diff --git a/crypto3/libs/blueprint/test/zkevm/opcodes/iszero.cpp b/crypto3/libs/blueprint/test/zkevm/opcodes/iszero.cpp index 2b84114ba1..8ae2fbd3ea 100644 --- a/crypto3/libs/blueprint/test/zkevm/opcodes/iszero.cpp +++ b/crypto3/libs/blueprint/test/zkevm/opcodes/iszero.cpp @@ -26,7 +26,6 @@ #include -#include #include #include @@ -35,6 +34,8 @@ #include #include "../opcode_tester.hpp" +#include + using namespace nil::blueprint; using namespace nil::crypto3::algebra; diff --git a/crypto3/libs/blueprint/test/zkevm/opcodes/mul.cpp b/crypto3/libs/blueprint/test/zkevm/opcodes/mul.cpp index 2858049a28..4f7fa4a0af 100644 --- a/crypto3/libs/blueprint/test/zkevm/opcodes/mul.cpp +++ b/crypto3/libs/blueprint/test/zkevm/opcodes/mul.cpp @@ -33,11 +33,10 @@ #include #include -#include -#include - #include "../opcode_tester.hpp" +#include + using namespace nil::blueprint; using namespace nil::crypto3::algebra; diff --git a/crypto3/libs/containers/test/merkle/merkle.cpp b/crypto3/libs/containers/test/merkle/merkle.cpp index 7db3a093f4..8eb6305539 100644 --- a/crypto3/libs/containers/test/merkle/merkle.cpp +++ b/crypto3/libs/containers/test/merkle/merkle.cpp @@ -26,12 +26,6 @@ #define BOOST_TEST_MODULE containter_merkletree_test -#include -#include -#include -#include -#include - #include #include #include @@ -41,7 +35,6 @@ #include #include #include -#include #include #include @@ -50,6 +43,13 @@ #include #include +#include +#include +#include +#include +#include +#include + using namespace nil::crypto3; using namespace nil::crypto3::containers; diff --git a/crypto3/libs/hash/test/crc.cpp b/crypto3/libs/hash/test/crc.cpp index b057e61be9..c055abd0b0 100644 --- a/crypto3/libs/hash/test/crc.cpp +++ b/crypto3/libs/hash/test/crc.cpp @@ -8,13 +8,8 @@ #define BOOST_TEST_MODULE crc_test -#include -#include -#include -#include -#include - #include + #include #include @@ -24,6 +19,12 @@ #include #include +#include +#include +#include +#include +#include + using namespace nil::crypto3; using namespace nil::crypto3::hashes; using namespace nil::crypto3::accumulators; diff --git a/crypto3/libs/hash/test/tiger.cpp b/crypto3/libs/hash/test/tiger.cpp index cbc1a69469..3f3d8b8748 100644 --- a/crypto3/libs/hash/test/tiger.cpp +++ b/crypto3/libs/hash/test/tiger.cpp @@ -25,12 +25,6 @@ #define BOOST_TEST_MODULE tiger_test -#include -#include -#include -#include -#include - #include #include @@ -45,6 +39,12 @@ #include +#include +#include +#include +#include +#include + using namespace nil::crypto3; using namespace nil::crypto3::accumulators; diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/assignment.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/assignment.hpp index e567e712e9..287ef0bede 100644 --- a/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/assignment.hpp +++ b/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/assignment.hpp @@ -56,6 +56,7 @@ namespace nil { template class plonk_private_table { public: + using column_type = ColumnType; using witnesses_container_type = std::vector; using VariableType = plonk_variable; @@ -151,6 +152,7 @@ namespace nil { template class plonk_public_table { public: + using column_type = ColumnType; using public_input_container_type = std::vector; using constant_container_type = std::vector; using selector_container_type = std::vector; diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/constraint.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/constraint.hpp index 7a28b46c8f..63df5e2e11 100644 --- a/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/constraint.hpp +++ b/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/constraint.hpp @@ -180,7 +180,9 @@ namespace nil { return evaluator.evaluate(); } - typename VariableType::assignment_type evaluate(detail::plonk_evaluation_map &assignments) const { + typename VariableType::assignment_type + evaluate(detail::plonk_evaluation_map &assignments) const { + math::expression_evaluator evaluator( *this, [&assignments](const VariableType &var) -> const typename VariableType::assignment_type& { diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/lookup_table_definition.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/lookup_table_definition.hpp index 6f61974afa..101a9b4ca8 100644 --- a/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/lookup_table_definition.hpp +++ b/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/lookup_table_definition.hpp @@ -134,6 +134,7 @@ namespace nil { const std::vector &constant_columns_ids, std::size_t usable_rows ){ + // std::cout << "Packing lookup tables" << std::endl; // std::cout << "Usable rows before: " << usable_rows << std::endl; std::size_t usable_rows_after = usable_rows; diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/permutation_argument.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/permutation_argument.hpp index 56a6fe7e3d..7f8dfa4d32 100644 --- a/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/permutation_argument.hpp +++ b/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/permutation_argument.hpp @@ -105,6 +105,7 @@ namespace nil { std::vector> h_v = S_sigma; BOOST_ASSERT(global_indices.size() == S_id.size()); BOOST_ASSERT(global_indices.size() == S_sigma.size()); + for (std::size_t i = 0; i < S_id.size(); i++) { BOOST_ASSERT(column_polynomials[global_indices[i]].size() == basic_domain->size()); BOOST_ASSERT(S_id[i].size() == basic_domain->size()); @@ -122,6 +123,7 @@ namespace nil { } V_P[0] = FieldType::value_type::one(); + for (std::size_t j = 1; j < basic_domain->size(); j++) { typename FieldType::value_type nom = FieldType::value_type::one(); typename FieldType::value_type denom = FieldType::value_type::one(); @@ -191,16 +193,19 @@ namespace nil { F_dfs[1] -= preprocessed_data.q_blind; F_dfs[1] *= V_P_shifted; } else { + PROFILE_SCOPE("PERMUTATION ARGUMENT else block"); math::polynomial_dfs previous_poly = V_P; math::polynomial_dfs current_poly = V_P; for( std::size_t i = 0; i < preprocessed_data.common_data.permutation_parts-1; i++ ){ - auto g = gs[i]; - auto h = hs[i]; + const auto& g = gs[i]; + const auto& h = hs[i]; auto reduced_g = reduce_dfs_polynomial_domain(g, basic_domain->m); auto reduced_h = reduce_dfs_polynomial_domain(h, basic_domain->m); + for(std::size_t j = 0; j < preprocessed_data.common_data.desc.usable_rows_amount; j++){ current_poly[j] = (previous_poly[j] * reduced_g[j]) * reduced_h[j].inversed(); } + commitment_scheme.append_to_batch(PERMUTATION_BATCH, current_poly); auto part = permutation_alphas[i] * (previous_poly * g - current_poly * h); F_dfs[1] += part; diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/preprocessor.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/preprocessor.hpp index dc08b02eef..fd66fb36dc 100644 --- a/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/preprocessor.hpp +++ b/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/preprocessor.hpp @@ -65,10 +65,11 @@ namespace nil { template class placeholder_public_preprocessor { - typedef detail::placeholder_policy policy_type; - typedef typename plonk_constraint::variable_type variable_type; - typedef typename math::polynomial polynomial_type; - typedef typename math::polynomial_dfs polynomial_dfs_type; + using policy_type = detail::placeholder_policy; + using variable_type = typename plonk_constraint::variable_type; + using value_type = typename FieldType::value_type; + using polynomial_type = typename math::polynomial; + using polynomial_dfs_type = typename math::polynomial_dfs; using params_type = ParamsType; using commitment_scheme_type = typename params_type::commitment_scheme_type; using commitment_type = typename commitment_scheme_type::commitment_type; @@ -79,15 +80,21 @@ namespace nil { static std::size_t permutation_partitions_num( std::size_t permutation_size, std::size_t max_quotient_chunks - ){ - if( permutation_size == 0 ) return 0; - if( max_quotient_chunks == 0 ){ + ) { + if (permutation_size == 0) return 0; + if (max_quotient_chunks == 0) { return 1; } - return (permutation_size % (max_quotient_chunks - 1) == 0)? permutation_size / (max_quotient_chunks - 1) : permutation_size / (max_quotient_chunks - 1) + 1; + return (permutation_size % (max_quotient_chunks - 1) == 0) ? + permutation_size / (max_quotient_chunks - 1) : + permutation_size / (max_quotient_chunks - 1) + 1; } struct preprocessed_data_type { + // Used in marshalling. + using plonk_public_polynomial_dfs_table_type = plonk_public_polynomial_dfs_table; + using polynomial_dfs_type = typename math::polynomial_dfs; + struct public_commitments_type { commitment_type fixed_values; @@ -155,6 +162,8 @@ namespace nil { std::uint32_t permutation_parts; std::uint32_t lookup_parts; + common_data_type(const common_data_type& other) = default; + // Constructor with pregenerated domain common_data_type( std::shared_ptr> D, @@ -253,17 +262,30 @@ namespace nil { } }; - plonk_public_polynomial_dfs_table public_polynomial_table; + bool operator==(const preprocessed_data_type &rhs) const { + return public_polynomial_table == rhs.public_polynomial_table && + permutation_polynomials == rhs.permutation_polynomials && + identity_polynomials == rhs.identity_polynomials && + q_last == rhs.q_last && + q_blind == rhs.q_blind && + common_data == rhs.common_data; + } + + bool operator!=(const preprocessed_data_type &rhs) const { + return !(rhs == *this); + } + + plonk_public_polynomial_dfs_table_type public_polynomial_table; // S_sigma std::vector permutation_polynomials; // S_id std::vector identity_polynomials; - polynomial_dfs_type q_last; - polynomial_dfs_type q_blind; + polynomial_dfs_type q_last; + polynomial_dfs_type q_blind; - common_data_type common_data; + common_data_type common_data; }; private: @@ -499,7 +521,8 @@ namespace nil { commitment_scheme.append_to_batch(FIXED_VALUES_BATCH, public_table.constants()); commitment_scheme.append_to_batch(FIXED_VALUES_BATCH, public_table.selectors()); - auto result = typename preprocessed_data_type::public_commitments_type({commitment_scheme.commit(FIXED_VALUES_BATCH)}); + typename preprocessed_data_type::public_commitments_type result( + {commitment_scheme.commit(FIXED_VALUES_BATCH)}); commitment_scheme.mark_batch_as_fixed(FIXED_VALUES_BATCH); return result; } diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/prover.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/prover.hpp index 8ec7b78d8b..f81bb2fd2b 100644 --- a/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/prover.hpp +++ b/crypto3/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/prover.hpp @@ -97,11 +97,12 @@ namespace nil { typename private_preprocessor_type::preprocessed_data_type preprocessed_private_data, const plonk_table_description &table_description, const plonk_constraint_system &constraint_system, - commitment_scheme_type commitment_scheme + commitment_scheme_type commitment_scheme, + bool skip_commitment_scheme_eval_proofs = false ) { auto prover = placeholder_prover( preprocessed_public_data, std::move(preprocessed_private_data), table_description, - constraint_system, commitment_scheme); + constraint_system, commitment_scheme, skip_commitment_scheme_eval_proofs); return prover.process(); } @@ -110,7 +111,8 @@ namespace nil { typename private_preprocessor_type::preprocessed_data_type preprocessed_private_data, const plonk_table_description &table_description, const plonk_constraint_system &constraint_system, - const commitment_scheme_type &commitment_scheme + const commitment_scheme_type &commitment_scheme, + bool skip_commitment_scheme_eval_proofs = false ) : preprocessed_public_data(preprocessed_public_data) , table_description(table_description) @@ -122,6 +124,7 @@ namespace nil { , transcript(std::vector({})) , _is_lookup_enabled(constraint_system.lookup_gates().size() > 0) , _commitment_scheme(commitment_scheme) + , _skip_commitment_scheme_eval_proofs(skip_commitment_scheme_eval_proofs) { // Initialize transcript. transcript(preprocessed_public_data.common_data.vk.constraint_system_with_params_hash); @@ -204,12 +207,11 @@ namespace nil { } transcript(_proof.commitments[QUOTIENT_BATCH]); - // 8. Run evaluation proofs - _proof.eval_proof.challenge = transcript.template challenge(); - generate_evaluation_points(); + if (!_skip_commitment_scheme_eval_proofs) { + // 8. Run evaluation proofs + _proof.eval_proof.challenge = transcript.template challenge(); + generate_evaluation_points(); - { - PROFILE_SCOPE("commitment scheme proof eval time"); _proof.eval_proof.eval_proof = _commitment_scheme.proof_eval(transcript); } @@ -218,13 +220,13 @@ namespace nil { private: std::vector quotient_polynomial_split_dfs() { + PROFILE_SCOPE("quotient_polynomial_split_dfs"); + // TODO: pass max_degree parameter placeholder std::vector T_splitted = detail::split_polynomial( quotient_polynomial(), table_description.rows_amount - 1 ); - PROFILE_SCOPE("split_polynomial_dfs_conversion_time"); - std::size_t split_polynomial_size = std::max( (preprocessed_public_data.identity_polynomials.size() + 2) * (preprocessed_public_data.common_data.desc.rows_amount -1 ), (constraint_system.lookup_poly_degree_bound() + 1) * (preprocessed_public_data.common_data.desc.rows_amount -1 )//, @@ -237,7 +239,8 @@ namespace nil { (split_polynomial_size / preprocessed_public_data.common_data.desc.rows_amount + 1): (split_polynomial_size / preprocessed_public_data.common_data.desc.rows_amount); - if( preprocessed_public_data.common_data.max_quotient_chunks != 0 && split_polynomial_size > preprocessed_public_data.common_data.max_quotient_chunks){ + if (preprocessed_public_data.common_data.max_quotient_chunks != 0 && + split_polynomial_size > preprocessed_public_data.common_data.max_quotient_chunks) { split_polynomial_size = preprocessed_public_data.common_data.max_quotient_chunks; } @@ -312,7 +315,7 @@ namespace nil { } commitment_type T_commit(const std::vector& T_splitted_dfs) { - PROFILE_SCOPE("T_splitted_precommit_time"); + PROFILE_SCOPE("T_split_precommit_time"); _commitment_scheme.append_to_batch(QUOTIENT_BATCH, T_splitted_dfs); return _commitment_scheme.commit(QUOTIENT_BATCH); } @@ -368,15 +371,16 @@ namespace nil { } } - if(_is_lookup_enabled||constraint_system.copy_constraints().size() > 0){ + if (_is_lookup_enabled||constraint_system.copy_constraints().size() > 0) { _commitment_scheme.append_eval_point(PERMUTATION_BATCH, _proof.eval_proof.challenge); } - if( constraint_system.copy_constraints().size() > 0 ) + if (constraint_system.copy_constraints().size() > 0) _commitment_scheme.append_eval_point(PERMUTATION_BATCH, 0, _proof.eval_proof.challenge * _omega); - if(_is_lookup_enabled){ - _commitment_scheme.append_eval_point(PERMUTATION_BATCH, preprocessed_public_data.common_data.permutation_parts , _proof.eval_proof.challenge * _omega); + if (_is_lookup_enabled) { + _commitment_scheme.append_eval_point(PERMUTATION_BATCH, preprocessed_public_data.common_data.permutation_parts, + _proof.eval_proof.challenge * _omega); _commitment_scheme.append_eval_point(LOOKUP_BATCH, _proof.eval_proof.challenge); _commitment_scheme.append_eval_point(LOOKUP_BATCH, _proof.eval_proof.challenge * _omega); _commitment_scheme.append_eval_point(LOOKUP_BATCH, _proof.eval_proof.challenge * @@ -385,13 +389,12 @@ namespace nil { _commitment_scheme.append_eval_point(QUOTIENT_BATCH, _proof.eval_proof.challenge); - // fixed values' rotations (table columns) std::size_t i = 0; std::size_t start_index = preprocessed_public_data.identity_polynomials.size() + preprocessed_public_data.permutation_polynomials.size() + 2; - for( i = 0; i < start_index; i++){ + for (i = 0; i < start_index; i++) { _commitment_scheme.append_eval_point(FIXED_VALUES_BATCH, i, _proof.eval_proof.challenge); } @@ -477,6 +480,7 @@ namespace nil { typename FieldType::value_type _omega; std::vector _challenge_point; commitment_scheme_type _commitment_scheme; + bool _skip_commitment_scheme_eval_proofs; }; } // namespace snark } // namespace zk