polynomials = GeminiProver::compute_fold_polynomials(
-        mle_opening_point, std::move(batched_unshifted), std::move(batched_to_be_shifted));
+        log_n, mle_opening_point, std::move(batched_unshifted), std::move(batched_to_be_shifted));
 
     std::vector<Commitment> prover_commitments;
     for (size_t l = 0; l < log_n - 1; ++l) {
@@ -173,8 +173,8 @@ TYPED_TEST(ShpleminiTest, CorrectnessOfGeminiClaimBatching)
         prover_commitments.emplace_back(commitment);
     }
 
-    const auto opening_claims = GeminiProver::compute_fold_polynomial_evaluations(
-        mle_opening_point, std::move(fold_polynomials), gemini_eval_challenge);
+    const auto opening_claims =
+        GeminiProver::compute_fold_polynomial_evaluations(log_n, std::move(fold_polynomials), gemini_eval_challenge);
 
     std::vector<Fr> prover_evaluations;
     for (size_t l = 0; l < log_n; ++l) {
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
index 9ef6903db264..2511f2cd5229 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
@@ -805,11 +805,4 @@ template <typename Curve> class ZeroMorphVerifier_ {
     }
 };
 
-// This is temporary
-template <typename Curve> class ZeroMorph_ {
-  public:
-    using Prover = ZeroMorphProver_<Curve>;
-    using Verifier = ZeroMorphVerifier_<Curve>;
-};
-
 } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
index 282963fb5ff5..ae75f6c71f99 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
@@ -128,7 +128,7 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
     std::vector<Fr> u_challenge_in_circuit = elements_to_witness(u_challenge);
 
     [[maybe_unused]] auto opening_claim =
-        ShpleminiVerifier::compute_batch_opening_claim(Fr::from_witness(&builder, log_circuit_size),
+        ShpleminiVerifier::compute_batch_opening_claim(Fr::from_witness(&builder, circuit_size),
                                                        RefVector(stdlib_f_commitments),
                                                        RefVector(stdlib_g_commitments),
                                                        RefVector(stdlib_claimed_evaluations),
diff --git a/barretenberg/cpp/src/barretenberg/execution_trace/execution_trace.cpp b/barretenberg/cpp/src/barretenberg/execution_trace/execution_trace.cpp
index f3f54b8eaecf..70146181fccb 100644
--- a/barretenberg/cpp/src/barretenberg/execution_trace/execution_trace.cpp
+++ b/barretenberg/cpp/src/barretenberg/execution_trace/execution_trace.cpp
@@ -4,7 +4,6 @@
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp"
-#include "barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp"
 namespace bb {
 
 template <class Flavor>
@@ -150,7 +149,6 @@ void ExecutionTrace_<Flavor>::add_ecc_op_wires_to_proving_key(Builder& builder,
 
 template class ExecutionTrace_<UltraFlavor>;
 template class ExecutionTrace_<UltraKeccakFlavor>;
-template class ExecutionTrace_<UltraKeccakWithGeminiFlavor>;
 template class ExecutionTrace_<MegaFlavor>;
 template class ExecutionTrace_<plonk::flavor::Standard>;
 template class ExecutionTrace_<plonk::flavor::Ultra>;
diff --git a/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp b/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp
index cbcffa46d04e..e150eff27721 100644
--- a/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp
@@ -328,7 +328,6 @@ class UltraFlavor;
 class UltraFlavorWithZK;
 class ECCVMFlavor;
 class UltraKeccakFlavor;
-class UltraKeccakWithGeminiFlavor;
 class MegaFlavor;
 class TranslatorFlavor;
 class AvmFlavor;
@@ -359,16 +358,16 @@ template <typename T>
 concept IsPlonkFlavor = IsAnyOf<T, plonk::flavor::Standard, plonk::flavor::Ultra>;
 
 template <typename T>
-concept IsUltraPlonkFlavor = IsAnyOf<T, plonk::flavor::Ultra, UltraKeccakFlavor, UltraKeccakWithGeminiFlavor>;
+concept IsUltraPlonkFlavor = IsAnyOf<T, plonk::flavor::Ultra, UltraKeccakFlavor>;
 
 template <typename T>
-concept IsUltraPlonkOrHonk = IsAnyOf<T, plonk::flavor::Ultra, UltraFlavor, UltraKeccakFlavor, UltraKeccakWithGeminiFlavor, UltraFlavorWithZK, MegaFlavor>;
+concept IsUltraPlonkOrHonk = IsAnyOf<T, plonk::flavor::Ultra, UltraFlavor, UltraKeccakFlavor, UltraFlavorWithZK, MegaFlavor>;
 
 template <typename T>
-concept IsHonkFlavor = IsAnyOf<T, UltraFlavor, UltraKeccakFlavor,UltraKeccakWithGeminiFlavor, UltraFlavorWithZK, MegaFlavor>;
+concept IsHonkFlavor = IsAnyOf<T, UltraFlavor, UltraKeccakFlavor, UltraFlavorWithZK, MegaFlavor>;
 
 template <typename T>
-concept IsUltraFlavor = IsAnyOf<T, UltraFlavor, UltraKeccakFlavor, UltraFlavorWithZK, UltraKeccakWithGeminiFlavor,MegaFlavor>;
+concept IsUltraFlavor = IsAnyOf<T, UltraFlavor, UltraKeccakFlavor, UltraFlavorWithZK,MegaFlavor>;
 
 template <typename T>
 concept IsGoblinFlavor = IsAnyOf<T, MegaFlavor,
@@ -396,7 +395,6 @@ template <typename T> concept IsGrumpkinFlavor = IsAnyOf<T, ECCVMFlavor>;
 template <typename T> concept IsFoldingFlavor = IsAnyOf<T, UltraFlavor,
                                                            // Note(md): must be here to use oink prover
                                                            UltraKeccakFlavor,
-UltraKeccakWithGeminiFlavor,
                                                            UltraFlavorWithZK,
                                                            MegaFlavor,
                                                            UltraRecursiveFlavor_<UltraCircuitBuilder>,
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/circuit_builders/circuit_builders_fwd.hpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/circuit_builders/circuit_builders_fwd.hpp
index 45f4c61d0bed..c3ea08590fdb 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/circuit_builders/circuit_builders_fwd.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/circuit_builders/circuit_builders_fwd.hpp
@@ -13,7 +13,6 @@ namespace bb {
 class StandardFlavor;
 class UltraFlavor;
 class UltraKeccakFlavor;
-class UltraKeccakWithGeminiFlavor;
 
 class Bn254FrParams;
 class Bn254FqParams;
diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp
index 1b315f2b2b6a..0863d32932b0 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp
@@ -32,7 +32,6 @@ class MegaFlavor {
     using FF = Curve::ScalarField;
     using GroupElement = Curve::Element;
     using Commitment = Curve::AffineElement;
-    using BatchedMultilinearEvaluationScheme = ZeroMorph_<Curve>;
     using PCS = KZG<Curve>;
     using Polynomial = bb::Polynomial<FF>;
     using CommitmentKey = bb::CommitmentKey<Curve>;
diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
index 114bd2c7eb43..de5c6cf50756 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
@@ -31,7 +31,6 @@ class UltraFlavor {
     using FF = Curve::ScalarField;
     using GroupElement = Curve::Element;
     using Commitment = Curve::AffineElement;
-    using BatchedMultilinearEvaluationScheme = ZeroMorph_<Curve>;
     using PCS = KZG<Curve>;
     using Polynomial = bb::Polynomial<FF>;
     using CommitmentKey = bb::CommitmentKey<Curve>;
diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp
deleted file mode 100644
index db8c5c47f0c7..000000000000
--- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp
+++ /dev/null
@@ -1,11 +0,0 @@
-#pragma once
-#include "barretenberg/commitment_schemes/shplonk/shplemini.hpp"
-#include "barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp"
-namespace bb {
-
-class UltraKeccakWithGeminiFlavor : public bb::UltraKeccakFlavor {
-  public:
-    using Curve = bb::UltraKeccakFlavor::Curve;
-    using BatchedMultilinearEvaluationScheme = Shplemini_<Curve>;
-};
-} // namespace bb
\ No newline at end of file
diff --git a/barretenberg/cpp/src/barretenberg/transcript/transcript.hpp b/barretenberg/cpp/src/barretenberg/transcript/transcript.hpp
index 06f69bdcb131..6eb811942374 100644
--- a/barretenberg/cpp/src/barretenberg/transcript/transcript.hpp
+++ b/barretenberg/cpp/src/barretenberg/transcript/transcript.hpp
@@ -1,6 +1,6 @@
 #pragma once
 // #define LOG_CHALLENGES
-// #define LOG_INTERACTIONS
+#define LOG_INTERACTIONS
 
 #include "barretenberg/common/debug_log.hpp"
 #include "barretenberg/ecc/curves/bn254/fr.hpp"
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp
index 6eb5004ac84b..71c094cfb554 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp
@@ -47,14 +47,16 @@ template <IsUltraFlavor Flavor> void DeciderProver_<Flavor>::execute_relation_ch
  * */
 template <IsUltraFlavor Flavor> void DeciderProver_<Flavor>::execute_pcs_rounds()
 {
-    using Prover = Flavor::BatchedMultilinearEvaluationScheme::Prover;
-    auto prover_opening_claim = Prover::prove(proving_key->proving_key.circuit_size,
-                                              proving_key->proving_key.polynomials.get_unshifted(),
-                                              proving_key->proving_key.polynomials.get_to_be_shifted(),
-                                              sumcheck_output.claimed_evaluations.get_all(),
-                                              sumcheck_output.challenge,
-                                              commitment_key,
-                                              transcript);
+    using BatchedMultivariateOpeningScheme =
+        std::conditional_t<IsAnyOf<Flavor, UltraKeccakFlavor>, ShpleminiProver_<Curve>, ZeroMorphProver_<Curve>>;
+    auto prover_opening_claim =
+        BatchedMultivariateOpeningScheme::prove(proving_key->proving_key.circuit_size,
+                                                proving_key->proving_key.polynomials.get_unshifted(),
+                                                proving_key->proving_key.polynomials.get_to_be_shifted(),
+                                                sumcheck_output.claimed_evaluations.get_all(),
+                                                sumcheck_output.challenge,
+                                                commitment_key,
+                                                transcript);
     PCS::compute_opening_proof(commitment_key, prover_opening_claim, transcript);
 }
 
@@ -80,7 +82,6 @@ template <IsUltraFlavor Flavor> HonkProof DeciderProver_<Flavor>::construct_proo
 
 template class DeciderProver_<UltraFlavor>;
 template class DeciderProver_<UltraKeccakFlavor>;
-template class DeciderProver_<UltraKeccakWithGeminiFlavor>;
 template class DeciderProver_<MegaFlavor>;
 
 } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.hpp
index 854b64ab3f7b..05edb01d22ab 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.hpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.hpp
@@ -1,10 +1,10 @@
 #pragma once
+#include "barretenberg/commitment_schemes/shplonk/shplemini.hpp"
 #include "barretenberg/commitment_schemes/zeromorph/zeromorph.hpp"
 #include "barretenberg/honk/proof_system/types/proof.hpp"
 #include "barretenberg/relations/relation_parameters.hpp"
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
-#include "barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp"
 #include "barretenberg/sumcheck/sumcheck_output.hpp"
 #include "barretenberg/transcript/transcript.hpp"
 #include "barretenberg/ultra_honk/decider_proving_key.hpp"
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.cpp
index 2f0519bfa14c..1dcdaad737b2 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.cpp
@@ -82,7 +82,6 @@ void DeciderProvingKey_<Flavor>::construct_databus_polynomials(Circuit& circuit)
 
 template class DeciderProvingKey_<UltraFlavor>;
 template class DeciderProvingKey_<UltraKeccakFlavor>;
-template class DeciderProvingKey_<UltraKeccakWithGeminiFlavor>;
 template class DeciderProvingKey_<MegaFlavor>;
 
 } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.hpp
index ad94c467a988..fa2e344b5a3f 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.hpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_proving_key.hpp
@@ -9,7 +9,6 @@
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp"
-#include "barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp"
 
 namespace bb {
 /**
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
index b9e2687bf095..3b9dd07dc1b5 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
@@ -36,8 +36,10 @@ template <typename Flavor> bool DeciderVerifier_<Flavor>::verify_proof(const Dec
 template <typename Flavor> bool DeciderVerifier_<Flavor>::verify()
 {
     using PCS = typename Flavor::PCS;
-    // using Curve = typename Flavor::Curve;
-    using Verifier = Flavor::BatchedMultilinearEvaluationScheme::Verifier;
+    using Curve = typename Flavor::Curve;
+    using GroupElement = typename Curve::Element;
+    using ZeroMorph = ZeroMorphVerifier_<Curve>;
+    using Shplemini = ShpleminiVerifier_<Curve>;
     using VerifierCommitments = typename Flavor::VerifierCommitments;
 
     VerifierCommitments commitments{ accumulator->verification_key, accumulator->witness_commitments };
@@ -54,16 +56,29 @@ template <typename Flavor> bool DeciderVerifier_<Flavor>::verify()
         return false;
     }
 
+    std::array<GroupElement, 2> pairing_points;
+    if constexpr (bb::IsAnyOf<Flavor, UltraKeccakFlavor>) {
+        auto opening_claim = Shplemini::compute_batch_opening_claim(accumulator->verification_key->circuit_size,
+                                                                    commitments.get_unshifted(),
+                                                                    commitments.get_shifted(),
+                                                                    claimed_evaluations.get_all(),
+                                                                    multivariate_challenge,
+                                                                    Commitment::one(),
+                                                                    transcript);
+        pairing_points = PCS::reduce_verify_batch_opening_claim(opening_claim, transcript);
+
+    } else {
+        auto opening_claim = ZeroMorph::verify(accumulator->verification_key->circuit_size,
+                                               commitments.get_unshifted(),
+                                               commitments.get_to_be_shifted(),
+                                               claimed_evaluations.get_all(),
+                                               multivariate_challenge,
+                                               Commitment::one(),
+                                               transcript);
+        pairing_points = PCS::reduce_verify(opening_claim, transcript);
+    }
     // Execute ZeroMorph rounds. See https://hackmd.io/dlf9xEwhTQyE3hiGbq4FsA?view for a complete description of the
     // unrolled protocol.
-    auto opening_claim = Verifier::verify(accumulator->verification_key->circuit_size,
-                                          commitments.get_unshifted(),
-                                          commitments.get_to_be_shifted(),
-                                          claimed_evaluations.get_all(),
-                                          multivariate_challenge,
-                                          Commitment::one(),
-                                          transcript);
-    auto pairing_points = PCS::reduce_verify(opening_claim, transcript);
 
     auto verified = pcs_verification_key->pairing_check(pairing_points[0], pairing_points[1]);
 
@@ -72,7 +87,6 @@ template <typename Flavor> bool DeciderVerifier_<Flavor>::verify()
 
 template class DeciderVerifier_<UltraFlavor>;
 template class DeciderVerifier_<UltraKeccakFlavor>;
-template class DeciderVerifier_<UltraKeccakWithGeminiFlavor>;
 template class DeciderVerifier_<MegaFlavor>;
 
 } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.hpp
index 904b0a8b9685..f69cea8cf378 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.hpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.hpp
@@ -1,4 +1,5 @@
 #pragma once
+#include "barretenberg/commitment_schemes/shplonk/shplemini.hpp"
 #include "barretenberg/honk/proof_system/types/proof.hpp"
 #include "barretenberg/srs/global_crs.hpp"
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.cpp
index d2aa66e2b692..26e0f1cca5af 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.cpp
@@ -220,7 +220,6 @@ template <IsUltraFlavor Flavor> typename Flavor::RelationSeparator OinkProver<Fl
 
 template class OinkProver<UltraFlavor>;
 template class OinkProver<UltraKeccakFlavor>;
-template class OinkProver<UltraKeccakWithGeminiFlavor>;
 template class OinkProver<MegaFlavor>;
 
 } // namespace bb
\ No newline at end of file
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.hpp
index 67834691ca74..e252f7d904df 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.hpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_prover.hpp
@@ -22,7 +22,6 @@
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp"
-#include "barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp"
 #include "barretenberg/transcript/transcript.hpp"
 #include "barretenberg/ultra_honk/decider_proving_key.hpp"
 
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.cpp
index 6d18e3e74bcb..227fa145a44c 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.cpp
@@ -157,7 +157,6 @@ template <IsUltraFlavor Flavor> typename Flavor::RelationSeparator OinkVerifier<
 
 template class OinkVerifier<UltraFlavor>;
 template class OinkVerifier<UltraKeccakFlavor>;
-template class OinkVerifier<UltraKeccakWithGeminiFlavor>;
 template class OinkVerifier<MegaFlavor>;
 
 } // namespace bb
\ No newline at end of file
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.hpp
index 4a3a48053026..fab7bcdff19d 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.hpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/oink_verifier.hpp
@@ -6,7 +6,6 @@
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp"
-#include "barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp"
 #include "barretenberg/ultra_honk/decider_verification_key.hpp"
 
 namespace bb {
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp
index 3381db58fb29..62dfe74c9c1e 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp
@@ -47,7 +47,7 @@ template <typename Flavor> class UltraHonkTests : public ::testing::Test {
     static void SetUpTestSuite() { bb::srs::init_crs_factory("../srs_db/ignition"); }
 };
 
-using FlavorTypes = testing::Types<UltraFlavor, UltraKeccakFlavor, UltraKeccakWithGeminiFlavor>;
+using FlavorTypes = testing::Types<UltraFlavor, UltraKeccakFlavor>;
 TYPED_TEST_SUITE(UltraHonkTests, FlavorTypes);
 
 /**
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.cpp
index 7f7cb2f078bd..2470b6a1c15d 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.cpp
@@ -61,6 +61,5 @@ template <IsUltraFlavor Flavor> HonkProof UltraProver_<Flavor>::construct_proof(
 template class UltraProver_<UltraFlavor>;
 template class UltraProver_<UltraKeccakFlavor>;
 template class UltraProver_<MegaFlavor>;
-template class UltraProver_<UltraKeccakWithGeminiFlavor>;
 
 } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.hpp
index 31f92818d352..6ab19509eb65 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.hpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_prover.hpp
@@ -4,7 +4,6 @@
 #include "barretenberg/relations/relation_parameters.hpp"
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_flavor.hpp"
-#include "barretenberg/stdlib_circuit_builders/ultra_keccak_with_gemini_flavor.hpp"
 #include "barretenberg/sumcheck/sumcheck_output.hpp"
 #include "barretenberg/transcript/transcript.hpp"
 #include "barretenberg/ultra_honk/decider_proving_key.hpp"
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_verifier.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_verifier.cpp
index e6689259a3e8..6bd5b3fc3f19 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_verifier.cpp
@@ -30,7 +30,6 @@ template <typename Flavor> bool UltraVerifier_<Flavor>::verify_proof(const HonkP
 
 template class UltraVerifier_<UltraFlavor>;
 template class UltraVerifier_<UltraKeccakFlavor>;
-template class UltraVerifier_<UltraKeccakWithGeminiFlavor>;
 template class UltraVerifier_<MegaFlavor>;
 
 } // namespace bb

From 81363df734a1725543470510e51524ed2dd3a6a2 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Sat, 21 Sep 2024 11:17:31 +0000
Subject: [PATCH 09/25] stuff

---
 .../cpp/src/barretenberg/ultra_honk/decider_verifier.cpp        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
index 3b9dd07dc1b5..9adfcf9dfa85 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
@@ -60,7 +60,7 @@ template <typename Flavor> bool DeciderVerifier_<Flavor>::verify()
     if constexpr (bb::IsAnyOf<Flavor, UltraKeccakFlavor>) {
         auto opening_claim = Shplemini::compute_batch_opening_claim(accumulator->verification_key->circuit_size,
                                                                     commitments.get_unshifted(),
-                                                                    commitments.get_shifted(),
+                                                                    commitments.get_to_be_shifted(),
                                                                     claimed_evaluations.get_all(),
                                                                     multivariate_challenge,
                                                                     Commitment::one(),

From 09a14cf6bb6390ccbc053272eb588ae946032ab3 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Sat, 21 Sep 2024 11:59:09 +0000
Subject: [PATCH 10/25] remove Zeromorph

---
 .../dsl/acir_proofs/honk_contract.hpp         | 405 +-----------------
 barretenberg/sol/src/honk/HonkTypes.sol       |   4 -
 barretenberg/sol/src/honk/HonkVerifier.sol    | 215 +---------
 barretenberg/sol/src/honk/Transcript.sol      |  95 +---
 .../sol/src/honk/instance/Add2Honk.sol        | 214 +--------
 .../sol/src/honk/instance/BlakeHonk.sol       | 215 +---------
 .../sol/src/honk/instance/EcdsaHonk.sol       | 215 +---------
 .../honk/keys/EcdsaHonkVerificationKey.sol    |  84 ++--
 .../ultra/keys/Add2UltraVerificationKey.sol   |   4 +-
 .../ultra/keys/BlakeUltraVerificationKey.sol  |   4 +-
 .../ultra/keys/EcdsaUltraVerificationKey.sol  |  76 ++--
 .../keys/RecursiveUltraVerificationKey.sol    | 104 ++---
 12 files changed, 215 insertions(+), 1420 deletions(-)

diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/honk_contract.hpp b/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/honk_contract.hpp
index 3a62a688bac1..7a451cd81f23 100644
--- a/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/honk_contract.hpp
+++ b/barretenberg/cpp/src/barretenberg/dsl/acir_proofs/honk_contract.hpp
@@ -263,10 +263,6 @@ library Honk {
         // Sumcheck
         Fr[BATCHED_RELATION_PARTIAL_LENGTH][CONST_PROOF_SIZE_LOG_N] sumcheckUnivariates;
         Fr[NUMBER_OF_ENTITIES] sumcheckEvaluations;
-        // Zero morph
-        Honk.G1ProofPoint[CONST_PROOF_SIZE_LOG_N] zmCqs;
-        Honk.G1ProofPoint zmCq;
-        Honk.G1ProofPoint zmPi;
     }
 }
 
@@ -281,12 +277,6 @@ struct Transcript {
     Fr[NUMBER_OF_ALPHAS] alphas;
     Fr[CONST_PROOF_SIZE_LOG_N] gateChallenges;
     Fr[CONST_PROOF_SIZE_LOG_N] sumCheckUChallenges;
-    Fr rho;
-    // Zero morph
-    Fr zmX;
-    Fr zmY;
-    Fr zmZ;
-    Fr zmQuotient;
     // Derived
     Fr publicInputsDelta;
     Fr lookupGrandProductDelta;
@@ -308,11 +298,6 @@ library TranscriptLib {
         (t.gateChallenges, previousChallenge) = generateGateChallenges(previousChallenge);
 
         (t.sumCheckUChallenges, previousChallenge) = generateSumcheckChallenges(proof, previousChallenge);
-        (t.rho, previousChallenge) = generateRhoChallenge(proof, previousChallenge);
-
-        (t.zmY, previousChallenge) = generateZMYChallenge(previousChallenge, proof);
-
-        (t.zmX, t.zmZ, previousChallenge) = generateZMXZChallenges(previousChallenge, proof);
 
         return t;
     }
@@ -436,52 +421,6 @@ library TranscriptLib {
         }
         nextPreviousChallenge = prevChallenge;
     }
-
-    function generateRhoChallenge(Honk.Proof memory proof, Fr prevChallenge) internal view returns (Fr rho, Fr nextPreviousChallenge)
-    {
-        Fr[NUMBER_OF_ENTITIES + 1] memory rhoChallengeElements;
-        rhoChallengeElements[0] = prevChallenge;
-
-        // TODO(https://github.com/AztecProtocol/barretenberg/issues/1098): memcpy
-        for (uint256 i = 0; i < NUMBER_OF_ENTITIES; i++) {
-            rhoChallengeElements[i + 1] = proof.sumcheckEvaluations[i];
-        }
-
-        nextPreviousChallenge = FrLib.fromBytes32(keccak256(abi.encodePacked(rhoChallengeElements)));
-        Fr unused;
-        (rho, unused) = splitChallenge(nextPreviousChallenge);
-    }
-
-    function generateZMYChallenge(Fr previousChallenge, Honk.Proof memory proof) internal view returns (Fr zeromorphY, Fr nextPreviousChallenge)
-    {
-        uint256[CONST_PROOF_SIZE_LOG_N * 4 + 1] memory zmY;
-        zmY[0] = Fr.unwrap(previousChallenge);
-
-        for (uint256 i; i < CONST_PROOF_SIZE_LOG_N; ++i) {
-            zmY[1 + i * 4] = proof.zmCqs[i].x_0;
-            zmY[2 + i * 4] = proof.zmCqs[i].x_1;
-            zmY[3 + i * 4] = proof.zmCqs[i].y_0;
-            zmY[4 + i * 4] = proof.zmCqs[i].y_1;
-        }
-
-        nextPreviousChallenge = FrLib.fromBytes32(keccak256(abi.encodePacked(zmY)));
-        Fr unused;
-        (zeromorphY, unused) = splitChallenge(nextPreviousChallenge);
-    }
-
-    function generateZMXZChallenges(Fr previousChallenge, Honk.Proof memory proof) internal pure returns (Fr zeromorphX, Fr zeromorphZ, Fr nextPreviousChallenge)
-    {
-        uint256[4 + 1] memory buf;
-        buf[0] = Fr.unwrap(previousChallenge);
-
-        buf[1] = proof.zmCq.x_0;
-        buf[2] = proof.zmCq.x_1;
-        buf[3] = proof.zmCq.y_0;
-        buf[4] = proof.zmCq.y_1;
-
-        nextPreviousChallenge = FrLib.fromBytes32(keccak256(abi.encodePacked(buf)));
-        (zeromorphX, zeromorphZ) = splitChallenge(nextPreviousChallenge);
-    }
 }
 
 // EC Point utilities
@@ -1219,7 +1158,6 @@ library RelationsLib {
 // Errors
 error PublicInputsLengthWrong();
 error SumcheckFailed();
-error ZeromorphFailed();
 
 interface IVerifier {
     function verify(bytes calldata _proof, bytes32[] calldata _publicInputs) external view returns (bool);
@@ -1246,11 +1184,8 @@ contract HonkVerifier is IVerifier
         // Sumcheck
         bool sumcheckVerified = verifySumcheck(p, t);
         if (!sumcheckVerified) revert SumcheckFailed();
-        // Zeromorph
-        bool zeromorphVerified = verifyZeroMorph(p, vk, t);
-        if (!zeromorphVerified) revert ZeromorphFailed();
 
-        return sumcheckVerified && zeromorphVerified; // Boolean condition not required - nice for vanity :)
+        return sumcheckVerified; // Boolean condition not required - nice for vanity :)
     }
 
     function loadVerificationKey() internal view returns (Honk.VerificationKey memory) {
@@ -1347,45 +1282,6 @@ contract HonkVerifier is IVerifier
         }
 
         boundary = boundary + (NUMBER_OF_ENTITIES * 0x20);
-        // Zero morph Commitments
-        for (uint256 i = 0; i < CONST_PROOF_SIZE_LOG_N; i++) {
-            // Explicitly stating the x0, x1, y0, y1 start and end boundaries to make the calldata slicing bearable
-            uint256 xStart = boundary + (i * 0x80);
-            uint256 xEnd = xStart + 0x20;
-
-            uint256 x1Start = xEnd;
-            uint256 x1End = x1Start + 0x20;
-
-            uint256 yStart = x1End;
-            uint256 yEnd = yStart + 0x20;
-
-            uint256 y1Start = yEnd;
-            uint256 y1End = y1Start + 0x20;
-
-            p.zmCqs[i] = Honk.G1ProofPoint({
-                x_0: uint256(bytes32(proof[xStart:xEnd])),
-                x_1: uint256(bytes32(proof[x1Start:x1End])),
-                y_0: uint256(bytes32(proof[yStart:yEnd])),
-                y_1: uint256(bytes32(proof[y1Start:y1End]))
-            });
-        }
-
-        boundary = boundary + (CONST_PROOF_SIZE_LOG_N * 0x80);
-
-        p.zmCq = Honk.G1ProofPoint({
-            x_0: uint256(bytes32(proof[boundary:boundary + 0x20])),
-            x_1: uint256(bytes32(proof[boundary + 0x20:boundary + 0x40])),
-            y_0: uint256(bytes32(proof[boundary + 0x40:boundary + 0x60])),
-            y_1: uint256(bytes32(proof[boundary + 0x60:boundary + 0x80]))
-        });
-
-        p.zmPi = Honk.G1ProofPoint({
-            x_0: uint256(bytes32(proof[boundary + 0x80:boundary + 0xa0])),
-            x_1: uint256(bytes32(proof[boundary + 0xa0:boundary + 0xc0])),
-            y_0: uint256(bytes32(proof[boundary + 0xc0:boundary + 0xe0])),
-            y_1: uint256(bytes32(proof[boundary + 0xe0:boundary + 0x100]))
-        });
-
         return p;
     }
 
@@ -1515,305 +1411,6 @@ contract HonkVerifier is IVerifier
         Fr univariateEval = Fr.wrap(1) + (roundChallenge * (tp.gateChallenges[round] - Fr.wrap(1)));
         newEvaluation = currentEvaluation * univariateEval;
     }
-
-    function verifyZeroMorph(Honk.Proof memory proof, Honk.VerificationKey memory vk, Transcript memory tp)
-        internal
-        view
-        returns (bool verified)
-    {
-        // Construct batched evaluation v = sum_{i=0}^{m-1}\rho^i*f_i(u) + sum_{i=0}^{l-1}\rho^{m+i}*h_i(u)
-        Fr batchedEval = Fr.wrap(0);
-        Fr batchedScalar = Fr.wrap(1);
-
-        // We linearly combine all evaluations (unshifted first, then shifted)
-        for (uint256 i = 0; i < NUMBER_OF_ENTITIES; ++i) {
-            batchedEval = batchedEval + proof.sumcheckEvaluations[i] * batchedScalar;
-            batchedScalar = batchedScalar * tp.rho;
-        }
-
-        // Get k commitments
-        Honk.G1Point memory c_zeta = computeCZeta(proof, tp);
-        Honk.G1Point memory c_zeta_x = computeCZetaX(proof, vk, tp, batchedEval);
-        Honk.G1Point memory c_zeta_Z = ecAdd(c_zeta, ecMul(c_zeta_x, tp.zmZ));
-
-        // KZG pairing accumulator
-        Fr evaluation = Fr.wrap(0);
-        verified = zkgReduceVerify(proof, tp, evaluation, c_zeta_Z);
-    }
-
-    // Compute commitment to lifted degree quotient identity
-    function computeCZeta(Honk.Proof memory proof, Transcript memory tp) internal view returns (Honk.G1Point memory) {
-        Fr[LOG_N + 1] memory scalars;
-        Honk.G1ProofPoint[LOG_N + 1] memory commitments;
-
-        // Initial contribution
-        commitments[0] = proof.zmCq;
-        scalars[0] = Fr.wrap(1);
-
-        // TODO: optimize pow operations here ? batch mulable
-        for (uint256 k = 0; k < LOG_N; ++k) {
-            Fr degree = Fr.wrap((1 << k) - 1);
-            Fr scalar = FrLib.pow(tp.zmY, k);
-            scalar = scalar * FrLib.pow(tp.zmX, (1 << LOG_N) - Fr.unwrap(degree) - 1);
-            scalar = scalar * MINUS_ONE;
-
-            scalars[k + 1] = scalar;
-            commitments[k + 1] = proof.zmCqs[k];
-        }
-
-        // Convert all commitments for batch mul
-        Honk.G1Point[LOG_N + 1] memory comms = convertPoints(commitments);
-
-        return batchMul(comms, scalars);
-    }
-
-    struct CZetaXParams {
-        Fr phi_numerator;
-        Fr phi_n_x;
-        Fr rho_pow;
-        Fr phi_1;
-        Fr phi_2;
-        Fr x_pow_2k;
-        Fr x_pow_2kp1;
-    }
-
-    function computeCZetaX(
-        Honk.Proof memory proof,
-        Honk.VerificationKey memory vk,
-        Transcript memory tp,
-        Fr batchedEval
-    ) internal view returns (Honk.G1Point memory) {
-        Fr[NUMBER_OF_ENTITIES + CONST_PROOF_SIZE_LOG_N + 1] memory scalars;
-        Honk.G1Point[NUMBER_OF_ENTITIES + CONST_PROOF_SIZE_LOG_N + 1] memory commitments;
-        CZetaXParams memory cp;
-
-        // Phi_n(x) = (x^N - 1) / (x - 1)
-        cp.phi_numerator = FrLib.pow(tp.zmX, (1 << LOG_N)) - Fr.wrap(1);
-        cp.phi_n_x = FrLib.div(cp.phi_numerator, tp.zmX - Fr.wrap(1));
-
-        // Add contribution: -v * x * \Phi_n(x) * [1]_1
-        // Add base
-        scalars[0] = MINUS_ONE * batchedEval * tp.zmX * cp.phi_n_x;
-        commitments[0] = Honk.G1Point({x: 1, y: 2}); // One
-
-        // f - Add all unshifted commitments
-        // g - Add add to be shifted commitments
-
-        // f commitments are accumulated at (zm_x * r)
-        cp.rho_pow = Fr.wrap(1);
-        for (uint256 i = 1; i <= NUMBER_UNSHIFTED; ++i) {
-            scalars[i] = tp.zmX * cp.rho_pow;
-            cp.rho_pow = cp.rho_pow * tp.rho;
-        }
-        // g commitments are accumulated at r
-        for (uint256 i = NUMBER_UNSHIFTED + 1; i <= NUMBER_OF_ENTITIES; ++i) {
-            scalars[i] = cp.rho_pow;
-            cp.rho_pow = cp.rho_pow * tp.rho;
-        }
-
-        commitments[1] = vk.qm;
-        commitments[2] = vk.qc;
-        commitments[3] = vk.ql;
-        commitments[4] = vk.qr;
-        commitments[5] = vk.qo;
-        commitments[6] = vk.q4;
-        commitments[7] = vk.qArith;
-        commitments[8] = vk.qDeltaRange;
-        commitments[9] = vk.qElliptic;
-        commitments[10] = vk.qAux;
-        commitments[11] = vk.qLookup;
-        commitments[12] = vk.qPoseidon2External;
-        commitments[13] = vk.qPoseidon2Internal;
-        commitments[14] = vk.s1;
-        commitments[15] = vk.s2;
-        commitments[16] = vk.s3;
-        commitments[17] = vk.s4;
-        commitments[18] = vk.id1;
-        commitments[19] = vk.id2;
-        commitments[20] = vk.id3;
-        commitments[21] = vk.id4;
-        commitments[22] = vk.t1;
-        commitments[23] = vk.t2;
-        commitments[24] = vk.t3;
-        commitments[25] = vk.t4;
-        commitments[26] = vk.lagrangeFirst;
-        commitments[27] = vk.lagrangeLast;
-
-        // Accumulate proof points
-        commitments[28] = convertProofPoint(proof.w1);
-        commitments[29] = convertProofPoint(proof.w2);
-        commitments[30] = convertProofPoint(proof.w3);
-        commitments[31] = convertProofPoint(proof.w4);
-        commitments[32] = convertProofPoint(proof.zPerm);
-        commitments[33] = convertProofPoint(proof.lookupInverses);
-        commitments[34] = convertProofPoint(proof.lookupReadCounts);
-        commitments[35] = convertProofPoint(proof.lookupReadTags);
-
-        // to be Shifted
-        commitments[36] = vk.t1;
-        commitments[37] = vk.t2;
-        commitments[38] = vk.t3;
-        commitments[39] = vk.t4;
-        commitments[40] = convertProofPoint(proof.w1);
-        commitments[41] = convertProofPoint(proof.w2);
-        commitments[42] = convertProofPoint(proof.w3);
-        commitments[43] = convertProofPoint(proof.w4);
-        commitments[44] = convertProofPoint(proof.zPerm);
-
-        // Add scalar contributions
-        // Add contributions: scalar * [q_k],  k = 0,...,log_N, where
-        // scalar = -x * (x^{2^k} * \Phi_{n-k-1}(x^{2^{k+1}}) - u_k * \Phi_{n-k}(x^{2^k}))
-        cp.x_pow_2k = tp.zmX;
-        cp.x_pow_2kp1 = tp.zmX * tp.zmX;
-        for (uint256 k; k < CONST_PROOF_SIZE_LOG_N; ++k) {
-            bool dummy_round = k >= LOG_N;
-
-            // note: defaults to 0
-            Fr scalar;
-            if (!dummy_round) {
-                cp.phi_1 = FrLib.div(cp.phi_numerator, cp.x_pow_2kp1 - Fr.wrap(1));
-                cp.phi_2 = FrLib.div(cp.phi_numerator, cp.x_pow_2k - Fr.wrap(1));
-
-                scalar = cp.x_pow_2k * cp.phi_1;
-                scalar = scalar - (tp.sumCheckUChallenges[k] * cp.phi_2);
-                scalar = scalar * tp.zmX;
-                scalar = scalar * MINUS_ONE;
-
-                cp.x_pow_2k = cp.x_pow_2kp1;
-                cp.x_pow_2kp1 = cp.x_pow_2kp1 * cp.x_pow_2kp1;
-            }
-
-            scalars[NUMBER_OF_ENTITIES + 1 + k] = scalar;
-            commitments[NUMBER_OF_ENTITIES + 1 + k] = convertProofPoint(proof.zmCqs[k]);
-        }
-
-        return batchMul2(commitments, scalars);
-    }
-
-    // Scalar Mul and acumulate into total
-    function batchMul(Honk.G1Point[LOG_N + 1] memory base, Fr[LOG_N + 1] memory scalars)
-        internal
-        view
-        returns (Honk.G1Point memory result)
-    {
-        uint256 limit = LOG_N + 1;
-        assembly {
-            let success := 0x01
-            let free := mload(0x40)
-
-            // Write the original into the accumulator
-            // Load into memory for ecMUL, leave offset for eccAdd result
-            // base is an array of pointers, so we have to dereference them
-            mstore(add(free, 0x40), mload(mload(base)))
-            mstore(add(free, 0x60), mload(add(0x20, mload(base))))
-            // Add scalar
-            mstore(add(free, 0x80), mload(scalars))
-            success := and(success, staticcall(gas(), 7, add(free, 0x40), 0x60, free, 0x40))
-
-            let count := 0x01
-
-            for {} lt(count, limit) { count := add(count, 1) } {
-                // Get loop offsets
-                let base_base := add(base, mul(count, 0x20))
-                let scalar_base := add(scalars, mul(count, 0x20))
-
-                mstore(add(free, 0x40), mload(mload(base_base)))
-                mstore(add(free, 0x60), mload(add(0x20, mload(base_base))))
-                // Add scalar
-                mstore(add(free, 0x80), mload(scalar_base))
-
-                success := and(success, staticcall(gas(), 7, add(free, 0x40), 0x60, add(free, 0x40), 0x40))
-                success := and(success, staticcall(gas(), 6, free, 0x80, free, 0x40))
-            }
-
-            mstore(result, mload(free))
-            mstore(add(result, 0x20), mload(add(free, 0x20)))
-        }
-    }
-
-    // This implementation is the same as above with different constants
-    function batchMul2(
-        Honk.G1Point[NUMBER_OF_ENTITIES + CONST_PROOF_SIZE_LOG_N + 1] memory base,
-        Fr[NUMBER_OF_ENTITIES + CONST_PROOF_SIZE_LOG_N + 1] memory scalars
-    ) internal view returns (Honk.G1Point memory result) {
-        uint256 limit = NUMBER_OF_ENTITIES + LOG_N + 1;
-        assembly {
-            let success := 0x01
-            let free := mload(0x40)
-
-            // Write the original into the accumulator
-            // Load into memory for ecMUL, leave offset for eccAdd result
-            // base is an array of pointers, so we have to dereference them
-            mstore(add(free, 0x40), mload(mload(base)))
-            mstore(add(free, 0x60), mload(add(0x20, mload(base))))
-            // Add scalar
-            mstore(add(free, 0x80), mload(scalars))
-            success := and(success, staticcall(gas(), 7, add(free, 0x40), 0x60, free, 0x40))
-
-            let count := 0x01
-            for {} lt(count, limit) { count := add(count, 1) } {
-                // Get loop offsets
-                let base_base := add(base, mul(count, 0x20))
-                let scalar_base := add(scalars, mul(count, 0x20))
-
-                mstore(add(free, 0x40), mload(mload(base_base)))
-                mstore(add(free, 0x60), mload(add(0x20, mload(base_base))))
-                // Add scalar
-                mstore(add(free, 0x80), mload(scalar_base))
-
-                success := and(success, staticcall(gas(), 7, add(free, 0x40), 0x60, add(free, 0x40), 0x40))
-                // accumulator = accumulator + accumulator_2
-                success := and(success, staticcall(gas(), 6, free, 0x80, free, 0x40))
-            }
-
-            // Return the result - i hate this
-            mstore(result, mload(free))
-            mstore(add(result, 0x20), mload(add(free, 0x20)))
-        }
-    }
-
-    function zkgReduceVerify(
-        Honk.Proof memory proof,
-        Transcript memory tp,
-        Fr evaluation,
-        Honk.G1Point memory commitment
-    ) internal view returns (bool) {
-        Honk.G1Point memory quotient_commitment = convertProofPoint(proof.zmPi);
-        Honk.G1Point memory ONE = Honk.G1Point({x: 1, y: 2});
-
-        Honk.G1Point memory P0 = commitment;
-        P0 = ecAdd(P0, ecMul(quotient_commitment, tp.zmX));
-
-        Honk.G1Point memory evalAsPoint = ecMul(ONE, evaluation);
-        P0 = ecSub(P0, evalAsPoint);
-
-        Honk.G1Point memory P1 = negateInplace(quotient_commitment);
-
-        // Perform pairing check
-        return pairing(P0, P1);
-    }
-
-    function pairing(Honk.G1Point memory rhs, Honk.G1Point memory lhs) internal view returns(bool)
-    {
-        bytes memory input =
-            abi.encodePacked(rhs.x,
-                             rhs.y,
-                             // Fixed G1 point
-                             uint256(0x198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c2),
-                             uint256(0x1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed),
-                             uint256(0x090689d0585ff075ec9e99ad690c3395bc4b313370b38ef355acdadcd122975b),
-                             uint256(0x12c85ea5db8c6deb4aab71808dcb408fe3d1e7690c43d37b4ce6cc0166fa7daa),
-                             lhs.x,
-                             lhs.y,
-                             // G1 point from VK
-                             uint256(0x260e01b251f6f1c7e7ff4e580791dee8ea51d87a358e038b4efe30fac09383c1),
-                             uint256(0x0118c4d5b837bcc2bc89b5b398b5974e9f5944073b32078b7e231fec938883b0),
-                             uint256(0x04fc6369f7110fe3d25156c1bb9a72859cf2a04641f99ba4ee413c80da6a5fe4),
-                             uint256(0x22febda3c0c0632a56475b4214e5615e11e6dd3f96e6cea2854a87d4dacc5e55));
-
-        (bool success, bytes memory result) = address(0x08).staticcall(input);
-        return abi.decode(result, (bool));
-    }
 }
 
 // Conversion util - Duplicated as we cannot template LOG_N
diff --git a/barretenberg/sol/src/honk/HonkTypes.sol b/barretenberg/sol/src/honk/HonkTypes.sol
index 593d4bf2c2a7..180b163271f2 100644
--- a/barretenberg/sol/src/honk/HonkTypes.sol
+++ b/barretenberg/sol/src/honk/HonkTypes.sol
@@ -136,9 +136,5 @@ library Honk {
         // Sumcheck
         Fr[BATCHED_RELATION_PARTIAL_LENGTH][CONST_PROOF_SIZE_LOG_N] sumcheckUnivariates;
         Fr[NUMBER_OF_ENTITIES] sumcheckEvaluations;
-        // Zero morph
-        Honk.G1ProofPoint[CONST_PROOF_SIZE_LOG_N] zmCqs;
-        Honk.G1ProofPoint zmCq;
-        Honk.G1ProofPoint zmPi;
     }
 }
diff --git a/barretenberg/sol/src/honk/HonkVerifier.sol b/barretenberg/sol/src/honk/HonkVerifier.sol
index 540398bc0c6d..635d4188e711 100644
--- a/barretenberg/sol/src/honk/HonkVerifier.sol
+++ b/barretenberg/sol/src/honk/HonkVerifier.sol
@@ -27,7 +27,6 @@ import {RelationsLib} from "./Relations.sol";
 
 error PublicInputsLengthWrong();
 error SumcheckFailed();
-error ZeromorphFailed();
 
 /// Smart contract verifier of honk proofs
 abstract contract BaseHonkVerifier is IVerifier {
@@ -52,11 +51,7 @@ abstract contract BaseHonkVerifier is IVerifier {
         bool sumcheckVerified = verifySumcheck(p, t);
         if (!sumcheckVerified) revert SumcheckFailed();
 
-        // Zeromorph
-        bool zeromorphVerified = verifyZeroMorph(p, vk, t);
-        if (!zeromorphVerified) revert ZeromorphFailed();
-
-        return sumcheckVerified && zeromorphVerified; // Boolean condition not required - nice for vanity :)
+        return sumcheckVerified; // Boolean condition not required - nice for vanity :)
     }
 
     function loadVerificationKey() internal view returns (Honk.VerificationKey memory) {
@@ -192,181 +187,7 @@ abstract contract BaseHonkVerifier is IVerifier {
         newEvaluation = currentEvaluation * univariateEval;
     }
 
-    function verifyZeroMorph(Honk.Proof memory proof, Honk.VerificationKey memory vk, Transcript memory tp)
-        internal
-        view
-        returns (bool verified)
-    {
-        // Construct batched evaluation v = sum_{i=0}^{m-1}\rho^i*f_i(u) + sum_{i=0}^{l-1}\rho^{m+i}*h_i(u)
-        Fr batchedEval = Fr.wrap(0);
-        Fr batchedScalar = Fr.wrap(1);
-
-        // We linearly combine all evaluations (unshifted first, then shifted)
-        for (uint256 i = 0; i < NUMBER_OF_ENTITIES; ++i) {
-            batchedEval = batchedEval + proof.sumcheckEvaluations[i] * batchedScalar;
-            batchedScalar = batchedScalar * tp.rho;
-        }
-
-        // Get k commitments
-        Honk.G1Point memory c_zeta = computeCZeta(proof, tp);
-        Honk.G1Point memory c_zeta_x = computeCZetaX(proof, vk, tp, batchedEval);
-        Honk.G1Point memory c_zeta_Z = ecAdd(c_zeta, ecMul(c_zeta_x, tp.zmZ));
-
-        // KZG pairing accumulator
-        // WORKTODO: concerned that this is zero - it is multiplied by a point later on
-        Fr evaluation = Fr.wrap(0);
-        verified = zkgReduceVerify(proof, tp, evaluation, c_zeta_Z);
-    }
-
-    // Compute commitment to lifted degree quotient identity
-    function computeCZeta(Honk.Proof memory proof, Transcript memory tp) internal view returns (Honk.G1Point memory) {
-        Fr[LOG_N + 1] memory scalars;
-        Honk.G1ProofPoint[LOG_N + 1] memory commitments;
-
-        // Initial contribution
-        commitments[0] = proof.zmCq;
-        scalars[0] = Fr.wrap(1);
-
-        // TODO: optimize pow operations here ? batch mulable
-        for (uint256 k = 0; k < LOG_N; ++k) {
-            Fr degree = Fr.wrap((1 << k) - 1);
-            Fr scalar = FrLib.pow(tp.zmY, k);
-            scalar = scalar * FrLib.pow(tp.zmX, (1 << LOG_N) - Fr.unwrap(degree) - 1);
-            scalar = scalar * MINUS_ONE;
-
-            scalars[k + 1] = scalar;
-            commitments[k + 1] = proof.zmCqs[k];
-        }
-
-        // Convert all commitments for batch mul
-        Honk.G1Point[LOG_N + 1] memory comms = convertPoints(commitments);
-
-        return batchMul(comms, scalars);
-    }
-
-    struct CZetaXParams {
-        Fr phi_numerator;
-        Fr phi_n_x;
-        Fr rho_pow;
-        Fr phi_1;
-        Fr phi_2;
-        Fr x_pow_2k;
-        Fr x_pow_2kp1;
-    }
-
-    function computeCZetaX(
-        Honk.Proof memory proof,
-        Honk.VerificationKey memory vk,
-        Transcript memory tp,
-        Fr batchedEval
-    ) internal view returns (Honk.G1Point memory) {
-        Fr[NUMBER_OF_ENTITIES + CONST_PROOF_SIZE_LOG_N + 1] memory scalars;
-        Honk.G1Point[NUMBER_OF_ENTITIES + CONST_PROOF_SIZE_LOG_N + 1] memory commitments;
-        CZetaXParams memory cp;
-
-        // Phi_n(x) = (x^N - 1) / (x - 1)
-        cp.phi_numerator = FrLib.pow(tp.zmX, (1 << LOG_N)) - Fr.wrap(1);
-        cp.phi_n_x = FrLib.div(cp.phi_numerator, tp.zmX - Fr.wrap(1));
-
-        // Add contribution: -v * x * \Phi_n(x) * [1]_1
-        // Add base
-        scalars[0] = MINUS_ONE * batchedEval * tp.zmX * cp.phi_n_x;
-        commitments[0] = Honk.G1Point({x: 1, y: 2}); // One
-
-        // f - Add all unshifted commitments
-        // g - Add add to be shifted commitments
-
-        // f commitments are accumulated at (zm_x * r)
-        cp.rho_pow = Fr.wrap(1);
-        for (uint256 i = 1; i <= NUMBER_UNSHIFTED; ++i) {
-            scalars[i] = tp.zmX * cp.rho_pow;
-            cp.rho_pow = cp.rho_pow * tp.rho;
-        }
-        // g commitments are accumulated at r
-        for (uint256 i = NUMBER_UNSHIFTED + 1; i <= NUMBER_OF_ENTITIES; ++i) {
-            scalars[i] = cp.rho_pow;
-            cp.rho_pow = cp.rho_pow * tp.rho;
-        }
-
-        // TODO: dont accumulate these into the comms array, just accumulate directly
-        commitments[1] = vk.qm;
-        commitments[2] = vk.qc;
-        commitments[3] = vk.ql;
-        commitments[4] = vk.qr;
-        commitments[5] = vk.qo;
-        commitments[6] = vk.q4;
-        commitments[7] = vk.qArith;
-        commitments[8] = vk.qDeltaRange;
-        commitments[9] = vk.qElliptic;
-        commitments[10] = vk.qAux;
-        commitments[11] = vk.qLookup;
-        commitments[12] = vk.qPoseidon2External;
-        commitments[13] = vk.qPoseidon2Internal;
-        commitments[14] = vk.s1;
-        commitments[15] = vk.s2;
-        commitments[16] = vk.s3;
-        commitments[17] = vk.s4;
-        commitments[18] = vk.id1;
-        commitments[19] = vk.id2;
-        commitments[20] = vk.id3;
-        commitments[21] = vk.id4;
-        commitments[22] = vk.t1;
-        commitments[23] = vk.t2;
-        commitments[24] = vk.t3;
-        commitments[25] = vk.t4;
-        commitments[26] = vk.lagrangeFirst;
-        commitments[27] = vk.lagrangeLast;
-
-        // Accumulate proof points
-        commitments[28] = convertProofPoint(proof.w1);
-        commitments[29] = convertProofPoint(proof.w2);
-        commitments[30] = convertProofPoint(proof.w3);
-        commitments[31] = convertProofPoint(proof.w4);
-        commitments[32] = convertProofPoint(proof.zPerm);
-        commitments[33] = convertProofPoint(proof.lookupInverses);
-        commitments[34] = convertProofPoint(proof.lookupReadCounts);
-        commitments[35] = convertProofPoint(proof.lookupReadTags);
-
-        // to be Shifted
-        commitments[36] = vk.t1;
-        commitments[37] = vk.t2;
-        commitments[38] = vk.t3;
-        commitments[39] = vk.t4;
-        commitments[40] = convertProofPoint(proof.w1);
-        commitments[41] = convertProofPoint(proof.w2);
-        commitments[42] = convertProofPoint(proof.w3);
-        commitments[43] = convertProofPoint(proof.w4);
-        commitments[44] = convertProofPoint(proof.zPerm);
-
-        // Add scalar contributions
-        // Add contributions: scalar * [q_k],  k = 0,...,log_N, where
-        // scalar = -x * (x^{2^k} * \Phi_{n-k-1}(x^{2^{k+1}}) - u_k * \Phi_{n-k}(x^{2^k}))
-        cp.x_pow_2k = tp.zmX;
-        cp.x_pow_2kp1 = tp.zmX * tp.zmX;
-        for (uint256 k; k < CONST_PROOF_SIZE_LOG_N; ++k) {
-            bool dummy_round = k >= LOG_N;
-
-            // note: defaults to 0
-            Fr scalar;
-            if (!dummy_round) {
-                cp.phi_1 = FrLib.div(cp.phi_numerator, cp.x_pow_2kp1 - Fr.wrap(1));
-                cp.phi_2 = FrLib.div(cp.phi_numerator, cp.x_pow_2k - Fr.wrap(1));
-
-                scalar = cp.x_pow_2k * cp.phi_1;
-                scalar = scalar - (tp.sumCheckUChallenges[k] * cp.phi_2);
-                scalar = scalar * tp.zmX;
-                scalar = scalar * MINUS_ONE;
-
-                cp.x_pow_2k = cp.x_pow_2kp1;
-                cp.x_pow_2kp1 = cp.x_pow_2kp1 * cp.x_pow_2kp1;
-            }
-
-            scalars[NUMBER_OF_ENTITIES + 1 + k] = scalar;
-            commitments[NUMBER_OF_ENTITIES + 1 + k] = convertProofPoint(proof.zmCqs[k]);
-        }
-
-        return batchMul2(commitments, scalars);
-    }
+    // TODO: Implement Shplemini, functions above are left here in case they are useful
 
     // TODO: TODO: TODO: optimize
     // Scalar Mul and acumulate into total
@@ -451,26 +272,26 @@ abstract contract BaseHonkVerifier is IVerifier {
         }
     }
 
-    function zkgReduceVerify(
-        Honk.Proof memory proof,
-        Transcript memory tp,
-        Fr evaluation,
-        Honk.G1Point memory commitment
-    ) internal view returns (bool) {
-        Honk.G1Point memory quotient_commitment = convertProofPoint(proof.zmPi);
-        Honk.G1Point memory ONE = Honk.G1Point({x: 1, y: 2});
+    // function kzgReduceVerify(
+    //     Honk.Proof memory proof,
+    //     Transcript memory tp,
+    //     Fr evaluation,
+    //     Honk.G1Point memory commitment
+    // ) internal view returns (bool) {
+    //     Honk.G1Point memory quotient_commitment = convertProofPoint(proof.zmPi);
+    //     Honk.G1Point memory ONE = Honk.G1Point({x: 1, y: 2});
 
-        Honk.G1Point memory P0 = commitment;
-        P0 = ecAdd(P0, ecMul(quotient_commitment, tp.zmX));
+    //     Honk.G1Point memory P0 = commitment;
+    //     P0 = ecAdd(P0, ecMul(quotient_commitment, tp.zmX));
 
-        Honk.G1Point memory evalAsPoint = ecMul(ONE, evaluation);
-        P0 = ecSub(P0, evalAsPoint);
+    //     Honk.G1Point memory evalAsPoint = ecMul(ONE, evaluation);
+    //     P0 = ecSub(P0, evalAsPoint);
 
-        Honk.G1Point memory P1 = negateInplace(quotient_commitment);
+    //     Honk.G1Point memory P1 = negateInplace(quotient_commitment);
 
-        // Perform pairing check
-        return pairing(P0, P1);
-    }
+    //     // Perform pairing check
+    //     return pairing(P0, P1);
+    // }
 
     function pairing(Honk.G1Point memory rhs, Honk.G1Point memory lhs) internal view returns (bool) {
         bytes memory input = abi.encodePacked(
diff --git a/barretenberg/sol/src/honk/Transcript.sol b/barretenberg/sol/src/honk/Transcript.sol
index 1f450263a442..70ac62341581 100644
--- a/barretenberg/sol/src/honk/Transcript.sol
+++ b/barretenberg/sol/src/honk/Transcript.sol
@@ -19,12 +19,7 @@ struct Transcript {
     Fr[NUMBER_OF_ALPHAS] alphas;
     Fr[CONST_PROOF_SIZE_LOG_N] gateChallenges;
     Fr[CONST_PROOF_SIZE_LOG_N] sumCheckUChallenges;
-    Fr rho;
-    // Zero morph
-    Fr zmX;
-    Fr zmY;
-    Fr zmZ;
-    Fr zmQuotient;
+    // Fr rho;
     // Derived
     Fr publicInputsDelta;
 }
@@ -45,11 +40,7 @@ library TranscriptLib {
         (t.gateChallenges, previousChallenge) = generateGateChallenges(previousChallenge);
 
         (t.sumCheckUChallenges, previousChallenge) = generateSumcheckChallenges(proof, previousChallenge);
-        (t.rho, previousChallenge) = generateRhoChallenge(proof, previousChallenge);
-
-        (t.zmY, previousChallenge) = generateZMYChallenge(previousChallenge, proof);
-
-        (t.zmX, t.zmZ, previousChallenge) = generateZMXZChallenges(previousChallenge, proof);
+        // (t.rho, previousChallenge) = generateRhoChallenge(proof, previousChallenge);
 
         return t;
     }
@@ -186,6 +177,7 @@ library TranscriptLib {
         nextPreviousChallenge = prevChallenge;
     }
 
+    // TODO: reuse this for Shplemini
     function generateRhoChallenge(Honk.Proof memory proof, Fr prevChallenge)
         internal
         view
@@ -204,43 +196,6 @@ library TranscriptLib {
         (rho, unused) = splitChallenge(nextPreviousChallenge);
     }
 
-    function generateZMYChallenge(Fr previousChallenge, Honk.Proof memory proof)
-        internal
-        view
-        returns (Fr zeromorphY, Fr nextPreviousChallenge)
-    {
-        uint256[CONST_PROOF_SIZE_LOG_N * 4 + 1] memory zmY;
-        zmY[0] = Fr.unwrap(previousChallenge);
-
-        for (uint256 i; i < CONST_PROOF_SIZE_LOG_N; ++i) {
-            zmY[1 + i * 4] = proof.zmCqs[i].x_0;
-            zmY[2 + i * 4] = proof.zmCqs[i].x_1;
-            zmY[3 + i * 4] = proof.zmCqs[i].y_0;
-            zmY[4 + i * 4] = proof.zmCqs[i].y_1;
-        }
-
-        nextPreviousChallenge = FrLib.fromBytes32(keccak256(abi.encodePacked(zmY)));
-        Fr unused;
-        (zeromorphY, unused) = splitChallenge(nextPreviousChallenge);
-    }
-
-    function generateZMXZChallenges(Fr previousChallenge, Honk.Proof memory proof)
-        internal
-        pure
-        returns (Fr zeromorphX, Fr zeromorphZ, Fr nextPreviousChallenge)
-    {
-        uint256[4 + 1] memory buf;
-        buf[0] = Fr.unwrap(previousChallenge);
-
-        buf[1] = proof.zmCq.x_0;
-        buf[2] = proof.zmCq.x_1;
-        buf[3] = proof.zmCq.y_0;
-        buf[4] = proof.zmCq.y_1;
-
-        nextPreviousChallenge = FrLib.fromBytes32(keccak256(abi.encodePacked(buf)));
-        (zeromorphX, zeromorphZ) = splitChallenge(nextPreviousChallenge);
-    }
-
     // TODO: mod q proof points
     // TODO: Preprocess all of the memory locations
     // TODO: Adjust proof point serde away from poseidon forced field elements
@@ -332,44 +287,12 @@ library TranscriptLib {
         }
 
         boundary = boundary + (NUMBER_OF_ENTITIES * 0x20);
-        // Zero morph Commitments
-        for (uint256 i = 0; i < CONST_PROOF_SIZE_LOG_N; i++) {
-            // Explicitly stating the x0, x1, y0, y1 start and end boundaries to make the calldata slicing bearable
-            uint256 xStart = boundary + (i * 0x80);
-            uint256 xEnd = xStart + 0x20;
-
-            uint256 x1Start = xEnd;
-            uint256 x1End = x1Start + 0x20;
-
-            uint256 yStart = x1End;
-            uint256 yEnd = yStart + 0x20;
-
-            uint256 y1Start = yEnd;
-            uint256 y1End = y1Start + 0x20;
-
-            p.zmCqs[i] = Honk.G1ProofPoint({
-                x_0: uint256(bytes32(proof[xStart:xEnd])),
-                x_1: uint256(bytes32(proof[x1Start:x1End])),
-                y_0: uint256(bytes32(proof[yStart:yEnd])),
-                y_1: uint256(bytes32(proof[y1Start:y1End]))
-            });
-        }
-
-        boundary = boundary + (CONST_PROOF_SIZE_LOG_N * 0x80);
-
-        p.zmCq = Honk.G1ProofPoint({
-            x_0: uint256(bytes32(proof[boundary:boundary + 0x20])),
-            x_1: uint256(bytes32(proof[boundary + 0x20:boundary + 0x40])),
-            y_0: uint256(bytes32(proof[boundary + 0x40:boundary + 0x60])),
-            y_1: uint256(bytes32(proof[boundary + 0x60:boundary + 0x80]))
-        });
-
-        p.zmPi = Honk.G1ProofPoint({
-            x_0: uint256(bytes32(proof[boundary + 0x80:boundary + 0xa0])),
-            x_1: uint256(bytes32(proof[boundary + 0xa0:boundary + 0xc0])),
-            y_0: uint256(bytes32(proof[boundary + 0xc0:boundary + 0xe0])),
-            y_1: uint256(bytes32(proof[boundary + 0xe0:boundary + 0x100]))
-        });
+        // p.zmPi = Honk.G1ProofPoint({
+        //     x_0: uint256(bytes32(proof[boundary + 0x80:boundary + 0xa0])),
+        //     x_1: uint256(bytes32(proof[boundary + 0xa0:boundary + 0xc0])),
+        //     y_0: uint256(bytes32(proof[boundary + 0xc0:boundary + 0xe0])),
+        //     y_1: uint256(bytes32(proof[boundary + 0xe0:boundary + 0x100]))
+        // });
 
         return p;
     }
diff --git a/barretenberg/sol/src/honk/instance/Add2Honk.sol b/barretenberg/sol/src/honk/instance/Add2Honk.sol
index 9f554d10b547..a6eaec5afa81 100644
--- a/barretenberg/sol/src/honk/instance/Add2Honk.sol
+++ b/barretenberg/sol/src/honk/instance/Add2Honk.sol
@@ -28,7 +28,6 @@ import {RelationsLib} from "../Relations.sol";
 // Errors
 error PublicInputsLengthWrong();
 error SumcheckFailed();
-error ZeromorphFailed();
 
 /// Smart contract verifier of honk proofs
 contract Add2HonkVerifier is IVerifier {
@@ -51,11 +50,7 @@ contract Add2HonkVerifier is IVerifier {
         bool sumcheckVerified = verifySumcheck(p, t);
         if (!sumcheckVerified) revert SumcheckFailed();
 
-        // Zeromorph
-        bool zeromorphVerified = verifyZeroMorph(p, vk, t);
-        if (!zeromorphVerified) revert ZeromorphFailed();
-
-        return sumcheckVerified && zeromorphVerified; // Boolean condition not required - nice for vanity :)
+        return sumcheckVerified; // Boolean condition not required - nice for vanity :)
     }
 
     function loadVerificationKey() internal view returns (Honk.VerificationKey memory) {
@@ -191,181 +186,6 @@ contract Add2HonkVerifier is IVerifier {
         newEvaluation = currentEvaluation * univariateEval;
     }
 
-    function verifyZeroMorph(Honk.Proof memory proof, Honk.VerificationKey memory vk, Transcript memory tp)
-        internal
-        view
-        returns (bool verified)
-    {
-        // Construct batched evaluation v = sum_{i=0}^{m-1}\rho^i*f_i(u) + sum_{i=0}^{l-1}\rho^{m+i}*h_i(u)
-        Fr batchedEval = Fr.wrap(0);
-        Fr batchedScalar = Fr.wrap(1);
-
-        // We linearly combine all evaluations (unshifted first, then shifted)
-        for (uint256 i = 0; i < NUMBER_OF_ENTITIES; ++i) {
-            batchedEval = batchedEval + proof.sumcheckEvaluations[i] * batchedScalar;
-            batchedScalar = batchedScalar * tp.rho;
-        }
-
-        // Get k commitments
-        Honk.G1Point memory c_zeta = computeCZeta(proof, tp);
-        Honk.G1Point memory c_zeta_x = computeCZetaX(proof, vk, tp, batchedEval);
-        Honk.G1Point memory c_zeta_Z = ecAdd(c_zeta, ecMul(c_zeta_x, tp.zmZ));
-
-        // KZG pairing accumulator
-        Fr evaluation = Fr.wrap(0);
-        verified = zkgReduceVerify(proof, tp, evaluation, c_zeta_Z);
-    }
-
-    // Compute commitment to lifted degree quotient identity
-    function computeCZeta(Honk.Proof memory proof, Transcript memory tp) internal view returns (Honk.G1Point memory) {
-        Fr[LOG_N + 1] memory scalars;
-        Honk.G1ProofPoint[LOG_N + 1] memory commitments;
-
-        // Initial contribution
-        commitments[0] = proof.zmCq;
-        scalars[0] = Fr.wrap(1);
-
-        // TODO: optimize pow operations here ? batch mulable
-        for (uint256 k = 0; k < LOG_N; ++k) {
-            Fr degree = Fr.wrap((1 << k) - 1);
-            Fr scalar = FrLib.pow(tp.zmY, k);
-            scalar = scalar * FrLib.pow(tp.zmX, (1 << LOG_N) - Fr.unwrap(degree) - 1);
-            scalar = scalar * MINUS_ONE;
-
-            scalars[k + 1] = scalar;
-            commitments[k + 1] = proof.zmCqs[k];
-        }
-
-        // Convert all commitments for batch mul
-        Honk.G1Point[LOG_N + 1] memory comms = convertPoints(commitments);
-
-        return batchMul(comms, scalars);
-    }
-
-    struct CZetaXParams {
-        Fr phi_numerator;
-        Fr phi_n_x;
-        Fr rho_pow;
-        Fr phi_1;
-        Fr phi_2;
-        Fr x_pow_2k;
-        Fr x_pow_2kp1;
-    }
-
-    function computeCZetaX(
-        Honk.Proof memory proof,
-        Honk.VerificationKey memory vk,
-        Transcript memory tp,
-        Fr batchedEval
-    ) internal view returns (Honk.G1Point memory) {
-        Fr[NUMBER_OF_ENTITIES + CONST_PROOF_SIZE_LOG_N + 1] memory scalars;
-        Honk.G1Point[NUMBER_OF_ENTITIES + CONST_PROOF_SIZE_LOG_N + 1] memory commitments;
-        CZetaXParams memory cp;
-
-        // Phi_n(x) = (x^N - 1) / (x - 1)
-        cp.phi_numerator = FrLib.pow(tp.zmX, (1 << LOG_N)) - Fr.wrap(1);
-        cp.phi_n_x = FrLib.div(cp.phi_numerator, tp.zmX - Fr.wrap(1));
-
-        // Add contribution: -v * x * \Phi_n(x) * [1]_1
-        // Add base
-        scalars[0] = MINUS_ONE * batchedEval * tp.zmX * cp.phi_n_x;
-        commitments[0] = Honk.G1Point({x: 1, y: 2}); // One
-
-        // f - Add all unshifted commitments
-        // g - Add add to be shifted commitments
-
-        // f commitments are accumulated at (zm_x * r)
-        cp.rho_pow = Fr.wrap(1);
-        for (uint256 i = 1; i <= NUMBER_UNSHIFTED; ++i) {
-            scalars[i] = tp.zmX * cp.rho_pow;
-            cp.rho_pow = cp.rho_pow * tp.rho;
-        }
-        // g commitments are accumulated at r
-        for (uint256 i = NUMBER_UNSHIFTED + 1; i <= NUMBER_OF_ENTITIES; ++i) {
-            scalars[i] = cp.rho_pow;
-            cp.rho_pow = cp.rho_pow * tp.rho;
-        }
-
-        // TODO: dont accumulate these into the comms array, just accumulate directly
-        commitments[1] = vk.qm;
-        commitments[2] = vk.qc;
-        commitments[3] = vk.ql;
-        commitments[4] = vk.qr;
-        commitments[5] = vk.qo;
-        commitments[6] = vk.q4;
-        commitments[7] = vk.qArith;
-        commitments[8] = vk.qDeltaRange;
-        commitments[9] = vk.qElliptic;
-        commitments[10] = vk.qAux;
-        commitments[11] = vk.qLookup;
-        commitments[12] = vk.qPoseidon2External;
-        commitments[13] = vk.qPoseidon2Internal;
-        commitments[14] = vk.s1;
-        commitments[15] = vk.s2;
-        commitments[16] = vk.s3;
-        commitments[17] = vk.s4;
-        commitments[18] = vk.id1;
-        commitments[19] = vk.id2;
-        commitments[20] = vk.id3;
-        commitments[21] = vk.id4;
-        commitments[22] = vk.t1;
-        commitments[23] = vk.t2;
-        commitments[24] = vk.t3;
-        commitments[25] = vk.t4;
-        commitments[26] = vk.lagrangeFirst;
-        commitments[27] = vk.lagrangeLast;
-
-        // Accumulate proof points
-        commitments[28] = convertProofPoint(proof.w1);
-        commitments[29] = convertProofPoint(proof.w2);
-        commitments[30] = convertProofPoint(proof.w3);
-        commitments[31] = convertProofPoint(proof.w4);
-        commitments[32] = convertProofPoint(proof.zPerm);
-        commitments[33] = convertProofPoint(proof.lookupInverses);
-        commitments[34] = convertProofPoint(proof.lookupReadCounts);
-        commitments[35] = convertProofPoint(proof.lookupReadTags);
-
-        // to be Shifted
-        commitments[36] = vk.t1;
-        commitments[37] = vk.t2;
-        commitments[38] = vk.t3;
-        commitments[39] = vk.t4;
-        commitments[40] = convertProofPoint(proof.w1);
-        commitments[41] = convertProofPoint(proof.w2);
-        commitments[42] = convertProofPoint(proof.w3);
-        commitments[43] = convertProofPoint(proof.w4);
-        commitments[44] = convertProofPoint(proof.zPerm);
-
-        // Add scalar contributions
-        // Add contributions: scalar * [q_k],  k = 0,...,log_N, where
-        // scalar = -x * (x^{2^k} * \Phi_{n-k-1}(x^{2^{k+1}}) - u_k * \Phi_{n-k}(x^{2^k}))
-        cp.x_pow_2k = tp.zmX;
-        cp.x_pow_2kp1 = tp.zmX * tp.zmX;
-        for (uint256 k; k < CONST_PROOF_SIZE_LOG_N; ++k) {
-            bool dummy_round = k >= LOG_N;
-
-            // note: defaults to 0
-            Fr scalar;
-            if (!dummy_round) {
-                cp.phi_1 = FrLib.div(cp.phi_numerator, cp.x_pow_2kp1 - Fr.wrap(1));
-                cp.phi_2 = FrLib.div(cp.phi_numerator, cp.x_pow_2k - Fr.wrap(1));
-
-                scalar = cp.x_pow_2k * cp.phi_1;
-                scalar = scalar - (tp.sumCheckUChallenges[k] * cp.phi_2);
-                scalar = scalar * tp.zmX;
-                scalar = scalar * MINUS_ONE;
-
-                cp.x_pow_2k = cp.x_pow_2kp1;
-                cp.x_pow_2kp1 = cp.x_pow_2kp1 * cp.x_pow_2kp1;
-            }
-
-            scalars[NUMBER_OF_ENTITIES + 1 + k] = scalar;
-            commitments[NUMBER_OF_ENTITIES + 1 + k] = convertProofPoint(proof.zmCqs[k]);
-        }
-
-        return batchMul2(commitments, scalars);
-    }
-
     // TODO: TODO: TODO: optimize
     // Scalar Mul and acumulate into total
     function batchMul(Honk.G1Point[LOG_N + 1] memory base, Fr[LOG_N + 1] memory scalars)
@@ -449,26 +269,26 @@ contract Add2HonkVerifier is IVerifier {
         }
     }
 
-    function zkgReduceVerify(
-        Honk.Proof memory proof,
-        Transcript memory tp,
-        Fr evaluation,
-        Honk.G1Point memory commitment
-    ) internal view returns (bool) {
-        Honk.G1Point memory quotient_commitment = convertProofPoint(proof.zmPi);
-        Honk.G1Point memory ONE = Honk.G1Point({x: 1, y: 2});
+    // function kzgReduceVerify(
+    //     Honk.Proof memory proof,
+    //     Transcript memory tp,
+    //     Fr evaluation,
+    //     Honk.G1Point memory commitment
+    // ) internal view returns (bool) {
+    //     Honk.G1Point memory quotient_commitment = convertProofPoint(proof.zmPi);
+    //     Honk.G1Point memory ONE = Honk.G1Point({x: 1, y: 2});
 
-        Honk.G1Point memory P0 = commitment;
-        P0 = ecAdd(P0, ecMul(quotient_commitment, tp.zmX));
+    //     Honk.G1Point memory P0 = commitment;
+    //     P0 = ecAdd(P0, ecMul(quotient_commitment, tp.zmX));
 
-        Honk.G1Point memory evalAsPoint = ecMul(ONE, evaluation);
-        P0 = ecSub(P0, evalAsPoint);
+    //     Honk.G1Point memory evalAsPoint = ecMul(ONE, evaluation);
+    //     P0 = ecSub(P0, evalAsPoint);
 
-        Honk.G1Point memory P1 = negateInplace(quotient_commitment);
+    //     Honk.G1Point memory P1 = negateInplace(quotient_commitment);
 
-        // Perform pairing check
-        return pairing(P0, P1);
-    }
+    //     // Perform pairing check
+    //     return pairing(P0, P1);
+    // }
 
     function pairing(Honk.G1Point memory rhs, Honk.G1Point memory lhs) internal view returns (bool) {
         bytes memory input = abi.encodePacked(
diff --git a/barretenberg/sol/src/honk/instance/BlakeHonk.sol b/barretenberg/sol/src/honk/instance/BlakeHonk.sol
index f3b36f359b21..4c40fc2337b5 100644
--- a/barretenberg/sol/src/honk/instance/BlakeHonk.sol
+++ b/barretenberg/sol/src/honk/instance/BlakeHonk.sol
@@ -28,7 +28,6 @@ import {RelationsLib} from "../Relations.sol";
 // Errors
 error PublicInputsLengthWrong();
 error SumcheckFailed();
-error ZeromorphFailed();
 
 /// Smart contract verifier of honk proofs
 contract BlakeHonkVerifier is IVerifier {
@@ -51,11 +50,7 @@ contract BlakeHonkVerifier is IVerifier {
         bool sumcheckVerified = verifySumcheck(p, t);
         if (!sumcheckVerified) revert SumcheckFailed();
 
-        // Zeromorph
-        bool zeromorphVerified = verifyZeroMorph(p, vk, t);
-        if (!zeromorphVerified) revert ZeromorphFailed();
-
-        return sumcheckVerified && zeromorphVerified; // Boolean condition not required - nice for vanity :)
+        return sumcheckVerified; // Boolean condition not required - nice for vanity :)
     }
 
     function loadVerificationKey() internal view returns (Honk.VerificationKey memory) {
@@ -191,182 +186,6 @@ contract BlakeHonkVerifier is IVerifier {
         newEvaluation = currentEvaluation * univariateEval;
     }
 
-    function verifyZeroMorph(Honk.Proof memory proof, Honk.VerificationKey memory vk, Transcript memory tp)
-        internal
-        view
-        returns (bool verified)
-    {
-        // Construct batched evaluation v = sum_{i=0}^{m-1}\rho^i*f_i(u) + sum_{i=0}^{l-1}\rho^{m+i}*h_i(u)
-        Fr batchedEval = Fr.wrap(0);
-        Fr batchedScalar = Fr.wrap(1);
-
-        // We linearly combine all evaluations (unshifted first, then shifted)
-        for (uint256 i = 0; i < NUMBER_OF_ENTITIES; ++i) {
-            batchedEval = batchedEval + proof.sumcheckEvaluations[i] * batchedScalar;
-            batchedScalar = batchedScalar * tp.rho;
-        }
-
-        // Get k commitments
-        Honk.G1Point memory c_zeta = computeCZeta(proof, tp);
-        Honk.G1Point memory c_zeta_x = computeCZetaX(proof, vk, tp, batchedEval);
-        Honk.G1Point memory c_zeta_Z = ecAdd(c_zeta, ecMul(c_zeta_x, tp.zmZ));
-
-        // KZG pairing accumulator
-        // WORKTODO: concerned that this is zero - it is multiplied by a point later on
-        Fr evaluation = Fr.wrap(0);
-        verified = zkgReduceVerify(proof, tp, evaluation, c_zeta_Z);
-    }
-
-    // Compute commitment to lifted degree quotient identity
-    function computeCZeta(Honk.Proof memory proof, Transcript memory tp) internal view returns (Honk.G1Point memory) {
-        Fr[LOG_N + 1] memory scalars;
-        Honk.G1ProofPoint[LOG_N + 1] memory commitments;
-
-        // Initial contribution
-        commitments[0] = proof.zmCq;
-        scalars[0] = Fr.wrap(1);
-
-        // TODO: optimize pow operations here ? batch mulable
-        for (uint256 k = 0; k < LOG_N; ++k) {
-            Fr degree = Fr.wrap((1 << k) - 1);
-            Fr scalar = FrLib.pow(tp.zmY, k);
-            scalar = scalar * FrLib.pow(tp.zmX, (1 << LOG_N) - Fr.unwrap(degree) - 1);
-            scalar = scalar * MINUS_ONE;
-
-            scalars[k + 1] = scalar;
-            commitments[k + 1] = proof.zmCqs[k];
-        }
-
-        // Convert all commitments for batch mul
-        Honk.G1Point[LOG_N + 1] memory comms = convertPoints(commitments);
-
-        return batchMul(comms, scalars);
-    }
-
-    struct CZetaXParams {
-        Fr phi_numerator;
-        Fr phi_n_x;
-        Fr rho_pow;
-        Fr phi_1;
-        Fr phi_2;
-        Fr x_pow_2k;
-        Fr x_pow_2kp1;
-    }
-
-    function computeCZetaX(
-        Honk.Proof memory proof,
-        Honk.VerificationKey memory vk,
-        Transcript memory tp,
-        Fr batchedEval
-    ) internal view returns (Honk.G1Point memory) {
-        Fr[NUMBER_OF_ENTITIES + CONST_PROOF_SIZE_LOG_N + 1] memory scalars;
-        Honk.G1Point[NUMBER_OF_ENTITIES + CONST_PROOF_SIZE_LOG_N + 1] memory commitments;
-        CZetaXParams memory cp;
-
-        // Phi_n(x) = (x^N - 1) / (x - 1)
-        cp.phi_numerator = FrLib.pow(tp.zmX, (1 << LOG_N)) - Fr.wrap(1);
-        cp.phi_n_x = FrLib.div(cp.phi_numerator, tp.zmX - Fr.wrap(1));
-
-        // Add contribution: -v * x * \Phi_n(x) * [1]_1
-        // Add base
-        scalars[0] = MINUS_ONE * batchedEval * tp.zmX * cp.phi_n_x;
-        commitments[0] = Honk.G1Point({x: 1, y: 2}); // One
-
-        // f - Add all unshifted commitments
-        // g - Add add to be shifted commitments
-
-        // f commitments are accumulated at (zm_x * r)
-        cp.rho_pow = Fr.wrap(1);
-        for (uint256 i = 1; i <= NUMBER_UNSHIFTED; ++i) {
-            scalars[i] = tp.zmX * cp.rho_pow;
-            cp.rho_pow = cp.rho_pow * tp.rho;
-        }
-        // g commitments are accumulated at r
-        for (uint256 i = NUMBER_UNSHIFTED + 1; i <= NUMBER_OF_ENTITIES; ++i) {
-            scalars[i] = cp.rho_pow;
-            cp.rho_pow = cp.rho_pow * tp.rho;
-        }
-
-        // TODO: dont accumulate these into the comms array, just accumulate directly
-        commitments[1] = vk.qm;
-        commitments[2] = vk.qc;
-        commitments[3] = vk.ql;
-        commitments[4] = vk.qr;
-        commitments[5] = vk.qo;
-        commitments[6] = vk.q4;
-        commitments[7] = vk.qArith;
-        commitments[8] = vk.qDeltaRange;
-        commitments[9] = vk.qElliptic;
-        commitments[10] = vk.qAux;
-        commitments[11] = vk.qLookup;
-        commitments[12] = vk.qPoseidon2External;
-        commitments[13] = vk.qPoseidon2Internal;
-        commitments[14] = vk.s1;
-        commitments[15] = vk.s2;
-        commitments[16] = vk.s3;
-        commitments[17] = vk.s4;
-        commitments[18] = vk.id1;
-        commitments[19] = vk.id2;
-        commitments[20] = vk.id3;
-        commitments[21] = vk.id4;
-        commitments[22] = vk.t1;
-        commitments[23] = vk.t2;
-        commitments[24] = vk.t3;
-        commitments[25] = vk.t4;
-        commitments[26] = vk.lagrangeFirst;
-        commitments[27] = vk.lagrangeLast;
-
-        // Accumulate proof points
-        commitments[28] = convertProofPoint(proof.w1);
-        commitments[29] = convertProofPoint(proof.w2);
-        commitments[30] = convertProofPoint(proof.w3);
-        commitments[31] = convertProofPoint(proof.w4);
-        commitments[32] = convertProofPoint(proof.zPerm);
-        commitments[33] = convertProofPoint(proof.lookupInverses);
-        commitments[34] = convertProofPoint(proof.lookupReadCounts);
-        commitments[35] = convertProofPoint(proof.lookupReadTags);
-
-        // to be Shifted
-        commitments[36] = vk.t1;
-        commitments[37] = vk.t2;
-        commitments[38] = vk.t3;
-        commitments[39] = vk.t4;
-        commitments[40] = convertProofPoint(proof.w1);
-        commitments[41] = convertProofPoint(proof.w2);
-        commitments[42] = convertProofPoint(proof.w3);
-        commitments[43] = convertProofPoint(proof.w4);
-        commitments[44] = convertProofPoint(proof.zPerm);
-
-        // Add scalar contributions
-        // Add contributions: scalar * [q_k],  k = 0,...,log_N, where
-        // scalar = -x * (x^{2^k} * \Phi_{n-k-1}(x^{2^{k+1}}) - u_k * \Phi_{n-k}(x^{2^k}))
-        cp.x_pow_2k = tp.zmX;
-        cp.x_pow_2kp1 = tp.zmX * tp.zmX;
-        for (uint256 k; k < CONST_PROOF_SIZE_LOG_N; ++k) {
-            bool dummy_round = k >= LOG_N;
-
-            // note: defaults to 0
-            Fr scalar;
-            if (!dummy_round) {
-                cp.phi_1 = FrLib.div(cp.phi_numerator, cp.x_pow_2kp1 - Fr.wrap(1));
-                cp.phi_2 = FrLib.div(cp.phi_numerator, cp.x_pow_2k - Fr.wrap(1));
-
-                scalar = cp.x_pow_2k * cp.phi_1;
-                scalar = scalar - (tp.sumCheckUChallenges[k] * cp.phi_2);
-                scalar = scalar * tp.zmX;
-                scalar = scalar * MINUS_ONE;
-
-                cp.x_pow_2k = cp.x_pow_2kp1;
-                cp.x_pow_2kp1 = cp.x_pow_2kp1 * cp.x_pow_2kp1;
-            }
-
-            scalars[NUMBER_OF_ENTITIES + 1 + k] = scalar;
-            commitments[NUMBER_OF_ENTITIES + 1 + k] = convertProofPoint(proof.zmCqs[k]);
-        }
-
-        return batchMul2(commitments, scalars);
-    }
-
     // TODO: TODO: TODO: optimize
     // Scalar Mul and acumulate into total
     function batchMul(Honk.G1Point[LOG_N + 1] memory base, Fr[LOG_N + 1] memory scalars)
@@ -450,26 +269,26 @@ contract BlakeHonkVerifier is IVerifier {
         }
     }
 
-    function zkgReduceVerify(
-        Honk.Proof memory proof,
-        Transcript memory tp,
-        Fr evaluation,
-        Honk.G1Point memory commitment
-    ) internal view returns (bool) {
-        Honk.G1Point memory quotient_commitment = convertProofPoint(proof.zmPi);
-        Honk.G1Point memory ONE = Honk.G1Point({x: 1, y: 2});
+    // function kzgReduceVerify(
+    //     Honk.Proof memory proof,
+    //     Transcript memory tp,
+    //     Fr evaluation,
+    //     Honk.G1Point memory commitment
+    // ) internal view returns (bool) {
+    //     Honk.G1Point memory quotient_commitment = convertProofPoint(proof.zmPi);
+    //     Honk.G1Point memory ONE = Honk.G1Point({x: 1, y: 2});
 
-        Honk.G1Point memory P0 = commitment;
-        P0 = ecAdd(P0, ecMul(quotient_commitment, tp.zmX));
+    //     Honk.G1Point memory P0 = commitment;
+    //     P0 = ecAdd(P0, ecMul(quotient_commitment, tp.zmX));
 
-        Honk.G1Point memory evalAsPoint = ecMul(ONE, evaluation);
-        P0 = ecSub(P0, evalAsPoint);
+    //     Honk.G1Point memory evalAsPoint = ecMul(ONE, evaluation);
+    //     P0 = ecSub(P0, evalAsPoint);
 
-        Honk.G1Point memory P1 = negateInplace(quotient_commitment);
+    //     Honk.G1Point memory P1 = negateInplace(quotient_commitment);
 
-        // Perform pairing check
-        return pairing(P0, P1);
-    }
+    //     // Perform pairing check
+    //     return pairing(P0, P1);
+    // }
 
     function pairing(Honk.G1Point memory rhs, Honk.G1Point memory lhs) internal view returns (bool) {
         bytes memory input = abi.encodePacked(
diff --git a/barretenberg/sol/src/honk/instance/EcdsaHonk.sol b/barretenberg/sol/src/honk/instance/EcdsaHonk.sol
index 1dc716151cd4..2a683c27dcc1 100644
--- a/barretenberg/sol/src/honk/instance/EcdsaHonk.sol
+++ b/barretenberg/sol/src/honk/instance/EcdsaHonk.sol
@@ -28,7 +28,6 @@ import {RelationsLib} from "../Relations.sol";
 // Errors
 error PublicInputsLengthWrong();
 error SumcheckFailed();
-error ZeromorphFailed();
 
 /// Smart contract verifier of honk proofs
 contract EcdsaHonkVerifier is IVerifier {
@@ -51,11 +50,7 @@ contract EcdsaHonkVerifier is IVerifier {
         bool sumcheckVerified = verifySumcheck(p, t);
         if (!sumcheckVerified) revert SumcheckFailed();
 
-        // Zeromorph
-        bool zeromorphVerified = verifyZeroMorph(p, vk, t);
-        if (!zeromorphVerified) revert ZeromorphFailed();
-
-        return sumcheckVerified && zeromorphVerified; // Boolean condition not required - nice for vanity :)
+        return sumcheckVerified; // Boolean condition not required - nice for vanity :)
     }
 
     function loadVerificationKey() internal view returns (Honk.VerificationKey memory) {
@@ -191,182 +186,6 @@ contract EcdsaHonkVerifier is IVerifier {
         newEvaluation = currentEvaluation * univariateEval;
     }
 
-    function verifyZeroMorph(Honk.Proof memory proof, Honk.VerificationKey memory vk, Transcript memory tp)
-        internal
-        view
-        returns (bool verified)
-    {
-        // Construct batched evaluation v = sum_{i=0}^{m-1}\rho^i*f_i(u) + sum_{i=0}^{l-1}\rho^{m+i}*h_i(u)
-        Fr batchedEval = Fr.wrap(0);
-        Fr batchedScalar = Fr.wrap(1);
-
-        // We linearly combine all evaluations (unshifted first, then shifted)
-        for (uint256 i = 0; i < NUMBER_OF_ENTITIES; ++i) {
-            batchedEval = batchedEval + proof.sumcheckEvaluations[i] * batchedScalar;
-            batchedScalar = batchedScalar * tp.rho;
-        }
-
-        // Get k commitments
-        Honk.G1Point memory c_zeta = computeCZeta(proof, tp);
-        Honk.G1Point memory c_zeta_x = computeCZetaX(proof, vk, tp, batchedEval);
-        Honk.G1Point memory c_zeta_Z = ecAdd(c_zeta, ecMul(c_zeta_x, tp.zmZ));
-
-        // KZG pairing accumulator
-        // WORKTODO: concerned that this is zero - it is multiplied by a point later on
-        Fr evaluation = Fr.wrap(0);
-        verified = zkgReduceVerify(proof, tp, evaluation, c_zeta_Z);
-    }
-
-    // Compute commitment to lifted degree quotient identity
-    function computeCZeta(Honk.Proof memory proof, Transcript memory tp) internal view returns (Honk.G1Point memory) {
-        Fr[LOG_N + 1] memory scalars;
-        Honk.G1ProofPoint[LOG_N + 1] memory commitments;
-
-        // Initial contribution
-        commitments[0] = proof.zmCq;
-        scalars[0] = Fr.wrap(1);
-
-        // TODO: optimize pow operations here ? batch mulable
-        for (uint256 k = 0; k < LOG_N; ++k) {
-            Fr degree = Fr.wrap((1 << k) - 1);
-            Fr scalar = FrLib.pow(tp.zmY, k);
-            scalar = scalar * FrLib.pow(tp.zmX, (1 << LOG_N) - Fr.unwrap(degree) - 1);
-            scalar = scalar * MINUS_ONE;
-
-            scalars[k + 1] = scalar;
-            commitments[k + 1] = proof.zmCqs[k];
-        }
-
-        // Convert all commitments for batch mul
-        Honk.G1Point[LOG_N + 1] memory comms = convertPoints(commitments);
-
-        return batchMul(comms, scalars);
-    }
-
-    struct CZetaXParams {
-        Fr phi_numerator;
-        Fr phi_n_x;
-        Fr rho_pow;
-        Fr phi_1;
-        Fr phi_2;
-        Fr x_pow_2k;
-        Fr x_pow_2kp1;
-    }
-
-    function computeCZetaX(
-        Honk.Proof memory proof,
-        Honk.VerificationKey memory vk,
-        Transcript memory tp,
-        Fr batchedEval
-    ) internal view returns (Honk.G1Point memory) {
-        Fr[NUMBER_OF_ENTITIES + CONST_PROOF_SIZE_LOG_N + 1] memory scalars;
-        Honk.G1Point[NUMBER_OF_ENTITIES + CONST_PROOF_SIZE_LOG_N + 1] memory commitments;
-        CZetaXParams memory cp;
-
-        // Phi_n(x) = (x^N - 1) / (x - 1)
-        cp.phi_numerator = FrLib.pow(tp.zmX, (1 << LOG_N)) - Fr.wrap(1);
-        cp.phi_n_x = FrLib.div(cp.phi_numerator, tp.zmX - Fr.wrap(1));
-
-        // Add contribution: -v * x * \Phi_n(x) * [1]_1
-        // Add base
-        scalars[0] = MINUS_ONE * batchedEval * tp.zmX * cp.phi_n_x;
-        commitments[0] = Honk.G1Point({x: 1, y: 2}); // One
-
-        // f - Add all unshifted commitments
-        // g - Add add to be shifted commitments
-
-        // f commitments are accumulated at (zm_x * r)
-        cp.rho_pow = Fr.wrap(1);
-        for (uint256 i = 1; i <= NUMBER_UNSHIFTED; ++i) {
-            scalars[i] = tp.zmX * cp.rho_pow;
-            cp.rho_pow = cp.rho_pow * tp.rho;
-        }
-        // g commitments are accumulated at r
-        for (uint256 i = NUMBER_UNSHIFTED + 1; i <= NUMBER_OF_ENTITIES; ++i) {
-            scalars[i] = cp.rho_pow;
-            cp.rho_pow = cp.rho_pow * tp.rho;
-        }
-
-        // TODO: dont accumulate these into the comms array, just accumulate directly
-        commitments[1] = vk.qm;
-        commitments[2] = vk.qc;
-        commitments[3] = vk.ql;
-        commitments[4] = vk.qr;
-        commitments[5] = vk.qo;
-        commitments[6] = vk.q4;
-        commitments[7] = vk.qArith;
-        commitments[8] = vk.qDeltaRange;
-        commitments[9] = vk.qElliptic;
-        commitments[10] = vk.qAux;
-        commitments[11] = vk.qLookup;
-        commitments[12] = vk.qPoseidon2External;
-        commitments[13] = vk.qPoseidon2Internal;
-        commitments[14] = vk.s1;
-        commitments[15] = vk.s2;
-        commitments[16] = vk.s3;
-        commitments[17] = vk.s4;
-        commitments[18] = vk.id1;
-        commitments[19] = vk.id2;
-        commitments[20] = vk.id3;
-        commitments[21] = vk.id4;
-        commitments[22] = vk.t1;
-        commitments[23] = vk.t2;
-        commitments[24] = vk.t3;
-        commitments[25] = vk.t4;
-        commitments[26] = vk.lagrangeFirst;
-        commitments[27] = vk.lagrangeLast;
-
-        // Accumulate proof points
-        commitments[28] = convertProofPoint(proof.w1);
-        commitments[29] = convertProofPoint(proof.w2);
-        commitments[30] = convertProofPoint(proof.w3);
-        commitments[31] = convertProofPoint(proof.w4);
-        commitments[32] = convertProofPoint(proof.zPerm);
-        commitments[33] = convertProofPoint(proof.lookupInverses);
-        commitments[34] = convertProofPoint(proof.lookupReadCounts);
-        commitments[35] = convertProofPoint(proof.lookupReadTags);
-
-        // to be Shifted
-        commitments[36] = vk.t1;
-        commitments[37] = vk.t2;
-        commitments[38] = vk.t3;
-        commitments[39] = vk.t4;
-        commitments[40] = convertProofPoint(proof.w1);
-        commitments[41] = convertProofPoint(proof.w2);
-        commitments[42] = convertProofPoint(proof.w3);
-        commitments[43] = convertProofPoint(proof.w4);
-        commitments[44] = convertProofPoint(proof.zPerm);
-
-        // Add scalar contributions
-        // Add contributions: scalar * [q_k],  k = 0,...,log_N, where
-        // scalar = -x * (x^{2^k} * \Phi_{n-k-1}(x^{2^{k+1}}) - u_k * \Phi_{n-k}(x^{2^k}))
-        cp.x_pow_2k = tp.zmX;
-        cp.x_pow_2kp1 = tp.zmX * tp.zmX;
-        for (uint256 k; k < CONST_PROOF_SIZE_LOG_N; ++k) {
-            bool dummy_round = k >= LOG_N;
-
-            // note: defaults to 0
-            Fr scalar;
-            if (!dummy_round) {
-                cp.phi_1 = FrLib.div(cp.phi_numerator, cp.x_pow_2kp1 - Fr.wrap(1));
-                cp.phi_2 = FrLib.div(cp.phi_numerator, cp.x_pow_2k - Fr.wrap(1));
-
-                scalar = cp.x_pow_2k * cp.phi_1;
-                scalar = scalar - (tp.sumCheckUChallenges[k] * cp.phi_2);
-                scalar = scalar * tp.zmX;
-                scalar = scalar * MINUS_ONE;
-
-                cp.x_pow_2k = cp.x_pow_2kp1;
-                cp.x_pow_2kp1 = cp.x_pow_2kp1 * cp.x_pow_2kp1;
-            }
-
-            scalars[NUMBER_OF_ENTITIES + 1 + k] = scalar;
-            commitments[NUMBER_OF_ENTITIES + 1 + k] = convertProofPoint(proof.zmCqs[k]);
-        }
-
-        return batchMul2(commitments, scalars);
-    }
-
     // TODO: TODO: TODO: optimize
     // Scalar Mul and acumulate into total
     function batchMul(Honk.G1Point[LOG_N + 1] memory base, Fr[LOG_N + 1] memory scalars)
@@ -450,26 +269,26 @@ contract EcdsaHonkVerifier is IVerifier {
         }
     }
 
-    function zkgReduceVerify(
-        Honk.Proof memory proof,
-        Transcript memory tp,
-        Fr evaluation,
-        Honk.G1Point memory commitment
-    ) internal view returns (bool) {
-        Honk.G1Point memory quotient_commitment = convertProofPoint(proof.zmPi);
-        Honk.G1Point memory ONE = Honk.G1Point({x: 1, y: 2});
+    // function kzgReduceVerify(
+    //     Honk.Proof memory proof,
+    //     Transcript memory tp,
+    //     Fr evaluation,
+    //     Honk.G1Point memory commitment
+    // ) internal view returns (bool) {
+    //     Honk.G1Point memory quotient_commitment = convertProofPoint(proof.zmPi);
+    //     Honk.G1Point memory ONE = Honk.G1Point({x: 1, y: 2});
 
-        Honk.G1Point memory P0 = commitment;
-        P0 = ecAdd(P0, ecMul(quotient_commitment, tp.zmX));
+    //     Honk.G1Point memory P0 = commitment;
+    //     P0 = ecAdd(P0, ecMul(quotient_commitment, tp.zmX));
 
-        Honk.G1Point memory evalAsPoint = ecMul(ONE, evaluation);
-        P0 = ecSub(P0, evalAsPoint);
+    //     Honk.G1Point memory evalAsPoint = ecMul(ONE, evaluation);
+    //     P0 = ecSub(P0, evalAsPoint);
 
-        Honk.G1Point memory P1 = negateInplace(quotient_commitment);
+    //     Honk.G1Point memory P1 = negateInplace(quotient_commitment);
 
-        // Perform pairing check
-        return pairing(P0, P1);
-    }
+    //     // Perform pairing check
+    //     return pairing(P0, P1);
+    // }
 
     function pairing(Honk.G1Point memory rhs, Honk.G1Point memory lhs) internal view returns (bool) {
         bytes memory input = abi.encodePacked(
diff --git a/barretenberg/sol/src/honk/keys/EcdsaHonkVerificationKey.sol b/barretenberg/sol/src/honk/keys/EcdsaHonkVerificationKey.sol
index b2d9abdf2a20..26207d04184b 100644
--- a/barretenberg/sol/src/honk/keys/EcdsaHonkVerificationKey.sol
+++ b/barretenberg/sol/src/honk/keys/EcdsaHonkVerificationKey.sol
@@ -15,72 +15,72 @@ library EcdsaHonkVerificationKey {
             logCircuitSize: uint256(16),
             publicInputsSize: uint256(6),
             ql: Honk.G1Point({
-                x: uint256(0x0b1acdcf739e1e6c27df046577122a292a77f4fcdf8056d8b8ae12f105d3a888),
-                y: uint256(0x145dad3bdd9a262411aaa657129df49dbf44a63f510e9ab8191622c643ebd9bd)
+                x: uint256(0x051ccdb8069f35f4ef85ad098e95681736a7bed10a7bee1b76a506235dc0b579),
+                y: uint256(0x05e168c2e4f90231545f5b24c1a84c1419b8798e4235cc2036c9e101e462b71d)
             }),
             qr: Honk.G1Point({
-                x: uint256(0x1940872f30b32522e26efd0fd4a642289bce2c56083e7a03af564c30969066d8),
-                y: uint256(0x181fd173051ca19e37f09c42298c36d2e9834df50535d85d429f562352c0d924)
+                x: uint256(0x2c99eed1f855cd5152942cc090aabf15308eb00ac549e965eb3e1950479cce58),
+                y: uint256(0x170bf8541390153bf5807bc022c9369f99d8bc1fd87922a0627b144fec0414e2)
             }),
             qo: Honk.G1Point({
-                x: uint256(0x2a1afa631e8b6ab8fb1444fb0154686a5a34c7a4ddae66bdc344e782a81382b3),
-                y: uint256(0x0cfa0936a5e63e723a5c318c7461ddc22824ad0ee62fa00e2e8b92f9b3f1cdf6)
+                x: uint256(0x1594abb7debcf41e3296178eeec941dbb6242ba13f50f4549734657ee5ebb8b1),
+                y: uint256(0x262e1469c56c719bdc4eaab93cc95868eed9fea1fa9ded03b46f2c061a341d4f)
             }),
             q4: Honk.G1Point({
-                x: uint256(0x1a01666b2e915221eb0c1ae6bf91394d18c73e6882dd1241d244f932678982ec),
-                y: uint256(0x212b0436d2da1b4a6507142b794024ded58e3d41fdde2f95249405ffdd02b324)
+                x: uint256(0x16b49bbcd37e15ed89b2f6f5b97d021abe440ba7cbc69904484991fa7e6058a9),
+                y: uint256(0x197b14cb5d037642b27ed7cd79b9568e5853ad1e3508453c0ed1f30c1962fd52)
             }),
             qm: Honk.G1Point({
-                x: uint256(0x0dd29943b961b1c615ab22df0e5b567489a7c9a9ad3ac92ae281d68ca603326c),
-                y: uint256(0x2a552165dc59dc5c5398e6b8c2227dc3f36ccdcc1250e7c9a8c1631c963aff2f)
+                x: uint256(0x175280d74e116a82ad6ccc34f640a5b3dda74b17372c9a0941d57749e37068a6),
+                y: uint256(0x0827b11a78b8a625ba940983effbcf7354aa0388bd472481c0a8a088653b9769)
             }),
             qc: Honk.G1Point({
-                x: uint256(0x203785f30cf75ed2e8559faa797897174bca19ebcb44266c6bc87aee8dc86964),
-                y: uint256(0x11ae3fbccf0c302ab29a8123b2ef631a659a3750d27df3eb7c492ae978ac3f07)
+                x: uint256(0x2a262a7189292da31f3f4a7926c4d9fcae883188aafe9cf3ba2a623f0004a67a),
+                y: uint256(0x0d90b8808180521422b90889592111434dd5bbc0e5deb27419c1f5e6d0bf9883)
             }),
             qArith: Honk.G1Point({
-                x: uint256(0x059453a86c23185b89783698e7da32ce59270611c312c82a16c42e83d66f3a11),
-                y: uint256(0x23403bda1774d1e372f94dd86571d393290df9d27cc1f032a1a2ba3a02becb28)
+                x: uint256(0x2026f95bb8f7b6ed57287e4833e2789cce8ec9a95b829e6a2abbf5d13d681d22),
+                y: uint256(0x19cea5af7d9b39a4ad86a0ab52f8a358f7f35236561a50cdf6f2860f0b3426a8)
             }),
             qDeltaRange: Honk.G1Point({
-                x: uint256(0x189ec3e8c791a2933a4f188b2183c4bfeb9a2a8e51bb10a7571c243603dd3fce),
-                y: uint256(0x00d30f1839bdf225d00e20bcf76adcf2bfc6ea98a4ca12b4f36c68f4a865fa59)
+                x: uint256(0x02d0f736b422d74d9aa2ef26deedb67fdd2e798aae001c4292dabd2c5df31249),
+                y: uint256(0x0ae6265d6dcc9da8d3b23f088c6fb062c9be10bfa79e9d0463d4a7785ea4a5f9)
             }),
             qElliptic: Honk.G1Point({
-                x: uint256(0x16b1166d95a8e2496eb12363dbfb9ca5aa5bc0975fc4994dc2c61cc0609d8eba),
-                y: uint256(0x1aded54ecb6c2ec4fdeaef0f9e3b2dae5da1e1958d76b953b9e29efb1e8962b4)
+                x: uint256(0x0ffa449a9d6e6c6f3e302eb3f16ce9d3d3711b9102ecf0e303ff91f3f9eb25f5),
+                y: uint256(0x095ef997439bccdd1234b2431a520823bcfe3e77f50190e66e70e2c51e906193)
             }),
             qAux: Honk.G1Point({
-                x: uint256(0x1011b815b4505f86944621990bd81bd442780186904784572d50087942aa8607),
-                y: uint256(0x24e575bf4641129d492759c66a4a5c1d3da80b647d4e67adfea20ab72eb69854)
+                x: uint256(0x09023d45c436e756762d8b3527cfcb3f694cdbafd192ccae59210740bdf03ad3),
+                y: uint256(0x020c9b591603814f1815038e25d1bb3fb85261bf699abfc8921f48954f0bc2b0)
             }),
             qLookup: Honk.G1Point({
-                x: uint256(0x13a5f6d8f4de0f66dc7ea0d75efa7ae6632e6448c13bbbe5358412f7a36518d6),
-                y: uint256(0x142fd8f3223785fbd36b380c6065215d16b821b3df4d86d5464f1bfff2a29544)
+                x: uint256(0x08c0d34ca72136661975f3b1ad658bfda38661b9ff320b60e2974496e03fd62e),
+                y: uint256(0x236caf48f4c3a7ca207f5c0ec75f304657e49780015cf40ff9be37f8ba3c6624)
             }),
             qPoseidon2External: Honk.G1Point({
-                x: uint256(0x02c909437bb59751312ce2208a2b367d3c9eaa8721d7671306c41ebd9843b3ba),
-                y: uint256(0x1db8a23e0231ac4b008ccdb6f21aa37c59349a77b51d894217596f0ef543120c)
+                x: uint256(0x09d58ddd055d3d65b4f36a347c18c11956b7d43c4f15434ded62bdf1224ff37d),
+                y: uint256(0x3002f0782d68214149ae47ee94771a6509709499ca06a8421eeeae97ea37e2a9)
             }),
             qPoseidon2Internal: Honk.G1Point({
-                x: uint256(0x19d898bac51355e0822e2aa6e6630494e47ea2476a0c4c15b6f03ce441f6c6d0),
-                y: uint256(0x2add808f3d5b3c608ce5937fcd3c9c968ba56dbe5855e2f6d3e4bdd9d118d19b)
+                x: uint256(0x1d11dbf6b2ced628ad64ea9d8afef60b6ea2e246160b6525915eb0ab7bdc94aa),
+                y: uint256(0x1ecef8438441a2565ee641757bdc6739da7389d913453eee0aaac561fb08495c)
             }),
             s1: Honk.G1Point({
-                x: uint256(0x0dd1eea7735fc4052df5a19e4859c59e50e3ab9cb3cc2accbd42ef8a1104449b),
-                y: uint256(0x1541af79ad21fe21642a50d97899451c868b6d5d608431e5de6b0a730abe130d)
+                x: uint256(0x105eb99bfd557812572f2a5ec5b6eff27375b4ed5ce4e7a9649fe3038cfacbac),
+                y: uint256(0x1efd910252f319f9c0dc21c7688b92d80fd0a8636f152e0d9c8e0afb5c9a6d2e)
             }),
             s2: Honk.G1Point({
-                x: uint256(0x21d9072c3474c1cfe1c2d96c098c4d9af4bb5d222944aa6470063f4a8b9b9770),
-                y: uint256(0x137ad8c018449f48311b5394ac91a6b2f5c5e40c676216a299a3d501d69b1f7d)
+                x: uint256(0x2bbbf5e8a2f7feb08ee64585bf3da54db0da09b211f726adda93020a2ae23e56),
+                y: uint256(0x2a9e8e1c3850c66da60224163dc4846ea6f37ed48f9d6dfd40b450fa61081484)
             }),
             s3: Honk.G1Point({
-                x: uint256(0x2c2fe61ccbf18af13d41950ef58f3a2a64d355657a4dfba8e9917e618ea8add4),
-                y: uint256(0x2e7edf4dae50db17925e431d3198a39cb4bdc6f4e6e7d8d6163c972f4750a606)
+                x: uint256(0x0d264ba46f4a7bafd0ba9d9f9f4827109e1da2cfdb11835b9fc65aaafe9f9f20),
+                y: uint256(0x0f9ff6e122bcacd091ffd98d8caf249ab216e9c784e667475e2184ed34892272)
             }),
             s4: Honk.G1Point({
-                x: uint256(0x1825a30f42c7508e2ee2158d374dc626cf4149b745ba55d533181f418ac605aa),
-                y: uint256(0x15d9b33a9612c0c8a55a75a827c0230656054765c7b37ba77a798b71a4766d1b)
+                x: uint256(0x2556809f13dc85764a5e4ea8fda1bbba54f36dad477124915fc8c198db16f496),
+                y: uint256(0x27461805fb3a7ee919331973984491c36cc83eee61d3664d5319922902327750)
             }),
             t1: Honk.G1Point({
                 x: uint256(0x1ddc9ef86584375e5998d9f6fc16a4e646dc315ab86b477abc2f18a723dc24f6),
@@ -99,20 +99,20 @@ library EcdsaHonkVerificationKey {
                 y: uint256(0x076bf1e1f682badebfca083e25d808e8dae96372631c0721a7ee238c333a862a)
             }),
             id1: Honk.G1Point({
-                x: uint256(0x003bfa695fb125e2e815ae3565a2b7667fe2240edfd46c312fa6b6ed88226d3f),
-                y: uint256(0x080c85e17835fce14e045eeb531ef2c287ad933a2ca7f35d3c7df03d0367fb9c)
+                x: uint256(0x0b034b231d25a2e152b830397a59c97e02175212a6c5ce00129625cfb2e5c53d),
+                y: uint256(0x22e1842515d4569ca06477f4b2685d0a767bfa1eecca343c889840af8c086db9)
             }),
             id2: Honk.G1Point({
-                x: uint256(0x17662e6b69e1a67d8682a5c00b4d3c57c8f3ce7d82df027ba71c5031a946e070),
-                y: uint256(0x14bd830834279aa5f4ff64181af68bef9121c6322d37d25b5490f60a83b755f9)
+                x: uint256(0x0e82a73cd55280503e70d5bdd855071d202ff65f31a65996955a7661775ff290),
+                y: uint256(0x1325a665dfee8e1247f3129ca943e12736f800afc1a9dcfa0476050b8e3c87f8)
             }),
             id3: Honk.G1Point({
-                x: uint256(0x05bc83edcd40f963c7f6983f1c6a993ce32ca97a6e45c076dc4e38195ba8560a),
-                y: uint256(0x01239f42bab3bc0d1cc4194ca17fa76036ce2e4887a3dc499fe71da67d7af9a3)
+                x: uint256(0x2ad12a1238e051fba16108022b5e58bba1fc7966fe759016a93fae5397e8c403),
+                y: uint256(0x257cfc281b0135bb8dfb0df6a7b69ca39835af544007eb61ace84ce7014c1fea)
             }),
             id4: Honk.G1Point({
-                x: uint256(0x1bcbd59c8e9e24132d3d3dfb1eaf21fa4ed74e922bb4d44f3c8d22ebb50105da),
-                y: uint256(0x147b021c1046d59dcc6b8be404ef2670f7e6f33a03dbaeef966c9bf3882324f4)
+                x: uint256(0x058bf4de2f71f4d2e11235d140d05db461fb50d8aef64c8c52e2c0f57438dcce),
+                y: uint256(0x1e90ce7ec8cca2e65d7deafb655e6c7b0c4b964cd2cb1e5b4ef5ad78ab2f4b46)
             }),
             lagrangeFirst: Honk.G1Point({
                 x: uint256(0x0000000000000000000000000000000000000000000000000000000000000001),
diff --git a/barretenberg/sol/src/ultra/keys/Add2UltraVerificationKey.sol b/barretenberg/sol/src/ultra/keys/Add2UltraVerificationKey.sol
index 341b831b05aa..0a11f506bafe 100644
--- a/barretenberg/sol/src/ultra/keys/Add2UltraVerificationKey.sol
+++ b/barretenberg/sol/src/ultra/keys/Add2UltraVerificationKey.sol
@@ -1,11 +1,11 @@
-// Verification Key Hash: 4199008b0f295433fcc5b10612c7b9a9d87fbd4a221275c2119e7c2060905534
+// Verification Key Hash: afad6e5fafa40ac9cfa948f4d6c5878d1cc1995c6f967de91bfdec1b6bbfc3dc
 // SPDX-License-Identifier: Apache-2.0
 // Copyright 2022 Aztec
 pragma solidity >=0.8.4;
 
 library Add2UltraVerificationKey {
     function verificationKeyHash() internal pure returns (bytes32) {
-        return 0x4199008b0f295433fcc5b10612c7b9a9d87fbd4a221275c2119e7c2060905534;
+        return 0xafad6e5fafa40ac9cfa948f4d6c5878d1cc1995c6f967de91bfdec1b6bbfc3dc;
     }
 
     function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure {
diff --git a/barretenberg/sol/src/ultra/keys/BlakeUltraVerificationKey.sol b/barretenberg/sol/src/ultra/keys/BlakeUltraVerificationKey.sol
index 27de321eb3db..c3080a08f111 100644
--- a/barretenberg/sol/src/ultra/keys/BlakeUltraVerificationKey.sol
+++ b/barretenberg/sol/src/ultra/keys/BlakeUltraVerificationKey.sol
@@ -1,11 +1,11 @@
-// Verification Key Hash: f1610f1094b31fc37136369383140118871a3bf69a190023d73dce30a3e5ba2e
+// Verification Key Hash: a1ded9e96cad714ee5d8bc8529dff9f757c08d323f5690d39fed19721ffbf8e9
 // SPDX-License-Identifier: Apache-2.0
 // Copyright 2022 Aztec
 pragma solidity >=0.8.4;
 
 library BlakeUltraVerificationKey {
     function verificationKeyHash() internal pure returns (bytes32) {
-        return 0xf1610f1094b31fc37136369383140118871a3bf69a190023d73dce30a3e5ba2e;
+        return 0xa1ded9e96cad714ee5d8bc8529dff9f757c08d323f5690d39fed19721ffbf8e9;
     }
 
     function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure {
diff --git a/barretenberg/sol/src/ultra/keys/EcdsaUltraVerificationKey.sol b/barretenberg/sol/src/ultra/keys/EcdsaUltraVerificationKey.sol
index 63a0b71a890d..2f27b1b5db26 100644
--- a/barretenberg/sol/src/ultra/keys/EcdsaUltraVerificationKey.sol
+++ b/barretenberg/sol/src/ultra/keys/EcdsaUltraVerificationKey.sol
@@ -1,11 +1,11 @@
-// Verification Key Hash: c1102f0000ae4bf7f5b38f96c80e03284a3ec4bada1f0682ddde94c8ba688c58
+// Verification Key Hash: e679d03fd08858df1a3f6d4e4afc735c5f3b9493b797d703bd28c60ab26f8652
 // SPDX-License-Identifier: Apache-2.0
 // Copyright 2022 Aztec
 pragma solidity >=0.8.4;
 
 library EcdsaUltraVerificationKey {
     function verificationKeyHash() internal pure returns (bytes32) {
-        return 0xc1102f0000ae4bf7f5b38f96c80e03284a3ec4bada1f0682ddde94c8ba688c58;
+        return 0xe679d03fd08858df1a3f6d4e4afc735c5f3b9493b797d703bd28c60ab26f8652;
     }
 
     function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure {
@@ -14,34 +14,34 @@ library EcdsaUltraVerificationKey {
             mstore(add(_vk, 0x20), 0x0000000000000000000000000000000000000000000000000000000000000006) // vk.num_inputs
             mstore(add(_vk, 0x40), 0x00eeb2cb5981ed45649abebde081dcff16c8601de4347e7dd1628ba2daac43b7) // vk.work_root
             mstore(add(_vk, 0x60), 0x30641e0e92bebef818268d663bcad6dbcfd6c0149170f6d7d350b1b1fa6c1001) // vk.domain_inverse
-            mstore(add(_vk, 0x80), 0x149e839df8f43c6975d85aa1007d219354b3389f7c93c96935e531fe03d01f88) // vk.Q1.x
-            mstore(add(_vk, 0xa0), 0x15af1728559ee0f81053b668fa9978c5fc81ee84d017bc955ccfa37c19bd42a0) // vk.Q1.y
-            mstore(add(_vk, 0xc0), 0x29ba522730da8fa2a791946868afba96af78b025ba860d8e1d02e0325e677101) // vk.Q2.x
-            mstore(add(_vk, 0xe0), 0x1434909cf7d729b2f4227d83569641d90c4a72d393390825de20cea7ddad8044) // vk.Q2.y
-            mstore(add(_vk, 0x100), 0x03b90587c8746a60d96bc184e03c8469d813956caba6137040b350360357fe4f) // vk.Q3.x
-            mstore(add(_vk, 0x120), 0x211f025196191d107ae492f80f0effeb1e9242069f333d405698365df4838d43) // vk.Q3.y
-            mstore(add(_vk, 0x140), 0x0eae4a0952b07a5dbaf7750d79dae8fda3cfa4b5e7882413b6ada72c4297561e) // vk.Q4.x
-            mstore(add(_vk, 0x160), 0x0fa2558fd5e0afe53d359b1ec584eb6c0fabad27e4909227d9a4457d588b2830) // vk.Q4.y
-            mstore(add(_vk, 0x180), 0x01e7626aeb0ca204c26be5b01b3171994011b03f8966bb201303fc196c6c1a7e) // vk.Q_M.x
-            mstore(add(_vk, 0x1a0), 0x07972ee3ae6e0a0cf4978b64cd08783f42c7ce9905f1fd35da4ff6fa0e1a18e2) // vk.Q_M.y
-            mstore(add(_vk, 0x1c0), 0x03bd15837131c97d246c0aa57786e302b6d8227826104f70f56cba936a7b408e) // vk.Q_C.x
-            mstore(add(_vk, 0x1e0), 0x1a2e3be55cd01c1a4f4ef33fa96986e37c56abc06876e7f7d76229fb9f122c4c) // vk.Q_C.y
-            mstore(add(_vk, 0x200), 0x26d1d1578bb09f2f047035f103c3b32180c89b338e7d04ace8872b1154be6fb5) // vk.Q_ARITHMETIC.x
-            mstore(add(_vk, 0x220), 0x10c4691982c731ec4e2bb8216e8af8405fbe96fe8fe305ef2c3e03444fe68f85) // vk.Q_ARITHMETIC.y
-            mstore(add(_vk, 0x240), 0x1feb6cf63471a70e29caeee13eb393760c0f7d9e556327beb09a22b6b35e89f7) // vk.QSORT.x
-            mstore(add(_vk, 0x260), 0x1a834941cde87aa7a82450b4f093f149df9937db2edbdab47fa7216fbcb33580) // vk.QSORT.y
+            mstore(add(_vk, 0x80), 0x1cc85a07fb1009e23540957b29121dc57aaae5b1e89a22a932a1bdf7ccac1af2) // vk.Q1.x
+            mstore(add(_vk, 0xa0), 0x19a1a4fa6d8781abbcb696097c1817f54da296348a292954e2aa9856f2fa3b6a) // vk.Q1.y
+            mstore(add(_vk, 0xc0), 0x0409f05fe2901e7e339b3aaf0d7af7b5d4023e416da923321b15aae633b18fee) // vk.Q2.x
+            mstore(add(_vk, 0xe0), 0x0ae6cc44e9024c190ab310d7ad110226c5c76f15d158b60fc9acd98f2e1f1aa3) // vk.Q2.y
+            mstore(add(_vk, 0x100), 0x20e3b4e35df25ba02ac2a9be26bc6fe74640355e57455598e69922b8d3fd0939) // vk.Q3.x
+            mstore(add(_vk, 0x120), 0x1f49d18bdb86a449e676558c6d6349f123372641187e33e12128ee7468431942) // vk.Q3.y
+            mstore(add(_vk, 0x140), 0x00e95627d4db555ccf3b1ee6def34fab1a815f0482cb6a745a363940d3163831) // vk.Q4.x
+            mstore(add(_vk, 0x160), 0x19fe011a8a139da323b5ce5abebe54bf4c105acd6045d7b2b5df40a34411f44b) // vk.Q4.y
+            mstore(add(_vk, 0x180), 0x04b41648960da31317eff66b5ca9be0a6c81ebeead27e70b3c5b28d4aba11081) // vk.Q_M.x
+            mstore(add(_vk, 0x1a0), 0x1bff2df21a3fd9c49c29b7f7c153dd0bc331d75afc6a35fb7155c17bb0f67a63) // vk.Q_M.y
+            mstore(add(_vk, 0x1c0), 0x15faa2ea86a6a66cd9b969d6305f863595a73b9215c1ae442969f4993a8e5230) // vk.Q_C.x
+            mstore(add(_vk, 0x1e0), 0x26391cc92544b485d90313d3396b53d9207db8f84ead11bcf45467fa7eb38b94) // vk.Q_C.y
+            mstore(add(_vk, 0x200), 0x01a0d650b65d29965e4ae2a8cfb69470d7560f0826268da59c6e72e684a06c9b) // vk.Q_ARITHMETIC.x
+            mstore(add(_vk, 0x220), 0x2248d4a02e68036c8d0a4a6725ba0e5e8e95950a5285a3a7daa1a1726cc8ec6b) // vk.Q_ARITHMETIC.y
+            mstore(add(_vk, 0x240), 0x01afcbad715a0c382971311ad6fe4ff8b6e99200162aeb6245b585c99c8748a9) // vk.QSORT.x
+            mstore(add(_vk, 0x260), 0x18bf352081d1ba2ffe8088d34ce6471e4cf6d2ee63f006ea9a5e31cc41b6587c) // vk.QSORT.y
             mstore(add(_vk, 0x280), 0x21245d6c0a4d2ff12b21a825f39f30e8f8cf9b259448d111183e975828539576) // vk.Q_ELLIPTIC.x
             mstore(add(_vk, 0x2a0), 0x16a409532c8a1693536e93b6ce9920bfc2e6796e8dfe404675a0cdf6ee77ee7a) // vk.Q_ELLIPTIC.y
-            mstore(add(_vk, 0x2c0), 0x24005a1e8120ffcb3e5fc06ff50794b9d4b0bd70eabb1f8dfb342bec8a64dd61) // vk.Q_AUX.x
-            mstore(add(_vk, 0x2e0), 0x2c18b52f602a5a9b4461872eff0712f56d128bb9364471f838d7b07f008660e3) // vk.Q_AUX.y
-            mstore(add(_vk, 0x300), 0x02497b2d5e01266cea1f1bf4d9ad66e54045b3e388066db97b9623668728f65d) // vk.SIGMA1.x
-            mstore(add(_vk, 0x320), 0x0156cae236ca46f64832b4b826804da6c7221ab5ca4cdadd53a1b787992307fe) // vk.SIGMA1.y
-            mstore(add(_vk, 0x340), 0x2673cb9276dcc16be61e4c2ec24f6a881e771a273198ab0b392c26085a5f03b4) // vk.SIGMA2.x
-            mstore(add(_vk, 0x360), 0x1384aef6995f8e632b76cce98d900e2535d92719be668a8f0e20c893c87f391a) // vk.SIGMA2.y
-            mstore(add(_vk, 0x380), 0x11d48b7fc901d1e72489d937970ee3baea2662d268f9b1c08d71820a21ac6a39) // vk.SIGMA3.x
-            mstore(add(_vk, 0x3a0), 0x126e543f1951015c8a56ff6d571e67da3cc52d2671f3ce8d258378edcfe8a8f5) // vk.SIGMA3.y
-            mstore(add(_vk, 0x3c0), 0x0b41b102b59ecae092c04a4f09755db1dc4286c3072034ca23b7f885bcfec814) // vk.SIGMA4.x
-            mstore(add(_vk, 0x3e0), 0x13bf888757f9fad73f21ab3a0ef53a286329dbf0aaaa935d1689d8554db05813) // vk.SIGMA4.y
+            mstore(add(_vk, 0x2c0), 0x2d455f287e41544fd3744bab412640fd6916b01aa2163c84071eb47f0306a473) // vk.Q_AUX.x
+            mstore(add(_vk, 0x2e0), 0x09dea8e2b5e382a1c4a37bc4e60f5e8380688310b855c249d64153478d25e223) // vk.Q_AUX.y
+            mstore(add(_vk, 0x300), 0x09671927e293b22a3fb9fa8ea1680fcc4570bb2f312cb88004ff7fd4474e2109) // vk.SIGMA1.x
+            mstore(add(_vk, 0x320), 0x1c6442d9a49b3b93a928ef6ba2f348bc4c8cb778a59345faf7d173129f22b5a3) // vk.SIGMA1.y
+            mstore(add(_vk, 0x340), 0x0337d84b45a5abc701edbdc1a1d878178c23496b39ccddcc3f0f6199e3f97df6) // vk.SIGMA2.x
+            mstore(add(_vk, 0x360), 0x1c744f7be93d40c96d15fdf9d81c9502b7018573ad23e51dea7b065fdeb6f13a) // vk.SIGMA2.y
+            mstore(add(_vk, 0x380), 0x23a975cfb71f0c0d46ef9c0b01e6482e780b5e3af1a63547f7d01c46c1911699) // vk.SIGMA3.x
+            mstore(add(_vk, 0x3a0), 0x0d5a0be212cb2c7d3bba8c2406a9d2c4b04d4e64b0acef2681eb7c6aa490a7cb) // vk.SIGMA3.y
+            mstore(add(_vk, 0x3c0), 0x1ca2d0cca80bb16eab28d06c5c175e862a8ef14bceb6da79e65236a8a6a36838) // vk.SIGMA4.x
+            mstore(add(_vk, 0x3e0), 0x0555fe3dbd2ba2d7db2b5f740bf32fb57f4c5ac9d9f2e59e9a5a2cc2d84dae05) // vk.SIGMA4.y
             mstore(add(_vk, 0x400), 0x18f7cf965339d9c9d190296fa92f915767b0a8da455975f3e03fa98439fd7110) // vk.TABLE1.x
             mstore(add(_vk, 0x420), 0x0eecc02f9d44125407adbf00d56b086afd1adc5de536450afe05de382761b32f) // vk.TABLE1.y
             mstore(add(_vk, 0x440), 0x0bdfe662ea9f40f125ca5f7e99a8c6ba09b87ba8313864316745df862946c5c4) // vk.TABLE2.x
@@ -50,16 +50,16 @@ library EcdsaUltraVerificationKey {
             mstore(add(_vk, 0x4a0), 0x1fda66dfb58273345f2471dff55c51b6856241460272e64b4cc67cde65231e89) // vk.TABLE3.y
             mstore(add(_vk, 0x4c0), 0x024ccc0fcff3b515cdc97dde2fae5c516bf3c97207891801707142af02538a83) // vk.TABLE4.x
             mstore(add(_vk, 0x4e0), 0x27827250d02b7b67d084bfc52b26c722f33f75ae5098c109573bfe92b782e559) // vk.TABLE4.y
-            mstore(add(_vk, 0x500), 0x302e6c8067a7ca14e1d75776754c1a3ad99d21056ae8e607ea66029cbe534906) // vk.TABLE_TYPE.x
-            mstore(add(_vk, 0x520), 0x07f2eb44fd686bf54e604a6b40c9151b7123db580a23c064ef703af4013dbc2f) // vk.TABLE_TYPE.y
-            mstore(add(_vk, 0x540), 0x00992a2f510c6371b9231c1d68d0e0fdbe10c5f4344de9441cc7c845afb37a1d) // vk.ID1.x
-            mstore(add(_vk, 0x560), 0x13eb38f67d8c03245e6f0655f5d40c145b2c06dd1657d8da26dc75af0cefa0f7) // vk.ID1.y
-            mstore(add(_vk, 0x580), 0x2ce905fbf9f932ae4f9b7b0feda15271b80921e9bf4e58c302ae99f1207fa4e7) // vk.ID2.x
-            mstore(add(_vk, 0x5a0), 0x2c2a6dc03599757fc625b0e55984d3fb28a954d40eb54f988b52c55936076988) // vk.ID2.y
-            mstore(add(_vk, 0x5c0), 0x0f547249b9aa5b9a951757893c059f8ed590366da4dd3ccd36aeac3069c7471f) // vk.ID3.x
-            mstore(add(_vk, 0x5e0), 0x2be2746434bfe0ccb2390357b17f8ec70ff12fc3aad4500b8d1723ec6709a170) // vk.ID3.y
-            mstore(add(_vk, 0x600), 0x19d1ed6b528ae5095d83167c3ba3578b36c7cd9249e47d10ceff352890d0938f) // vk.ID4.x
-            mstore(add(_vk, 0x620), 0x1dcd2caa39e180a497ff98414548e5de682d19fc598b3cd44242f1bb53a0e078) // vk.ID4.y
+            mstore(add(_vk, 0x500), 0x22b1d6b9827d6d03049f76dc9dc219ae6de93abe52d4d7de8677d961d3408c77) // vk.TABLE_TYPE.x
+            mstore(add(_vk, 0x520), 0x10ebc6be9f74e0367276028c613ab3efe0f2ed546c05339b36d5165d009c833a) // vk.TABLE_TYPE.y
+            mstore(add(_vk, 0x540), 0x2aa2e5247ce6524fecba0a2de9f383353096665f3ae8082fe7017fbf6d6572d8) // vk.ID1.x
+            mstore(add(_vk, 0x560), 0x1db802f61a6194bea68f7d5ec697facf26f1c1336b09e382801e8b773f0e116f) // vk.ID1.y
+            mstore(add(_vk, 0x580), 0x1aa955e508f3c2fbf55a36719eb666a45239935c4af10b8a1f4580d5cd614236) // vk.ID2.x
+            mstore(add(_vk, 0x5a0), 0x2bc21aa51420951a10a39d5c5242101d2207c47a0077852acb7d3fd6a16e1c58) // vk.ID2.y
+            mstore(add(_vk, 0x5c0), 0x245c89c4cf7c7e297b4db8e2625f5abd56398c351256a39aece0a36a940aaf62) // vk.ID3.x
+            mstore(add(_vk, 0x5e0), 0x01bd6e61d801d895c7edfee071518761f3c8c0e10bec5f0fb0b25ae430a2c91e) // vk.ID3.y
+            mstore(add(_vk, 0x600), 0x30223d4653291c03019e96bd716769c7c6d6520fddf2e633a75f94b08bee86dd) // vk.ID4.x
+            mstore(add(_vk, 0x620), 0x2e389428afa291855039f1b4af22e70d469f4e20116b85889737d624a2d27fef) // vk.ID4.y
             mstore(add(_vk, 0x640), 0x00) // vk.contains_recursive_proof
             mstore(add(_vk, 0x660), 0) // vk.recursive_proof_public_input_indices
             mstore(add(_vk, 0x680), 0x260e01b251f6f1c7e7ff4e580791dee8ea51d87a358e038b4efe30fac09383c1) // vk.g2_x.X.c1
diff --git a/barretenberg/sol/src/ultra/keys/RecursiveUltraVerificationKey.sol b/barretenberg/sol/src/ultra/keys/RecursiveUltraVerificationKey.sol
index 1cabff016cbc..641305da4bcd 100644
--- a/barretenberg/sol/src/ultra/keys/RecursiveUltraVerificationKey.sol
+++ b/barretenberg/sol/src/ultra/keys/RecursiveUltraVerificationKey.sol
@@ -1,72 +1,72 @@
-// Verification Key Hash: 9e6cf5dacef11085d9ea83e98b85ebdc37749931c90443898dcd8d18f639dad8
+// Verification Key Hash: a52397545a883471ee94e8a27e184be64d21640d76712b1e6fba67f3546503c9
 // SPDX-License-Identifier: Apache-2.0
 // Copyright 2022 Aztec
 pragma solidity >=0.8.4;
 
 library RecursiveUltraVerificationKey {
     function verificationKeyHash() internal pure returns (bytes32) {
-        return 0x9e6cf5dacef11085d9ea83e98b85ebdc37749931c90443898dcd8d18f639dad8;
+        return 0xa52397545a883471ee94e8a27e184be64d21640d76712b1e6fba67f3546503c9;
     }
 
     function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure {
         assembly {
-            mstore(add(_vk, 0x00), 0x0000000000000000000000000000000000000000000000000000000000040000) // vk.circuit_size
+            mstore(add(_vk, 0x00), 0x0000000000000000000000000000000000000000000000000000000000080000) // vk.circuit_size
             mstore(add(_vk, 0x20), 0x0000000000000000000000000000000000000000000000000000000000000010) // vk.num_inputs
-            mstore(add(_vk, 0x40), 0x19ddbcaf3a8d46c15c0176fbb5b95e4dc57088ff13f4d1bd84c6bfa57dcdc0e0) // vk.work_root
-            mstore(add(_vk, 0x60), 0x30644259cd94e7dd5045d7a27013b7fcd21c9e3b7fa75222e7bda49b729b0401) // vk.domain_inverse
-            mstore(add(_vk, 0x80), 0x02c6f00fd259ba9440c68d211969bbd81509b234882d65fc79ee90fdcb6ccfda) // vk.Q1.x
-            mstore(add(_vk, 0xa0), 0x07f4fc84032451c171ea7150385b54a383fb083cc0c93895e2ef931e8e448345) // vk.Q1.y
-            mstore(add(_vk, 0xc0), 0x02b407e4c824960a965b5193ad8c6ccf4baaa4c99da5d11b13a2d6af52973ef7) // vk.Q2.x
-            mstore(add(_vk, 0xe0), 0x021fe5c3dd23b42f696dcd08659b8aa403c8e927f8c6e7b1446f4e9205c0a1c2) // vk.Q2.y
-            mstore(add(_vk, 0x100), 0x14f63403b60fb3ccf8325ec20e463e1daa492faf4d0151a8e7366f07c68f1d83) // vk.Q3.x
-            mstore(add(_vk, 0x120), 0x207cbbaffb34a0fe5eba27fd30f67e5389b1de65b703ccb78726831208ab600d) // vk.Q3.y
-            mstore(add(_vk, 0x140), 0x00ef12b054f19d72f2a6d0e628c6387026afd8a8924eb144ccc9948d4f6c5549) // vk.Q4.x
-            mstore(add(_vk, 0x160), 0x0a1cbb57818ceec1d15878315046a7db1238d292307cabafbb97f569df6dcefa) // vk.Q4.y
-            mstore(add(_vk, 0x180), 0x0d098b0bcd6db60c47f8e7e9eb1c072972deb39b294907cbc353352ebc2bea85) // vk.Q_M.x
-            mstore(add(_vk, 0x1a0), 0x0ff57407d8b18914e30d8583a77f67732f8b2762429a712c55b0c00fb83fe1c2) // vk.Q_M.y
-            mstore(add(_vk, 0x1c0), 0x2b01c45f214633bfaea1589083ab9a3a0915a6da362baa3151b1a0e80fb79160) // vk.Q_C.x
-            mstore(add(_vk, 0x1e0), 0x0392d6380d2912befda8d98bcddd6050683a814bb84eb7f57e28176033783f11) // vk.Q_C.y
-            mstore(add(_vk, 0x200), 0x24a6e759b9d12a53f809367cb3cbd00d96dfaa3af623e984bd986886447b642d) // vk.Q_ARITHMETIC.x
-            mstore(add(_vk, 0x220), 0x265e4202aa18f537a514281d72aaea8ab10090da270d8f9901363b4f48bc0610) // vk.Q_ARITHMETIC.y
-            mstore(add(_vk, 0x240), 0x04e5e383b53cf0f3eb3e824dcbc95d7fbb2ca7770bf92a3e86b652a425534714) // vk.QSORT.x
-            mstore(add(_vk, 0x260), 0x1bb4418c97c423508baf8d7825f2f41066dc4769dc4c9643ebddca0a71b71a87) // vk.QSORT.y
-            mstore(add(_vk, 0x280), 0x00a2e0e8c69ad29b60904f91a9db016a32a3de05f6ccdf024b5f149e8388484c) // vk.Q_ELLIPTIC.x
-            mstore(add(_vk, 0x2a0), 0x24be2bffbba65b40f4eeabba7a3660511baad3936c4ec40a6f9e20d194ec3a07) // vk.Q_ELLIPTIC.y
-            mstore(add(_vk, 0x2c0), 0x28725b01fa9c481b39aef64f5f54f9f967fd976b7ff4be45a9ca50f7500fef4c) // vk.Q_AUX.x
-            mstore(add(_vk, 0x2e0), 0x264e3e4c4529b321c407f802c173d2fb73b03e8ce09fe3de3c11f84b87b99d32) // vk.Q_AUX.y
-            mstore(add(_vk, 0x300), 0x1ec8ec2e5a6f36a00042f1199bad7fb25e950c9ce97f59777fd1739f422ce750) // vk.SIGMA1.x
-            mstore(add(_vk, 0x320), 0x002526bd09111cbc4d6f6c6e200f627e7ae60fb59bd5f1357d82f386b1009dc9) // vk.SIGMA1.y
-            mstore(add(_vk, 0x340), 0x0cc83ed6a722c67efdd44d5b6de2490621fd59c7c1c7a1416c99a6dff933e5d9) // vk.SIGMA2.x
-            mstore(add(_vk, 0x360), 0x01eb69a024162e13bc58e174cef5c0d2c7a12bdf3619f78010cfe09cd165c19d) // vk.SIGMA2.y
-            mstore(add(_vk, 0x380), 0x257e795ed0c6598cb79a148110eb2ce1dfb2a6378267e0a33f3c1d4dd7aadbcc) // vk.SIGMA3.x
-            mstore(add(_vk, 0x3a0), 0x01d596a895131eb6dbf6c9a89ddd9321ec5ed272d921b4edfed20b8f8ddc80cb) // vk.SIGMA3.y
-            mstore(add(_vk, 0x3c0), 0x167af14f050f637263e94a86a2408a14178c7ea304ffaee2db4b2d20e173832b) // vk.SIGMA4.x
-            mstore(add(_vk, 0x3e0), 0x211fb82fbb784f81f12914fbdb876c4a4b1f3670bf7aa291f661f7541bc8779c) // vk.SIGMA4.y
-            mstore(add(_vk, 0x400), 0x09796190fd3ba909c6530c89811df9b5b4f5f2fe6501ec21dd864b20673fc02c) // vk.TABLE1.x
-            mstore(add(_vk, 0x420), 0x00b9c2423e310caa43e1eb83b55f53977fccbed85422df8935635d77d146bf39) // vk.TABLE1.y
-            mstore(add(_vk, 0x440), 0x217dad26ccc0c543ec5750513e9365a5cae8164b08d364efcf4b5890ff05f334) // vk.TABLE2.x
-            mstore(add(_vk, 0x460), 0x1db28433f6bde424423f3587787f81c48101d2dc6e54b431332cb275f8518c62) // vk.TABLE2.y
-            mstore(add(_vk, 0x480), 0x2cc2d90f2da7f4ec16b7fe61babd4fb9b580ecff03c471764dd67a8c433afab5) // vk.TABLE3.x
-            mstore(add(_vk, 0x4a0), 0x3032b9ff096a43ce326cc63ffc6a86dcb913fb1f7700939f5304f6c6beb24574) // vk.TABLE3.y
-            mstore(add(_vk, 0x4c0), 0x1f4c58502ca713ed0bffb4ff31ed55e557e83a37d31b8e703aa9219d6158e2d2) // vk.TABLE4.x
-            mstore(add(_vk, 0x4e0), 0x0b0d5ed5432c5e7b56344c1d26ce0d9f632e8f8aa52505d6c89f6da89f357fa8) // vk.TABLE4.y
-            mstore(add(_vk, 0x500), 0x0869d6ec86b39958a4a10ed67954dc8931a1e5ee901099071c3c0684dd0eddde) // vk.TABLE_TYPE.x
-            mstore(add(_vk, 0x520), 0x1fc9d5e1b18c601f367b9551c00f5e541a48aa562cd0adb4369b51a7e99395b6) // vk.TABLE_TYPE.y
-            mstore(add(_vk, 0x540), 0x205b387095b6e538a6169c93c9db7d85ec219e2f0304b449f8849f5fde2c659f) // vk.ID1.x
-            mstore(add(_vk, 0x560), 0x07d8d408db8702ba4db7fec434fdee2b944313f72b0f94a9dcec74e7b715b3f8) // vk.ID1.y
-            mstore(add(_vk, 0x580), 0x2c758668e1cbf0572b139911af3f553c7898f7f07ffdcc58484a1a0acd14a03e) // vk.ID2.x
-            mstore(add(_vk, 0x5a0), 0x159322db7ac7485c5be7ce811a773c5fda9e26b0c47139eda1af6103c5c21b1c) // vk.ID2.y
-            mstore(add(_vk, 0x5c0), 0x026ba63c8620f00298a42a356b18392228d92c4301e8c51e44a3a2e14a6ebc89) // vk.ID3.x
-            mstore(add(_vk, 0x5e0), 0x2a962181e6a7df5a05d1750e7a22b6ec21fc84d8de08524aa75c4ee8f646bd0c) // vk.ID3.y
-            mstore(add(_vk, 0x600), 0x2c81aa9e4f466e56d2a6f1a971d431a487379970bb892424e12a0c71c41479b0) // vk.ID4.x
-            mstore(add(_vk, 0x620), 0x2e662e641087ed19b9ff866748197ab8a871deded79d2835f32e4bbadef1a889) // vk.ID4.y
+            mstore(add(_vk, 0x40), 0x2260e724844bca5251829353968e4915305258418357473a5c1d597f613f6cbd) // vk.work_root
+            mstore(add(_vk, 0x60), 0x3064486657634403844b0eac78ca882cfd284341fcb0615a15cfcd17b14d8201) // vk.domain_inverse
+            mstore(add(_vk, 0x80), 0x05104b486160545badec11f151e7c70b87050871da5653387ab4ab2ad0eef5ca) // vk.Q1.x
+            mstore(add(_vk, 0xa0), 0x2672c7fb298fce83f510eb6e1b851a5bb2daf8fc43c7771e96c56c8a09ddfeae) // vk.Q1.y
+            mstore(add(_vk, 0xc0), 0x2c019acf99c5663da83cec224bd32570ee90f45c4486a54dec3ca4552d8ab07a) // vk.Q2.x
+            mstore(add(_vk, 0xe0), 0x0fb7a3385ab42cafb0e104ac17ac2dacfb161d292c00fca102b1e780e86ccaf3) // vk.Q2.y
+            mstore(add(_vk, 0x100), 0x273ca9c29ef10864f4c9c053c336776a71ca5ebbf4bec1cb381e431943f9b5d7) // vk.Q3.x
+            mstore(add(_vk, 0x120), 0x2a94f00fe384ab945a8f5e3c97194a425a4d2109e5b113f059e42ee232659436) // vk.Q3.y
+            mstore(add(_vk, 0x140), 0x0e8b5c127c8a3ec285c2ac80d9046528051387878802203988a60650a0a960ab) // vk.Q4.x
+            mstore(add(_vk, 0x160), 0x17efdb659ae0d26aa78db132f9be9130460c0fce0c2a8e9b726de68247f76891) // vk.Q4.y
+            mstore(add(_vk, 0x180), 0x2f668d8a50bdb5c366e39433892f903262a04b6473ba3468c12057d58ad3bbfb) // vk.Q_M.x
+            mstore(add(_vk, 0x1a0), 0x2397c6171bc6d084e98297690441c9da9f011d18b3ea0bb58ee4d47227feb6b4) // vk.Q_M.y
+            mstore(add(_vk, 0x1c0), 0x1dafbfb4d30fcf880ef839ecc7fda9a97c315c5fa1713d08f7cdf6dba53ffb17) // vk.Q_C.x
+            mstore(add(_vk, 0x1e0), 0x099fa3de9ce0cc28085739745582b53bf7939e3d97928afd491392053c1c0a68) // vk.Q_C.y
+            mstore(add(_vk, 0x200), 0x028912be5d0accd4edf4949f89be1c1a2fcf4f59559ba03114da00ec3bf643ac) // vk.Q_ARITHMETIC.x
+            mstore(add(_vk, 0x220), 0x2428952bfba8ba44830fb0ae6fcdeb9bf17d611add9432450ebbe3d928e2f431) // vk.Q_ARITHMETIC.y
+            mstore(add(_vk, 0x240), 0x2b40c900824bcca193d402e0ef7f78792deaccd99743a78e5330abe8886ac989) // vk.QSORT.x
+            mstore(add(_vk, 0x260), 0x102a7a02bc1a7317702c09560636e991b856f26f88ee8f0b33da3dd7fe222dbb) // vk.QSORT.y
+            mstore(add(_vk, 0x280), 0x2bcf00433471db2be265df28ba2e70c36ca52f2932a4de25c0d60868703a0726) // vk.Q_ELLIPTIC.x
+            mstore(add(_vk, 0x2a0), 0x2f225b86590c67ae48360cb41d5b291ba94ce2dbae850afd9a6854122341b5ba) // vk.Q_ELLIPTIC.y
+            mstore(add(_vk, 0x2c0), 0x2eaee34d8508092cc4e19bc3f27ffa7dfc72230710e220f228f48906fae21e56) // vk.Q_AUX.x
+            mstore(add(_vk, 0x2e0), 0x0c503c5d6245b99bbc056925e96abd20feaed6507707311092b3ed87eadb3874) // vk.Q_AUX.y
+            mstore(add(_vk, 0x300), 0x021ba851cec3aedfbf1d9944907ae721f0d3e8fa3548513b6f108d101067ae85) // vk.SIGMA1.x
+            mstore(add(_vk, 0x320), 0x24eef378da346c4f9eededc5dc519d35b14fec46412c8fcf7564cafb9843d761) // vk.SIGMA1.y
+            mstore(add(_vk, 0x340), 0x0492b2fed8a158177dd3e825fb34ca7481bfead06bc01f308dc81fcd852ef3bc) // vk.SIGMA2.x
+            mstore(add(_vk, 0x360), 0x289bf1bcc6a9cb19b102c7fb9dba839e1817a24257194cad404b393ce77e66b5) // vk.SIGMA2.y
+            mstore(add(_vk, 0x380), 0x05d2a9c66d5c142b254b4f7d09f0eb837d95d8ec002e0644f51d455041403ca5) // vk.SIGMA3.x
+            mstore(add(_vk, 0x3a0), 0x2434b76f470965c85363ff15b3f37c7b4be4fb2741451dc33943879f1e4cbba4) // vk.SIGMA3.y
+            mstore(add(_vk, 0x3c0), 0x2f4bcc93500665a87a8f959e1636fe88cb1f17688b8c286fe930ccf934a49ac2) // vk.SIGMA4.x
+            mstore(add(_vk, 0x3e0), 0x243f7b4ae1d483c99523b6a2999f404ab744017c8f43080c3582c38ea8ea3d1a) // vk.SIGMA4.y
+            mstore(add(_vk, 0x400), 0x0ddc3b6d8e59cf0996ca71ad4132ca9d618ffd933cf58a8a0953dc76f97cf108) // vk.TABLE1.x
+            mstore(add(_vk, 0x420), 0x153193287060386695f4f2d0d3525dec4c6a253f431d3f3fc06aa0e5b0448b8c) // vk.TABLE1.y
+            mstore(add(_vk, 0x440), 0x1170f0ece62f8c572bca96b141d27f4bd25585edb9319128045c005d48491b1e) // vk.TABLE2.x
+            mstore(add(_vk, 0x460), 0x246cd041690f653f88ed0c56ad282a3dd2e37b8edb1f56b785809d7710bf1c88) // vk.TABLE2.y
+            mstore(add(_vk, 0x480), 0x26153c937447356a0c6d6be09d85eb34bc8a00ce9d452888e5fc2b5a7e14fed7) // vk.TABLE3.x
+            mstore(add(_vk, 0x4a0), 0x189da022421fbd8dfd7973084d978e555388ad9364679246b07992f84b4e91b2) // vk.TABLE3.y
+            mstore(add(_vk, 0x4c0), 0x285311c5e9a4cbb56a3f04f29d5443e8c0f9753e2a5a35acec051fafe2cecce5) // vk.TABLE4.x
+            mstore(add(_vk, 0x4e0), 0x2436400260c9d3180beedd0bf49fec92d2d0ac76a1be7f1fad96cbd997175312) // vk.TABLE4.y
+            mstore(add(_vk, 0x500), 0x139bb66456d96a4e2dad361f7949a6b8c6739650965ae729788162fbb0382399) // vk.TABLE_TYPE.x
+            mstore(add(_vk, 0x520), 0x098fad1329e1765863f8ac829332168359901da71702e5119ce4b89a7ae6f017) // vk.TABLE_TYPE.y
+            mstore(add(_vk, 0x540), 0x14fc4c6c2521387172a6b801e2b6c8a2308d725695d3f49a57151c2a0a8af0fe) // vk.ID1.x
+            mstore(add(_vk, 0x560), 0x2ce0c2c73ded7bcf19c1208f134b67ed74f77ef717db1c05c010bc8df7bed39e) // vk.ID1.y
+            mstore(add(_vk, 0x580), 0x0e2455a361f4a3741dab6a03b8186996a5a9873a3b62b3fa8eb5a551cb46bb7a) // vk.ID2.x
+            mstore(add(_vk, 0x5a0), 0x29a288b84aeabb0421861492256c6ea82530b5b14c0e01e5b7b2553cf197a2e7) // vk.ID2.y
+            mstore(add(_vk, 0x5c0), 0x01fbecd3bc90ad298a27bf4f9aa071746c30b5af932a1ba8d5b04394f85e0370) // vk.ID3.x
+            mstore(add(_vk, 0x5e0), 0x0b21c924fc2b44729ff84deeae724c68dd1636e847b0f7cdd92ad203af7cf0d5) // vk.ID3.y
+            mstore(add(_vk, 0x600), 0x12f7ebb5e50b429b766b1dc5e8b32b7727593641e4f976b72a7046d0a3ff8dea) // vk.ID4.x
+            mstore(add(_vk, 0x620), 0x2d45226edb0f8338bb5fa88ecefeeaa9bbb72232a2e842f8c7f37cd11f7065ed) // vk.ID4.y
             mstore(add(_vk, 0x640), 0x01) // vk.contains_recursive_proof
             mstore(add(_vk, 0x660), 0) // vk.recursive_proof_public_input_indices
             mstore(add(_vk, 0x680), 0x260e01b251f6f1c7e7ff4e580791dee8ea51d87a358e038b4efe30fac09383c1) // vk.g2_x.X.c1
             mstore(add(_vk, 0x6a0), 0x0118c4d5b837bcc2bc89b5b398b5974e9f5944073b32078b7e231fec938883b0) // vk.g2_x.X.c0
             mstore(add(_vk, 0x6c0), 0x04fc6369f7110fe3d25156c1bb9a72859cf2a04641f99ba4ee413c80da6a5fe4) // vk.g2_x.Y.c1
             mstore(add(_vk, 0x6e0), 0x22febda3c0c0632a56475b4214e5615e11e6dd3f96e6cea2854a87d4dacc5e55) // vk.g2_x.Y.c0
-            mstore(_omegaInverseLoc, 0x036853f083780e87f8d7c71d111119c57dbe118c22d5ad707a82317466c5174c) // vk.work_root_inverse
+            mstore(_omegaInverseLoc, 0x06e402c0a314fb67a15cf806664ae1b722dbc0efe66e6c81d98f9924ca535321) // vk.work_root_inverse
         }
     }
 }

From 67f20c265cb9c55d79e6c0b3536808efaf11fd3d Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Sat, 21 Sep 2024 12:00:59 +0000
Subject: [PATCH 11/25] undo non-honk related changes

---
 .../ultra/keys/Add2UltraVerificationKey.sol   |   4 +-
 .../ultra/keys/BlakeUltraVerificationKey.sol  |   4 +-
 .../ultra/keys/EcdsaUltraVerificationKey.sol  |  76 ++++++-------
 .../keys/RecursiveUltraVerificationKey.sol    | 104 +++++++++---------
 4 files changed, 94 insertions(+), 94 deletions(-)

diff --git a/barretenberg/sol/src/ultra/keys/Add2UltraVerificationKey.sol b/barretenberg/sol/src/ultra/keys/Add2UltraVerificationKey.sol
index 0a11f506bafe..341b831b05aa 100644
--- a/barretenberg/sol/src/ultra/keys/Add2UltraVerificationKey.sol
+++ b/barretenberg/sol/src/ultra/keys/Add2UltraVerificationKey.sol
@@ -1,11 +1,11 @@
-// Verification Key Hash: afad6e5fafa40ac9cfa948f4d6c5878d1cc1995c6f967de91bfdec1b6bbfc3dc
+// Verification Key Hash: 4199008b0f295433fcc5b10612c7b9a9d87fbd4a221275c2119e7c2060905534
 // SPDX-License-Identifier: Apache-2.0
 // Copyright 2022 Aztec
 pragma solidity >=0.8.4;
 
 library Add2UltraVerificationKey {
     function verificationKeyHash() internal pure returns (bytes32) {
-        return 0xafad6e5fafa40ac9cfa948f4d6c5878d1cc1995c6f967de91bfdec1b6bbfc3dc;
+        return 0x4199008b0f295433fcc5b10612c7b9a9d87fbd4a221275c2119e7c2060905534;
     }
 
     function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure {
diff --git a/barretenberg/sol/src/ultra/keys/BlakeUltraVerificationKey.sol b/barretenberg/sol/src/ultra/keys/BlakeUltraVerificationKey.sol
index c3080a08f111..27de321eb3db 100644
--- a/barretenberg/sol/src/ultra/keys/BlakeUltraVerificationKey.sol
+++ b/barretenberg/sol/src/ultra/keys/BlakeUltraVerificationKey.sol
@@ -1,11 +1,11 @@
-// Verification Key Hash: a1ded9e96cad714ee5d8bc8529dff9f757c08d323f5690d39fed19721ffbf8e9
+// Verification Key Hash: f1610f1094b31fc37136369383140118871a3bf69a190023d73dce30a3e5ba2e
 // SPDX-License-Identifier: Apache-2.0
 // Copyright 2022 Aztec
 pragma solidity >=0.8.4;
 
 library BlakeUltraVerificationKey {
     function verificationKeyHash() internal pure returns (bytes32) {
-        return 0xa1ded9e96cad714ee5d8bc8529dff9f757c08d323f5690d39fed19721ffbf8e9;
+        return 0xf1610f1094b31fc37136369383140118871a3bf69a190023d73dce30a3e5ba2e;
     }
 
     function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure {
diff --git a/barretenberg/sol/src/ultra/keys/EcdsaUltraVerificationKey.sol b/barretenberg/sol/src/ultra/keys/EcdsaUltraVerificationKey.sol
index 2f27b1b5db26..63a0b71a890d 100644
--- a/barretenberg/sol/src/ultra/keys/EcdsaUltraVerificationKey.sol
+++ b/barretenberg/sol/src/ultra/keys/EcdsaUltraVerificationKey.sol
@@ -1,11 +1,11 @@
-// Verification Key Hash: e679d03fd08858df1a3f6d4e4afc735c5f3b9493b797d703bd28c60ab26f8652
+// Verification Key Hash: c1102f0000ae4bf7f5b38f96c80e03284a3ec4bada1f0682ddde94c8ba688c58
 // SPDX-License-Identifier: Apache-2.0
 // Copyright 2022 Aztec
 pragma solidity >=0.8.4;
 
 library EcdsaUltraVerificationKey {
     function verificationKeyHash() internal pure returns (bytes32) {
-        return 0xe679d03fd08858df1a3f6d4e4afc735c5f3b9493b797d703bd28c60ab26f8652;
+        return 0xc1102f0000ae4bf7f5b38f96c80e03284a3ec4bada1f0682ddde94c8ba688c58;
     }
 
     function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure {
@@ -14,34 +14,34 @@ library EcdsaUltraVerificationKey {
             mstore(add(_vk, 0x20), 0x0000000000000000000000000000000000000000000000000000000000000006) // vk.num_inputs
             mstore(add(_vk, 0x40), 0x00eeb2cb5981ed45649abebde081dcff16c8601de4347e7dd1628ba2daac43b7) // vk.work_root
             mstore(add(_vk, 0x60), 0x30641e0e92bebef818268d663bcad6dbcfd6c0149170f6d7d350b1b1fa6c1001) // vk.domain_inverse
-            mstore(add(_vk, 0x80), 0x1cc85a07fb1009e23540957b29121dc57aaae5b1e89a22a932a1bdf7ccac1af2) // vk.Q1.x
-            mstore(add(_vk, 0xa0), 0x19a1a4fa6d8781abbcb696097c1817f54da296348a292954e2aa9856f2fa3b6a) // vk.Q1.y
-            mstore(add(_vk, 0xc0), 0x0409f05fe2901e7e339b3aaf0d7af7b5d4023e416da923321b15aae633b18fee) // vk.Q2.x
-            mstore(add(_vk, 0xe0), 0x0ae6cc44e9024c190ab310d7ad110226c5c76f15d158b60fc9acd98f2e1f1aa3) // vk.Q2.y
-            mstore(add(_vk, 0x100), 0x20e3b4e35df25ba02ac2a9be26bc6fe74640355e57455598e69922b8d3fd0939) // vk.Q3.x
-            mstore(add(_vk, 0x120), 0x1f49d18bdb86a449e676558c6d6349f123372641187e33e12128ee7468431942) // vk.Q3.y
-            mstore(add(_vk, 0x140), 0x00e95627d4db555ccf3b1ee6def34fab1a815f0482cb6a745a363940d3163831) // vk.Q4.x
-            mstore(add(_vk, 0x160), 0x19fe011a8a139da323b5ce5abebe54bf4c105acd6045d7b2b5df40a34411f44b) // vk.Q4.y
-            mstore(add(_vk, 0x180), 0x04b41648960da31317eff66b5ca9be0a6c81ebeead27e70b3c5b28d4aba11081) // vk.Q_M.x
-            mstore(add(_vk, 0x1a0), 0x1bff2df21a3fd9c49c29b7f7c153dd0bc331d75afc6a35fb7155c17bb0f67a63) // vk.Q_M.y
-            mstore(add(_vk, 0x1c0), 0x15faa2ea86a6a66cd9b969d6305f863595a73b9215c1ae442969f4993a8e5230) // vk.Q_C.x
-            mstore(add(_vk, 0x1e0), 0x26391cc92544b485d90313d3396b53d9207db8f84ead11bcf45467fa7eb38b94) // vk.Q_C.y
-            mstore(add(_vk, 0x200), 0x01a0d650b65d29965e4ae2a8cfb69470d7560f0826268da59c6e72e684a06c9b) // vk.Q_ARITHMETIC.x
-            mstore(add(_vk, 0x220), 0x2248d4a02e68036c8d0a4a6725ba0e5e8e95950a5285a3a7daa1a1726cc8ec6b) // vk.Q_ARITHMETIC.y
-            mstore(add(_vk, 0x240), 0x01afcbad715a0c382971311ad6fe4ff8b6e99200162aeb6245b585c99c8748a9) // vk.QSORT.x
-            mstore(add(_vk, 0x260), 0x18bf352081d1ba2ffe8088d34ce6471e4cf6d2ee63f006ea9a5e31cc41b6587c) // vk.QSORT.y
+            mstore(add(_vk, 0x80), 0x149e839df8f43c6975d85aa1007d219354b3389f7c93c96935e531fe03d01f88) // vk.Q1.x
+            mstore(add(_vk, 0xa0), 0x15af1728559ee0f81053b668fa9978c5fc81ee84d017bc955ccfa37c19bd42a0) // vk.Q1.y
+            mstore(add(_vk, 0xc0), 0x29ba522730da8fa2a791946868afba96af78b025ba860d8e1d02e0325e677101) // vk.Q2.x
+            mstore(add(_vk, 0xe0), 0x1434909cf7d729b2f4227d83569641d90c4a72d393390825de20cea7ddad8044) // vk.Q2.y
+            mstore(add(_vk, 0x100), 0x03b90587c8746a60d96bc184e03c8469d813956caba6137040b350360357fe4f) // vk.Q3.x
+            mstore(add(_vk, 0x120), 0x211f025196191d107ae492f80f0effeb1e9242069f333d405698365df4838d43) // vk.Q3.y
+            mstore(add(_vk, 0x140), 0x0eae4a0952b07a5dbaf7750d79dae8fda3cfa4b5e7882413b6ada72c4297561e) // vk.Q4.x
+            mstore(add(_vk, 0x160), 0x0fa2558fd5e0afe53d359b1ec584eb6c0fabad27e4909227d9a4457d588b2830) // vk.Q4.y
+            mstore(add(_vk, 0x180), 0x01e7626aeb0ca204c26be5b01b3171994011b03f8966bb201303fc196c6c1a7e) // vk.Q_M.x
+            mstore(add(_vk, 0x1a0), 0x07972ee3ae6e0a0cf4978b64cd08783f42c7ce9905f1fd35da4ff6fa0e1a18e2) // vk.Q_M.y
+            mstore(add(_vk, 0x1c0), 0x03bd15837131c97d246c0aa57786e302b6d8227826104f70f56cba936a7b408e) // vk.Q_C.x
+            mstore(add(_vk, 0x1e0), 0x1a2e3be55cd01c1a4f4ef33fa96986e37c56abc06876e7f7d76229fb9f122c4c) // vk.Q_C.y
+            mstore(add(_vk, 0x200), 0x26d1d1578bb09f2f047035f103c3b32180c89b338e7d04ace8872b1154be6fb5) // vk.Q_ARITHMETIC.x
+            mstore(add(_vk, 0x220), 0x10c4691982c731ec4e2bb8216e8af8405fbe96fe8fe305ef2c3e03444fe68f85) // vk.Q_ARITHMETIC.y
+            mstore(add(_vk, 0x240), 0x1feb6cf63471a70e29caeee13eb393760c0f7d9e556327beb09a22b6b35e89f7) // vk.QSORT.x
+            mstore(add(_vk, 0x260), 0x1a834941cde87aa7a82450b4f093f149df9937db2edbdab47fa7216fbcb33580) // vk.QSORT.y
             mstore(add(_vk, 0x280), 0x21245d6c0a4d2ff12b21a825f39f30e8f8cf9b259448d111183e975828539576) // vk.Q_ELLIPTIC.x
             mstore(add(_vk, 0x2a0), 0x16a409532c8a1693536e93b6ce9920bfc2e6796e8dfe404675a0cdf6ee77ee7a) // vk.Q_ELLIPTIC.y
-            mstore(add(_vk, 0x2c0), 0x2d455f287e41544fd3744bab412640fd6916b01aa2163c84071eb47f0306a473) // vk.Q_AUX.x
-            mstore(add(_vk, 0x2e0), 0x09dea8e2b5e382a1c4a37bc4e60f5e8380688310b855c249d64153478d25e223) // vk.Q_AUX.y
-            mstore(add(_vk, 0x300), 0x09671927e293b22a3fb9fa8ea1680fcc4570bb2f312cb88004ff7fd4474e2109) // vk.SIGMA1.x
-            mstore(add(_vk, 0x320), 0x1c6442d9a49b3b93a928ef6ba2f348bc4c8cb778a59345faf7d173129f22b5a3) // vk.SIGMA1.y
-            mstore(add(_vk, 0x340), 0x0337d84b45a5abc701edbdc1a1d878178c23496b39ccddcc3f0f6199e3f97df6) // vk.SIGMA2.x
-            mstore(add(_vk, 0x360), 0x1c744f7be93d40c96d15fdf9d81c9502b7018573ad23e51dea7b065fdeb6f13a) // vk.SIGMA2.y
-            mstore(add(_vk, 0x380), 0x23a975cfb71f0c0d46ef9c0b01e6482e780b5e3af1a63547f7d01c46c1911699) // vk.SIGMA3.x
-            mstore(add(_vk, 0x3a0), 0x0d5a0be212cb2c7d3bba8c2406a9d2c4b04d4e64b0acef2681eb7c6aa490a7cb) // vk.SIGMA3.y
-            mstore(add(_vk, 0x3c0), 0x1ca2d0cca80bb16eab28d06c5c175e862a8ef14bceb6da79e65236a8a6a36838) // vk.SIGMA4.x
-            mstore(add(_vk, 0x3e0), 0x0555fe3dbd2ba2d7db2b5f740bf32fb57f4c5ac9d9f2e59e9a5a2cc2d84dae05) // vk.SIGMA4.y
+            mstore(add(_vk, 0x2c0), 0x24005a1e8120ffcb3e5fc06ff50794b9d4b0bd70eabb1f8dfb342bec8a64dd61) // vk.Q_AUX.x
+            mstore(add(_vk, 0x2e0), 0x2c18b52f602a5a9b4461872eff0712f56d128bb9364471f838d7b07f008660e3) // vk.Q_AUX.y
+            mstore(add(_vk, 0x300), 0x02497b2d5e01266cea1f1bf4d9ad66e54045b3e388066db97b9623668728f65d) // vk.SIGMA1.x
+            mstore(add(_vk, 0x320), 0x0156cae236ca46f64832b4b826804da6c7221ab5ca4cdadd53a1b787992307fe) // vk.SIGMA1.y
+            mstore(add(_vk, 0x340), 0x2673cb9276dcc16be61e4c2ec24f6a881e771a273198ab0b392c26085a5f03b4) // vk.SIGMA2.x
+            mstore(add(_vk, 0x360), 0x1384aef6995f8e632b76cce98d900e2535d92719be668a8f0e20c893c87f391a) // vk.SIGMA2.y
+            mstore(add(_vk, 0x380), 0x11d48b7fc901d1e72489d937970ee3baea2662d268f9b1c08d71820a21ac6a39) // vk.SIGMA3.x
+            mstore(add(_vk, 0x3a0), 0x126e543f1951015c8a56ff6d571e67da3cc52d2671f3ce8d258378edcfe8a8f5) // vk.SIGMA3.y
+            mstore(add(_vk, 0x3c0), 0x0b41b102b59ecae092c04a4f09755db1dc4286c3072034ca23b7f885bcfec814) // vk.SIGMA4.x
+            mstore(add(_vk, 0x3e0), 0x13bf888757f9fad73f21ab3a0ef53a286329dbf0aaaa935d1689d8554db05813) // vk.SIGMA4.y
             mstore(add(_vk, 0x400), 0x18f7cf965339d9c9d190296fa92f915767b0a8da455975f3e03fa98439fd7110) // vk.TABLE1.x
             mstore(add(_vk, 0x420), 0x0eecc02f9d44125407adbf00d56b086afd1adc5de536450afe05de382761b32f) // vk.TABLE1.y
             mstore(add(_vk, 0x440), 0x0bdfe662ea9f40f125ca5f7e99a8c6ba09b87ba8313864316745df862946c5c4) // vk.TABLE2.x
@@ -50,16 +50,16 @@ library EcdsaUltraVerificationKey {
             mstore(add(_vk, 0x4a0), 0x1fda66dfb58273345f2471dff55c51b6856241460272e64b4cc67cde65231e89) // vk.TABLE3.y
             mstore(add(_vk, 0x4c0), 0x024ccc0fcff3b515cdc97dde2fae5c516bf3c97207891801707142af02538a83) // vk.TABLE4.x
             mstore(add(_vk, 0x4e0), 0x27827250d02b7b67d084bfc52b26c722f33f75ae5098c109573bfe92b782e559) // vk.TABLE4.y
-            mstore(add(_vk, 0x500), 0x22b1d6b9827d6d03049f76dc9dc219ae6de93abe52d4d7de8677d961d3408c77) // vk.TABLE_TYPE.x
-            mstore(add(_vk, 0x520), 0x10ebc6be9f74e0367276028c613ab3efe0f2ed546c05339b36d5165d009c833a) // vk.TABLE_TYPE.y
-            mstore(add(_vk, 0x540), 0x2aa2e5247ce6524fecba0a2de9f383353096665f3ae8082fe7017fbf6d6572d8) // vk.ID1.x
-            mstore(add(_vk, 0x560), 0x1db802f61a6194bea68f7d5ec697facf26f1c1336b09e382801e8b773f0e116f) // vk.ID1.y
-            mstore(add(_vk, 0x580), 0x1aa955e508f3c2fbf55a36719eb666a45239935c4af10b8a1f4580d5cd614236) // vk.ID2.x
-            mstore(add(_vk, 0x5a0), 0x2bc21aa51420951a10a39d5c5242101d2207c47a0077852acb7d3fd6a16e1c58) // vk.ID2.y
-            mstore(add(_vk, 0x5c0), 0x245c89c4cf7c7e297b4db8e2625f5abd56398c351256a39aece0a36a940aaf62) // vk.ID3.x
-            mstore(add(_vk, 0x5e0), 0x01bd6e61d801d895c7edfee071518761f3c8c0e10bec5f0fb0b25ae430a2c91e) // vk.ID3.y
-            mstore(add(_vk, 0x600), 0x30223d4653291c03019e96bd716769c7c6d6520fddf2e633a75f94b08bee86dd) // vk.ID4.x
-            mstore(add(_vk, 0x620), 0x2e389428afa291855039f1b4af22e70d469f4e20116b85889737d624a2d27fef) // vk.ID4.y
+            mstore(add(_vk, 0x500), 0x302e6c8067a7ca14e1d75776754c1a3ad99d21056ae8e607ea66029cbe534906) // vk.TABLE_TYPE.x
+            mstore(add(_vk, 0x520), 0x07f2eb44fd686bf54e604a6b40c9151b7123db580a23c064ef703af4013dbc2f) // vk.TABLE_TYPE.y
+            mstore(add(_vk, 0x540), 0x00992a2f510c6371b9231c1d68d0e0fdbe10c5f4344de9441cc7c845afb37a1d) // vk.ID1.x
+            mstore(add(_vk, 0x560), 0x13eb38f67d8c03245e6f0655f5d40c145b2c06dd1657d8da26dc75af0cefa0f7) // vk.ID1.y
+            mstore(add(_vk, 0x580), 0x2ce905fbf9f932ae4f9b7b0feda15271b80921e9bf4e58c302ae99f1207fa4e7) // vk.ID2.x
+            mstore(add(_vk, 0x5a0), 0x2c2a6dc03599757fc625b0e55984d3fb28a954d40eb54f988b52c55936076988) // vk.ID2.y
+            mstore(add(_vk, 0x5c0), 0x0f547249b9aa5b9a951757893c059f8ed590366da4dd3ccd36aeac3069c7471f) // vk.ID3.x
+            mstore(add(_vk, 0x5e0), 0x2be2746434bfe0ccb2390357b17f8ec70ff12fc3aad4500b8d1723ec6709a170) // vk.ID3.y
+            mstore(add(_vk, 0x600), 0x19d1ed6b528ae5095d83167c3ba3578b36c7cd9249e47d10ceff352890d0938f) // vk.ID4.x
+            mstore(add(_vk, 0x620), 0x1dcd2caa39e180a497ff98414548e5de682d19fc598b3cd44242f1bb53a0e078) // vk.ID4.y
             mstore(add(_vk, 0x640), 0x00) // vk.contains_recursive_proof
             mstore(add(_vk, 0x660), 0) // vk.recursive_proof_public_input_indices
             mstore(add(_vk, 0x680), 0x260e01b251f6f1c7e7ff4e580791dee8ea51d87a358e038b4efe30fac09383c1) // vk.g2_x.X.c1
diff --git a/barretenberg/sol/src/ultra/keys/RecursiveUltraVerificationKey.sol b/barretenberg/sol/src/ultra/keys/RecursiveUltraVerificationKey.sol
index 641305da4bcd..1cabff016cbc 100644
--- a/barretenberg/sol/src/ultra/keys/RecursiveUltraVerificationKey.sol
+++ b/barretenberg/sol/src/ultra/keys/RecursiveUltraVerificationKey.sol
@@ -1,72 +1,72 @@
-// Verification Key Hash: a52397545a883471ee94e8a27e184be64d21640d76712b1e6fba67f3546503c9
+// Verification Key Hash: 9e6cf5dacef11085d9ea83e98b85ebdc37749931c90443898dcd8d18f639dad8
 // SPDX-License-Identifier: Apache-2.0
 // Copyright 2022 Aztec
 pragma solidity >=0.8.4;
 
 library RecursiveUltraVerificationKey {
     function verificationKeyHash() internal pure returns (bytes32) {
-        return 0xa52397545a883471ee94e8a27e184be64d21640d76712b1e6fba67f3546503c9;
+        return 0x9e6cf5dacef11085d9ea83e98b85ebdc37749931c90443898dcd8d18f639dad8;
     }
 
     function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure {
         assembly {
-            mstore(add(_vk, 0x00), 0x0000000000000000000000000000000000000000000000000000000000080000) // vk.circuit_size
+            mstore(add(_vk, 0x00), 0x0000000000000000000000000000000000000000000000000000000000040000) // vk.circuit_size
             mstore(add(_vk, 0x20), 0x0000000000000000000000000000000000000000000000000000000000000010) // vk.num_inputs
-            mstore(add(_vk, 0x40), 0x2260e724844bca5251829353968e4915305258418357473a5c1d597f613f6cbd) // vk.work_root
-            mstore(add(_vk, 0x60), 0x3064486657634403844b0eac78ca882cfd284341fcb0615a15cfcd17b14d8201) // vk.domain_inverse
-            mstore(add(_vk, 0x80), 0x05104b486160545badec11f151e7c70b87050871da5653387ab4ab2ad0eef5ca) // vk.Q1.x
-            mstore(add(_vk, 0xa0), 0x2672c7fb298fce83f510eb6e1b851a5bb2daf8fc43c7771e96c56c8a09ddfeae) // vk.Q1.y
-            mstore(add(_vk, 0xc0), 0x2c019acf99c5663da83cec224bd32570ee90f45c4486a54dec3ca4552d8ab07a) // vk.Q2.x
-            mstore(add(_vk, 0xe0), 0x0fb7a3385ab42cafb0e104ac17ac2dacfb161d292c00fca102b1e780e86ccaf3) // vk.Q2.y
-            mstore(add(_vk, 0x100), 0x273ca9c29ef10864f4c9c053c336776a71ca5ebbf4bec1cb381e431943f9b5d7) // vk.Q3.x
-            mstore(add(_vk, 0x120), 0x2a94f00fe384ab945a8f5e3c97194a425a4d2109e5b113f059e42ee232659436) // vk.Q3.y
-            mstore(add(_vk, 0x140), 0x0e8b5c127c8a3ec285c2ac80d9046528051387878802203988a60650a0a960ab) // vk.Q4.x
-            mstore(add(_vk, 0x160), 0x17efdb659ae0d26aa78db132f9be9130460c0fce0c2a8e9b726de68247f76891) // vk.Q4.y
-            mstore(add(_vk, 0x180), 0x2f668d8a50bdb5c366e39433892f903262a04b6473ba3468c12057d58ad3bbfb) // vk.Q_M.x
-            mstore(add(_vk, 0x1a0), 0x2397c6171bc6d084e98297690441c9da9f011d18b3ea0bb58ee4d47227feb6b4) // vk.Q_M.y
-            mstore(add(_vk, 0x1c0), 0x1dafbfb4d30fcf880ef839ecc7fda9a97c315c5fa1713d08f7cdf6dba53ffb17) // vk.Q_C.x
-            mstore(add(_vk, 0x1e0), 0x099fa3de9ce0cc28085739745582b53bf7939e3d97928afd491392053c1c0a68) // vk.Q_C.y
-            mstore(add(_vk, 0x200), 0x028912be5d0accd4edf4949f89be1c1a2fcf4f59559ba03114da00ec3bf643ac) // vk.Q_ARITHMETIC.x
-            mstore(add(_vk, 0x220), 0x2428952bfba8ba44830fb0ae6fcdeb9bf17d611add9432450ebbe3d928e2f431) // vk.Q_ARITHMETIC.y
-            mstore(add(_vk, 0x240), 0x2b40c900824bcca193d402e0ef7f78792deaccd99743a78e5330abe8886ac989) // vk.QSORT.x
-            mstore(add(_vk, 0x260), 0x102a7a02bc1a7317702c09560636e991b856f26f88ee8f0b33da3dd7fe222dbb) // vk.QSORT.y
-            mstore(add(_vk, 0x280), 0x2bcf00433471db2be265df28ba2e70c36ca52f2932a4de25c0d60868703a0726) // vk.Q_ELLIPTIC.x
-            mstore(add(_vk, 0x2a0), 0x2f225b86590c67ae48360cb41d5b291ba94ce2dbae850afd9a6854122341b5ba) // vk.Q_ELLIPTIC.y
-            mstore(add(_vk, 0x2c0), 0x2eaee34d8508092cc4e19bc3f27ffa7dfc72230710e220f228f48906fae21e56) // vk.Q_AUX.x
-            mstore(add(_vk, 0x2e0), 0x0c503c5d6245b99bbc056925e96abd20feaed6507707311092b3ed87eadb3874) // vk.Q_AUX.y
-            mstore(add(_vk, 0x300), 0x021ba851cec3aedfbf1d9944907ae721f0d3e8fa3548513b6f108d101067ae85) // vk.SIGMA1.x
-            mstore(add(_vk, 0x320), 0x24eef378da346c4f9eededc5dc519d35b14fec46412c8fcf7564cafb9843d761) // vk.SIGMA1.y
-            mstore(add(_vk, 0x340), 0x0492b2fed8a158177dd3e825fb34ca7481bfead06bc01f308dc81fcd852ef3bc) // vk.SIGMA2.x
-            mstore(add(_vk, 0x360), 0x289bf1bcc6a9cb19b102c7fb9dba839e1817a24257194cad404b393ce77e66b5) // vk.SIGMA2.y
-            mstore(add(_vk, 0x380), 0x05d2a9c66d5c142b254b4f7d09f0eb837d95d8ec002e0644f51d455041403ca5) // vk.SIGMA3.x
-            mstore(add(_vk, 0x3a0), 0x2434b76f470965c85363ff15b3f37c7b4be4fb2741451dc33943879f1e4cbba4) // vk.SIGMA3.y
-            mstore(add(_vk, 0x3c0), 0x2f4bcc93500665a87a8f959e1636fe88cb1f17688b8c286fe930ccf934a49ac2) // vk.SIGMA4.x
-            mstore(add(_vk, 0x3e0), 0x243f7b4ae1d483c99523b6a2999f404ab744017c8f43080c3582c38ea8ea3d1a) // vk.SIGMA4.y
-            mstore(add(_vk, 0x400), 0x0ddc3b6d8e59cf0996ca71ad4132ca9d618ffd933cf58a8a0953dc76f97cf108) // vk.TABLE1.x
-            mstore(add(_vk, 0x420), 0x153193287060386695f4f2d0d3525dec4c6a253f431d3f3fc06aa0e5b0448b8c) // vk.TABLE1.y
-            mstore(add(_vk, 0x440), 0x1170f0ece62f8c572bca96b141d27f4bd25585edb9319128045c005d48491b1e) // vk.TABLE2.x
-            mstore(add(_vk, 0x460), 0x246cd041690f653f88ed0c56ad282a3dd2e37b8edb1f56b785809d7710bf1c88) // vk.TABLE2.y
-            mstore(add(_vk, 0x480), 0x26153c937447356a0c6d6be09d85eb34bc8a00ce9d452888e5fc2b5a7e14fed7) // vk.TABLE3.x
-            mstore(add(_vk, 0x4a0), 0x189da022421fbd8dfd7973084d978e555388ad9364679246b07992f84b4e91b2) // vk.TABLE3.y
-            mstore(add(_vk, 0x4c0), 0x285311c5e9a4cbb56a3f04f29d5443e8c0f9753e2a5a35acec051fafe2cecce5) // vk.TABLE4.x
-            mstore(add(_vk, 0x4e0), 0x2436400260c9d3180beedd0bf49fec92d2d0ac76a1be7f1fad96cbd997175312) // vk.TABLE4.y
-            mstore(add(_vk, 0x500), 0x139bb66456d96a4e2dad361f7949a6b8c6739650965ae729788162fbb0382399) // vk.TABLE_TYPE.x
-            mstore(add(_vk, 0x520), 0x098fad1329e1765863f8ac829332168359901da71702e5119ce4b89a7ae6f017) // vk.TABLE_TYPE.y
-            mstore(add(_vk, 0x540), 0x14fc4c6c2521387172a6b801e2b6c8a2308d725695d3f49a57151c2a0a8af0fe) // vk.ID1.x
-            mstore(add(_vk, 0x560), 0x2ce0c2c73ded7bcf19c1208f134b67ed74f77ef717db1c05c010bc8df7bed39e) // vk.ID1.y
-            mstore(add(_vk, 0x580), 0x0e2455a361f4a3741dab6a03b8186996a5a9873a3b62b3fa8eb5a551cb46bb7a) // vk.ID2.x
-            mstore(add(_vk, 0x5a0), 0x29a288b84aeabb0421861492256c6ea82530b5b14c0e01e5b7b2553cf197a2e7) // vk.ID2.y
-            mstore(add(_vk, 0x5c0), 0x01fbecd3bc90ad298a27bf4f9aa071746c30b5af932a1ba8d5b04394f85e0370) // vk.ID3.x
-            mstore(add(_vk, 0x5e0), 0x0b21c924fc2b44729ff84deeae724c68dd1636e847b0f7cdd92ad203af7cf0d5) // vk.ID3.y
-            mstore(add(_vk, 0x600), 0x12f7ebb5e50b429b766b1dc5e8b32b7727593641e4f976b72a7046d0a3ff8dea) // vk.ID4.x
-            mstore(add(_vk, 0x620), 0x2d45226edb0f8338bb5fa88ecefeeaa9bbb72232a2e842f8c7f37cd11f7065ed) // vk.ID4.y
+            mstore(add(_vk, 0x40), 0x19ddbcaf3a8d46c15c0176fbb5b95e4dc57088ff13f4d1bd84c6bfa57dcdc0e0) // vk.work_root
+            mstore(add(_vk, 0x60), 0x30644259cd94e7dd5045d7a27013b7fcd21c9e3b7fa75222e7bda49b729b0401) // vk.domain_inverse
+            mstore(add(_vk, 0x80), 0x02c6f00fd259ba9440c68d211969bbd81509b234882d65fc79ee90fdcb6ccfda) // vk.Q1.x
+            mstore(add(_vk, 0xa0), 0x07f4fc84032451c171ea7150385b54a383fb083cc0c93895e2ef931e8e448345) // vk.Q1.y
+            mstore(add(_vk, 0xc0), 0x02b407e4c824960a965b5193ad8c6ccf4baaa4c99da5d11b13a2d6af52973ef7) // vk.Q2.x
+            mstore(add(_vk, 0xe0), 0x021fe5c3dd23b42f696dcd08659b8aa403c8e927f8c6e7b1446f4e9205c0a1c2) // vk.Q2.y
+            mstore(add(_vk, 0x100), 0x14f63403b60fb3ccf8325ec20e463e1daa492faf4d0151a8e7366f07c68f1d83) // vk.Q3.x
+            mstore(add(_vk, 0x120), 0x207cbbaffb34a0fe5eba27fd30f67e5389b1de65b703ccb78726831208ab600d) // vk.Q3.y
+            mstore(add(_vk, 0x140), 0x00ef12b054f19d72f2a6d0e628c6387026afd8a8924eb144ccc9948d4f6c5549) // vk.Q4.x
+            mstore(add(_vk, 0x160), 0x0a1cbb57818ceec1d15878315046a7db1238d292307cabafbb97f569df6dcefa) // vk.Q4.y
+            mstore(add(_vk, 0x180), 0x0d098b0bcd6db60c47f8e7e9eb1c072972deb39b294907cbc353352ebc2bea85) // vk.Q_M.x
+            mstore(add(_vk, 0x1a0), 0x0ff57407d8b18914e30d8583a77f67732f8b2762429a712c55b0c00fb83fe1c2) // vk.Q_M.y
+            mstore(add(_vk, 0x1c0), 0x2b01c45f214633bfaea1589083ab9a3a0915a6da362baa3151b1a0e80fb79160) // vk.Q_C.x
+            mstore(add(_vk, 0x1e0), 0x0392d6380d2912befda8d98bcddd6050683a814bb84eb7f57e28176033783f11) // vk.Q_C.y
+            mstore(add(_vk, 0x200), 0x24a6e759b9d12a53f809367cb3cbd00d96dfaa3af623e984bd986886447b642d) // vk.Q_ARITHMETIC.x
+            mstore(add(_vk, 0x220), 0x265e4202aa18f537a514281d72aaea8ab10090da270d8f9901363b4f48bc0610) // vk.Q_ARITHMETIC.y
+            mstore(add(_vk, 0x240), 0x04e5e383b53cf0f3eb3e824dcbc95d7fbb2ca7770bf92a3e86b652a425534714) // vk.QSORT.x
+            mstore(add(_vk, 0x260), 0x1bb4418c97c423508baf8d7825f2f41066dc4769dc4c9643ebddca0a71b71a87) // vk.QSORT.y
+            mstore(add(_vk, 0x280), 0x00a2e0e8c69ad29b60904f91a9db016a32a3de05f6ccdf024b5f149e8388484c) // vk.Q_ELLIPTIC.x
+            mstore(add(_vk, 0x2a0), 0x24be2bffbba65b40f4eeabba7a3660511baad3936c4ec40a6f9e20d194ec3a07) // vk.Q_ELLIPTIC.y
+            mstore(add(_vk, 0x2c0), 0x28725b01fa9c481b39aef64f5f54f9f967fd976b7ff4be45a9ca50f7500fef4c) // vk.Q_AUX.x
+            mstore(add(_vk, 0x2e0), 0x264e3e4c4529b321c407f802c173d2fb73b03e8ce09fe3de3c11f84b87b99d32) // vk.Q_AUX.y
+            mstore(add(_vk, 0x300), 0x1ec8ec2e5a6f36a00042f1199bad7fb25e950c9ce97f59777fd1739f422ce750) // vk.SIGMA1.x
+            mstore(add(_vk, 0x320), 0x002526bd09111cbc4d6f6c6e200f627e7ae60fb59bd5f1357d82f386b1009dc9) // vk.SIGMA1.y
+            mstore(add(_vk, 0x340), 0x0cc83ed6a722c67efdd44d5b6de2490621fd59c7c1c7a1416c99a6dff933e5d9) // vk.SIGMA2.x
+            mstore(add(_vk, 0x360), 0x01eb69a024162e13bc58e174cef5c0d2c7a12bdf3619f78010cfe09cd165c19d) // vk.SIGMA2.y
+            mstore(add(_vk, 0x380), 0x257e795ed0c6598cb79a148110eb2ce1dfb2a6378267e0a33f3c1d4dd7aadbcc) // vk.SIGMA3.x
+            mstore(add(_vk, 0x3a0), 0x01d596a895131eb6dbf6c9a89ddd9321ec5ed272d921b4edfed20b8f8ddc80cb) // vk.SIGMA3.y
+            mstore(add(_vk, 0x3c0), 0x167af14f050f637263e94a86a2408a14178c7ea304ffaee2db4b2d20e173832b) // vk.SIGMA4.x
+            mstore(add(_vk, 0x3e0), 0x211fb82fbb784f81f12914fbdb876c4a4b1f3670bf7aa291f661f7541bc8779c) // vk.SIGMA4.y
+            mstore(add(_vk, 0x400), 0x09796190fd3ba909c6530c89811df9b5b4f5f2fe6501ec21dd864b20673fc02c) // vk.TABLE1.x
+            mstore(add(_vk, 0x420), 0x00b9c2423e310caa43e1eb83b55f53977fccbed85422df8935635d77d146bf39) // vk.TABLE1.y
+            mstore(add(_vk, 0x440), 0x217dad26ccc0c543ec5750513e9365a5cae8164b08d364efcf4b5890ff05f334) // vk.TABLE2.x
+            mstore(add(_vk, 0x460), 0x1db28433f6bde424423f3587787f81c48101d2dc6e54b431332cb275f8518c62) // vk.TABLE2.y
+            mstore(add(_vk, 0x480), 0x2cc2d90f2da7f4ec16b7fe61babd4fb9b580ecff03c471764dd67a8c433afab5) // vk.TABLE3.x
+            mstore(add(_vk, 0x4a0), 0x3032b9ff096a43ce326cc63ffc6a86dcb913fb1f7700939f5304f6c6beb24574) // vk.TABLE3.y
+            mstore(add(_vk, 0x4c0), 0x1f4c58502ca713ed0bffb4ff31ed55e557e83a37d31b8e703aa9219d6158e2d2) // vk.TABLE4.x
+            mstore(add(_vk, 0x4e0), 0x0b0d5ed5432c5e7b56344c1d26ce0d9f632e8f8aa52505d6c89f6da89f357fa8) // vk.TABLE4.y
+            mstore(add(_vk, 0x500), 0x0869d6ec86b39958a4a10ed67954dc8931a1e5ee901099071c3c0684dd0eddde) // vk.TABLE_TYPE.x
+            mstore(add(_vk, 0x520), 0x1fc9d5e1b18c601f367b9551c00f5e541a48aa562cd0adb4369b51a7e99395b6) // vk.TABLE_TYPE.y
+            mstore(add(_vk, 0x540), 0x205b387095b6e538a6169c93c9db7d85ec219e2f0304b449f8849f5fde2c659f) // vk.ID1.x
+            mstore(add(_vk, 0x560), 0x07d8d408db8702ba4db7fec434fdee2b944313f72b0f94a9dcec74e7b715b3f8) // vk.ID1.y
+            mstore(add(_vk, 0x580), 0x2c758668e1cbf0572b139911af3f553c7898f7f07ffdcc58484a1a0acd14a03e) // vk.ID2.x
+            mstore(add(_vk, 0x5a0), 0x159322db7ac7485c5be7ce811a773c5fda9e26b0c47139eda1af6103c5c21b1c) // vk.ID2.y
+            mstore(add(_vk, 0x5c0), 0x026ba63c8620f00298a42a356b18392228d92c4301e8c51e44a3a2e14a6ebc89) // vk.ID3.x
+            mstore(add(_vk, 0x5e0), 0x2a962181e6a7df5a05d1750e7a22b6ec21fc84d8de08524aa75c4ee8f646bd0c) // vk.ID3.y
+            mstore(add(_vk, 0x600), 0x2c81aa9e4f466e56d2a6f1a971d431a487379970bb892424e12a0c71c41479b0) // vk.ID4.x
+            mstore(add(_vk, 0x620), 0x2e662e641087ed19b9ff866748197ab8a871deded79d2835f32e4bbadef1a889) // vk.ID4.y
             mstore(add(_vk, 0x640), 0x01) // vk.contains_recursive_proof
             mstore(add(_vk, 0x660), 0) // vk.recursive_proof_public_input_indices
             mstore(add(_vk, 0x680), 0x260e01b251f6f1c7e7ff4e580791dee8ea51d87a358e038b4efe30fac09383c1) // vk.g2_x.X.c1
             mstore(add(_vk, 0x6a0), 0x0118c4d5b837bcc2bc89b5b398b5974e9f5944073b32078b7e231fec938883b0) // vk.g2_x.X.c0
             mstore(add(_vk, 0x6c0), 0x04fc6369f7110fe3d25156c1bb9a72859cf2a04641f99ba4ee413c80da6a5fe4) // vk.g2_x.Y.c1
             mstore(add(_vk, 0x6e0), 0x22febda3c0c0632a56475b4214e5615e11e6dd3f96e6cea2854a87d4dacc5e55) // vk.g2_x.Y.c0
-            mstore(_omegaInverseLoc, 0x06e402c0a314fb67a15cf806664ae1b722dbc0efe66e6c81d98f9924ca535321) // vk.work_root_inverse
+            mstore(_omegaInverseLoc, 0x036853f083780e87f8d7c71d111119c57dbe118c22d5ad707a82317466c5174c) // vk.work_root_inverse
         }
     }
 }

From 27766446cc8d442a12edcb1484b2b23de74be428 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Sat, 21 Sep 2024 12:27:31 +0000
Subject: [PATCH 12/25] rm changes to vks

---
 .../honk/keys/EcdsaHonkVerificationKey.sol    | 84 +++++++++----------
 1 file changed, 42 insertions(+), 42 deletions(-)

diff --git a/barretenberg/sol/src/honk/keys/EcdsaHonkVerificationKey.sol b/barretenberg/sol/src/honk/keys/EcdsaHonkVerificationKey.sol
index 26207d04184b..b2d9abdf2a20 100644
--- a/barretenberg/sol/src/honk/keys/EcdsaHonkVerificationKey.sol
+++ b/barretenberg/sol/src/honk/keys/EcdsaHonkVerificationKey.sol
@@ -15,72 +15,72 @@ library EcdsaHonkVerificationKey {
             logCircuitSize: uint256(16),
             publicInputsSize: uint256(6),
             ql: Honk.G1Point({
-                x: uint256(0x051ccdb8069f35f4ef85ad098e95681736a7bed10a7bee1b76a506235dc0b579),
-                y: uint256(0x05e168c2e4f90231545f5b24c1a84c1419b8798e4235cc2036c9e101e462b71d)
+                x: uint256(0x0b1acdcf739e1e6c27df046577122a292a77f4fcdf8056d8b8ae12f105d3a888),
+                y: uint256(0x145dad3bdd9a262411aaa657129df49dbf44a63f510e9ab8191622c643ebd9bd)
             }),
             qr: Honk.G1Point({
-                x: uint256(0x2c99eed1f855cd5152942cc090aabf15308eb00ac549e965eb3e1950479cce58),
-                y: uint256(0x170bf8541390153bf5807bc022c9369f99d8bc1fd87922a0627b144fec0414e2)
+                x: uint256(0x1940872f30b32522e26efd0fd4a642289bce2c56083e7a03af564c30969066d8),
+                y: uint256(0x181fd173051ca19e37f09c42298c36d2e9834df50535d85d429f562352c0d924)
             }),
             qo: Honk.G1Point({
-                x: uint256(0x1594abb7debcf41e3296178eeec941dbb6242ba13f50f4549734657ee5ebb8b1),
-                y: uint256(0x262e1469c56c719bdc4eaab93cc95868eed9fea1fa9ded03b46f2c061a341d4f)
+                x: uint256(0x2a1afa631e8b6ab8fb1444fb0154686a5a34c7a4ddae66bdc344e782a81382b3),
+                y: uint256(0x0cfa0936a5e63e723a5c318c7461ddc22824ad0ee62fa00e2e8b92f9b3f1cdf6)
             }),
             q4: Honk.G1Point({
-                x: uint256(0x16b49bbcd37e15ed89b2f6f5b97d021abe440ba7cbc69904484991fa7e6058a9),
-                y: uint256(0x197b14cb5d037642b27ed7cd79b9568e5853ad1e3508453c0ed1f30c1962fd52)
+                x: uint256(0x1a01666b2e915221eb0c1ae6bf91394d18c73e6882dd1241d244f932678982ec),
+                y: uint256(0x212b0436d2da1b4a6507142b794024ded58e3d41fdde2f95249405ffdd02b324)
             }),
             qm: Honk.G1Point({
-                x: uint256(0x175280d74e116a82ad6ccc34f640a5b3dda74b17372c9a0941d57749e37068a6),
-                y: uint256(0x0827b11a78b8a625ba940983effbcf7354aa0388bd472481c0a8a088653b9769)
+                x: uint256(0x0dd29943b961b1c615ab22df0e5b567489a7c9a9ad3ac92ae281d68ca603326c),
+                y: uint256(0x2a552165dc59dc5c5398e6b8c2227dc3f36ccdcc1250e7c9a8c1631c963aff2f)
             }),
             qc: Honk.G1Point({
-                x: uint256(0x2a262a7189292da31f3f4a7926c4d9fcae883188aafe9cf3ba2a623f0004a67a),
-                y: uint256(0x0d90b8808180521422b90889592111434dd5bbc0e5deb27419c1f5e6d0bf9883)
+                x: uint256(0x203785f30cf75ed2e8559faa797897174bca19ebcb44266c6bc87aee8dc86964),
+                y: uint256(0x11ae3fbccf0c302ab29a8123b2ef631a659a3750d27df3eb7c492ae978ac3f07)
             }),
             qArith: Honk.G1Point({
-                x: uint256(0x2026f95bb8f7b6ed57287e4833e2789cce8ec9a95b829e6a2abbf5d13d681d22),
-                y: uint256(0x19cea5af7d9b39a4ad86a0ab52f8a358f7f35236561a50cdf6f2860f0b3426a8)
+                x: uint256(0x059453a86c23185b89783698e7da32ce59270611c312c82a16c42e83d66f3a11),
+                y: uint256(0x23403bda1774d1e372f94dd86571d393290df9d27cc1f032a1a2ba3a02becb28)
             }),
             qDeltaRange: Honk.G1Point({
-                x: uint256(0x02d0f736b422d74d9aa2ef26deedb67fdd2e798aae001c4292dabd2c5df31249),
-                y: uint256(0x0ae6265d6dcc9da8d3b23f088c6fb062c9be10bfa79e9d0463d4a7785ea4a5f9)
+                x: uint256(0x189ec3e8c791a2933a4f188b2183c4bfeb9a2a8e51bb10a7571c243603dd3fce),
+                y: uint256(0x00d30f1839bdf225d00e20bcf76adcf2bfc6ea98a4ca12b4f36c68f4a865fa59)
             }),
             qElliptic: Honk.G1Point({
-                x: uint256(0x0ffa449a9d6e6c6f3e302eb3f16ce9d3d3711b9102ecf0e303ff91f3f9eb25f5),
-                y: uint256(0x095ef997439bccdd1234b2431a520823bcfe3e77f50190e66e70e2c51e906193)
+                x: uint256(0x16b1166d95a8e2496eb12363dbfb9ca5aa5bc0975fc4994dc2c61cc0609d8eba),
+                y: uint256(0x1aded54ecb6c2ec4fdeaef0f9e3b2dae5da1e1958d76b953b9e29efb1e8962b4)
             }),
             qAux: Honk.G1Point({
-                x: uint256(0x09023d45c436e756762d8b3527cfcb3f694cdbafd192ccae59210740bdf03ad3),
-                y: uint256(0x020c9b591603814f1815038e25d1bb3fb85261bf699abfc8921f48954f0bc2b0)
+                x: uint256(0x1011b815b4505f86944621990bd81bd442780186904784572d50087942aa8607),
+                y: uint256(0x24e575bf4641129d492759c66a4a5c1d3da80b647d4e67adfea20ab72eb69854)
             }),
             qLookup: Honk.G1Point({
-                x: uint256(0x08c0d34ca72136661975f3b1ad658bfda38661b9ff320b60e2974496e03fd62e),
-                y: uint256(0x236caf48f4c3a7ca207f5c0ec75f304657e49780015cf40ff9be37f8ba3c6624)
+                x: uint256(0x13a5f6d8f4de0f66dc7ea0d75efa7ae6632e6448c13bbbe5358412f7a36518d6),
+                y: uint256(0x142fd8f3223785fbd36b380c6065215d16b821b3df4d86d5464f1bfff2a29544)
             }),
             qPoseidon2External: Honk.G1Point({
-                x: uint256(0x09d58ddd055d3d65b4f36a347c18c11956b7d43c4f15434ded62bdf1224ff37d),
-                y: uint256(0x3002f0782d68214149ae47ee94771a6509709499ca06a8421eeeae97ea37e2a9)
+                x: uint256(0x02c909437bb59751312ce2208a2b367d3c9eaa8721d7671306c41ebd9843b3ba),
+                y: uint256(0x1db8a23e0231ac4b008ccdb6f21aa37c59349a77b51d894217596f0ef543120c)
             }),
             qPoseidon2Internal: Honk.G1Point({
-                x: uint256(0x1d11dbf6b2ced628ad64ea9d8afef60b6ea2e246160b6525915eb0ab7bdc94aa),
-                y: uint256(0x1ecef8438441a2565ee641757bdc6739da7389d913453eee0aaac561fb08495c)
+                x: uint256(0x19d898bac51355e0822e2aa6e6630494e47ea2476a0c4c15b6f03ce441f6c6d0),
+                y: uint256(0x2add808f3d5b3c608ce5937fcd3c9c968ba56dbe5855e2f6d3e4bdd9d118d19b)
             }),
             s1: Honk.G1Point({
-                x: uint256(0x105eb99bfd557812572f2a5ec5b6eff27375b4ed5ce4e7a9649fe3038cfacbac),
-                y: uint256(0x1efd910252f319f9c0dc21c7688b92d80fd0a8636f152e0d9c8e0afb5c9a6d2e)
+                x: uint256(0x0dd1eea7735fc4052df5a19e4859c59e50e3ab9cb3cc2accbd42ef8a1104449b),
+                y: uint256(0x1541af79ad21fe21642a50d97899451c868b6d5d608431e5de6b0a730abe130d)
             }),
             s2: Honk.G1Point({
-                x: uint256(0x2bbbf5e8a2f7feb08ee64585bf3da54db0da09b211f726adda93020a2ae23e56),
-                y: uint256(0x2a9e8e1c3850c66da60224163dc4846ea6f37ed48f9d6dfd40b450fa61081484)
+                x: uint256(0x21d9072c3474c1cfe1c2d96c098c4d9af4bb5d222944aa6470063f4a8b9b9770),
+                y: uint256(0x137ad8c018449f48311b5394ac91a6b2f5c5e40c676216a299a3d501d69b1f7d)
             }),
             s3: Honk.G1Point({
-                x: uint256(0x0d264ba46f4a7bafd0ba9d9f9f4827109e1da2cfdb11835b9fc65aaafe9f9f20),
-                y: uint256(0x0f9ff6e122bcacd091ffd98d8caf249ab216e9c784e667475e2184ed34892272)
+                x: uint256(0x2c2fe61ccbf18af13d41950ef58f3a2a64d355657a4dfba8e9917e618ea8add4),
+                y: uint256(0x2e7edf4dae50db17925e431d3198a39cb4bdc6f4e6e7d8d6163c972f4750a606)
             }),
             s4: Honk.G1Point({
-                x: uint256(0x2556809f13dc85764a5e4ea8fda1bbba54f36dad477124915fc8c198db16f496),
-                y: uint256(0x27461805fb3a7ee919331973984491c36cc83eee61d3664d5319922902327750)
+                x: uint256(0x1825a30f42c7508e2ee2158d374dc626cf4149b745ba55d533181f418ac605aa),
+                y: uint256(0x15d9b33a9612c0c8a55a75a827c0230656054765c7b37ba77a798b71a4766d1b)
             }),
             t1: Honk.G1Point({
                 x: uint256(0x1ddc9ef86584375e5998d9f6fc16a4e646dc315ab86b477abc2f18a723dc24f6),
@@ -99,20 +99,20 @@ library EcdsaHonkVerificationKey {
                 y: uint256(0x076bf1e1f682badebfca083e25d808e8dae96372631c0721a7ee238c333a862a)
             }),
             id1: Honk.G1Point({
-                x: uint256(0x0b034b231d25a2e152b830397a59c97e02175212a6c5ce00129625cfb2e5c53d),
-                y: uint256(0x22e1842515d4569ca06477f4b2685d0a767bfa1eecca343c889840af8c086db9)
+                x: uint256(0x003bfa695fb125e2e815ae3565a2b7667fe2240edfd46c312fa6b6ed88226d3f),
+                y: uint256(0x080c85e17835fce14e045eeb531ef2c287ad933a2ca7f35d3c7df03d0367fb9c)
             }),
             id2: Honk.G1Point({
-                x: uint256(0x0e82a73cd55280503e70d5bdd855071d202ff65f31a65996955a7661775ff290),
-                y: uint256(0x1325a665dfee8e1247f3129ca943e12736f800afc1a9dcfa0476050b8e3c87f8)
+                x: uint256(0x17662e6b69e1a67d8682a5c00b4d3c57c8f3ce7d82df027ba71c5031a946e070),
+                y: uint256(0x14bd830834279aa5f4ff64181af68bef9121c6322d37d25b5490f60a83b755f9)
             }),
             id3: Honk.G1Point({
-                x: uint256(0x2ad12a1238e051fba16108022b5e58bba1fc7966fe759016a93fae5397e8c403),
-                y: uint256(0x257cfc281b0135bb8dfb0df6a7b69ca39835af544007eb61ace84ce7014c1fea)
+                x: uint256(0x05bc83edcd40f963c7f6983f1c6a993ce32ca97a6e45c076dc4e38195ba8560a),
+                y: uint256(0x01239f42bab3bc0d1cc4194ca17fa76036ce2e4887a3dc499fe71da67d7af9a3)
             }),
             id4: Honk.G1Point({
-                x: uint256(0x058bf4de2f71f4d2e11235d140d05db461fb50d8aef64c8c52e2c0f57438dcce),
-                y: uint256(0x1e90ce7ec8cca2e65d7deafb655e6c7b0c4b964cd2cb1e5b4ef5ad78ab2f4b46)
+                x: uint256(0x1bcbd59c8e9e24132d3d3dfb1eaf21fa4ed74e922bb4d44f3c8d22ebb50105da),
+                y: uint256(0x147b021c1046d59dcc6b8be404ef2670f7e6f33a03dbaeef966c9bf3882324f4)
             }),
             lagrangeFirst: Honk.G1Point({
                 x: uint256(0x0000000000000000000000000000000000000000000000000000000000000001),

From 49a0582e2cc5bf6f025fe06a4646dbae37307278 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Sat, 21 Sep 2024 14:16:30 +0000
Subject: [PATCH 13/25] ensure ordering of evaluation is right, still doesn't
 fix the problem

---
 barretenberg/acir_tests/sol-test/yarn.lock    |   2 +-
 .../commitment_schemes/gemini/gemini.hpp      |   3 +-
 .../commitment_schemes/gemini/gemini.test.cpp | 382 +++++++++---------
 .../commitment_schemes/gemini/gemini_impl.hpp |  28 +-
 .../commitment_schemes/ipa/ipa.test.cpp       |  11 +-
 .../commitment_schemes/kzg/kzg.test.cpp       |  17 +-
 .../commitment_schemes/shplonk/shplemini.hpp  |  28 +-
 .../shplonk/shplemini.test.cpp                |   8 +-
 .../zeromorph/zeromorph.hpp                   |  23 +-
 .../zeromorph/zeromorph.test.cpp              |  19 +-
 .../shplemini.test.cpp                        |  17 +-
 .../zeromorph.test.cpp                        |  15 +-
 .../eccvm_recursive_verifier.cpp              |   3 +-
 .../decider_recursive_verifier.cpp            |   3 +-
 .../ultra_recursive_verifier.cpp              |   3 +-
 .../translator_recursive_verifier.cpp         |   3 +-
 .../barretenberg/transcript/transcript.hpp    |   2 +-
 .../translator_vm/translator_prover.cpp       |  22 +-
 .../translator_vm/translator_verifier.cpp     |   3 +-
 .../ultra_honk/decider_prover.cpp             |   3 +-
 .../ultra_honk/decider_verifier.cpp           |   6 +-
 .../barretenberg/vm/avm/generated/prover.cpp  |   3 +-
 .../vm/avm/generated/verifier.cpp             |   3 +-
 .../avm/recursion/avm_recursive_verifier.cpp  |   3 +-
 .../bb-pil-backend/templates/prover.cpp.hbs   |   3 +-
 .../bb-pil-backend/templates/verifier.cpp.hbs |   3 +-
 26 files changed, 326 insertions(+), 290 deletions(-)

diff --git a/barretenberg/acir_tests/sol-test/yarn.lock b/barretenberg/acir_tests/sol-test/yarn.lock
index af80282ea956..5cfac7679f6e 100644
--- a/barretenberg/acir_tests/sol-test/yarn.lock
+++ b/barretenberg/acir_tests/sol-test/yarn.lock
@@ -1,4 +1,4 @@
-# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+d# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
 # yarn lockfile v1
 
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
index ea90f07cb82b..a303a13b53e6 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
@@ -112,7 +112,8 @@ template <typename Curve> class GeminiProver_ {
     static std::vector<Claim> prove(const Fr circuit_size,
                                     RefSpan<Polynomial> f_polynomials,
                                     RefSpan<Polynomial> g_polynomials,
-                                    RefSpan<Fr> multilinear_evaluations,
+                                    RefSpan<Fr> unshifted_evaluations,
+                                    RefSpan<Fr> shifted_evaluations,
                                     std::span<Fr> multilinear_challenge,
                                     const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
                                     const std::shared_ptr<Transcript>& transcript);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
index 7d0b29a26a9f..08a2e8dd7de1 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
@@ -1,188 +1,194 @@
-#include "gemini_impl.hpp"
-
-#include "../commitment_key.test.hpp"
-#include "barretenberg/polynomials/polynomial.hpp"
-#include "barretenberg/transcript/transcript.hpp"
-
-using namespace bb;
-
-template <class Curve> class GeminiTest : public CommitmentTest<Curve> {
-    using GeminiProver = GeminiProver_<Curve>;
-    using GeminiVerifier = GeminiVerifier_<Curve>;
-    using Fr = typename Curve::ScalarField;
-    using GroupElement = typename Curve::Element;
-
-  public:
-    void execute_gemini_and_verify_claims(std::vector<Fr>& multilinear_evaluation_point,
-                                          std::vector<Fr>& multilinear_evaluations,
-                                          std::vector<Polynomial<Fr>>& multilinear_polynomials,
-                                          std::vector<Polynomial<Fr>>& multilinear_polynomials_to_be_shifted,
-                                          std::vector<GroupElement>& multilinear_commitments,
-                                          std::vector<GroupElement>& multilinear_commitments_to_be_shifted)
-    {
-        auto prover_transcript = NativeTranscript::prover_init_empty();
-
-        // Compute:
-        // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
-        // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-        auto prover_output = GeminiProver::prove(1 << multilinear_evaluation_point.size(),
-                                                 RefVector(multilinear_polynomials),
-                                                 RefVector(multilinear_polynomials_to_be_shifted),
-                                                 RefVector(multilinear_evaluations),
-                                                 multilinear_evaluation_point,
-                                                 this->commitment_key,
-                                                 prover_transcript);
-
-        // Check that the Fold polynomials have been evaluated correctly in the prover
-        this->verify_batch_opening_pair(prover_output);
-
-        auto verifier_transcript = NativeTranscript::verifier_init_empty(prover_transcript);
-
-        // Compute:
-        // - Single opening pair: {r, \hat{a}_0}
-        // - 2 partially evaluated Fold polynomial commitments [Fold_{r}^(0)] and [Fold_{-r}^(0)]
-        // Aggregate: d+1 opening pairs and d+1 Fold poly commitments into verifier claim
-        auto verifier_claims = GeminiVerifier::reduce_verification(multilinear_evaluation_point,
-                                                                   multilinear_evaluations,
-                                                                   RefVector(multilinear_commitments),
-                                                                   RefVector(multilinear_commitments_to_be_shifted),
-                                                                   verifier_transcript);
-
-        // Check equality of the opening pairs computed by prover and verifier
-        for (auto [prover_claim, verifier_claim] : zip_view(prover_output, verifier_claims)) {
-            ASSERT_EQ(prover_claim.opening_pair, verifier_claim.opening_pair);
-            this->verify_opening_claim(verifier_claim, prover_claim.polynomial);
-        }
-    }
-};
-
-using ParamsTypes = ::testing::Types<curve::BN254, curve::Grumpkin>;
-TYPED_TEST_SUITE(GeminiTest, ParamsTypes);
-
-TYPED_TEST(GeminiTest, Single)
-{
-    using Fr = typename TypeParam::ScalarField;
-    using GroupElement = typename TypeParam::Element;
-
-    const size_t n = 16;
-    const size_t log_n = 4;
-
-    auto u = this->random_evaluation_point(log_n);
-    auto poly = Polynomial<Fr>::random(n);
-    auto commitment = this->commit(poly);
-    auto eval = poly.evaluate_mle(u);
-
-    // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
-    std::vector<Fr> multilinear_evaluations = { eval };
-    std::vector<Polynomial<Fr>> multilinear_polynomials = { poly.share() };
-    std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = {};
-    std::vector<GroupElement> multilinear_commitments = { commitment };
-    std::vector<GroupElement> multilinear_commitments_to_be_shifted = {};
-
-    this->execute_gemini_and_verify_claims(u,
-                                           multilinear_evaluations,
-                                           multilinear_polynomials,
-                                           multilinear_polynomials_to_be_shifted,
-                                           multilinear_commitments,
-                                           multilinear_commitments_to_be_shifted);
-}
-
-TYPED_TEST(GeminiTest, SingleShift)
-{
-    using Fr = typename TypeParam::ScalarField;
-    using GroupElement = typename TypeParam::Element;
-
-    const size_t n = 16;
-    const size_t log_n = 4;
-
-    auto u = this->random_evaluation_point(log_n);
-
-    // shiftable polynomial must have 0 as last coefficient
-    auto poly = Polynomial<Fr>::random(n, /*shiftable*/ 1);
-
-    auto commitment = this->commit(poly);
-    auto eval_shift = poly.evaluate_mle(u, true);
-
-    // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
-    std::vector<Fr> multilinear_evaluations = { eval_shift };
-    std::vector<Polynomial<Fr>> multilinear_polynomials = {};
-    std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = { poly.share() };
-    std::vector<GroupElement> multilinear_commitments = {};
-    std::vector<GroupElement> multilinear_commitments_to_be_shifted = { commitment };
-
-    this->execute_gemini_and_verify_claims(u,
-                                           multilinear_evaluations,
-                                           multilinear_polynomials,
-                                           multilinear_polynomials_to_be_shifted,
-                                           multilinear_commitments,
-                                           multilinear_commitments_to_be_shifted);
-}
-
-TYPED_TEST(GeminiTest, Double)
-{
-    using Fr = typename TypeParam::ScalarField;
-    using GroupElement = typename TypeParam::Element;
-
-    const size_t n = 16;
-    const size_t log_n = 4;
-
-    auto u = this->random_evaluation_point(log_n);
-
-    auto poly1 = Polynomial<Fr>::random(n);
-    auto poly2 = Polynomial<Fr>::random(n);
-
-    auto commitment1 = this->commit(poly1);
-    auto commitment2 = this->commit(poly2);
-
-    auto eval1 = poly1.evaluate_mle(u);
-    auto eval2 = poly2.evaluate_mle(u);
-
-    // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
-    std::vector<Fr> multilinear_evaluations = { eval1, eval2 };
-    std::vector<Polynomial<Fr>> multilinear_polynomials = { poly1.share(), poly2.share() };
-    std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = {};
-    std::vector<GroupElement> multilinear_commitments = { commitment1, commitment2 };
-    std::vector<GroupElement> multilinear_commitments_to_be_shifted = {};
-
-    this->execute_gemini_and_verify_claims(u,
-                                           multilinear_evaluations,
-                                           multilinear_polynomials,
-                                           multilinear_polynomials_to_be_shifted,
-                                           multilinear_commitments,
-                                           multilinear_commitments_to_be_shifted);
-}
-
-TYPED_TEST(GeminiTest, DoubleWithShift)
-{
-    using Fr = typename TypeParam::ScalarField;
-    using GroupElement = typename TypeParam::Element;
-
-    const size_t n = 16;
-    const size_t log_n = 4;
-
-    auto u = this->random_evaluation_point(log_n);
-
-    auto poly1 = Polynomial<Fr>::random(n);
-    auto poly2 = Polynomial<Fr>::random(n, 1); // make 'shiftable'
-
-    auto commitment1 = this->commit(poly1);
-    auto commitment2 = this->commit(poly2);
-
-    auto eval1 = poly1.evaluate_mle(u);
-    auto eval2 = poly2.evaluate_mle(u);
-    auto eval2_shift = poly2.evaluate_mle(u, true);
-
-    // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
-    std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval2_shift };
-    std::vector<Polynomial<Fr>> multilinear_polynomials = { poly1.share(), poly2.share() };
-    std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = { poly2.share() };
-    std::vector<GroupElement> multilinear_commitments = { commitment1, commitment2 };
-    std::vector<GroupElement> multilinear_commitments_to_be_shifted = { commitment2 };
-
-    this->execute_gemini_and_verify_claims(u,
-                                           multilinear_evaluations,
-                                           multilinear_polynomials,
-                                           multilinear_polynomials_to_be_shifted,
-                                           multilinear_commitments,
-                                           multilinear_commitments_to_be_shifted);
-}
+// #include "gemini_impl.hpp"
+
+// #include "../commitment_key.test.hpp"
+// #include "barretenberg/polynomials/polynomial.hpp"
+// #include "barretenberg/transcript/transcript.hpp"
+
+// using namespace bb;
+
+// template <class Curve> class GeminiTest : public CommitmentTest<Curve> {
+//     using GeminiProver = GeminiProver_<Curve>;
+//     using GeminiVerifier = GeminiVerifier_<Curve>;
+//     using Fr = typename Curve::ScalarField;
+//     using GroupElement = typename Curve::Element;
+
+//   public:
+//     void execute_gemini_and_verify_claims(std::vector<Fr>& multilinear_evaluation_point,
+//                                           std::vector<Fr>& unshifted_evaluations,
+//                                           std::vector<Fr>& shifted_evaluations,
+//                                           std::vector<Polynomial<Fr>>& multilinear_polynomials,
+//                                           std::vector<Polynomial<Fr>>& multilinear_polynomials_to_be_shifted,
+//                                           std::vector<GroupElement>& multilinear_commitments,
+//                                           std::vector<GroupElement>& multilinear_commitments_to_be_shifted)
+//     {
+//         auto prover_transcript = NativeTranscript::prover_init_empty();
+
+//         // Compute:
+//         // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
+//         // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
+//         auto prover_output = GeminiProver::prove(1 << multilinear_evaluation_point.size(),
+//                                                  RefVector(multilinear_polynomials),
+//                                                  RefVector(multilinear_polynomials_to_be_shifted),
+//                                                  RefVector(unshifted_evaluations),
+//                                                  RefVector(shifted_evaluations),
+//                                                  multilinear_evaluation_point,
+//                                                  this->commitment_key,
+//                                                  prover_transcript);
+
+//         // Check that the Fold polynomials have been evaluated correctly in the prover
+//         this->verify_batch_opening_pair(prover_output);
+
+//         auto verifier_transcript = NativeTranscript::verifier_init_empty(prover_transcript);
+
+//         // Compute:
+//         // - Single opening pair: {r, \hat{a}_0}
+//         // - 2 partially evaluated Fold polynomial commitments [Fold_{r}^(0)] and [Fold_{-r}^(0)]
+//         // Aggregate: d+1 opening pairs and d+1 Fold poly commitments into verifier claim
+//         auto verifier_claims = GeminiVerifier::reduce_verification(multilinear_evaluation_point,
+//                                                                    multilinear_evaluations,
+//                                                                    RefVector(multilinear_commitments),
+//                                                                    RefVector(multilinear_commitments_to_be_shifted),
+//                                                                    verifier_transcript);
+
+//         // Check equality of the opening pairs computed by prover and verifier
+//         for (auto [prover_claim, verifier_claim] : zip_view(prover_output, verifier_claims)) {
+//             ASSERT_EQ(prover_claim.opening_pair, verifier_claim.opening_pair);
+//             this->verify_opening_claim(verifier_claim, prover_claim.polynomial);
+//         }
+//     }
+// };
+
+// using ParamsTypes = ::testing::Types<curve::BN254, curve::Grumpkin>;
+// TYPED_TEST_SUITE(GeminiTest, ParamsTypes);
+
+// TYPED_TEST(GeminiTest, Single)
+// {
+//     using Fr = typename TypeParam::ScalarField;
+//     using GroupElement = typename TypeParam::Element;
+
+//     const size_t n = 16;
+//     const size_t log_n = 4;
+
+//     auto u = this->random_evaluation_point(log_n);
+//     auto poly = Polynomial<Fr>::random(n);
+//     auto commitment = this->commit(poly);
+//     auto eval = poly.evaluate_mle(u);
+
+//     // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
+//     std::vector<Fr> multilinear_evaluations = { eval };
+//     std::vector<Polynomial<Fr>> multilinear_polynomials = { poly.share() };
+//     std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = {};
+//     std::vector<GroupElement> multilinear_commitments = { commitment };
+//     std::vector<GroupElement> multilinear_commitments_to_be_shifted = {};
+
+//     this->execute_gemini_and_verify_claims(u,
+//                                            { eval },
+//                                            {},
+//                                            multilinear_polynomials,
+//                                            multilinear_polynomials_to_be_shifted,
+//                                            multilinear_commitments,
+//                                            multilinear_commitments_to_be_shifted);
+// }
+
+// TYPED_TEST(GeminiTest, SingleShift)
+// {
+//     using Fr = typename TypeParam::ScalarField;
+//     using GroupElement = typename TypeParam::Element;
+
+//     const size_t n = 16;
+//     const size_t log_n = 4;
+
+//     auto u = this->random_evaluation_point(log_n);
+
+//     // shiftable polynomial must have 0 as last coefficient
+//     auto poly = Polynomial<Fr>::random(n, /*shiftable*/ 1);
+
+//     auto commitment = this->commit(poly);
+//     auto eval_shift = poly.evaluate_mle(u, true);
+
+//     // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
+//     std::vector<Fr> multilinear_evaluations = { eval_shift };
+//     std::vector<Polynomial<Fr>> multilinear_polynomials = {};
+//     std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = { poly.share() };
+//     std::vector<GroupElement> multilinear_commitments = {};
+//     std::vector<GroupElement> multilinear_commitments_to_be_shifted = { commitment };
+
+//     this->execute_gemini_and_verify_claims(u,
+//                                            {},
+//                                            { eval_shift },
+//                                            multilinear_polynomials,
+//                                            multilinear_polynomials_to_be_shifted,
+//                                            multilinear_commitments,
+//                                            multilinear_commitments_to_be_shifted);
+// }
+
+// TYPED_TEST(GeminiTest, Double)
+// {
+//     using Fr = typename TypeParam::ScalarField;
+//     using GroupElement = typename TypeParam::Element;
+
+//     const size_t n = 16;
+//     const size_t log_n = 4;
+
+//     auto u = this->random_evaluation_point(log_n);
+
+//     auto poly1 = Polynomial<Fr>::random(n);
+//     auto poly2 = Polynomial<Fr>::random(n);
+
+//     auto commitment1 = this->commit(poly1);
+//     auto commitment2 = this->commit(poly2);
+
+//     auto eval1 = poly1.evaluate_mle(u);
+//     auto eval2 = poly2.evaluate_mle(u);
+
+//     // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
+//     std::vector<Fr> multilinear_evaluations = { eval1, eval2 };
+//     std::vector<Polynomial<Fr>> multilinear_polynomials = { poly1.share(), poly2.share() };
+//     std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = {};
+//     std::vector<GroupElement> multilinear_commitments = { commitment1, commitment2 };
+//     std::vector<GroupElement> multilinear_commitments_to_be_shifted = {};
+
+//     this->execute_gemini_and_verify_claims(u,
+//                                            { eval1, eval2 },
+//                                            {},
+//                                            multilinear_polynomials,
+//                                            multilinear_polynomials_to_be_shifted,
+//                                            multilinear_commitments,
+//                                            multilinear_commitments_to_be_shifted);
+// }
+
+// TYPED_TEST(GeminiTest, DoubleWithShift)
+// {
+//     using Fr = typename TypeParam::ScalarField;
+//     using GroupElement = typename TypeParam::Element;
+
+//     const size_t n = 16;
+//     const size_t log_n = 4;
+
+//     auto u = this->random_evaluation_point(log_n);
+
+//     auto poly1 = Polynomial<Fr>::random(n);
+//     auto poly2 = Polynomial<Fr>::random(n, 1); // make 'shiftable'
+
+//     auto commitment1 = this->commit(poly1);
+//     auto commitment2 = this->commit(poly2);
+
+//     auto eval1 = poly1.evaluate_mle(u);
+//     auto eval2 = poly2.evaluate_mle(u);
+//     auto eval2_shift = poly2.evaluate_mle(u, true);
+
+//     // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
+//     std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval2_shift };
+//     std::vector<Polynomial<Fr>> multilinear_polynomials = { poly1.share(), poly2.share() };
+//     std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = { poly2.share() };
+//     std::vector<GroupElement> multilinear_commitments = { commitment1, commitment2 };
+//     std::vector<GroupElement> multilinear_commitments_to_be_shifted = { commitment2 };
+
+//     this->execute_gemini_and_verify_claims(u,
+//                                            { eval1, eval2 },
+//                                            { eval2_shift },
+//                                            multilinear_polynomials,
+//                                            multilinear_polynomials_to_be_shifted,
+//                                            multilinear_commitments,
+//                                            multilinear_commitments_to_be_shifted);
+// }
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
index 5876f5ac51b2..68bd204c3d85 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
@@ -42,38 +42,38 @@ namespace bb {
 template <typename Curve>
 template <typename Transcript>
 std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
-    [[maybe_unused]] Fr circuit_size,    // Will be used when constant proof sizes are in
-    RefSpan<Polynomial> f_polynomials,   // unshifted
-    RefSpan<Polynomial> g_polynomials,   // to-be-shifted
-    RefSpan<Fr> multilinear_evaluations, /* u */
+    [[maybe_unused]] Fr circuit_size,  // Will be used when constant proof sizes are in
+    RefSpan<Polynomial> f_polynomials, // unshifted
+    RefSpan<Polynomial> g_polynomials, // to-be-shifted
+    RefSpan<Fr> unshifted_evaluations,
+    RefSpan<Fr> shifted_evaluations,
     std::span<Fr> multilinear_challenge,
     const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
     const std::shared_ptr<Transcript>& transcript)
 {
-    ASSERT(multilinear_evaluations.size() == f_polynomials.size() + g_polynomials.size());
+    ASSERT(unshifted_evaluations.size() + shifted_evaluations.size() == f_polynomials.size() + g_polynomials.size());
     size_t log_n = numeric::get_msb(static_cast<uint32_t>(circuit_size));
     size_t n = 1 << log_n;
 
     Fr rho = transcript->template get_challenge<Fr>("rho");
-    std::vector<Fr> rhos = gemini::powers_of_rho(rho, multilinear_evaluations.size());
-
-    // Compute batched multivariate evaluation
-    Fr batched_evaluation = Fr::zero();
-    for (size_t i = 0; i < rhos.size(); ++i) {
-        batched_evaluation += multilinear_evaluations[i] * rhos[i];
-    }
+    std::vector<Fr> rhos = gemini::powers_of_rho(rho, unshifted_evaluations.size() + shifted_evaluations.size());
 
     // Compute batched polynomials
     Polynomial batched_unshifted(n);
     Polynomial batched_to_be_shifted = Polynomial::shiftable(1 << log_n);
+    // Fr batched_evaluation = Fr::zero();
 
     const size_t num_unshifted = f_polynomials.size();
     const size_t num_to_be_shifted = g_polynomials.size();
     for (size_t i = 0; i < num_unshifted; i++) {
-        batched_unshifted.add_scaled(f_polynomials[i], rhos[i]);
+        Fr rho_challenge = rhos[i];
+        batched_unshifted.add_scaled(f_polynomials[i], rho_challenge);
+        // batched_evaluation += unshifted_evaluations[i] * rho_challenge;
     }
     for (size_t i = 0; i < num_to_be_shifted; i++) {
-        batched_to_be_shifted.add_scaled(g_polynomials[i], rhos[num_unshifted + i]);
+        Fr rho_challenge = rhos[num_unshifted + i];
+        batched_to_be_shifted.add_scaled(g_polynomials[i], rho_challenge);
+        // batched_evaluation += shifted_evaluations[i] * rho_challenge;
     }
 
     auto fold_polynomials = compute_fold_polynomials(
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
index 0b1fec24c903..187fcdce629f 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
@@ -269,7 +269,8 @@ TEST_F(IPATest, GeminiShplonkIPAWithShift)
     auto prover_opening_claims = GeminiProver::prove(n,
                                                      RefArray{ poly1, poly2 },
                                                      RefArray{ poly2 },
-                                                     RefVector(multilinear_evaluations),
+                                                     RefArray{ eval1, eval2 },
+                                                     RefArray{ eval2 },
                                                      mle_opening_point,
                                                      this->ck(),
                                                      prover_transcript);
@@ -314,8 +315,6 @@ TEST_F(IPATest, ShpleminiIPAWithShift)
     auto eval2 = poly2.evaluate_mle(mle_opening_point);
     auto eval2_shift = poly2.evaluate_mle(mle_opening_point, true);
 
-    std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval2_shift };
-
     auto prover_transcript = NativeTranscript::prover_init_empty();
 
     // Run the full prover PCS protocol:
@@ -326,7 +325,8 @@ TEST_F(IPATest, ShpleminiIPAWithShift)
     auto prover_opening_claims = GeminiProver::prove(n,
                                                      RefArray{ poly1, poly2 },
                                                      RefArray{ poly2 },
-                                                     RefVector(multilinear_evaluations),
+                                                     RefArray{ eval1, eval2 },
+                                                     RefArray{ eval2_shift },
                                                      mle_opening_point,
                                                      this->ck(),
                                                      prover_transcript);
@@ -339,7 +339,8 @@ TEST_F(IPATest, ShpleminiIPAWithShift)
     const auto batch_opening_claim = ShpleminiVerifier::compute_batch_opening_claim(n,
                                                                                     RefVector(unshifted_commitments),
                                                                                     RefVector(shifted_commitments),
-                                                                                    RefVector(multilinear_evaluations),
+                                                                                    RefArray{ eval1, eval2 },
+                                                                                    RefArray{ eval2_shift },
                                                                                     mle_opening_point,
                                                                                     this->vk()->get_g1_identity(),
                                                                                     verifier_transcript);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
index 10230931c1a9..339f58d58b96 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
@@ -95,7 +95,8 @@ TYPED_TEST(KZGTest, GeminiShplonkKzgWithShift)
     auto prover_opening_claims = GeminiProver::prove(n,
                                                      RefArray{ poly1, poly2 },
                                                      RefArray{ poly2 },
-                                                     RefVector(multilinear_evaluations),
+                                                     RefArray{ eval1, eval2 },
+                                                     RefArray{ eval2_shift },
                                                      mle_opening_point,
                                                      this->ck(),
                                                      prover_transcript);
@@ -155,13 +156,13 @@ TYPED_TEST(KZGTest, ShpleminiKzgWithShift)
     Commitment commitment1 = this->commit(poly1);
     Commitment commitment2 = this->commit(poly2);
     std::vector<Commitment> unshifted_commitments = { commitment1, commitment2 };
-    std::vector<Commitment> shifted_commitments = { commitment2 };
+    std::vector<Commitment> shifted_commitments = { commitment1 };
     auto eval1 = poly1.evaluate_mle(mle_opening_point);
     auto eval2 = poly2.evaluate_mle(mle_opening_point);
-    auto eval2_shift = poly2.evaluate_mle(mle_opening_point, true);
+    auto eval1_shift = poly1.evaluate_mle(mle_opening_point, true);
 
     // Collect multilinear evaluations for input to prover
-    std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval2_shift };
+    std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval1_shift };
 
     auto prover_transcript = NativeTranscript::prover_init_empty();
 
@@ -172,8 +173,9 @@ TYPED_TEST(KZGTest, ShpleminiKzgWithShift)
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
     auto prover_opening_claims = GeminiProver::prove(n,
                                                      RefArray{ poly1, poly2 },
-                                                     RefArray{ poly2 },
-                                                     RefVector(multilinear_evaluations),
+                                                     RefArray{ poly1 },
+                                                     RefArray{ eval1, eval2 },
+                                                     RefArray{ eval1_shift },
                                                      mle_opening_point,
                                                      this->ck(),
                                                      prover_transcript);
@@ -196,7 +198,8 @@ TYPED_TEST(KZGTest, ShpleminiKzgWithShift)
     const auto batch_opening_claim = ShpleminiVerifier::compute_batch_opening_claim(n,
                                                                                     RefVector(unshifted_commitments),
                                                                                     RefVector(shifted_commitments),
-                                                                                    RefVector(multilinear_evaluations),
+                                                                                    RefArray{ eval1, eval2 },
+                                                                                    RefArray{ eval1_shift },
                                                                                     mle_opening_point,
                                                                                     this->vk()->get_g1_identity(),
                                                                                     verifier_transcript);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
index 8d4edab4ce82..32cef2fdde89 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
@@ -24,7 +24,8 @@ template <typename Curve> class ShpleminiProver_ {
     static OpeningClaim prove(FF circuit_size,
                               RefSpan<Polynomial> f_polynomials,
                               RefSpan<Polynomial> g_polynomials,
-                              RefSpan<FF> multilinear_evaluations,
+                              RefSpan<FF> unshifted_evaluations,
+                              RefSpan<FF> shifted_evaluations,
                               std::span<FF> multilinear_challenge,
                               const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
                               const std::shared_ptr<Transcript>& transcript)
@@ -32,7 +33,8 @@ template <typename Curve> class ShpleminiProver_ {
         std::vector<OpeningClaim> opening_claims = GeminiProver::prove(circuit_size,
                                                                        f_polynomials,
                                                                        g_polynomials,
-                                                                       multilinear_evaluations,
+                                                                       unshifted_evaluations,
+                                                                       shifted_evaluations,
                                                                        multilinear_challenge,
                                                                        commitment_key,
                                                                        transcript);
@@ -107,7 +109,8 @@ template <typename Curve> class ShpleminiVerifier_ {
     static BatchOpeningClaim<Curve> compute_batch_opening_claim(const Fr N,
                                                                 RefSpan<Commitment> unshifted_commitments,
                                                                 RefSpan<Commitment> shifted_commitments,
-                                                                RefSpan<Fr> claimed_evaluations,
+                                                                RefSpan<Fr> unshifted_evaluations,
+                                                                RefSpan<Fr> shifted_evaluations,
                                                                 const std::vector<Fr>& multivariate_challenge,
                                                                 const Commitment& g1_identity,
                                                                 std::shared_ptr<Transcript>& transcript)
@@ -176,13 +179,15 @@ template <typename Curve> class ShpleminiVerifier_ {
         Fr batched_evaluation{ 0 };
         batch_multivariate_opening_claims(unshifted_commitments,
                                           shifted_commitments,
-                                          claimed_evaluations,
+                                          unshifted_evaluations,
+                                          shifted_evaluations,
                                           multivariate_batching_challenge,
                                           unshifted_scalar,
                                           shifted_scalar,
                                           commitments,
                                           scalars,
                                           batched_evaluation);
+        info("Verifier: ", batched_evaluation);
 
         // Place the commitments to Gemini Aᵢ to the vector of commitments, compute the contributions from
         // Aᵢ(−r²ⁱ) for i=1, … , n−1 to the constant term accumulator, add corresponding scalars
@@ -259,7 +264,8 @@ template <typename Curve> class ShpleminiVerifier_ {
      */
     static void batch_multivariate_opening_claims(RefSpan<Commitment> unshifted_commitments,
                                                   RefSpan<Commitment> shifted_commitments,
-                                                  RefSpan<Fr> claimed_evaluations,
+                                                  RefSpan<Fr> unshifted_evaluations,
+                                                  RefSpan<Fr> shifted_evaluations,
                                                   const Fr& multivariate_batching_challenge,
                                                   const Fr& unshifted_scalar,
                                                   const Fr& shifted_scalar,
@@ -267,27 +273,25 @@ template <typename Curve> class ShpleminiVerifier_ {
                                                   std::vector<Fr>& scalars,
                                                   Fr& batched_evaluation)
     {
-        size_t evaluation_idx = 0;
         Fr current_batching_challenge = Fr(1);
-        for (auto& unshifted_commitment : unshifted_commitments) {
+        for (auto [unshifted_commitment, unshifted_evaluation] :
+             zip_view(unshifted_commitments, unshifted_evaluations)) {
             // Move unshifted commitments to the 'commitments' vector
             commitments.emplace_back(std::move(unshifted_commitment));
             // Compute −ρⁱ ⋅ (1/(z−r) + ν/(z+r)) and place into 'scalars'
             scalars.emplace_back(-unshifted_scalar * current_batching_challenge);
             // Accumulate the evaluation of ∑ ρⁱ ⋅ fᵢ at the sumcheck challenge
-            batched_evaluation += claimed_evaluations[evaluation_idx] * current_batching_challenge;
-            evaluation_idx += 1;
+            batched_evaluation += unshifted_evaluation * current_batching_challenge;
             // Update the batching challenge
             current_batching_challenge *= multivariate_batching_challenge;
         }
-        for (auto& shifted_commitment : shifted_commitments) {
+        for (auto [shifted_commitment, shifted_evaluation] : zip_view(shifted_commitments, shifted_evaluations)) {
             // Move shifted commitments to the 'commitments' vector
             commitments.emplace_back(std::move(shifted_commitment));
             // Compute −ρ⁽ⁱ⁺ᵏ⁾ ⋅ r⁻¹ ⋅ (1/(z−r) − ν/(z+r)) and place into 'scalars'
             scalars.emplace_back(-shifted_scalar * current_batching_challenge);
             // Accumulate the evaluation of ∑ ρ⁽ⁱ⁺ᵏ⁾ ⋅ f_shift, i at the sumcheck challenge
-            batched_evaluation += claimed_evaluations[evaluation_idx] * current_batching_challenge;
-            evaluation_idx += 1;
+            batched_evaluation += shifted_evaluation * current_batching_challenge;
             // Update the batching challenge
             current_batching_challenge *= multivariate_batching_challenge;
         }
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
index 9edded91b10c..57c542b1b490 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
@@ -101,7 +101,8 @@ TYPED_TEST(ShpleminiTest, CorrectnessOfMultivariateClaimBatching)
 
     ShpleminiVerifier::batch_multivariate_opening_claims(RefVector(unshifted_commitments),
                                                          RefVector(shifted_commitments),
-                                                         RefVector(multilinear_evaluations),
+                                                         RefArray{ eval1, eval2, eval3 },
+                                                         RefArray{ eval2_shift, eval3_shift },
                                                          rho,
                                                          unshifted_scalar,
                                                          shifted_scalar,
@@ -116,8 +117,9 @@ TYPED_TEST(ShpleminiTest, CorrectnessOfMultivariateClaimBatching)
     EXPECT_EQ(batched_evaluation, verifier_batched_evaluation);
     EXPECT_EQ(-expected_result, shplemini_result);
 }
-
-TYPED_TEST(ShpleminiTest, CorrectnessOfGeminiClaimBatching)
+0x0a77620a91f94ac0e8a3823a0d30688bbae0064fee682d386addae7400feb51e,
+    0x13cc6c8e5f61f0c514dcab6c00b9b7fcd13f1cee5e7027383601c3726e036f3f TYPED_TEST(ShpleminiTest,
+                                                                                  CorrectnessOfGeminiClaimBatching)
 {
     using GeminiProver = GeminiProver_<TypeParam>;
     using ShpleminiVerifier = ShpleminiVerifier_<TypeParam>;
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
index 2511f2cd5229..e1ee3b92fcdf 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
@@ -336,7 +336,8 @@ template <typename Curve> class ZeroMorphProver_ {
     static OpeningClaim prove(FF circuit_size,
                               RefSpan<Polynomial> f_polynomials,
                               RefSpan<Polynomial> g_polynomials,
-                              RefSpan<FF> multilinear_evaluations,
+                              RefSpan<FF> f_evaluations,
+                              RefSpan<FF> g_shift_evaluations,
                               std::span<FF> multilinear_challenge,
                               const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
                               const std::shared_ptr<Transcript>& transcript,
@@ -370,20 +371,17 @@ template <typename Curve> class ZeroMorphProver_ {
         FF batched_evaluation{ 0 };
         Polynomial f_batched(N); // batched unshifted polynomials
         FF batching_scalar{ 1 };
-        size_t evaluation_idx = 0;
-        for (auto f_poly : f_polynomials) {
+        for (auto [f_poly, f_eval] : zip_view(f_polynomials, f_evaluations)) {
             f_batched.add_scaled(f_poly, batching_scalar);
-            batched_evaluation += batching_scalar * multilinear_evaluations[evaluation_idx];
+            batched_evaluation += batching_scalar * f_eval;
             batching_scalar *= rho;
-            evaluation_idx++;
         }
 
         Polynomial g_batched{ N - 1, N, 1 }; // batched to-be-shifted polynomials
-        for (auto g_poly : g_polynomials) {
+        for (auto [g_poly, g_shift_eval] : zip_view(g_polynomials, g_shift_evaluations)) {
             g_batched.add_scaled(g_poly, batching_scalar);
-            batched_evaluation += batching_scalar * multilinear_evaluations[evaluation_idx];
+            batched_evaluation += batching_scalar * g_shift_eval;
             batching_scalar *= rho;
-            evaluation_idx++;
         };
 
         size_t num_groups = concatenation_groups.size();
@@ -724,7 +722,8 @@ template <typename Curve> class ZeroMorphVerifier_ {
     static OpeningClaim<Curve> verify(FF circuit_size,
                                       RefSpan<Commitment> unshifted_commitments,
                                       RefSpan<Commitment> to_be_shifted_commitments,
-                                      RefSpan<FF> multilinear_evaluations,
+                                      RefSpan<FF> unshifted_evaluations,
+                                      RefSpan<FF> shifted_evaluations,
                                       std::span<FF> multivariate_challenge,
                                       const Commitment& g1_identity,
                                       const std::shared_ptr<Transcript>& transcript,
@@ -743,7 +742,11 @@ template <typename Curve> class ZeroMorphVerifier_ {
         // Construct batched evaluation v = sum_{i=0}^{m-1}\rho^i*f_i(u) + sum_{i=0}^{l-1}\rho^{m+i}*h_i(u)
         FF batched_evaluation = FF(0);
         FF batching_scalar = FF(1);
-        for (auto& value : multilinear_evaluations) {
+        for (auto& value : unshifted_evaluations) {
+            batched_evaluation += value * batching_scalar;
+            batching_scalar *= rho;
+        }
+        for (auto& value : shifted_evaluations) {
             batched_evaluation += value * batching_scalar;
             batching_scalar *= rho;
         }
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.test.cpp
index ab793cde8be5..1f060410679b 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.test.cpp
@@ -208,15 +208,13 @@ template <class PCS> class ZeroMorphTest : public CommitmentTest<typename PCS::C
                           std::vector<Fr> u_challenge)
     {
         auto prover_transcript = NativeTranscript::prover_init_empty();
-        std::vector<Fr> multilinear_evaluations(unshifted.evaluations);
-        multilinear_evaluations.insert(
-            multilinear_evaluations.end(), shifted.evaluations.begin(), shifted.evaluations.end());
 
         // Execute Prover protocol
         auto prover_opening_claim = ZeroMorphProver::prove(N,
                                                            RefVector(unshifted.polynomials), // unshifted
                                                            RefVector(shifted.polynomials),   // to-be shifted
-                                                           RefVector(multilinear_evaluations),
+                                                           RefVector(unshifted.evaluations), // unshifted
+                                                           RefVector(shifted.evaluations),   // shifted
                                                            u_challenge,
                                                            this->commitment_key,
                                                            prover_transcript);
@@ -228,7 +226,8 @@ template <class PCS> class ZeroMorphTest : public CommitmentTest<typename PCS::C
         auto verifier_opening_claim = ZeroMorphVerifier::verify(N,
                                                                 RefVector(unshifted.commitments), // unshifted
                                                                 RefVector(shifted.commitments),   // to-be-shifted
-                                                                RefVector(multilinear_evaluations),
+                                                                RefVector(unshifted.evaluations), // unshifted
+                                                                RefVector(shifted.evaluations),   // shifted
                                                                 u_challenge,
                                                                 this->vk()->get_g1_identity(),
                                                                 verifier_transcript);
@@ -236,6 +235,7 @@ template <class PCS> class ZeroMorphTest : public CommitmentTest<typename PCS::C
 
         bool verified = false;
         if constexpr (std::same_as<PCS, KZG<curve::BN254>>) {
+
             result = PCS::reduce_verify(verifier_opening_claim, verifier_transcript);
             verified = this->vk()->pairing_check(result[0], result[1]);
         } else {
@@ -257,9 +257,6 @@ template <class PCS> class ZeroMorphTest : public CommitmentTest<typename PCS::C
                                              size_t NUM_CONCATENATED)
     {
         ConcatenationInputs concatenation = concatenation_inputs(u_challenge, NUM_CONCATENATED);
-        std::vector<Fr> multilinear_evaluations(unshifted.evaluations);
-        multilinear_evaluations.insert(
-            multilinear_evaluations.end(), shifted.evaluations.begin(), shifted.evaluations.end());
 
         auto prover_transcript = NativeTranscript::prover_init_empty();
 
@@ -268,7 +265,8 @@ template <class PCS> class ZeroMorphTest : public CommitmentTest<typename PCS::C
             ZeroMorphProver::prove(N,
                                    RefVector(unshifted.polynomials), // unshifted
                                    RefVector(shifted.polynomials),   // to-be-shifted
-                                   RefVector(multilinear_evaluations),
+                                   RefVector(unshifted.evaluations), // unshifted
+                                   RefVector(shifted.evaluations),   // shifted
                                    u_challenge,
                                    this->commitment_key,
                                    prover_transcript,
@@ -283,7 +281,8 @@ template <class PCS> class ZeroMorphTest : public CommitmentTest<typename PCS::C
             ZeroMorphVerifier::verify(N,
                                       RefVector(unshifted.commitments), // unshifted
                                       RefVector(shifted.commitments),   // to-be-shifted
-                                      RefVector(multilinear_evaluations),
+                                      RefVector(unshifted.evaluations), // unshifted
+                                      RefVector(shifted.evaluations),   // shifted
                                       u_challenge,
                                       this->vk()->get_g1_identity(),
                                       verifier_transcript,
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
index ae75f6c71f99..eec1bbe2ec87 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
@@ -67,14 +67,10 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
         for (size_t i = 0; i < NUM_SHIFTED; ++i) {
             g_polynomials.emplace_back(f_polynomials[i]);
             h_polynomials.emplace_back(g_polynomials[i].shifted());
-            w_evaluations.emplace_back(h_polynomials[i].evaluate_mle(u_challenge));
+            w_evaluations.emplace_back(f_polynomials[i].evaluate_mle(u_challenge, true));
         }
     }
 
-    std::vector<NativeFr> claimed_evaluations;
-    claimed_evaluations.reserve(v_evaluations.size() + w_evaluations.size());
-    claimed_evaluations.insert(claimed_evaluations.end(), v_evaluations.begin(), v_evaluations.end());
-    claimed_evaluations.insert(claimed_evaluations.end(), w_evaluations.begin(), w_evaluations.end());
     // Compute commitments [f_i]
     std::vector<NativeCommitment> f_commitments;
     auto commitment_key = std::make_shared<CommitmentKey>(4096);
@@ -92,7 +88,8 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
     auto prover_opening_claims = ShpleminiProver::prove(N,
                                                         RefVector(f_polynomials),
                                                         RefVector(g_polynomials),
-                                                        RefVector(claimed_evaluations),
+                                                        RefVector(v_evaluations),
+                                                        RefVector(w_evaluations),
                                                         u_challenge,
                                                         commitment_key,
                                                         prover_transcript);
@@ -123,15 +120,17 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
     };
     auto stdlib_f_commitments = commitments_to_witnesses(f_commitments);
     auto stdlib_g_commitments = commitments_to_witnesses(g_commitments);
-    auto stdlib_claimed_evaluations = elements_to_witness(claimed_evaluations);
+    auto stdlib_v_evaluations = elements_to_witness(v_evaluations);
+    auto stdlib_w_evaluations = elements_to_witness(w_evaluations);
 
     std::vector<Fr> u_challenge_in_circuit = elements_to_witness(u_challenge);
 
     [[maybe_unused]] auto opening_claim =
-        ShpleminiVerifier::compute_batch_opening_claim(Fr::from_witness(&builder, circuit_size),
+        ShpleminiVerifier::compute_batch_opening_claim(Fr::from_witness(&builder, N),
                                                        RefVector(stdlib_f_commitments),
                                                        RefVector(stdlib_g_commitments),
-                                                       RefVector(stdlib_claimed_evaluations),
+                                                       RefVector(stdlib_v_evaluations),
+                                                       RefVector(stdlib_w_evaluations),
                                                        u_challenge_in_circuit,
                                                        Commitment::one(&builder),
                                                        stdlib_verifier_transcript);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
index 25ed21a16717..5c6f22d6af4e 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
@@ -51,10 +51,10 @@ TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
 
     // Construct some random multilinear polynomials f_i and their evaluations v_i = f_i(u)
     std::vector<Polynomial> f_polynomials; // unshifted polynomials
-    std::vector<NativeFr> multilinear_evaluations;
+    std::vector<NativeFr> v_evaluations;
     for (size_t i = 0; i < NUM_UNSHIFTED; ++i) {
         f_polynomials.emplace_back(Polynomial::random(N, /* starting index for shift */ 1));
-        multilinear_evaluations.emplace_back(f_polynomials[i].evaluate_mle(u_challenge));
+        v_evaluations.emplace_back(f_polynomials[i].evaluate_mle(u_challenge));
     }
     // Construct some "shifted" multilinear polynomials h_i as the left-shift-by-1 of f_i
     std::vector<Polynomial> g_polynomials; // to-be-shifted polynomials
@@ -64,7 +64,7 @@ TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
         for (size_t i = 0; i < NUM_SHIFTED; ++i) {
             g_polynomials.emplace_back(f_polynomials[i]);
             h_polynomials.emplace_back(g_polynomials[i].shifted());
-            multilinear_evaluations.emplace_back(h_polynomials[i].evaluate_mle(u_challenge));
+            w_evaluations.emplace_back(h_polynomials[i].evaluate_mle(u_challenge));
         }
     }
 
@@ -88,7 +88,8 @@ TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
     ZeroMorphProver::prove(N,
                            RefVector(f_polynomials),
                            RefVector(g_polynomials),
-                           RefVector(multilinear_evaluations),
+                           RefVector(v_evaluations),
+                           RefVector(w_evaluations),
                            u_challenge,
                            commitment_key,
                            prover_transcript);
@@ -119,7 +120,8 @@ TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
     };
     auto stdlib_f_commitments = commitments_to_witnesses(f_commitments);
     auto stdlib_g_commitments = commitments_to_witnesses(g_commitments);
-    auto stdlib_multilinear_evaluations = elements_to_witness(multilinear_evaluations);
+    auto stdlib_v_evaluations = elements_to_witness(v_evaluations);
+    auto stdlib_w_evaluations = elements_to_witness(w_evaluations);
 
     std::vector<Fr> u_challenge_in_circuit(CONST_PROOF_SIZE_LOG_N);
     std::fill_n(u_challenge_in_circuit.begin(), CONST_PROOF_SIZE_LOG_N, Fr::from_witness(&builder, 0));
@@ -128,7 +130,8 @@ TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
     [[maybe_unused]] auto opening_claim = ZeroMorphVerifier::verify(Fr::from_witness(&builder, N),
                                                                     RefVector(stdlib_f_commitments), // unshifted
                                                                     RefVector(stdlib_g_commitments), // to-be-shifted
-                                                                    RefVector(stdlib_multilinear_evaluations),
+                                                                    RefVector(stdlib_v_evaluations), // unshifted
+                                                                    RefVector(stdlib_w_evaluations), // shifted
                                                                     u_challenge_in_circuit,
                                                                     Commitment::one(&builder),
                                                                     stdlib_verifier_transcript);
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.cpp
index 5b0ceba14acf..eeb04cddc997 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/eccvm_verifier/eccvm_recursive_verifier.cpp
@@ -75,7 +75,8 @@ template <typename Flavor> void ECCVMRecursiveVerifier_<Flavor>::verify_proof(co
     auto multivariate_to_univariate_opening_claim = ZeroMorph::verify(circuit_size,
                                                                       commitments.get_unshifted(),
                                                                       commitments.get_to_be_shifted(),
-                                                                      claimed_evaluations.get_all(),
+                                                                      claimed_evaluations.get_unshifted(),
+                                                                      claimed_evaluations.get_shifted(),
                                                                       multivariate_challenge,
                                                                       key->pcs_verification_key->get_g1_identity(),
                                                                       transcript);
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/decider_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/decider_recursive_verifier.cpp
index 871d4a569d67..96cc81cd8599 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/decider_recursive_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/decider_recursive_verifier.cpp
@@ -35,7 +35,8 @@ std::array<typename Flavor::GroupElement, 2> DeciderRecursiveVerifier_<Flavor>::
     auto opening_claim = ZeroMorph::verify(accumulator->verification_key->circuit_size,
                                            commitments.get_unshifted(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_all(),
+                                           claimed_evaluations.get_unshifted(),
+                                           claimed_evaluations.get_shifted(),
                                            multivariate_challenge,
                                            Commitment::one(builder),
                                            transcript);
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.cpp
index 302c81c8dc9d..a728f3e3f7ed 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.cpp
@@ -95,7 +95,8 @@ UltraRecursiveVerifier_<Flavor>::AggregationObject UltraRecursiveVerifier_<Flavo
     auto opening_claim = ZeroMorph::verify(key->circuit_size,
                                            commitments.get_unshifted(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_all(),
+                                           claimed_evaluations.get_unshifted(),
+                                           claimed_evaluations.get_shifted(),
                                            multivariate_challenge,
                                            Commitment::one(builder),
                                            transcript);
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp
index 8ecfb904450a..7f5c5096b521 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp
@@ -121,7 +121,8 @@ std::array<typename Flavor::GroupElement, 2> TranslatorRecursiveVerifier_<Flavor
     auto opening_claim = ZeroMorph::verify(circuit_size,
                                            commitments.get_unshifted_without_concatenated(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_all_without_concatenated(),
+                                           claimed_evaluations.get_unshifted_without_concatenated(),
+                                           claimed_evaluations.get_shifted(),
                                            multivariate_challenge,
                                            Commitment::one(builder),
                                            transcript,
diff --git a/barretenberg/cpp/src/barretenberg/transcript/transcript.hpp b/barretenberg/cpp/src/barretenberg/transcript/transcript.hpp
index 6eb811942374..06f69bdcb131 100644
--- a/barretenberg/cpp/src/barretenberg/transcript/transcript.hpp
+++ b/barretenberg/cpp/src/barretenberg/transcript/transcript.hpp
@@ -1,6 +1,6 @@
 #pragma once
 // #define LOG_CHALLENGES
-#define LOG_INTERACTIONS
+// #define LOG_INTERACTIONS
 
 #include "barretenberg/common/debug_log.hpp"
 #include "barretenberg/ecc/curves/bn254/fr.hpp"
diff --git a/barretenberg/cpp/src/barretenberg/translator_vm/translator_prover.cpp b/barretenberg/cpp/src/barretenberg/translator_vm/translator_prover.cpp
index 42b6e6f1cce0..b172d003f774 100644
--- a/barretenberg/cpp/src/barretenberg/translator_vm/translator_prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/translator_vm/translator_prover.cpp
@@ -176,16 +176,18 @@ void TranslatorProver::execute_pcs_rounds()
 {
     using Curve = typename Flavor::Curve;
     using ZeroMorph = ZeroMorphProver_<Curve>;
-    auto prover_opening_claim = ZeroMorph::prove(key->circuit_size,
-                                                 key->polynomials.get_unshifted_without_concatenated(),
-                                                 key->polynomials.get_to_be_shifted(),
-                                                 sumcheck_output.claimed_evaluations.get_all(),
-                                                 sumcheck_output.challenge,
-                                                 commitment_key,
-                                                 transcript,
-                                                 key->polynomials.get_concatenated_constraints(),
-                                                 sumcheck_output.claimed_evaluations.get_concatenated_constraints(),
-                                                 key->polynomials.get_concatenation_groups());
+    auto prover_opening_claim =
+        ZeroMorph::prove(key->circuit_size,
+                         key->polynomials.get_unshifted_without_concatenated(),
+                         key->polynomials.get_to_be_shifted(),
+                         sumcheck_output.claimed_evaluations.get_unshifted_without_concatenated(),
+                         sumcheck_output.claimed_evaluations.get_shifted(),
+                         sumcheck_output.challenge,
+                         commitment_key,
+                         transcript,
+                         key->polynomials.get_concatenated_constraints(),
+                         sumcheck_output.claimed_evaluations.get_concatenated_constraints(),
+                         key->polynomials.get_concatenation_groups());
     PCS::compute_opening_proof(commitment_key, prover_opening_claim, transcript);
 }
 
diff --git a/barretenberg/cpp/src/barretenberg/translator_vm/translator_verifier.cpp b/barretenberg/cpp/src/barretenberg/translator_vm/translator_verifier.cpp
index 894db1bd9f94..59429a359275 100644
--- a/barretenberg/cpp/src/barretenberg/translator_vm/translator_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/translator_vm/translator_verifier.cpp
@@ -116,7 +116,8 @@ bool TranslatorVerifier::verify_proof(const HonkProof& proof)
     auto opening_claim = ZeroMorph::verify(circuit_size,
                                            commitments.get_unshifted_without_concatenated(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_all_without_concatenated(),
+                                           claimed_evaluations.get_unshifted_without_concatenated(),
+                                           claimed_evaluations.get_shifted(),
                                            multivariate_challenge,
                                            Commitment::one(),
                                            transcript,
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp
index 71c094cfb554..0a589dac56ad 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp
@@ -53,7 +53,8 @@ template <IsUltraFlavor Flavor> void DeciderProver_<Flavor>::execute_pcs_rounds(
         BatchedMultivariateOpeningScheme::prove(proving_key->proving_key.circuit_size,
                                                 proving_key->proving_key.polynomials.get_unshifted(),
                                                 proving_key->proving_key.polynomials.get_to_be_shifted(),
-                                                sumcheck_output.claimed_evaluations.get_all(),
+                                                sumcheck_output.claimed_evaluations.get_unshifted(),
+                                                sumcheck_output.claimed_evaluations.get_shifted(),
                                                 sumcheck_output.challenge,
                                                 commitment_key,
                                                 transcript);
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
index 9adfcf9dfa85..18ce637edc05 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
@@ -61,7 +61,8 @@ template <typename Flavor> bool DeciderVerifier_<Flavor>::verify()
         auto opening_claim = Shplemini::compute_batch_opening_claim(accumulator->verification_key->circuit_size,
                                                                     commitments.get_unshifted(),
                                                                     commitments.get_to_be_shifted(),
-                                                                    claimed_evaluations.get_all(),
+                                                                    claimed_evaluations.get_unshifted(),
+                                                                    claimed_evaluations.get_shifted(),
                                                                     multivariate_challenge,
                                                                     Commitment::one(),
                                                                     transcript);
@@ -71,7 +72,8 @@ template <typename Flavor> bool DeciderVerifier_<Flavor>::verify()
         auto opening_claim = ZeroMorph::verify(accumulator->verification_key->circuit_size,
                                                commitments.get_unshifted(),
                                                commitments.get_to_be_shifted(),
-                                               claimed_evaluations.get_all(),
+                                               claimed_evaluations.get_unshifted(),
+                                               claimed_evaluations.get_shifted(),
                                                multivariate_challenge,
                                                Commitment::one(),
                                                transcript);
diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/prover.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/prover.cpp
index 42fcce31b73d..488bf1fc4b31 100644
--- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/prover.cpp
@@ -130,7 +130,8 @@ void AvmProver::execute_pcs_rounds()
     auto prover_opening_claim = ZeroMorph::prove(key->circuit_size,
                                                  prover_polynomials.get_unshifted(),
                                                  prover_polynomials.get_to_be_shifted(),
-                                                 sumcheck_output.claimed_evaluations.get_all(),
+                                                 sumcheck_output.claimed_evaluations.get_unshifted(),
+                                                 sumcheck_output.claimed_evaluations.get_shifted(),
                                                  sumcheck_output.challenge,
                                                  commitment_key,
                                                  transcript);
diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.cpp
index c9295321a278..bd132af86f62 100644
--- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/verifier.cpp
@@ -140,7 +140,8 @@ bool AvmVerifier::verify_proof(const HonkProof& proof,
     auto opening_claim = ZeroMorph::verify(circuit_size,
                                            commitments.get_unshifted(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_all(),
+                                           claimed_evaluations.get_unshifted(),
+                                           claimed_evaluations.get_shifted(),
                                            multivariate_challenge,
                                            key->pcs_verification_key->get_g1_identity(),
                                            transcript);
diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.cpp
index a8fd0916fa1c..9148e568668c 100644
--- a/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/vm/avm/recursion/avm_recursive_verifier.cpp
@@ -85,7 +85,8 @@ AvmRecursiveVerifier_<Flavor>::AggregationObject AvmRecursiveVerifier_<Flavor>::
     auto opening_claim = Zeromorph::verify(circuit_size,
                                            commitments.get_unshifted(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_all(),
+                                           claimed_evaluations.get_unshifted(),
+                                           claimed_evaluations.get_shifted(),
                                            multivariate_challenge,
                                            Commitment::one(builder),
                                            transcript);
diff --git a/bb-pilcom/bb-pil-backend/templates/prover.cpp.hbs b/bb-pilcom/bb-pil-backend/templates/prover.cpp.hbs
index 8cf91ca2c2f4..c8eada2e5062 100644
--- a/bb-pilcom/bb-pil-backend/templates/prover.cpp.hbs
+++ b/bb-pilcom/bb-pil-backend/templates/prover.cpp.hbs
@@ -131,7 +131,8 @@ void {{name}}Prover::execute_pcs_rounds()
     auto prover_opening_claim = ZeroMorph::prove(key->circuit_size,
                                                     prover_polynomials.get_unshifted(),
                                                     prover_polynomials.get_to_be_shifted(),
-                                                    sumcheck_output.claimed_evaluations.get_all(),
+                                                    sumcheck_output.claimed_evaluations.get_unshifted(),
+                                                    sumcheck_output.claimed_evaluations.get_shifted(),
                                                     sumcheck_output.challenge,
                                                     commitment_key,
                                                     transcript);
diff --git a/bb-pilcom/bb-pil-backend/templates/verifier.cpp.hbs b/bb-pilcom/bb-pil-backend/templates/verifier.cpp.hbs
index fb977f1b586c..dbb2ad78685e 100644
--- a/bb-pilcom/bb-pil-backend/templates/verifier.cpp.hbs
+++ b/bb-pilcom/bb-pil-backend/templates/verifier.cpp.hbs
@@ -119,7 +119,8 @@ bool {{name}}Verifier::verify_proof(const HonkProof& proof, [[maybe_unused]] con
     auto opening_claim = ZeroMorph::verify(circuit_size,
                                            commitments.get_unshifted(),
                                            commitments.get_to_be_shifted(),
-                                           claimed_evaluations.get_all(),
+                                           claimed_evaluations.get_unshifted(),
+                                           claimed_evaluations.get_shifted(),
                                            multivariate_challenge,
                                            key->pcs_verification_key->get_g1_identity(),
                                            transcript);

From 17323fcd695befa2c756240e4cfed3005cee5208 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Mon, 23 Sep 2024 10:26:35 +0000
Subject: [PATCH 14/25] made things work

---
 barretenberg/acir_tests/sol-test/yarn.lock    |   2 +-
 .../commitment_schemes/gemini/gemini.hpp      |  11 +-
 .../commitment_schemes/gemini/gemini.test.cpp | 381 +++++++++---------
 .../commitment_schemes/gemini/gemini_impl.hpp |  10 +-
 .../commitment_schemes/ipa/ipa.test.cpp       |  24 +-
 .../commitment_schemes/kzg/kzg.test.cpp       |  55 ++-
 .../commitment_schemes/shplonk/shplemini.hpp  |  67 ++-
 .../shplonk/shplemini.test.cpp                |   4 +-
 .../src/barretenberg/eccvm/eccvm_prover.cpp   |  16 +-
 .../src/barretenberg/eccvm/eccvm_verifier.cpp |   3 +-
 .../cpp/src/barretenberg/flavor/flavor.hpp    |   2 +-
 .../translator_recursive_verifier.cpp         |   1 -
 .../stdlib_circuit_builders/mega_flavor.hpp   |   1 -
 .../stdlib_circuit_builders/ultra_flavor.hpp  |   1 -
 .../ultra_keccak_flavor.hpp                   |   1 +
 .../translator_vm/translator_flavor.hpp       |   2 -
 .../ultra_honk/decider_prover.cpp             |  35 +-
 .../ultra_honk/decider_verifier.cpp           |  10 +-
 18 files changed, 300 insertions(+), 326 deletions(-)

diff --git a/barretenberg/acir_tests/sol-test/yarn.lock b/barretenberg/acir_tests/sol-test/yarn.lock
index 5cfac7679f6e..af80282ea956 100644
--- a/barretenberg/acir_tests/sol-test/yarn.lock
+++ b/barretenberg/acir_tests/sol-test/yarn.lock
@@ -1,4 +1,4 @@
-d# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
+# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
 # yarn lockfile v1
 
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
index a303a13b53e6..0766722893ed 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
@@ -112,8 +112,6 @@ template <typename Curve> class GeminiProver_ {
     static std::vector<Claim> prove(const Fr circuit_size,
                                     RefSpan<Polynomial> f_polynomials,
                                     RefSpan<Polynomial> g_polynomials,
-                                    RefSpan<Fr> unshifted_evaluations,
-                                    RefSpan<Fr> shifted_evaluations,
                                     std::span<Fr> multilinear_challenge,
                                     const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
                                     const std::shared_ptr<Transcript>& transcript);
@@ -138,7 +136,7 @@ template <typename Curve> class GeminiVerifier_ {
      * (Cⱼ, Aⱼ(-r^{2ʲ}), -r^{2}), j = [1, ..., m-1]
      */
     static std::vector<OpeningClaim<Curve>> reduce_verification(std::span<Fr> multilinear_challenge,
-                                                                std::span<Fr> multilinear_evaluations, /* u */
+                                                                std::span<Fr> multilinear_evaluations,
                                                                 RefSpan<GroupElement> unshifted_commitments,
                                                                 RefSpan<GroupElement> to_be_shifted_commitments,
                                                                 auto& transcript)
@@ -176,7 +174,7 @@ template <typename Curve> class GeminiVerifier_ {
         const std::vector<Fr> evaluations = get_gemini_evaluations(num_variables, transcript);
         // Compute evaluation A₀(r)
         auto a_0_pos = compute_gemini_batched_univariate_evaluation(
-            batched_evaluation, multilinear_challenge, r_squares, evaluations);
+            num_variables, batched_evaluation, multilinear_challenge, r_squares, evaluations);
 
         // C₀_r_pos = ∑ⱼ ρʲ⋅[fⱼ] + r⁻¹⋅∑ⱼ ρᵏ⁺ʲ [gⱼ]
         // C₀_r_pos = ∑ⱼ ρʲ⋅[fⱼ] - r⁻¹⋅∑ⱼ ρᵏ⁺ʲ [gⱼ]
@@ -243,12 +241,13 @@ template <typename Curve> class GeminiVerifier_ {
      * @param fold_polynomial_evals  Evaluations \f$ A_{i-1}(-r^{2^{i-1}}) \f$.
      * @return Evaluation \f$ A_0(r) \f$.
      */
-    static Fr compute_gemini_batched_univariate_evaluation(Fr& batched_eval_accumulator,
+    static Fr compute_gemini_batched_univariate_evaluation(size_t evaluation_point_size,
+                                                           Fr& batched_eval_accumulator,
                                                            std::span<const Fr> evaluation_point,
                                                            std::span<const Fr> challenge_powers,
                                                            std::span<const Fr> fold_polynomial_evals)
     {
-        const size_t num_variables = evaluation_point.size();
+        const size_t num_variables = evaluation_point_size;
 
         const auto& evals = fold_polynomial_evals;
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
index 08a2e8dd7de1..ebb8e2ccb2e2 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.test.cpp
@@ -1,194 +1,187 @@
-// #include "gemini_impl.hpp"
-
-// #include "../commitment_key.test.hpp"
-// #include "barretenberg/polynomials/polynomial.hpp"
-// #include "barretenberg/transcript/transcript.hpp"
-
-// using namespace bb;
-
-// template <class Curve> class GeminiTest : public CommitmentTest<Curve> {
-//     using GeminiProver = GeminiProver_<Curve>;
-//     using GeminiVerifier = GeminiVerifier_<Curve>;
-//     using Fr = typename Curve::ScalarField;
-//     using GroupElement = typename Curve::Element;
-
-//   public:
-//     void execute_gemini_and_verify_claims(std::vector<Fr>& multilinear_evaluation_point,
-//                                           std::vector<Fr>& unshifted_evaluations,
-//                                           std::vector<Fr>& shifted_evaluations,
-//                                           std::vector<Polynomial<Fr>>& multilinear_polynomials,
-//                                           std::vector<Polynomial<Fr>>& multilinear_polynomials_to_be_shifted,
-//                                           std::vector<GroupElement>& multilinear_commitments,
-//                                           std::vector<GroupElement>& multilinear_commitments_to_be_shifted)
-//     {
-//         auto prover_transcript = NativeTranscript::prover_init_empty();
-
-//         // Compute:
-//         // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
-//         // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-//         auto prover_output = GeminiProver::prove(1 << multilinear_evaluation_point.size(),
-//                                                  RefVector(multilinear_polynomials),
-//                                                  RefVector(multilinear_polynomials_to_be_shifted),
-//                                                  RefVector(unshifted_evaluations),
-//                                                  RefVector(shifted_evaluations),
-//                                                  multilinear_evaluation_point,
-//                                                  this->commitment_key,
-//                                                  prover_transcript);
-
-//         // Check that the Fold polynomials have been evaluated correctly in the prover
-//         this->verify_batch_opening_pair(prover_output);
-
-//         auto verifier_transcript = NativeTranscript::verifier_init_empty(prover_transcript);
-
-//         // Compute:
-//         // - Single opening pair: {r, \hat{a}_0}
-//         // - 2 partially evaluated Fold polynomial commitments [Fold_{r}^(0)] and [Fold_{-r}^(0)]
-//         // Aggregate: d+1 opening pairs and d+1 Fold poly commitments into verifier claim
-//         auto verifier_claims = GeminiVerifier::reduce_verification(multilinear_evaluation_point,
-//                                                                    multilinear_evaluations,
-//                                                                    RefVector(multilinear_commitments),
-//                                                                    RefVector(multilinear_commitments_to_be_shifted),
-//                                                                    verifier_transcript);
-
-//         // Check equality of the opening pairs computed by prover and verifier
-//         for (auto [prover_claim, verifier_claim] : zip_view(prover_output, verifier_claims)) {
-//             ASSERT_EQ(prover_claim.opening_pair, verifier_claim.opening_pair);
-//             this->verify_opening_claim(verifier_claim, prover_claim.polynomial);
-//         }
-//     }
-// };
-
-// using ParamsTypes = ::testing::Types<curve::BN254, curve::Grumpkin>;
-// TYPED_TEST_SUITE(GeminiTest, ParamsTypes);
-
-// TYPED_TEST(GeminiTest, Single)
-// {
-//     using Fr = typename TypeParam::ScalarField;
-//     using GroupElement = typename TypeParam::Element;
-
-//     const size_t n = 16;
-//     const size_t log_n = 4;
-
-//     auto u = this->random_evaluation_point(log_n);
-//     auto poly = Polynomial<Fr>::random(n);
-//     auto commitment = this->commit(poly);
-//     auto eval = poly.evaluate_mle(u);
-
-//     // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
-//     std::vector<Fr> multilinear_evaluations = { eval };
-//     std::vector<Polynomial<Fr>> multilinear_polynomials = { poly.share() };
-//     std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = {};
-//     std::vector<GroupElement> multilinear_commitments = { commitment };
-//     std::vector<GroupElement> multilinear_commitments_to_be_shifted = {};
-
-//     this->execute_gemini_and_verify_claims(u,
-//                                            { eval },
-//                                            {},
-//                                            multilinear_polynomials,
-//                                            multilinear_polynomials_to_be_shifted,
-//                                            multilinear_commitments,
-//                                            multilinear_commitments_to_be_shifted);
-// }
-
-// TYPED_TEST(GeminiTest, SingleShift)
-// {
-//     using Fr = typename TypeParam::ScalarField;
-//     using GroupElement = typename TypeParam::Element;
-
-//     const size_t n = 16;
-//     const size_t log_n = 4;
-
-//     auto u = this->random_evaluation_point(log_n);
-
-//     // shiftable polynomial must have 0 as last coefficient
-//     auto poly = Polynomial<Fr>::random(n, /*shiftable*/ 1);
-
-//     auto commitment = this->commit(poly);
-//     auto eval_shift = poly.evaluate_mle(u, true);
-
-//     // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
-//     std::vector<Fr> multilinear_evaluations = { eval_shift };
-//     std::vector<Polynomial<Fr>> multilinear_polynomials = {};
-//     std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = { poly.share() };
-//     std::vector<GroupElement> multilinear_commitments = {};
-//     std::vector<GroupElement> multilinear_commitments_to_be_shifted = { commitment };
-
-//     this->execute_gemini_and_verify_claims(u,
-//                                            {},
-//                                            { eval_shift },
-//                                            multilinear_polynomials,
-//                                            multilinear_polynomials_to_be_shifted,
-//                                            multilinear_commitments,
-//                                            multilinear_commitments_to_be_shifted);
-// }
-
-// TYPED_TEST(GeminiTest, Double)
-// {
-//     using Fr = typename TypeParam::ScalarField;
-//     using GroupElement = typename TypeParam::Element;
-
-//     const size_t n = 16;
-//     const size_t log_n = 4;
-
-//     auto u = this->random_evaluation_point(log_n);
-
-//     auto poly1 = Polynomial<Fr>::random(n);
-//     auto poly2 = Polynomial<Fr>::random(n);
-
-//     auto commitment1 = this->commit(poly1);
-//     auto commitment2 = this->commit(poly2);
-
-//     auto eval1 = poly1.evaluate_mle(u);
-//     auto eval2 = poly2.evaluate_mle(u);
-
-//     // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
-//     std::vector<Fr> multilinear_evaluations = { eval1, eval2 };
-//     std::vector<Polynomial<Fr>> multilinear_polynomials = { poly1.share(), poly2.share() };
-//     std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = {};
-//     std::vector<GroupElement> multilinear_commitments = { commitment1, commitment2 };
-//     std::vector<GroupElement> multilinear_commitments_to_be_shifted = {};
-
-//     this->execute_gemini_and_verify_claims(u,
-//                                            { eval1, eval2 },
-//                                            {},
-//                                            multilinear_polynomials,
-//                                            multilinear_polynomials_to_be_shifted,
-//                                            multilinear_commitments,
-//                                            multilinear_commitments_to_be_shifted);
-// }
-
-// TYPED_TEST(GeminiTest, DoubleWithShift)
-// {
-//     using Fr = typename TypeParam::ScalarField;
-//     using GroupElement = typename TypeParam::Element;
-
-//     const size_t n = 16;
-//     const size_t log_n = 4;
-
-//     auto u = this->random_evaluation_point(log_n);
-
-//     auto poly1 = Polynomial<Fr>::random(n);
-//     auto poly2 = Polynomial<Fr>::random(n, 1); // make 'shiftable'
-
-//     auto commitment1 = this->commit(poly1);
-//     auto commitment2 = this->commit(poly2);
-
-//     auto eval1 = poly1.evaluate_mle(u);
-//     auto eval2 = poly2.evaluate_mle(u);
-//     auto eval2_shift = poly2.evaluate_mle(u, true);
-
-//     // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
-//     std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval2_shift };
-//     std::vector<Polynomial<Fr>> multilinear_polynomials = { poly1.share(), poly2.share() };
-//     std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = { poly2.share() };
-//     std::vector<GroupElement> multilinear_commitments = { commitment1, commitment2 };
-//     std::vector<GroupElement> multilinear_commitments_to_be_shifted = { commitment2 };
-
-//     this->execute_gemini_and_verify_claims(u,
-//                                            { eval1, eval2 },
-//                                            { eval2_shift },
-//                                            multilinear_polynomials,
-//                                            multilinear_polynomials_to_be_shifted,
-//                                            multilinear_commitments,
-//                                            multilinear_commitments_to_be_shifted);
-// }
+#include "gemini_impl.hpp"
+
+#include "../commitment_key.test.hpp"
+#include "barretenberg/polynomials/polynomial.hpp"
+#include "barretenberg/transcript/transcript.hpp"
+
+using namespace bb;
+
+template <class Curve> class GeminiTest : public CommitmentTest<Curve> {
+    using GeminiProver = GeminiProver_<Curve>;
+    using GeminiVerifier = GeminiVerifier_<Curve>;
+    using Fr = typename Curve::ScalarField;
+    using GroupElement = typename Curve::Element;
+
+  public:
+    void execute_gemini_and_verify_claims(std::vector<Fr>& multilinear_evaluation_point,
+                                          std::vector<Fr>& multilinear_evaluations,
+                                          RefSpan<Polynomial<Fr>> multilinear_polynomials,
+                                          RefSpan<Polynomial<Fr>> multilinear_polynomials_to_be_shifted,
+                                          RefVector<GroupElement> multilinear_commitments,
+                                          RefVector<GroupElement> multilinear_commitments_to_be_shifted)
+    {
+        auto prover_transcript = NativeTranscript::prover_init_empty();
+
+        // Compute:
+        // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
+        // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
+        auto prover_output = GeminiProver::prove(1 << multilinear_evaluation_point.size(),
+                                                 multilinear_polynomials,
+                                                 multilinear_polynomials_to_be_shifted,
+                                                 multilinear_evaluation_point,
+                                                 this->commitment_key,
+                                                 prover_transcript);
+
+        // Check that the Fold polynomials have been evaluated correctly in the prover
+        this->verify_batch_opening_pair(prover_output);
+
+        auto verifier_transcript = NativeTranscript::verifier_init_empty(prover_transcript);
+
+        // Compute:
+        // - Single opening pair: {r, \hat{a}_0}
+        // - 2 partially evaluated Fold polynomial commitments [Fold_{r}^(0)] and [Fold_{-r}^(0)]
+        // Aggregate: d+1 opening pairs and d+1 Fold poly commitments into verifier claim
+        auto verifier_claims = GeminiVerifier::reduce_verification(multilinear_evaluation_point,
+                                                                   multilinear_evaluations,
+                                                                   RefVector(multilinear_commitments),
+                                                                   RefVector(multilinear_commitments_to_be_shifted),
+                                                                   verifier_transcript);
+
+        // Check equality of the opening pairs computed by prover and verifier
+        for (auto [prover_claim, verifier_claim] : zip_view(prover_output, verifier_claims)) {
+            ASSERT_EQ(prover_claim.opening_pair, verifier_claim.opening_pair);
+            this->verify_opening_claim(verifier_claim, prover_claim.polynomial);
+        }
+    }
+};
+
+using ParamsTypes = ::testing::Types<curve::BN254, curve::Grumpkin>;
+TYPED_TEST_SUITE(GeminiTest, ParamsTypes);
+
+TYPED_TEST(GeminiTest, Single)
+{
+    using Fr = typename TypeParam::ScalarField;
+    using GroupElement = typename TypeParam::Element;
+
+    const size_t n = 16;
+    const size_t log_n = 4;
+
+    auto u = this->random_evaluation_point(log_n);
+    auto poly = Polynomial<Fr>::random(n);
+    auto commitment = this->commit(poly);
+    auto eval = poly.evaluate_mle(u);
+
+    // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
+    std::vector<Fr> multilinear_evaluations = { eval };
+    std::vector<Polynomial<Fr>> multilinear_polynomials = { poly.share() };
+    std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = {};
+    std::vector<GroupElement> multilinear_commitments = { commitment };
+    std::vector<GroupElement> multilinear_commitments_to_be_shifted = {};
+
+    this->execute_gemini_and_verify_claims(u,
+                                           multilinear_evaluations,
+                                           RefVector(multilinear_polynomials),
+                                           RefVector(multilinear_polynomials_to_be_shifted),
+                                           RefVector(multilinear_commitments),
+                                           RefVector(multilinear_commitments_to_be_shifted));
+}
+
+TYPED_TEST(GeminiTest, SingleShift)
+{
+    using Fr = typename TypeParam::ScalarField;
+    using GroupElement = typename TypeParam::Element;
+
+    const size_t n = 16;
+    const size_t log_n = 4;
+
+    auto u = this->random_evaluation_point(log_n);
+
+    // shiftable polynomial must have 0 as last coefficient
+    auto poly = Polynomial<Fr>::random(n, /*shiftable*/ 1);
+
+    auto commitment = this->commit(poly);
+    auto eval_shift = poly.evaluate_mle(u, true);
+
+    // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
+    std::vector<Fr> multilinear_evaluations = { eval_shift };
+    std::vector<Polynomial<Fr>> multilinear_polynomials = {};
+    std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = { poly.share() };
+    std::vector<GroupElement> multilinear_commitments = {};
+    std::vector<GroupElement> multilinear_commitments_to_be_shifted = { commitment };
+
+    this->execute_gemini_and_verify_claims(u,
+                                           multilinear_evaluations,
+                                           RefVector(multilinear_polynomials),
+                                           RefVector(multilinear_polynomials_to_be_shifted),
+                                           RefVector(multilinear_commitments),
+                                           RefVector(multilinear_commitments_to_be_shifted));
+}
+
+TYPED_TEST(GeminiTest, Double)
+{
+    using Fr = typename TypeParam::ScalarField;
+    using GroupElement = typename TypeParam::Element;
+
+    const size_t n = 16;
+    const size_t log_n = 4;
+
+    auto u = this->random_evaluation_point(log_n);
+
+    auto poly1 = Polynomial<Fr>::random(n);
+    auto poly2 = Polynomial<Fr>::random(n);
+
+    auto commitment1 = this->commit(poly1);
+    auto commitment2 = this->commit(poly2);
+
+    auto eval1 = poly1.evaluate_mle(u);
+    auto eval2 = poly2.evaluate_mle(u);
+
+    // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
+    std::vector<Fr> multilinear_evaluations = { eval1, eval2 };
+    std::vector<Polynomial<Fr>> multilinear_polynomials = { poly1.share(), poly2.share() };
+    std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = {};
+    std::vector<GroupElement> multilinear_commitments = { commitment1, commitment2 };
+    std::vector<GroupElement> multilinear_commitments_to_be_shifted = {};
+
+    this->execute_gemini_and_verify_claims(u,
+                                           multilinear_evaluations,
+                                           RefVector(multilinear_polynomials),
+                                           RefVector(multilinear_polynomials_to_be_shifted),
+                                           RefVector(multilinear_commitments),
+                                           RefVector(multilinear_commitments_to_be_shifted));
+}
+
+TYPED_TEST(GeminiTest, DoubleWithShift)
+{
+    using Fr = typename TypeParam::ScalarField;
+    using GroupElement = typename TypeParam::Element;
+
+    const size_t n = 16;
+    const size_t log_n = 4;
+
+    auto u = this->random_evaluation_point(log_n);
+
+    auto poly1 = Polynomial<Fr>::random(n);
+    auto poly2 = Polynomial<Fr>::random(n, 1); // make 'shiftable'
+
+    auto commitment1 = this->commit(poly1);
+    auto commitment2 = this->commit(poly2);
+
+    auto eval1 = poly1.evaluate_mle(u);
+    auto eval2 = poly2.evaluate_mle(u);
+    auto eval2_shift = poly2.evaluate_mle(u, true);
+
+    // Collect multilinear polynomials evaluations, and commitments for input to prover/verifier
+    std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval2_shift };
+    std::vector<Polynomial<Fr>> multilinear_polynomials = { poly1.share(), poly2.share() };
+    std::vector<Polynomial<Fr>> multilinear_polynomials_to_be_shifted = { poly2.share() };
+    std::vector<GroupElement> multilinear_commitments = { commitment1, commitment2 };
+    std::vector<GroupElement> multilinear_commitments_to_be_shifted = { commitment2 };
+
+    this->execute_gemini_and_verify_claims(u,
+                                           multilinear_evaluations,
+                                           RefVector(multilinear_polynomials),
+                                           RefVector(multilinear_polynomials_to_be_shifted),
+                                           RefVector(multilinear_commitments),
+                                           RefVector(multilinear_commitments_to_be_shifted));
+}
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
index 68bd204c3d85..05a1cd994477 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
@@ -42,38 +42,32 @@ namespace bb {
 template <typename Curve>
 template <typename Transcript>
 std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
-    [[maybe_unused]] Fr circuit_size,  // Will be used when constant proof sizes are in
+    Fr circuit_size,
     RefSpan<Polynomial> f_polynomials, // unshifted
     RefSpan<Polynomial> g_polynomials, // to-be-shifted
-    RefSpan<Fr> unshifted_evaluations,
-    RefSpan<Fr> shifted_evaluations,
     std::span<Fr> multilinear_challenge,
     const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
     const std::shared_ptr<Transcript>& transcript)
 {
-    ASSERT(unshifted_evaluations.size() + shifted_evaluations.size() == f_polynomials.size() + g_polynomials.size());
     size_t log_n = numeric::get_msb(static_cast<uint32_t>(circuit_size));
     size_t n = 1 << log_n;
 
     Fr rho = transcript->template get_challenge<Fr>("rho");
-    std::vector<Fr> rhos = gemini::powers_of_rho(rho, unshifted_evaluations.size() + shifted_evaluations.size());
+    std::vector<Fr> rhos = gemini::powers_of_rho(rho, f_polynomials.size() + g_polynomials.size());
 
     // Compute batched polynomials
     Polynomial batched_unshifted(n);
     Polynomial batched_to_be_shifted = Polynomial::shiftable(1 << log_n);
-    // Fr batched_evaluation = Fr::zero();
 
     const size_t num_unshifted = f_polynomials.size();
     const size_t num_to_be_shifted = g_polynomials.size();
     for (size_t i = 0; i < num_unshifted; i++) {
         Fr rho_challenge = rhos[i];
         batched_unshifted.add_scaled(f_polynomials[i], rho_challenge);
-        // batched_evaluation += unshifted_evaluations[i] * rho_challenge;
     }
     for (size_t i = 0; i < num_to_be_shifted; i++) {
         Fr rho_challenge = rhos[num_unshifted + i];
         batched_to_be_shifted.add_scaled(g_polynomials[i], rho_challenge);
-        // batched_evaluation += shifted_evaluations[i] * rho_challenge;
     }
 
     auto fold_polynomials = compute_fold_polynomials(
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
index 187fcdce629f..9b3661a2ffda 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
@@ -77,8 +77,8 @@ TEST_F(IPATest, OpenZeroPolynomial)
     EXPECT_TRUE(result);
 }
 
-// This test makes sure that even if the whole vector \vec{b} generated from the x, at which we open the polynomial, is
-// zero, IPA behaves
+// This test makes sure that even if the whole vector \vec{b} generated from the x, at which we open the polynomial,
+// is zero, IPA behaves
 TEST_F(IPATest, OpenAtZero)
 {
     using IPA = IPA<Curve>;
@@ -266,14 +266,8 @@ TEST_F(IPATest, GeminiShplonkIPAWithShift)
     // Compute:
     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-    auto prover_opening_claims = GeminiProver::prove(n,
-                                                     RefArray{ poly1, poly2 },
-                                                     RefArray{ poly2 },
-                                                     RefArray{ eval1, eval2 },
-                                                     RefArray{ eval2 },
-                                                     mle_opening_point,
-                                                     this->ck(),
-                                                     prover_transcript);
+    auto prover_opening_claims = GeminiProver::prove(
+        n, RefArray{ poly1, poly2 }, RefArray{ poly2 }, mle_opening_point, this->ck(), prover_transcript);
 
     const auto opening_claim = ShplonkProver::prove(this->ck(), prover_opening_claims, prover_transcript);
     IPA::compute_opening_proof(this->ck(), opening_claim, prover_transcript);
@@ -322,14 +316,8 @@ TEST_F(IPATest, ShpleminiIPAWithShift)
     // Compute:
     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-    auto prover_opening_claims = GeminiProver::prove(n,
-                                                     RefArray{ poly1, poly2 },
-                                                     RefArray{ poly2 },
-                                                     RefArray{ eval1, eval2 },
-                                                     RefArray{ eval2_shift },
-                                                     mle_opening_point,
-                                                     this->ck(),
-                                                     prover_transcript);
+    auto prover_opening_claims = GeminiProver::prove(
+        n, RefArray{ poly1, poly2 }, RefArray{ poly2 }, mle_opening_point, this->ck(), prover_transcript);
 
     const auto opening_claim = ShplonkProver::prove(this->ck(), prover_opening_claims, prover_transcript);
     IPA::compute_opening_proof(this->ck(), opening_claim, prover_transcript);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
index 339f58d58b96..e23a6d90c774 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/kzg/kzg.test.cpp
@@ -7,11 +7,6 @@
 #include "../commitment_key.test.hpp"
 #include "barretenberg/commitment_schemes/claim.hpp"
 
-#include "barretenberg/ecc/curves/bn254/g1.hpp"
-
-#include <gtest/gtest.h>
-#include <vector>
-
 namespace bb {
 
 template <class Curve> class KZGTest : public CommitmentTest<Curve> {
@@ -92,14 +87,8 @@ TYPED_TEST(KZGTest, GeminiShplonkKzgWithShift)
     // Compute:
     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
-    auto prover_opening_claims = GeminiProver::prove(n,
-                                                     RefArray{ poly1, poly2 },
-                                                     RefArray{ poly2 },
-                                                     RefArray{ eval1, eval2 },
-                                                     RefArray{ eval2_shift },
-                                                     mle_opening_point,
-                                                     this->ck(),
-                                                     prover_transcript);
+    auto prover_opening_claims = GeminiProver::prove(
+        n, RefArray{ poly1, poly2 }, RefArray{ poly2 }, mle_opening_point, this->ck(), prover_transcript);
 
     // Shplonk prover output:
     // - opening pair: (z_challenge, 0)
@@ -150,19 +139,26 @@ TYPED_TEST(KZGTest, ShpleminiKzgWithShift)
     // Generate multilinear polynomials, their commitments (genuine and mocked) and evaluations (genuine) at a random
     // point.
     auto mle_opening_point = this->random_evaluation_point(log_n); // sometimes denoted 'u'
-    auto poly1 = Polynomial::random(n);
-    auto poly2 = Polynomial::random(n, /*shiftable*/ 1);
+    auto poly1 = Polynomial::random(n, 1);
+    auto poly2 = Polynomial::random(n);
+    auto poly3 = Polynomial::random(n, 1);
+    auto poly4 = Polynomial::random(n);
 
     Commitment commitment1 = this->commit(poly1);
     Commitment commitment2 = this->commit(poly2);
-    std::vector<Commitment> unshifted_commitments = { commitment1, commitment2 };
-    std::vector<Commitment> shifted_commitments = { commitment1 };
+    Commitment commitment3 = this->commit(poly3);
+    Commitment commitment4 = this->commit(poly4);
+    std::vector<Commitment> unshifted_commitments = { commitment1, commitment2, commitment3, commitment4 };
+    std::vector<Commitment> shifted_commitments = { commitment1, commitment3 };
     auto eval1 = poly1.evaluate_mle(mle_opening_point);
     auto eval2 = poly2.evaluate_mle(mle_opening_point);
+    auto eval3 = poly3.evaluate_mle(mle_opening_point);
+    auto eval4 = poly4.evaluate_mle(mle_opening_point);
     auto eval1_shift = poly1.evaluate_mle(mle_opening_point, true);
+    auto eval3_shift = poly3.evaluate_mle(mle_opening_point, true);
 
     // Collect multilinear evaluations for input to prover
-    std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval1_shift };
+    std::vector<Fr> multilinear_evaluations = { eval1, eval2, eval3, eval1_shift, eval3_shift };
 
     auto prover_transcript = NativeTranscript::prover_init_empty();
 
@@ -172,10 +168,8 @@ TYPED_TEST(KZGTest, ShpleminiKzgWithShift)
     // - (d+1) opening pairs: {r, \hat{a}_0}, {-r^{2^i}, a_i}, i = 0, ..., d-1
     // - (d+1) Fold polynomials Fold_{r}^(0), Fold_{-r}^(0), and Fold^(i), i = 0, ..., d-1
     auto prover_opening_claims = GeminiProver::prove(n,
-                                                     RefArray{ poly1, poly2 },
-                                                     RefArray{ poly1 },
-                                                     RefArray{ eval1, eval2 },
-                                                     RefArray{ eval1_shift },
+                                                     RefArray{ poly1, poly2, poly3, poly4 },
+                                                     RefArray{ poly1, poly3 },
                                                      mle_opening_point,
                                                      this->ck(),
                                                      prover_transcript);
@@ -195,14 +189,15 @@ TYPED_TEST(KZGTest, ShpleminiKzgWithShift)
 
     // Gemini verifier output:
     // - claim: d+1 commitments to Fold_{r}^(0), Fold_{-r}^(0), Fold^(l), d+1 evaluations a_0_pos, a_l, l = 0:d-1
-    const auto batch_opening_claim = ShpleminiVerifier::compute_batch_opening_claim(n,
-                                                                                    RefVector(unshifted_commitments),
-                                                                                    RefVector(shifted_commitments),
-                                                                                    RefArray{ eval1, eval2 },
-                                                                                    RefArray{ eval1_shift },
-                                                                                    mle_opening_point,
-                                                                                    this->vk()->get_g1_identity(),
-                                                                                    verifier_transcript);
+    const auto batch_opening_claim =
+        ShpleminiVerifier::compute_batch_opening_claim(n,
+                                                       RefVector(unshifted_commitments),
+                                                       RefVector(shifted_commitments),
+                                                       RefArray{ eval1, eval2, eval3, eval4 },
+                                                       RefArray{ eval1_shift, eval3_shift },
+                                                       mle_opening_point,
+                                                       this->vk()->get_g1_identity(),
+                                                       verifier_transcript);
     const auto pairing_points = KZG::reduce_verify_batch_opening_claim(batch_opening_claim, verifier_transcript);
     // Final pairing check: e([Q] - [Q_z] + z[W], [1]_2) = e([W], [x]_2)
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
index 32cef2fdde89..c60d22d2b29c 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
@@ -24,20 +24,13 @@ template <typename Curve> class ShpleminiProver_ {
     static OpeningClaim prove(FF circuit_size,
                               RefSpan<Polynomial> f_polynomials,
                               RefSpan<Polynomial> g_polynomials,
-                              RefSpan<FF> unshifted_evaluations,
-                              RefSpan<FF> shifted_evaluations,
                               std::span<FF> multilinear_challenge,
                               const std::shared_ptr<CommitmentKey<Curve>>& commitment_key,
                               const std::shared_ptr<Transcript>& transcript)
     {
-        std::vector<OpeningClaim> opening_claims = GeminiProver::prove(circuit_size,
-                                                                       f_polynomials,
-                                                                       g_polynomials,
-                                                                       unshifted_evaluations,
-                                                                       shifted_evaluations,
-                                                                       multilinear_challenge,
-                                                                       commitment_key,
-                                                                       transcript);
+        std::vector<OpeningClaim> opening_claims = GeminiProver::prove(
+            circuit_size, f_polynomials, g_polynomials, multilinear_challenge, commitment_key, transcript);
+
         OpeningClaim batched_claim = ShplonkProver::prove(commitment_key, opening_claims, transcript);
         return batched_claim;
     };
@@ -49,24 +42,24 @@ template <typename Curve> class ShpleminiProver_ {
  * \subsection Context
  *
  * This Verifier combines verifiers from four protocols:
- * 1. **Batch opening protocol**: Reduces various evaluation claims of multilinear polynomials and their shifts to
- * the opening claim of a single batched polynomial.
- * 2. **Gemini protocol**: Reduces the batched polynomial opening claim to a claim about openings of Gemini
- * univariate polynomials.
- * 3. **Shplonk protocol**: Reduces the opening of Gemini univariate polynomials at different points to a single
- * opening of a batched univariate polynomial. Outputs \f$ \text{shplonk_opening_claim} \f$.
+ * 1. **Batch opening protocol**: Reduces various evaluation claims of multilinear polynomials and their shifts to the
+ *    opening claim of a single batched polynomial.
+ * 2. **Gemini protocol**: Reduces the batched polynomial opening claim to a claim about openings of Gemini univariate
+ *    polynomials.
+ * 3. **Shplonk protocol**: Reduces the opening of Gemini univariate polynomials at different points to a single opening
+ *    of a batched univariate polynomial. Outputs \f$ \text{shplonk_opening_claim} \f$.
  * 4. **KZG or IPA protocol**: Verifies the evaluation of the univariate batched by Shplonk.
  *
  * **Important Observation**: From step 1 to step 4, the Verifier is not required to hash any results of its group
- * operations. Therefore, they could be performed at the very end, i.e. by the opening protocol of a chosen
- * univariate PCS. Because of this and the shape of the pairing check in Shplonk, various batch_mul calls could be
- * reduced to a single batch_mul call. This way we minimize the number of gates in the resulting recursive verifier
- * circuits and save some group operations in the native setting.
+ * operations. Therefore, they could be performed at the very end, i.e. by the opening protocol of a chosen univariate
+ * PCS. Because of this and the shape of the pairing check in Shplonk, various batch_mul calls could be reduced to a
+ * single batch_mul call. This way we minimize the number of gates in the resulting recursive verifier circuits and save
+ * some group operations in the native setting.
  *
- * \remark The sequence of steps could be performed by performing batching of unshifted and shifted polynomials,
- * feeding it to the existing GeminiVerifier, whose output would be passed to the ShplonkVerifier and then to the
- * reduce_verify method of a chosen PCS. However, it would be less efficient than ShpleminiVerifier in terms of
- * group and field operations.
+ * \remark The sequence of steps could be performed by performing batching of unshifted and shifted polynomials, feeding
+ * it to the existing GeminiVerifier, whose output would be passed to the ShplonkVerifier and then to the reduce_verify
+ * method of a chosen PCS. However, it would be less efficient than ShpleminiVerifier in terms of group and field
+ * operations.
  *
  * \subsection Implementation
  *
@@ -81,19 +74,19 @@ template <typename Curve> class ShpleminiProver_ {
  *    - Compute the evaluation of the Gemini batched univariate.
  * 4. Output a \ref bb::BatchOpeningClaim<Curve> "batch opening claim", which is a atriple \f$ (\text{commitments},
  * \text{scalars}, \text{shplonk_evaluation_point}) \f$ that satisfies the following: \f[ \text{batch_mul}
- * (\text{commitments},\ \text{scalars}) = \text{shplonk_opening_claim}.\text{point} \f] and the sizes of
- * 'commitments' and 'scalars' are equal to: \f[
+ * (\text{commitments},\ \text{scalars}) = \text{shplonk_opening_claim}.\text{point} \f] and the sizes of 'commitments'
+ * and 'scalars' are equal to: \f[
  * \#\text{claimed_evaluations} + \text{log_circuit_size} + 2
  * \f]
  *
  * The output triple is either fed to the corresponding \ref bb::KZG< Curve_ >::reduce_verify_batch_opening_claim
- * "KZG method" or \ref bb::IPA< Curve_ >::reduce_verify_batch_opening_claim "IPA method". In the case of KZG, we
- * reduce \f$ 6 \f$ batch_mul calls needed for the verification of the multivariate evaluation claims to the single
- * batch_mul described above. In the case of IPA, the total number of batch_mul calls needed to verify the
- * multivariate evaluation claims is reduced by \f$ 5 \f$.
+ * "KZG method" or \ref bb::IPA< Curve_ >::reduce_verify_batch_opening_claim "IPA method". In the case of KZG, we reduce
+ * \f$ 6 \f$ batch_mul calls needed for the verification of the multivariate evaluation claims to the single batch_mul
+ * described above. In the case of IPA, the total number of batch_mul calls needed to verify the multivariate evaluation
+ * claims is reduced by \f$ 5 \f$.
  *
- * TODO (https://github.com/AztecProtocol/barretenberg/issues/1084) Reduce the size of batch_mul further by
- * eliminating shifted commitments.
+ * TODO (https://github.com/AztecProtocol/barretenberg/issues/1084) Reduce the size of batch_mul further by eliminating
+ * shifted commitments.
  */
 
 template <typename Curve> class ShpleminiVerifier_ {
@@ -118,13 +111,11 @@ template <typename Curve> class ShpleminiVerifier_ {
 
         // Extract log_circuit_size
         size_t log_circuit_size{ 0 };
-        info(N);
         if constexpr (Curve::is_stdlib_type) {
             log_circuit_size = numeric::get_msb(static_cast<uint32_t>(N.get_value()));
         } else {
             log_circuit_size = numeric::get_msb(static_cast<uint32_t>(N));
         }
-        info(log_circuit_size);
 
         // Get the challenge ρ to batch commitments to multilinear polynomials and their shifts
         const Fr multivariate_batching_challenge = transcript->template get_challenge<Fr>("rho");
@@ -202,8 +193,12 @@ template <typename Curve> class ShpleminiVerifier_ {
 
         // Add contributions from A₀(r) and A₀(-r) to constant_term_accumulator:
         // - Compute A₀(r)
-        const Fr a_0_pos = GeminiVerifier_<Curve>::compute_gemini_batched_univariate_evaluation(
-            batched_evaluation, multivariate_challenge, gemini_eval_challenge_powers, gemini_evaluations);
+        const Fr a_0_pos =
+            GeminiVerifier_<Curve>::compute_gemini_batched_univariate_evaluation(log_circuit_size,
+                                                                                 batched_evaluation,
+                                                                                 multivariate_challenge,
+                                                                                 gemini_eval_challenge_powers,
+                                                                                 gemini_evaluations);
         // - Add A₀(r)/(z−r) to the constant term accumulator
         constant_term_accumulator += a_0_pos * inverse_vanishing_evals[0];
         // Add A₀(−r)/(z+r) to the constant term accumulator
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
index 57c542b1b490..b1aad152f59b 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
@@ -117,9 +117,7 @@ TYPED_TEST(ShpleminiTest, CorrectnessOfMultivariateClaimBatching)
     EXPECT_EQ(batched_evaluation, verifier_batched_evaluation);
     EXPECT_EQ(-expected_result, shplemini_result);
 }
-0x0a77620a91f94ac0e8a3823a0d30688bbae0064fee682d386addae7400feb51e,
-    0x13cc6c8e5f61f0c514dcab6c00b9b7fcd13f1cee5e7027383601c3726e036f3f TYPED_TEST(ShpleminiTest,
-                                                                                  CorrectnessOfGeminiClaimBatching)
+TYPED_TEST(ShpleminiTest, CorrectnessOfGeminiClaimBatching)
 {
     using GeminiProver = GeminiProver_<TypeParam>;
     using ShpleminiVerifier = ShpleminiVerifier_<TypeParam>;
diff --git a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.cpp b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.cpp
index 92cc3e005c7f..76a64e54fd64 100644
--- a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.cpp
@@ -119,13 +119,15 @@ void ECCVMProver::execute_pcs_rounds()
 
     // Execute the ZeroMorph protocol to produce a univariate opening claim for the multilinear evaluations produced by
     // Sumcheck
-    auto multivariate_to_univariate_opening_claim = ZeroMorph::prove(key->circuit_size,
-                                                                     key->polynomials.get_unshifted(),
-                                                                     key->polynomials.get_to_be_shifted(),
-                                                                     sumcheck_output.claimed_evaluations.get_all(),
-                                                                     sumcheck_output.challenge,
-                                                                     commitment_key,
-                                                                     transcript);
+    auto multivariate_to_univariate_opening_claim =
+        ZeroMorph::prove(key->circuit_size,
+                         key->polynomials.get_unshifted(),
+                         key->polynomials.get_to_be_shifted(),
+                         sumcheck_output.claimed_evaluations.get_unshifted(),
+                         sumcheck_output.claimed_evaluations.get_shifted(),
+                         sumcheck_output.challenge,
+                         commitment_key,
+                         transcript);
 
     // Batch open the transcript polynomials as univariates for Translator consistency check. Since IPA cannot
     // currently handle polynomials for which the latter half of the coefficients are 0, we hackily
diff --git a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.cpp b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.cpp
index ffaf81848d46..26bd5ac6ce61 100644
--- a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.cpp
@@ -64,7 +64,8 @@ bool ECCVMVerifier::verify_proof(const HonkProof& proof)
     auto multivariate_to_univariate_opening_claim = ZeroMorph::verify(circuit_size,
                                                                       commitments.get_unshifted(),
                                                                       commitments.get_to_be_shifted(),
-                                                                      claimed_evaluations.get_all(),
+                                                                      claimed_evaluations.get_unshifted(),
+                                                                      claimed_evaluations.get_shifted(),
                                                                       multivariate_challenge,
                                                                       key->pcs_verification_key->get_g1_identity(),
                                                                       transcript);
diff --git a/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp b/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp
index e150eff27721..cc443d58fa6d 100644
--- a/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp
@@ -367,7 +367,7 @@ template <typename T>
 concept IsHonkFlavor = IsAnyOf<T, UltraFlavor, UltraKeccakFlavor, UltraFlavorWithZK, MegaFlavor>;
 
 template <typename T>
-concept IsUltraFlavor = IsAnyOf<T, UltraFlavor, UltraKeccakFlavor, UltraFlavorWithZK,MegaFlavor>;
+concept IsUltraFlavor = IsAnyOf<T, UltraFlavor, UltraKeccakFlavor, UltraFlavorWithZK, MegaFlavor>;
 
 template <typename T>
 concept IsGoblinFlavor = IsAnyOf<T, MegaFlavor,
diff --git a/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp
index 7f5c5096b521..234122e1ec32 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp
@@ -1,4 +1,3 @@
-
 #include "./translator_recursive_verifier.hpp"
 #include "barretenberg/commitment_schemes/zeromorph/zeromorph.hpp"
 #include "barretenberg/common/throw_or_abort.hpp"
diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp
index 0863d32932b0..566c3e7d6d7c 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/mega_flavor.hpp
@@ -1,6 +1,5 @@
 #pragma once
 #include "barretenberg/commitment_schemes/kzg/kzg.hpp"
-#include "barretenberg/commitment_schemes/zeromorph/zeromorph.hpp"
 #include "barretenberg/common/ref_vector.hpp"
 #include "barretenberg/flavor/flavor.hpp"
 #include "barretenberg/flavor/flavor_macros.hpp"
diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
index de5c6cf50756..fe5dbe526c99 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
@@ -1,6 +1,5 @@
 #pragma once
 #include "barretenberg/commitment_schemes/kzg/kzg.hpp"
-#include "barretenberg/commitment_schemes/zeromorph/zeromorph.hpp"
 #include "barretenberg/ecc/curves/bn254/g1.hpp"
 #include "barretenberg/flavor/flavor.hpp"
 #include "barretenberg/flavor/flavor_macros.hpp"
diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp
index 744bc57140da..68653fbdb873 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_keccak_flavor.hpp
@@ -34,6 +34,7 @@ class UltraKeccakFlavor : public bb::UltraFlavor {
      * that, and split out separate PrecomputedPolynomials/Commitments data for clarity but also for portability of our
      * circuits.
      */
+    // TODO(https://github.com/AztecProtocol/barretenberg/issues/1094): Add aggregation
     class VerificationKey : public VerificationKey_<PrecomputedEntities<Commitment>, VerifierCommitmentKey> {
       public:
         VerificationKey() = default;
diff --git a/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp b/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp
index 1086d4b20bf2..205d0dd98536 100644
--- a/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp
@@ -683,8 +683,6 @@ class TranslatorFlavor {
                              this->ordered_range_constraints_4 };
         };
 
-        auto get_all_without_concatenated() { return concatenate(get_unshifted_without_concatenated(), get_shifted()); }
-
         // Gemini-specific getters.
         auto get_unshifted()
         {
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp
index 0a589dac56ad..e8063431f7db 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_prover.cpp
@@ -47,17 +47,30 @@ template <IsUltraFlavor Flavor> void DeciderProver_<Flavor>::execute_relation_ch
  * */
 template <IsUltraFlavor Flavor> void DeciderProver_<Flavor>::execute_pcs_rounds()
 {
-    using BatchedMultivariateOpeningScheme =
-        std::conditional_t<IsAnyOf<Flavor, UltraKeccakFlavor>, ShpleminiProver_<Curve>, ZeroMorphProver_<Curve>>;
-    auto prover_opening_claim =
-        BatchedMultivariateOpeningScheme::prove(proving_key->proving_key.circuit_size,
-                                                proving_key->proving_key.polynomials.get_unshifted(),
-                                                proving_key->proving_key.polynomials.get_to_be_shifted(),
-                                                sumcheck_output.claimed_evaluations.get_unshifted(),
-                                                sumcheck_output.claimed_evaluations.get_shifted(),
-                                                sumcheck_output.challenge,
-                                                commitment_key,
-                                                transcript);
+    using OpeningClaim = ProverOpeningClaim<Curve>;
+
+    // TODO(https://github.com/AztecProtocol/barretenberg/issues/1109): Remove this hack once the verifier runs on
+    // Shplemini for all Ultra flavors
+    OpeningClaim prover_opening_claim;
+    if constexpr (bb::IsAnyOf<Flavor, UltraKeccakFlavor>) {
+
+        prover_opening_claim = ShpleminiProver_<Curve>::prove(proving_key->proving_key.circuit_size,
+                                                              proving_key->proving_key.polynomials.get_unshifted(),
+                                                              proving_key->proving_key.polynomials.get_to_be_shifted(),
+                                                              sumcheck_output.challenge,
+                                                              commitment_key,
+                                                              transcript);
+    } else {
+
+        prover_opening_claim = ZeroMorphProver_<Curve>::prove(proving_key->proving_key.circuit_size,
+                                                              proving_key->proving_key.polynomials.get_unshifted(),
+                                                              proving_key->proving_key.polynomials.get_to_be_shifted(),
+                                                              sumcheck_output.claimed_evaluations.get_unshifted(),
+                                                              sumcheck_output.claimed_evaluations.get_shifted(),
+                                                              sumcheck_output.challenge,
+                                                              commitment_key,
+                                                              transcript);
+    }
     PCS::compute_opening_proof(commitment_key, prover_opening_claim, transcript);
 }
 
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
index 18ce637edc05..c01393704006 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.cpp
@@ -57,6 +57,8 @@ template <typename Flavor> bool DeciderVerifier_<Flavor>::verify()
     }
 
     std::array<GroupElement, 2> pairing_points;
+    // TODO(https://github.com/AztecProtocol/barretenberg/issues/1109): Remove this hack once the verifier runs on
+    // Shplemini for all Ultra flavors
     if constexpr (bb::IsAnyOf<Flavor, UltraKeccakFlavor>) {
         auto opening_claim = Shplemini::compute_batch_opening_claim(accumulator->verification_key->circuit_size,
                                                                     commitments.get_unshifted(),
@@ -67,8 +69,9 @@ template <typename Flavor> bool DeciderVerifier_<Flavor>::verify()
                                                                     Commitment::one(),
                                                                     transcript);
         pairing_points = PCS::reduce_verify_batch_opening_claim(opening_claim, transcript);
-
     } else {
+        // Execute ZeroMorph rounds. See https://hackmd.io/dlf9xEwhTQyE3hiGbq4FsA?view for a complete description of the
+        // unrolled protocol.
         auto opening_claim = ZeroMorph::verify(accumulator->verification_key->circuit_size,
                                                commitments.get_unshifted(),
                                                commitments.get_to_be_shifted(),
@@ -79,10 +82,7 @@ template <typename Flavor> bool DeciderVerifier_<Flavor>::verify()
                                                transcript);
         pairing_points = PCS::reduce_verify(opening_claim, transcript);
     }
-    // Execute ZeroMorph rounds. See https://hackmd.io/dlf9xEwhTQyE3hiGbq4FsA?view for a complete description of the
-    // unrolled protocol.
-
-    auto verified = pcs_verification_key->pairing_check(pairing_points[0], pairing_points[1]);
+    bool verified = pcs_verification_key->pairing_check(pairing_points[0], pairing_points[1]);
 
     return sumcheck_verified.value() && verified;
 }

From 811cdfb0e98e89a41e9bd395506fc34efd7efa69 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Mon, 23 Sep 2024 15:27:47 +0000
Subject: [PATCH 15/25] remove infos

---
 .../src/barretenberg/commitment_schemes/shplonk/shplemini.hpp    | 1 -
 1 file changed, 1 deletion(-)

diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
index c60d22d2b29c..9e5067bcbcef 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
@@ -178,7 +178,6 @@ template <typename Curve> class ShpleminiVerifier_ {
                                           commitments,
                                           scalars,
                                           batched_evaluation);
-        info("Verifier: ", batched_evaluation);
 
         // Place the commitments to Gemini Aᵢ to the vector of commitments, compute the contributions from
         // Aᵢ(−r²ⁱ) for i=1, … , n−1 to the constant term accumulator, add corresponding scalars

From e059c3c5ada5e3b923a8a8348dc90631b36447e4 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Tue, 24 Sep 2024 07:24:29 +0000
Subject: [PATCH 16/25] fix build and some cleanup

---
 .../commitment_schemes/shplonk/shplemini.hpp           |  9 ++++-----
 .../commitment_schemes_recursion/shplemini.test.cpp    | 10 ++--------
 2 files changed, 6 insertions(+), 13 deletions(-)

diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
index 9e5067bcbcef..f3b2db272f60 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
@@ -291,11 +291,11 @@ template <typename Curve> class ShpleminiVerifier_ {
         }
     }
     /**
-     * @brief Populates the 'commitments' and 'scalars' vectors with the commitments to Gemini fold polynomials \f$
-     * A_i \f$.
+     * @brief Populates the 'commitments' and 'scalars' vectors with the commitments to Gemini fold polynomials \f$ A_i
+     * \f$.
      *
-     * @details Once the commitments to Gemini "fold" polynomials \f$ A_i \f$ and their evaluations at \f$ -r^{2^i}
-     * \f$, where \f$ i = 1, \ldots, n-1 \f$, are received by the verifier, it performs the following operations:
+     * @details Once the commitments to Gemini "fold" polynomials \f$ A_i \f$ and their evaluations at \f$ -r^{2^i} \f$,
+     * where \f$ i = 1, \ldots, n-1 \f$, are received by the verifier, it performs the following operations:
      *
      * 1. Moves the vector
      * \f[
@@ -350,5 +350,4 @@ template <typename Curve> class ShpleminiVerifier_ {
         }
     }
 };
-
 } // namespace bb
\ No newline at end of file
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
index eec1bbe2ec87..1398cefe7e84 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
@@ -85,14 +85,8 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
 
     // Initialize an empty NativeTranscript
     auto prover_transcript = NativeTranscript::prover_init_empty();
-    auto prover_opening_claims = ShpleminiProver::prove(N,
-                                                        RefVector(f_polynomials),
-                                                        RefVector(g_polynomials),
-                                                        RefVector(v_evaluations),
-                                                        RefVector(w_evaluations),
-                                                        u_challenge,
-                                                        commitment_key,
-                                                        prover_transcript);
+    auto prover_opening_claims = ShpleminiProver::prove(
+        N, RefVector(f_polynomials), RefVector(g_polynomials), u_challenge, commitment_key, prover_transcript);
 
     Builder builder;
     StdlibProof<Builder> stdlib_proof = bb::convert_proof_to_witness(&builder, prover_transcript->proof_data);

From a2c2c99e0cd3057449f36a0f1a6732cc2aeaf6d5 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Tue, 24 Sep 2024 07:30:09 +0000
Subject: [PATCH 17/25] some more cleanup

---
 .../cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp  | 3 ---
 .../src/barretenberg/commitment_schemes/shplonk/shplemini.hpp | 4 ++--
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
index 9b3661a2ffda..7db3ea01e3b0 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp
@@ -8,9 +8,6 @@
 #include "barretenberg/ecc/curves/bn254/fq12.hpp"
 #include "barretenberg/ecc/curves/types.hpp"
 #include "barretenberg/polynomials/polynomial_arithmetic.hpp"
-#include <gtest/gtest.h>
-#include <utility>
-
 using namespace bb;
 
 namespace {
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
index f3b2db272f60..98f4aa221477 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
@@ -21,7 +21,7 @@ template <typename Curve> class ShpleminiProver_ {
     using GeminiProver = GeminiProver_<Curve>;
 
     template <typename Transcript>
-    static OpeningClaim prove(FF circuit_size,
+    static OpeningClaim prove(const FF circuit_size,
                               RefSpan<Polynomial> f_polynomials,
                               RefSpan<Polynomial> g_polynomials,
                               std::span<FF> multilinear_challenge,
@@ -106,7 +106,7 @@ template <typename Curve> class ShpleminiVerifier_ {
                                                                 RefSpan<Fr> shifted_evaluations,
                                                                 const std::vector<Fr>& multivariate_challenge,
                                                                 const Commitment& g1_identity,
-                                                                std::shared_ptr<Transcript>& transcript)
+                                                                const std::shared_ptr<Transcript>& transcript)
     {
 
         // Extract log_circuit_size

From 48b0bcdd31ce854a96542cf7b388d7e88988a500 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Tue, 24 Sep 2024 09:56:29 +0000
Subject: [PATCH 18/25] draft

---
 barretenberg/acir_tests/sol-test/src/index.js | 4 +++-
 barretenberg/cpp/src/barretenberg/bb/main.cpp | 7 ++++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/barretenberg/acir_tests/sol-test/src/index.js b/barretenberg/acir_tests/sol-test/src/index.js
index bcfed9528922..c6b983b53f57 100644
--- a/barretenberg/acir_tests/sol-test/src/index.js
+++ b/barretenberg/acir_tests/sol-test/src/index.js
@@ -4,10 +4,11 @@ import { spawn } from "child_process";
 import { ethers } from "ethers";
 import solc from "solc";
 import linker from "solc/linker.js";
+import { info } from "console";
 
 const NUMBER_OF_FIELDS_IN_PLONK_PROOF = 93;
 // This excludes the public inputs which are sent separately to the Solidity verifier
-const NUMBER_OF_FIELDS_IN_HONK_PROOF = 423;
+const NUMBER_OF_FIELDS_IN_HONK_PROOF = 303;
 
 // We use the solcjs compiler version in this test, although it is slower than foundry, to run the test end to end
 // it simplifies of parallelising the test suite
@@ -149,6 +150,7 @@ const readPublicInputs = (proofAsFields) => {
   const publicInputs = [];
   // Compute the number of public inputs, not accounted  for in the constant NUMBER_OF_FIELDS_IN_PROOF
   const numPublicInputs = proofAsFields.length - NUMBER_OF_FIELDS_IN_PROOF;
+  info(numPublicInputs);
   let publicInputsOffset = 0;
 
   // Honk proofs contain 3 pieces of metadata before the public inputs, while plonk does not
diff --git a/barretenberg/cpp/src/barretenberg/bb/main.cpp b/barretenberg/cpp/src/barretenberg/bb/main.cpp
index e2451319fc19..30adc8643f72 100644
--- a/barretenberg/cpp/src/barretenberg/bb/main.cpp
+++ b/barretenberg/cpp/src/barretenberg/bb/main.cpp
@@ -1099,6 +1099,12 @@ void prove_honk(const std::string& bytecodePath, const std::string& witnessPath,
     // Construct Honk proof
     Prover prover = compute_valid_prover<Flavor>(bytecodePath, witnessPath);
     auto proof = prover.construct_proof();
+    // TODO(): remove this hack, put in place to only send the proof up to sumcheck to the contract
+    if constexpr (std::same_as<Flavor, UltraKeccakFlavor>) {
+        auto num_public_inputs = static_cast<uint32_t>(prover.proving_key->proving_key.num_public_inputs);
+        proof.erase(proof.begin() + num_public_inputs + 303, proof.end());
+    }
+    info(proof.size());
     if (outputPath == "-") {
         writeRawBytesToStdout(to_buffer</*include_size=*/true>(proof));
         vinfo("proof written to stdout");
@@ -1494,7 +1500,6 @@ int main(int argc, char* argv[])
             std::string output_path = get_option(args, "-o", "./target/contract.sol");
             contract(output_path, vk_path);
         } else if (command == "contract_ultra_honk") {
-            vinfo("Warning: Contract incomplete. Do not use in production!");
             std::string output_path = get_option(args, "-o", "./target/contract.sol");
             contract_honk(output_path, vk_path);
         } else if (command == "write_vk") {

From ae129dbbcdd8f6e06a23c01c7142cd91315f8c59 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Tue, 24 Sep 2024 10:55:55 +0000
Subject: [PATCH 19/25] fix sol honk flow

---
 barretenberg/acir_tests/sol-test/src/index.js                | 3 ++-
 barretenberg/cpp/src/barretenberg/bb/main.cpp                | 5 +++--
 .../barretenberg/stdlib_circuit_builders/ultra_flavor.hpp    | 5 ++++-
 barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp      | 1 +
 .../cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp      | 1 +
 barretenberg/sol/src/honk/instance/Add2Honk.sol              | 3 ++-
 6 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/barretenberg/acir_tests/sol-test/src/index.js b/barretenberg/acir_tests/sol-test/src/index.js
index c6b983b53f57..8115148bf2d3 100644
--- a/barretenberg/acir_tests/sol-test/src/index.js
+++ b/barretenberg/acir_tests/sol-test/src/index.js
@@ -7,7 +7,8 @@ import linker from "solc/linker.js";
 import { info } from "console";
 
 const NUMBER_OF_FIELDS_IN_PLONK_PROOF = 93;
-// This excludes the public inputs which are sent separately to the Solidity verifier
+// TODO(https://github.com/AztecProtocol/barretenberg/issues/1093): This is the size of the proof up to Sumcheck, without public inputs, as the Honk contract does not currently have a PCS.
+// This needs to be changed once Shplemini is implemented in the smart contract.
 const NUMBER_OF_FIELDS_IN_HONK_PROOF = 303;
 
 // We use the solcjs compiler version in this test, although it is slower than foundry, to run the test end to end
diff --git a/barretenberg/cpp/src/barretenberg/bb/main.cpp b/barretenberg/cpp/src/barretenberg/bb/main.cpp
index 30adc8643f72..cadf836cc536 100644
--- a/barretenberg/cpp/src/barretenberg/bb/main.cpp
+++ b/barretenberg/cpp/src/barretenberg/bb/main.cpp
@@ -1099,12 +1099,13 @@ void prove_honk(const std::string& bytecodePath, const std::string& witnessPath,
     // Construct Honk proof
     Prover prover = compute_valid_prover<Flavor>(bytecodePath, witnessPath);
     auto proof = prover.construct_proof();
-    // TODO(): remove this hack, put in place to only send the proof up to sumcheck to the contract
+    // TODO(https://github.com/AztecProtocol/barretenberg/issues/1093): As the Smart contract doesn't verify the PCS and
+    // Shplemini is not constant size, we slice the proof up to sumcheck so calculation of public inputs is correct.
+    // This hack will be subsequently removed.
     if constexpr (std::same_as<Flavor, UltraKeccakFlavor>) {
         auto num_public_inputs = static_cast<uint32_t>(prover.proving_key->proving_key.num_public_inputs);
         proof.erase(proof.begin() + num_public_inputs + 303, proof.end());
     }
-    info(proof.size());
     if (outputPath == "-") {
         writeRawBytesToStdout(to_buffer</*include_size=*/true>(proof));
         vinfo("proof written to stdout");
diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
index fe5dbe526c99..b40174ce1646 100644
--- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
+++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_flavor.hpp
@@ -57,12 +57,15 @@ class UltraFlavor {
     // Note: made generic for use in MegaRecursive.
     template <typename FF>
 
+    // List of relations reflecting the Ultra arithmetisation. WARNING: As UltraKeccak flavor inherits from Ultra flavor
+    // any change of ordering in this tuple needs to be reflected in the smart contract, otherwise relation accumulation
+    // will not match.
     using Relations_ = std::tuple<bb::UltraArithmeticRelation<FF>,
                                   bb::UltraPermutationRelation<FF>,
+                                  bb::LogDerivLookupRelation<FF>,
                                   bb::DeltaRangeConstraintRelation<FF>,
                                   bb::EllipticRelation<FF>,
                                   bb::AuxiliaryRelation<FF>,
-                                  bb::LogDerivLookupRelation<FF>,
                                   bb::Poseidon2ExternalRelation<FF>,
                                   bb::Poseidon2InternalRelation<FF>>;
 
diff --git a/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp b/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp
index fccab56b551c..d42eb4a4fc5a 100644
--- a/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp
+++ b/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp
@@ -261,6 +261,7 @@ template <typename Flavor> class SumcheckProver {
             transcript->send_to_verifier("Sumcheck:univariate_" + std::to_string(idx), zero_univariate);
             FF round_challenge = transcript->template get_challenge<FF>("Sumcheck:u_" + std::to_string(idx));
             multivariate_challenge.emplace_back(round_challenge);
+            info(round_challenge);
         }
         // The evaluations of Libra uninvariates at \f$ g_0(u_0), \ldots, g_{d-1} (u_{d-1}) \f$ are added to the
         // transcript.
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp
index 62dfe74c9c1e..6ddd7d511fd8 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp
@@ -62,6 +62,7 @@ TYPED_TEST(UltraHonkTests, ANonZeroPolynomialIsAGoodPolynomial)
     auto circuit_builder = UltraCircuitBuilder();
 
     auto proving_key = std::make_shared<typename TestFixture::DeciderProvingKey>(circuit_builder);
+    info(proving_key->proving_key.num_public_inputs);
     typename TestFixture::Prover prover(proving_key);
     auto proof = prover.construct_proof();
     auto& polynomials = proving_key->proving_key.polynomials;
diff --git a/barretenberg/sol/src/honk/instance/Add2Honk.sol b/barretenberg/sol/src/honk/instance/Add2Honk.sol
index a6eaec5afa81..a4afcb3626f1 100644
--- a/barretenberg/sol/src/honk/instance/Add2Honk.sol
+++ b/barretenberg/sol/src/honk/instance/Add2Honk.sol
@@ -16,7 +16,7 @@ import {
     CONST_PROOF_SIZE_LOG_N
 } from "../HonkTypes.sol";
 
-import {ecMul, ecAdd, ecSub, negateInplace, convertProofPoint} from "../utils.sol";
+import {ecMul, logFr, ecAdd, ecSub, negateInplace, convertProofPoint} from "../utils.sol";
 
 // Field arithmetic libraries - prevent littering the code with modmul / addmul
 import {MODULUS as P, MINUS_ONE, Fr, FrLib} from "../Fr.sol";
@@ -99,6 +99,7 @@ contract Add2HonkVerifier is IVerifier {
             if (!valid) revert SumcheckFailed();
 
             Fr roundChallenge = tp.sumCheckUChallenges[round];
+            logFr("round challenge: ", roundChallenge);
 
             // Update the round target for the next rounf
             roundTarget = computeNextTargetSum(roundUnivariate, roundChallenge);

From 6b45f0e4b49b9dadf4e32ca21bcf805f329b3c16 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Tue, 24 Sep 2024 13:53:55 +0000
Subject: [PATCH 20/25] make fold polys and fold comms constant

---
 .../commitment_schemes/gemini/gemini.hpp      | 56 +++++++++++--------
 .../commitment_schemes/gemini/gemini_impl.hpp | 18 ++++--
 2 files changed, 46 insertions(+), 28 deletions(-)

diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
index 0766722893ed..9823b0a8ad1e 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
@@ -95,6 +95,7 @@ template <class Fr> inline std::vector<Fr> powers_of_evaluation_challenge(const
 
 template <typename Curve> class GeminiProver_ {
     using Fr = typename Curve::ScalarField;
+    using Commitment = typename Curve::AffineElement;
     using Polynomial = bb::Polynomial<Fr>;
     using Claim = ProverOpeningClaim<Curve>;
 
@@ -168,11 +169,11 @@ template <typename Curve> class GeminiVerifier_ {
 
         // compute vector of powers of random evaluation point r
         const Fr r = transcript->template get_challenge<Fr>("Gemini:r");
-        const std::vector<Fr> r_squares = gemini::powers_of_evaluation_challenge(r, num_variables);
+        const std::vector<Fr> r_squares = gemini::powers_of_evaluation_challenge(r, CONST_PROOF_SIZE_LOG_N);
 
         // Get evaluations a_i, i = 0,...,m-1 from transcript
         const std::vector<Fr> evaluations = get_gemini_evaluations(num_variables, transcript);
-        // Compute evaluation A₀(r)
+        // Compute evaluation of A₀(r)
         auto a_0_pos = compute_gemini_batched_univariate_evaluation(
             num_variables, batched_evaluation, multilinear_challenge, r_squares, evaluations);
 
@@ -197,22 +198,24 @@ template <typename Curve> class GeminiVerifier_ {
         return fold_polynomial_opening_claims;
     }
 
-    static std::vector<Commitment> get_fold_commitments(const size_t log_circuit_size, auto& transcript)
+    static std::vector<Commitment> get_fold_commitments([[maybe_unused]] const size_t log_circuit_size,
+                                                        auto& transcript)
     {
         std::vector<Commitment> fold_commitments;
-        fold_commitments.reserve(log_circuit_size - 1);
-        for (size_t i = 0; i < log_circuit_size - 1; ++i) {
+        fold_commitments.reserve(CONST_PROOF_SIZE_LOG_N - 1);
+        for (size_t i = 0; i < CONST_PROOF_SIZE_LOG_N - 1; ++i) {
             const Commitment commitment =
                 transcript->template receive_from_prover<Commitment>("Gemini:FOLD_" + std::to_string(i + 1));
             fold_commitments.emplace_back(commitment);
         }
         return fold_commitments;
     }
-    static std::vector<Fr> get_gemini_evaluations(const size_t log_circuit_size, auto& transcript)
+    static std::vector<Fr> get_gemini_evaluations([[maybe_unused]] const size_t log_circuit_size, auto& transcript)
     {
         std::vector<Fr> gemini_evaluations;
-        gemini_evaluations.reserve(log_circuit_size);
-        for (size_t i = 1; i <= log_circuit_size; ++i) {
+        gemini_evaluations.reserve(CONST_PROOF_SIZE_LOG_N);
+
+        for (size_t i = 1; i <= CONST_PROOF_SIZE_LOG_N; ++i) {
             const Fr evaluation = transcript->template receive_from_prover<Fr>("Gemini:a_" + std::to_string(i));
             gemini_evaluations.emplace_back(evaluation);
         }
@@ -241,29 +244,36 @@ template <typename Curve> class GeminiVerifier_ {
      * @param fold_polynomial_evals  Evaluations \f$ A_{i-1}(-r^{2^{i-1}}) \f$.
      * @return Evaluation \f$ A_0(r) \f$.
      */
-    static Fr compute_gemini_batched_univariate_evaluation(size_t evaluation_point_size,
-                                                           Fr& batched_eval_accumulator,
-                                                           std::span<const Fr> evaluation_point,
-                                                           std::span<const Fr> challenge_powers,
-                                                           std::span<const Fr> fold_polynomial_evals)
+    static Fr compute_gemini_batched_univariate_evaluation(
+        const size_t num_variables,
+        Fr& batched_eval_accumulator,
+        std::span<const Fr> evaluation_point, // CONST_PROOF_SIZE
+        std::span<const Fr> challenge_powers, // r_squares CONST_PROOF_SIZE_LOG_N
+        std::span<const Fr> fold_polynomial_evals)
     {
-        const size_t num_variables = evaluation_point_size;
-
         const auto& evals = fold_polynomial_evals;
 
         // Solve the sequence of linear equations
-        for (size_t l = num_variables; l != 0; --l) {
+        for (size_t l = CONST_PROOF_SIZE_LOG_N; l != 0; --l) {
             // Get r²⁽ˡ⁻¹⁾
             const Fr& challenge_power = challenge_powers[l - 1];
-            // Get A₍ₗ₋₁₎(−r²⁽ˡ⁻¹⁾)
-            const Fr& eval_neg = evals[l - 1];
             // Get uₗ₋₁
             const Fr& u = evaluation_point[l - 1];
-            // Compute the numerator
-            batched_eval_accumulator =
-                ((challenge_power * batched_eval_accumulator * 2) - eval_neg * (challenge_power * (Fr(1) - u) - u));
-            // Divide by the denominator
-            batched_eval_accumulator *= (challenge_power * (Fr(1) - u) + u).invert();
+            const Fr& eval_neg = evals[l - 1];
+            bool is_dummy_round = (l > num_variables);
+            if (is_dummy_round) {
+                if (Curve::is_stdlib_type) {
+                    // do dummy operations
+                }
+
+            } else {
+                // Get A₍ₗ₋₁₎(−r²⁽ˡ⁻¹⁾)
+                // Compute the numerator
+                batched_eval_accumulator =
+                    ((challenge_power * batched_eval_accumulator * 2) - eval_neg * (challenge_power * (Fr(1) - u) - u));
+                // Divide by the denominator
+                batched_eval_accumulator *= (challenge_power * (Fr(1) - u) + u).invert();
+            }
         }
 
         return batched_eval_accumulator;
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
index 05a1cd994477..fde94fdcdb13 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
@@ -73,15 +73,23 @@ std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
     auto fold_polynomials = compute_fold_polynomials(
         log_n, multilinear_challenge, std::move(batched_unshifted), std::move(batched_to_be_shifted));
 
-    for (size_t l = 0; l < log_n - 1; l++) {
-        transcript->send_to_verifier("Gemini:FOLD_" + std::to_string(l + 1),
-                                     commitment_key->commit(fold_polynomials[l + 2]));
+    for (size_t l = 0; l < CONST_PROOF_SIZE_LOG_N - 1; l++) {
+        if (l < log_n - 1) {
+            transcript->send_to_verifier("Gemini:FOLD_" + std::to_string(l + 1),
+                                         commitment_key->commit(fold_polynomials[l + 2]));
+        } else {
+            transcript->send_to_verifier("Gemini:FOLD_" + std::to_string(l + 1), Commitment::one());
+        }
     }
     const Fr r_challenge = transcript->template get_challenge<Fr>("Gemini:r");
     std::vector<Claim> claims = compute_fold_polynomial_evaluations(log_n, std::move(fold_polynomials), r_challenge);
 
-    for (size_t l = 1; l <= log_n; l++) {
-        transcript->send_to_verifier("Gemini:a_" + std::to_string(l), claims[l].opening_pair.evaluation);
+    for (size_t l = 1; l <= CONST_PROOF_SIZE_LOG_N; l++) {
+        if (l <= log_n) {
+            transcript->send_to_verifier("Gemini:a_" + std::to_string(l), claims[l].opening_pair.evaluation);
+        } else {
+            transcript->send_to_verifier("Gemini:a_" + std::to_string(l), Fr::zero());
+        }
     }
 
     return claims;

From 85a44e8512a4cba9940ef5aa716edf3ad2ded217 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Thu, 26 Sep 2024 12:25:36 +0000
Subject: [PATCH 21/25] constant size shplemini

---
 .../circuit_checker/ultra_circuit_checker.cpp |  1 +
 .../commitment_schemes/gemini/gemini.hpp      | 28 +++++----
 .../commitment_schemes/shplonk/shplemini.hpp  | 53 ++++++++++++-----
 .../shplonk/shplemini.test.cpp                |  3 +-
 .../commitment_schemes/shplonk/shplonk.hpp    | 59 ++++++++++++-------
 .../zeromorph/zeromorph.hpp                   |  2 +-
 .../shplemini.test.cpp                        | 46 ++++++++++-----
 .../zeromorph.test.cpp                        |  6 +-
 .../src/barretenberg/sumcheck/sumcheck.hpp    |  1 +
 9 files changed, 131 insertions(+), 68 deletions(-)

diff --git a/barretenberg/cpp/src/barretenberg/circuit_checker/ultra_circuit_checker.cpp b/barretenberg/cpp/src/barretenberg/circuit_checker/ultra_circuit_checker.cpp
index ad032fd2840f..64bf61da9e33 100644
--- a/barretenberg/cpp/src/barretenberg/circuit_checker/ultra_circuit_checker.cpp
+++ b/barretenberg/cpp/src/barretenberg/circuit_checker/ultra_circuit_checker.cpp
@@ -20,6 +20,7 @@ template <typename Builder> bool UltraCircuitChecker::check(const Builder& build
     // Create a copy of the input circuit and finalize it
     Builder builder{ builder_in };
     builder.finalize_circuit();
+    info(builder.num_gates);
 
     // Construct a hash table for lookup table entries to efficiently determine if a lookup gate is valid
     LookupHashTable lookup_hash_table;
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
index 9823b0a8ad1e..f6b8692e167d 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
@@ -260,19 +260,27 @@ template <typename Curve> class GeminiVerifier_ {
             // Get uₗ₋₁
             const Fr& u = evaluation_point[l - 1];
             const Fr& eval_neg = evals[l - 1];
+            // Fr batched_eval_round_acc = batched_eval_accumulator;
+            // Get A₍ₗ₋₁₎(−r²⁽ˡ⁻¹⁾)
+            // Compute the numerator
+            Fr batched_eval_round_acc =
+                ((challenge_power * batched_eval_accumulator * 2) - eval_neg * (challenge_power * (Fr(1) - u) - u));
+            // Divide by the denominator
+            batched_eval_round_acc *= (challenge_power * (Fr(1) - u) + u).invert();
+
             bool is_dummy_round = (l > num_variables);
-            if (is_dummy_round) {
-                if (Curve::is_stdlib_type) {
-                    // do dummy operations
-                }
 
-            } else {
-                // Get A₍ₗ₋₁₎(−r²⁽ˡ⁻¹⁾)
-                // Compute the numerator
+            if constexpr (Curve::is_stdlib_type) {
+                auto builder = evaluation_point[0].get_context();
+                // TODO(https://github.com/AztecProtocol/barretenberg/issues/1114): insecure!
+                stdlib::bool_t dummy_round = stdlib::bool_t(builder, is_dummy_round);
                 batched_eval_accumulator =
-                    ((challenge_power * batched_eval_accumulator * 2) - eval_neg * (challenge_power * (Fr(1) - u) - u));
-                // Divide by the denominator
-                batched_eval_accumulator *= (challenge_power * (Fr(1) - u) + u).invert();
+                    Fr::conditional_assign(dummy_round, batched_eval_accumulator, batched_eval_round_acc);
+
+            } else {
+                if (!is_dummy_round) {
+                    batched_eval_accumulator = batched_eval_round_acc;
+                }
             }
         }
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
index 98f4aa221477..15db11d90a30 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
@@ -128,9 +128,9 @@ template <typename Curve> class ShpleminiVerifier_ {
         const Fr gemini_evaluation_challenge = transcript->template get_challenge<Fr>("Gemini:r");
         // - Get evaluations (A₀(−r), A₁(−r²), ... , Aₙ₋₁(−r²⁽ⁿ⁻¹⁾))
         const std::vector<Fr> gemini_evaluations = GeminiVerifier::get_gemini_evaluations(log_circuit_size, transcript);
-        // - Compute vector (r, r², ... , r²⁽ⁿ⁻¹⁾), where n = log_circuit_size
+        // - Compute vector (r, r², ... , r²⁽ⁿ⁻¹⁾), where n = log_circuit_size, I think this should be CONST_PROOF_SIZE
         const std::vector<Fr> gemini_eval_challenge_powers =
-            gemini::powers_of_evaluation_challenge(gemini_evaluation_challenge, log_circuit_size);
+            gemini::powers_of_evaluation_challenge(gemini_evaluation_challenge, CONST_PROOF_SIZE_LOG_N);
 
         // Process Shplonk transcript data:
         // - Get Shplonk batching challenge
@@ -143,7 +143,7 @@ template <typename Curve> class ShpleminiVerifier_ {
         // Get Shplonk opening point z
         const Fr shplonk_evaluation_challenge = transcript->template get_challenge<Fr>("Shplonk:z");
         // Start computing the scalar to be multiplied by [1]₁
-        Fr constant_term_accumulator{ 0 };
+        Fr constant_term_accumulator = Fr(0);
 
         // Initialize the vector of scalars placing the scalar 1 correposnding to Q_commitment
         std::vector<Fr> scalars;
@@ -154,6 +154,7 @@ template <typename Curve> class ShpleminiVerifier_ {
             scalars.emplace_back(Fr(1));
         }
         // Compute 1/(z − r), 1/(z + r), 1/(z + r²), … , 1/(z + r²⁽ⁿ⁻¹⁾) needed for Shplonk batching
+        // THIS NEEDS WORK, we need CONST_PROOF_SI~Z
         const std::vector<Fr> inverse_vanishing_evals = ShplonkVerifier::compute_inverted_gemini_denominators(
             log_circuit_size + 1, shplonk_evaluation_challenge, gemini_eval_challenge_powers);
 
@@ -167,7 +168,8 @@ template <typename Curve> class ShpleminiVerifier_ {
 
         // Place the commitments to prover polynomials in the commitments vector. Compute the evaluation of the
         // batched multilinear polynomial. Populate the vector of scalars for the final batch mul
-        Fr batched_evaluation{ 0 };
+        Fr batched_evaluation = Fr(0);
+        // THIS IS FINE
         batch_multivariate_opening_claims(unshifted_commitments,
                                           shifted_commitments,
                                           unshifted_evaluations,
@@ -325,26 +327,45 @@ template <typename Curve> class ShpleminiVerifier_ {
      * @param scalars Output vector where the computed scalars will be stored.
      * @param constant_term_accumulator The accumulator for the summands of the constant term.
      */
-    static void batch_gemini_claims_received_from_prover(const size_t log_circuit_size,
-                                                         const std::vector<Commitment>& fold_commitments,
-                                                         const std::vector<Fr>& gemini_evaluations,
-                                                         const std::vector<Fr>& inverse_vanishing_evals,
-                                                         const Fr& shplonk_batching_challenge,
-                                                         std::vector<Commitment>& commitments,
-                                                         std::vector<Fr>& scalars,
-                                                         Fr& constant_term_accumulator)
+    static void batch_gemini_claims_received_from_prover(
+        [[maybe_unused]] const size_t log_circuit_size,
+        const std::vector<Commitment>& fold_commitments,
+        const std::vector<Fr>& gemini_evaluations,
+        const std::vector<Fr>& inverse_vanishing_evals, // from compute inverted gemini denominators
+        const Fr& shplonk_batching_challenge,
+        std::vector<Commitment>& commitments,
+        std::vector<Fr>& scalars,
+        Fr& constant_term_accumulator) // this gets modified only here so should be returned by this
     {
+
         // Initialize batching challenge as ν²
-        Fr current_batching_challenge = shplonk_batching_challenge * shplonk_batching_challenge;
-        for (size_t j = 0; j < log_circuit_size - 1; ++j) {
+        Fr current_batching_challenge = shplonk_batching_challenge.sqr();
+        for (size_t j = 0; j < CONST_PROOF_SIZE_LOG_N - 1; ++j) {
+            bool is_dummy_round = j >= (log_circuit_size - 1);
             // Compute the scaling factor  (ν²⁺ⁱ) / (z + r²⁽ⁱ⁺²⁾) for i = 0, … , d-2
             Fr scaling_factor = current_batching_challenge * inverse_vanishing_evals[j + 2];
-            // Place the scaling factor to the 'scalars' vector
-            scalars.emplace_back(-scaling_factor);
+
+            if constexpr (Curve::is_stdlib_type) {
+                auto builder = shplonk_batching_challenge.get_context();
+                // TODO(https://github.com/AztecProtocol/barretenberg/issues/1114): insecure!
+                stdlib::bool_t dummy_round = stdlib::bool_t(builder, is_dummy_round);
+                // Call fix witness
+                Fr zero = Fr(0);
+                zero.convert_constant_to_fixed_witness(builder);
+                scaling_factor = Fr::conditional_assign(dummy_round, zero, scaling_factor);
+            } else {
+                if (is_dummy_round) {
+                    scaling_factor = 0;
+                }
+            }
+
             // Add Aᵢ(−r²ⁱ) for i = 1, … , n-1 to the constant term accumulator
             constant_term_accumulator += scaling_factor * gemini_evaluations[j + 1];
             // Update the batching challenge
             current_batching_challenge *= shplonk_batching_challenge;
+
+            // Place the scaling factor to the 'scalars' vector
+            scalars.emplace_back(-scaling_factor);
             // Move com(Aᵢ) to the 'commitments' vector
             commitments.emplace_back(std::move(fold_commitments[j]));
         }
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
index b1aad152f59b..3ced4164e877 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
@@ -216,7 +216,8 @@ TYPED_TEST(ShpleminiTest, CorrectnessOfGeminiClaimBatching)
                                                                 scalars,
                                                                 expected_constant_term_accumulator);
 
-    EXPECT_EQ(commitments.size(), prover_commitments.size());
+    //
+    // EXPECT_EQ(commitments.size(), prover_commitments.size());
     // Compute the group element using the output of Shplemini method
     GroupElement shplemini_result = batch_mul_native(commitments, scalars);
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp
index f8db79c9a2a2..576a20499905 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp
@@ -31,7 +31,7 @@ template <typename Curve> class ShplonkProver_ {
 
   public:
     /**
-     * @brief Compute batched quotient polynomial Q(X) = ∑ⱼ ρʲ ⋅ ( fⱼ(X) − vⱼ) / ( X − xⱼ )
+     * @brief Compute batched quotient polynomial Q(X) = ∑ⱼ νʲ ⋅ ( fⱼ(X) − vⱼ) / ( X − xⱼ )
      *
      * @param opening_claims list of prover opening claims {fⱼ(X), (xⱼ, vⱼ)} for a witness polynomial fⱼ(X), s.t. fⱼ(xⱼ)
      * = vⱼ.
@@ -45,7 +45,7 @@ template <typename Curve> class ShplonkProver_ {
         for (const auto& claim : opening_claims) {
             max_poly_size = std::max(max_poly_size, claim.polynomial.size());
         }
-        // Q(X) = ∑ⱼ ρʲ ⋅ ( fⱼ(X) − vⱼ) / ( X − xⱼ )
+        // Q(X) = ∑ⱼ νʲ ⋅ ( fⱼ(X) − vⱼ) / ( X − xⱼ )
         Polynomial Q(max_poly_size);
         Polynomial tmp(max_poly_size);
 
@@ -71,7 +71,7 @@ template <typename Curve> class ShplonkProver_ {
      *
      * @param opening_pairs list of opening pairs (xⱼ, vⱼ) for a witness polynomial fⱼ(X), s.t. fⱼ(xⱼ) = vⱼ.
      * @param witness_polynomials list of polynomials fⱼ(X).
-     * @param batched_quotient_Q Q(X) = ∑ⱼ ρʲ ⋅ ( fⱼ(X) − vⱼ) / ( X − xⱼ )
+     * @param batched_quotient_Q Q(X) = ∑ⱼ νʲ ⋅ ( fⱼ(X) − vⱼ) / ( X − xⱼ )
      * @param nu_challenge
      * @param z_challenge
      * @return Output{OpeningPair, Polynomial}
@@ -92,21 +92,21 @@ template <typename Curve> class ShplonkProver_ {
         }
         Fr::batch_invert(inverse_vanishing_evals);
 
-        // G(X) = Q(X) - Q_z(X) = Q(X) - ∑ⱼ ρʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ ),
+        // G(X) = Q(X) - Q_z(X) = Q(X) - ∑ⱼ νʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ ),
         // s.t. G(r) = 0
         Polynomial G(std::move(batched_quotient_Q)); // G(X) = Q(X)
 
-        // G₀ = ∑ⱼ ρʲ ⋅ vⱼ / ( r − xⱼ )
+        // G₀ = ∑ⱼ νʲ ⋅ vⱼ / ( r − xⱼ )
         Fr current_nu = Fr::one();
         Polynomial tmp(G.size());
         size_t idx = 0;
         for (const auto& claim : opening_claims) {
-            // tmp = ρʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )
+            // tmp = νʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )
             tmp = claim.polynomial;
             tmp.at(0) = tmp[0] - claim.opening_pair.evaluation;
-            Fr scaling_factor = current_nu * inverse_vanishing_evals[idx]; // = ρʲ / ( r − xⱼ )
+            Fr scaling_factor = current_nu * inverse_vanishing_evals[idx]; // = νʲ / ( r − xⱼ )
 
-            // G -= ρʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )
+            // G -= νʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )
             G.add_scaled(tmp, -scaling_factor);
 
             current_nu *= nu_challenge;
@@ -196,8 +196,8 @@ template <typename Curve> class ShplonkVerifier_ {
             std::vector<Commitment> commitments;
             std::vector<Fr> scalars;
 
-            // [G] = [Q] - ∑ⱼ ρʲ / ( r − xⱼ )⋅[fⱼ] + G₀⋅[1]
-            //     = [Q] - [∑ⱼ ρʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )]
+            // [G] = [Q] - ∑ⱼ νʲ / ( r − xⱼ )⋅[fⱼ] + G₀⋅[1]
+            //     = [Q] - [∑ⱼ νʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )]
             commitments.emplace_back(Q_commitment);
             scalars.emplace_back(Fr(builder, 1)); // Fr(1)
 
@@ -215,9 +215,9 @@ template <typename Curve> class ShplonkVerifier_ {
                 // (Cⱼ, xⱼ, vⱼ)
                 const auto& [opening_pair, commitment] = claims[j];
 
-                Fr scaling_factor = current_nu * inverse_vanishing_evals[j]; // = ρʲ / ( r − xⱼ )
+                Fr scaling_factor = current_nu * inverse_vanishing_evals[j]; // = νʲ / ( r − xⱼ )
 
-                // G₀ += ρʲ / ( r − xⱼ ) ⋅ vⱼ
+                // G₀ += νʲ / ( r − xⱼ ) ⋅ vⱼ
                 G_commitment_constant += scaling_factor * opening_pair.evaluation;
 
                 current_nu *= nu;
@@ -230,12 +230,12 @@ template <typename Curve> class ShplonkVerifier_ {
             commitments.emplace_back(g1_identity);
             scalars.emplace_back(G_commitment_constant);
 
-            // [G] += G₀⋅[1] = [G] + (∑ⱼ ρʲ ⋅ vⱼ / ( r − xⱼ ))⋅[1]
+            // [G] += G₀⋅[1] = [G] + (∑ⱼ νʲ ⋅ vⱼ / ( r − xⱼ ))⋅[1]
             G_commitment = GroupElement::batch_mul(commitments, scalars);
 
         } else {
-            // [G] = [Q] - ∑ⱼ ρʲ / ( r − xⱼ )⋅[fⱼ] + G₀⋅[1]
-            //     = [Q] - [∑ⱼ ρʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )]
+            // [G] = [Q] - ∑ⱼ νʲ / ( r − xⱼ )⋅[fⱼ] + G₀⋅[1]
+            //     = [Q] - [∑ⱼ νʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )]
             G_commitment = Q_commitment;
 
             // Compute {ẑⱼ(r)}ⱼ , where ẑⱼ(r) = 1/zⱼ(r) = 1/(r - xⱼ)
@@ -252,18 +252,18 @@ template <typename Curve> class ShplonkVerifier_ {
                 // (Cⱼ, xⱼ, vⱼ)
                 const auto& [opening_pair, commitment] = claims[j];
 
-                Fr scaling_factor = current_nu * inverse_vanishing_evals[j]; // = ρʲ / ( r − xⱼ )
+                Fr scaling_factor = current_nu * inverse_vanishing_evals[j]; // = νʲ / ( r − xⱼ )
 
-                // G₀ += ρʲ / ( r − xⱼ ) ⋅ vⱼ
+                // G₀ += νʲ / ( r − xⱼ ) ⋅ vⱼ
                 G_commitment_constant += scaling_factor * opening_pair.evaluation;
 
-                // [G] -= ρʲ / ( r − xⱼ )⋅[fⱼ]
+                // [G] -= νʲ / ( r − xⱼ )⋅[fⱼ]
                 G_commitment -= commitment * scaling_factor;
 
                 current_nu *= nu;
             }
 
-            // [G] += G₀⋅[1] = [G] + (∑ⱼ ρʲ ⋅ vⱼ / ( r − xⱼ ))⋅[1]
+            // [G] += G₀⋅[1] = [G] + (∑ⱼ νʲ ⋅ vⱼ / ( r − xⱼ ))⋅[1]
             G_commitment += g1_identity * G_commitment_constant;
         }
 
@@ -273,7 +273,7 @@ template <typename Curve> class ShplonkVerifier_ {
     /**
      * @brief Computes \f$ \frac{1}{z - r}, \frac{1}{z+r}, \ldots, \frac{1}{z+r^{2^{d-1}}} \f$.
      *
-     * @param log_circuit_size \f$ d \f$
+     * @param num_gemini_claims \f$ d + 1 \f$ where d = log_circuit_size
      * @param shplonk_eval_challenge \f$ z \f$
      * @param gemini_eval_challenge_powers \f$ (r , r^2, \ldots, r^{2^{d-1}}) \f$
      * @return \f[ \left( \frac{1}{z - r}, \frac{1}{z+r}, \ldots, \frac{1}{z+r^{2^{d-1}}} \right) \f]
@@ -284,9 +284,26 @@ template <typename Curve> class ShplonkVerifier_ {
     {
         std::vector<Fr> inverted_denominators;
         inverted_denominators.reserve(num_gemini_claims);
+        info(num_gemini_claims);
         inverted_denominators.emplace_back((shplonk_eval_challenge - gemini_eval_challenge_powers[0]).invert());
+        size_t i = 0;
         for (const auto& gemini_eval_challenge_power : gemini_eval_challenge_powers) {
-            inverted_denominators.emplace_back((shplonk_eval_challenge + gemini_eval_challenge_power).invert());
+            bool is_dummy_round = i > num_gemini_claims;
+            Fr round_inverted_denominator = (shplonk_eval_challenge + gemini_eval_challenge_power).invert();
+            if constexpr (Curve::is_stdlib_type) {
+                auto builder = shplonk_eval_challenge.get_context();
+                // TODO(https://github.com/AztecProtocol/barretenberg/issues/1114): insecure!
+                stdlib::bool_t dummy_round = stdlib::bool_t(builder, is_dummy_round);
+                Fr zero = Fr(0);
+                zero.convert_constant_to_fixed_witness(builder);
+                round_inverted_denominator = Fr::conditional_assign(dummy_round, zero, round_inverted_denominator);
+            } else {
+                if (is_dummy_round) {
+                    round_inverted_denominator = 0;
+                }
+            }
+            inverted_denominators.emplace_back(round_inverted_denominator);
+            i++;
         }
         return inverted_denominators;
     }
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
index e1ee3b92fcdf..33bfade2b354 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
@@ -526,7 +526,7 @@ template <typename Curve> class ZeroMorphVerifier_ {
             scalar *= FF(-1);
             if constexpr (Curve::is_stdlib_type) {
                 auto builder = x_challenge.get_context();
-                FF zero = FF::from_witness(builder, 0);
+                FF zero = FF(0);
                 stdlib::bool_t dummy_round = stdlib::witness_t(builder, is_dummy_round);
                 // TODO(https://github.com/AztecProtocol/barretenberg/issues/1039): is it kosher to reassign like this?
                 scalar = FF::conditional_assign(dummy_round, zero, scalar);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
index 1398cefe7e84..e744f656abcc 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
@@ -1,4 +1,5 @@
 #include "barretenberg/commitment_schemes/shplonk/shplemini.hpp"
+#include "../commitment_schemes/commitment_key.test.hpp"
 #include "barretenberg/circuit_checker/circuit_checker.hpp"
 #include "barretenberg/commitment_schemes/commitment_key.test.hpp"
 #include "barretenberg/commitment_schemes/gemini/gemini.hpp"
@@ -10,6 +11,7 @@
 #include "barretenberg/stdlib/primitives/curves/grumpkin.hpp"
 #include "barretenberg/stdlib/transcript/transcript.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_circuit_builder.hpp"
+
 #include <gtest/gtest.h>
 
 using namespace bb;
@@ -40,8 +42,8 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
     using Polynomial = bb::Polynomial<NativeFr>;
     using Transcript = bb::BaseTranscript<bb::stdlib::recursion::honk::StdlibTranscriptParams<Builder>>;
 
-    constexpr size_t N = 16;
-    constexpr size_t log_circuit_size = 4;
+    constexpr size_t N = 8192;
+    constexpr size_t log_circuit_size = 13;
     constexpr size_t NUM_UNSHIFTED = 2;
     constexpr size_t NUM_SHIFTED = 1;
 
@@ -73,7 +75,7 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
 
     // Compute commitments [f_i]
     std::vector<NativeCommitment> f_commitments;
-    auto commitment_key = std::make_shared<CommitmentKey>(4096);
+    auto commitment_key = std::make_shared<CommitmentKey>(16384);
     for (size_t i = 0; i < NUM_UNSHIFTED; ++i) {
         f_commitments.emplace_back(commitment_key->commit(f_polynomials[i]));
     }
@@ -87,11 +89,11 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
     auto prover_transcript = NativeTranscript::prover_init_empty();
     auto prover_opening_claims = ShpleminiProver::prove(
         N, RefVector(f_polynomials), RefVector(g_polynomials), u_challenge, commitment_key, prover_transcript);
-
+    KZG<NativeCurve>::compute_opening_proof(commitment_key, prover_opening_claims, prover_transcript);
     Builder builder;
     StdlibProof<Builder> stdlib_proof = bb::convert_proof_to_witness(&builder, prover_transcript->proof_data);
     auto stdlib_verifier_transcript = std::make_shared<Transcript>(stdlib_proof);
-    [[maybe_unused]] auto _ = stdlib_verifier_transcript->template receive_from_prover<Fr>("Init");
+    stdlib_verifier_transcript->template receive_from_prover<Fr>("Init");
 
     // Execute Verifier protocol without the need for vk prior the final check
     const auto commitments_to_witnesses = [&builder](const auto& commitments) {
@@ -117,17 +119,29 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
     auto stdlib_v_evaluations = elements_to_witness(v_evaluations);
     auto stdlib_w_evaluations = elements_to_witness(w_evaluations);
 
-    std::vector<Fr> u_challenge_in_circuit = elements_to_witness(u_challenge);
-
-    [[maybe_unused]] auto opening_claim =
-        ShpleminiVerifier::compute_batch_opening_claim(Fr::from_witness(&builder, N),
-                                                       RefVector(stdlib_f_commitments),
-                                                       RefVector(stdlib_g_commitments),
-                                                       RefVector(stdlib_v_evaluations),
-                                                       RefVector(stdlib_w_evaluations),
-                                                       u_challenge_in_circuit,
-                                                       Commitment::one(&builder),
-                                                       stdlib_verifier_transcript);
+    std::vector<Fr> u_challenge_in_circuit;
+    u_challenge_in_circuit.reserve(CONST_PROOF_SIZE_LOG_N);
+    std::transform(u_challenge.begin(),
+                   u_challenge.end(),
+                   std::back_inserter(u_challenge_in_circuit),
+                   [&builder](const NativeFr u) { return Fr::from_witness(&builder, u); });
+    std::generate_n(std::back_inserter(u_challenge_in_circuit), CONST_PROOF_SIZE_LOG_N - log_circuit_size, [&builder] {
+        Fr zero = Fr(0);
+        zero.convert_constant_to_fixed_witness(&builder);
+        return zero;
+    });
 
+    auto opening_claim = ShpleminiVerifier::compute_batch_opening_claim(Fr::from_witness(&builder, N),
+                                                                        RefVector(stdlib_f_commitments),
+                                                                        RefVector(stdlib_g_commitments),
+                                                                        RefVector(stdlib_v_evaluations),
+                                                                        RefVector(stdlib_w_evaluations),
+                                                                        u_challenge_in_circuit,
+                                                                        Commitment::one(&builder),
+                                                                        stdlib_verifier_transcript);
+    auto pairing_points = KZG<Curve>::reduce_verify_batch_opening_claim(opening_claim, stdlib_verifier_transcript);
     EXPECT_TRUE(CircuitChecker::check(builder));
+
+    auto vk = std::make_shared<VerifierCommitmentKey<NativeCurve>>();
+    EXPECT_EQ(vk->pairing_check(pairing_points[0].get_value(), pairing_points[1].get_value()), true);
 }
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
index 5c6f22d6af4e..ffcbfb05ec77 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
@@ -17,7 +17,7 @@ template <class PCS> class ZeroMorphRecursionTest : public CommitmentTest<typena
 numeric::RNG& engine = numeric::get_debug_randomness();
 
 /**
- * @brief Test full Prover/Verifier protocol for proving single multilinear evaluation
+ * @brief Test full Prover/Verifier protocol for proving single multilinear evaluation.
  *
  */
 TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
@@ -38,8 +38,8 @@ TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
     using ZeroMorphVerifier = ZeroMorphVerifier_<Curve>;
     using Transcript = bb::BaseTranscript<bb::stdlib::recursion::honk::StdlibTranscriptParams<Builder>>;
 
-    constexpr size_t N = 8;
-    constexpr size_t LOG_N = 3;
+    constexpr size_t N = 16;
+    constexpr size_t LOG_N = 4;
     constexpr size_t NUM_UNSHIFTED = 2;
     constexpr size_t NUM_SHIFTED = 1;
 
diff --git a/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp b/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp
index d42eb4a4fc5a..b249ac34fbeb 100644
--- a/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp
+++ b/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp
@@ -738,6 +738,7 @@ template <typename Flavor> class SumcheckVerifier {
 
             if constexpr (IsRecursiveFlavor<Flavor>) {
                 typename Flavor::CircuitBuilder* builder = round_challenge.get_context();
+                // TODO(https://github.com/AztecProtocol/barretenberg/issues/1114): insecure!
                 stdlib::bool_t dummy_round = stdlib::witness_t(builder, round_idx >= multivariate_d);
                 bool checked = round.check_sum(round_univariate, dummy_round);
                 // Only utilize the checked value if this is not a constant proof size padding round

From 17875431e1fa59d9cf007e57805a6997caa0dfaf Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Thu, 26 Sep 2024 14:46:10 +0000
Subject: [PATCH 22/25] cleanup

---
 barretenberg/acir_tests/sol-test/src/index.js |  5 ---
 .../circuit_checker/ultra_circuit_checker.cpp |  1 -
 .../commitment_schemes/gemini/gemini.hpp      |  2 +-
 .../commitment_schemes/shplonk/shplemini.hpp  | 19 +++++-----
 .../shplonk/shplemini.test.cpp                |  2 --
 .../commitment_schemes/shplonk/shplonk.hpp    | 36 +++++++++----------
 .../zeromorph/zeromorph.hpp                   |  1 +
 .../shplemini.test.cpp                        |  9 +----
 .../zeromorph.test.cpp                        |  2 +-
 .../src/barretenberg/sumcheck/sumcheck.hpp    |  1 -
 .../ultra_honk/decider_verifier.hpp           |  1 -
 .../ultra_honk/ultra_honk.test.cpp            |  1 -
 .../sol/src/honk/instance/Add2Honk.sol        |  3 +-
 13 files changed, 31 insertions(+), 52 deletions(-)

diff --git a/barretenberg/acir_tests/sol-test/src/index.js b/barretenberg/acir_tests/sol-test/src/index.js
index d9211ffce3b3..dc510d440acf 100644
--- a/barretenberg/acir_tests/sol-test/src/index.js
+++ b/barretenberg/acir_tests/sol-test/src/index.js
@@ -3,11 +3,6 @@ const { readFileSync, promises: fsPromises } = fs;
 import { spawn } from "child_process";
 import { ethers } from "ethers";
 import solc from "solc";
-<<<<<<< HEAD
-import linker from "solc/linker.js";
-import { info } from "console";
-=======
->>>>>>> origin/master
 
 const NUMBER_OF_FIELDS_IN_PLONK_PROOF = 93;
 // TODO(https://github.com/AztecProtocol/barretenberg/issues/1093): This is the size of the proof up to Sumcheck, without public inputs, as the Honk contract does not currently have a PCS.
diff --git a/barretenberg/cpp/src/barretenberg/circuit_checker/ultra_circuit_checker.cpp b/barretenberg/cpp/src/barretenberg/circuit_checker/ultra_circuit_checker.cpp
index 64bf61da9e33..ad032fd2840f 100644
--- a/barretenberg/cpp/src/barretenberg/circuit_checker/ultra_circuit_checker.cpp
+++ b/barretenberg/cpp/src/barretenberg/circuit_checker/ultra_circuit_checker.cpp
@@ -20,7 +20,6 @@ template <typename Builder> bool UltraCircuitChecker::check(const Builder& build
     // Create a copy of the input circuit and finalize it
     Builder builder{ builder_in };
     builder.finalize_circuit();
-    info(builder.num_gates);
 
     // Construct a hash table for lookup table entries to efficiently determine if a lookup gate is valid
     LookupHashTable lookup_hash_table;
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
index f6ec5b49eadc..f6b8692e167d 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
@@ -328,6 +328,6 @@ template <typename Curve> class GeminiVerifier_ {
 
         return { C0_r_pos, C0_r_neg };
     }
-}; // namespace bb
+};
 
 } // namespace bb
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
index 50e5ec370eef..e39b61292a3d 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp
@@ -154,7 +154,6 @@ template <typename Curve> class ShpleminiVerifier_ {
             scalars.emplace_back(Fr(1));
         }
         // Compute 1/(z − r), 1/(z + r), 1/(z + r²), … , 1/(z + r²⁽ⁿ⁻¹⁾) needed for Shplonk batching
-        // THIS NEEDS WORK, we need CONST_PROOF_SI~Z
         const std::vector<Fr> inverse_vanishing_evals = ShplonkVerifier::compute_inverted_gemini_denominators(
             log_circuit_size + 1, shplonk_evaluation_challenge, gemini_eval_challenge_powers);
 
@@ -326,15 +325,14 @@ template <typename Curve> class ShpleminiVerifier_ {
      * @param scalars Output vector where the computed scalars will be stored.
      * @param constant_term_accumulator The accumulator for the summands of the constant term.
      */
-    static void batch_gemini_claims_received_from_prover(
-        [[maybe_unused]] const size_t log_circuit_size,
-        const std::vector<Commitment>& fold_commitments,
-        const std::vector<Fr>& gemini_evaluations,
-        const std::vector<Fr>& inverse_vanishing_evals, // from compute inverted gemini denominators
-        const Fr& shplonk_batching_challenge,
-        std::vector<Commitment>& commitments,
-        std::vector<Fr>& scalars,
-        Fr& constant_term_accumulator) // this gets modified only here so should be returned by this
+    static void batch_gemini_claims_received_from_prover(const size_t log_circuit_size,
+                                                         const std::vector<Commitment>& fold_commitments,
+                                                         const std::vector<Fr>& gemini_evaluations,
+                                                         const std::vector<Fr>& inverse_vanishing_evals,
+                                                         const Fr& shplonk_batching_challenge,
+                                                         std::vector<Commitment>& commitments,
+                                                         std::vector<Fr>& scalars,
+                                                         Fr& constant_term_accumulator)
     {
 
         // Initialize batching challenge as ν²
@@ -348,7 +346,6 @@ template <typename Curve> class ShpleminiVerifier_ {
                 auto builder = shplonk_batching_challenge.get_context();
                 // TODO(https://github.com/AztecProtocol/barretenberg/issues/1114): insecure!
                 stdlib::bool_t dummy_round = stdlib::bool_t(builder, is_dummy_round);
-                // Call fix witness
                 Fr zero = Fr(0);
                 zero.convert_constant_to_fixed_witness(builder);
                 scaling_factor = Fr::conditional_assign(dummy_round, zero, scaling_factor);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
index 3ced4164e877..557393601796 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.test.cpp
@@ -216,8 +216,6 @@ TYPED_TEST(ShpleminiTest, CorrectnessOfGeminiClaimBatching)
                                                                 scalars,
                                                                 expected_constant_term_accumulator);
 
-    //
-    // EXPECT_EQ(commitments.size(), prover_commitments.size());
     // Compute the group element using the output of Shplemini method
     GroupElement shplemini_result = batch_mul_native(commitments, scalars);
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp
index 3b46eae6b10b..46cc2c51d07a 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp
@@ -96,17 +96,17 @@ template <typename Curve> class ShplonkProver_ {
         // s.t. G(r) = 0
         Polynomial G(std::move(batched_quotient_Q)); // G(X) = Q(X)
 
-        // G₀ = ∑ⱼ νʲ ⋅ vⱼ / ( r − xⱼ )
+        // G₀ = ∑ⱼ νʲ ⋅ vⱼ / ( z − xⱼ )
         Fr current_nu = Fr::one();
         Polynomial tmp(G.size());
         size_t idx = 0;
         for (const auto& claim : opening_claims) {
-            // tmp = νʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )
+            // tmp = νʲ ⋅ ( fⱼ(X) − vⱼ) / ( z − xⱼ )
             tmp = claim.polynomial;
             tmp.at(0) = tmp[0] - claim.opening_pair.evaluation;
-            Fr scaling_factor = current_nu * inverse_vanishing_evals[idx]; // = νʲ / ( r − xⱼ )
+            Fr scaling_factor = current_nu * inverse_vanishing_evals[idx]; // = νʲ / (z − xⱼ )
 
-            // G -= νʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )
+            // G -= νʲ ⋅ ( fⱼ(X) − vⱼ) / ( z − xⱼ )
             G.add_scaled(tmp, -scaling_factor);
 
             current_nu *= nu_challenge;
@@ -174,15 +174,15 @@ template <typename Curve> class ShplonkVerifier_ {
 
         const Fr z_challenge = transcript->template get_challenge<Fr>("Shplonk:z");
 
-        // [G] = [Q] - ∑ⱼ ρʲ / ( r − xⱼ )⋅[fⱼ] + G₀⋅[1]
-        //     = [Q] - [∑ⱼ ρʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )]
+        // [G] = [Q] - ∑ⱼ ρʲ / (z − xⱼ )⋅[fⱼ] + G₀⋅[1]
+        //     = [Q] - [∑ⱼ ρʲ ⋅ ( fⱼ(X) − vⱼ) / (z − xⱼ )]
         GroupElement G_commitment;
 
         // compute simulated commitment to [G] as a linear combination of
         // [Q], { [fⱼ] }, [1]:
         //  [G] = [Q] - ∑ⱼ (1/zⱼ(r))[Bⱼ]  + ( ∑ⱼ (1/zⱼ(r)) Tⱼ(r) )[1]
         //      = [Q] - ∑ⱼ (1/zⱼ(r))[Bⱼ]  +                    G₀ [1]
-        // G₀ = ∑ⱼ ρʲ ⋅ vⱼ / ( r − xⱼ )
+        // G₀ = ∑ⱼ ρʲ ⋅ vⱼ / (z − xⱼ )
         auto G_commitment_constant = Fr(0);
 
         // TODO(#673): The recursive and non-recursive (native) logic is completely separated via the following
@@ -196,8 +196,8 @@ template <typename Curve> class ShplonkVerifier_ {
             std::vector<Commitment> commitments;
             std::vector<Fr> scalars;
 
-            // [G] = [Q] - ∑ⱼ νʲ / ( r − xⱼ )⋅[fⱼ] + G₀⋅[1]
-            //     = [Q] - [∑ⱼ νʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )]
+            // [G] = [Q] - ∑ⱼ νʲ / (z − xⱼ )⋅[fⱼ] + G₀⋅[1]
+            //     = [Q] - [∑ⱼ νʲ ⋅ ( fⱼ(X) − vⱼ) / (z − xⱼ )]
             commitments.emplace_back(Q_commitment);
             scalars.emplace_back(Fr(builder, 1)); // Fr(1)
 
@@ -215,9 +215,9 @@ template <typename Curve> class ShplonkVerifier_ {
                 // (Cⱼ, xⱼ, vⱼ)
                 const auto& [opening_pair, commitment] = claims[j];
 
-                Fr scaling_factor = current_nu * inverse_vanishing_evals[j]; // = νʲ / ( r − xⱼ )
+                Fr scaling_factor = current_nu * inverse_vanishing_evals[j]; // = νʲ / (z − xⱼ )
 
-                // G₀ += νʲ / ( r − xⱼ ) ⋅ vⱼ
+                // G₀ += νʲ / (z − xⱼ ) ⋅ vⱼ
                 G_commitment_constant += scaling_factor * opening_pair.evaluation;
 
                 current_nu *= nu;
@@ -230,12 +230,12 @@ template <typename Curve> class ShplonkVerifier_ {
             commitments.emplace_back(g1_identity);
             scalars.emplace_back(G_commitment_constant);
 
-            // [G] += G₀⋅[1] = [G] + (∑ⱼ νʲ ⋅ vⱼ / ( r − xⱼ ))⋅[1]
+            // [G] += G₀⋅[1] = [G] + (∑ⱼ νʲ ⋅ vⱼ / (z − xⱼ ))⋅[1]
             G_commitment = GroupElement::batch_mul(commitments, scalars);
 
         } else {
-            // [G] = [Q] - ∑ⱼ νʲ / ( r − xⱼ )⋅[fⱼ] + G₀⋅[1]
-            //     = [Q] - [∑ⱼ νʲ ⋅ ( fⱼ(X) − vⱼ) / ( r − xⱼ )]
+            // [G] = [Q] - ∑ⱼ νʲ / (z − xⱼ )⋅[fⱼ] + G₀⋅[1]
+            //     = [Q] - [∑ⱼ νʲ ⋅ ( fⱼ(X) − vⱼ) / (z − xⱼ )]
             G_commitment = Q_commitment;
 
             // Compute {ẑⱼ(r)}ⱼ , where ẑⱼ(r) = 1/zⱼ(r) = 1/(r - xⱼ)
@@ -252,18 +252,18 @@ template <typename Curve> class ShplonkVerifier_ {
                 // (Cⱼ, xⱼ, vⱼ)
                 const auto& [opening_pair, commitment] = claims[j];
 
-                Fr scaling_factor = current_nu * inverse_vanishing_evals[j]; // = νʲ / ( r − xⱼ )
+                Fr scaling_factor = current_nu * inverse_vanishing_evals[j]; // = νʲ / (z − xⱼ )
 
-                // G₀ += νʲ / ( r − xⱼ ) ⋅ vⱼ
+                // G₀ += νʲ / (z − xⱼ ) ⋅ vⱼ
                 G_commitment_constant += scaling_factor * opening_pair.evaluation;
 
-                // [G] -= νʲ / ( r − xⱼ )⋅[fⱼ]
+                // [G] -= νʲ / (z − xⱼ )⋅[fⱼ]
                 G_commitment -= commitment * scaling_factor;
 
                 current_nu *= nu;
             }
 
-            // [G] += G₀⋅[1] = [G] + (∑ⱼ νʲ ⋅ vⱼ / ( r − xⱼ ))⋅[1]
+            // [G] += G₀⋅[1] = [G] + (∑ⱼ νʲ ⋅ vⱼ / (z − xⱼ ))⋅[1]
             G_commitment += g1_identity * G_commitment_constant;
         }
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
index 33bfade2b354..e7a59d8b3a01 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp
@@ -527,6 +527,7 @@ template <typename Curve> class ZeroMorphVerifier_ {
             if constexpr (Curve::is_stdlib_type) {
                 auto builder = x_challenge.get_context();
                 FF zero = FF(0);
+                zero.convert_constant_to_fixed_witness(builder);
                 stdlib::bool_t dummy_round = stdlib::witness_t(builder, is_dummy_round);
                 // TODO(https://github.com/AztecProtocol/barretenberg/issues/1039): is it kosher to reassign like this?
                 scalar = FF::conditional_assign(dummy_round, zero, scalar);
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
index 9e9ef6ff4816..51a9895c582e 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
@@ -1,9 +1,4 @@
 #include "barretenberg/commitment_schemes/shplonk/shplemini.hpp"
-<<<<<<< HEAD
-#include "../commitment_schemes/commitment_key.test.hpp"
-    == == ==
-    =
->>>>>>> origin/master
 #include "barretenberg/circuit_checker/circuit_checker.hpp"
 #include "barretenberg/commitment_schemes/commitment_key.test.hpp"
 #include "barretenberg/commitment_schemes/gemini/gemini.hpp"
@@ -16,9 +11,7 @@
 #include "barretenberg/stdlib/transcript/transcript.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_circuit_builder.hpp"
 
-#include <gtest/gtest.h>
-
-        using namespace bb;
+using namespace bb;
 
 template <class PCS> class ShpleminiRecursionTest : public CommitmentTest<typename PCS::Curve::NativeCurve> {};
 
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
index ffcbfb05ec77..60b26699ea99 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
@@ -17,7 +17,7 @@ template <class PCS> class ZeroMorphRecursionTest : public CommitmentTest<typena
 numeric::RNG& engine = numeric::get_debug_randomness();
 
 /**
- * @brief Test full Prover/Verifier protocol for proving single multilinear evaluation.
+ * @brief Test full Prover/Verifier protocol for proving single multilinear evaluation
  *
  */
 TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
diff --git a/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp b/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp
index b249ac34fbeb..ef46da4014c6 100644
--- a/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp
+++ b/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp
@@ -261,7 +261,6 @@ template <typename Flavor> class SumcheckProver {
             transcript->send_to_verifier("Sumcheck:univariate_" + std::to_string(idx), zero_univariate);
             FF round_challenge = transcript->template get_challenge<FF>("Sumcheck:u_" + std::to_string(idx));
             multivariate_challenge.emplace_back(round_challenge);
-            info(round_challenge);
         }
         // The evaluations of Libra uninvariates at \f$ g_0(u_0), \ldots, g_{d-1} (u_{d-1}) \f$ are added to the
         // transcript.
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.hpp
index a13bb168d6ed..b4d013a9fe4d 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.hpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/decider_verifier.hpp
@@ -1,5 +1,4 @@
 #pragma once
-#include "barretenberg/commitment_schemes/shplonk/shplemini.hpp"
 #include "barretenberg/honk/proof_system/types/proof.hpp"
 #include "barretenberg/srs/global_crs.hpp"
 #include "barretenberg/stdlib_circuit_builders/mega_flavor.hpp"
diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp
index 6ddd7d511fd8..62dfe74c9c1e 100644
--- a/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/ultra_honk/ultra_honk.test.cpp
@@ -62,7 +62,6 @@ TYPED_TEST(UltraHonkTests, ANonZeroPolynomialIsAGoodPolynomial)
     auto circuit_builder = UltraCircuitBuilder();
 
     auto proving_key = std::make_shared<typename TestFixture::DeciderProvingKey>(circuit_builder);
-    info(proving_key->proving_key.num_public_inputs);
     typename TestFixture::Prover prover(proving_key);
     auto proof = prover.construct_proof();
     auto& polynomials = proving_key->proving_key.polynomials;
diff --git a/barretenberg/sol/src/honk/instance/Add2Honk.sol b/barretenberg/sol/src/honk/instance/Add2Honk.sol
index a4afcb3626f1..a6eaec5afa81 100644
--- a/barretenberg/sol/src/honk/instance/Add2Honk.sol
+++ b/barretenberg/sol/src/honk/instance/Add2Honk.sol
@@ -16,7 +16,7 @@ import {
     CONST_PROOF_SIZE_LOG_N
 } from "../HonkTypes.sol";
 
-import {ecMul, logFr, ecAdd, ecSub, negateInplace, convertProofPoint} from "../utils.sol";
+import {ecMul, ecAdd, ecSub, negateInplace, convertProofPoint} from "../utils.sol";
 
 // Field arithmetic libraries - prevent littering the code with modmul / addmul
 import {MODULUS as P, MINUS_ONE, Fr, FrLib} from "../Fr.sol";
@@ -99,7 +99,6 @@ contract Add2HonkVerifier is IVerifier {
             if (!valid) revert SumcheckFailed();
 
             Fr roundChallenge = tp.sumCheckUChallenges[round];
-            logFr("round challenge: ", roundChallenge);
 
             // Update the round target for the next rounf
             roundTarget = computeNextTargetSum(roundUnivariate, roundChallenge);

From 07f358df10c7fb1c4ab5f5ee40fe1caa82615051 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Thu, 26 Sep 2024 15:17:46 +0000
Subject: [PATCH 23/25] better tests

---
 .../commitment_schemes/shplonk/shplonk.hpp    |   1 -
 .../shplemini.test.cpp                        | 194 +++++++++---------
 .../zeromorph.test.cpp                        |   4 +-
 3 files changed, 104 insertions(+), 95 deletions(-)

diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp
index 46cc2c51d07a..c5b4d8334b02 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp
@@ -284,7 +284,6 @@ template <typename Curve> class ShplonkVerifier_ {
     {
         std::vector<Fr> inverted_denominators;
         inverted_denominators.reserve(num_gemini_claims);
-        info(num_gemini_claims);
         inverted_denominators.emplace_back((shplonk_eval_challenge - gemini_eval_challenge_powers[0]).invert());
         size_t i = 0;
         for (const auto& gemini_eval_challenge_power : gemini_eval_challenge_powers) {
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
index 51a9895c582e..02e2de4e920d 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/shplemini.test.cpp
@@ -10,6 +10,7 @@
 #include "barretenberg/stdlib/primitives/curves/grumpkin.hpp"
 #include "barretenberg/stdlib/transcript/transcript.hpp"
 #include "barretenberg/stdlib_circuit_builders/ultra_circuit_builder.hpp"
+#include <gtest/gtest.h>
 
 using namespace bb;
 
@@ -18,7 +19,8 @@ template <class PCS> class ShpleminiRecursionTest : public CommitmentTest<typena
 numeric::RNG& shplemini_engine = numeric::get_debug_randomness();
 
 /**
- * @brief Test Recursive Verification for 2 multilinear polynomials and a shift of one of them
+ * @brief Test full recursive verification for 2 multilinear polynomials and a shift of one of them including pairing
+ * check and ensure that regardless of circuit size, recursive Shplemini produces the same number of gates.
  *
  */
 TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
@@ -39,106 +41,114 @@ TEST(ShpleminiRecursionTest, ProveAndVerifySingle)
     using Polynomial = bb::Polynomial<NativeFr>;
     using Transcript = bb::BaseTranscript<bb::stdlib::recursion::honk::StdlibTranscriptParams<Builder>>;
 
-    constexpr size_t N = 8192;
-    constexpr size_t log_circuit_size = 13;
-    constexpr size_t NUM_UNSHIFTED = 2;
-    constexpr size_t NUM_SHIFTED = 1;
-
     srs::init_crs_factory("../srs_db/ignition");
+    auto run_shplemini = [](size_t log_circuit_size) {
+        size_t N = 1 << log_circuit_size;
+        constexpr size_t NUM_UNSHIFTED = 2;
+        constexpr size_t NUM_SHIFTED = 1;
+        std::vector<NativeFr> u_challenge(log_circuit_size);
+        for (size_t idx = 0; idx < log_circuit_size; ++idx) {
+            u_challenge[idx] = NativeFr::random_element(&shplemini_engine);
+        };
+        // Construct some random multilinear polynomials f_i and their evaluations v_i = f_i(u)
+        std::vector<Polynomial> f_polynomials; // unshifted polynomials
+        std::vector<NativeFr> v_evaluations;
+        for (size_t i = 0; i < NUM_UNSHIFTED; ++i) {
+            f_polynomials.emplace_back(Polynomial::random(N, /*shiftable*/ 1));
+            v_evaluations.emplace_back(f_polynomials[i].evaluate_mle(u_challenge));
+        }
 
-    std::vector<NativeFr> u_challenge(log_circuit_size);
-    for (size_t idx = 0; idx < log_circuit_size; ++idx) {
-        u_challenge[idx] = NativeFr::random_element(&shplemini_engine);
-    };
-    // Construct some random multilinear polynomials f_i and their evaluations v_i = f_i(u)
-    std::vector<Polynomial> f_polynomials; // unshifted polynomials
-    std::vector<NativeFr> v_evaluations;
-    for (size_t i = 0; i < NUM_UNSHIFTED; ++i) {
-        f_polynomials.emplace_back(Polynomial::random(N, /*shiftable*/ 1));
-        v_evaluations.emplace_back(f_polynomials[i].evaluate_mle(u_challenge));
-    }
+        // Construct some "shifted" multilinear polynomials h_i as the left-shift-by-1 of f_i
+        std::vector<Polynomial> g_polynomials; // to-be-shifted polynomials
+        std::vector<Polynomial> h_polynomials; // shifts of the to-be-shifted polynomials
+        std::vector<NativeFr> w_evaluations;
+        if constexpr (NUM_SHIFTED > 0) {
+            for (size_t i = 0; i < NUM_SHIFTED; ++i) {
+                g_polynomials.emplace_back(f_polynomials[i]);
+                h_polynomials.emplace_back(g_polynomials[i].shifted());
+                w_evaluations.emplace_back(f_polynomials[i].evaluate_mle(u_challenge, true));
+            }
+        }
 
-    // Construct some "shifted" multilinear polynomials h_i as the left-shift-by-1 of f_i
-    std::vector<Polynomial> g_polynomials; // to-be-shifted polynomials
-    std::vector<Polynomial> h_polynomials; // shifts of the to-be-shifted polynomials
-    std::vector<NativeFr> w_evaluations;
-    if constexpr (NUM_SHIFTED > 0) {
+        // Compute commitments [f_i]
+        std::vector<NativeCommitment> f_commitments;
+        auto commitment_key = std::make_shared<CommitmentKey>(16384);
+        for (size_t i = 0; i < NUM_UNSHIFTED; ++i) {
+            f_commitments.emplace_back(commitment_key->commit(f_polynomials[i]));
+        }
+        // Construct container of commitments of the "to-be-shifted" polynomials [g_i] (= [f_i])
+        std::vector<NativeCommitment> g_commitments;
         for (size_t i = 0; i < NUM_SHIFTED; ++i) {
-            g_polynomials.emplace_back(f_polynomials[i]);
-            h_polynomials.emplace_back(g_polynomials[i].shifted());
-            w_evaluations.emplace_back(f_polynomials[i].evaluate_mle(u_challenge, true));
+            g_commitments.emplace_back(f_commitments[i]);
         }
-    }
 
-    // Compute commitments [f_i]
-    std::vector<NativeCommitment> f_commitments;
-    auto commitment_key = std::make_shared<CommitmentKey>(16384);
-    for (size_t i = 0; i < NUM_UNSHIFTED; ++i) {
-        f_commitments.emplace_back(commitment_key->commit(f_polynomials[i]));
-    }
-    // Construct container of commitments of the "to-be-shifted" polynomials [g_i] (= [f_i])
-    std::vector<NativeCommitment> g_commitments;
-    for (size_t i = 0; i < NUM_SHIFTED; ++i) {
-        g_commitments.emplace_back(f_commitments[i]);
-    }
+        // Initialize an empty NativeTranscript
+        auto prover_transcript = NativeTranscript::prover_init_empty();
+        auto prover_opening_claims = ShpleminiProver::prove(
+            N, RefVector(f_polynomials), RefVector(g_polynomials), u_challenge, commitment_key, prover_transcript);
+        KZG<NativeCurve>::compute_opening_proof(commitment_key, prover_opening_claims, prover_transcript);
+        Builder builder;
+        StdlibProof<Builder> stdlib_proof = bb::convert_proof_to_witness(&builder, prover_transcript->proof_data);
+        auto stdlib_verifier_transcript = std::make_shared<Transcript>(stdlib_proof);
+        stdlib_verifier_transcript->template receive_from_prover<Fr>("Init");
 
-    // Initialize an empty NativeTranscript
-    auto prover_transcript = NativeTranscript::prover_init_empty();
-    auto prover_opening_claims = ShpleminiProver::prove(
-        N, RefVector(f_polynomials), RefVector(g_polynomials), u_challenge, commitment_key, prover_transcript);
-    KZG<NativeCurve>::compute_opening_proof(commitment_key, prover_opening_claims, prover_transcript);
-    Builder builder;
-    StdlibProof<Builder> stdlib_proof = bb::convert_proof_to_witness(&builder, prover_transcript->proof_data);
-    auto stdlib_verifier_transcript = std::make_shared<Transcript>(stdlib_proof);
-    stdlib_verifier_transcript->template receive_from_prover<Fr>("Init");
+        // Execute Verifier protocol without the need for vk prior the final check
+        const auto commitments_to_witnesses = [&builder](const auto& commitments) {
+            std::vector<Commitment> commitments_in_biggroup(commitments.size());
+            std::transform(commitments.begin(),
+                           commitments.end(),
+                           commitments_in_biggroup.begin(),
+                           [&builder](const auto& native_commitment) {
+                               return Commitment::from_witness(&builder, native_commitment);
+                           });
+            return commitments_in_biggroup;
+        };
+        const auto elements_to_witness = [&](const auto& elements) {
+            std::vector<Fr> elements_in_circuit(elements.size());
+            std::transform(
+                elements.begin(), elements.end(), elements_in_circuit.begin(), [&builder](const auto& native_element) {
+                    return Fr::from_witness(&builder, native_element);
+                });
+            return elements_in_circuit;
+        };
+        auto stdlib_f_commitments = commitments_to_witnesses(f_commitments);
+        auto stdlib_g_commitments = commitments_to_witnesses(g_commitments);
+        auto stdlib_v_evaluations = elements_to_witness(v_evaluations);
+        auto stdlib_w_evaluations = elements_to_witness(w_evaluations);
 
-    // Execute Verifier protocol without the need for vk prior the final check
-    const auto commitments_to_witnesses = [&builder](const auto& commitments) {
-        std::vector<Commitment> commitments_in_biggroup(commitments.size());
-        std::transform(commitments.begin(),
-                       commitments.end(),
-                       commitments_in_biggroup.begin(),
-                       [&builder](const auto& native_commitment) {
-                           return Commitment::from_witness(&builder, native_commitment);
-                       });
-        return commitments_in_biggroup;
-    };
-    const auto elements_to_witness = [&](const auto& elements) {
-        std::vector<Fr> elements_in_circuit(elements.size());
-        std::transform(elements.begin(),
-                       elements.end(),
-                       elements_in_circuit.begin(),
-                       [&builder](const auto& native_element) { return Fr::from_witness(&builder, native_element); });
-        return elements_in_circuit;
-    };
-    auto stdlib_f_commitments = commitments_to_witnesses(f_commitments);
-    auto stdlib_g_commitments = commitments_to_witnesses(g_commitments);
-    auto stdlib_v_evaluations = elements_to_witness(v_evaluations);
-    auto stdlib_w_evaluations = elements_to_witness(w_evaluations);
+        std::vector<Fr> u_challenge_in_circuit;
+        u_challenge_in_circuit.reserve(CONST_PROOF_SIZE_LOG_N);
+        auto u_iter = u_challenge.begin();
+
+        std::generate_n(std::back_inserter(u_challenge_in_circuit), CONST_PROOF_SIZE_LOG_N, [&] {
+            // We still need to do the same
+            Fr zero = Fr(0);
+            zero.convert_constant_to_fixed_witness(&builder);
+            if (u_iter < u_challenge.end()) {
+                return Fr::from_witness(&builder, *u_iter++);
+            }
+            return zero;
+        });
 
-    std::vector<Fr> u_challenge_in_circuit;
-    u_challenge_in_circuit.reserve(CONST_PROOF_SIZE_LOG_N);
-    std::transform(u_challenge.begin(),
-                   u_challenge.end(),
-                   std::back_inserter(u_challenge_in_circuit),
-                   [&builder](const NativeFr u) { return Fr::from_witness(&builder, u); });
-    std::generate_n(std::back_inserter(u_challenge_in_circuit), CONST_PROOF_SIZE_LOG_N - log_circuit_size, [&builder] {
-        Fr zero = Fr(0);
-        zero.convert_constant_to_fixed_witness(&builder);
-        return zero;
-    });
+        auto opening_claim = ShpleminiVerifier::compute_batch_opening_claim(Fr::from_witness(&builder, N),
+                                                                            RefVector(stdlib_f_commitments),
+                                                                            RefVector(stdlib_g_commitments),
+                                                                            RefVector(stdlib_v_evaluations),
+                                                                            RefVector(stdlib_w_evaluations),
+                                                                            u_challenge_in_circuit,
+                                                                            Commitment::one(&builder),
+                                                                            stdlib_verifier_transcript);
+        auto pairing_points = KZG<Curve>::reduce_verify_batch_opening_claim(opening_claim, stdlib_verifier_transcript);
+        EXPECT_TRUE(CircuitChecker::check(builder));
 
-    auto opening_claim = ShpleminiVerifier::compute_batch_opening_claim(Fr::from_witness(&builder, N),
-                                                                        RefVector(stdlib_f_commitments),
-                                                                        RefVector(stdlib_g_commitments),
-                                                                        RefVector(stdlib_v_evaluations),
-                                                                        RefVector(stdlib_w_evaluations),
-                                                                        u_challenge_in_circuit,
-                                                                        Commitment::one(&builder),
-                                                                        stdlib_verifier_transcript);
-    auto pairing_points = KZG<Curve>::reduce_verify_batch_opening_claim(opening_claim, stdlib_verifier_transcript);
-    EXPECT_TRUE(CircuitChecker::check(builder));
+        auto vk = std::make_shared<VerifierCommitmentKey<NativeCurve>>();
+        EXPECT_EQ(vk->pairing_check(pairing_points[0].get_value(), pairing_points[1].get_value()), true);
+
+        // Return finalised number of gates;
+        return builder.num_gates;
+    };
 
-    auto vk = std::make_shared<VerifierCommitmentKey<NativeCurve>>();
-    EXPECT_EQ(vk->pairing_check(pairing_points[0].get_value(), pairing_points[1].get_value()), true);
+    size_t num_gates_6 = run_shplemini(6);
+    size_t num_gates_13 = run_shplemini(13);
+    EXPECT_EQ(num_gates_6, num_gates_13);
 }
diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
index 60b26699ea99..5c6f22d6af4e 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes_recursion/zeromorph.test.cpp
@@ -38,8 +38,8 @@ TEST(ZeroMorphRecursionTest, ProveAndVerifySingle)
     using ZeroMorphVerifier = ZeroMorphVerifier_<Curve>;
     using Transcript = bb::BaseTranscript<bb::stdlib::recursion::honk::StdlibTranscriptParams<Builder>>;
 
-    constexpr size_t N = 16;
-    constexpr size_t LOG_N = 4;
+    constexpr size_t N = 8;
+    constexpr size_t LOG_N = 3;
     constexpr size_t NUM_UNSHIFTED = 2;
     constexpr size_t NUM_SHIFTED = 1;
 

From 56c7c4045233fd4a0011e4a6f3b3545aedff3202 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Thu, 26 Sep 2024 15:22:52 +0000
Subject: [PATCH 24/25] fix typo

---
 barretenberg/acir_tests/sol-test/src/index.js | 1 -
 1 file changed, 1 deletion(-)

diff --git a/barretenberg/acir_tests/sol-test/src/index.js b/barretenberg/acir_tests/sol-test/src/index.js
index dc510d440acf..25a25484ba6f 100644
--- a/barretenberg/acir_tests/sol-test/src/index.js
+++ b/barretenberg/acir_tests/sol-test/src/index.js
@@ -149,7 +149,6 @@ const readPublicInputs = (proofAsFields) => {
   const publicInputs = [];
   // Compute the number of public inputs, not accounted  for in the constant NUMBER_OF_FIELDS_IN_PROOF
   const numPublicInputs = proofAsFields.length - NUMBER_OF_FIELDS_IN_PROOF;
-  info(numPublicInputs);
   let publicInputsOffset = 0;
 
   // Honk proofs contain 3 pieces of metadata before the public inputs, while plonk does not

From 4ae0d4ec0afaccee2ea0867e8ffc43e39bcceb60 Mon Sep 17 00:00:00 2001
From: maramihali <mara@aztecprotocol.com>
Date: Thu, 26 Sep 2024 16:32:54 +0000
Subject: [PATCH 25/25] cleanup from PR review

---
 .../cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp  | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
index f6b8692e167d..61b0d36b5d39 100644
--- a/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
+++ b/barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini.hpp
@@ -173,7 +173,7 @@ template <typename Curve> class GeminiVerifier_ {
 
         // Get evaluations a_i, i = 0,...,m-1 from transcript
         const std::vector<Fr> evaluations = get_gemini_evaluations(num_variables, transcript);
-        // Compute evaluation of A₀(r)
+        // Compute evaluation A₀(r)
         auto a_0_pos = compute_gemini_batched_univariate_evaluation(
             num_variables, batched_evaluation, multilinear_challenge, r_squares, evaluations);
 
@@ -260,7 +260,6 @@ template <typename Curve> class GeminiVerifier_ {
             // Get uₗ₋₁
             const Fr& u = evaluation_point[l - 1];
             const Fr& eval_neg = evals[l - 1];
-            // Fr batched_eval_round_acc = batched_eval_accumulator;
             // Get A₍ₗ₋₁₎(−r²⁽ˡ⁻¹⁾)
             // Compute the numerator
             Fr batched_eval_round_acc =