From 574524b869c1c914e110f86f06a7a10c6c691b49 Mon Sep 17 00:00:00 2001 From: ledwards2225 <l.edwards.d@gmail.com> Date: Tue, 10 Oct 2023 20:06:28 +0000 Subject: [PATCH] cleanup --- .../composer/goblin_ultra_composer.test.cpp | 24 +++++++++---------- .../honk/pcs/zeromorph/zeromorph.hpp | 2 +- .../honk/proof_system/ultra_prover.cpp | 13 +++++----- .../honk/proof_system/ultra_verifier.cpp | 3 ++- 4 files changed, 22 insertions(+), 20 deletions(-) diff --git a/barretenberg/cpp/src/barretenberg/honk/composer/goblin_ultra_composer.test.cpp b/barretenberg/cpp/src/barretenberg/honk/composer/goblin_ultra_composer.test.cpp index dfde27a0e16d..584fb41d7a2e 100644 --- a/barretenberg/cpp/src/barretenberg/honk/composer/goblin_ultra_composer.test.cpp +++ b/barretenberg/cpp/src/barretenberg/honk/composer/goblin_ultra_composer.test.cpp @@ -136,7 +136,7 @@ TEST_F(GoblinUltraHonkComposerTests, MultipleCircuitsMergeOnly) auto composer = GoblinUltraComposer(); - // Construct and verify Goblin ECC op queue Merge its proof + // Construct and verify Goblin ECC op queue Merge proof auto merge_verified = construct_and_verify_merge_proof(composer, op_queue); EXPECT_TRUE(merge_verified); } @@ -196,21 +196,21 @@ TEST_F(GoblinUltraHonkComposerTests, MultipleCircuitsHonkAndMerge) auto honk_verified = construct_and_verify_honk_proof(composer, builder); EXPECT_TRUE(honk_verified); - // Construct and verify Goblin ECC op queue Merge its proof + // Construct and verify Goblin ECC op queue Merge proof auto merge_verified = construct_and_verify_merge_proof(composer, op_queue); EXPECT_TRUE(merge_verified); } - // // Compute the commitments to the aggregate op queue directly and check that they match those that were computed - // // iteratively during transcript aggregation by the provers and stored in the op queue. - // size_t aggregate_op_queue_size = op_queue->current_ultra_ops_size; - // auto crs_factory = std::make_shared<barretenberg::srs::factories::FileCrsFactory<Curve>>("../srs_db/ignition"); - // auto commitment_key = std::make_shared<CommitmentKey>(aggregate_op_queue_size, crs_factory); - // size_t idx = 0; - // for (auto& result : op_queue->ultra_ops_commitments) { - // auto expected = commitment_key->commit(op_queue->ultra_ops[idx++]); - // EXPECT_EQ(result, expected); - // } + // Compute the commitments to the aggregate op queue directly and check that they match those that were computed + // iteratively during transcript aggregation by the provers and stored in the op queue. + size_t aggregate_op_queue_size = op_queue->current_ultra_ops_size; + auto crs_factory = std::make_shared<barretenberg::srs::factories::FileCrsFactory<Curve>>("../srs_db/ignition"); + auto commitment_key = std::make_shared<CommitmentKey>(aggregate_op_queue_size, crs_factory); + size_t idx = 0; + for (auto& result : op_queue->ultra_ops_commitments) { + auto expected = commitment_key->commit(op_queue->ultra_ops[idx++]); + EXPECT_EQ(result, expected); + } } } // namespace test_ultra_honk_composer diff --git a/barretenberg/cpp/src/barretenberg/honk/pcs/zeromorph/zeromorph.hpp b/barretenberg/cpp/src/barretenberg/honk/pcs/zeromorph/zeromorph.hpp index 7b7596cf34be..4fb95d0b1ed0 100644 --- a/barretenberg/cpp/src/barretenberg/honk/pcs/zeromorph/zeromorph.hpp +++ b/barretenberg/cpp/src/barretenberg/honk/pcs/zeromorph/zeromorph.hpp @@ -342,7 +342,7 @@ template <typename Curve> class ZeroMorphVerifier_ { * @param g_commitments Commitments to to-be-shifted polynomials [g_i] * @param C_q_k Commitments to q_k * @param alpha - * @param batched_evaluation \sum_{i=0}^{m-1} f_i(u) + \sum_{i=0}^{l-1} h_i(u) + * @param batched_evaluation \sum_{i=0}^{m-1} \alpha^i*f_i(u) + \sum_{i=0}^{l-1} \alpha^{m+i}*h_i(u) * @param x_challenge * @param u_challenge multilinear challenge * @return Commitment diff --git a/barretenberg/cpp/src/barretenberg/honk/proof_system/ultra_prover.cpp b/barretenberg/cpp/src/barretenberg/honk/proof_system/ultra_prover.cpp index 2afe5464848b..e090401c42c9 100644 --- a/barretenberg/cpp/src/barretenberg/honk/proof_system/ultra_prover.cpp +++ b/barretenberg/cpp/src/barretenberg/honk/proof_system/ultra_prover.cpp @@ -108,8 +108,8 @@ template <UltraFlavor Flavor> void UltraProver_<Flavor>::execute_relation_check_ } /** - * - Get rho challenge - * - Compute d+1 Fold polynomials and their evaluations. + * @brief Execute the ZeroMorph protocol to prove the multilinear evaluations produced by Sumcheck + * @details See https://hackmd.io/dlf9xEwhTQyE3hiGbq4FsA?view for a complete description of the unrolled protocol. * * */ template <UltraFlavor Flavor> void UltraProver_<Flavor>::execute_zeromorph_rounds() @@ -124,7 +124,7 @@ template <UltraFlavor Flavor> void UltraProver_<Flavor>::execute_zeromorph_round // Extract challenge u and claimed multilinear evaluations from Sumcheck output std::span<FF> u_challenge = sumcheck_output.challenge; std::span<FF> claimed_evaluations = sumcheck_output.claimed_evaluations; - size_t log_N = u_challenge.size(); + size_t log_circuit_size = u_challenge.size(); // Compute batching of f_i and g_i polynomials: sum_{i=0}^{m-1}\alpha^i*f_i and // sum_{i=0}^{l-1}\alpha^{m+i}*h_i, and also batched evaluation v = sum_{i=0}^{m-1}\alpha^i*f_i(u) + @@ -145,7 +145,8 @@ template <UltraFlavor Flavor> void UltraProver_<Flavor>::execute_zeromorph_round ++poly_idx; }; - // The new f is f_batched + g_batched.shifted() = f_batched + h_batched + // Compute the full batched polynomial f = f_batched + g_batched.shifted() = f_batched + h_batched. This is the + // polynomial for which we compute the quotients q_k auto f_polynomial = f_batched; f_polynomial += g_batched.shifted(); @@ -154,8 +155,8 @@ template <UltraFlavor Flavor> void UltraProver_<Flavor>::execute_zeromorph_round // Compute and send commitments C_{q_k} = [q_k], k = 0,...,d-1 std::vector<Commitment> q_k_commitments; - q_k_commitments.reserve(log_N); - for (size_t idx = 0; idx < log_N; ++idx) { + q_k_commitments.reserve(log_circuit_size); + for (size_t idx = 0; idx < log_circuit_size; ++idx) { q_k_commitments[idx] = pcs_commitment_key->commit(quotients[idx]); std::string label = "ZM:C_q_" + std::to_string(idx); transcript.send_to_verifier(label, q_k_commitments[idx]); diff --git a/barretenberg/cpp/src/barretenberg/honk/proof_system/ultra_verifier.cpp b/barretenberg/cpp/src/barretenberg/honk/proof_system/ultra_verifier.cpp index f9d893e7bcc9..e6b28ef7197d 100644 --- a/barretenberg/cpp/src/barretenberg/honk/proof_system/ultra_verifier.cpp +++ b/barretenberg/cpp/src/barretenberg/honk/proof_system/ultra_verifier.cpp @@ -120,8 +120,9 @@ template <typename Flavor> bool UltraVerifier_<Flavor>::verify_proof(const plonk // Execute ZeroMorph rounds - // Compute powers of batching challenge rho FF rho = transcript.get_challenge("rho"); + + // Compute powers of batching challenge rho std::vector<FF> rhos = pcs::zeromorph::powers_of_challenge(rho, Flavor::NUM_ALL_ENTITIES); // Construct batched evaluation v = sum_{i=0}^{m-1}\alpha^i*v_i + sum_{i=0}^{l-1}\alpha^{m+i}*w_i