refactor: Renaming Instance's (#8362)

The main objective of this PR is to do some renaming to stop using the
term "instance" as we currently do in the Honk flavors that can be used
to construct proofs from stdlib circuits (Mega, UItra, relative). This
is bad terminology for several reasons:
- the term "instace-witness pair" is widely in use in ZK, and our
existing use of "instance" directly clashes with this.
- `ProverInstance` is really just a key for Decider proving; similarly
for `VerifierInstance`
- `ProvingKey` as it currently exists is de facto deprecated in the
contexts where we use "instance"'s since we have have rewritten those
provers and verifiers using Oink prover and verifier.
- "Prover instance" sounds a lot like an instance of the Prover
class--can be confusing in conversation.
- I take it as a sign that "instance" is a bad term that we variously
use that term and the term "accumulator" for the same thing, depending
on the context, whether or not any accumulation is or could even happen.

I simply rename things to Decider[Proving/Verification]Key and variants
of this depending on context. A sign that this is a good choice is the
fact that we now have the absurd-looking `proving_key->proving_key`,
which will become non-absurb when the inner proving key type is actually
deprecated. At that point the DeciderProvingKey class could move into
the flavor, time permitting.

I also have a small change to remove the `State` struct I recently added
to Protogalaxy Prover. This is where the work started before I undertook
the big renaming job, and it's small and localized enough that it feels
unnecessary to split it out.

Note: renaming of files is done in a follow-on
#8383

barretenberg/cpp/scripts/analyze_client_ivc_bench.py

@@ -16,7 +16,7 @@
 # Single out an independent set of functions accounting for most of BENCHMARK's real_time
 to_keep = [
     "construct_circuits(t)",
-    "ProverInstance(Circuit&)(t)",
+    "DeciderProvingKey(Circuit&)(t)",
     "ProtogalaxyProver::prove(t)",
     "Decider::construct_proof(t)",
     "ECCVMProver(CircuitBuilder&)(t)",

barretenberg/cpp/src/barretenberg/aztec_ivc/aztec_ivc.cpp

@@ -23,32 +23,33 @@ void AztecIVC::complete_kernel_circuit_logic(ClientCircuit& circuit)
         switch (type) {
         case QUEUE_TYPE::PG: {
             // Construct stdlib verifier accumulator from the native counterpart computed on a previous round
-            auto stdlib_verifier_accum = std::make_shared<RecursiveVerifierInstance>(&circuit, verifier_accumulator);
+            auto stdlib_verifier_accum =
+                std::make_shared<RecursiveDeciderVerificationKey>(&circuit, verifier_accumulator);
 
             // Perform folding recursive verification to update the verifier accumulator
             FoldingRecursiveVerifier verifier{ &circuit, stdlib_verifier_accum, { stdlib_vkey } };
             auto verifier_accum = verifier.verify_folding_proof(stdlib_proof);
 
             // Extract native verifier accumulator from the stdlib accum for use on the next round
-            verifier_accumulator = std::make_shared<VerifierInstance>(verifier_accum->get_value());
+            verifier_accumulator = std::make_shared<DeciderVerificationKey>(verifier_accum->get_value());
 
             // Perform databus commitment consistency checks and propagate return data commitments via public inputs
-            bus_depot.execute(verifier.instances[1]->witness_commitments,
-                              verifier.instances[1]->public_inputs,
-                              verifier.instances[1]->verification_key->databus_propagation_data);
+            bus_depot.execute(verifier.keys_to_fold[1]->witness_commitments,
+                              verifier.keys_to_fold[1]->public_inputs,
+                              verifier.keys_to_fold[1]->verification_key->databus_propagation_data);
             break;
         }
         case QUEUE_TYPE::OINK: {
             // Construct an incomplete stdlib verifier accumulator from the corresponding stdlib verification key
-            auto verifier_accum = std::make_shared<RecursiveVerifierInstance>(&circuit, stdlib_vkey);
+            auto verifier_accum = std::make_shared<RecursiveDeciderVerificationKey>(&circuit, stdlib_vkey);
 
             // Perform oink recursive verification to complete the initial verifier accumulator
             OinkRecursiveVerifier oink{ &circuit, verifier_accum };
             oink.verify_proof(stdlib_proof);
-            verifier_accum->is_accumulator = true; // indicate to PG that it should not run oink on this instance
+            verifier_accum->is_accumulator = true; // indicate to PG that it should not run oink on this key
 
             // Extract native verifier accumulator from the stdlib accum for use on the next round
-            verifier_accumulator = std::make_shared<VerifierInstance>(verifier_accum->get_value());
+            verifier_accumulator = std::make_shared<DeciderVerificationKey>(verifier_accum->get_value());
             // Initialize the gate challenges to zero for use in first round of folding
             verifier_accumulator->gate_challenges =
                 std::vector<FF>(verifier_accum->verification_key->log_circuit_size, 0);
@@ -72,9 +73,9 @@ void AztecIVC::complete_kernel_circuit_logic(ClientCircuit& circuit)
 }
 
 /**
- * @brief Execute prover work for instance accumulation
- * @details Construct an instance for the provided circuit. If this is the first instance in the IVC, simply initialize
- * the folding accumulator. Otherwise, execute the PG prover to fold the instance into the accumulator and produce a
+ * @brief Execute prover work for accumulation
+ * @details Construct an proving key for the provided circuit. If this is the first step in the IVC, simply initialize
+ * the folding accumulator. Otherwise, execute the PG prover to fold the proving key into the accumulator and produce a
  * folding proof. Also execute the merge protocol to produce a merge proof.
  *
  * @param circuit
@@ -90,40 +91,40 @@ void AztecIVC::accumulate(ClientCircuit& circuit, const std::shared_ptr<Verifica
     // verifier.
     circuit.add_recursive_proof(stdlib::recursion::init_default_agg_obj_indices<ClientCircuit>(circuit));
 
-    // Construct the prover instance for circuit
-    std::shared_ptr<ProverInstance> prover_instance;
+    // Construct the proving key for circuit
+    std::shared_ptr<DeciderProvingKey> proving_key;
     if (!initialized) {
-        prover_instance = std::make_shared<ProverInstance>(circuit, trace_structure);
+        proving_key = std::make_shared<DeciderProvingKey>(circuit, trace_structure);
     } else {
-        prover_instance = std::make_shared<ProverInstance>(
+        proving_key = std::make_shared<DeciderProvingKey>(
             circuit, trace_structure, fold_output.accumulator->proving_key.commitment_key);
     }
 
-    // Set the instance verification key from precomputed if available, else compute it
-    instance_vk = precomputed_vk ? precomputed_vk : std::make_shared<VerificationKey>(prover_instance->proving_key);
+    // Set the verification key from precomputed if available, else compute it
+    honk_vk = precomputed_vk ? precomputed_vk : std::make_shared<VerificationKey>(proving_key->proving_key);
 
-    // If this is the first circuit in the IVC, use oink to compute the completed instance and generate an oink proof
+    // If this is the first circuit in the IVC, use oink to complete the decider proving key and generate an oink proof
     if (!initialized) {
-        OinkProver<Flavor> oink_prover{ prover_instance };
+        OinkProver<Flavor> oink_prover{ proving_key };
         oink_prover.prove();
-        prover_instance->is_accumulator = true; // indicate to PG that it should not run oink on this instance
+        proving_key->is_accumulator = true; // indicate to PG that it should not run oink on this key
         // Initialize the gate challenges to zero for use in first round of folding
-        prover_instance->gate_challenges = std::vector<FF>(prover_instance->proving_key.log_circuit_size, 0);
+        proving_key->gate_challenges = std::vector<FF>(proving_key->proving_key.log_circuit_size, 0);
 
-        fold_output.accumulator = prover_instance; // initialize the prover accum with the completed instance
+        fold_output.accumulator = proving_key; // initialize the prover accum with the completed key
 
         // Add oink proof and corresponding verification key to the verification queue
         verification_queue.push_back(
-            bb::AztecIVC::RecursiveVerifierInputs{ oink_prover.transcript->proof_data, instance_vk, QUEUE_TYPE::OINK });
+            bb::AztecIVC::RecursiveVerifierInputs{ oink_prover.transcript->proof_data, honk_vk, QUEUE_TYPE::OINK });
 
         initialized = true;
-    } else { // Otherwise, fold the new instance into the accumulator
-        FoldingProver folding_prover({ fold_output.accumulator, prover_instance });
+    } else { // Otherwise, fold the new key into the accumulator
+        FoldingProver folding_prover({ fold_output.accumulator, proving_key });
         fold_output = folding_prover.prove();
 
         // Add fold proof and corresponding verification key to the verification queue
         verification_queue.push_back(
-            bb::AztecIVC::RecursiveVerifierInputs{ fold_output.proof, instance_vk, QUEUE_TYPE::PG });
+            bb::AztecIVC::RecursiveVerifierInputs{ fold_output.proof, honk_vk, QUEUE_TYPE::PG });
     }
 
     // Track the maximum size of each block for all circuits porcessed (for debugging purposes only)
@@ -146,8 +147,8 @@ AztecIVC::Proof AztecIVC::prove()
 };
 
 bool AztecIVC::verify(const Proof& proof,
-                      const std::shared_ptr<VerifierInstance>& accumulator,
-                      const std::shared_ptr<VerifierInstance>& final_verifier_instance,
+                      const std::shared_ptr<DeciderVerificationKey>& accumulator,
+                      const std::shared_ptr<DeciderVerificationKey>& final_stack_vk,
                       const std::shared_ptr<AztecIVC::ECCVMVerificationKey>& eccvm_vk,
                       const std::shared_ptr<AztecIVC::TranslatorVerificationKey>& translator_vk)
 {
@@ -156,7 +157,7 @@ bool AztecIVC::verify(const Proof& proof,
     bool goblin_verified = goblin_verifier.verify(proof.goblin_proof);
 
     // Decider verification
-    AztecIVC::FoldingVerifier folding_verifier({ accumulator, final_verifier_instance });
+    AztecIVC::FoldingVerifier folding_verifier({ accumulator, final_stack_vk });
     auto verifier_accumulator = folding_verifier.verify_folding_proof(proof.folding_proof);
 
     AztecIVC::DeciderVerifier decider_verifier(verifier_accumulator);
@@ -170,11 +171,11 @@ bool AztecIVC::verify(const Proof& proof,
  * @param proof
  * @return bool
  */
-bool AztecIVC::verify(Proof& proof, const std::vector<std::shared_ptr<VerifierInstance>>& verifier_instances)
+bool AztecIVC::verify(Proof& proof, const std::vector<std::shared_ptr<DeciderVerificationKey>>& vk_stack)
 {
     auto eccvm_vk = std::make_shared<ECCVMVerificationKey>(goblin.get_eccvm_proving_key());
     auto translator_vk = std::make_shared<TranslatorVerificationKey>(goblin.get_translator_proving_key());
-    return verify(proof, verifier_instances[0], verifier_instances[1], eccvm_vk, translator_vk);
+    return verify(proof, vk_stack[0], vk_stack[1], eccvm_vk, translator_vk);
 }
 
 /**
@@ -199,7 +200,7 @@ bool AztecIVC::prove_and_verify()
     auto proof = prove();
 
     ASSERT(verification_queue.size() == 1); // ensure only a single fold proof remains in the queue
-    auto verifier_inst = std::make_shared<VerifierInstance>(this->verification_queue[0].instance_vk);
+    auto verifier_inst = std::make_shared<DeciderVerificationKey>(this->verification_queue[0].honk_verification_key);
     return verify(proof, { this->verifier_accumulator, verifier_inst });
 }
 

barretenberg/cpp/src/barretenberg/aztec_ivc/aztec_ivc.hpp

@@ -15,7 +15,7 @@ namespace bb {
 
 /**
  * @brief The IVC scheme used by the aztec client for private function execution
- * @details Combines Protogalaxy with Goblin to accumulate one circuit instance at a time with efficient EC group
+ * @details Combines Protogalaxy with Goblin to accumulate one circuit at a time with efficient EC group
  * operations. It is assumed that the circuits being accumulated correspond alternatingly to an app and a kernel, as is
  * the case in Aztec. Two recursive folding verifiers are appended to each kernel (except the first one) to verify the
  * folding of a previous kernel and an app/function circuit. Due to this structure it is enforced that the total number
@@ -30,24 +30,25 @@ class AztecIVC {
     using FF = Flavor::FF;
     using FoldProof = std::vector<FF>;
     using MergeProof = std::vector<FF>;
-    using ProverInstance = ProverInstance_<Flavor>;
-    using VerifierInstance = VerifierInstance_<Flavor>;
+    using DeciderProvingKey = DeciderProvingKey_<Flavor>;
+    using DeciderVerificationKey = DeciderVerificationKey_<Flavor>;
     using ClientCircuit = MegaCircuitBuilder; // can only be Mega
     using DeciderProver = DeciderProver_<Flavor>;
     using DeciderVerifier = DeciderVerifier_<Flavor>;
-    using ProverInstances = ProverInstances_<Flavor>;
-    using FoldingProver = ProtogalaxyProver_<ProverInstances>;
-    using VerifierInstances = VerifierInstances_<Flavor>;
-    using FoldingVerifier = ProtogalaxyVerifier_<VerifierInstances>;
+    using DeciderProvingKeys = DeciderProvingKeys_<Flavor>;
+    using FoldingProver = ProtogalaxyProver_<DeciderProvingKeys>;
+    using DeciderVerificationKeys = DeciderVerificationKeys_<Flavor>;
+    using FoldingVerifier = ProtogalaxyVerifier_<DeciderVerificationKeys>;
     using ECCVMVerificationKey = bb::ECCVMFlavor::VerificationKey;
     using TranslatorVerificationKey = bb::TranslatorFlavor::VerificationKey;
 
     using RecursiveFlavor = MegaRecursiveFlavor_<bb::MegaCircuitBuilder>;
-    using RecursiveVerifierInstances = bb::stdlib::recursion::honk::RecursiveVerifierInstances_<RecursiveFlavor, 2>;
-    using RecursiveVerifierInstance = RecursiveVerifierInstances::Instance;
+    using RecursiveDeciderVerificationKeys =
+        bb::stdlib::recursion::honk::RecursiveDeciderVerificationKeys_<RecursiveFlavor, 2>;
+    using RecursiveDeciderVerificationKey = RecursiveDeciderVerificationKeys::DeciderVK;
     using RecursiveVerificationKey = RecursiveFlavor::VerificationKey;
     using FoldingRecursiveVerifier =
-        bb::stdlib::recursion::honk::ProtogalaxyRecursiveVerifier_<RecursiveVerifierInstances>;
+        bb::stdlib::recursion::honk::ProtogalaxyRecursiveVerifier_<RecursiveDeciderVerificationKeys>;
     using OinkRecursiveVerifier = stdlib::recursion::honk::OinkRecursiveVerifier_<RecursiveFlavor>;
 
     using DataBusDepot = stdlib::DataBusDepot<ClientCircuit>;
@@ -66,7 +67,7 @@ class AztecIVC {
     enum class QUEUE_TYPE { OINK, PG };
     struct RecursiveVerifierInputs {
         std::vector<FF> proof; // oink or PG
-        std::shared_ptr<VerificationKey> instance_vk;
+        std::shared_ptr<VerificationKey> honk_verification_key;
         QUEUE_TYPE type;
     };
 
@@ -79,10 +80,10 @@ class AztecIVC {
   public:
     GoblinProver goblin;
 
-    ProverFoldOutput fold_output; // prover accumulator instance and fold proof
+    ProverFoldOutput fold_output; // prover accumulator and fold proof
 
-    std::shared_ptr<VerifierInstance> verifier_accumulator; // verifier accumulator instance
-    std::shared_ptr<VerificationKey> instance_vk;           // verification key for instance to be folded
+    std::shared_ptr<DeciderVerificationKey> verifier_accumulator; // verifier accumulator
+    std::shared_ptr<VerificationKey> honk_vk; // honk vk to be completed and folded into the accumulator
 
     // Set of pairs of {fold_proof, verification_key} to be recursively verified
     std::vector<RecursiveVerifierInputs> verification_queue;
@@ -92,7 +93,7 @@ class AztecIVC {
     // Management of linking databus commitments between circuits in the IVC
     DataBusDepot bus_depot;
 
-    // A flag indicating whether or not to construct a structured trace in the ProverInstance
+    // A flag indicating whether or not to construct a structured trace in the DeciderProvingKey
     TraceStructure trace_structure = TraceStructure::NONE;
 
     bool initialized = false; // Is the IVC accumulator initialized
@@ -106,12 +107,12 @@ class AztecIVC {
     Proof prove();
 
     static bool verify(const Proof& proof,
-                       const std::shared_ptr<VerifierInstance>& accumulator,
-                       const std::shared_ptr<VerifierInstance>& final_verifier_instance,
+                       const std::shared_ptr<DeciderVerificationKey>& accumulator,
+                       const std::shared_ptr<DeciderVerificationKey>& final_stack_vk,
                        const std::shared_ptr<AztecIVC::ECCVMVerificationKey>& eccvm_vk,
                        const std::shared_ptr<AztecIVC::TranslatorVerificationKey>& translator_vk);
 
-    bool verify(Proof& proof, const std::vector<std::shared_ptr<VerifierInstance>>& verifier_instances);
+    bool verify(Proof& proof, const std::vector<std::shared_ptr<DeciderVerificationKey>>& vk_stack);
 
     bool prove_and_verify();
 

barretenberg/cpp/src/barretenberg/aztec_ivc/aztec_ivc.test.cpp

@@ -20,15 +20,15 @@ class AztecIVCTests : public ::testing::Test {
     using FF = typename Flavor::FF;
     using VerificationKey = Flavor::VerificationKey;
     using Builder = AztecIVC::ClientCircuit;
-    using ProverInstance = AztecIVC::ProverInstance;
-    using VerifierInstance = AztecIVC::VerifierInstance;
+    using DeciderProvingKey = AztecIVC::DeciderProvingKey;
+    using DeciderVerificationKey = AztecIVC::DeciderVerificationKey;
     using FoldProof = AztecIVC::FoldProof;
     using DeciderProver = AztecIVC::DeciderProver;
     using DeciderVerifier = AztecIVC::DeciderVerifier;
-    using ProverInstances = ProverInstances_<Flavor>;
-    using FoldingProver = ProtogalaxyProver_<ProverInstances>;
-    using VerifierInstances = VerifierInstances_<Flavor>;
-    using FoldingVerifier = ProtogalaxyVerifier_<VerifierInstances>;
+    using DeciderProvingKeys = DeciderProvingKeys_<Flavor>;
+    using FoldingProver = ProtogalaxyProver_<DeciderProvingKeys>;
+    using DeciderVerificationKeys = DeciderVerificationKeys_<Flavor>;
+    using FoldingVerifier = ProtogalaxyVerifier_<DeciderVerificationKeys>;
 
     /**
      * @brief Construct mock circuit with arithmetic gates and goblin ops
@@ -86,7 +86,7 @@ class AztecIVCTests : public ::testing::Test {
             for (size_t idx = 0; idx < num_circuits; ++idx) {
                 ClientCircuit circuit = create_next_circuit(ivc, log2_num_gates); // create the next circuit
                 ivc.accumulate(circuit);                                          // accumulate the circuit
-                vkeys.emplace_back(ivc.instance_vk);                              // save the VK for the circuit
+                vkeys.emplace_back(ivc.honk_vk);                                  // save the VK for the circuit
             }
             is_kernel = false;
 

barretenberg/cpp/src/barretenberg/aztec_ivc/mock_circuit_producer.hpp

@@ -139,7 +139,7 @@ class PrivateFunctionExecutionMockCircuitProducer {
         for (size_t idx = 0; idx < num_circuits; ++idx) {
             ClientCircuit circuit = create_next_circuit(ivc); // create the next circuit
             ivc.accumulate(circuit);                          // accumulate the circuit
-            vkeys.emplace_back(ivc.instance_vk);              // save the VK for the circuit
+            vkeys.emplace_back(ivc.honk_vk);                  // save the VK for the circuit
         }
         circuit_counter = 0; // reset the internal circuit counter back to 0