Skip to content
This repository was archived by the owner on Feb 17, 2025. It is now read-only.

Commit 69eea67

Browse files
ETatuzovaETatuzova
committed
Merge with master #65 
2 parents a261864 + 236a5cb commit 69eea67

File tree

1 file changed

+294
-1
lines changed

1 file changed

+294
-1
lines changed

include/nil/blueprint/transpiler/recursive_verifier_generator.hpp

+294-1
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,14 @@
4242
#include <nil/crypto3/zk/math/expression_evaluator.hpp>
4343

4444
#include<nil/blueprint/transpiler/templates/recursive_verifier.hpp>
45+
<<<<<<< HEAD
4546
#include<nil/blueprint/transpiler/util.hpp>
47+
=======
48+
<<<<<<< HEAD
49+
=======
50+
>>>>>>> 236a5cb579a4f58209be97a2794836b525d10198
4651

52+
>>>>>>> f206e94a0635f5ba293f7decb9e08ffe08503bc1
4753
namespace nil {
4854
namespace blueprint {
4955
template<typename PlaceholderParams, typename ProofType, typename CommonDataType>
@@ -903,9 +909,296 @@ namespace nil {
903909

904910
result = replace_all(result, reps);
905911
return result;
912+
=======
913+
=======
914+
>>>>>>> f206e94a0635f5ba293f7decb9e08ffe08503bc1
915+
std::size_t permutation_size
916+
>>>>>>> 236a5cb579a4f58209be97a2794836b525d10198
917+
){
918+
std::string result = nil::blueprint::recursive_verifier_template;
919+
bool use_lookups = constraint_system.lookup_gates().size() > 0;
920+
transpiler_replacements lookup_reps;
921+
transpiler_replacements reps;
922+
923+
auto fri_params = commitment_scheme.get_commitment_params();
924+
std::size_t batches_num = use_lookups?5:4;
925+
auto lambda = PlaceholderParams::commitment_scheme_type::fri_type::lambda;
926+
927+
std::size_t round_proof_layers_num = 0;
928+
for(std::size_t i = 0; i < fri_params.r; i++ ){
929+
round_proof_layers_num += log2(fri_params.D[i]->m) -1;
930+
}
931+
932+
std::size_t lookup_degree = constraint_system.lookup_poly_degree_bound();
933+
934+
std::size_t rows_amount = common_data.rows_amount;
935+
std::size_t quotient_degree = std::max(
936+
(permutation_size + 2) * (common_data.rows_amount -1 ),
937+
(lookup_degree + 1) * (common_data.rows_amount -1 )
938+
);
939+
940+
std::size_t quotient_polys = (quotient_degree % rows_amount != 0)? (quotient_degree / rows_amount + 1): (quotient_degree / rows_amount);
941+
942+
std::size_t poly_num = 2 * permutation_size + 2 + (use_lookups?2:1)
943+
+ arithmetization_params::total_columns
944+
+ constraint_system.sorted_lookup_columns_number() + quotient_polys;
945+
946+
std::size_t points_num = 4 * permutation_size + 6;
947+
std::size_t table_values_num = 0;
948+
for(std::size_t i = 0; i < arithmetization_params::constant_columns + arithmetization_params::selector_columns; i++){
949+
points_num += common_data.columns_rotations[i + arithmetization_params::witness_columns + arithmetization_params::public_input_columns].size() + 1;
950+
table_values_num += common_data.columns_rotations[i + arithmetization_params::witness_columns + arithmetization_params::public_input_columns].size() + 1;
951+
}
952+
for(std::size_t i = 0; i < arithmetization_params::witness_columns + arithmetization_params::public_input_columns; i++){
953+
points_num += common_data.columns_rotations[i].size();
954+
table_values_num += common_data.columns_rotations[i].size();
955+
}
956+
points_num += use_lookups? 4 : 2;
957+
points_num += quotient_polys;
958+
959+
if( use_lookups ) {
960+
points_num += constraint_system.sorted_lookup_columns_number() * 3;
961+
}
962+
963+
964+
std::size_t constraints_amount = 0;
965+
std::string gates_sizes = "";
966+
std::stringstream constraints_body;
967+
std::size_t cur = 0;
968+
auto verifier_indices = get_plonk_variable_indices(common_data.columns_rotations, 4*permutation_size + 6);
969+
970+
expression_gen_code_visitor<variable_type> visitor(verifier_indices);
971+
for(std::size_t i = 0; i < constraint_system.gates().size(); i++){
972+
constraints_amount += constraint_system.gates()[i].constraints.size();
973+
if( i != 0) gates_sizes += ", ";
974+
gates_sizes += to_string(constraint_system.gates()[i].constraints.size());
975+
for(std::size_t j = 0; j < constraint_system.gates()[i].constraints.size(); j++, cur++){
976+
constraints_body << "\tconstraints[" << cur << "] = " << visitor.generate_expression(constraint_system.gates()[i].constraints[j]) << ";" << std::endl;
977+
}
978+
}
979+
980+
std::stringstream lookup_expressions_body;
981+
cur = 0;
982+
for(const auto &lookup_gate: constraint_system.lookup_gates()){
983+
for(const auto &lookup_constraint: lookup_gate.constraints){
984+
for( const auto &expr: lookup_constraint.lookup_input){
985+
lookup_expressions_body << "\texpressions[" << cur << "] = " << visitor.generate_expression(expr) << ";" << std::endl;
986+
cur++;
987+
}
988+
}
989+
}
990+
<<<<<<< HEAD
991+
992+
std::stringstream lookup_gate_selectors_list;
993+
cur = 0;
994+
for(const auto &lookup_gate: constraint_system.lookup_gates()){
995+
variable_type var(lookup_gate.tag_index, 0, true, variable_type::column_type::selector);
996+
lookup_gate_selectors_list << "\t\tlookup_gate_selectors[" << cur << "] = proof.z[" << verifier_indices[var] <<"];" << std::endl;
997+
cur++;
998+
}
999+
1000+
std::stringstream lookup_table_selectors_list;
1001+
cur = 0;
1002+
for(const auto &lookup_table: constraint_system.lookup_tables()){
1003+
variable_type var(lookup_table.tag_index, 0, true, variable_type::column_type::selector);
1004+
lookup_table_selectors_list << "\t\tlookup_table_selectors[" << cur << "] = proof.z[" << verifier_indices[var] <<"];" << std::endl;
1005+
cur++;
1006+
}
1007+
1008+
std::stringstream lookup_shifted_table_selectors_list;
1009+
cur = 0;
1010+
for(const auto &lookup_table: constraint_system.lookup_tables()){
1011+
variable_type var(lookup_table.tag_index, 1, true, variable_type::column_type::selector);
1012+
lookup_shifted_table_selectors_list << "\t\tshifted_lookup_table_selectors[" << cur << "] = proof.z[" << verifier_indices[var] <<"];" << std::endl;
1013+
cur++;
1014+
}
1015+
1016+
std::stringstream lookup_options_list;
1017+
cur = 0;
1018+
for(const auto &lookup_table: constraint_system.lookup_tables()){
1019+
for(const auto &lookup_option: lookup_table.lookup_options){
1020+
for( const auto &column: lookup_option){
1021+
variable_type var(column.index, 0, true, variable_type::column_type::constant);
1022+
lookup_options_list << "\t\tlookup_table_lookup_options[" << cur << "] = proof.z[" << verifier_indices[var] <<"];" << std::endl;
1023+
cur++;
1024+
}
1025+
}
1026+
}
1027+
1028+
std::stringstream lookup_shifted_options_list;
1029+
cur = 0;
1030+
for(const auto &lookup_table: constraint_system.lookup_tables()){
1031+
for(const auto &lookup_option: lookup_table.lookup_options){
1032+
for( const auto &column: lookup_option){
1033+
variable_type var(column.index, 1, true, variable_type::column_type::constant);
1034+
lookup_shifted_options_list << "\t\tshifted_lookup_table_lookup_options[" << cur << "] = proof.z[" << verifier_indices[var] <<"];" << std::endl;
1035+
cur++;
1036+
}
1037+
}
1038+
}
1039+
1040+
std::stringstream gates_selectors_indices;
1041+
cur = 0;
1042+
for(const auto &gate: constraint_system.gates()){
1043+
if(cur != 0) gates_selectors_indices << ", ";
1044+
gates_selectors_indices << gate.selector_index;
1045+
cur++;
1046+
}
1047+
1048+
auto [z_points_indices, singles_strs, singles_map, poly_ids] = calculate_unique_points<PlaceholderParams, common_data_type>(
1049+
common_data, permutation_size, use_lookups, quotient_polys,
1050+
use_lookups?constraint_system.sorted_lookup_columns_number():0,
1051+
"recursive" // Generator mode
1052+
);
1053+
1054+
std::string singles_str = "";
1055+
for(const auto &[k, v]: singles_map){
1056+
singles_str+= "\tsingles[" + to_string(v) + "] = " + k + ";\n";
1057+
}
1058+
1059+
std::string lpc_poly_ids_const_arrays = "";
1060+
for(std::size_t i = 0; i < poly_ids.size(); i++){
1061+
lpc_poly_ids_const_arrays += "\tconstexpr std::array<std::size_t, " + to_string(poly_ids[i].size()) + "> lpc_poly_ids" + to_string(i) + " = {";
1062+
for(std::size_t j = 0; j < poly_ids[i].size(); j++){
1063+
if(j != 0) lpc_poly_ids_const_arrays += ", ";
1064+
lpc_poly_ids_const_arrays += to_string(poly_ids[i][j]);
1065+
}
1066+
lpc_poly_ids_const_arrays += "};\n";
1067+
}
1068+
1069+
std::stringstream prepare_U_V_str;
1070+
prepare_U_V_str << "\tpallas::base_field_type::value_type theta_acc = pallas::base_field_type::value_type(1);\n\n";
1071+
for(std::size_t i = 0; i < singles_strs.size();i++){
1072+
for(std::size_t j = 0; j <z_points_indices.size(); j++){
1073+
if( z_points_indices[j] == i)
1074+
prepare_U_V_str << "\tU[" + to_string(i) << "] += theta_acc * proof.z[" << j << "]; theta_acc *= challenges.lpc_theta;\n";
1075+
}
1076+
prepare_U_V_str << "\n";
1077+
}
1078+
1079+
std::string public_input_sizes_str = "";
1080+
std::size_t full_public_input_size = 0;
1081+
for(std::size_t i = 0; i < public_input_sizes.size(); i++){
1082+
if(i != 0) public_input_sizes_str += ", ";
1083+
public_input_sizes_str += to_string(public_input_sizes[i]);
1084+
full_public_input_size += public_input_sizes[i];
1085+
}
1086+
1087+
std::stringstream lpc_y_computation;
1088+
for( std::size_t i = 0; i < singles_strs.size(); i++){
1089+
lpc_y_computation << "\t\tQ0 = pallas::base_field_type::value_type(0);" << std::endl;
1090+
lpc_y_computation << "\t\tQ1 = pallas::base_field_type::value_type(0);" << std::endl;
1091+
for( std::size_t j = 0; j < poly_ids[i].size(); j++){
1092+
lpc_y_computation << "\t\tQ0 += proof.initial_proof_values[i]["<< poly_ids[i][j]*2 <<"] * theta_acc;" << std::endl;
1093+
lpc_y_computation << "\t\tQ1 += proof.initial_proof_values[i]["<< poly_ids[i][j]*2 + 1 <<"] * theta_acc;" << std::endl;
1094+
lpc_y_computation << "\t\ttheta_acc *= challenges.lpc_theta;\n";
1095+
}
1096+
lpc_y_computation << "\t\tQ0 -= U["<< i << "];" << std::endl;
1097+
lpc_y_computation << "\t\tQ1 -= U["<< i << "];" << std::endl;
1098+
lpc_y_computation << "\t\tQ0 /= (res[0][0] - singles[" << i << "]);" << std::endl;
1099+
lpc_y_computation << "\t\tQ1 /= (res[0][1] - singles[" << i << "]);" << std::endl;
1100+
lpc_y_computation << "\t\ty[0] += Q0;" << std::endl;
1101+
lpc_y_computation << "\t\ty[1] += Q1;" << std::endl;
1102+
}
1103+
1104+
std::size_t fixed_values_size = permutation_size * 2 + 2 + arithmetization_params::constant_columns + arithmetization_params::selector_columns;
1105+
std::size_t variable_values_size = arithmetization_params::witness_columns + arithmetization_params::public_input_columns;
1106+
std::string batches_size_list = to_string(fixed_values_size) + ", " + to_string(variable_values_size) + ", " +
1107+
to_string(use_lookups?2:1) + ", " + to_string(quotient_polys);
1108+
if(use_lookups) batches_size_list += ", " + to_string(constraint_system.sorted_lookup_columns_number());
1109+
1110+
lookup_reps["$LOOKUP_VARS$"] = use_lookups?lookup_vars:"";
1111+
lookup_reps["$LOOKUP_EXPRESSIONS$"] = use_lookups?lookup_expressions:"";
1112+
lookup_reps["$LOOKUP_CODE$"] = use_lookups?lookup_code:"";
1113+
result = replace_all(result, lookup_reps);
1114+
1115+
reps["$USE_LOOKUPS_DEFINE$"] = use_lookups?"#define __USE_LOOKUPS__ 1\n":"";
1116+
reps["$USE_LOOKUPS$"] = use_lookups? "true" : "false";
1117+
reps["$BATCHES_NUM$"] = to_string(batches_num);
1118+
reps["$COMMITMENTS_NUM$"] = to_string(batches_num - 1);
1119+
reps["$POINTS_NUM$"] = to_string(points_num);
1120+
reps["$POLY_NUM$"] = to_string(poly_num);
1121+
reps["$INITIAL_PROOF_POINTS_NUM$"] = to_string(poly_num * 2);
1122+
reps["$ROUND_PROOF_POINTS_NUM$"] = to_string(fri_params.r * 2 * lambda);
1123+
reps["$FRI_ROOTS_NUM$"] = to_string(fri_params.r);
1124+
reps["$INITIAL_MERKLE_PROOFS_NUM$"] = to_string(batches_num * lambda);
1125+
reps["$INITIAL_MERKLE_PROOFS_POSITION_NUM$"] = to_string(lambda * (log2(fri_params.D[0]->m) - 1));
1126+
reps["$INITIAL_MERKLE_PROOFS_HASH_NUM$"] = to_string(lambda * (log2(fri_params.D[0]->m) - 1) * batches_num);
1127+
reps["$ROUND_MERKLE_PROOFS_POSITION_NUM$"] = to_string(lambda * round_proof_layers_num);
1128+
reps["$ROUND_MERKLE_PROOFS_HASH_NUM$"] = to_string(lambda * round_proof_layers_num);
1129+
reps["$FINAL_POLYNOMIAL_SIZE$"] = to_string(std::pow(2, std::log2(fri_params.max_degree + 1) - fri_params.r + 1) - 2);
1130+
reps["$LAMBDA$"] = to_string(lambda);
1131+
reps["$PERMUTATION_SIZE$"] = to_string(permutation_size);
1132+
reps["$ZERO_INDICES$"] = zero_indices(common_data.columns_rotations, permutation_size);
1133+
reps["$TOTAL_COLUMNS$"] = to_string(arithmetization_params::total_columns);
1134+
reps["$ROWS_LOG$"] = to_string(log2(rows_amount));
1135+
reps["$ROWS_AMOUNT$"] = to_string(rows_amount);
1136+
reps["$TABLE_VALUES_NUM$"] = to_string(table_values_num);
1137+
reps["$GATES_AMOUNT$"] = to_string(constraint_system.gates().size());
1138+
reps["$CONSTRAINTS_AMOUNT$"] = to_string(constraints_amount);
1139+
reps["$GATES_SIZES$"] = gates_sizes;
1140+
reps["$GATES_SELECTOR_INDICES$"] = gates_selectors_indices.str();
1141+
reps["$CONSTRAINTS_BODY$"] = constraints_body.str();
1142+
reps["$WITNESS_COLUMNS_AMOUNT$"] = to_string(arithmetization_params::witness_columns);
1143+
reps["$PUBLIC_INPUT_COLUMNS_AMOUNT$"] = to_string(arithmetization_params::public_input_columns);
1144+
reps["$CONSTANT_COLUMNS_AMOUNT$"] = to_string(arithmetization_params::constant_columns);
1145+
reps["$SELECTOR_COLUMNS_AMOUNT$"] = to_string(arithmetization_params::selector_columns);
1146+
reps["$QUOTIENT_POLYS_START$"] = to_string(4*permutation_size + 6 + table_values_num + (use_lookups?4:2));
1147+
reps["$QUOTIENT_POLYS_AMOUNT$"] = to_string(quotient_polys);
1148+
reps["$D0_SIZE$"] = to_string(fri_params.D[0]->m);
1149+
reps["$D0_LOG$"] = to_string(log2(fri_params.D[0]->m));
1150+
reps["$D0_OMEGA$"] = "pallas::base_field_type::value_type(0x" + to_hex_string(fri_params.D[0]->get_domain_element(1)) + "_cppui255)";
1151+
reps["$OMEGA$"] = "pallas::base_field_type::value_type(0x" + to_hex_string(common_data.basic_domain->get_domain_element(1)) + "_cppui255)";
1152+
reps["$FRI_ROUNDS$"] = to_string(fri_params.r);
1153+
reps["$UNIQUE_POINTS$"] = to_string(singles_strs.size());
1154+
reps["$SINGLES_AMOUNT$"] = to_string(singles_strs.size());
1155+
reps["$SINGLES_COMPUTATION$"] = singles_str;
1156+
reps["$PREPARE_U_AND_V$"] = prepare_U_V_str.str();
1157+
reps["$SORTED_COLUMNS$"] = to_string(constraint_system.sorted_lookup_columns_number());
1158+
reps["$SORTED_ALPHAS$"] = to_string(use_lookups? constraint_system.sorted_lookup_columns_number() - 1: 1);
1159+
reps["$LOOKUP_TABLE_AMOUNT$"] = to_string(constraint_system.lookup_tables().size());
1160+
reps["$LOOKUP_GATE_AMOUNT$"] = to_string(constraint_system.lookup_gates().size());
1161+
reps["$LOOKUP_OPTIONS_AMOUNT$"] = to_string(constraint_system.lookup_options_num());
1162+
reps["$LOOKUP_OPTIONS_AMOUNT_LIST$"] = generate_lookup_options_amount_list(constraint_system);
1163+
reps["$LOOKUP_CONSTRAINTS_AMOUNT$"] = to_string(constraint_system.lookup_constraints_num());
1164+
reps["$LOOKUP_CONSTRAINTS_AMOUNT_LIST$"] = generate_lookup_constraints_amount_list(constraint_system);
1165+
reps["$LOOKUP_EXPRESSIONS_AMOUNT$"] = to_string(constraint_system.lookup_expressions_num());
1166+
reps["$LOOKUP_EXPRESSIONS_AMOUNT_LIST$"] = generate_lookup_expressions_amount_list(constraint_system);
1167+
reps["$LOOKUP_TABLES_COLUMNS_AMOUNT$"] = to_string(constraint_system.lookup_tables_columns_num());
1168+
reps["$LOOKUP_TABLES_COLUMNS_AMOUNT_LIST$"] = generate_lookup_columns_amount_list(constraint_system);
1169+
reps["$LOOKUP_EXPRESSIONS_BODY$"] = lookup_expressions_body.str();
1170+
reps["$LOOKUP_CONSTRAINT_TABLE_IDS_LIST$"] = generate_lookup_constraint_table_ids_list(constraint_system);
1171+
reps["$LOOKUP_GATE_SELECTORS_LIST$"] = lookup_gate_selectors_list.str();
1172+
reps["$LOOKUP_TABLE_SELECTORS_LIST$"] = lookup_table_selectors_list.str();
1173+
reps["$LOOKUP_SHIFTED_TABLE_SELECTORS_LIST$"] = lookup_shifted_table_selectors_list.str();
1174+
reps["$LOOKUP_OPTIONS_LIST$"] = lookup_options_list.str();
1175+
reps["$LOOKUP_SHIFTED_OPTIONS_LIST$"] = lookup_shifted_options_list.str();
1176+
reps["$LOOKUP_SORTED_START$"] = to_string(4*permutation_size + 6 + table_values_num + (use_lookups?4:2) + quotient_polys);
1177+
reps["$BATCHES_AMOUNT_LIST$"] = batches_size_list;
1178+
reps["$PUBLIC_INPUT_SIZES$"] = public_input_sizes_str;
1179+
reps["$FULL_PUBLIC_INPUT_SIZE$"] = to_string(full_public_input_size);
1180+
reps["$LPC_POLY_IDS_CONSTANT_ARRAYS$"] = lpc_poly_ids_const_arrays;
1181+
reps["$LPC_Y_COMPUTATION$"] = lpc_y_computation.str();
1182+
reps["$PUBLIC_INPUT_CHECK$"] = arithmetization_params::public_input_columns == 0 ? "" :public_input_check_str;
1183+
reps["$PUBLIC_INPUT_INPUT$"] = arithmetization_params::public_input_columns == 0 ? "" : public_input_input_str;
1184+
1185+
result = replace_all(result, reps);
1186+
return result;
1187+
=======
1188+
BOOST_ASSERT_MSG(false, "unsupported commitment scheme type");
1189+
return "unsupported commitment scheme type";
1190+
<<<<<<< HEAD
1191+
>>>>>>> f302960... Add recursive generator, update EVM verifier #39
1192+
=======
1193+
>>>>>>> f206e94a0635f5ba293f7decb9e08ffe08503bc1
1194+
>>>>>>> 236a5cb579a4f58209be97a2794836b525d10198
9061195
}
9071196
};
9081197
}
9091198
}
9101199

911-
#endif // CRYPTO3_RECURSIVE_VERIFIER_GENERATOR_HPP
1200+
<<<<<<< HEAD
1201+
#endif // CRYPTO3_RECURSIVE_VERIFIER_GENERATOR_HPP
1202+
=======
1203+
#endif // CRYPTO3_RECURSIVE_VERIFIER_GENERATOR_HPP
1204+
>>>>>>> f206e94a0635f5ba293f7decb9e08ffe08503bc1

0 commit comments

Comments
 (0)