Merge branch 'master' into md/spartan-p2p-persistance

barretenberg/.gitrepo

@@ -6,7 +6,7 @@
 [subrepo]
 remote = https://github.com/AztecProtocol/barretenberg
 	branch = master
-	commit = 5e751b81cd5e5f34d9286d5a19ea6d4853566480
-	parent = 887c01103255ea4cbbb6cb33c8771d47123b3bff
+	commit = 0fe0a5d6dff43547aaec45256440982184e93bb0
+	parent = da1470d074f4884e61b51e450a661432c6f0a10f
 	method = merge
 	cmdver = 0.4.6

barretenberg/cpp/scripts/merkle_tree_tests.sh

@@ -5,7 +5,7 @@ set -e
 # run commands relative to parent directory
 cd $(dirname $0)/..
 
-DEFAULT_TESTS=PersistedIndexedTreeTest.*:PersistedAppendOnlyTreeTest.*:LMDBStoreTest.*:PersistedContentAddressedIndexedTreeTest.*:PersistedContentAddressedAppendOnlyTreeTest.*
+DEFAULT_TESTS=PersistedIndexedTreeTest.*:PersistedAppendOnlyTreeTest.*:LMDBTreeStoreTest.*:PersistedContentAddressedIndexedTreeTest.*:PersistedContentAddressedAppendOnlyTreeTest.*
 TEST=${1:-$DEFAULT_TESTS}
 PRESET=${PRESET:-clang16}
 

barretenberg/cpp/src/barretenberg/bb/main.cpp

@@ -1465,6 +1465,12 @@ int main(int argc, char* argv[])
         } else if (command == "prove_ultra_honk_output_all") {
             std::string output_path = get_option(args, "-o", "./proofs");
             prove_honk_output_all<UltraFlavor>(bytecode_path, witness_path, output_path, recursive);
+        } else if (command == "prove_ultra_rollup_honk_output_all") {
+            std::string output_path = get_option(args, "-o", "./proofs/proof");
+            prove_honk_output_all<UltraRollupFlavor>(bytecode_path, witness_path, output_path, recursive);
+        } else if (command == "prove_ultra_keccak_honk_output_all") {
+            std::string output_path = get_option(args, "-o", "./proofs/proof");
+            prove_honk_output_all<UltraKeccakFlavor>(bytecode_path, witness_path, output_path, recursive);
         } else if (command == "prove_mega_honk_output_all") {
             std::string output_path = get_option(args, "-o", "./proofs");
             prove_honk_output_all<MegaFlavor>(bytecode_path, witness_path, output_path, recursive);
@@ -1526,9 +1532,9 @@ int main(int argc, char* argv[])
         } else if (command == "prove_ultra_keccak_honk") {
             std::string output_path = get_option(args, "-o", "./proofs/proof");
             prove_honk<UltraKeccakFlavor>(bytecode_path, witness_path, output_path, recursive);
-        } else if (command == "prove_ultra_keccak_honk_output_all") {
+        } else if (command == "prove_ultra_rollup_honk") {
             std::string output_path = get_option(args, "-o", "./proofs/proof");
-            prove_honk_output_all<UltraKeccakFlavor>(bytecode_path, witness_path, output_path, recursive);
+            prove_honk<UltraRollupFlavor>(bytecode_path, witness_path, output_path, recursive);
         } else if (command == "verify_ultra_honk") {
             return verify_honk<UltraFlavor>(proof_path, vk_path) ? 0 : 1;
         } else if (command == "verify_ultra_keccak_honk") {
@@ -1539,6 +1545,9 @@ int main(int argc, char* argv[])
         } else if (command == "write_vk_ultra_keccak_honk") {
             std::string output_path = get_option(args, "-o", "./target/vk");
             write_vk_honk<UltraKeccakFlavor>(bytecode_path, output_path, recursive);
+        } else if (command == "write_vk_ultra_rollup_honk") {
+            std::string output_path = get_option(args, "-o", "./target/vk");
+            write_vk_honk<UltraRollupFlavor>(bytecode_path, output_path, recursive);
         } else if (command == "prove_mega_honk") {
             std::string output_path = get_option(args, "-o", "./proofs/proof");
             prove_honk<MegaFlavor>(bytecode_path, witness_path, output_path, recursive);
@@ -1553,12 +1562,15 @@ int main(int argc, char* argv[])
         } else if (command == "vk_as_fields_ultra_honk") {
             std::string output_path = get_option(args, "-o", vk_path + "_fields.json");
             vk_as_fields_honk<UltraFlavor>(vk_path, output_path);
-        } else if (command == "vk_as_fields_mega_honk") {
-            std::string output_path = get_option(args, "-o", vk_path + "_fields.json");
-            vk_as_fields_honk<MegaFlavor>(vk_path, output_path);
         } else if (command == "vk_as_fields_ultra_keccak_honk") {
             std::string output_path = get_option(args, "-o", vk_path + "_fields.json");
             vk_as_fields_honk<UltraKeccakFlavor>(vk_path, output_path);
+        } else if (command == "vk_as_fields_ultra_rollup_honk") {
+            std::string output_path = get_option(args, "-o", vk_path + "_fields.json");
+            vk_as_fields_honk<UltraRollupFlavor>(vk_path, output_path);
+        } else if (command == "vk_as_fields_mega_honk") {
+            std::string output_path = get_option(args, "-o", vk_path + "_fields.json");
+            vk_as_fields_honk<MegaFlavor>(vk_path, output_path);
         } else {
             std::cerr << "Unknown command: " << command << "\n";
             return 1;

barretenberg/cpp/src/barretenberg/commitment_schemes/claim.hpp

@@ -60,12 +60,10 @@ template <typename Curve> class OpeningClaim {
                  opening_pair.challenge.binary_basis_limbs[1].element.normalize().witness_index,
                  opening_pair.challenge.binary_basis_limbs[2].element.normalize().witness_index,
                  opening_pair.challenge.binary_basis_limbs[3].element.normalize().witness_index,
-                 // TODO(https://github.com/AztecProtocol/barretenberg/issues/1153): Uncomment this when we turn the
-                 // eval into witnesses.
-                 //  opening_pair.evaluation.binary_basis_limbs[0].element.normalize().witness_index,
-                 //  opening_pair.evaluation.binary_basis_limbs[1].element.normalize().witness_index,
-                 //  opening_pair.evaluation.binary_basis_limbs[2].element.normalize().witness_index,
-                 //  opening_pair.evaluation.binary_basis_limbs[3].element.normalize().witness_index,
+                 opening_pair.evaluation.binary_basis_limbs[0].element.normalize().witness_index,
+                 opening_pair.evaluation.binary_basis_limbs[1].element.normalize().witness_index,
+                 opening_pair.evaluation.binary_basis_limbs[2].element.normalize().witness_index,
+                 opening_pair.evaluation.binary_basis_limbs[3].element.normalize().witness_index,
                  commitment.x.normalize().witness_index, // no idea if we need these normalize() calls...
                  commitment.y.normalize().witness_index };
     }

barretenberg/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp

@@ -113,6 +113,7 @@ std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
                                                      std::move(batched_to_be_shifted),
                                                      std::move(batched_concatenated));
 
+    // TODO(https://github.com/AztecProtocol/barretenberg/issues/1159): Decouple constants from primitives.
     for (size_t l = 0; l < CONST_PROOF_SIZE_LOG_N - 1; l++) {
         if (l < log_n - 1) {
             transcript->send_to_verifier("Gemini:FOLD_" + std::to_string(l + 1),

barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.hpp

@@ -200,6 +200,7 @@ template <typename Curve_> class IPA {
 
         // Iterate for log(poly_degree) rounds to compute the round commitments.
         auto log_poly_length = static_cast<size_t>(numeric::get_msb(poly_length));
+        // TODO(https://github.com/AztecProtocol/barretenberg/issues/1159): Decouple constant from IPA.
         if (log_poly_length > CONST_ECCVM_LOG_N) {
             throw_or_abort("IPA log_poly_length is too large");
         }

barretenberg/cpp/src/barretenberg/commitment_schemes/ipa/ipa.test.cpp

@@ -159,6 +159,7 @@ TEST_F(IPATest, AIsZeroAfterOneRound)
 
     // initialize an empty mock transcript
     auto transcript = std::make_shared<MockTranscript>();
+    // TODO(https://github.com/AztecProtocol/barretenberg/issues/1159): Decouple constant from IPA.
     const size_t num_challenges = CONST_ECCVM_LOG_N + 1;
     std::vector<uint256_t> random_vector(num_challenges);
 

barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplemini.hpp

@@ -469,6 +469,7 @@ template <typename Curve> class ShpleminiVerifier_ {
 
         // Initialize batching challenge as ν²
         Fr current_batching_challenge = shplonk_batching_challenge.sqr();
+        // TODO(https://github.com/AztecProtocol/barretenberg/issues/1159): Decouple constants from primitives.
         for (size_t j = 0; j < CONST_PROOF_SIZE_LOG_N - 1; ++j) {
             // Compute the scaling factor  (ν²⁺ⁱ) / (z + r²⁽ⁱ⁺²⁾) for i = 0, … , d-2
             Fr scaling_factor = current_batching_challenge * inverse_vanishing_evals[j + 2];

barretenberg/cpp/src/barretenberg/commitment_schemes/shplonk/shplonk.hpp

@@ -2,6 +2,7 @@
 #include "barretenberg/commitment_schemes/claim.hpp"
 #include "barretenberg/commitment_schemes/commitment_key.hpp"
 #include "barretenberg/commitment_schemes/verification_key.hpp"
+#include "barretenberg/stdlib/primitives/curves/bn254.hpp"
 #include "barretenberg/transcript/transcript.hpp"
 
 /**
@@ -224,7 +225,9 @@ template <typename Curve> class ShplonkVerifier_ {
         //  [G] = [Q] - ∑ⱼ (1/zⱼ(r))[Bⱼ]  + ( ∑ⱼ (1/zⱼ(r)) Tⱼ(r) )[1]
         //      = [Q] - ∑ⱼ (1/zⱼ(r))[Bⱼ]  +                    G₀ [1]
         // G₀ = ∑ⱼ ρʲ ⋅ vⱼ / (z − xⱼ )
-        auto G_commitment_constant = Fr(0);
+        Fr G_commitment_constant(0);
+
+        Fr evaluation(0);
 
         // TODO(#673): The recursive and non-recursive (native) logic is completely separated via the following
         // conditional. Much of the logic could be shared, but I've chosen to do it this way since soon the "else"
@@ -274,6 +277,8 @@ template <typename Curve> class ShplonkVerifier_ {
             // [G] += G₀⋅[1] = [G] + (∑ⱼ νʲ ⋅ vⱼ / (z − xⱼ ))⋅[1]
             G_commitment = GroupElement::batch_mul(commitments, scalars);
 
+            // Set evaluation to constant witness
+            evaluation.convert_constant_to_fixed_witness(z_challenge.get_context());
         } else {
             // [G] = [Q] - ∑ⱼ νʲ / (z − xⱼ )⋅[fⱼ] + G₀⋅[1]
             //     = [Q] - [∑ⱼ νʲ ⋅ ( fⱼ(X) − vⱼ) / (z − xⱼ )]
@@ -309,7 +314,7 @@ template <typename Curve> class ShplonkVerifier_ {
         }
 
         // Return opening pair (z, 0) and commitment [G]
-        return { { z_challenge, Fr(0) }, G_commitment };
+        return { { z_challenge, evaluation }, G_commitment };
     };
     /**
      * @brief Computes \f$ \frac{1}{z - r}, \frac{1}{z+r}, \ldots, \frac{1}{z+r^{2^{d-1}}} \f$.

barretenberg/cpp/src/barretenberg/commitment_schemes/zeromorph/zeromorph.hpp

@@ -421,6 +421,7 @@ template <typename Curve> class ZeroMorphProver_ {
             transcript->send_to_verifier(label, q_k_commitment);
         }
         // Add buffer elements to remove log_N dependence in proof
+        // TODO(https://github.com/AztecProtocol/barretenberg/issues/1159): Decouple constants from primitives.
         for (size_t idx = log_N; idx < CONST_PROOF_SIZE_LOG_N; ++idx) {
             auto buffer_element = Commitment::one();
             std::string label = "ZM:C_q_" + std::to_string(idx);