plonky2/src/verifier.rs

use anyhow::Result;

use crate::circuit_data::{CommonCircuitData, VerifierOnlyCircuitData};
use crate::field::extension_field::Extendable;
use crate::plonk_challenger::Challenger;
use crate::proof::Proof;

pub(crate) fn verify<F: Extendable<D>, const D: usize>(
    proof: Proof<F, D>,
    verifier_data: &VerifierOnlyCircuitData<F>,
    common_data: &CommonCircuitData<F, D>,
) -> Result<()> {
    let config = &common_data.config;
    let fri_config = &config.fri_config;
    let num_challenges = config.num_challenges;

    let mut challenger = Challenger::new();
    // Observe the instance.
    // TODO: Need to include public inputs as well.
    challenger.observe_hash(&common_data.circuit_digest);

    challenger.observe_hash(&proof.wires_root);
    let betas = challenger.get_n_challenges(num_challenges);
    let gammas = challenger.get_n_challenges(num_challenges);

    challenger.observe_hash(&proof.plonk_zs_root);
    let alphas = challenger.get_n_challenges(num_challenges);

    challenger.observe_hash(&proof.quotient_polys_root);
    let zeta = challenger.get_extension_challenge();

    // TODO: Compute PI(zeta), Z_H(zeta), etc. and check the identity at zeta.

    let evaluations = todo!();

    let merkle_roots = &[
        verifier_data.constants_root,
        verifier_data.sigmas_root,
        proof.wires_root,
        proof.plonk_zs_root,
        proof.quotient_polys_root,
    ];

    proof
        .opening_proof
        .verify(zeta, evaluations, merkle_roots, &mut challenger, fri_config)?;

    Ok(())
}
First bit of verifier Mostly stubbed out, more coming soon... 2021-05-26 16:23:17 -07:00			`use anyhow::Result;`

Initial commit 2021-02-09 21:25:21 -08:00			`use crate::circuit_data::{CommonCircuitData, VerifierOnlyCircuitData};`
First bit of verifier Mostly stubbed out, more coming soon... 2021-05-26 16:23:17 -07:00			`use crate::field::extension_field::Extendable;`
			`use crate::plonk_challenger::Challenger;`
			`use crate::proof::Proof;`
Initial commit 2021-02-09 21:25:21 -08:00
Draw challenge points from the extension field (#51) * Draw challenge points from the extension field * Now building * Misc * Default eval_unfiltered_base * fmt * A few field settings * Add to Sage * Display tweak * eval_filtered_base * Quartic in bench * Missing methods * Fix tests * PR feedback 2021-05-30 13:25:53 -07:00			`pub(crate) fn verify<F: Extendable<D>, const D: usize>(`
First bit of verifier Mostly stubbed out, more coming soon... 2021-05-26 16:23:17 -07:00			`proof: Proof<F, D>,`
Have the prover use the new MerkleTree API Before it was storing leaf data and Merkle roots, but nothing in between, since it wasn't yet interacting with intermediate layers (but it will once we hook up the FRI code). 2021-04-23 14:18:03 -07:00			`verifier_data: &VerifierOnlyCircuitData<F>,`
Draw challenge points from the extension field (#51) * Draw challenge points from the extension field * Now building * Misc * Default eval_unfiltered_base * fmt * A few field settings * Add to Sage * Display tweak * eval_filtered_base * Quartic in bench * Missing methods * Fix tests * PR feedback 2021-05-30 13:25:53 -07:00			`common_data: &CommonCircuitData<F, D>,`
First bit of verifier Mostly stubbed out, more coming soon... 2021-05-26 16:23:17 -07:00			`) -> Result<()> {`
			`let config = &common_data.config;`
			`let fri_config = &config.fri_config;`
			`let num_challenges = config.num_challenges;`

			`let mut challenger = Challenger::new();`
			`// Observe the instance.`
			`// TODO: Need to include public inputs as well.`
			`challenger.observe_hash(&common_data.circuit_digest);`

			`challenger.observe_hash(&proof.wires_root);`
			`let betas = challenger.get_n_challenges(num_challenges);`
			`let gammas = challenger.get_n_challenges(num_challenges);`

			`challenger.observe_hash(&proof.plonk_zs_root);`
			`let alphas = challenger.get_n_challenges(num_challenges);`

			`challenger.observe_hash(&proof.quotient_polys_root);`
Draw challenge points from the extension field (#51) * Draw challenge points from the extension field * Now building * Misc * Default eval_unfiltered_base * fmt * A few field settings * Add to Sage * Display tweak * eval_filtered_base * Quartic in bench * Missing methods * Fix tests * PR feedback 2021-05-30 13:25:53 -07:00			`let zeta = challenger.get_extension_challenge();`
First bit of verifier Mostly stubbed out, more coming soon... 2021-05-26 16:23:17 -07:00
			`// TODO: Compute PI(zeta), Z_H(zeta), etc. and check the identity at zeta.`

			`let evaluations = todo!();`

			`let merkle_roots = &[`
			`verifier_data.constants_root,`
			`verifier_data.sigmas_root,`
			`proof.wires_root,`
			`proof.plonk_zs_root,`
			`proof.quotient_polys_root,`
			`];`

Merge with main 2021-06-01 11:26:23 +02:00			`proof`
			`.opening_proof`
			`.verify(zeta, evaluations, merkle_roots, &mut challenger, fri_config)?;`
First bit of verifier Mostly stubbed out, more coming soon... 2021-05-26 16:23:17 -07:00
			`Ok(())`
Initial commit 2021-02-09 21:25:21 -08:00			`}`