Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: translation evaluations with zk #12222

Merged
merged 38 commits into from
Mar 6, 2025
Merged

feat: translation evaluations with zk #12222

merged 38 commits into from
Mar 6, 2025

Conversation

iakovenkos
Copy link
Contributor

@iakovenkos iakovenkos commented Feb 24, 2025
edited
Loading

After extending SmallSubgroupIPA functionality, we integrated the changes into the ECCVM logic. Specifically, the Prover and Verifier methods compute_translation_opening_claim were modified to establish the correctness of the value translation_masking_term_eval= $\sum_i m_i(x) v^i $, where $m_i$ are univariate polynomials of degree MASKING_OFFSET used to mask the wires op, Px, Py, z1, and z2.

Detailed documentation has been included in the ECCVMProver's method compute_translation_opening_claims.

The integration into Goblin/ClientIVC required minimal changes - namely, the TranslatorVerifier accepts translation_masking_term_eval and subtracts it from the eccvm_opening.

Note that currently the masking is not turned on in ECCVM, so translation_masking_term_eval= 0.

iakovenkos and others added 21 commits February 17, 2025 17:03
@iakovenkos
small refactor of translation evals logic in eccvm
ead1afc
@iakovenkos
+ ECCVMTranslation Class; extended functionality in SmallSubgroupIPA
d9d9a1f
@iakovenkos
test added
5504006
@iakovenkos
test passes
acc8a51
@iakovenkos
cleaning up
4d4349e
@iakovenkos
small subgroup ipa test clean-up
3aa169b
@iakovenkos
propagate translation challenges from eccvm verifier to translator ve…
6628ec7 
…rifier
@iakovenkos
slightly more sound
a51d492
@iakovenkos
IndependentVKHash test added to Goblin
bfaab51
@iakovenkos
Merge branch 'master' into si/fix-translation-evaluations
b4eaa6b
@iakovenkos
fix build
b21a2b2
@iakovenkos
translation labels no longer constexpr to fix build
bcc3284
@iakovenkos
Merge branch 'master' into si/fix-translation-evaluations
ae74a81
@iakovenkos
first steps: extending the eccvm prover
8af3dbf
@iakovenkos
renamed constants + docs
7d8e932
@iakovenkos
Merge branch 'master' into si/fix-translation-evaluations
a18fc20
@iakovenkos
fix build
98f29b0
@iakovenkos
Merge branch 'si/fix-translation-evaluations' of github.com:AztecProt…
9eec4c3 
…ocol/aztec-packages into si/fix-translation-evaluations
@iakovenkos
Merge branch 'si/fix-translation-evaluations' into si/fix-translation…
7d2a2ee 
…-evaluations-pt2
@iakovenkos
integration + clean-up
bfe9f09
@iakovenkos
wip: recursive verifiers
896cd45
@iakovenkos iakovenkos self-assigned this Feb 25, 2025
Base automatically changed from si/fix-translation-evaluations to master February 27, 2025 10:03
iakovenkos
iakovenkos commented Mar 3, 2025
View reviewed changes
barretenberg/cpp/src/barretenberg/commitment_schemes/small_subgroup_ipa/small_subgroup_ipa.cpp
// The prover computes the inner product of the challenge polynomial and the concatenation of
// the masking terms. This value is used to "denoise" the masked batched evaluation of
// `translation_polynomials` contained in `translation_data`.
claimed_inner_product = compute_claimed_translation_inner_product(translation_data);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

realized that the claimed sum could be computed here, makes ECCVMProver integration slightly cleaner

iakovenkos
iakovenkos commented Mar 4, 2025
View reviewed changes
...nberg/cpp/src/barretenberg/commitment_schemes/small_subgroup_ipa/small_subgroup_ipa.test.cpp
@@ -289,25 +289,19 @@ TYPED_TEST(SmallSubgroupIPATest, TranslationMaskingTermConsistency)
const FF evaluation_challenge_x = FF::random_element();
const FF batching_challenge_v = FF::random_element();

const FF claimed_inner_product = Prover::compute_claimed_translation_inner_product(
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no need to compute the claimed inner product separately since it's done inside the constructor

iakovenkos
iakovenkos commented Mar 4, 2025
View reviewed changes
...berg/cpp/src/barretenberg/commitment_schemes/small_subgroup_ipa/small_subgroup_ipa_utils.hpp
@@ -0,0 +1,47 @@
#pragma once
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It makes sense to isolate other methods shared by prover and verifier, decided to not pollute this PR with such changes

iakovenkos
iakovenkos commented Mar 4, 2025
View reviewed changes
barretenberg/cpp/src/barretenberg/eccvm/eccvm_prover.cpp
*/
ProverOpeningClaim<typename ECCVMFlavor::Curve> ECCVMProver::compute_translation_opening_claim()
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Below is the core of this PR - integrated recent SmallIPA changes into the Prover logic. Spent some time thinking about better isolation, but the fact that the SmallIPA transcript actions interleave the original logic makes it somewhat tricky.

iakovenkos
iakovenkos commented Mar 4, 2025
View reviewed changes
barretenberg/cpp/src/barretenberg/goblin/translation_evaluations.hpp
BF op, Px, Py, z1, z2;
static size_t size() { return field_conversion::calc_num_bn254_frs<BF>() * NUM_TRANSLATION_EVALUATIONS; }

RefArray<BF, NUM_TRANSLATION_EVALUATIONS> get_all() { return { op, Px, Py, z1, z2 }; }

std::array<std::string, NUM_TRANSLATION_EVALUATIONS> labels = {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

better sharing between prover and verifier - no need to create these labels in ECCVMProver and ECCVMVerifier

iakovenkos
iakovenkos commented Mar 4, 2025
View reviewed changes
barretenberg/cpp/src/barretenberg/goblin/translation_evaluations.hpp
MSGPACK_FIELDS(op, Px, Py, z1, z2);
};

/**
* @brief Efficiently compute \f$ \text{translation_masking_term_eval} \cdot x^{N}\f$, where \f$ N =
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Placed this helper here since this header is already included in both ECCVM Verifiers + the masking term eval is a correction of the translation evals.

iakovenkos
iakovenkos commented Mar 4, 2025
View reviewed changes
barretenberg/cpp/src/barretenberg/stdlib/goblin_verifier/goblin_recursive_verifier.cpp
@@ -34,7 +34,7 @@ GoblinRecursiveVerifierOutput GoblinRecursiveVerifier::verify(const GoblinProof&
TranslatorBF::from_witness(builder, native_translation_evaluations.z2)

};
translator_verifier.verify_translation(translation_evaluations);
translator_verifier.verify_translation(translation_evaluations, eccvm_verifier.translation_masking_term_eval);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

minimal changes here - just need to propagate this value to the translator verifier

iakovenkos
iakovenkos commented Mar 4, 2025
View reviewed changes
...tenberg/cpp/src/barretenberg/stdlib/translator_vm_verifier/translator_recursive_verifier.cpp
@@ -171,7 +172,7 @@ bool TranslatorRecursiveVerifier_<Flavor>::verify_translation(
const BF& z1 = translation_evaluations.z1;
const BF& z2 = translation_evaluations.z2;

const BF eccvm_opening = (op + (v1 * Px) + (v2 * Py) + (v3 * z1) + (v4 * z2));
const BF eccvm_opening = (op + (v1 * Px) + (v2 * Py) + (v3 * z1) + (v4 * z2)) - translation_masking_term_eval;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this value must match the accumulated result

@iakovenkos iakovenkos marked this pull request as ready for review March 4, 2025 11:30
@iakovenkos iakovenkos changed the title feat: translation evaluations with zk pt.2 feat: translation evaluations with zk Mar 4, 2025
@iakovenkos iakovenkos requested a review from ledwards2225 March 4, 2025 14:44
ledwards2225
ledwards2225 approved these changes Mar 4, 2025
View reviewed changes
Copy link
Contributor

@ledwards2225 ledwards2225 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, I appreciate the thorough documentation. Just a couple of points of confusion that I want to follow up on

@iakovenkos iakovenkos merged commit 568982d into master Mar 6, 2025
6 checks passed
@iakovenkos iakovenkos deleted the si/fix-translation-evaluations-pt2 branch March 6, 2025 13:21
@AztecBot AztecBot mentioned this pull request Mar 6, 2025
Merged
@iakovenkos iakovenkos mentioned this pull request Mar 6, 2025
Closed
TomAFrench added a commit that referenced this pull request Mar 6, 2025
@TomAFrench
Merge branch 'master' into tf/fix-trait-imports-again
fe5da0e 
* master: (40 commits)
  feat: Sync from noir (#12545)
  chore(spartan): kind test speedup (#12478)
  chore: restore bb --version (#12542)
  chore: Fix yarn install immutable issues (#12539)
  chore: More config defaults and forward p2p ports (#12529)
  fix: Revert "make vk metadata actual witnesses" (#12534)
  chore: explode aliases when looking up owners in `.test_patterns.yml` (#12526)
  chore: Cleaner PXE (#12515)
  chore: update and lock AVM's lockfile (#12533)
  chore: restore method syntax on `get_storage_slot` calls (#12532)
  fix: Bitwise lookup (#12471)
  chore: cleanup committing and masking utility (#12514)
  fix(ci): remove regex - transfer explicitly  (#12525)
  feat: Sync from noir (#12524)
  yolo log timeout fix, carry CI into container
  feat: translation evaluations with zk (#12222)
  fix(node): drop log level of handler not registered (#12523)
  feat: teardown in call interface (#12499)
  chore: Remove scope interpolation from env vars (#12522)
  fix(avm): use the correct number of rows in check_interaction (#12519)
  ...
rahul-kothari pushed a commit that referenced this pull request Mar 7, 2025
@AztecBot
chore(master): release 0.78.0 (#12508)
1407f6f 
🤖 I have created a new Aztec Packages release
---


##
[0.78.0](v0.77.1...v0.78.0)
(2025-03-07)


### ⚠ BREAKING CHANGES

* convert `TraitMethodNotInScope` to error
(noir-lang/noir#7427)
* bump bb version to v0.77.0
(noir-lang/noir#7599)
* remove merkle module from stdlib
(noir-lang/noir#7582)
* remove deprecated hash functions from stdlib
(noir-lang/noir#7477)
* **frontend:** Restrict capturing mutable variable in lambdas
(noir-lang/noir#7488)
* remove U128 struct from stdlib
(noir-lang/noir#7529)

### Features

* **barretenberg:** Graph methods for circuit analysis (part 2)
([#12130](#12130))
([ec4c0c4](ec4c0c4))
* **cli:** Log and replay oracle transcript
(noir-lang/noir#7417)
([f13b729](f13b729))
* Compare bincode to CBOR, FlexBuffers and Protobuf - implement best
(noir-lang/noir#7513)
([8eb727c](8eb727c))
* **experimental:** Enable ownership syntax
(noir-lang/noir#7603)
([1a3c112](1a3c112))
* **experimental:** Issue errors for unreachable match branches
(noir-lang/noir#7556)
([f13b729](f13b729))
* nullify just-added notes
([#12552](#12552))
([dcba7a4](dcba7a4))
* perform constant sha256 compressions at compile-time
(noir-lang/noir#7566)
([f13b729](f13b729))
* relate errors to macro built-ins errors
(noir-lang/noir#7609)
([fbaa634](fbaa634))
* simplify simple conditionals for brillig
(noir-lang/noir#7205)
([f13b729](f13b729))
* Support `&lt;Type as Trait&gt;::method` in expressions
(noir-lang/noir#7551)
([f13b729](f13b729))
* Sync from aztec-packages (noir-lang/noir#7606)
([8eb727c](8eb727c))
* teardown in call interface
([#12499](#12499))
([062df02](062df02))
* translation evaluations with zk
([#12222](#12222))
([568982d](568982d))


### Bug Fixes

* **avm:** use the correct number of rows in check_interaction
([#12519](#12519))
([b1284ef](b1284ef))
* aztec-up
([#12509](#12509))
([3ddb6de](3ddb6de))
* bbup
([#12555](#12555))
([e7b5353](e7b5353))
* Bitwise lookup
([#12471](#12471))
([a38f353](a38f353))
* **ci:** remove regex - transfer explicitly
([#12525](#12525))
([352bb1d](352bb1d))
* Cl/fix arm anvil
([#12565](#12565))
([e4bfbd1](e4bfbd1))
* compare Quoted by expanding interned values
(noir-lang/noir#7602)
([1a3c112](1a3c112))
* Display causes but not stack trace in CLI error report
(noir-lang/noir#7584)
([f13b729](f13b729))
* **experimental:** Fix execution of match expressions with multiple
branches (noir-lang/noir#7570)
([1a3c112](1a3c112))
* fix a few cases where safety comment wasn't correctly identified
(noir-lang/noir#7548)
([f13b729](f13b729))
* fix bbup and add CI
([#12541](#12541))
([1b2604c](1b2604c))
* Fix the config
([#12513](#12513))
([fb9fac6](fb9fac6))
* **frontend:** Restrict capturing mutable variable in lambdas
(noir-lang/noir#7488)
([f13b729](f13b729))
* FunctionDefinition::as_typed_expr didn't work well for trait imp…
(noir-lang/noir#7611)
([1a3c112](1a3c112))
* Log to `stderr` (noir-lang/noir#7585)
([f13b729](f13b729))
* **LSP:** references/rename only when underlying span has the correct…
(noir-lang/noir#7598)
([8eb727c](8eb727c))
* make vk metadata actual witnesses
([#12459](#12459))
([dada06f](dada06f))
* no fast deployments when the boot node needs to restart.
([#12557](#12557))
([866582e](866582e))
* **node:** drop log level of handler not registered
([#12523](#12523))
([cb7e42d](cb7e42d))
* override bb path in cli-wallet PXE config
([#12511](#12511))
([0c3024e](0c3024e))
* publish-bb-mac.yml version replace
([#12554](#12554))
([7e89dfb](7e89dfb))
* release bb-mac
([fac5fb5](fac5fb5))
* Revert "make vk metadata actual witnesses"
([#12534](#12534))
([ed46a3c](ed46a3c))
* shift right overflow in ACIR with unknown var now returns zero
(noir-lang/noir#7509)
([f13b729](f13b729))
* TokensPrettyPrinter was missing some spaces between tokens
(noir-lang/noir#7607)
([1a3c112](1a3c112))
* yarn-project e2e bench
([#12547](#12547))
([b40b904](b40b904))


### Miscellaneous

* add some extra tests (noir-lang/noir#7544)
([f13b729](f13b729))
* add underscore parameter documentation
(noir-lang/noir#7562)
([1a3c112](1a3c112))
* add yaml aliases in .test_patterns.yml
([#12516](#12516))
([3ee8d51](3ee8d51))
* address some frontend tests TODOs
(noir-lang/noir#7554)
([f13b729](f13b729))
* addressing remaining feedback in PR 12182
([#12494](#12494))
([f733879](f733879)),
closes
[#12193](#12193)
* bump `light-poseidon` (noir-lang/noir#7568)
([f13b729](f13b729))
* bump bb version to v0.77.0
(noir-lang/noir#7599)
([f13b729](f13b729))
* bump external pinned commits
(noir-lang/noir#7561)
([f13b729](f13b729))
* bump external pinned commits
(noir-lang/noir#7565)
([f13b729](f13b729))
* bump external pinned commits
(noir-lang/noir#7581)
([f13b729](f13b729))
* bump external pinned commits
(noir-lang/noir#7601)
([f13b729](f13b729))
* bump external pinned commits
(noir-lang/noir#7618)
([fbaa634](fbaa634))
* bump ring to address advisory
(noir-lang/noir#7619)
([fbaa634](fbaa634))
* Cleaner PXE
([#12515](#12515))
([a69f416](a69f416))
* cleanup committing and masking utility
([#12514](#12514))
([9f57048](9f57048))
* **cli:** exclude kind smoke test from flake list
([#12518](#12518))
([778bfa6](778bfa6))
* **cli:** Forward `nargo execute` to `noir_artifact_cli`
(noir-lang/noir#7406)
([f13b729](f13b729))
* convert `TraitMethodNotInScope` to error
(noir-lang/noir#7427)
([fbaa634](fbaa634))
* explode aliases when looking up owners in `.test_patterns.yml`
([#12526](#12526))
([2e0d791](2e0d791))
* fix trait import issues
([#12500](#12500))
([fd9f145](fd9f145))
* Fix yarn install immutable issues
([#12539](#12539))
([fb9ada3](fb9ada3)),
closes
[#12538](#12538)
* More config defaults and forward p2p ports
([#12529](#12529))
([2c45fb9](2c45fb9))
* **node:** return correct node version
([#12520](#12520))
([5502901](5502901))
* **profiler:** Add option to only get the total sample count for the
`execution-opcodes` command
(noir-lang/noir#7578)
([f13b729](f13b729))
* put RcTracker as part of the DIE context
(noir-lang/noir#7309)
([f13b729](f13b729))
* remove deprecated hash functions from stdlib
(noir-lang/noir#7477)
([f13b729](f13b729))
* remove FileDiagnostic (noir-lang/noir#7546)
([f13b729](f13b729))
* remove merkle module from stdlib
(noir-lang/noir#7582)
([f13b729](f13b729))
* Remove scope interpolation from env vars
([#12522](#12522))
([70942e9](70942e9))
* remove U128 struct from stdlib
(noir-lang/noir#7529)
([f13b729](f13b729))
* replace relative paths to noir-protocol-circuits
([f20c0dd](f20c0dd))
* replace relative paths to noir-protocol-circuits
([4365064](4365064))
* restore bb --version
([#12542](#12542))
([ab13d43](ab13d43))
* restore method syntax on `get_storage_slot` calls
([#12532](#12532))
([8e9f594](8e9f594))
* rm unused methods
([#12544](#12544))
([ed1dbdc](ed1dbdc))
* some SSA improvements (noir-lang/noir#7588)
([f13b729](f13b729))
* **spartan:** kind test speedup
([#12478](#12478))
([8ede7b1](8ede7b1))
* **ssa:** Turn the Brillig constraints check back on by default
(noir-lang/noir#7404)
([f13b729](f13b729))
* track more critical libraries
(noir-lang/noir#7604)
([f13b729](f13b729))
* update and lock AVM's lockfile
([#12533](#12533))
([2babc50](2babc50))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ledwards2225 ledwards2225 ledwards2225 approved these changes

Assignees

@iakovenkos iakovenkos

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@iakovenkos @ledwards2225