From 6a9ca37786e9327b3d8a5740fd024019bdda3eb1 Mon Sep 17 00:00:00 2001 From: maramihali Date: Wed, 31 May 2023 14:12:42 +0000 Subject: [PATCH 1/6] wip --- .../standard_honk_composer_helper.cpp | 41 ++++++++++++------- .../standard_honk_composer_helper.hpp | 37 +++++++++-------- .../honk/composer/standard_honk_composer.hpp | 37 +++++++++-------- .../composer/standard_honk_composer.test.cpp | 9 ++++ .../barretenberg/honk/proof_system/prover.hpp | 2 - .../honk/proof_system/ultra_prover.hpp | 1 - .../proof_system/flavor/flavor.hpp | 5 +++ .../primitives/composers/composers_fwd.hpp | 6 +++ 8 files changed, 84 insertions(+), 54 deletions(-) diff --git a/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.cpp b/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.cpp index 681c54e56e..ce7f00ae9e 100644 --- a/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.cpp +++ b/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.cpp @@ -23,7 +23,8 @@ namespace proof_system::honk { * @param num_reserved_gates The number of reserved gates. * @return Pointer to the initialized proving key updated with selector polynomials. * */ -std::shared_ptr StandardHonkComposerHelper::compute_proving_key_base( +template +std::shared_ptr StandardHonkComposerHelper_::compute_proving_key_base( const CircuitConstructor& constructor, const size_t minimum_circuit_size, const size_t num_randomized_gates) { // Initialize proving_key @@ -42,12 +43,13 @@ std::shared_ptr StandardHonkComposerHelp * (2) sets the polynomial manifest using the data from proving key. */ -std::shared_ptr StandardHonkComposerHelper::compute_verification_key_base( - std::shared_ptr const& proving_key) +template +std::shared_ptr StandardHonkComposerHelper_::compute_verification_key_base( + std::shared_ptr const& proving_key) { auto key = std::make_shared( proving_key->circuit_size, proving_key->num_public_inputs, proving_key->composer_type); - auto commitment_key = PCSParams::CommitmentKey(proving_key->circuit_size, "../srs_db/ignition"); + auto commitment_key = typename PCSParams::CommitmentKey(proving_key->circuit_size, "../srs_db/ignition"); // Compute and store commitments to all precomputed polynomials key->q_m = commitment_key.commit(proving_key->q_m); @@ -76,8 +78,9 @@ std::shared_ptr StandardHonkCompose * * @tparam Program settings needed to establish if w_4 is being used. * */ -void StandardHonkComposerHelper::compute_witness(const CircuitConstructor& circuit_constructor, - const size_t minimum_circuit_size) +template +void StandardHonkComposerHelper_::compute_witness(const CircuitConstructor& circuit_constructor, + const size_t minimum_circuit_size) { if (computed_witness) { return; @@ -99,14 +102,15 @@ void StandardHonkComposerHelper::compute_witness(const CircuitConstructor& circu * @return Proving key with saved computed polynomials. * */ -std::shared_ptr StandardHonkComposerHelper::compute_proving_key( +template +std::shared_ptr StandardHonkComposerHelper_::compute_proving_key( const CircuitConstructor& circuit_constructor) { if (proving_key) { return proving_key; } // Compute q_l, q_r, q_o, etc polynomials - StandardHonkComposerHelper::compute_proving_key_base( + StandardHonkComposerHelper_::compute_proving_key_base( circuit_constructor, /*minimum_circuit_size=*/0, NUM_RESERVED_GATES); // Compute sigma polynomials (we should update that late) @@ -123,7 +127,8 @@ std::shared_ptr StandardHonkComposerHelp * * @return Pointer to created circuit verification key. * */ -std::shared_ptr StandardHonkComposerHelper::compute_verification_key( +template +std::shared_ptr StandardHonkComposerHelper_::compute_verification_key( const CircuitConstructor& circuit_constructor) { if (verification_key) { @@ -133,36 +138,42 @@ std::shared_ptr StandardHonkCompose compute_proving_key(circuit_constructor); } - verification_key = StandardHonkComposerHelper::compute_verification_key_base(proving_key); + verification_key = StandardHonkComposerHelper_::compute_verification_key_base(proving_key); verification_key->composer_type = proving_key->composer_type; return verification_key; } -StandardVerifier StandardHonkComposerHelper::create_verifier(const CircuitConstructor& circuit_constructor) +template +StandardVerifier_ StandardHonkComposerHelper_::create_verifier( + const CircuitConstructor& circuit_constructor) { compute_verification_key(circuit_constructor); StandardVerifier output_state(verification_key); auto pcs_verification_key = - std::make_unique(verification_key->circuit_size, "../srs_db/ignition"); + std::make_unique(verification_key->circuit_size, "../srs_db/ignition"); output_state.pcs_verification_key = std::move(pcs_verification_key); return output_state; } -StandardProver StandardHonkComposerHelper::create_prover(const CircuitConstructor& circuit_constructor) +template +StandardProver_ StandardHonkComposerHelper_::create_prover( + const CircuitConstructor& circuit_constructor) { compute_proving_key(circuit_constructor); compute_witness(circuit_constructor); StandardProver output_state(proving_key); auto pcs_commitment_key = - std::make_unique(proving_key->circuit_size, "../srs_db/ignition"); + std::make_unique(proving_key->circuit_size, "../srs_db/ignition"); output_state.pcs_commitment_key = std::move(pcs_commitment_key); return output_state; } -} // namespace proof_system::honk +template class StandardHonkComposerHelper_; + +} // namespace proof_system::honk \ No newline at end of file diff --git a/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.hpp b/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.hpp index 14bd534db0..936b1ffbf7 100644 --- a/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.hpp +++ b/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.hpp @@ -12,13 +12,12 @@ #include "barretenberg/honk/flavor/standard.hpp" namespace proof_system::honk { -class StandardHonkComposerHelper { +template class StandardHonkComposerHelper_ { public: - using Flavor = flavor::Standard; - using PCSParams = Flavor::PCSParams; - using CircuitConstructor = Flavor::CircuitConstructor; - using ProvingKey = Flavor::ProvingKey; - using VerificationKey = Flavor::VerificationKey; + using PCSParams = typename Flavor::PCSParams; + using CircuitConstructor = typename Flavor::CircuitConstructor; + using ProvingKey = typename Flavor::ProvingKey; + using VerificationKey = typename Flavor::VerificationKey; static constexpr size_t NUM_RESERVED_GATES = 2; // equal to the number of multilinear evaluations leaked static constexpr size_t NUM_WIRES = CircuitConstructor::NUM_WIRES; @@ -29,33 +28,33 @@ class StandardHonkComposerHelper { std::shared_ptr crs_factory_; bool computed_witness = false; // TODO(Luke): use make_shared - StandardHonkComposerHelper() - : StandardHonkComposerHelper(std::shared_ptr( + StandardHonkComposerHelper_() + : StandardHonkComposerHelper_(std::shared_ptr( new proof_system::FileReferenceStringFactory("../srs_db/ignition"))) {} - StandardHonkComposerHelper(std::shared_ptr crs_factory) + StandardHonkComposerHelper_(std::shared_ptr crs_factory) : crs_factory_(std::move(crs_factory)) {} - StandardHonkComposerHelper(std::unique_ptr&& crs_factory) + StandardHonkComposerHelper_(std::unique_ptr&& crs_factory) : crs_factory_(std::move(crs_factory)) {} - StandardHonkComposerHelper(std::shared_ptr p_key, std::shared_ptr v_key) + StandardHonkComposerHelper_(std::shared_ptr p_key, std::shared_ptr v_key) : proving_key(std::move(p_key)) , verification_key(std::move(v_key)) {} - StandardHonkComposerHelper(StandardHonkComposerHelper&& other) noexcept = default; - StandardHonkComposerHelper(const StandardHonkComposerHelper& other) = delete; - StandardHonkComposerHelper& operator=(StandardHonkComposerHelper&& other) noexcept = default; - StandardHonkComposerHelper& operator=(const StandardHonkComposerHelper& other) = delete; - ~StandardHonkComposerHelper() = default; + StandardHonkComposerHelper_(StandardHonkComposerHelper_&& other) noexcept = default; + StandardHonkComposerHelper_(const StandardHonkComposerHelper_& other) = delete; + StandardHonkComposerHelper_& operator=(StandardHonkComposerHelper_&& other) noexcept = default; + StandardHonkComposerHelper_& operator=(const StandardHonkComposerHelper_& other) = delete; + ~StandardHonkComposerHelper_() = default; std::shared_ptr compute_proving_key(const CircuitConstructor& circuit_constructor); std::shared_ptr compute_verification_key(const CircuitConstructor& circuit_constructor); - StandardVerifier create_verifier(const CircuitConstructor& circuit_constructor); + StandardVerifier_ create_verifier(const CircuitConstructor& circuit_constructor); - StandardProver create_prover(const CircuitConstructor& circuit_constructor); + StandardProver_ create_prover(const CircuitConstructor& circuit_constructor); // TODO(#216)(Adrian): Seems error prone to provide the number of randomized gates std::shared_ptr compute_proving_key_base(const CircuitConstructor& circuit_constructor, @@ -68,5 +67,7 @@ class StandardHonkComposerHelper { void compute_witness(const CircuitConstructor& circuit_constructor, const size_t minimum_circuit_size = 0); }; +extern template class StandardHonkComposerHelper_; +using StandardHonkComposerHelper = StandardHonkComposerHelper_; } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/composer/standard_honk_composer.hpp b/cpp/src/barretenberg/honk/composer/standard_honk_composer.hpp index ea60cb6a2a..2666cd276f 100644 --- a/cpp/src/barretenberg/honk/composer/standard_honk_composer.hpp +++ b/cpp/src/barretenberg/honk/composer/standard_honk_composer.hpp @@ -13,13 +13,12 @@ namespace proof_system::honk { * @details However, it has a lot of its logic separated into subclasses and simply proxies the calls. * */ -class StandardHonkComposer { +template class StandardHonkComposer_ { public: // TODO(#426): This doesn't belong here static constexpr merkle::HashType merkle_hash_type = merkle::HashType::LOOKUP_PEDERSEN; static constexpr pedersen::CommitmentType commitment_type = pedersen::CommitmentType::FIXED_BASE_PEDERSEN; - using Flavor = flavor::Standard; using CircuitConstructor = StandardCircuitConstructor; using ProvingKey = typename Flavor::ProvingKey; using VerificationKey = typename Flavor::VerificationKey; @@ -32,7 +31,7 @@ class StandardHonkComposer { // 1) Proving and verification keys // 2) CRS // 3) Converting variables to witness vectors/polynomials - StandardHonkComposerHelper composer_helper; + StandardHonkComposerHelper_ composer_helper; // Leaving it in for now just in case bool contains_recursive_proof = false; @@ -40,24 +39,24 @@ class StandardHonkComposer { /**Standard methods*/ - StandardHonkComposer(const size_t size_hint = 0) + StandardHonkComposer_(const size_t size_hint = 0) : circuit_constructor(size_hint) , num_gates(circuit_constructor.num_gates) , variables(circuit_constructor.variables){}; - StandardHonkComposer(std::string const& crs_path, const size_t size_hint = 0) - : StandardHonkComposer( + StandardHonkComposer_(std::string const& crs_path, const size_t size_hint = 0) + : StandardHonkComposer_( std::unique_ptr(new proof_system::FileReferenceStringFactory(crs_path)), size_hint){}; - StandardHonkComposer(std::shared_ptr const& crs_factory, const size_t size_hint = 0) + StandardHonkComposer_(std::shared_ptr const& crs_factory, const size_t size_hint = 0) : circuit_constructor(size_hint) , composer_helper(crs_factory) , num_gates(circuit_constructor.num_gates) , variables(circuit_constructor.variables) {} - StandardHonkComposer(std::unique_ptr&& crs_factory, const size_t size_hint = 0) + StandardHonkComposer_(std::unique_ptr&& crs_factory, const size_t size_hint = 0) : circuit_constructor(size_hint) , composer_helper(std::move(crs_factory)) , num_gates(circuit_constructor.num_gates) @@ -65,22 +64,22 @@ class StandardHonkComposer { {} - StandardHonkComposer(std::shared_ptr const& p_key, - std::shared_ptr const& v_key, - size_t size_hint = 0) + StandardHonkComposer_(std::shared_ptr const& p_key, + std::shared_ptr const& v_key, + size_t size_hint = 0) : circuit_constructor(size_hint) , composer_helper(p_key, v_key) , num_gates(circuit_constructor.num_gates) , variables(circuit_constructor.variables) {} - StandardHonkComposer(const StandardHonkComposer& other) = delete; - StandardHonkComposer(StandardHonkComposer&& other) = default; - StandardHonkComposer& operator=(const StandardHonkComposer& other) = delete; + StandardHonkComposer_(const StandardHonkComposer_& other) = delete; + StandardHonkComposer_(StandardHonkComposer_&& other) = default; + StandardHonkComposer_& operator=(const StandardHonkComposer_& other) = delete; // TODO(#230)(Cody): This constructor started to be implicitly deleted when I added `n` and `variables` members. // This is a temporary measure until we can rewrite Plonk and all tests using circuit builder methods in place of - // composer methods, where appropriate. StandardHonkComposer& operator=(StandardHonkComposer&& other) = default; - ~StandardHonkComposer() = default; + // composer methods, where appropriate. StandardHonkComposer_& operator=(StandardHonkComposer_&& other) = default; + ~StandardHonkComposer_() = default; size_t get_num_gates() const { return circuit_constructor.get_num_gates(); } @@ -183,8 +182,8 @@ class StandardHonkComposer { void compute_witness() { composer_helper.compute_witness(circuit_constructor); }; - StandardVerifier create_verifier() { return composer_helper.create_verifier(circuit_constructor); } - StandardProver create_prover() { return composer_helper.create_prover(circuit_constructor); }; + StandardVerifier_ create_verifier() { return composer_helper.create_verifier(circuit_constructor); } + StandardProver_ create_prover() { return composer_helper.create_prover(circuit_constructor); }; size_t& num_gates; std::vector& variables; @@ -192,4 +191,6 @@ class StandardHonkComposer { const std::string& err() const { return circuit_constructor.err(); }; void failure(std::string msg) { circuit_constructor.failure(msg); } }; +template class StandardHonkComposer_; +using StandardHonkComposer = StandardHonkComposer_; } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/composer/standard_honk_composer.test.cpp b/cpp/src/barretenberg/honk/composer/standard_honk_composer.test.cpp index a13e0df167..e2f3c6777f 100644 --- a/cpp/src/barretenberg/honk/composer/standard_honk_composer.test.cpp +++ b/cpp/src/barretenberg/honk/composer/standard_honk_composer.test.cpp @@ -27,6 +27,7 @@ namespace test_standard_honk_composer { */ TEST(StandardHonkComposer, SigmaIDCorrectness) { + using StandardHonkComposer = StandardHonkComposer_; auto test_permutation = [](StandardHonkComposer& composer) { auto proving_key = composer.compute_proving_key(); const auto n = proving_key->circuit_size; @@ -140,6 +141,7 @@ TEST(StandardHonkComposer, SigmaIDCorrectness) */ TEST(StandardHonkComposer, LagrangeCorrectness) { + using StandardHonkComposer = StandardHonkComposer_; // Create a composer and a dummy circuit with a few gates StandardHonkComposer composer = StandardHonkComposer(); fr a = fr::one(); @@ -189,6 +191,8 @@ TEST(StandardHonkComposer, LagrangeCorrectness) */ TEST(StandardHonkComposer, AssertEquals) { + using StandardHonkComposer = StandardHonkComposer_; + /** * @brief A function that creates a simple circuit with repeated gates, leading to large permutation cycles * @@ -283,6 +287,8 @@ TEST(StandardHonkComposer, AssertEquals) TEST(StandardHonkComposer, VerificationKeyCreation) { + using StandardHonkComposer = StandardHonkComposer_; + // Create a composer and a dummy circuit with a few gates StandardHonkComposer composer = StandardHonkComposer(); fr a = fr::one(); @@ -306,6 +312,7 @@ TEST(StandardHonkComposer, VerificationKeyCreation) TEST(StandardHonkComposer, BaseCase) { + using StandardHonkComposer = StandardHonkComposer_; auto composer = StandardHonkComposer(); fr a = 1; composer.circuit_constructor.add_variable(a); @@ -319,6 +326,7 @@ TEST(StandardHonkComposer, BaseCase) TEST(StandardHonkComposer, TwoGates) { + using StandardHonkComposer = StandardHonkComposer_; auto run_test = [](bool expect_verified) { auto composer = StandardHonkComposer(); @@ -353,6 +361,7 @@ TEST(StandardHonkComposer, TwoGates) TEST(StandardHonkComposer, SumcheckEvaluations) { + using StandardHonkComposer = StandardHonkComposer_; auto run_test = [](bool expected_result) { auto composer = StandardHonkComposer(); fr a = fr::one(); diff --git a/cpp/src/barretenberg/honk/proof_system/prover.hpp b/cpp/src/barretenberg/honk/proof_system/prover.hpp index 80b577c767..e4abda3a8e 100644 --- a/cpp/src/barretenberg/honk/proof_system/prover.hpp +++ b/cpp/src/barretenberg/honk/proof_system/prover.hpp @@ -14,8 +14,6 @@ namespace proof_system::honk { // We won't compile this class with honk::flavor::Ultra, but we will like want to compile it (at least for testing) // with a flavor that uses the curve Grumpkin, or a flavor that does/does not have zk, etc. -template concept StandardFlavor = IsAnyOf; - template class StandardProver_ { using FF = typename Flavor::FF; diff --git a/cpp/src/barretenberg/honk/proof_system/ultra_prover.hpp b/cpp/src/barretenberg/honk/proof_system/ultra_prover.hpp index f225e831f1..c2635fcd23 100644 --- a/cpp/src/barretenberg/honk/proof_system/ultra_prover.hpp +++ b/cpp/src/barretenberg/honk/proof_system/ultra_prover.hpp @@ -12,7 +12,6 @@ namespace proof_system::honk { // We won't compile this class with honk::flavor::Standard, but we will like want to compile it (at least for testing) // with a flavor that uses the curve Grumpkin, or a flavor that does/does not have zk, etc. -template concept UltraFlavor = IsAnyOf; template class UltraProver_ { using FF = typename Flavor::FF; diff --git a/cpp/src/barretenberg/proof_system/flavor/flavor.hpp b/cpp/src/barretenberg/proof_system/flavor/flavor.hpp index a476c362ed..686b15ca26 100644 --- a/cpp/src/barretenberg/proof_system/flavor/flavor.hpp +++ b/cpp/src/barretenberg/proof_system/flavor/flavor.hpp @@ -324,5 +324,10 @@ concept IsPlonkFlavor = IsAnyOf concept IsHonkFlavor = IsAnyOf; + +template concept StandardFlavor = IsAnyOf; + +template concept UltraFlavor = IsAnyOf; + // clang-format on } // namespace proof_system diff --git a/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp b/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp index 75b9a7e2e2..bb3717381b 100644 --- a/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp @@ -8,10 +8,16 @@ class UltraPlonkComposer; class StandardPlonkComposer; } // namespace proof_system::plonk +<<<<<<< HEAD namespace proof_system::honk { class StandardHonkComposer; class UltraHonkComposer; } // namespace proof_system::honk +======= +// namespace proof_system::honk { +// using StandardHonkComposer = StandardHonkComposer_; +// } // namespace proof_system::honk +>>>>>>> wip namespace proof_system { class StandardCircuitConstructor; class TurboCircuitConstructor; From 038020c745c203c715b70c1a31103cc2984e861b Mon Sep 17 00:00:00 2001 From: maramihali Date: Fri, 2 Jun 2023 10:33:50 +0000 Subject: [PATCH 2/6] more wip --- .../ultra_honk_composer_helper.cpp | 17 +++++--- .../ultra_honk_composer_helper.hpp | 38 +++++++++--------- .../honk/composer/standard_honk_composer.hpp | 2 +- .../honk/composer/ultra_honk_composer.hpp | 40 ++++++++++--------- cpp/src/barretenberg/honk/flavor/ultra.hpp | 2 +- .../honk/transcript/transcript.test.cpp | 1 + .../stdlib/encryption/aes128/aes128.hpp | 2 +- .../primitives/composers/composers_fwd.hpp | 10 +++++ .../stdlib/primitives/field/field.hpp | 2 - .../stdlib/primitives/logic/logic.hpp | 1 + .../stdlib/primitives/safe_uint/safe_uint.hpp | 2 +- 11 files changed, 67 insertions(+), 50 deletions(-) diff --git a/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.cpp b/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.cpp index f5c5da1594..b4320eaafd 100644 --- a/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.cpp +++ b/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.cpp @@ -10,7 +10,8 @@ namespace proof_system::honk { * @brief Compute witness polynomials * */ -void UltraHonkComposerHelper::compute_witness(CircuitConstructor& circuit_constructor) +template +void UltraHonkComposerHelper_::compute_witness(CircuitConstructor& circuit_constructor) { if (computed_witness) { return; @@ -134,7 +135,8 @@ void UltraHonkComposerHelper::compute_witness(CircuitConstructor& circuit_constr computed_witness = true; } -UltraProver UltraHonkComposerHelper::create_prover(CircuitConstructor& circuit_constructor) +template +UltraProver_ UltraHonkComposerHelper_::create_prover(CircuitConstructor& circuit_constructor) { finalize_circuit(circuit_constructor); @@ -157,7 +159,8 @@ UltraProver UltraHonkComposerHelper::create_prover(CircuitConstructor& circuit_c * * @return The verifier. * */ -UltraVerifier UltraHonkComposerHelper::create_verifier(const CircuitConstructor& circuit_constructor) +template +UltraVerifier_ UltraHonkComposerHelper_::create_verifier(const CircuitConstructor& circuit_constructor) { auto verification_key = compute_verification_key(circuit_constructor); @@ -171,7 +174,8 @@ UltraVerifier UltraHonkComposerHelper::create_verifier(const CircuitConstructor& return output_state; } -std::shared_ptr UltraHonkComposerHelper::compute_proving_key( +template +std::shared_ptr UltraHonkComposerHelper_::compute_proving_key( const CircuitConstructor& circuit_constructor) { if (proving_key) { @@ -304,7 +308,8 @@ std::shared_ptr UltraHonkComposerHe * * @return Pointer to created circuit verification key. * */ -std::shared_ptr UltraHonkComposerHelper::compute_verification_key( +template +std::shared_ptr UltraHonkComposerHelper_::compute_verification_key( const CircuitConstructor& circuit_constructor) { if (verification_key) { @@ -315,7 +320,7 @@ std::shared_ptr UltraHonkComposerHelpe compute_proving_key(circuit_constructor); } - verification_key = std::make_shared( + verification_key = std::make_shared::VerificationKey>( proving_key->circuit_size, proving_key->num_public_inputs, proving_key->composer_type); auto commitment_key = PCSCommitmentKey(proving_key->circuit_size, "../srs_db/ignition"); diff --git a/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.hpp b/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.hpp index 5a13a92f33..d9e4a96c7f 100644 --- a/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.hpp +++ b/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.hpp @@ -13,16 +13,15 @@ #include namespace proof_system::honk { -class UltraHonkComposerHelper { +template class UltraHonkComposerHelper_ { public: - using Flavor = flavor::Ultra; - using CircuitConstructor = Flavor::CircuitConstructor; - using ProvingKey = Flavor::ProvingKey; - using VerificationKey = Flavor::VerificationKey; - using PCSParams = Flavor::PCSParams; - using PCS = Flavor::PCS; - using PCSCommitmentKey = PCSParams::CommitmentKey; - using PCSVerificationKey = PCSParams::VerificationKey; + using CircuitConstructor = typename Flavor::CircuitConstructor; + using ProvingKey = typename Flavor::ProvingKey; + using VerificationKey = typename Flavor::VerificationKey; + using PCSParams = typename Flavor::PCSParams; + using PCS = typename Flavor::PCS; + using PCSCommitmentKey = typename PCSParams::CommitmentKey; + using PCSVerificationKey = typename PCSParams::VerificationKey; static constexpr size_t NUM_RESERVED_GATES = 4; // equal to the number of multilinear evaluations leaked static constexpr size_t NUM_WIRES = CircuitConstructor::NUM_WIRES; @@ -42,20 +41,20 @@ class UltraHonkComposerHelper { // vanishing_polynomial cannot be trivially fetched here, I am directly setting this to 4 - 1 = 3. static constexpr size_t s_randomness = 3; - explicit UltraHonkComposerHelper(std::shared_ptr crs_factory) + explicit UltraHonkComposerHelper_(std::shared_ptr crs_factory) : crs_factory_(std::move(crs_factory)) {} - UltraHonkComposerHelper(std::shared_ptr p_key, std::shared_ptr v_key) + UltraHonkComposerHelper_(std::shared_ptr p_key, std::shared_ptr v_key) : proving_key(std::move(p_key)) , verification_key(std::move(v_key)) {} - UltraHonkComposerHelper(UltraHonkComposerHelper&& other) noexcept = default; - UltraHonkComposerHelper(UltraHonkComposerHelper const& other) noexcept = default; - UltraHonkComposerHelper& operator=(UltraHonkComposerHelper&& other) noexcept = default; - UltraHonkComposerHelper& operator=(UltraHonkComposerHelper const& other) noexcept = default; - ~UltraHonkComposerHelper() = default; + UltraHonkComposerHelper_(UltraHonkComposerHelper_&& other) noexcept = default; + UltraHonkComposerHelper_(UltraHonkComposerHelper_ const& other) noexcept = default; + UltraHonkComposerHelper_& operator=(UltraHonkComposerHelper_&& other) noexcept = default; + UltraHonkComposerHelper_& operator=(UltraHonkComposerHelper_ const& other) noexcept = default; + ~UltraHonkComposerHelper_() = default; void finalize_circuit(CircuitConstructor& circuit_constructor) { circuit_constructor.finalize_circuit(); }; @@ -64,10 +63,11 @@ class UltraHonkComposerHelper { void compute_witness(CircuitConstructor& circuit_constructor); - UltraProver create_prover(CircuitConstructor& circuit_constructor); - UltraVerifier create_verifier(const CircuitConstructor& circuit_constructor); + UltraProver_ create_prover(CircuitConstructor& circuit_constructor); + UltraVerifier_ create_verifier(const CircuitConstructor& circuit_constructor); void add_table_column_selector_poly_to_proving_key(polynomial& small, const std::string& tag); }; - +extern template class UltraHonkComposerHelper_; +using UltraHonkComposerHelper = UltraHonkComposerHelper_; } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/composer/standard_honk_composer.hpp b/cpp/src/barretenberg/honk/composer/standard_honk_composer.hpp index 2666cd276f..7fd210a89b 100644 --- a/cpp/src/barretenberg/honk/composer/standard_honk_composer.hpp +++ b/cpp/src/barretenberg/honk/composer/standard_honk_composer.hpp @@ -13,7 +13,7 @@ namespace proof_system::honk { * @details However, it has a lot of its logic separated into subclasses and simply proxies the calls. * */ -template class StandardHonkComposer_ { +template class StandardHonkComposer_ { public: // TODO(#426): This doesn't belong here static constexpr merkle::HashType merkle_hash_type = merkle::HashType::LOOKUP_PEDERSEN; diff --git a/cpp/src/barretenberg/honk/composer/ultra_honk_composer.hpp b/cpp/src/barretenberg/honk/composer/ultra_honk_composer.hpp index df62eeddc5..3e7e413aec 100644 --- a/cpp/src/barretenberg/honk/composer/ultra_honk_composer.hpp +++ b/cpp/src/barretenberg/honk/composer/ultra_honk_composer.hpp @@ -7,7 +7,7 @@ #include "barretenberg/honk/flavor/ultra.hpp" namespace proof_system::honk { -class UltraHonkComposer { +template class UltraHonkComposer_ { public: // An instantiation of the circuit constructor that only depends on arithmetization, not on the proof system @@ -16,20 +16,11 @@ class UltraHonkComposer { // 1) Proving and verification keys // 2) CRS // 3) Converting variables to witness vectors/polynomials - using Flavor = honk::flavor::Ultra; using CircuitConstructor = UltraCircuitConstructor; using ProvingKey = typename Flavor::ProvingKey; using VerificationKey = typename Flavor::VerificationKey; - static constexpr ComposerType type = ComposerType::PLOOKUP; - static_assert(type == CircuitConstructor::type); - static constexpr merkle::HashType merkle_hash_type = CircuitConstructor::merkle_hash_type; - static constexpr pedersen::CommitmentType commitment_type = CircuitConstructor::commitment_type; - static constexpr size_t DEFAULT_PLOOKUP_RANGE_BITNUM = UltraCircuitConstructor::DEFAULT_PLOOKUP_RANGE_BITNUM; - - UltraHonkComposerHelper composer_helper; - - // References to circuit_constructor's members for convenience + UltraHonkComposerHelper_ composer_helper; size_t& num_gates; std::vector& variables; // While we always have it set to zero, feels wrong to have a potentially broken dependency @@ -37,14 +28,14 @@ class UltraHonkComposer { bool& contains_recursive_proof; std::vector& recursive_proof_public_input_indices; - UltraHonkComposer() - : UltraHonkComposer("../srs_db/ignition", 0){}; + UltraHonkComposer_() + : UltraHonkComposer_("../srs_db/ignition", 0){}; - UltraHonkComposer(std::string const& crs_path, const size_t size_hint) - : UltraHonkComposer(std::unique_ptr(new FileReferenceStringFactory(crs_path)), - size_hint){}; + UltraHonkComposer_(std::string const& crs_path, const size_t size_hint) + : UltraHonkComposer_(std::unique_ptr(new FileReferenceStringFactory(crs_path)), + size_hint){}; - UltraHonkComposer(std::shared_ptr const& crs_factory, const size_t size_hint) + UltraHonkComposer_(std::shared_ptr const& crs_factory, const size_t size_hint) : circuit_constructor(size_hint) , composer_helper(crs_factory) , num_gates(circuit_constructor.num_gates) @@ -57,6 +48,7 @@ class UltraHonkComposer { add_gates_to_ensure_all_polys_are_non_zero(); }; +<<<<<<< HEAD UltraHonkComposer(std::shared_ptr const& p_key, std::shared_ptr const& v_key, size_t size_hint = 0); @@ -68,6 +60,14 @@ class UltraHonkComposer { return *this; }; ~UltraHonkComposer() = default; +======= + UltraHonkComposer_(std::shared_ptr const& p_key, + std::shared_ptr const& v_key, + size_t size_hint = 0); + UltraHonkComposer_(UltraHonkComposer_&& other) = default; + UltraHonkComposer_& operator=(UltraHonkComposer_&& other) = delete; + ~UltraHonkComposer_() = default; +>>>>>>> more wip size_t get_num_gates() const { return circuit_constructor.get_num_gates(); } uint32_t get_zero_idx() { return circuit_constructor.zero_idx; } @@ -85,8 +85,8 @@ class UltraHonkComposer { void finalize_circuit() { circuit_constructor.finalize_circuit(); }; - UltraProver create_prover() { return composer_helper.create_prover(circuit_constructor); }; - UltraVerifier create_verifier() { return composer_helper.create_verifier(circuit_constructor); }; + UltraProver_ create_prover() { return composer_helper.create_prover(circuit_constructor); }; + UltraVerifier_ create_verifier() { return composer_helper.create_verifier(circuit_constructor); }; void add_gates_to_ensure_all_polys_are_non_zero() { @@ -298,4 +298,6 @@ class UltraHonkComposer { const std::string& err() const { return circuit_constructor.err(); }; void failure(std::string msg) { circuit_constructor.failure(msg); } }; +template class UltraHonkComposer_; +using UltraHonkComposer = UltraHonkComposer_; } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/flavor/ultra.hpp b/cpp/src/barretenberg/honk/flavor/ultra.hpp index 26ba270b4f..202fab37f5 100644 --- a/cpp/src/barretenberg/honk/flavor/ultra.hpp +++ b/cpp/src/barretenberg/honk/flavor/ultra.hpp @@ -38,7 +38,7 @@ class Ultra { using CommitmentHandle = G1::affine_element; // UltraHonk will be run with KZG by default but temporarily we set the commitment to IPA to // be able to do e2e tests with this pcs as well - // TODO: instantiate this with but IPA and KZG when the templating work is finished + // TODO: instantiate this with both IPA and KZG when the templating work is finished using PCSParams = pcs::ipa::Params; using PCS = pcs::ipa::IPA; diff --git a/cpp/src/barretenberg/honk/transcript/transcript.test.cpp b/cpp/src/barretenberg/honk/transcript/transcript.test.cpp index a3269dac47..5a819f5276 100644 --- a/cpp/src/barretenberg/honk/transcript/transcript.test.cpp +++ b/cpp/src/barretenberg/honk/transcript/transcript.test.cpp @@ -80,6 +80,7 @@ template class TranscriptTest : public testing::Test { round++; // TODO(Mara): Make testing more flavor agnostic so we can test this with all flavors + manifest_expected.add_entry(round, "KZG:W", size_G); // For IPA diff --git a/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.hpp b/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.hpp index 64b80d6071..41249ed4bc 100644 --- a/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.hpp +++ b/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.hpp @@ -4,7 +4,7 @@ #include #include "../../primitives/composers/composers_fwd.hpp" - +#include "../../primitives/composers/composers.hpp" #include "../../primitives/field/field.hpp" #include "../../primitives/witness/witness.hpp" diff --git a/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp b/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp index bb3717381b..196d9d76f3 100644 --- a/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp @@ -8,6 +8,7 @@ class UltraPlonkComposer; class StandardPlonkComposer; } // namespace proof_system::plonk +<<<<<<< HEAD <<<<<<< HEAD namespace proof_system::honk { class StandardHonkComposer; @@ -18,6 +19,15 @@ class UltraHonkComposer; // using StandardHonkComposer = StandardHonkComposer_; // } // namespace proof_system::honk >>>>>>> wip +======= +namespace proof_system::honk { +namespace flavor { +class Standard; +} +template class StandardHonkComposer_; +using StandardHonkComposer = StandardHonkComposer_; +} // namespace proof_system::honk +>>>>>>> more wip namespace proof_system { class StandardCircuitConstructor; class TurboCircuitConstructor; diff --git a/cpp/src/barretenberg/stdlib/primitives/field/field.hpp b/cpp/src/barretenberg/stdlib/primitives/field/field.hpp index d1e89ca7ed..2e78f7856f 100644 --- a/cpp/src/barretenberg/stdlib/primitives/field/field.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/field/field.hpp @@ -2,8 +2,6 @@ #include #include "../composers/composers_fwd.hpp" #include "../witness/witness.hpp" -#include "barretenberg/honk/composer/standard_honk_composer.hpp" -#include "barretenberg/plonk/composer/standard_plonk_composer.hpp" #include "barretenberg/common/assert.hpp" namespace proof_system::plonk { diff --git a/cpp/src/barretenberg/stdlib/primitives/logic/logic.hpp b/cpp/src/barretenberg/stdlib/primitives/logic/logic.hpp index 1ec450de00..ffeb00030e 100644 --- a/cpp/src/barretenberg/stdlib/primitives/logic/logic.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/logic/logic.hpp @@ -1,6 +1,7 @@ #pragma once #include "barretenberg/numeric/uint256/uint256.hpp" #include "barretenberg/stdlib/primitives/composers/composers_fwd.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" #include "barretenberg/stdlib/primitives/field/field.hpp" #include "barretenberg/stdlib/primitives/witness/witness.hpp" #include diff --git a/cpp/src/barretenberg/stdlib/primitives/safe_uint/safe_uint.hpp b/cpp/src/barretenberg/stdlib/primitives/safe_uint/safe_uint.hpp index 4148565d4d..213eee5c96 100644 --- a/cpp/src/barretenberg/stdlib/primitives/safe_uint/safe_uint.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/safe_uint/safe_uint.hpp @@ -1,11 +1,11 @@ #pragma once #include #include "../composers/composers_fwd.hpp" +#include "../composers/composers.hpp" #include "../witness/witness.hpp" #include "../bool/bool.hpp" #include "barretenberg/common/assert.hpp" #include "../field/field.hpp" -#include "barretenberg/honk/composer/standard_honk_composer.hpp" // The purpose of this class is to enable positive integer operations without a risk of overflow. // Despite the name, it is *not* a "safe" version of the uint class - as operations are positive integer From 8c3152aa4f66deec8790821d6b235d512b6be155 Mon Sep 17 00:00:00 2001 From: maramihali Date: Fri, 2 Jun 2023 10:47:25 +0000 Subject: [PATCH 3/6] maybe --- .../honk/composer/ultra_honk_composer.hpp | 18 ++++------------- .../primitives/composers/composers_fwd.hpp | 20 +++++-------------- 2 files changed, 9 insertions(+), 29 deletions(-) diff --git a/cpp/src/barretenberg/honk/composer/ultra_honk_composer.hpp b/cpp/src/barretenberg/honk/composer/ultra_honk_composer.hpp index 3e7e413aec..065d8e0c1b 100644 --- a/cpp/src/barretenberg/honk/composer/ultra_honk_composer.hpp +++ b/cpp/src/barretenberg/honk/composer/ultra_honk_composer.hpp @@ -10,6 +10,9 @@ namespace proof_system::honk { template class UltraHonkComposer_ { public: + // TODO(#426): This doesn't belong here + static constexpr merkle::HashType merkle_hash_type = merkle::HashType::LOOKUP_PEDERSEN; + static constexpr pedersen::CommitmentType commitment_type = pedersen::CommitmentType::FIXED_BASE_PEDERSEN; // An instantiation of the circuit constructor that only depends on arithmetization, not on the proof system UltraCircuitConstructor circuit_constructor; // Composer helper contains all proof-related material that is separate from circuit creation such as: @@ -19,6 +22,7 @@ template class UltraHonkComposer_ { using CircuitConstructor = UltraCircuitConstructor; using ProvingKey = typename Flavor::ProvingKey; using VerificationKey = typename Flavor::VerificationKey; + static constexpr ComposerType type = ComposerType::PLOOKUP; // TODO(Mara): Get rid of this. UltraHonkComposerHelper_ composer_helper; size_t& num_gates; @@ -48,26 +52,12 @@ template class UltraHonkComposer_ { add_gates_to_ensure_all_polys_are_non_zero(); }; -<<<<<<< HEAD - UltraHonkComposer(std::shared_ptr const& p_key, - std::shared_ptr const& v_key, - size_t size_hint = 0); - UltraHonkComposer(UltraHonkComposer&& other) = default; - UltraHonkComposer& operator=(UltraHonkComposer&& other) - { - circuit_constructor = std::move(other.circuit_constructor); - composer_helper = std::move(other.composer_helper); - return *this; - }; - ~UltraHonkComposer() = default; -======= UltraHonkComposer_(std::shared_ptr const& p_key, std::shared_ptr const& v_key, size_t size_hint = 0); UltraHonkComposer_(UltraHonkComposer_&& other) = default; UltraHonkComposer_& operator=(UltraHonkComposer_&& other) = delete; ~UltraHonkComposer_() = default; ->>>>>>> more wip size_t get_num_gates() const { return circuit_constructor.get_num_gates(); } uint32_t get_zero_idx() { return circuit_constructor.zero_idx; } diff --git a/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp b/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp index 196d9d76f3..d2363d217d 100644 --- a/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp @@ -5,29 +5,19 @@ class StandardPlonkComposer; class TurboPlonkComposer; class UltraPlonkComposer; -class StandardPlonkComposer; } // namespace proof_system::plonk -<<<<<<< HEAD -<<<<<<< HEAD -namespace proof_system::honk { -class StandardHonkComposer; -class UltraHonkComposer; -} // namespace proof_system::honk -======= -// namespace proof_system::honk { -// using StandardHonkComposer = StandardHonkComposer_; -// } // namespace proof_system::honk ->>>>>>> wip -======= namespace proof_system::honk { namespace flavor { class Standard; -} +class Ultra; +} // namespace flavor template class StandardHonkComposer_; using StandardHonkComposer = StandardHonkComposer_; +template class UltraHonkComposer_; +using UltraHonkComposer = UltraHonkComposer_; } // namespace proof_system::honk ->>>>>>> more wip + namespace proof_system { class StandardCircuitConstructor; class TurboCircuitConstructor; From c218260d9c2753c126d2f4e94212e22a50d48d52 Mon Sep 17 00:00:00 2001 From: maramihali Date: Fri, 2 Jun 2023 12:51:42 +0000 Subject: [PATCH 4/6] wip --- .../benchmark/honk_bench/honk.bench.cpp | 6 +- .../benchmark/honk_bench/ultra_honk.bench.cpp | 5 +- .../dsl/acir_format/acir_format.cpp | 1 + .../dsl/acir_format/acir_format.hpp | 1 + .../dsl/acir_format/acir_format.test.cpp | 1 + .../standard_honk_composer_helper.cpp | 5 +- .../standard_honk_composer_helper.hpp | 2 + .../ultra_honk_composer_helper.cpp | 10 +- .../ultra_honk_composer_helper.hpp | 1 + .../honk/composer/standard_honk_composer.hpp | 6 +- .../composer/standard_honk_composer.test.cpp | 19 +- .../honk/composer/ultra_honk_composer.hpp | 14 +- .../composer/ultra_honk_composer.test.cpp | 32 +- .../honk/flavor/standard_grumpkin.hpp | 297 +++++++ cpp/src/barretenberg/honk/flavor/ultra.hpp | 6 +- .../honk/flavor/ultra_grumpkin.hpp | 396 ++++++++++ .../barretenberg/honk/proof_system/prover.cpp | 2 +- .../barretenberg/honk/proof_system/prover.hpp | 2 + .../honk/proof_system/prover_library.cpp | 26 + .../honk/proof_system/ultra_prover.cpp | 1 + .../honk/proof_system/ultra_prover.hpp | 2 + .../honk/proof_system/ultra_verifier.cpp | 1 + .../honk/proof_system/ultra_verifier.hpp | 3 +- .../honk/proof_system/verifier.cpp | 2 +- .../honk/proof_system/verifier.hpp | 2 + .../relations/relation_correctness.test.cpp | 747 +++++++++--------- .../honk/sumcheck/sumcheck.test.cpp | 4 +- .../honk/transcript/transcript.test.cpp | 57 +- .../proof_system/flavor/flavor.hpp | 10 +- .../stdlib/encryption/aes128/aes128.hpp | 3 +- .../stdlib/encryption/aes128/aes128.test.cpp | 2 +- .../stdlib/encryption/ecdsa/ecdsa.hpp | 1 - .../stdlib/encryption/ecdsa/ecdsa_impl.hpp | 2 + .../stdlib/hash/blake2s/blake2s.hpp | 6 +- .../stdlib/hash/blake3s/blake3s.hpp | 6 +- .../stdlib/hash/blake3s/blake3s.test.cpp | 1 + .../stdlib/hash/sha256/sha256.hpp | 10 +- .../stdlib/hash/sha256/sha256.test.cpp | 4 +- .../stdlib/hash/sha256/sha256_plookup.hpp | 5 +- .../primitives/bigfield/bigfield.test.cpp | 5 +- .../stdlib/primitives/biggroup/biggroup.hpp | 2 - .../primitives/biggroup/biggroup.test.cpp | 3 +- .../stdlib/primitives/bit_array/bit_array.hpp | 1 - .../primitives/bit_array/bit_array.test.cpp | 2 +- .../stdlib/primitives/bool/bool.cpp | 1 - .../stdlib/primitives/bool/bool.hpp | 2 - .../stdlib/primitives/bool/bool.test.cpp | 3 +- .../stdlib/primitives/composers/composers.hpp | 7 + .../primitives/composers/composers_fwd.hpp | 8 + .../stdlib/primitives/field/array.test.cpp | 5 +- .../stdlib/primitives/field/field.test.cpp | 5 +- .../stdlib/primitives/logic/logic.cpp | 1 - .../stdlib/primitives/logic/logic.hpp | 1 - .../stdlib/primitives/logic/logic.test.cpp | 1 + .../primitives/memory/dynamic_array.hpp | 2 +- .../primitives/memory/dynamic_array.test.cpp | 1 + .../packed_byte_array/packed_byte_array.hpp | 1 - .../packed_byte_array.test.cpp | 5 +- .../stdlib/primitives/plookup/plookup.hpp | 2 +- .../primitives/plookup/plookup.test.cpp | 1 + .../stdlib/primitives/uint/logic.cpp | 1 - .../stdlib/primitives/uint/uint.hpp | 6 - 62 files changed, 1263 insertions(+), 504 deletions(-) create mode 100644 cpp/src/barretenberg/honk/flavor/standard_grumpkin.hpp create mode 100644 cpp/src/barretenberg/honk/flavor/ultra_grumpkin.hpp diff --git a/cpp/src/barretenberg/benchmark/honk_bench/honk.bench.cpp b/cpp/src/barretenberg/benchmark/honk_bench/honk.bench.cpp index 64229d59e6..8b51d13eb4 100644 --- a/cpp/src/barretenberg/benchmark/honk_bench/honk.bench.cpp +++ b/cpp/src/barretenberg/benchmark/honk_bench/honk.bench.cpp @@ -1,10 +1,10 @@ #include "barretenberg/ecc/curves/bn254/fr.hpp" -#include "barretenberg/honk/proof_system/prover.hpp" -#include "barretenberg/honk/proof_system/verifier.hpp" #include #include -#include "barretenberg/honk/composer/standard_honk_composer.hpp" + #include "barretenberg/stdlib/primitives/field/field.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" +#include "barretenberg/stdlib/primitives/composers/composers_fwd.hpp" using namespace benchmark; diff --git a/cpp/src/barretenberg/benchmark/honk_bench/ultra_honk.bench.cpp b/cpp/src/barretenberg/benchmark/honk_bench/ultra_honk.bench.cpp index f794bc603d..8a6f7933e4 100644 --- a/cpp/src/barretenberg/benchmark/honk_bench/ultra_honk.bench.cpp +++ b/cpp/src/barretenberg/benchmark/honk_bench/ultra_honk.bench.cpp @@ -1,10 +1,9 @@ #include "barretenberg/crypto/ecdsa/ecdsa.hpp" #include "barretenberg/ecc/curves/bn254/fr.hpp" -#include "barretenberg/honk/proof_system/ultra_prover.hpp" -#include "barretenberg/honk/proof_system/ultra_verifier.hpp" #include #include -#include "barretenberg/honk/composer/ultra_honk_composer.hpp" +#include "barretenberg/stdlib/primitives/composers/composers_fwd.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" #include "barretenberg/stdlib/encryption/ecdsa/ecdsa.hpp" #include "barretenberg/stdlib/hash/keccak/keccak.hpp" #include "barretenberg/stdlib/primitives/curves/secp256k1.hpp" diff --git a/cpp/src/barretenberg/dsl/acir_format/acir_format.cpp b/cpp/src/barretenberg/dsl/acir_format/acir_format.cpp index 3f879218f7..2448d2ac1f 100644 --- a/cpp/src/barretenberg/dsl/acir_format/acir_format.cpp +++ b/cpp/src/barretenberg/dsl/acir_format/acir_format.cpp @@ -1,5 +1,6 @@ #include "acir_format.hpp" #include "barretenberg/common/log.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" namespace acir_format { diff --git a/cpp/src/barretenberg/dsl/acir_format/acir_format.hpp b/cpp/src/barretenberg/dsl/acir_format/acir_format.hpp index 0b47f38b89..7ef3768acd 100644 --- a/cpp/src/barretenberg/dsl/acir_format/acir_format.hpp +++ b/cpp/src/barretenberg/dsl/acir_format/acir_format.hpp @@ -11,6 +11,7 @@ #include "pedersen.hpp" #include "hash_to_field.hpp" #include "barretenberg/dsl/types.hpp" +#include "barretenberg/stdlib/primitives/composers/composers_fwd.hpp" namespace acir_format { diff --git a/cpp/src/barretenberg/dsl/acir_format/acir_format.test.cpp b/cpp/src/barretenberg/dsl/acir_format/acir_format.test.cpp index 7bed2bc452..198ca2d06f 100644 --- a/cpp/src/barretenberg/dsl/acir_format/acir_format.test.cpp +++ b/cpp/src/barretenberg/dsl/acir_format/acir_format.test.cpp @@ -5,6 +5,7 @@ #include "barretenberg/common/streams.hpp" #include "barretenberg/serialize/test_helper.hpp" #include "ecdsa_secp256k1.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" TEST(acir_format, msgpack_logic_constraint) { auto [actual, expected] = msgpack_roundtrip(acir_format::LogicConstraint{}); diff --git a/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.cpp b/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.cpp index ce7f00ae9e..629b68788a 100644 --- a/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.cpp +++ b/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.cpp @@ -149,7 +149,7 @@ StandardVerifier_ StandardHonkComposerHelper_::create_verifier( const CircuitConstructor& circuit_constructor) { compute_verification_key(circuit_constructor); - StandardVerifier output_state(verification_key); + StandardVerifier_ output_state(verification_key); auto pcs_verification_key = std::make_unique(verification_key->circuit_size, "../srs_db/ignition"); @@ -165,7 +165,7 @@ StandardProver_ StandardHonkComposerHelper_::create_prover( { compute_proving_key(circuit_constructor); compute_witness(circuit_constructor); - StandardProver output_state(proving_key); + StandardProver_ output_state(proving_key); auto pcs_commitment_key = std::make_unique(proving_key->circuit_size, "../srs_db/ignition"); @@ -175,5 +175,6 @@ StandardProver_ StandardHonkComposerHelper_::create_prover( return output_state; } template class StandardHonkComposerHelper_; +template class StandardHonkComposerHelper_; } // namespace proof_system::honk \ No newline at end of file diff --git a/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.hpp b/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.hpp index 936b1ffbf7..453fdfe724 100644 --- a/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.hpp +++ b/cpp/src/barretenberg/honk/composer/composer_helper/standard_honk_composer_helper.hpp @@ -10,6 +10,7 @@ #include "barretenberg/proof_system/composer/permutation_helper.hpp" #include "barretenberg/honk/flavor/standard.hpp" +#include "barretenberg/honk/flavor/standard_grumpkin.hpp" namespace proof_system::honk { template class StandardHonkComposerHelper_ { @@ -68,6 +69,7 @@ template class StandardHonkComposerHelper_ { void compute_witness(const CircuitConstructor& circuit_constructor, const size_t minimum_circuit_size = 0); }; extern template class StandardHonkComposerHelper_; +extern template class StandardHonkComposerHelper_; using StandardHonkComposerHelper = StandardHonkComposerHelper_; } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.cpp b/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.cpp index b4320eaafd..1214b3ec4e 100644 --- a/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.cpp +++ b/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.cpp @@ -143,10 +143,10 @@ UltraProver_ UltraHonkComposerHelper_::create_prover(CircuitCons compute_proving_key(circuit_constructor); compute_witness(circuit_constructor); - UltraProver output_state(proving_key); + UltraProver_ output_state(proving_key); auto pcs_commitment_key = - std::make_unique(proving_key->circuit_size, "../srs_db/ignition"); + std::make_unique(proving_key->circuit_size, "../srs_db/ignition"); output_state.pcs_commitment_key = std::move(pcs_commitment_key); @@ -164,7 +164,7 @@ UltraVerifier_ UltraHonkComposerHelper_::create_verifier(const C { auto verification_key = compute_verification_key(circuit_constructor); - UltraVerifier output_state(verification_key); + UltraVerifier_ output_state(verification_key); auto pcs_verification_key = std::make_unique(verification_key->circuit_size, "../srs_db/ignition"); @@ -320,7 +320,7 @@ std::shared_ptr UltraHonkComposerHelper_::VerificationKey>( + verification_key = std::make_shared( proving_key->circuit_size, proving_key->num_public_inputs, proving_key->composer_type); auto commitment_key = PCSCommitmentKey(proving_key->circuit_size, "../srs_db/ignition"); @@ -361,5 +361,7 @@ std::shared_ptr UltraHonkComposerHelper_; +template class UltraHonkComposerHelper_; } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.hpp b/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.hpp index d9e4a96c7f..977702f31a 100644 --- a/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.hpp +++ b/cpp/src/barretenberg/honk/composer/composer_helper/ultra_honk_composer_helper.hpp @@ -69,5 +69,6 @@ template class UltraHonkComposerHelper_ { void add_table_column_selector_poly_to_proving_key(polynomial& small, const std::string& tag); }; extern template class UltraHonkComposerHelper_; +extern template class UltraHonkComposerHelper_; using UltraHonkComposerHelper = UltraHonkComposerHelper_; } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/composer/standard_honk_composer.hpp b/cpp/src/barretenberg/honk/composer/standard_honk_composer.hpp index 7fd210a89b..c5e631ecac 100644 --- a/cpp/src/barretenberg/honk/composer/standard_honk_composer.hpp +++ b/cpp/src/barretenberg/honk/composer/standard_honk_composer.hpp @@ -191,6 +191,8 @@ template class StandardHonkComposer_ { const std::string& err() const { return circuit_constructor.err(); }; void failure(std::string msg) { circuit_constructor.failure(msg); } }; -template class StandardHonkComposer_; -using StandardHonkComposer = StandardHonkComposer_; +template class StandardHonkComposer_; +template class StandardHonkComposer_; +using StandardHonkComposer = StandardHonkComposer_; +using StandardGrumpkinHonkComposer = StandardHonkComposer_; } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/composer/standard_honk_composer.test.cpp b/cpp/src/barretenberg/honk/composer/standard_honk_composer.test.cpp index e2f3c6777f..fd58cb1a4f 100644 --- a/cpp/src/barretenberg/honk/composer/standard_honk_composer.test.cpp +++ b/cpp/src/barretenberg/honk/composer/standard_honk_composer.test.cpp @@ -27,7 +27,6 @@ namespace test_standard_honk_composer { */ TEST(StandardHonkComposer, SigmaIDCorrectness) { - using StandardHonkComposer = StandardHonkComposer_; auto test_permutation = [](StandardHonkComposer& composer) { auto proving_key = composer.compute_proving_key(); const auto n = proving_key->circuit_size; @@ -141,7 +140,6 @@ TEST(StandardHonkComposer, SigmaIDCorrectness) */ TEST(StandardHonkComposer, LagrangeCorrectness) { - using StandardHonkComposer = StandardHonkComposer_; // Create a composer and a dummy circuit with a few gates StandardHonkComposer composer = StandardHonkComposer(); fr a = fr::one(); @@ -191,7 +189,6 @@ TEST(StandardHonkComposer, LagrangeCorrectness) */ TEST(StandardHonkComposer, AssertEquals) { - using StandardHonkComposer = StandardHonkComposer_; /** * @brief A function that creates a simple circuit with repeated gates, leading to large permutation cycles @@ -287,7 +284,6 @@ TEST(StandardHonkComposer, AssertEquals) TEST(StandardHonkComposer, VerificationKeyCreation) { - using StandardHonkComposer = StandardHonkComposer_; // Create a composer and a dummy circuit with a few gates StandardHonkComposer composer = StandardHonkComposer(); @@ -312,7 +308,6 @@ TEST(StandardHonkComposer, VerificationKeyCreation) TEST(StandardHonkComposer, BaseCase) { - using StandardHonkComposer = StandardHonkComposer_; auto composer = StandardHonkComposer(); fr a = 1; composer.circuit_constructor.add_variable(a); @@ -326,7 +321,6 @@ TEST(StandardHonkComposer, BaseCase) TEST(StandardHonkComposer, TwoGates) { - using StandardHonkComposer = StandardHonkComposer_; auto run_test = [](bool expect_verified) { auto composer = StandardHonkComposer(); @@ -361,7 +355,6 @@ TEST(StandardHonkComposer, TwoGates) TEST(StandardHonkComposer, SumcheckEvaluations) { - using StandardHonkComposer = StandardHonkComposer_; auto run_test = [](bool expected_result) { auto composer = StandardHonkComposer(); fr a = fr::one(); @@ -392,4 +385,16 @@ TEST(StandardHonkComposer, SumcheckEvaluations) run_test(/*expected_result=*/true); run_test(/*expected_result=*/false); } +TEST(StandardGrumpkinHonkComposer, BaseCase) +{ + auto composer = StandardGrumpkinHonkComposer(); + fr a = 1; + composer.circuit_constructor.add_variable(a); + + auto prover = composer.create_prover(); + plonk::proof proof = prover.construct_proof(); + auto verifier = composer.create_verifier(); + bool verified = verifier.verify_proof(proof); + ASSERT_TRUE(verified); +} } // namespace test_standard_honk_composer diff --git a/cpp/src/barretenberg/honk/composer/ultra_honk_composer.hpp b/cpp/src/barretenberg/honk/composer/ultra_honk_composer.hpp index 065d8e0c1b..7836740286 100644 --- a/cpp/src/barretenberg/honk/composer/ultra_honk_composer.hpp +++ b/cpp/src/barretenberg/honk/composer/ultra_honk_composer.hpp @@ -10,9 +10,6 @@ namespace proof_system::honk { template class UltraHonkComposer_ { public: - // TODO(#426): This doesn't belong here - static constexpr merkle::HashType merkle_hash_type = merkle::HashType::LOOKUP_PEDERSEN; - static constexpr pedersen::CommitmentType commitment_type = pedersen::CommitmentType::FIXED_BASE_PEDERSEN; // An instantiation of the circuit constructor that only depends on arithmetization, not on the proof system UltraCircuitConstructor circuit_constructor; // Composer helper contains all proof-related material that is separate from circuit creation such as: @@ -22,7 +19,13 @@ template class UltraHonkComposer_ { using CircuitConstructor = UltraCircuitConstructor; using ProvingKey = typename Flavor::ProvingKey; using VerificationKey = typename Flavor::VerificationKey; - static constexpr ComposerType type = ComposerType::PLOOKUP; // TODO(Mara): Get rid of this. + + // TODO(#426): This don't belong here + static constexpr ComposerType type = ComposerType::PLOOKUP; + static_assert(type == CircuitConstructor::type); + static constexpr merkle::HashType merkle_hash_type = CircuitConstructor::merkle_hash_type; + static constexpr pedersen::CommitmentType commitment_type = CircuitConstructor::commitment_type; + static constexpr size_t DEFAULT_PLOOKUP_RANGE_BITNUM = UltraCircuitConstructor::DEFAULT_PLOOKUP_RANGE_BITNUM; UltraHonkComposerHelper_ composer_helper; size_t& num_gates; @@ -289,5 +292,8 @@ template class UltraHonkComposer_ { void failure(std::string msg) { circuit_constructor.failure(msg); } }; template class UltraHonkComposer_; +template class UltraHonkComposer_; using UltraHonkComposer = UltraHonkComposer_; +using UltraGrumpkinHonkComposer = UltraHonkComposer_; + } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/composer/ultra_honk_composer.test.cpp b/cpp/src/barretenberg/honk/composer/ultra_honk_composer.test.cpp index 2eb23f820a..65fdd7768e 100644 --- a/cpp/src/barretenberg/honk/composer/ultra_honk_composer.test.cpp +++ b/cpp/src/barretenberg/honk/composer/ultra_honk_composer.test.cpp @@ -108,9 +108,9 @@ TEST(UltraHonkComposer, XorConstraint) const auto lookup_accumulators = plookup::get_lookup_accumulators( plookup::MultiTableId::UINT32_XOR, left_witness_value, right_witness_value, true); auto xor_result = lookup_accumulators[plookup::ColumnIdx::C3] - [0]; // The zeroth index in the 3rd column is the fully accumulated xor result - EXPECT_EQ(xor_result, xor_result_expected); + [0]; // The zeroth index in the 3rd column is the fully accumulated xor + EXPECT_EQ(xor_result, xor_result_expected); composer.create_gates_from_plookup_accumulators( plookup::MultiTableId::UINT32_XOR, lookup_accumulators, left_witness_index, right_witness_index); @@ -555,7 +555,6 @@ TEST(UltraHonkComposer, range_constraint) TEST(UltraHonkComposer, range_with_gates) { - auto composer = UltraHonkComposer(); auto idx = add_variables(composer, { 1, 2, 3, 4, 5, 6, 7, 8 }); for (size_t i = 0; i < idx.size(); i++) { @@ -800,6 +799,33 @@ TEST(UltraHonkComposer, ram) prove_and_verify(composer, /*expected_result=*/true); } +TEST(UltraGrumpkinHonkComposer, XorConstraint) +{ + auto composer = UltraGrumpkinHonkComposer(); + + uint32_t left_value = engine.get_random_uint32(); + uint32_t right_value = engine.get_random_uint32(); + + fr left_witness_value = fr{ left_value, 0, 0, 0 }.to_montgomery_form(); + fr right_witness_value = fr{ right_value, 0, 0, 0 }.to_montgomery_form(); + + uint32_t left_witness_index = composer.add_variable(left_witness_value); + uint32_t right_witness_index = composer.add_variable(right_witness_value); + + uint32_t xor_result_expected = left_value ^ right_value; + + const auto lookup_accumulators = plookup::get_lookup_accumulators( + plookup::MultiTableId::UINT32_XOR, left_witness_value, right_witness_value, true); + auto xor_result = lookup_accumulators[plookup::ColumnIdx::C3] + [0]; // The zeroth index in the 3rd column is the fully accumulated xor + + EXPECT_EQ(xor_result, xor_result_expected); + composer.create_gates_from_plookup_accumulators( + plookup::MultiTableId::UINT32_XOR, lookup_accumulators, left_witness_index, right_witness_index); + + prove_and_verify(composer, /*expected_result=*/true); +} + // TODO(#378)(luke): this is a recent update from Zac and fails; do we need a corresponding bug fix in ultra circuit // constructor? TEST(UltraHonkComposer, range_checks_on_duplicates) // { diff --git a/cpp/src/barretenberg/honk/flavor/standard_grumpkin.hpp b/cpp/src/barretenberg/honk/flavor/standard_grumpkin.hpp new file mode 100644 index 0000000000..fdd236653d --- /dev/null +++ b/cpp/src/barretenberg/honk/flavor/standard_grumpkin.hpp @@ -0,0 +1,297 @@ +#pragma once +#include +#include +#include +#include +#include +#include +#include "barretenberg/honk/pcs/commitment_key.hpp" +#include "barretenberg/honk/sumcheck/polynomials/barycentric_data.hpp" +#include "barretenberg/honk/pcs/ipa/ipa.hpp" +#include "barretenberg/honk/sumcheck/polynomials/univariate.hpp" +#include "barretenberg/ecc/curves/bn254/g1.hpp" +#include "barretenberg/honk/sumcheck/relations/arithmetic_relation.hpp" +#include "barretenberg/honk/sumcheck/relations/permutation_relation.hpp" +#include "barretenberg/honk/transcript/transcript.hpp" +#include "barretenberg/plonk/proof_system/proving_key/proving_key.hpp" +#include "barretenberg/polynomials/evaluation_domain.hpp" +#include "barretenberg/polynomials/polynomial.hpp" +#include "barretenberg/proof_system/circuit_constructors/standard_circuit_constructor.hpp" +#include "barretenberg/srs/reference_string/reference_string.hpp" +#include "barretenberg/proof_system/flavor/flavor.hpp" + +namespace proof_system::honk::flavor { +class StandardGrumpkin { + // TODO(Mara): At the moment this class is a duplicate of the Standard flavor with a different PCS for testing + // purposes. This will be changed to Grumpkin once generating Honk proofs over Grumpkin has been enabled. + public: + using CircuitConstructor = StandardCircuitConstructor; + using FF = barretenberg::fr; + using Polynomial = barretenberg::Polynomial; + using PolynomialHandle = std::span; + using G1 = barretenberg::g1; + using GroupElement = G1::element; + using Commitment = G1::affine_element; + using CommitmentHandle = G1::affine_element; + using PCSParams = pcs::ipa::Params; + using PCS = pcs::ipa::IPA; + static constexpr size_t NUM_WIRES = CircuitConstructor::NUM_WIRES; + // The number of multivariate polynomials on which a sumcheck prover sumcheck operates (including shifts). We often + // need containers of this size to hold related data, so we choose a name more agnostic than `NUM_POLYNOMIALS` + static constexpr size_t NUM_ALL_ENTITIES = 18; + // The number of polynomials precomputed to describe a circuit and to aid a prover in constructing a satisfying + // assignment of witnesses. We again choose a neutral name. + static constexpr size_t NUM_PRECOMPUTED_ENTITIES = 13; + // The total number of witness entities not including shifts. + static constexpr size_t NUM_WITNESS_ENTITIES = 4; + + // define the tuple of Relations that comprise the Sumcheck relation + using Relations = std::tuple, sumcheck::PermutationRelation>; + + static constexpr size_t MAX_RELATION_LENGTH = get_max_relation_length(); + static constexpr size_t NUM_RELATIONS = std::tuple_size::value; + + // Instantiate the BarycentricData needed to extend each Relation Univariate + static_assert(instantiate_barycentric_utils()); + + // define the containers for storing the contributions from each relation in Sumcheck + using RelationUnivariates = decltype(create_relation_univariates_container()); + using RelationValues = decltype(create_relation_values_container()); + + // define utilities to extend univarates from RELATION_LENGTH to MAX_RELATION_LENGTH for each Relation + // using BarycentricUtils = decltype(create_barycentric_utils()); + + private: + /** + * @brief A base class labelling precomputed entities and (ordered) subsets of interest. + * @details Used to build the proving key and verification key. + */ + template + class PrecomputedEntities : public PrecomputedEntities_ { + public: + DataType& q_m = std::get<0>(this->_data); + DataType& q_l = std::get<1>(this->_data); + DataType& q_r = std::get<2>(this->_data); + DataType& q_o = std::get<3>(this->_data); + DataType& q_c = std::get<4>(this->_data); + DataType& sigma_1 = std::get<5>(this->_data); + DataType& sigma_2 = std::get<6>(this->_data); + DataType& sigma_3 = std::get<7>(this->_data); + DataType& id_1 = std::get<8>(this->_data); + DataType& id_2 = std::get<9>(this->_data); + DataType& id_3 = std::get<10>(this->_data); + DataType& lagrange_first = std::get<11>(this->_data); + DataType& lagrange_last = std::get<12>(this->_data); // = LAGRANGE_N-1 whithout ZK, but can be less + + std::vector get_selectors() override { return { q_m, q_l, q_r, q_o, q_c }; }; + std::vector get_sigma_polynomials() override { return { sigma_1, sigma_2, sigma_3 }; }; + std::vector get_id_polynomials() override { return { id_1, id_2, id_3 }; }; + }; + + /** + * @brief Container for all witness polynomials used/constructed by the prover. + * @details Shifts are not included here since they do not occupy their own memory. + */ + template + class WitnessEntities : public WitnessEntities_ { + public: + DataType& w_l = std::get<0>(this->_data); + DataType& w_r = std::get<1>(this->_data); + DataType& w_o = std::get<2>(this->_data); + DataType& z_perm = std::get<3>(this->_data); + + std::vector get_wires() override { return { w_l, w_r, w_o }; }; + }; + + /** + * @brief A base class labelling all entities (for instance, all of the polynomials used by the prover during + * sumcheck) in this Honk variant along with particular subsets of interest + * @details Used to build containers for: the prover's polynomial during sumcheck; the sumcheck's folded + * polynomials; the univariates consturcted during during sumcheck; the evaluations produced by sumcheck. + * + * Symbolically we have: AllEntities = PrecomputedEntities + WitnessEntities + "ShiftedEntities". It could be + * implemented as such, but we don't have this now. + */ + template + class AllEntities : public AllEntities_ { + public: + DataType& q_c = std::get<0>(this->_data); + DataType& q_l = std::get<1>(this->_data); + DataType& q_r = std::get<2>(this->_data); + DataType& q_o = std::get<3>(this->_data); + DataType& q_m = std::get<4>(this->_data); + DataType& sigma_1 = std::get<5>(this->_data); + DataType& sigma_2 = std::get<6>(this->_data); + DataType& sigma_3 = std::get<7>(this->_data); + DataType& id_1 = std::get<8>(this->_data); + DataType& id_2 = std::get<9>(this->_data); + DataType& id_3 = std::get<10>(this->_data); + DataType& lagrange_first = std::get<11>(this->_data); + DataType& lagrange_last = std::get<12>(this->_data); + DataType& w_l = std::get<13>(this->_data); + DataType& w_r = std::get<14>(this->_data); + DataType& w_o = std::get<15>(this->_data); + DataType& z_perm = std::get<16>(this->_data); + DataType& z_perm_shift = std::get<17>(this->_data); + + std::vector get_wires() override { return { w_l, w_r, w_o }; }; + + // Gemini-specific getters. + std::vector get_unshifted() override + { + return { q_c, q_l, q_r, q_o, q_m, sigma_1, sigma_2, sigma_3, id_1, id_2, id_3, lagrange_first, + lagrange_last, w_l, w_r, w_o, z_perm }; + }; + std::vector get_to_be_shifted() override { return { z_perm }; }; + std::vector get_shifted() override { return { z_perm_shift }; }; + + // TODO(Cody): It would be nice to define these constructors once in a base class template. + AllEntities() = default; + + AllEntities(const AllEntities& other) + : AllEntities_(other){}; + + AllEntities(AllEntities&& other) + : AllEntities_(other){}; + + AllEntities& operator=(const AllEntities& other) + { + if (this == &other) { + return *this; + } + AllEntities_::operator=(other); + return *this; + } + + AllEntities& operator=(AllEntities&& other) + { + AllEntities_::operator=(other); + return *this; + } + + ~AllEntities() = default; + }; + + public: + /** + * @brief The proving key is responsible for storing the polynomials used by the prover. + * @note TODO(Cody): Maybe multiple inheritance is the right thing here. In that case, nothing should eve inherit + * from ProvingKey. + */ + class ProvingKey : public ProvingKey_, + WitnessEntities> { + public: + // Expose constructors of the base class + using Base = ProvingKey_, + WitnessEntities>; + using Base::Base; + }; + + /** + * @brief The verification key is responsible for storing the the commitments to the precomputed (non-witness) + * polynomials used by the verifier. + * + * @note Note the discrepancy with what sort of data is stored here vs in the proving key. We may want to resolve + * that, and split out separate PrecomputedPolynomials/Commitments data for clarity but also for portability of our + * circuits. + */ + using VerificationKey = VerificationKey_>; + + /** + * @brief A container for polynomials handles; only stores spans. + */ + using ProverPolynomials = AllEntities; + + /** + * @brief A container for storing the partially evaluated multivariates produced by sumcheck. + */ + class PartiallyEvaluatedMultivariates : public AllEntities { + + public: + PartiallyEvaluatedMultivariates() = default; + PartiallyEvaluatedMultivariates(const size_t circuit_size) + { + // Storage is only needed after the first partial evaluation, hence polynomials of size (n / 2) + for (auto& poly : this->_data) { + poly = Polynomial(circuit_size / 2); + } + } + }; + + /** + * @brief A container for univariates produced during the hot loop in sumcheck. + * @todo TODO(#390): Simplify this by moving MAX_RELATION_LENGTH? + */ + template + using ExtendedEdges = + AllEntities, sumcheck::Univariate>; + + /** + * @brief A container for the polynomials evaluations produced during sumcheck, which are purported to be the + * evaluations of polynomials committed in earlier rounds. + */ + class ClaimedEvaluations : public AllEntities { + public: + using Base = AllEntities; + using Base::Base; + ClaimedEvaluations(std::array _data_in) { this->_data = _data_in; } + }; + + /** + * @brief A container for commitment labels. + * @note It's debatable whether this should inherit from AllEntities. since most entries are not strictly needed. It + * has, however, been useful during debugging to have these labels available. + * + */ + class CommitmentLabels : public AllEntities { + public: + CommitmentLabels() + : AllEntities() + { + w_l = "W_1"; + w_r = "W_2"; + w_o = "W_3"; + z_perm = "Z_PERM"; + // The ones beginning with "__" are only used for debugging + z_perm_shift = "__Z_PERM_SHIFT"; + q_m = "__Q_M"; + q_l = "__Q_L"; + q_r = "__Q_R"; + q_o = "__Q_O"; + q_c = "__Q_C"; + sigma_1 = "__SIGMA_1"; + sigma_2 = "__SIGMA_2"; + sigma_3 = "__SIGMA_3"; + id_1 = "__ID_1"; + id_2 = "__ID_2"; + id_3 = "__ID_3"; + lagrange_first = "__LAGRANGE_FIRST"; + lagrange_last = "__LAGRANGE_LAST"; + }; + }; + + /** + * @brief A container for all commitments used by the verifier. + */ + class VerifierCommitments : public AllEntities { + public: + VerifierCommitments(std::shared_ptr verification_key) + { + // Initialize pre-computed commitments here, witness commitments during proof verification. + q_m = verification_key->q_m; + q_l = verification_key->q_l; + q_r = verification_key->q_r; + q_o = verification_key->q_o; + q_c = verification_key->q_c; + sigma_1 = verification_key->sigma_1; + sigma_2 = verification_key->sigma_2; + sigma_3 = verification_key->sigma_3; + id_1 = verification_key->id_1; + id_2 = verification_key->id_2; + id_3 = verification_key->id_3; + lagrange_first = verification_key->lagrange_first; + lagrange_last = verification_key->lagrange_last; + } + }; +}; +} // namespace proof_system::honk::flavor \ No newline at end of file diff --git a/cpp/src/barretenberg/honk/flavor/ultra.hpp b/cpp/src/barretenberg/honk/flavor/ultra.hpp index 202fab37f5..6f40b847cc 100644 --- a/cpp/src/barretenberg/honk/flavor/ultra.hpp +++ b/cpp/src/barretenberg/honk/flavor/ultra.hpp @@ -7,7 +7,7 @@ #include #include "barretenberg/honk/pcs/commitment_key.hpp" #include "barretenberg/honk/sumcheck/polynomials/barycentric_data.hpp" -#include "barretenberg/honk/pcs/ipa/ipa.hpp" +#include "barretenberg/honk/pcs/kzg/kzg.hpp" #include "barretenberg/honk/sumcheck/polynomials/univariate.hpp" #include "barretenberg/ecc/curves/bn254/g1.hpp" #include "barretenberg/honk/transcript/transcript.hpp" @@ -39,8 +39,8 @@ class Ultra { // UltraHonk will be run with KZG by default but temporarily we set the commitment to IPA to // be able to do e2e tests with this pcs as well // TODO: instantiate this with both IPA and KZG when the templating work is finished - using PCSParams = pcs::ipa::Params; - using PCS = pcs::ipa::IPA; + using PCSParams = pcs::kzg::Params; + using PCS = pcs::kzg::KZG; static constexpr size_t NUM_WIRES = CircuitConstructor::NUM_WIRES; // The number of multivariate polynomials on which a sumcheck prover sumcheck operates (including shifts). We often diff --git a/cpp/src/barretenberg/honk/flavor/ultra_grumpkin.hpp b/cpp/src/barretenberg/honk/flavor/ultra_grumpkin.hpp new file mode 100644 index 0000000000..fbb87479be --- /dev/null +++ b/cpp/src/barretenberg/honk/flavor/ultra_grumpkin.hpp @@ -0,0 +1,396 @@ +#pragma once +#include +#include +#include +#include +#include +#include +#include "barretenberg/honk/pcs/commitment_key.hpp" +#include "barretenberg/honk/sumcheck/polynomials/barycentric_data.hpp" +#include "barretenberg/honk/pcs/ipa/ipa.hpp" +#include "barretenberg/honk/sumcheck/polynomials/univariate.hpp" +#include "barretenberg/ecc/curves/bn254/g1.hpp" +#include "barretenberg/honk/transcript/transcript.hpp" +#include "barretenberg/plonk/proof_system/proving_key/proving_key.hpp" +#include "barretenberg/polynomials/evaluation_domain.hpp" +#include "barretenberg/polynomials/polynomial.hpp" +#include "barretenberg/proof_system/circuit_constructors/ultra_circuit_constructor.hpp" +#include "barretenberg/srs/reference_string/reference_string.hpp" +#include "barretenberg/proof_system/flavor/flavor.hpp" +#include "barretenberg/honk/sumcheck/relations/ultra_arithmetic_relation.hpp" +#include "barretenberg/honk/sumcheck/relations/permutation_relation.hpp" +#include "barretenberg/honk/sumcheck/relations/lookup_relation.hpp" +#include "barretenberg/honk/sumcheck/relations/gen_perm_sort_relation.hpp" +#include "barretenberg/honk/sumcheck/relations/elliptic_relation.hpp" +#include "barretenberg/honk/sumcheck/relations/auxiliary_relation.hpp" + +namespace proof_system::honk::flavor { + +class UltraGrumpkin { + // TODO(Mara): At the moment this class is a duplicate of the Standard flavor with a different PCS for testing + // purposes. This will be changed to Grumpkin once generating Honk proofs over Grumpkin has been enabled. + public: + using CircuitConstructor = UltraCircuitConstructor; + using FF = barretenberg::fr; + using Polynomial = barretenberg::Polynomial; + using PolynomialHandle = std::span; + using G1 = barretenberg::g1; + using GroupElement = G1::element; + using Commitment = G1::affine_element; + using CommitmentHandle = G1::affine_element; + using PCSParams = pcs::ipa::Params; + using PCS = pcs::ipa::IPA; + + static constexpr size_t NUM_WIRES = CircuitConstructor::NUM_WIRES; + // The number of multivariate polynomials on which a sumcheck prover sumcheck operates (including shifts). We often + // need containers of this size to hold related data, so we choose a name more agnostic than `NUM_POLYNOMIALS`. + // Note: this number does not include the individual sorted list polynomials. + static constexpr size_t NUM_ALL_ENTITIES = 43; + // The number of polynomials precomputed to describe a circuit and to aid a prover in constructing a satisfying + // assignment of witnesses. We again choose a neutral name. + static constexpr size_t NUM_PRECOMPUTED_ENTITIES = 25; + // The total number of witness entities not including shifts. + static constexpr size_t NUM_WITNESS_ENTITIES = 11; + + // define the tuple of Relations that comprise the Sumcheck relation + using Relations = std::tuple, + sumcheck::UltraPermutationRelation, + sumcheck::LookupRelation, + sumcheck::GenPermSortRelation, + sumcheck::EllipticRelation, + sumcheck::AuxiliaryRelation>; + + static constexpr size_t MAX_RELATION_LENGTH = get_max_relation_length(); + static constexpr size_t NUM_RELATIONS = std::tuple_size::value; + + // Instantiate the BarycentricData needed to extend each Relation Univariate + static_assert(instantiate_barycentric_utils()); + + // define the container for storing the univariate contribution from each relation in Sumcheck + using RelationUnivariates = decltype(create_relation_univariates_container()); + using RelationValues = decltype(create_relation_values_container()); + + private: + template + /** + * @brief A base class labelling precomputed entities and (ordered) subsets of interest. + * @details Used to build the proving key and verification key. + */ + class PrecomputedEntities : public PrecomputedEntities_ { + public: + DataType& q_m = std::get<0>(this->_data); + DataType& q_c = std::get<1>(this->_data); + DataType& q_l = std::get<2>(this->_data); + DataType& q_r = std::get<3>(this->_data); + DataType& q_o = std::get<4>(this->_data); + DataType& q_4 = std::get<5>(this->_data); + DataType& q_arith = std::get<6>(this->_data); + DataType& q_sort = std::get<7>(this->_data); + DataType& q_elliptic = std::get<8>(this->_data); + DataType& q_aux = std::get<9>(this->_data); + DataType& q_lookup = std::get<10>(this->_data); + DataType& sigma_1 = std::get<11>(this->_data); + DataType& sigma_2 = std::get<12>(this->_data); + DataType& sigma_3 = std::get<13>(this->_data); + DataType& sigma_4 = std::get<14>(this->_data); + DataType& id_1 = std::get<15>(this->_data); + DataType& id_2 = std::get<16>(this->_data); + DataType& id_3 = std::get<17>(this->_data); + DataType& id_4 = std::get<18>(this->_data); + DataType& table_1 = std::get<19>(this->_data); + DataType& table_2 = std::get<20>(this->_data); + DataType& table_3 = std::get<21>(this->_data); + DataType& table_4 = std::get<22>(this->_data); + DataType& lagrange_first = std::get<23>(this->_data); + DataType& lagrange_last = std::get<24>(this->_data); + + std::vector get_selectors() override + { + return { q_m, q_c, q_l, q_r, q_o, q_4, q_arith, q_sort, q_elliptic, q_aux, q_lookup }; + }; + std::vector get_sigma_polynomials() override { return { sigma_1, sigma_2, sigma_3, sigma_4 }; }; + std::vector get_id_polynomials() override { return { id_1, id_2, id_3, id_4 }; }; + + std::vector get_table_polynomials() { return { table_1, table_2, table_3, table_4 }; }; + }; + + /** + * @brief Container for all witness polynomials used/constructed by the prover. + * @details Shifts are not included here since they do not occupy their own memory. + */ + template + class WitnessEntities : public WitnessEntities_ { + public: + DataType& w_l = std::get<0>(this->_data); + DataType& w_r = std::get<1>(this->_data); + DataType& w_o = std::get<2>(this->_data); + DataType& w_4 = std::get<3>(this->_data); + DataType& sorted_1 = std::get<4>(this->_data); + DataType& sorted_2 = std::get<5>(this->_data); + DataType& sorted_3 = std::get<6>(this->_data); + DataType& sorted_4 = std::get<7>(this->_data); + DataType& sorted_accum = std::get<8>(this->_data); + DataType& z_perm = std::get<9>(this->_data); + DataType& z_lookup = std::get<10>(this->_data); + + std::vector get_wires() override { return { w_l, w_r, w_o, w_4 }; }; + // The sorted concatenations of table and witness data needed for plookup. + std::vector get_sorted_polynomials() { return { sorted_1, sorted_2, sorted_3, sorted_4 }; }; + }; + + /** + * @brief A base class labelling all entities (for instance, all of the polynomials used by the prover during + * sumcheck) in this Honk variant along with particular subsets of interest + * @details Used to build containers for: the prover's polynomial during sumcheck; the sumcheck's folded + * polynomials; the univariates consturcted during during sumcheck; the evaluations produced by sumcheck. + * + * Symbolically we have: AllEntities = PrecomputedEntities + WitnessEntities + "ShiftedEntities". It could be + * implemented as such, but we have this now. + */ + template + class AllEntities : public AllEntities_ { + public: + DataType& q_c = std::get<0>(this->_data); + DataType& q_l = std::get<1>(this->_data); + DataType& q_r = std::get<2>(this->_data); + DataType& q_o = std::get<3>(this->_data); + DataType& q_4 = std::get<4>(this->_data); + DataType& q_m = std::get<5>(this->_data); + DataType& q_arith = std::get<6>(this->_data); + DataType& q_sort = std::get<7>(this->_data); + DataType& q_elliptic = std::get<8>(this->_data); + DataType& q_aux = std::get<9>(this->_data); + DataType& q_lookup = std::get<10>(this->_data); + DataType& sigma_1 = std::get<11>(this->_data); + DataType& sigma_2 = std::get<12>(this->_data); + DataType& sigma_3 = std::get<13>(this->_data); + DataType& sigma_4 = std::get<14>(this->_data); + DataType& id_1 = std::get<15>(this->_data); + DataType& id_2 = std::get<16>(this->_data); + DataType& id_3 = std::get<17>(this->_data); + DataType& id_4 = std::get<18>(this->_data); + DataType& table_1 = std::get<19>(this->_data); + DataType& table_2 = std::get<20>(this->_data); + DataType& table_3 = std::get<21>(this->_data); + DataType& table_4 = std::get<22>(this->_data); + DataType& lagrange_first = std::get<23>(this->_data); + DataType& lagrange_last = std::get<24>(this->_data); + DataType& w_l = std::get<25>(this->_data); + DataType& w_r = std::get<26>(this->_data); + DataType& w_o = std::get<27>(this->_data); + DataType& w_4 = std::get<28>(this->_data); + DataType& sorted_accum = std::get<29>(this->_data); + DataType& z_perm = std::get<30>(this->_data); + DataType& z_lookup = std::get<31>(this->_data); + DataType& table_1_shift = std::get<32>(this->_data); + DataType& table_2_shift = std::get<33>(this->_data); + DataType& table_3_shift = std::get<34>(this->_data); + DataType& table_4_shift = std::get<35>(this->_data); + DataType& w_l_shift = std::get<36>(this->_data); + DataType& w_r_shift = std::get<37>(this->_data); + DataType& w_o_shift = std::get<38>(this->_data); + DataType& w_4_shift = std::get<39>(this->_data); + DataType& sorted_accum_shift = std::get<40>(this->_data); + DataType& z_perm_shift = std::get<41>(this->_data); + DataType& z_lookup_shift = std::get<42>(this->_data); + + std::vector get_wires() override { return { w_l, w_r, w_o, w_4 }; }; + // Gemini-specific getters. + std::vector get_unshifted() override + { + return { q_c, q_l, q_r, q_o, q_4, q_m, q_arith, q_sort, + q_elliptic, q_aux, q_lookup, sigma_1, sigma_2, sigma_3, sigma_4, id_1, + id_2, id_3, id_4, table_1, table_2, table_3, table_4, lagrange_first, + lagrange_last, w_l, w_r, w_o, w_4, sorted_accum, z_perm, z_lookup + + }; + }; + std::vector get_to_be_shifted() override + { + return { table_1, table_2, table_3, table_4, w_l, w_r, w_o, w_4, sorted_accum, z_perm, z_lookup }; + }; + std::vector get_shifted() override + { + return { table_1_shift, table_2_shift, table_3_shift, table_4_shift, w_l_shift, w_r_shift, + w_o_shift, w_4_shift, sorted_accum_shift, z_perm_shift, z_lookup_shift }; + }; + + AllEntities() = default; + + AllEntities(const AllEntities& other) + : AllEntities_(other){}; + + AllEntities(AllEntities&& other) + : AllEntities_(other){}; + + AllEntities& operator=(const AllEntities& other) + { + if (this == &other) { + return *this; + } + AllEntities_::operator=(other); + return *this; + } + + AllEntities& operator=(AllEntities&& other) + { + AllEntities_::operator=(other); + return *this; + } + + ~AllEntities() = default; + }; + + public: + /** + * @brief The proving key is responsible for storing the polynomials used by the prover. + * @note TODO(Cody): Maybe multiple inheritance is the right thing here. In that case, nothing should eve inherit + * from ProvingKey. + */ + class ProvingKey : public ProvingKey_, + WitnessEntities> { + public: + // Expose constructors on the base class + using Base = ProvingKey_, + WitnessEntities>; + using Base::Base; + + std::vector memory_read_records; + std::vector memory_write_records; + + // The plookup wires that store plookup read data. + std::array get_table_column_wires() { return { w_l, w_r, w_o }; }; + }; + + /** + * @brief The verification key is responsible for storing the the commitments to the precomputed (non-witnessk) + * polynomials used by the verifier. + * + * @note Note the discrepancy with what sort of data is stored here vs in the proving key. We may want to resolve + * that, and split out separate PrecomputedPolynomials/Commitments data for clarity but also for portability of our + * circuits. + */ + using VerificationKey = VerificationKey_>; + + /** + * @brief A container for polynomials handles; only stores spans. + */ + using ProverPolynomials = AllEntities; + + /** + * @brief A container for storing the partially evaluated multivariates produced by sumcheck. + */ + class PartiallyEvaluatedMultivariates : public AllEntities { + + public: + PartiallyEvaluatedMultivariates() = default; + PartiallyEvaluatedMultivariates(const size_t circuit_size) + { + // Storage is only needed after the first partial evaluation, hence polynomials of size (n / 2) + for (auto& poly : this->_data) { + poly = Polynomial(circuit_size / 2); + } + } + }; + + /** + * @brief A container for univariates produced during the hot loop in sumcheck. + * @todo TODO(#390): Simplify this by moving MAX_RELATION_LENGTH? + */ + template + using ExtendedEdges = + AllEntities, sumcheck::Univariate>; + + /** + * @brief A container for the polynomials evaluations produced during sumcheck, which are purported to be the + * evaluations of polynomials committed in earlier rounds. + */ + class ClaimedEvaluations : public AllEntities { + public: + using Base = AllEntities; + using Base::Base; + ClaimedEvaluations(std::array _data_in) { this->_data = _data_in; } + }; + + /** + * @brief A container for commitment labels. + * @note It's debatable whether this should inherit from AllEntities. since most entries are not strictly needed. It + * has, however, been useful during debugging to have these labels available. + * + */ + class CommitmentLabels : public AllEntities { + public: + CommitmentLabels() + { + w_l = "W_L"; + w_r = "W_R"; + w_o = "W_O"; + w_4 = "W_4"; + z_perm = "Z_PERM"; + z_lookup = "Z_LOOKUP"; + sorted_accum = "SORTED_ACCUM"; + + // The ones beginning with "__" are only used for debugging + q_c = "__Q_C"; + q_l = "__Q_L"; + q_r = "__Q_R"; + q_o = "__Q_O"; + q_4 = "__Q_4"; + q_m = "__Q_M"; + q_arith = "__Q_ARITH"; + q_sort = "__Q_SORT"; + q_elliptic = "__Q_ELLIPTIC"; + q_aux = "__Q_AUX"; + q_lookup = "__Q_LOOKUP"; + sigma_1 = "__SIGMA_1"; + sigma_2 = "__SIGMA_2"; + sigma_3 = "__SIGMA_3"; + sigma_4 = "__SIGMA_4"; + id_1 = "__ID_1"; + id_2 = "__ID_2"; + id_3 = "__ID_3"; + id_4 = "__ID_4"; + table_1 = "__TABLE_1"; + table_2 = "__TABLE_2"; + table_3 = "__TABLE_3"; + table_4 = "__TABLE_4"; + lagrange_first = "__LAGRANGE_FIRST"; + lagrange_last = "__LAGRANGE_LAST"; + }; + }; + + class VerifierCommitments : public AllEntities { + public: + VerifierCommitments(std::shared_ptr verification_key, VerifierTranscript transcript) + { + static_cast(transcript); + q_m = verification_key->q_m; + q_l = verification_key->q_l; + q_r = verification_key->q_r; + q_o = verification_key->q_o; + q_4 = verification_key->q_4; + q_c = verification_key->q_c; + q_arith = verification_key->q_arith; + q_sort = verification_key->q_sort; + q_elliptic = verification_key->q_elliptic; + q_aux = verification_key->q_aux; + q_lookup = verification_key->q_lookup; + sigma_1 = verification_key->sigma_1; + sigma_2 = verification_key->sigma_2; + sigma_3 = verification_key->sigma_3; + sigma_4 = verification_key->sigma_4; + id_1 = verification_key->id_1; + id_2 = verification_key->id_2; + id_3 = verification_key->id_3; + id_4 = verification_key->id_4; + table_1 = verification_key->table_1; + table_2 = verification_key->table_2; + table_3 = verification_key->table_3; + table_4 = verification_key->table_4; + lagrange_first = verification_key->lagrange_first; + lagrange_last = verification_key->lagrange_last; + } + }; +}; + +} // namespace proof_system::honk::flavor diff --git a/cpp/src/barretenberg/honk/proof_system/prover.cpp b/cpp/src/barretenberg/honk/proof_system/prover.cpp index 39ac5684b0..607f762f9f 100644 --- a/cpp/src/barretenberg/honk/proof_system/prover.cpp +++ b/cpp/src/barretenberg/honk/proof_system/prover.cpp @@ -3,7 +3,6 @@ #include "barretenberg/honk/sumcheck/sumcheck.hpp" #include "barretenberg/honk/transcript/transcript.hpp" #include "barretenberg/honk/utils/power_polynomial.hpp" -#include "barretenberg/honk/flavor/standard.hpp" namespace proof_system::honk { @@ -283,5 +282,6 @@ template plonk::proof& StandardProver_::construc } template class StandardProver_; +template class StandardProver_; } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/proof_system/prover.hpp b/cpp/src/barretenberg/honk/proof_system/prover.hpp index e4abda3a8e..ddb354d84b 100644 --- a/cpp/src/barretenberg/honk/proof_system/prover.hpp +++ b/cpp/src/barretenberg/honk/proof_system/prover.hpp @@ -9,6 +9,7 @@ #include "barretenberg/honk/proof_system/prover_library.hpp" #include "barretenberg/honk/proof_system/work_queue.hpp" #include "barretenberg/honk/flavor/standard.hpp" +#include "barretenberg/honk/flavor/standard_grumpkin.hpp" namespace proof_system::honk { @@ -83,6 +84,7 @@ template class StandardProver_ { }; extern template class StandardProver_; +extern template class StandardProver_; using StandardProver = StandardProver_; // using GrumpkinStandardProver = StandardProver_; // e.g. diff --git a/cpp/src/barretenberg/honk/proof_system/prover_library.cpp b/cpp/src/barretenberg/honk/proof_system/prover_library.cpp index 330da8b2e5..fab657a06a 100644 --- a/cpp/src/barretenberg/honk/proof_system/prover_library.cpp +++ b/cpp/src/barretenberg/honk/proof_system/prover_library.cpp @@ -1,6 +1,8 @@ #include "prover_library.hpp" #include "barretenberg/honk/flavor/standard.hpp" +#include "barretenberg/honk/flavor/standard_grumpkin.hpp" #include "barretenberg/honk/flavor/ultra.hpp" +#include "barretenberg/honk/flavor/ultra_grumpkin.hpp" #include #include @@ -397,6 +399,11 @@ void add_plookup_memory_records_to_wire_4(std::shared_ptr( std::shared_ptr&, honk::flavor::Standard::FF, honk::flavor::Standard::FF); +template honk::flavor::StandardGrumpkin::Polynomial compute_permutation_grand_product( + std::shared_ptr&, + honk::flavor::StandardGrumpkin::FF, + honk::flavor::StandardGrumpkin::FF); + template honk::flavor::Ultra::Polynomial compute_permutation_grand_product( std::shared_ptr&, honk::flavor::Ultra::FF, honk::flavor::Ultra::FF); @@ -412,4 +419,23 @@ template typename honk::flavor::Ultra::Polynomial compute_sorted_list_accumulato template void add_plookup_memory_records_to_wire_4( std::shared_ptr& key, typename honk::flavor::Ultra::FF eta); +template honk::flavor::UltraGrumpkin::Polynomial compute_permutation_grand_product( + std::shared_ptr&, + honk::flavor::UltraGrumpkin::FF, + honk::flavor::UltraGrumpkin::FF); + +template typename honk::flavor::UltraGrumpkin::Polynomial compute_lookup_grand_product( + std::shared_ptr& key, + typename honk::flavor::UltraGrumpkin::FF eta, + typename honk::flavor::UltraGrumpkin::FF beta, + typename honk::flavor::UltraGrumpkin::FF gamma); + +template typename honk::flavor::UltraGrumpkin::Polynomial compute_sorted_list_accumulator( + std::shared_ptr& key, + typename honk::flavor::UltraGrumpkin::FF eta); + +template void add_plookup_memory_records_to_wire_4( + std::shared_ptr& key, + typename honk::flavor::UltraGrumpkin::FF eta); + } // namespace proof_system::honk::prover_library diff --git a/cpp/src/barretenberg/honk/proof_system/ultra_prover.cpp b/cpp/src/barretenberg/honk/proof_system/ultra_prover.cpp index 0081cef985..128a13b8a1 100644 --- a/cpp/src/barretenberg/honk/proof_system/ultra_prover.cpp +++ b/cpp/src/barretenberg/honk/proof_system/ultra_prover.cpp @@ -336,5 +336,6 @@ template plonk::proof& UltraProver_::construct_proo } template class UltraProver_; +template class UltraProver_; } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/proof_system/ultra_prover.hpp b/cpp/src/barretenberg/honk/proof_system/ultra_prover.hpp index c2635fcd23..a1a0fd39fa 100644 --- a/cpp/src/barretenberg/honk/proof_system/ultra_prover.hpp +++ b/cpp/src/barretenberg/honk/proof_system/ultra_prover.hpp @@ -5,6 +5,7 @@ #include "barretenberg/honk/pcs/shplonk/shplonk_single.hpp" #include "barretenberg/honk/transcript/transcript.hpp" #include "barretenberg/honk/flavor/ultra.hpp" +#include "barretenberg/honk/flavor/ultra_grumpkin.hpp" #include "barretenberg/honk/sumcheck/relations/relation_parameters.hpp" #include "barretenberg/honk/sumcheck/sumcheck_output.hpp" @@ -78,6 +79,7 @@ template class UltraProver_ { }; extern template class UltraProver_; +extern template class UltraProver_; using UltraProver = UltraProver_; diff --git a/cpp/src/barretenberg/honk/proof_system/ultra_verifier.cpp b/cpp/src/barretenberg/honk/proof_system/ultra_verifier.cpp index f2cc8f8efa..4b70607dd3 100644 --- a/cpp/src/barretenberg/honk/proof_system/ultra_verifier.cpp +++ b/cpp/src/barretenberg/honk/proof_system/ultra_verifier.cpp @@ -158,5 +158,6 @@ template bool UltraVerifier_::verify_proof(const plonk } template class UltraVerifier_; +template class UltraVerifier_; } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/proof_system/ultra_verifier.hpp b/cpp/src/barretenberg/honk/proof_system/ultra_verifier.hpp index a5456f5a0d..00a3736a99 100644 --- a/cpp/src/barretenberg/honk/proof_system/ultra_verifier.hpp +++ b/cpp/src/barretenberg/honk/proof_system/ultra_verifier.hpp @@ -1,6 +1,6 @@ #pragma once -// #include "barretenberg/honk/flavor/standard.hpp" #include "barretenberg/honk/flavor/ultra.hpp" +#include "barretenberg/honk/flavor/ultra_grumpkin.hpp" #include "barretenberg/plonk/proof_system/types/proof.hpp" #include "barretenberg/honk/sumcheck/sumcheck.hpp" @@ -28,6 +28,7 @@ template class UltraVerifier_ { }; extern template class UltraVerifier_; +extern template class UltraVerifier_; using UltraVerifier = UltraVerifier_; diff --git a/cpp/src/barretenberg/honk/proof_system/verifier.cpp b/cpp/src/barretenberg/honk/proof_system/verifier.cpp index 4934d9ec13..a03b9060e9 100644 --- a/cpp/src/barretenberg/honk/proof_system/verifier.cpp +++ b/cpp/src/barretenberg/honk/proof_system/verifier.cpp @@ -1,7 +1,6 @@ #include "./verifier.hpp" #include "barretenberg/honk/transcript/transcript.hpp" #include "barretenberg/numeric/bitop/get_msb.hpp" -#include "barretenberg/honk/flavor/standard.hpp" #include "barretenberg/honk/utils/power_polynomial.hpp" using namespace barretenberg; @@ -168,5 +167,6 @@ template bool StandardVerifier_::verify_proof(const pl } template class StandardVerifier_; +template class StandardVerifier_; } // namespace proof_system::honk diff --git a/cpp/src/barretenberg/honk/proof_system/verifier.hpp b/cpp/src/barretenberg/honk/proof_system/verifier.hpp index 7034adf3d6..bbf7228aa9 100644 --- a/cpp/src/barretenberg/honk/proof_system/verifier.hpp +++ b/cpp/src/barretenberg/honk/proof_system/verifier.hpp @@ -2,6 +2,7 @@ #include "barretenberg/honk/flavor/standard.hpp" #include "barretenberg/plonk/proof_system/types/proof.hpp" #include "barretenberg/honk/sumcheck/sumcheck.hpp" +#include "barretenberg/honk/flavor/standard_grumpkin.hpp" namespace proof_system::honk { template class StandardVerifier_ { @@ -27,6 +28,7 @@ template class StandardVerifier_ { }; extern template class StandardVerifier_; +extern template class StandardVerifier_; using StandardVerifier = StandardVerifier_; diff --git a/cpp/src/barretenberg/honk/sumcheck/relations/relation_correctness.test.cpp b/cpp/src/barretenberg/honk/sumcheck/relations/relation_correctness.test.cpp index 01d3624083..456ab32103 100644 --- a/cpp/src/barretenberg/honk/sumcheck/relations/relation_correctness.test.cpp +++ b/cpp/src/barretenberg/honk/sumcheck/relations/relation_correctness.test.cpp @@ -16,377 +16,380 @@ using namespace proof_system::honk; namespace test_honk_relations { -void ensure_non_zero(auto& polynomial) -{ - bool has_non_zero_coefficient = false; - for (auto& coeff : polynomial) { - has_non_zero_coefficient |= !coeff.is_zero(); - } - ASSERT_TRUE(has_non_zero_coefficient); -} - -/** - * @brief Check that a given relation is satified for a set of polynomials - * - * @tparam relation_idx Index into a tuple of provided relations - * @tparam Flavor - */ -template void check_relation(auto relation, auto circuit_size, auto polynomials, auto params) -{ - using ClaimedEvaluations = typename Flavor::ClaimedEvaluations; - for (size_t i = 0; i < circuit_size; i++) { - - // Extract an array containing all the polynomial evaluations at a given row i - ClaimedEvaluations evaluations_at_index_i; - size_t poly_idx = 0; - for (auto& poly : polynomials) { - evaluations_at_index_i[poly_idx] = poly[i]; - ++poly_idx; - } - - // Define the appropriate RelationValues type for this relation and initialize to zero - using RelationValues = typename decltype(relation)::RelationValues; - RelationValues result; - for (auto& element : result) { - element = 0; - } - - // Evaluate each constraint in the relation and check that each is satisfied - relation.add_full_relation_value_contribution(result, evaluations_at_index_i, params); - for (auto& element : result) { - ASSERT_EQ(element, 0); - } - } -} - -/** - * @brief Test the correctness of the Standard Honk relations - * - * @details Check that the constraints encoded by the relations are satisfied by the polynomials produced by the - * Standard Honk Composer for a real circuit. - * - * TODO(Kesha): We'll have to update this function once we add zk, since the relation will be incorrect for he first few - * indices - * - */ -TEST(RelationCorrectness, StandardRelationCorrectness) -{ - using Flavor = honk::flavor::Standard; - using FF = typename Flavor::FF; - using ProverPolynomials = typename Flavor::ProverPolynomials; - // using ClaimedEvaluations = typename Flavor::ClaimedEvaluations; - - // Create a composer and a dummy circuit with a few gates - auto composer = StandardHonkComposer(); - fr a = fr::one(); - // Using the public variable to check that public_input_delta is computed and added to the relation correctly - uint32_t a_idx = composer.add_public_variable(a); - fr b = fr::one(); - fr c = a + b; - fr d = a + c; - uint32_t b_idx = composer.add_variable(b); - uint32_t c_idx = composer.add_variable(c); - uint32_t d_idx = composer.add_variable(d); - for (size_t i = 0; i < 16; i++) { - composer.create_add_gate({ a_idx, b_idx, c_idx, fr::one(), fr::one(), fr::neg_one(), fr::zero() }); - composer.create_add_gate({ d_idx, c_idx, a_idx, fr::one(), fr::neg_one(), fr::neg_one(), fr::zero() }); - } - // Create a prover (it will compute proving key and witness) - auto prover = composer.create_prover(); - auto circuit_size = prover.key->circuit_size; - - // Generate beta and gamma - fr beta = fr::random_element(); - fr gamma = fr::random_element(); - - // Compute public input delta - const auto public_inputs = composer.circuit_constructor.get_public_inputs(); - auto public_input_delta = - honk::compute_public_input_delta(public_inputs, beta, gamma, prover.key->circuit_size); - - sumcheck::RelationParameters params{ - .beta = beta, - .gamma = gamma, - .public_input_delta = public_input_delta, - }; - - // Compute grand product polynomial - polynomial z_permutation = - prover_library::compute_permutation_grand_product(prover.key, beta, gamma); - - // Create an array of spans to the underlying polynomials to more easily - // get the transposition. - // Ex: polynomial_spans[3][i] returns the i-th coefficient of the third polynomial - // in the list below - ProverPolynomials prover_polynomials; - - prover_polynomials.w_l = prover.key->w_l; - prover_polynomials.w_r = prover.key->w_r; - prover_polynomials.w_o = prover.key->w_o; - prover_polynomials.z_perm = z_permutation; - prover_polynomials.z_perm_shift = z_permutation.shifted(); - prover_polynomials.q_m = prover.key->q_m; - prover_polynomials.q_l = prover.key->q_l; - prover_polynomials.q_r = prover.key->q_r; - prover_polynomials.q_o = prover.key->q_o; - prover_polynomials.q_c = prover.key->q_c; - prover_polynomials.sigma_1 = prover.key->sigma_1; - prover_polynomials.sigma_2 = prover.key->sigma_2; - prover_polynomials.sigma_3 = prover.key->sigma_3; - prover_polynomials.id_1 = prover.key->id_1; - prover_polynomials.id_2 = prover.key->id_2; - prover_polynomials.id_3 = prover.key->id_3; - prover_polynomials.lagrange_first = prover.key->lagrange_first; - prover_polynomials.lagrange_last = prover.key->lagrange_last; - - // Construct the round for applying sumcheck relations and results for storing computed results - auto relations = std::tuple(honk::sumcheck::ArithmeticRelation(), honk::sumcheck::PermutationRelation()); - - // Check that each relation is satisfied across each row of the prover polynomials - check_relation(std::get<0>(relations), circuit_size, prover_polynomials, params); - check_relation(std::get<1>(relations), circuit_size, prover_polynomials, params); -} - -/** - * @brief Test the correctness of the Ultra Honk relations - * - * @details Check that the constraints encoded by the relations are satisfied by the polynomials produced by the - * Ultra Honk Composer for a real circuit. - * - * TODO(Kesha): We'll have to update this function once we add zk, since the relation will be incorrect for he first few - * indices - * - */ -// TODO(luke): possibly make circuit construction one or many functions to clarify the individual components -// TODO(luke): Add a gate that sets q_arith = 3 to check secondary arithmetic relation -TEST(RelationCorrectness, UltraRelationCorrectness) -{ - using Flavor = honk::flavor::Ultra; - using FF = typename Flavor::FF; - using ProverPolynomials = typename Flavor::ProverPolynomials; - // using ClaimedEvaluations = typename Flavor::ClaimedEvaluations; - - // Create a composer and then add an assortment of gates designed to ensure that the constraint(s) represented - // by each relation are non-trivially exercised. - auto composer = UltraHonkComposer(); - - barretenberg::fr pedersen_input_value = fr::random_element(); - fr a = fr::one(); - // Using the public variable to check that public_input_delta is computed and added to the relation correctly - // TODO(luke): add method "add_public_variable" to UH composer - // uint32_t a_idx = composer.add_public_variable(a); - - // Add some basic add gates - uint32_t a_idx = composer.add_variable(a); - fr b = fr::one(); - fr c = a + b; - fr d = a + c; - uint32_t b_idx = composer.add_variable(b); - uint32_t c_idx = composer.add_variable(c); - uint32_t d_idx = composer.add_variable(d); - for (size_t i = 0; i < 16; i++) { - composer.create_add_gate({ a_idx, b_idx, c_idx, 1, 1, -1, 0 }); - composer.create_add_gate({ d_idx, c_idx, a_idx, 1, -1, -1, 0 }); - } - - // Add a big add gate with use of next row to test q_arith = 2 - fr e = a + b + c + d; - uint32_t e_idx = composer.add_variable(e); - - uint32_t zero_idx = composer.get_zero_idx(); - composer.create_big_add_gate({ a_idx, b_idx, c_idx, d_idx, -1, -1, -1, -1, 0 }, true); // use next row - composer.create_big_add_gate({ zero_idx, zero_idx, zero_idx, e_idx, 0, 0, 0, 0, 0 }, false); - - // Add some lookup gates (related to pedersen hashing) - const fr input_hi = uint256_t(pedersen_input_value).slice(126, 256); - const fr input_lo = uint256_t(pedersen_input_value).slice(0, 126); - const auto input_hi_index = composer.add_variable(input_hi); - const auto input_lo_index = composer.add_variable(input_lo); - - const auto sequence_data_hi = plookup::get_lookup_accumulators(plookup::MultiTableId::PEDERSEN_LEFT_HI, input_hi); - const auto sequence_data_lo = plookup::get_lookup_accumulators(plookup::MultiTableId::PEDERSEN_LEFT_LO, input_lo); - - composer.create_gates_from_plookup_accumulators( - plookup::MultiTableId::PEDERSEN_LEFT_HI, sequence_data_hi, input_hi_index); - composer.create_gates_from_plookup_accumulators( - plookup::MultiTableId::PEDERSEN_LEFT_LO, sequence_data_lo, input_lo_index); - - // Add a sort gate (simply checks that consecutive inputs have a difference of < 4) - a_idx = composer.add_variable(FF(0)); - b_idx = composer.add_variable(FF(1)); - c_idx = composer.add_variable(FF(2)); - d_idx = composer.add_variable(FF(3)); - composer.create_sort_constraint({ a_idx, b_idx, c_idx, d_idx }); - - // Add an elliptic curve addition gate - grumpkin::g1::affine_element p1 = crypto::generators::get_generator_data({ 0, 0 }).generator; - grumpkin::g1::affine_element p2 = crypto::generators::get_generator_data({ 0, 1 }).generator; - - grumpkin::fq beta_scalar = grumpkin::fq::cube_root_of_unity(); - grumpkin::g1::affine_element p2_endo = p2; - p2_endo.x *= beta_scalar; - - grumpkin::g1::affine_element p3(grumpkin::g1::element(p1) - grumpkin::g1::element(p2_endo)); - - uint32_t x1 = composer.add_variable(p1.x); - uint32_t y1 = composer.add_variable(p1.y); - uint32_t x2 = composer.add_variable(p2.x); - uint32_t y2 = composer.add_variable(p2.y); - uint32_t x3 = composer.add_variable(p3.x); - uint32_t y3 = composer.add_variable(p3.y); - - ecc_add_gate gate{ x1, y1, x2, y2, x3, y3, beta_scalar, -1 }; - composer.create_ecc_add_gate(gate); - - // Add some RAM gates - uint32_t ram_values[8]{ - composer.add_variable(fr::random_element()), composer.add_variable(fr::random_element()), - composer.add_variable(fr::random_element()), composer.add_variable(fr::random_element()), - composer.add_variable(fr::random_element()), composer.add_variable(fr::random_element()), - composer.add_variable(fr::random_element()), composer.add_variable(fr::random_element()), - }; - - size_t ram_id = composer.create_RAM_array(8); - - for (size_t i = 0; i < 8; ++i) { - composer.init_RAM_element(ram_id, i, ram_values[i]); - } - - a_idx = composer.read_RAM_array(ram_id, composer.add_variable(5)); - EXPECT_EQ(a_idx != ram_values[5], true); - - b_idx = composer.read_RAM_array(ram_id, composer.add_variable(4)); - c_idx = composer.read_RAM_array(ram_id, composer.add_variable(1)); - - composer.write_RAM_array(ram_id, composer.add_variable(4), composer.add_variable(500)); - d_idx = composer.read_RAM_array(ram_id, composer.add_variable(4)); - - EXPECT_EQ(composer.get_variable(d_idx), 500); - - // ensure these vars get used in another arithmetic gate - const auto e_value = composer.get_variable(a_idx) + composer.get_variable(b_idx) + composer.get_variable(c_idx) + - composer.get_variable(d_idx); - e_idx = composer.add_variable(e_value); - - composer.create_big_add_gate({ a_idx, b_idx, c_idx, d_idx, -1, -1, -1, -1, 0 }, true); - composer.create_big_add_gate( - { - composer.get_zero_idx(), - composer.get_zero_idx(), - composer.get_zero_idx(), - e_idx, - 0, - 0, - 0, - 0, - 0, - }, - false); - - // Create a prover (it will compute proving key and witness) - auto prover = composer.create_prover(); - auto circuit_size = prover.key->circuit_size; - - // Generate eta, beta and gamma - fr eta = fr::random_element(); - fr beta = fr::random_element(); - fr gamma = fr::random_element(); - - // Compute public input delta - const auto public_inputs = composer.circuit_constructor.get_public_inputs(); - auto public_input_delta = - honk::compute_public_input_delta(public_inputs, beta, gamma, prover.key->circuit_size); - auto lookup_grand_product_delta = - honk::compute_lookup_grand_product_delta(beta, gamma, prover.key->circuit_size); - - sumcheck::RelationParameters params{ - .eta = eta, - .beta = beta, - .gamma = gamma, - .public_input_delta = public_input_delta, - .lookup_grand_product_delta = lookup_grand_product_delta, - }; - - // Compute sorted witness-table accumulator - prover.key->sorted_accum = prover_library::compute_sorted_list_accumulator(prover.key, eta); - - // Add RAM/ROM memory records to wire four - prover_library::add_plookup_memory_records_to_wire_4(prover.key, eta); - - // Compute grand product polynomial - prover.key->z_perm = prover_library::compute_permutation_grand_product(prover.key, beta, gamma); - - // Compute lookup grand product polynomial - prover.key->z_lookup = prover_library::compute_lookup_grand_product(prover.key, eta, beta, gamma); - - ProverPolynomials prover_polynomials; - - prover_polynomials.w_l = prover.key->w_l; - prover_polynomials.w_r = prover.key->w_r; - prover_polynomials.w_o = prover.key->w_o; - prover_polynomials.w_4 = prover.key->w_4; - prover_polynomials.w_l_shift = prover.key->w_l.shifted(); - prover_polynomials.w_r_shift = prover.key->w_r.shifted(); - prover_polynomials.w_o_shift = prover.key->w_o.shifted(); - prover_polynomials.w_4_shift = prover.key->w_4.shifted(); - prover_polynomials.sorted_accum = prover.key->sorted_accum; - prover_polynomials.sorted_accum_shift = prover.key->sorted_accum.shifted(); - prover_polynomials.table_1 = prover.key->table_1; - prover_polynomials.table_2 = prover.key->table_2; - prover_polynomials.table_3 = prover.key->table_3; - prover_polynomials.table_4 = prover.key->table_4; - prover_polynomials.table_1_shift = prover.key->table_1.shifted(); - prover_polynomials.table_2_shift = prover.key->table_2.shifted(); - prover_polynomials.table_3_shift = prover.key->table_3.shifted(); - prover_polynomials.table_4_shift = prover.key->table_4.shifted(); - prover_polynomials.z_perm = prover.key->z_perm; - prover_polynomials.z_perm_shift = prover.key->z_perm.shifted(); - prover_polynomials.z_lookup = prover.key->z_lookup; - prover_polynomials.z_lookup_shift = prover.key->z_lookup.shifted(); - prover_polynomials.q_m = prover.key->q_m; - prover_polynomials.q_l = prover.key->q_l; - prover_polynomials.q_r = prover.key->q_r; - prover_polynomials.q_o = prover.key->q_o; - prover_polynomials.q_c = prover.key->q_c; - prover_polynomials.q_4 = prover.key->q_4; - prover_polynomials.q_arith = prover.key->q_arith; - prover_polynomials.q_sort = prover.key->q_sort; - prover_polynomials.q_elliptic = prover.key->q_elliptic; - prover_polynomials.q_aux = prover.key->q_aux; - prover_polynomials.q_lookup = prover.key->q_lookup; - prover_polynomials.sigma_1 = prover.key->sigma_1; - prover_polynomials.sigma_2 = prover.key->sigma_2; - prover_polynomials.sigma_3 = prover.key->sigma_3; - prover_polynomials.sigma_4 = prover.key->sigma_4; - prover_polynomials.id_1 = prover.key->id_1; - prover_polynomials.id_2 = prover.key->id_2; - prover_polynomials.id_3 = prover.key->id_3; - prover_polynomials.id_4 = prover.key->id_4; - prover_polynomials.lagrange_first = prover.key->lagrange_first; - prover_polynomials.lagrange_last = prover.key->lagrange_last; - - // Check that selectors are nonzero to ensure corresponding relation has nontrivial contribution - ensure_non_zero(prover.key->q_arith); - ensure_non_zero(prover.key->q_sort); - ensure_non_zero(prover.key->q_lookup); - ensure_non_zero(prover.key->q_elliptic); - ensure_non_zero(prover.key->q_aux); - - // Construct the round for applying sumcheck relations and results for storing computed results - auto relations = std::tuple(honk::sumcheck::UltraArithmeticRelation(), - honk::sumcheck::UltraPermutationRelation(), - honk::sumcheck::LookupRelation(), - honk::sumcheck::GenPermSortRelation(), - honk::sumcheck::EllipticRelation(), - honk::sumcheck::AuxiliaryRelation()); - - // Check that each relation is satisfied across each row of the prover polynomials - check_relation(std::get<0>(relations), circuit_size, prover_polynomials, params); - check_relation(std::get<1>(relations), circuit_size, prover_polynomials, params); - check_relation(std::get<2>(relations), circuit_size, prover_polynomials, params); - check_relation(std::get<3>(relations), circuit_size, prover_polynomials, params); - check_relation(std::get<4>(relations), circuit_size, prover_polynomials, params); - check_relation(std::get<5>(relations), circuit_size, prover_polynomials, params); -} +// void ensure_non_zero(auto& polynomial) +// { +// bool has_non_zero_coefficient = false; +// for (auto& coeff : polynomial) { +// has_non_zero_coefficient |= !coeff.is_zero(); +// } +// ASSERT_TRUE(has_non_zero_coefficient); +// } + +// /** +// * @brief Check that a given relation is satified for a set of polynomials +// * +// * @tparam relation_idx Index into a tuple of provided relations +// * @tparam Flavor +// */ +// template void check_relation(auto relation, auto circuit_size, auto polynomials, auto params) +// { +// using ClaimedEvaluations = typename Flavor::ClaimedEvaluations; +// for (size_t i = 0; i < circuit_size; i++) { + +// // Extract an array containing all the polynomial evaluations at a given row i +// ClaimedEvaluations evaluations_at_index_i; +// size_t poly_idx = 0; +// for (auto& poly : polynomials) { +// evaluations_at_index_i[poly_idx] = poly[i]; +// ++poly_idx; +// } + +// // Define the appropriate RelationValues type for this relation and initialize to zero +// using RelationValues = typename decltype(relation)::RelationValues; +// RelationValues result; +// for (auto& element : result) { +// element = 0; +// } + +// // Evaluate each constraint in the relation and check that each is satisfied +// relation.add_full_relation_value_contribution(result, evaluations_at_index_i, params); +// for (auto& element : result) { +// ASSERT_EQ(element, 0); +// } +// } +// } + +// /** +// * @brief Test the correctness of the Standard Honk relations +// * +// * @details Check that the constraints encoded by the relations are satisfied by the polynomials produced by the +// * Standard Honk Composer for a real circuit. +// * +// * TODO(Kesha): We'll have to update this function once we add zk, since the relation will be incorrect for he first +// few +// * indices +// * +// */ +// TEST(RelationCorrectness, StandardRelationCorrectness) +// { +// using Flavor = honk::flavor::Standard; +// using FF = typename Flavor::FF; +// using ProverPolynomials = typename Flavor::ProverPolynomials; +// // using ClaimedEvaluations = typename Flavor::ClaimedEvaluations; + +// // Create a composer and a dummy circuit with a few gates +// auto composer = StandardHonkComposer(); +// fr a = fr::one(); +// // Using the public variable to check that public_input_delta is computed and added to the relation correctly +// uint32_t a_idx = composer.add_public_variable(a); +// fr b = fr::one(); +// fr c = a + b; +// fr d = a + c; +// uint32_t b_idx = composer.add_variable(b); +// uint32_t c_idx = composer.add_variable(c); +// uint32_t d_idx = composer.add_variable(d); +// for (size_t i = 0; i < 16; i++) { +// composer.create_add_gate({ a_idx, b_idx, c_idx, fr::one(), fr::one(), fr::neg_one(), fr::zero() }); +// composer.create_add_gate({ d_idx, c_idx, a_idx, fr::one(), fr::neg_one(), fr::neg_one(), fr::zero() }); +// } +// // Create a prover (it will compute proving key and witness) +// auto prover = composer.create_prover(); +// auto circuit_size = prover.key->circuit_size; + +// // Generate beta and gamma +// fr beta = fr::random_element(); +// fr gamma = fr::random_element(); + +// // Compute public input delta +// const auto public_inputs = composer.circuit_constructor.get_public_inputs(); +// auto public_input_delta = +// honk::compute_public_input_delta(public_inputs, beta, gamma, prover.key->circuit_size); + +// sumcheck::RelationParameters params{ +// .beta = beta, +// .gamma = gamma, +// .public_input_delta = public_input_delta, +// }; + +// // Compute grand product polynomial +// polynomial z_permutation = +// prover_library::compute_permutation_grand_product(prover.key, beta, gamma); + +// // Create an array of spans to the underlying polynomials to more easily +// // get the transposition. +// // Ex: polynomial_spans[3][i] returns the i-th coefficient of the third polynomial +// // in the list below +// ProverPolynomials prover_polynomials; + +// prover_polynomials.w_l = prover.key->w_l; +// prover_polynomials.w_r = prover.key->w_r; +// prover_polynomials.w_o = prover.key->w_o; +// prover_polynomials.z_perm = z_permutation; +// prover_polynomials.z_perm_shift = z_permutation.shifted(); +// prover_polynomials.q_m = prover.key->q_m; +// prover_polynomials.q_l = prover.key->q_l; +// prover_polynomials.q_r = prover.key->q_r; +// prover_polynomials.q_o = prover.key->q_o; +// prover_polynomials.q_c = prover.key->q_c; +// prover_polynomials.sigma_1 = prover.key->sigma_1; +// prover_polynomials.sigma_2 = prover.key->sigma_2; +// prover_polynomials.sigma_3 = prover.key->sigma_3; +// prover_polynomials.id_1 = prover.key->id_1; +// prover_polynomials.id_2 = prover.key->id_2; +// prover_polynomials.id_3 = prover.key->id_3; +// prover_polynomials.lagrange_first = prover.key->lagrange_first; +// prover_polynomials.lagrange_last = prover.key->lagrange_last; + +// // Construct the round for applying sumcheck relations and results for storing computed results +// auto relations = std::tuple(honk::sumcheck::ArithmeticRelation(), honk::sumcheck::PermutationRelation()); + +// // Check that each relation is satisfied across each row of the prover polynomials +// check_relation(std::get<0>(relations), circuit_size, prover_polynomials, params); +// check_relation(std::get<1>(relations), circuit_size, prover_polynomials, params); +// } + +// /** +// * @brief Test the correctness of the Ultra Honk relations +// * +// * @details Check that the constraints encoded by the relations are satisfied by the polynomials produced by the +// * Ultra Honk Composer for a real circuit. +// * +// * TODO(Kesha): We'll have to update this function once we add zk, since the relation will be incorrect for he first +// few +// * indices +// * +// */ +// // TODO(luke): possibly make circuit construction one or many functions to clarify the individual components +// // TODO(luke): Add a gate that sets q_arith = 3 to check secondary arithmetic relation +// TEST(RelationCorrectness, UltraRelationCorrectness) +// { +// using Flavor = honk::flavor::Ultra; +// using FF = typename Flavor::FF; +// using ProverPolynomials = typename Flavor::ProverPolynomials; +// // using ClaimedEvaluations = typename Flavor::ClaimedEvaluations; + +// // Create a composer and then add an assortment of gates designed to ensure that the constraint(s) represented +// // by each relation are non-trivially exercised. +// auto composer = UltraHonkComposer(); + +// barretenberg::fr pedersen_input_value = fr::random_element(); +// fr a = fr::one(); +// // Using the public variable to check that public_input_delta is computed and added to the relation correctly +// // TODO(luke): add method "add_public_variable" to UH composer +// // uint32_t a_idx = composer.add_public_variable(a); + +// // Add some basic add gates +// uint32_t a_idx = composer.add_variable(a); +// fr b = fr::one(); +// fr c = a + b; +// fr d = a + c; +// uint32_t b_idx = composer.add_variable(b); +// uint32_t c_idx = composer.add_variable(c); +// uint32_t d_idx = composer.add_variable(d); +// for (size_t i = 0; i < 16; i++) { +// composer.create_add_gate({ a_idx, b_idx, c_idx, 1, 1, -1, 0 }); +// composer.create_add_gate({ d_idx, c_idx, a_idx, 1, -1, -1, 0 }); +// } + +// // Add a big add gate with use of next row to test q_arith = 2 +// fr e = a + b + c + d; +// uint32_t e_idx = composer.add_variable(e); + +// uint32_t zero_idx = composer.get_zero_idx(); +// composer.create_big_add_gate({ a_idx, b_idx, c_idx, d_idx, -1, -1, -1, -1, 0 }, true); // use next row +// composer.create_big_add_gate({ zero_idx, zero_idx, zero_idx, e_idx, 0, 0, 0, 0, 0 }, false); + +// // Add some lookup gates (related to pedersen hashing) +// const fr input_hi = uint256_t(pedersen_input_value).slice(126, 256); +// const fr input_lo = uint256_t(pedersen_input_value).slice(0, 126); +// const auto input_hi_index = composer.add_variable(input_hi); +// const auto input_lo_index = composer.add_variable(input_lo); + +// const auto sequence_data_hi = plookup::get_lookup_accumulators(plookup::MultiTableId::PEDERSEN_LEFT_HI, +// input_hi); const auto sequence_data_lo = +// plookup::get_lookup_accumulators(plookup::MultiTableId::PEDERSEN_LEFT_LO, input_lo); + +// composer.create_gates_from_plookup_accumulators( +// plookup::MultiTableId::PEDERSEN_LEFT_HI, sequence_data_hi, input_hi_index); +// composer.create_gates_from_plookup_accumulators( +// plookup::MultiTableId::PEDERSEN_LEFT_LO, sequence_data_lo, input_lo_index); + +// // Add a sort gate (simply checks that consecutive inputs have a difference of < 4) +// a_idx = composer.add_variable(FF(0)); +// b_idx = composer.add_variable(FF(1)); +// c_idx = composer.add_variable(FF(2)); +// d_idx = composer.add_variable(FF(3)); +// composer.create_sort_constraint({ a_idx, b_idx, c_idx, d_idx }); + +// // Add an elliptic curve addition gate +// grumpkin::g1::affine_element p1 = crypto::generators::get_generator_data({ 0, 0 }).generator; +// grumpkin::g1::affine_element p2 = crypto::generators::get_generator_data({ 0, 1 }).generator; + +// grumpkin::fq beta_scalar = grumpkin::fq::cube_root_of_unity(); +// grumpkin::g1::affine_element p2_endo = p2; +// p2_endo.x *= beta_scalar; + +// grumpkin::g1::affine_element p3(grumpkin::g1::element(p1) - grumpkin::g1::element(p2_endo)); + +// uint32_t x1 = composer.add_variable(p1.x); +// uint32_t y1 = composer.add_variable(p1.y); +// uint32_t x2 = composer.add_variable(p2.x); +// uint32_t y2 = composer.add_variable(p2.y); +// uint32_t x3 = composer.add_variable(p3.x); +// uint32_t y3 = composer.add_variable(p3.y); + +// ecc_add_gate gate{ x1, y1, x2, y2, x3, y3, beta_scalar, -1 }; +// composer.create_ecc_add_gate(gate); + +// // Add some RAM gates +// uint32_t ram_values[8]{ +// composer.add_variable(fr::random_element()), composer.add_variable(fr::random_element()), +// composer.add_variable(fr::random_element()), composer.add_variable(fr::random_element()), +// composer.add_variable(fr::random_element()), composer.add_variable(fr::random_element()), +// composer.add_variable(fr::random_element()), composer.add_variable(fr::random_element()), +// }; + +// size_t ram_id = composer.create_RAM_array(8); + +// for (size_t i = 0; i < 8; ++i) { +// composer.init_RAM_element(ram_id, i, ram_values[i]); +// } + +// a_idx = composer.read_RAM_array(ram_id, composer.add_variable(5)); +// EXPECT_EQ(a_idx != ram_values[5], true); + +// b_idx = composer.read_RAM_array(ram_id, composer.add_variable(4)); +// c_idx = composer.read_RAM_array(ram_id, composer.add_variable(1)); + +// composer.write_RAM_array(ram_id, composer.add_variable(4), composer.add_variable(500)); +// d_idx = composer.read_RAM_array(ram_id, composer.add_variable(4)); + +// EXPECT_EQ(composer.get_variable(d_idx), 500); + +// // ensure these vars get used in another arithmetic gate +// const auto e_value = composer.get_variable(a_idx) + composer.get_variable(b_idx) + composer.get_variable(c_idx) + +// composer.get_variable(d_idx); +// e_idx = composer.add_variable(e_value); + +// composer.create_big_add_gate({ a_idx, b_idx, c_idx, d_idx, -1, -1, -1, -1, 0 }, true); +// composer.create_big_add_gate( +// { +// composer.get_zero_idx(), +// composer.get_zero_idx(), +// composer.get_zero_idx(), +// e_idx, +// 0, +// 0, +// 0, +// 0, +// 0, +// }, +// false); + +// // Create a prover (it will compute proving key and witness) +// auto prover = composer.create_prover(); +// auto circuit_size = prover.key->circuit_size; + +// // Generate eta, beta and gamma +// fr eta = fr::random_element(); +// fr beta = fr::random_element(); +// fr gamma = fr::random_element(); + +// // Compute public input delta +// const auto public_inputs = composer.circuit_constructor.get_public_inputs(); +// auto public_input_delta = +// honk::compute_public_input_delta(public_inputs, beta, gamma, prover.key->circuit_size); +// auto lookup_grand_product_delta = +// honk::compute_lookup_grand_product_delta(beta, gamma, prover.key->circuit_size); + +// sumcheck::RelationParameters params{ +// .eta = eta, +// .beta = beta, +// .gamma = gamma, +// .public_input_delta = public_input_delta, +// .lookup_grand_product_delta = lookup_grand_product_delta, +// }; + +// // Compute sorted witness-table accumulator +// prover.key->sorted_accum = prover_library::compute_sorted_list_accumulator(prover.key, eta); + +// // Add RAM/ROM memory records to wire four +// prover_library::add_plookup_memory_records_to_wire_4(prover.key, eta); + +// // Compute grand product polynomial +// prover.key->z_perm = prover_library::compute_permutation_grand_product(prover.key, beta, gamma); + +// // Compute lookup grand product polynomial +// prover.key->z_lookup = prover_library::compute_lookup_grand_product(prover.key, eta, beta, gamma); + +// ProverPolynomials prover_polynomials; + +// prover_polynomials.w_l = prover.key->w_l; +// prover_polynomials.w_r = prover.key->w_r; +// prover_polynomials.w_o = prover.key->w_o; +// prover_polynomials.w_4 = prover.key->w_4; +// prover_polynomials.w_l_shift = prover.key->w_l.shifted(); +// prover_polynomials.w_r_shift = prover.key->w_r.shifted(); +// prover_polynomials.w_o_shift = prover.key->w_o.shifted(); +// prover_polynomials.w_4_shift = prover.key->w_4.shifted(); +// prover_polynomials.sorted_accum = prover.key->sorted_accum; +// prover_polynomials.sorted_accum_shift = prover.key->sorted_accum.shifted(); +// prover_polynomials.table_1 = prover.key->table_1; +// prover_polynomials.table_2 = prover.key->table_2; +// prover_polynomials.table_3 = prover.key->table_3; +// prover_polynomials.table_4 = prover.key->table_4; +// prover_polynomials.table_1_shift = prover.key->table_1.shifted(); +// prover_polynomials.table_2_shift = prover.key->table_2.shifted(); +// prover_polynomials.table_3_shift = prover.key->table_3.shifted(); +// prover_polynomials.table_4_shift = prover.key->table_4.shifted(); +// prover_polynomials.z_perm = prover.key->z_perm; +// prover_polynomials.z_perm_shift = prover.key->z_perm.shifted(); +// prover_polynomials.z_lookup = prover.key->z_lookup; +// prover_polynomials.z_lookup_shift = prover.key->z_lookup.shifted(); +// prover_polynomials.q_m = prover.key->q_m; +// prover_polynomials.q_l = prover.key->q_l; +// prover_polynomials.q_r = prover.key->q_r; +// prover_polynomials.q_o = prover.key->q_o; +// prover_polynomials.q_c = prover.key->q_c; +// prover_polynomials.q_4 = prover.key->q_4; +// prover_polynomials.q_arith = prover.key->q_arith; +// prover_polynomials.q_sort = prover.key->q_sort; +// prover_polynomials.q_elliptic = prover.key->q_elliptic; +// prover_polynomials.q_aux = prover.key->q_aux; +// prover_polynomials.q_lookup = prover.key->q_lookup; +// prover_polynomials.sigma_1 = prover.key->sigma_1; +// prover_polynomials.sigma_2 = prover.key->sigma_2; +// prover_polynomials.sigma_3 = prover.key->sigma_3; +// prover_polynomials.sigma_4 = prover.key->sigma_4; +// prover_polynomials.id_1 = prover.key->id_1; +// prover_polynomials.id_2 = prover.key->id_2; +// prover_polynomials.id_3 = prover.key->id_3; +// prover_polynomials.id_4 = prover.key->id_4; +// prover_polynomials.lagrange_first = prover.key->lagrange_first; +// prover_polynomials.lagrange_last = prover.key->lagrange_last; + +// // Check that selectors are nonzero to ensure corresponding relation has nontrivial contribution +// ensure_non_zero(prover.key->q_arith); +// ensure_non_zero(prover.key->q_sort); +// ensure_non_zero(prover.key->q_lookup); +// ensure_non_zero(prover.key->q_elliptic); +// ensure_non_zero(prover.key->q_aux); + +// // Construct the round for applying sumcheck relations and results for storing computed results +// auto relations = std::tuple(honk::sumcheck::UltraArithmeticRelation(), +// honk::sumcheck::UltraPermutationRelation(), +// honk::sumcheck::LookupRelation(), +// honk::sumcheck::GenPermSortRelation(), +// honk::sumcheck::EllipticRelation(), +// honk::sumcheck::AuxiliaryRelation()); + +// // Check that each relation is satisfied across each row of the prover polynomials +// check_relation(std::get<0>(relations), circuit_size, prover_polynomials, params); +// check_relation(std::get<1>(relations), circuit_size, prover_polynomials, params); +// check_relation(std::get<2>(relations), circuit_size, prover_polynomials, params); +// check_relation(std::get<3>(relations), circuit_size, prover_polynomials, params); +// check_relation(std::get<4>(relations), circuit_size, prover_polynomials, params); +// check_relation(std::get<5>(relations), circuit_size, prover_polynomials, params); +// } } // namespace test_honk_relations diff --git a/cpp/src/barretenberg/honk/sumcheck/sumcheck.test.cpp b/cpp/src/barretenberg/honk/sumcheck/sumcheck.test.cpp index c7dee556ca..97e930682f 100644 --- a/cpp/src/barretenberg/honk/sumcheck/sumcheck.test.cpp +++ b/cpp/src/barretenberg/honk/sumcheck/sumcheck.test.cpp @@ -156,8 +156,8 @@ TEST(Sumcheck, PolynomialNormalization) * sumcheck.multivariates.folded_polynoimals[i][0] is the evaluatioin of the i'th multivariate at the vector of challenges u_i. What does this mean? - Here we show that if the multivariate is F(X0, X1, X2) defined as above, then what we get is F(u0, u1, u2) and not, - say F(u2, u1, u0). This is in accordance with Adrian's thesis (cf page 9). + Here we show that if the multivariate is F(X0, X1, X2) defined as above, then what we get is F(u0, u1, u2) and + not, say F(u2, u1, u0). This is in accordance with Adrian's thesis (cf page 9). */ // Get the values of the Lagrange basis polys L_i defined diff --git a/cpp/src/barretenberg/honk/transcript/transcript.test.cpp b/cpp/src/barretenberg/honk/transcript/transcript.test.cpp index 5a819f5276..5d0733e5f1 100644 --- a/cpp/src/barretenberg/honk/transcript/transcript.test.cpp +++ b/cpp/src/barretenberg/honk/transcript/transcript.test.cpp @@ -5,6 +5,7 @@ #include "barretenberg/honk/sumcheck/polynomials/univariate.hpp" #include "barretenberg/numeric/bitop/get_msb.hpp" #include "barretenberg/honk/flavor/standard.hpp" +#include "barretenberg/proof_system/flavor/flavor.hpp" #include #include #include @@ -12,13 +13,16 @@ using namespace proof_system::honk; -template class TranscriptTest : public testing::Test { +template class TranscriptTest : public testing::Test { public: + using FF = typename Flavor::FF; /** * @brief Construct a manifest for a standard Honk proof * - * @details This is where we define the "Manifest" for a Standard Honk proof. The tests in this suite are intented - * to warn the developer if the Prover/Verifier has deviated from this manifest, however, the Transcript class is + * @details This is where we define the "Manifest" for a Standard Honk proof. The tests in this suite are + intented + * to warn the developer if the Prover/Verifier has deviated from this manifest, however, the Transcript class + is * not otherwise contrained to follow the manifest. * * @return TranscriptManifest @@ -33,7 +37,7 @@ template class TranscriptTest : public testing::Test { size_t size_FF = sizeof(FF); size_t size_G = 2 * size_FF; size_t size_uni = max_relation_length * size_FF; - size_t size_evals = flavor::Standard::NUM_ALL_ENTITIES * size_FF; + size_t size_evals = (Flavor::NUM_ALL_ENTITIES)*size_FF; size_t round = 0; manifest_expected.add_entry(round, "circuit_size", 4); @@ -80,24 +84,24 @@ template class TranscriptTest : public testing::Test { round++; // TODO(Mara): Make testing more flavor agnostic so we can test this with all flavors + if constexpr (IsGrumpkinFlavor) { + manifest_expected.add_entry(round, "IPA:poly_degree", circuit_size); + manifest_expected.add_challenge(round, "IPA:generator_challenge"); + + for (size_t i = 0; i < log_n; i++) { + round++; + std::string idx = std::to_string(i); + manifest_expected.add_entry(round, "IPA:L_" + idx, size_G); + manifest_expected.add_entry(round, "IPA:R_" + idx, size_G); + std::string label = "IPA:round_challenge_" + idx; + manifest_expected.add_challenge(round, label); + } - manifest_expected.add_entry(round, "KZG:W", size_G); - - // For IPA - // manifest_expected.add_entry(round, "IPA:poly_degree", circuit_size); - // manifest_expected.add_challenge(round, "IPA:generator_challenge"); - - // for (size_t i = 0; i < log_n; i++) { - // round++; - // std::string idx = std::to_string(i); - // manifest_expected.add_entry(round, "IPA:L_" + idx, size_G); - // manifest_expected.add_entry(round, "IPA:R_" + idx, size_G); - // std::string label = "IPA:round_challenge_" + idx; - // manifest_expected.add_challenge(round, label); - // } - - // round++; - // manifest_expected.add_entry(round, "IPA:a_0", size_FF); + round++; + manifest_expected.add_entry(round, "IPA:a_0", size_FF); + } else { + manifest_expected.add_entry(round, "KZG:W", size_G); + } manifest_expected.add_challenge(round); // no challenge @@ -105,8 +109,8 @@ template class TranscriptTest : public testing::Test { } }; -using FieldTypes = testing::Types; -TYPED_TEST_SUITE(TranscriptTest, FieldTypes); +using StandardFlavorTypes = testing::Types; +TYPED_TEST_SUITE(TranscriptTest, StandardFlavorTypes); /** * @brief Ensure consistency between the manifest hard coded in this testing suite and the one generated by the @@ -114,8 +118,9 @@ TYPED_TEST_SUITE(TranscriptTest, FieldTypes); */ TYPED_TEST(TranscriptTest, ProverManifestConsistency) { + using Flavor = TypeParam; // Construct a simple circuit of size n = 8 (i.e. the minimum circuit size) - auto composer = StandardHonkComposer(); + auto composer = StandardHonkComposer_(); fr a = 1; composer.circuit_constructor.add_variable(a); composer.circuit_constructor.add_public_variable(a); @@ -140,8 +145,9 @@ TYPED_TEST(TranscriptTest, ProverManifestConsistency) */ TYPED_TEST(TranscriptTest, VerifierManifestConsistency) { + using Flavor = TypeParam; // Construct a simple circuit of size n = 8 (i.e. the minimum circuit size) - auto composer = StandardHonkComposer(); + auto composer = StandardHonkComposer_(); fr a = 1; composer.circuit_constructor.add_variable(a); composer.circuit_constructor.add_public_variable(a); @@ -273,6 +279,7 @@ TYPED_TEST(TranscriptTest, VerifierMistake) * construction and the one generated by the verifier over the course of proof verification. * */ +// TODO: This is not a typed test and we should have a construct_ultra_honk_manifest as well. TYPED_TEST(TranscriptTest, UltraVerifierManifestConsistency) { // Construct a simple circuit of size n = 8 (i.e. the minimum circuit size) diff --git a/cpp/src/barretenberg/proof_system/flavor/flavor.hpp b/cpp/src/barretenberg/proof_system/flavor/flavor.hpp index 686b15ca26..12783fc196 100644 --- a/cpp/src/barretenberg/proof_system/flavor/flavor.hpp +++ b/cpp/src/barretenberg/proof_system/flavor/flavor.hpp @@ -297,7 +297,9 @@ static constexpr auto create_barycentric_utils() // Forward declare honk flavors namespace proof_system::honk::flavor { class Standard; +class StandardGrumpkin; class Ultra; +class UltraGrumpkin; } // namespace proof_system::honk::flavor // Forward declare plonk flavors @@ -323,11 +325,13 @@ template concept IsPlonkFlavor = IsAnyOf; template -concept IsHonkFlavor = IsAnyOf; +concept IsHonkFlavor = IsAnyOf; -template concept StandardFlavor = IsAnyOf; +template concept IsGrumpkinFlavor = IsAnyOf; -template concept UltraFlavor = IsAnyOf; +template concept StandardFlavor = IsAnyOf; + +template concept UltraFlavor = IsAnyOf; // clang-format on } // namespace proof_system diff --git a/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.hpp b/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.hpp index 41249ed4bc..6ea96484aa 100644 --- a/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.hpp +++ b/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.hpp @@ -3,8 +3,7 @@ #include #include -#include "../../primitives/composers/composers_fwd.hpp" -#include "../../primitives/composers/composers.hpp" +#include "barretenberg/stdlib/primitives/composers/composers_fwd.hpp" #include "../../primitives/field/field.hpp" #include "../../primitives/witness/witness.hpp" diff --git a/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.test.cpp b/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.test.cpp index 53f47c79a3..6563fd8a9c 100644 --- a/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.test.cpp +++ b/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.test.cpp @@ -1,5 +1,5 @@ #include "aes128.hpp" - +#include "barretenberg/stdlib/primitives/composers/composers.hpp" #include "barretenberg/crypto/aes128/aes128.hpp" #include diff --git a/cpp/src/barretenberg/stdlib/encryption/ecdsa/ecdsa.hpp b/cpp/src/barretenberg/stdlib/encryption/ecdsa/ecdsa.hpp index 20d1c32aba..0208b75595 100644 --- a/cpp/src/barretenberg/stdlib/encryption/ecdsa/ecdsa.hpp +++ b/cpp/src/barretenberg/stdlib/encryption/ecdsa/ecdsa.hpp @@ -4,7 +4,6 @@ #include "../../primitives/byte_array/byte_array.hpp" #include "../../primitives/uint/uint.hpp" #include "../../primitives/composers/composers_fwd.hpp" - namespace proof_system::plonk { namespace stdlib { namespace ecdsa { diff --git a/cpp/src/barretenberg/stdlib/encryption/ecdsa/ecdsa_impl.hpp b/cpp/src/barretenberg/stdlib/encryption/ecdsa/ecdsa_impl.hpp index a28b7817a3..097eab81a3 100644 --- a/cpp/src/barretenberg/stdlib/encryption/ecdsa/ecdsa_impl.hpp +++ b/cpp/src/barretenberg/stdlib/encryption/ecdsa/ecdsa_impl.hpp @@ -2,6 +2,8 @@ #include "../../hash/sha256/sha256.hpp" #include "../../primitives/bit_array/bit_array.hpp" +#include "../../primitives/composers/composers.hpp" + namespace proof_system::plonk { namespace stdlib { namespace ecdsa { diff --git a/cpp/src/barretenberg/stdlib/hash/blake2s/blake2s.hpp b/cpp/src/barretenberg/stdlib/hash/blake2s/blake2s.hpp index 4ab080c542..f056a21c83 100644 --- a/cpp/src/barretenberg/stdlib/hash/blake2s/blake2s.hpp +++ b/cpp/src/barretenberg/stdlib/hash/blake2s/blake2s.hpp @@ -1,10 +1,6 @@ #pragma once #include "barretenberg/stdlib/primitives/byte_array/byte_array.hpp" - -namespace proof_system::plonk { -class TurboPlonkComposer; -class UltraPlonkComposer; -} // namespace proof_system::plonk +#include "barretenberg/stdlib/primitives/composers/composers_fwd.hpp" namespace proof_system::plonk { namespace stdlib { diff --git a/cpp/src/barretenberg/stdlib/hash/blake3s/blake3s.hpp b/cpp/src/barretenberg/stdlib/hash/blake3s/blake3s.hpp index 96920f127c..d5bd02f5d2 100644 --- a/cpp/src/barretenberg/stdlib/hash/blake3s/blake3s.hpp +++ b/cpp/src/barretenberg/stdlib/hash/blake3s/blake3s.hpp @@ -1,10 +1,6 @@ #pragma once #include "barretenberg/stdlib/primitives/byte_array/byte_array.hpp" - -namespace proof_system::plonk { -class TurboPlonkComposer; -class UltraPlonkComposer; -} // namespace proof_system::plonk +#include "barretenberg/stdlib/primitives/composers/composers_fwd.hpp" namespace proof_system::plonk { namespace stdlib { diff --git a/cpp/src/barretenberg/stdlib/hash/blake3s/blake3s.test.cpp b/cpp/src/barretenberg/stdlib/hash/blake3s/blake3s.test.cpp index 70d6c6941e..6e951187c7 100644 --- a/cpp/src/barretenberg/stdlib/hash/blake3s/blake3s.test.cpp +++ b/cpp/src/barretenberg/stdlib/hash/blake3s/blake3s.test.cpp @@ -3,6 +3,7 @@ #include "barretenberg/crypto/blake3s/blake3s.hpp" #include "barretenberg/common/streams.hpp" #include +#include "barretenberg/stdlib/primitives/composers/composers.hpp" using namespace barretenberg; using namespace proof_system::plonk; diff --git a/cpp/src/barretenberg/stdlib/hash/sha256/sha256.hpp b/cpp/src/barretenberg/stdlib/hash/sha256/sha256.hpp index 10670df7d9..e123dc723a 100644 --- a/cpp/src/barretenberg/stdlib/hash/sha256/sha256.hpp +++ b/cpp/src/barretenberg/stdlib/hash/sha256/sha256.hpp @@ -3,15 +3,9 @@ #include "barretenberg/stdlib/primitives/uint/uint.hpp" #include "barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.hpp" #include "barretenberg/stdlib/primitives/byte_array/byte_array.hpp" - +#include "barretenberg/stdlib/primitives/composers/composers_fwd.hpp" #include "sha256_plookup.hpp" - -namespace proof_system::plonk { -class UltraPlonkComposer; -class StandardPlonkComposer; -class TurboPlonkComposer; -class UltraHonkComposer; -} // namespace proof_system::plonk +// namespace proof_system::plonk namespace proof_system::plonk { namespace stdlib { diff --git a/cpp/src/barretenberg/stdlib/hash/sha256/sha256.test.cpp b/cpp/src/barretenberg/stdlib/hash/sha256/sha256.test.cpp index 6296aff821..9fb1261eb9 100644 --- a/cpp/src/barretenberg/stdlib/hash/sha256/sha256.test.cpp +++ b/cpp/src/barretenberg/stdlib/hash/sha256/sha256.test.cpp @@ -1,9 +1,7 @@ #include "sha256.hpp" #include "barretenberg/common/test.hpp" #include "barretenberg/crypto/sha256/sha256.hpp" -#include "barretenberg/plonk/composer/standard_plonk_composer.hpp" -#include "barretenberg/plonk/composer/turbo_plonk_composer.hpp" -#include "barretenberg/plonk/composer/ultra_plonk_composer.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" #include "barretenberg/proof_system/plookup_tables/plookup_tables.hpp" #include "barretenberg/numeric/random/engine.hpp" diff --git a/cpp/src/barretenberg/stdlib/hash/sha256/sha256_plookup.hpp b/cpp/src/barretenberg/stdlib/hash/sha256/sha256_plookup.hpp index 06472cdcb3..447ca209a4 100644 --- a/cpp/src/barretenberg/stdlib/hash/sha256/sha256_plookup.hpp +++ b/cpp/src/barretenberg/stdlib/hash/sha256/sha256_plookup.hpp @@ -4,14 +4,11 @@ #include "barretenberg/stdlib/primitives/uint/uint.hpp" #include "barretenberg/numeric/bitop/sparse_form.hpp" +#include "barretenberg/stdlib/primitives/composers/composers_fwd.hpp" #include "../../primitives/field/field.hpp" #include "../../primitives/packed_byte_array/packed_byte_array.hpp" -namespace proof_system::plonk { -class UltraPlonkComposer; -} // namespace proof_system::plonk - namespace proof_system::plonk { namespace stdlib { namespace sha256_plookup { diff --git a/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.test.cpp b/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.test.cpp index 58e5b5b4b8..567edcd7a5 100644 --- a/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.test.cpp @@ -9,10 +9,7 @@ #include "../byte_array/byte_array.hpp" #include "../field/field.hpp" #include "./bigfield.hpp" -#include "barretenberg/honk/composer/standard_honk_composer.hpp" -#include "barretenberg/honk/composer/ultra_honk_composer.hpp" -#include "barretenberg/plonk/composer/standard_plonk_composer.hpp" - +#include "barretenberg/stdlib/primitives/composers/composers.hpp" #include "barretenberg/stdlib/primitives/curves/bn254.hpp" #include "barretenberg/plonk/proof_system/prover/prover.hpp" #include "barretenberg/plonk/proof_system/verifier/verifier.hpp" diff --git a/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.hpp b/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.hpp index 7e42b5c4bb..c44f550ab7 100644 --- a/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.hpp @@ -12,8 +12,6 @@ #include "barretenberg/ecc/curves/secp256r1/secp256r1.hpp" #include "barretenberg/ecc/curves/bn254/g1.hpp" -#include "../composers/composers_fwd.hpp" - namespace proof_system::plonk { namespace stdlib { diff --git a/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.test.cpp b/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.test.cpp index 037f8e1f8a..9176076a56 100644 --- a/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.test.cpp @@ -5,8 +5,7 @@ #include "../biggroup/biggroup.hpp" #include "../bool/bool.hpp" #include "../field/field.hpp" -#include "barretenberg/honk/composer/standard_honk_composer.hpp" -#include "barretenberg/honk/composer/ultra_honk_composer.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" #include "barretenberg/stdlib/primitives/curves/bn254.hpp" #include "barretenberg/stdlib/primitives/curves/secp256r1.hpp" diff --git a/cpp/src/barretenberg/stdlib/primitives/bit_array/bit_array.hpp b/cpp/src/barretenberg/stdlib/primitives/bit_array/bit_array.hpp index 2183dceebb..a3e6846b9b 100644 --- a/cpp/src/barretenberg/stdlib/primitives/bit_array/bit_array.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/bit_array/bit_array.hpp @@ -1,7 +1,6 @@ #pragma once #include "../composers/composers_fwd.hpp" #include "../uint/uint.hpp" -#include "barretenberg/honk/composer/standard_honk_composer.hpp" #include namespace proof_system::plonk { diff --git a/cpp/src/barretenberg/stdlib/primitives/bit_array/bit_array.test.cpp b/cpp/src/barretenberg/stdlib/primitives/bit_array/bit_array.test.cpp index c015391199..29ca9133d2 100644 --- a/cpp/src/barretenberg/stdlib/primitives/bit_array/bit_array.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/bit_array/bit_array.test.cpp @@ -1,7 +1,7 @@ #include "bit_array.hpp" #include #include "barretenberg/numeric/random/engine.hpp" -#include "barretenberg/honk/composer/standard_honk_composer.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" #include "barretenberg/stdlib/primitives/byte_array/byte_array.hpp" #include "barretenberg/stdlib/primitives/field/field.hpp" #include "barretenberg/stdlib/primitives/witness/witness.hpp" diff --git a/cpp/src/barretenberg/stdlib/primitives/bool/bool.cpp b/cpp/src/barretenberg/stdlib/primitives/bool/bool.cpp index 6d3e1e8d1a..30e83c42a7 100644 --- a/cpp/src/barretenberg/stdlib/primitives/bool/bool.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/bool/bool.cpp @@ -1,6 +1,5 @@ #include "bool.hpp" #include "../composers/composers.hpp" -#include "barretenberg/honk/composer/standard_honk_composer.hpp" using namespace barretenberg; using namespace proof_system; diff --git a/cpp/src/barretenberg/stdlib/primitives/bool/bool.hpp b/cpp/src/barretenberg/stdlib/primitives/bool/bool.hpp index 725a555e78..df145df629 100644 --- a/cpp/src/barretenberg/stdlib/primitives/bool/bool.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/bool/bool.hpp @@ -1,8 +1,6 @@ #pragma once #include "../composers/composers_fwd.hpp" #include "../witness/witness.hpp" -#include "barretenberg/honk/composer/standard_honk_composer.hpp" - namespace proof_system::plonk { namespace stdlib { diff --git a/cpp/src/barretenberg/stdlib/primitives/bool/bool.test.cpp b/cpp/src/barretenberg/stdlib/primitives/bool/bool.test.cpp index 814a8f83ea..37cde2d465 100644 --- a/cpp/src/barretenberg/stdlib/primitives/bool/bool.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/bool/bool.test.cpp @@ -1,7 +1,6 @@ #include "bool.hpp" -#include "barretenberg/plonk/composer/standard_plonk_composer.hpp" #include -#include "barretenberg/honk/composer/standard_honk_composer.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" #include "barretenberg/stdlib/primitives/byte_array/byte_array.cpp" #define STDLIB_TYPE_ALIASES \ diff --git a/cpp/src/barretenberg/stdlib/primitives/composers/composers.hpp b/cpp/src/barretenberg/stdlib/primitives/composers/composers.hpp index 7cecc12a4a..6ab1223240 100644 --- a/cpp/src/barretenberg/stdlib/primitives/composers/composers.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/composers/composers.hpp @@ -1,3 +1,10 @@ +/** + * @brief Contains all the headers required to adequately compile the types defined in composers_fwd.hpp and instantiate + * templates. + * + * @details This should be the ONLY file related to composer/circuit construct included in source files not part of the + * proof systems. + */ #pragma once #include "barretenberg/plonk/composer/standard_plonk_composer.hpp" #include "barretenberg/honk/composer/standard_honk_composer.hpp" diff --git a/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp b/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp index d2363d217d..3d5570a276 100644 --- a/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/composers/composers_fwd.hpp @@ -1,3 +1,11 @@ +/** + * @brief Defines particular composer and circuit constructor types expected to be used for proof or circuit +construction (outside the proof_system and honk folder) and contains macros for explicit instantiation. + * + * @details This file is designed to be included in header files to instruct the compiler that these classes exist and + * their instantiation will eventually take place. Given it has no dependencies, it causes no additional compilation or + * propagation. This should be the ONLY file related to these types included in files out side the proof system. + */ #pragma once namespace proof_system::plonk { diff --git a/cpp/src/barretenberg/stdlib/primitives/field/array.test.cpp b/cpp/src/barretenberg/stdlib/primitives/field/array.test.cpp index 518fcbcb47..2543e5d16c 100644 --- a/cpp/src/barretenberg/stdlib/primitives/field/array.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/field/array.test.cpp @@ -3,10 +3,7 @@ #include "array.hpp" #include #include -#include "barretenberg/honk/composer/standard_honk_composer.hpp" -#include "barretenberg/plonk/composer/standard_plonk_composer.hpp" -#include "barretenberg/plonk/composer/ultra_plonk_composer.hpp" -#include "barretenberg/plonk/composer/turbo_plonk_composer.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" #include "barretenberg/numeric/random/engine.hpp" namespace test_stdlib_array { diff --git a/cpp/src/barretenberg/stdlib/primitives/field/field.test.cpp b/cpp/src/barretenberg/stdlib/primitives/field/field.test.cpp index 83347eab59..2bbe6bb7ff 100644 --- a/cpp/src/barretenberg/stdlib/primitives/field/field.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/field/field.test.cpp @@ -4,12 +4,9 @@ #include "barretenberg/plonk/proof_system/constants.hpp" #include #include -#include "barretenberg/honk/composer/standard_honk_composer.hpp" -#include "barretenberg/plonk/composer/standard_plonk_composer.hpp" -#include "barretenberg/plonk/composer/ultra_plonk_composer.hpp" -#include "barretenberg/plonk/composer/turbo_plonk_composer.hpp" #include "barretenberg/numeric/random/engine.hpp" #include "barretenberg/common/streams.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" using namespace proof_system; diff --git a/cpp/src/barretenberg/stdlib/primitives/logic/logic.cpp b/cpp/src/barretenberg/stdlib/primitives/logic/logic.cpp index b8bb2e7a93..d8a3e0ca90 100644 --- a/cpp/src/barretenberg/stdlib/primitives/logic/logic.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/logic/logic.cpp @@ -1,5 +1,4 @@ #include "logic.hpp" - #include "../composers/composers.hpp" #include "../plookup/plookup.hpp" #include "barretenberg/common/assert.hpp" diff --git a/cpp/src/barretenberg/stdlib/primitives/logic/logic.hpp b/cpp/src/barretenberg/stdlib/primitives/logic/logic.hpp index ffeb00030e..1ec450de00 100644 --- a/cpp/src/barretenberg/stdlib/primitives/logic/logic.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/logic/logic.hpp @@ -1,7 +1,6 @@ #pragma once #include "barretenberg/numeric/uint256/uint256.hpp" #include "barretenberg/stdlib/primitives/composers/composers_fwd.hpp" -#include "barretenberg/stdlib/primitives/composers/composers.hpp" #include "barretenberg/stdlib/primitives/field/field.hpp" #include "barretenberg/stdlib/primitives/witness/witness.hpp" #include diff --git a/cpp/src/barretenberg/stdlib/primitives/logic/logic.test.cpp b/cpp/src/barretenberg/stdlib/primitives/logic/logic.test.cpp index 5f78ddcaab..d29b29b945 100644 --- a/cpp/src/barretenberg/stdlib/primitives/logic/logic.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/logic/logic.test.cpp @@ -2,6 +2,7 @@ #include "barretenberg/numeric/uint256/uint256.hpp" #include "barretenberg/proof_system/types/composer_type.hpp" #include "logic.hpp" +#include "../composers/composers.hpp" #include #include "barretenberg/numeric/random/engine.hpp" diff --git a/cpp/src/barretenberg/stdlib/primitives/memory/dynamic_array.hpp b/cpp/src/barretenberg/stdlib/primitives/memory/dynamic_array.hpp index 0f274fe4d7..b3435522bf 100644 --- a/cpp/src/barretenberg/stdlib/primitives/memory/dynamic_array.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/memory/dynamic_array.hpp @@ -1,6 +1,6 @@ #pragma once #include "ram_table.hpp" - +#include "../composers/composers_fwd.hpp" namespace proof_system::plonk { namespace stdlib { diff --git a/cpp/src/barretenberg/stdlib/primitives/memory/dynamic_array.test.cpp b/cpp/src/barretenberg/stdlib/primitives/memory/dynamic_array.test.cpp index 6f2488a3ad..44beaa9b71 100644 --- a/cpp/src/barretenberg/stdlib/primitives/memory/dynamic_array.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/memory/dynamic_array.test.cpp @@ -5,6 +5,7 @@ #include "barretenberg/numeric/random/engine.hpp" #include "../bool/bool.hpp" +#include "../composers/composers.hpp" namespace test_stdlib_dynamic_array { using namespace barretenberg; diff --git a/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.hpp b/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.hpp index 3147bedc65..a8e452f02b 100644 --- a/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.hpp @@ -3,7 +3,6 @@ #include "../field/field.hpp" #include "../bool/bool.hpp" #include "../byte_array/byte_array.hpp" -#include "barretenberg/honk/composer/standard_honk_composer.hpp" namespace proof_system::plonk { namespace stdlib { diff --git a/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.test.cpp b/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.test.cpp index f6ba2999fb..5c16d0b59d 100644 --- a/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.test.cpp @@ -3,10 +3,7 @@ #include "packed_byte_array.hpp" #include "barretenberg/stdlib/primitives/byte_array/byte_array.hpp" #include "barretenberg/numeric/random/engine.hpp" -#include "barretenberg/plonk/composer/standard_plonk_composer.hpp" -#include "barretenberg/plonk/composer/turbo_plonk_composer.hpp" -#include "barretenberg/plonk/composer/ultra_plonk_composer.hpp" -#include "barretenberg/honk/composer/standard_honk_composer.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" #pragma GCC diagnostic ignored "-Wunused-local-typedefs" diff --git a/cpp/src/barretenberg/stdlib/primitives/plookup/plookup.hpp b/cpp/src/barretenberg/stdlib/primitives/plookup/plookup.hpp index 0857224ef3..778f76b7ac 100644 --- a/cpp/src/barretenberg/stdlib/primitives/plookup/plookup.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/plookup/plookup.hpp @@ -2,7 +2,7 @@ #include #include #include "barretenberg/proof_system/plookup_tables/plookup_tables.hpp" -#include "barretenberg/plonk/composer/ultra_plonk_composer.hpp" +#include "barretenberg/stdlib/primitives/composers/composers_fwd.hpp" #include "barretenberg/proof_system/plookup_tables/types.hpp" #include "barretenberg/stdlib/primitives/field/field.hpp" diff --git a/cpp/src/barretenberg/stdlib/primitives/plookup/plookup.test.cpp b/cpp/src/barretenberg/stdlib/primitives/plookup/plookup.test.cpp index ffad6bd067..f564c80b7a 100644 --- a/cpp/src/barretenberg/stdlib/primitives/plookup/plookup.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/plookup/plookup.test.cpp @@ -8,6 +8,7 @@ #include "barretenberg/stdlib/primitives/bigfield/bigfield.hpp" #include "barretenberg/stdlib/primitives/uint/uint.hpp" #include "barretenberg/stdlib/primitives/curves/secp256k1.hpp" +#include "barretenberg/stdlib/primitives/composers/composers.hpp" namespace test_stdlib_plookups { using namespace barretenberg; diff --git a/cpp/src/barretenberg/stdlib/primitives/uint/logic.cpp b/cpp/src/barretenberg/stdlib/primitives/uint/logic.cpp index 779b30a23b..39662dd8c5 100644 --- a/cpp/src/barretenberg/stdlib/primitives/uint/logic.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/uint/logic.cpp @@ -1,5 +1,4 @@ #include "../composers/composers.hpp" -#include "barretenberg/honk/composer/standard_honk_composer.hpp" #include "uint.hpp" using namespace barretenberg; diff --git a/cpp/src/barretenberg/stdlib/primitives/uint/uint.hpp b/cpp/src/barretenberg/stdlib/primitives/uint/uint.hpp index 7ba8328f8e..7658a010df 100644 --- a/cpp/src/barretenberg/stdlib/primitives/uint/uint.hpp +++ b/cpp/src/barretenberg/stdlib/primitives/uint/uint.hpp @@ -7,12 +7,6 @@ #include "./plookup/uint.hpp" -#include "barretenberg/honk/composer/standard_honk_composer.hpp" -#include "barretenberg/plonk/composer/standard_plonk_composer.hpp" -#include "barretenberg/plonk/composer/turbo_plonk_composer.hpp" -#include "barretenberg/plonk/composer/ultra_plonk_composer.hpp" -#include "barretenberg/honk/composer/ultra_honk_composer.hpp" - namespace proof_system::plonk { namespace stdlib { From e719b63089747a0bab6052e6bbde34e37f5136d5 Mon Sep 17 00:00:00 2001 From: codygunton Date: Fri, 9 Jun 2023 18:38:19 +0000 Subject: [PATCH 5/6] Low-impact fix of circular dependency --- cpp/src/barretenberg/ecc/CMakeLists.txt | 2 +- .../ecc/scalar_multiplication/point_table.hpp | 1 + cpp/src/barretenberg/plonk/CMakeLists.txt | 2 +- .../scalar_multiplication.test.cpp | 62 +++++++++++-------- 4 files changed, 38 insertions(+), 29 deletions(-) rename cpp/src/barretenberg/{ecc/scalar_multiplication => srs}/scalar_multiplication.test.cpp (95%) diff --git a/cpp/src/barretenberg/ecc/CMakeLists.txt b/cpp/src/barretenberg/ecc/CMakeLists.txt index 588d8e2c2e..2efdfb493a 100644 --- a/cpp/src/barretenberg/ecc/CMakeLists.txt +++ b/cpp/src/barretenberg/ecc/CMakeLists.txt @@ -1,4 +1,4 @@ -barretenberg_module(ecc numeric crypto_keccak srs) +barretenberg_module(ecc numeric crypto_keccak) if(DISABLE_ADX) message(STATUS "Disabling ADX assembly variant.") diff --git a/cpp/src/barretenberg/ecc/scalar_multiplication/point_table.hpp b/cpp/src/barretenberg/ecc/scalar_multiplication/point_table.hpp index 39c20bba71..757c540e8c 100644 --- a/cpp/src/barretenberg/ecc/scalar_multiplication/point_table.hpp +++ b/cpp/src/barretenberg/ecc/scalar_multiplication/point_table.hpp @@ -17,6 +17,7 @@ inline size_t point_table_size(size_t num_points) inline size_t point_table_buf_size(size_t num_points) { + // TODO(Cody): This could be trouble if we change curves. return sizeof(g1::affine_element) * point_table_size(num_points); } diff --git a/cpp/src/barretenberg/plonk/CMakeLists.txt b/cpp/src/barretenberg/plonk/CMakeLists.txt index 0893749023..aa1a5dcf7d 100644 --- a/cpp/src/barretenberg/plonk/CMakeLists.txt +++ b/cpp/src/barretenberg/plonk/CMakeLists.txt @@ -1 +1 @@ -barretenberg_module(plonk proof_system transcript crypto_pedersen_commitment polynomials crypto_sha256 ecc crypto_blake3s) \ No newline at end of file +barretenberg_module(plonk proof_system transcript crypto_pedersen_commitment polynomials crypto_sha256 ecc crypto_blake3s srs) \ No newline at end of file diff --git a/cpp/src/barretenberg/ecc/scalar_multiplication/scalar_multiplication.test.cpp b/cpp/src/barretenberg/srs/scalar_multiplication.test.cpp similarity index 95% rename from cpp/src/barretenberg/ecc/scalar_multiplication/scalar_multiplication.test.cpp rename to cpp/src/barretenberg/srs/scalar_multiplication.test.cpp index fd7d6b64e7..e167e98a52 100644 --- a/cpp/src/barretenberg/ecc/scalar_multiplication/scalar_multiplication.test.cpp +++ b/cpp/src/barretenberg/srs/scalar_multiplication.test.cpp @@ -1,22 +1,31 @@ -#include "point_table.hpp" -#include "scalar_multiplication.hpp" +/** + * @file scalar_multiplication.test.cpp + * @brief Tests of our implementation of Pippenger's multi-scalar multiplication algorithm. + * + * @details This file is here with the SRS code, rather than being next to the Pippenger implementation, to avoid a + * cyclic dependency between our srs and ecc modules. Namely, srs depends on ecc via the FileProverCrs constructor that + * constructs a Pippenger point table. It may make sense to create a function in the ecc module that initializes a CRS, + * but for now a low-impact solution (to a newly-encountered linker error) is to move this test file, as it was the sole + * reason for for ecc to depend on srs. + */ + +#include "barretenberg/common/mem.hpp" #include "barretenberg/common/test.hpp" +#include "barretenberg/ecc/scalar_multiplication/point_table.hpp" +#include "barretenberg/ecc/scalar_multiplication/scalar_multiplication.hpp" +#include "barretenberg/numeric/random/engine.hpp" #include "barretenberg/srs/io.hpp" #include "barretenberg/srs/factories/file_crs_factory.hpp" -#include "barretenberg/ecc/scalar_multiplication/scalar_multiplication.hpp" #include #include -#include "barretenberg/numeric/random/engine.hpp" -#include "barretenberg/common/mem.hpp" - namespace { auto& engine = numeric::random::get_debug_engine(); } using namespace barretenberg; -template class SRSIO : public ::testing::Test { +template class ScalarMultiplicationTests : public ::testing::Test { public: const std::string SRS_PATH = []() { if constexpr (std::same_as) { @@ -26,8 +35,7 @@ template class SRSIO : public ::testing::Test { } }(); - static void read_transcript_g2(std::string const& srs_path) - requires srs::HasG2 + static void read_transcript_g2(std::string const& srs_path) requires srs::HasG2 { typename Curve::G2AffineElement g2_x; srs::IO::read_transcript_g2(g2_x, srs_path); @@ -46,9 +54,9 @@ template class SRSIO : public ::testing::Test { using Curves = ::testing::Types; -TYPED_TEST_SUITE(SRSIO, Curves); +TYPED_TEST_SUITE(ScalarMultiplicationTests, Curves); -TYPED_TEST(SRSIO, ReduceBucketsSimple) +TYPED_TEST(ScalarMultiplicationTests, ReduceBucketsSimple) { using Curve = TypeParam; using Element = typename Curve::Element; @@ -237,7 +245,7 @@ TYPED_TEST(SRSIO, ReduceBucketsSimple) } } -TYPED_TEST(SRSIO, ReduceBuckets) +TYPED_TEST(ScalarMultiplicationTests, ReduceBuckets) { using Curve = TypeParam; using Element = typename Curve::Element; @@ -363,7 +371,7 @@ TYPED_TEST(SRSIO, ReduceBuckets) } // This test intermittenly fails. -TYPED_TEST(SRSIO, DISABLED_ReduceBucketsBasic) +TYPED_TEST(ScalarMultiplicationTests, DISABLED_ReduceBucketsBasic) { using Curve = TypeParam; using AffineElement = typename Curve::AffineElement; @@ -448,7 +456,7 @@ TYPED_TEST(SRSIO, DISABLED_ReduceBucketsBasic) aligned_free(bucket_counts); } -TYPED_TEST(SRSIO, AddAffinePoints) +TYPED_TEST(ScalarMultiplicationTests, AddAffinePoints) { using Curve = TypeParam; using Element = typename Curve::Element; @@ -485,7 +493,7 @@ TYPED_TEST(SRSIO, AddAffinePoints) aligned_free(scratch_space); } -TYPED_TEST(SRSIO, ConstructAdditionChains) +TYPED_TEST(ScalarMultiplicationTests, ConstructAdditionChains) { using Curve = TypeParam; using AffineElement = typename Curve::AffineElement; @@ -556,7 +564,7 @@ TYPED_TEST(SRSIO, ConstructAdditionChains) aligned_free(bucket_counts); } -TYPED_TEST(SRSIO, EndomorphismSplit) +TYPED_TEST(ScalarMultiplicationTests, EndomorphismSplit) { using Curve = TypeParam; using Group = typename Curve::Group; @@ -599,7 +607,7 @@ TYPED_TEST(SRSIO, EndomorphismSplit) EXPECT_EQ(result == expected, true); } -TYPED_TEST(SRSIO, RadixSort) +TYPED_TEST(ScalarMultiplicationTests, RadixSort) { using Curve = TypeParam; using Fr = typename Curve::ScalarField; @@ -647,7 +655,7 @@ TYPED_TEST(SRSIO, RadixSort) free(wnaf_copy); } -TYPED_TEST(SRSIO, OversizedInputs) +TYPED_TEST(ScalarMultiplicationTests, OversizedInputs) { using Curve = TypeParam; using Element = typename Curve::Element; @@ -698,7 +706,7 @@ TYPED_TEST(SRSIO, OversizedInputs) aligned_free(scalars); } -TYPED_TEST(SRSIO, UndersizedInputs) +TYPED_TEST(ScalarMultiplicationTests, UndersizedInputs) { using Curve = TypeParam; using Element = typename Curve::Element; @@ -738,7 +746,7 @@ TYPED_TEST(SRSIO, UndersizedInputs) EXPECT_EQ(result == expected, true); } -TYPED_TEST(SRSIO, PippengerSmall) +TYPED_TEST(ScalarMultiplicationTests, PippengerSmall) { using Curve = TypeParam; using Element = typename Curve::Element; @@ -775,7 +783,7 @@ TYPED_TEST(SRSIO, PippengerSmall) EXPECT_EQ(result == expected, true); } -TYPED_TEST(SRSIO, PippengerEdgeCaseDbl) +TYPED_TEST(ScalarMultiplicationTests, PippengerEdgeCaseDbl) { using Curve = TypeParam; using Element = typename Curve::Element; @@ -814,7 +822,7 @@ TYPED_TEST(SRSIO, PippengerEdgeCaseDbl) EXPECT_EQ(result == expected, true); } -TYPED_TEST(SRSIO, PippengerShortInputs) +TYPED_TEST(ScalarMultiplicationTests, PippengerShortInputs) { using Curve = TypeParam; using Element = typename Curve::Element; @@ -871,7 +879,7 @@ TYPED_TEST(SRSIO, PippengerShortInputs) EXPECT_EQ(result == expected, true); } -TYPED_TEST(SRSIO, PippengerUnsafe) +TYPED_TEST(ScalarMultiplicationTests, PippengerUnsafe) { using Curve = TypeParam; using Element = typename Curve::Element; @@ -908,7 +916,7 @@ TYPED_TEST(SRSIO, PippengerUnsafe) EXPECT_EQ(result == expected, true); } -TYPED_TEST(SRSIO, PippengerUnsafeShortInputs) +TYPED_TEST(ScalarMultiplicationTests, PippengerUnsafeShortInputs) { using Curve = TypeParam; using Element = typename Curve::Element; @@ -966,7 +974,7 @@ TYPED_TEST(SRSIO, PippengerUnsafeShortInputs) EXPECT_EQ(result == expected, true); } -TYPED_TEST(SRSIO, PippengerOne) +TYPED_TEST(ScalarMultiplicationTests, PippengerOne) { using Curve = TypeParam; using Element = typename Curve::Element; @@ -1003,7 +1011,7 @@ TYPED_TEST(SRSIO, PippengerOne) EXPECT_EQ(result == expected, true); } -TYPED_TEST(SRSIO, PippengerZeroPoints) +TYPED_TEST(ScalarMultiplicationTests, PippengerZeroPoints) { using Curve = TypeParam; using Element = typename Curve::Element; @@ -1023,7 +1031,7 @@ TYPED_TEST(SRSIO, PippengerZeroPoints) EXPECT_EQ(result.is_point_at_infinity(), true); } -TYPED_TEST(SRSIO, PippengerMulByZero) +TYPED_TEST(ScalarMultiplicationTests, PippengerMulByZero) { using Curve = TypeParam; using Group = typename Curve::Group; From 71b39a37b7351455ddb1c48b8d80c364f385c886 Mon Sep 17 00:00:00 2001 From: maramihali Date: Mon, 12 Jun 2023 15:23:49 +0000 Subject: [PATCH 6/6] remove extra line --- cpp/src/barretenberg/benchmark/honk_bench/honk.bench.cpp | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/src/barretenberg/benchmark/honk_bench/honk.bench.cpp b/cpp/src/barretenberg/benchmark/honk_bench/honk.bench.cpp index 8b51d13eb4..3df61bba90 100644 --- a/cpp/src/barretenberg/benchmark/honk_bench/honk.bench.cpp +++ b/cpp/src/barretenberg/benchmark/honk_bench/honk.bench.cpp @@ -1,7 +1,6 @@ #include "barretenberg/ecc/curves/bn254/fr.hpp" #include #include - #include "barretenberg/stdlib/primitives/field/field.hpp" #include "barretenberg/stdlib/primitives/composers/composers.hpp" #include "barretenberg/stdlib/primitives/composers/composers_fwd.hpp"