logos-storage/gnark-plonky2-verifier
1
0
Fork 0
mirror of https://github.com/logos-storage/gnark-plonky2-verifier.git synced 2026-01-08 08:03:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixed bugs

Browse Source
This commit is contained in:
Kevin Jue 2022-10-28 17:02:55 -07:00
parent 1a1406e3b8
commit 857fcf6c78
1 changed files with 29 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
plonky2_verifier/plonk.go
View File

@ -26,7 +26,7 @@ func (p *PlonkChip) expPowerOf2Extension(x QuadraticExtension) QuadraticExtensio
func (p *PlonkChip) evalL0(x QuadraticExtension, xPowN QuadraticExtension) QuadraticExtension {
// L_0(x) = (x^n - 1) / (n * (x - 1))
eval_zero_poly := p.qe.SubExtension(
evalZeroPoly := p.qe.SubExtension(
xPowN,
p.qe.ONE,
)
@ -35,7 +35,7 @@ func (p *PlonkChip) evalL0(x QuadraticExtension, xPowN QuadraticExtension) Quadr
p.qe.DEGREE_BITS_QE,
)
return p.qe.DivExtension(
eval_zero_poly,
evalZeroPoly,
denominator,
)
}
@ -43,17 +43,17 @@ func (p *PlonkChip) evalL0(x QuadraticExtension, xPowN QuadraticExtension) Quadr
func (p *PlonkChip) checkPartialProducts(
numerators []QuadraticExtension,
denominators []QuadraticExtension,
challengeNum uint64) []QuadraticExtension {
challengeNum uint64,
) []QuadraticExtension {
numPartProds := p.commonData.NumPartialProducts
quotDegreeFactor := p.commonData.QuotientDegreeFactor
productAccs := make([]QuadraticExtension, numPartProds+2)
productAccs := make([]QuadraticExtension, 0, numPartProds+2)
productAccs = append(productAccs, p.openings.PlonkZs[challengeNum])
productAccs = append(productAccs, p.openings.PartialProducts[challengeNum*numPartProds:(challengeNum+1)*numPartProds]...)
productAccs = append(productAccs, p.openings.PlonkZsNext[challengeNum])
partialProductChecks := make([]QuadraticExtension, numPartProds)
partialProductChecks := make([]QuadraticExtension, 0, numPartProds)
for i := uint64(0); i < numPartProds; i += 1 {
ppStartIdx := i * quotDegreeFactor
@ -71,49 +71,50 @@ func (p *PlonkChip) checkPartialProducts(
partialProductChecks = append(partialProductChecks, partialProductCheck)
}
return partialProductChecks
}
func (p *PlonkChip) evalVanishingPoly() []QuadraticExtension {
// Calculate the k[i] * x
s_ids := make([]QuadraticExtension, p.commonData.Config.NumRoutedWires)
sIDs := make([]QuadraticExtension, p.commonData.Config.NumRoutedWires)
for i := uint64(0); i < p.commonData.Config.NumRoutedWires; i++ {
p.qe.ScalarMulExtension(p.proofChallenges.PlonkZeta, p.commonData.KIs[i])
sIDs[i] = p.qe.ScalarMulExtension(p.proofChallenges.PlonkZeta, p.commonData.KIs[i])
}
// Calculate zeta^n
zeta_pow_n := p.expPowerOf2Extension(p.proofChallenges.PlonkZeta)
zetaPowN := p.expPowerOf2Extension(p.proofChallenges.PlonkZeta)
// Calculate L_0(zeta)
l_0_zeta := p.evalL0(p.proofChallenges.PlonkZeta, zeta_pow_n)
l0Zeta := p.evalL0(p.proofChallenges.PlonkZeta, zetaPowN)
vanishing_z1_terms := make([]QuadraticExtension, p.commonData.Config.NumChallenges)
vanishing_partial_products_terms := make([]QuadraticExtension, p.commonData.Config.NumChallenges*p.commonData.NumPartialProducts)
numerator_values := make([]QuadraticExtension, p.commonData.Config.NumChallenges*p.commonData.Config.NumRoutedWires)
denominator_values := make([]QuadraticExtension, p.commonData.Config.NumChallenges*p.commonData.Config.NumRoutedWires)
vanishingZ1Terms := make([]QuadraticExtension, 0, p.commonData.Config.NumChallenges)
vanishingPartialProductsTerms := make([]QuadraticExtension, 0, p.commonData.Config.NumChallenges*p.commonData.NumPartialProducts)
for i := uint64(0); i < p.commonData.Config.NumChallenges; i++ {
// L_0(zeta) (Z(zeta) - 1) = 0
z1_term := p.qe.SubExtension(
p.qe.MulExtension(l_0_zeta, p.openings.PlonkZs[i]),
l_0_zeta,
p.qe.MulExtension(l0Zeta, p.openings.PlonkZs[i]),
l0Zeta,
)
vanishing_z1_terms = append(vanishing_z1_terms, z1_term)
vanishingZ1Terms = append(vanishingZ1Terms, z1_term)
numeratorValues := make([]QuadraticExtension, 0, p.commonData.Config.NumRoutedWires)
denominatorValues := make([]QuadraticExtension, 0, p.commonData.Config.NumRoutedWires)
for j := uint64(0); j < p.commonData.Config.NumRoutedWires; j++ {
// The numerator is `beta * s_id + wire_value + gamma`, and the denominator is
// `beta * s_sigma + wire_value + gamma`.
wire_value_plus_gamma := p.qe.AddExtension(
wireValuePlusGamma := p.qe.AddExtension(
p.openings.Wires[j],
p.qe.FieldToQE(p.proofChallenges.PlonkGammas[i]),
)
numerator := p.qe.AddExtension(
p.qe.MulExtension(
p.qe.FieldToQE(p.proofChallenges.PlonkBetas[i]),
s_ids[j],
sIDs[j],
),
wire_value_plus_gamma,
wireValuePlusGamma,
)
denominator := p.qe.AddExtension(
@ -121,20 +122,20 @@ func (p *PlonkChip) evalVanishingPoly() []QuadraticExtension {
p.qe.FieldToQE(p.proofChallenges.PlonkBetas[i]),
p.openings.PlonkSigmas[j],
),
wire_value_plus_gamma,
wireValuePlusGamma,
)
numerator_values = append(numerator_values, numerator)
denominator_values = append(denominator_values, denominator)
numeratorValues = append(numeratorValues, numerator)
denominatorValues = append(denominatorValues, denominator)
}
vanishing_partial_products_terms = append(
vanishing_partial_products_terms,
p.checkPartialProducts(numerator_values, denominator_values, i)...,
vanishingPartialProductsTerms = append(
vanishingPartialProductsTerms,
p.checkPartialProducts(numeratorValues, denominatorValues, i)...,
)
}
return vanishing_partial_products_terms
return vanishingPartialProductsTerms
}
func (p *PlonkChip) Verify() {