From 8a7c7da9af03fe92d686c519d3afb59efaa293e7 Mon Sep 17 00:00:00 2001 From: maramihali Date: Mon, 11 Sep 2023 09:56:12 +0000 Subject: [PATCH] more wip --- .../honk/composer/ultra_composer.cpp | 22 ++++++++-- .../honk/composer/ultra_composer.hpp | 5 +-- .../barretenberg/honk/instance/instance.hpp | 7 ++- .../honk/instance/verifier_instance.hpp | 5 +++ .../honk/proof_system/folding_result.hpp | 1 + .../honk/proof_system/protogalaxy_prover.cpp | 28 ++++++------ .../honk/proof_system/protogalaxy_prover.hpp | 15 +++++-- .../proof_system/protogalaxy_verifier.cpp | 43 ++++++++++++++++++- .../proof_system/protogalaxy_verifier.hpp | 16 +++++-- 9 files changed, 114 insertions(+), 28 deletions(-) diff --git a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/composer/ultra_composer.cpp b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/composer/ultra_composer.cpp index 40ce820bdf28..83c7366d3c29 100644 --- a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/composer/ultra_composer.cpp +++ b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/composer/ultra_composer.cpp @@ -34,16 +34,32 @@ template UltraVerifier_ UltraComposer_::cre } template -ProtoGalaxyProver_ UltraComposer_::create_folding_prover(std::vector instances) +ProtoGalaxyProver_ UltraComposer_::create_folding_prover( + std::vector> instances) { - for (size_t i = 0; i < instances.size(); i++) { - instances[i].index = i; + uint32_t idx = 0; + for (const auto& inst : instances) { + inst->index = idx; + idx++; } ProtoGalaxyProver_ output_state(instances); return output_state; } +template +ProtoGalaxyVerifier_ UltraComposer_::create_folding_verifier( + std::vector> instances) +{ + std::vector> vks; + for (const auto& inst : instances) { + vks.emplace_back(inst->compute_verification_key()); + } + ProtoGalaxyVerifier_ output_state(vks); + + return output_state; +} + template class UltraComposer_; template class UltraComposer_; template class UltraComposer_; diff --git a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/composer/ultra_composer.hpp b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/composer/ultra_composer.hpp index e676dc3fa142..f5476754870a 100644 --- a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/composer/ultra_composer.hpp +++ b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/composer/ultra_composer.hpp @@ -1,5 +1,4 @@ #pragma once - #include "barretenberg/honk/instance/instance.hpp" #include "barretenberg/honk/proof_system/protogalaxy_prover.hpp" #include "barretenberg/honk/proof_system/protogalaxy_verifier.hpp" @@ -75,8 +74,8 @@ template class UltraComposer_ { UltraProver_ create_prover(Instance&); UltraVerifier_ create_verifier(Instance&); - ProtoGalaxyProver_ create_folding_prover(std::vector); - ProtoGalaxyVerifier_ create_folding_verifier(std::vector); + ProtoGalaxyProver_ create_folding_prover(std::vector>); + ProtoGalaxyVerifier_ create_folding_verifier(std::vector>); }; extern template class UltraComposer_; // TODO: the UltraGrumpkin flavor still works on BN254 because plookup needs to be templated to be able to construct diff --git a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/instance/instance.hpp b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/instance/instance.hpp index aa8389cca352..a2230df10bb2 100644 --- a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/instance/instance.hpp +++ b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/instance/instance.hpp @@ -13,10 +13,11 @@ #include namespace proof_system::honk { // Need verifier instance as well -// An Instance is created from a Circuit and we initialise all the data structure that rely on information from a +// An Instance is created from a Circuit and we ini tialise all the data structure that rely on information from a // circuit Then a Prover and a Verifier is created from an Instance or several instances and each manages their own // polynomials // The responsability of a Prover is to commit, add to transcript while the Instance manages its polynomials +// TODO: we might wanna have a specialisaition of the Instance class for the Accumulator template class Instance_ { public: using Circuit = typename Flavor::CircuitBuilder; @@ -37,6 +38,10 @@ template class Instance_ { std::shared_ptr commitment_key; ProverPolynomials prover_polynomials; + + // After instances have been folded, the pub_inputs_offset will become irrelevant as it's used for computing the 4th + // wire polynomial and a folded instance does not care about wires anymore. + // Furthermore, folding limits us to having the same number of public inputs. std::vector public_inputs; size_t pub_inputs_offset; diff --git a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/instance/verifier_instance.hpp b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/instance/verifier_instance.hpp index 0ada88d70857..e647022be3ee 100644 --- a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/instance/verifier_instance.hpp +++ b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/instance/verifier_instance.hpp @@ -1,6 +1,9 @@ +#pragma once #include "barretenberg/proof_system/flavor/flavor.hpp" +#include "barretenberg/proof_system/relations/relation_parameters.hpp" namespace proof_system::honk { template class VerifierInstance_ { + public: using FF = typename Flavor::FF; using VerificationKey = typename Flavor::VerificationKey; using FoldingParameters = typename Flavor::FoldingParameters; @@ -8,7 +11,9 @@ template class VerifierInstance_ { std::shared_ptr verification_key; std::vector public_inputs; size_t pub_inputs_offset; + size_t public_input_size; size_t circuit_size; + RelationParameters relation_parameters; FoldingParameters folding_params; size_t index; }; diff --git a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/folding_result.hpp b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/folding_result.hpp index d8e5d4ab53a8..a504a515566c 100644 --- a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/folding_result.hpp +++ b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/folding_result.hpp @@ -1,3 +1,4 @@ +#pragma once #include "barretenberg/proof_system/flavor/flavor.hpp" namespace proof_system::honk { template struct ProverFoldingResult { diff --git a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_prover.cpp b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_prover.cpp index 36194da44134..ba70a46d0ed8 100644 --- a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_prover.cpp +++ b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_prover.cpp @@ -2,7 +2,7 @@ #include "barretenberg/proof_system/flavor/flavor.hpp" namespace proof_system::honk { template -ProtoGalaxyProver_::ProtoGalaxyProver_(std::vector insts) +ProtoGalaxyProver_::ProtoGalaxyProver_(std::vector> insts) : instances(insts) {} @@ -12,28 +12,32 @@ ProtoGalaxyProver_::ProtoGalaxyProver_(std::vector insts) // - add the relation parameters involved in computing the instances polynomials to the transcript template void ProtoGalaxyProver_::prepare_for_folding() { - for (const Instance& instance : instances) { - instance.initialise_prover_polynomials(); + for (const auto& instance : instances) { + instance->initialise_prover_polynomials(); - const auto instance_index = std::string(instance.index); - const auto circuit_size = static_cast(instance.proving_key->circuit_size); - const auto num_public_inputs = static_cast(instance.proving_key->num_public_inputs); + const auto instance_index = std::to_string(instance->index); + const auto circuit_size = static_cast(instance->proving_key->circuit_size); + const auto num_public_inputs = static_cast(instance->proving_key->num_public_inputs); transcript.send_to_verifier(instance_index + "_circuit_size", circuit_size); transcript.send_to_verifier(instance_index + "_public_input_size", num_public_inputs); - transcript.send_to_verifier(instance_index + "_pub_inputs_offset", - static_cast(instance.pub_inputs_offset)); + // transcript.send_to_verifier(instance_index + "_pub_inputs_offset", + // static_cast(instance.pub_inputs_offset)); - for (size_t i = 0; i < instance.proving_key->num_public_inputs; ++i) { - auto public_input_i = instance.public_inputs[i]; + for (size_t i = 0; i < instance->proving_key->num_public_inputs; ++i) { + auto public_input_i = instance->public_inputs[i]; transcript.send_to_verifier(instance_index + "_public_input_" + std::to_string(i), public_input_i); } auto eta = transcript.get_challenge(instance_index + "_eta"); - instance.compute_sorted_accumulator_polynomials(eta); + instance->compute_sorted_accumulator_polynomials(eta); auto [beta, gamma] = transcript.get_challenges(instance_index + "_beta", instance_index + "_gamma"); - instance.compute_grand_product_polynomials(beta, gamma); + instance->compute_grand_product_polynomials(beta, gamma); } } +template class ProtoGalaxyProver_; +template class ProtoGalaxyProver_; +template class ProtoGalaxyProver_; + } // namespace proof_system::honk \ No newline at end of file diff --git a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_prover.hpp b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_prover.hpp index 888599b4f6b5..a77f0d047125 100644 --- a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_prover.hpp +++ b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_prover.hpp @@ -1,6 +1,10 @@ +#pragma once +#include "barretenberg/honk/flavor/goblin_ultra.hpp" +#include "barretenberg/honk/flavor/ultra.hpp" +#include "barretenberg/honk/flavor/ultra_grumpkin.hpp" #include "barretenberg/honk/instance/instance.hpp" +#include "barretenberg/honk/proof_system/folding_result.hpp" #include "barretenberg/proof_system/flavor/flavor.hpp" -#include "barretenberg/proof_system/folding_result.hpp" namespace proof_system::honk { template class ProtoGalaxyProver_ { public: @@ -8,16 +12,19 @@ template class ProtoGalaxyProver_ { using Instance = Instance_; using ProverPolynomials = typename Flavor::ProverPolynomials; - std::vector instances; + std::vector> instances; ProverTranscript transcript; - explicit ProtoGalaxyProver_(std::vector); + explicit ProtoGalaxyProver_(std::vector>); void prepare_for_folding(); - // TODO: implement this function ProverFoldingResult fold_instances(); }; + +extern template class ProtoGalaxyProver_; +extern template class ProtoGalaxyProver_; +extern template class ProtoGalaxyProver_; // the folding prover returns the new prover polynomials and the new public inputs(does the verifier do anything) } // namespace proof_system::honk \ No newline at end of file diff --git a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_verifier.cpp b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_verifier.cpp index c9bd7e2b2a0c..ca0507df274c 100644 --- a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_verifier.cpp +++ b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_verifier.cpp @@ -1,9 +1,48 @@ #include "protogalaxy_verifier.hpp" +#include "barretenberg/honk/utils/grand_product_delta.hpp" namespace proof_system::honk { template -ProtoGalaxyVerifier_::ProtoGalaxyVerifier_(std::vector vks, std::vector proof_data) +ProtoGalaxyVerifier_::ProtoGalaxyVerifier_(std::vector> vks) +{ + uint32_t idx = 0; + for (const auto& vk : vks) { + VerifierInstance inst; + inst.verification_key = std::move(vk); + inst.index = idx; + verifier_instances.emplace_back(inst); + idx++; + } +} +template +VerifierFoldingResult ProtoGalaxyVerifier_::fold_public_parameters(std::vector fold_data) { - transcript = VerifierTranscript{ proof_data }; + transcript = VerifierTranscript{ fold_data }; + for (auto& inst : verifier_instances) { + auto idx = std::to_string(inst.index); + inst.circuit_size = transcript.template receive_from_prover(idx + "_circuit_size"); + inst.public_input_size = transcript.template receive_from_prover(idx + "_public_input_size"); + inst.pub_inputs_offset = transcript.template receive_from_prover(idx + "_pub_inputs_offset"); + + for (size_t i = 0; i < inst.public_input_size; ++i) { + auto public_input_i = + transcript.template receive_from_prover(idx + "public_input_" + std::to_string(i)); + inst.public_inputs.emplace_back(public_input_i); + } + auto eta = transcript.get_challenge(idx + "_eta"); + auto [beta, gamma] = transcript.get_challenges(idx + "_beta", idx + "_gamma"); + const FF public_input_delta = compute_public_input_delta( + inst.public_inputs, beta, gamma, inst.circuit_size, inst.pub_inputs_offset); + const FF lookup_grand_product_delta = compute_lookup_grand_product_delta(beta, gamma, inst.circuit_size); + inst.relation_parameters = + RelationParameters{ eta, beta, gamma, public_input_delta, lookup_grand_product_delta }; + verifier_instances.emplace_back(inst); + } + VerifierFoldingResult res; + return res; } + +template class ProtoGalaxyVerifier_; +template class ProtoGalaxyVerifier_; +template class ProtoGalaxyVerifier_; } // namespace proof_system::honk \ No newline at end of file diff --git a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_verifier.hpp b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_verifier.hpp index df4146b67db6..ce4236e85b13 100644 --- a/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_verifier.hpp +++ b/circuits/cpp/barretenberg/cpp/src/barretenberg/honk/proof_system/protogalaxy_verifier.hpp @@ -1,16 +1,26 @@ +#pragma once +#include "barretenberg/honk/flavor/goblin_ultra.hpp" +#include "barretenberg/honk/flavor/ultra.hpp" +#include "barretenberg/honk/flavor/ultra_grumpkin.hpp" +#include "barretenberg/honk/instance/verifier_instance.hpp" +#include "barretenberg/honk/proof_system/folding_result.hpp" #include "barretenberg/honk/transcript/transcript.hpp" #include "barretenberg/proof_system/flavor/flavor.hpp" -#include "barretenberg/proof_system/folding_result.hpp" namespace proof_system::honk { template class ProtoGalaxyVerifier_ { public: using FF = typename Flavor::FF; using VerificationKey = typename Flavor::VerificationKey; + using VerifierInstance = VerifierInstance_; std::vector verifier_instances; VerifierTranscript transcript; - explicit ProtoGalaxyVerifier_(std::vector vks); - VerifierFoldingResult fold_public_parameters(); + explicit ProtoGalaxyVerifier_(std::vector> vks); + VerifierFoldingResult fold_public_parameters(std::vector fold_data); }; + +extern template class ProtoGalaxyVerifier_; +extern template class ProtoGalaxyVerifier_; +extern template class ProtoGalaxyVerifier_; } // namespace proof_system::honk \ No newline at end of file