feat: constify eccvm and translator #9661
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This PR could add a test for showing that the tube circuit is fixed, but it isn't true as of now because the linear component of IPA verification was not constifying as it will be removed in a followup PR. |
lucasxia01
commented
Nov 6, 2024
| challenge_poly_eval *= (Fr(1) + u_challenges_inv[len - 1 - i] * r_pow); | ||
| r_pow *= r_pow; | ||
| for (size_t i = 0; i < CONST_ECCVM_LOG_N; i++) { | ||
| stdlib::bool_t<typename Curve::Builder> dummy_round = stdlib::witness_t(builder, i < CONST_ECCVM_LOG_N - uint32_t(log_poly_length.get_value())); |
There was a problem hiding this comment.
this sort of stuff is not secure. Will need to figure out a way to fix it, like the rest of the dummy_round stuff in sumcheck
lucasxia01
commented
Nov 6, 2024
| // Step 7 | ||
| // Send a_0 to the verifier | ||
| transcript->send_to_verifier("IPA:a_0", a_vec[0]); | ||
|
|
||
| info("prove G_zero: ", G_vec_local[0]); |
There was a problem hiding this comment.
will delete all the infos
lucasxia01
commented
Nov 6, 2024
| @@ -346,11 +358,13 @@ template <typename Curve_> class IPA { | |||
| } | |||
| // TODO(https://github.com/AztecProtocol/barretenberg/issues/1140): Use batch_invert. | |||
| round_challenges_inv[i] = round_challenges[i].invert(); | |||
| if (i < log_poly_length) { | |||
There was a problem hiding this comment.
for native verifier, we only need to look at the log_poly_length elements that matter
lucasxia01
commented
Nov 6, 2024
| auto element_L = transcript->template receive_from_prover<Commitment>("IPA:L_" + index); | ||
| auto element_R = transcript->template receive_from_prover<Commitment>("IPA:R_" + index); | ||
| round_challenges[i] = transcript->template get_challenge<Fr>("IPA:round_challenge_" + index); | ||
| round_challenges_inv[i] = round_challenges[i].invert(); | ||
|
|
||
| msm_elements[2 * i] = element_L; | ||
| msm_elements[2 * i + 1] = element_R; | ||
| msm_scalars[2 * i] = round_challenges_inv[i]; | ||
| msm_scalars[2 * i + 1] = round_challenges[i]; | ||
| msm_scalars[2 * i] = Fr::conditional_assign(dummy_round, Fr(0), round_challenges_inv[i]); |
There was a problem hiding this comment.
for the dummy rounds, put 0s as the scalars.
lucasxia01
commented
Nov 6, 2024
ledwards2225
approved these changes
Nov 6, 2024
| Fr monomial = Fr::conditional_assign(dummy_round, Fr(0), round_challenges_inv[CONST_ECCVM_LOG_N - 1 - i] * challenge); | ||
| b_zero *= Fr(1) + monomial; | ||
| info("rec verify b_zero after i: ", i, " is ", b_zero.get_value()); | ||
| if (i != CONST_ECCVM_LOG_N - 1) // this if is fine because the number of iterations is constant |
There was a problem hiding this comment.
I meant this if statement is fine (as opposed to using a constexpr if)
ludamad
pushed a commit
that referenced
this pull request
Nov 11, 2024
Makes the proof size of ECCVM constant by making the sumcheck gate challenges and IPA constant. Fixes the ECCVM recursive verifier size (besides the MSM in the IPA Recursive verifier) as a result. Closes AztecProtocol/barretenberg#1009.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Makes the proof size of ECCVM constant by making the sumcheck gate challenges and IPA constant.
Fixes the ECCVM recursive verifier size (besides the MSM in the IPA Recursive verifier) as a result.
Closes AztecProtocol/barretenberg#1009.