plonky2/src/gadgets/interpolation.rs

use crate::field::extension_field::target::ExtensionTarget;
use crate::field::extension_field::Extendable;
use crate::field::field_types::RichField;
use crate::gates::interpolation::InterpolationGate;
use crate::iop::target::Target;
use crate::plonk::circuit_builder::CircuitBuilder;

impl<F: RichField + Extendable<D>, const D: usize> CircuitBuilder<F, D> {
    /// Interpolates a polynomial, whose points are a coset of the multiplicative subgroup with the
    /// given size, and whose values are given. Returns the evaluation of the interpolant at
    /// `evaluation_point`.
    pub fn interpolate_coset(
        &mut self,
        subgroup_bits: usize,
        coset_shift: Target,
        values: &[ExtensionTarget<D>],
        evaluation_point: ExtensionTarget<D>,
    ) -> ExtensionTarget<D> {
        let gate = InterpolationGate::new(subgroup_bits);
        let gate_index = self.add_gate(gate.clone(), vec![]);
        self.connect(coset_shift, Target::wire(gate_index, gate.wire_shift()));
        for (i, &v) in values.iter().enumerate() {
            self.connect_extension(
                v,
                ExtensionTarget::from_range(gate_index, gate.wires_value(i)),
            );
        }
        self.connect_extension(
            evaluation_point,
            ExtensionTarget::from_range(gate_index, gate.wires_evaluation_point()),
        );

        ExtensionTarget::from_range(gate_index, gate.wires_evaluation_value())
    }
}

#[cfg(test)]
mod tests {
    use anyhow::Result;

    use crate::field::extension_field::quartic::QuarticExtension;
    use crate::field::extension_field::FieldExtension;
    use crate::field::field_types::Field;
    use crate::field::goldilocks_field::GoldilocksField;
    use crate::field::interpolation::interpolant;
    use crate::iop::witness::PartialWitness;
    use crate::plonk::circuit_builder::CircuitBuilder;
    use crate::plonk::circuit_data::CircuitConfig;
    use crate::plonk::verifier::verify;

    #[test]
    fn test_interpolate() -> Result<()> {
        type F = GoldilocksField;
        type FF = QuarticExtension<GoldilocksField>;
        let config = CircuitConfig::standard_recursion_config();
        let pw = PartialWitness::new();
        let mut builder = CircuitBuilder::<F, 4>::new(config);

        let subgroup_bits = 2;
        let len = 1 << subgroup_bits;
        let coset_shift = F::rand();
        let g = F::primitive_root_of_unity(subgroup_bits);
        let points = F::cyclic_subgroup_coset_known_order(g, coset_shift, len);
        let values = FF::rand_vec(len);

        let homogeneous_points = points
            .iter()
            .zip(values.iter())
            .map(|(&a, &b)| (<FF as FieldExtension<4>>::from_basefield(a), b))
            .collect::<Vec<_>>();

        let true_interpolant = interpolant(&homogeneous_points);

        let z = FF::rand();
        let true_eval = true_interpolant.eval(z);

        let coset_shift_target = builder.constant(coset_shift);

        let value_targets = values
            .iter()
            .map(|&v| (builder.constant_extension(v)))
            .collect::<Vec<_>>();

        let zt = builder.constant_extension(z);

        let eval = builder.interpolate_coset(subgroup_bits, coset_shift_target, &value_targets, zt);
        let true_eval_target = builder.constant_extension(true_eval);
        builder.connect_extension(eval, true_eval_target);

        let data = builder.build();
        let proof = data.prove(pw)?;

        verify(proof, &data.verifier_only, &data.common)
    }
}
Interpolation of two points 2021-06-07 21:24:41 +02:00			`use crate::field::extension_field::target::ExtensionTarget;`
			`use crate::field::extension_field::Extendable;`
Refactor GMiMC code (#224) * Refactor GMiMC code Adds a sub-trait of `Field` called `GMiMCInterface`, which is similar to `PoseidonInterface`. This lets us have different fields with different GMiMC constants in a type-safe way. * Remove `Interface` * Const generic for width 2021-09-07 18:28:28 -07:00			`use crate::field::field_types::RichField;`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00			`use crate::gates::interpolation::InterpolationGate;`
Move stuff around (#135) No functional changes here. The biggest change was moving certain files into new directories like `plonk` and `iop` (for things like `Challenger` that could be used in STARKs or other IOPs). I also split a few files, renames, etc, but again nothing functional, so I don't think a careful review is necessary (just a sanity check). 2021-07-29 22:00:29 -07:00			`use crate::iop::target::Target;`
			`use crate::plonk::circuit_builder::CircuitBuilder;`
Interpolation of two points 2021-06-07 21:24:41 +02:00
Refactor GMiMC code (#224) * Refactor GMiMC code Adds a sub-trait of `Field` called `GMiMCInterface`, which is similar to `PoseidonInterface`. This lets us have different fields with different GMiMC constants in a type-safe way. * Remove `Interface` * Const generic for width 2021-09-07 18:28:28 -07:00			`impl<F: RichField + Extendable<D>, const D: usize> CircuitBuilder<F, D> {`
Specialize `InterpolationGate` (#339) * Specialize `InterpolationGate` To cosets of subgroups of roots of unity. This way - `InterpolationGate` needs fewer routed wires, bringing our minimum routed wires down from 28 to 25. - The recursive `compute_evaluation` avoids some multiplications, saving 100~200 gates depending on `num_routed_wires`. * Update test * feedback 2021-11-05 09:29:08 -07:00			`/// Interpolates a polynomial, whose points are a coset of the multiplicative subgroup with the`
			`/// given size, and whose values are given. Returns the evaluation of the interpolant at`
			/// `evaluation_point`.
			`pub fn interpolate_coset(`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00			`&mut self,`
Specialize `InterpolationGate` (#339) * Specialize `InterpolationGate` To cosets of subgroups of roots of unity. This way - `InterpolationGate` needs fewer routed wires, bringing our minimum routed wires down from 28 to 25. - The recursive `compute_evaluation` avoids some multiplications, saving 100~200 gates depending on `num_routed_wires`. * Update test * feedback 2021-11-05 09:29:08 -07:00			`subgroup_bits: usize,`
			`coset_shift: Target,`
			`values: &[ExtensionTarget<D>],`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00			`evaluation_point: ExtensionTarget<D>,`
			`) -> ExtensionTarget<D> {`
Specialize `InterpolationGate` (#339) * Specialize `InterpolationGate` To cosets of subgroups of roots of unity. This way - `InterpolationGate` needs fewer routed wires, bringing our minimum routed wires down from 28 to 25. - The recursive `compute_evaluation` avoids some multiplications, saving 100~200 gates depending on `num_routed_wires`. * Update test * feedback 2021-11-05 09:29:08 -07:00			`let gate = InterpolationGate::new(subgroup_bits);`
Have `add_gate` take a generic type instead of `GateRef` (#125) * Have add_gate take a generic type instead of GateRef There are a couple advantages - Users writing their own gates won't need to know about the `GateRef` wrapper; it's more of an internal thing now. - Easier access to gate methods requiring `self` -- for example, `split_le_base` can just call `gate_type.limbs()` now. * Update comment * Always insert 2021-07-22 23:48:03 -07:00			`let gate_index = self.add_gate(gate.clone(), vec![]);`
Specialize `InterpolationGate` (#339) * Specialize `InterpolationGate` To cosets of subgroups of roots of unity. This way - `InterpolationGate` needs fewer routed wires, bringing our minimum routed wires down from 28 to 25. - The recursive `compute_evaluation` avoids some multiplications, saving 100~200 gates depending on `num_routed_wires`. * Update test * feedback 2021-11-05 09:29:08 -07:00			`self.connect(coset_shift, Target::wire(gate_index, gate.wire_shift()));`
			`for (i, &v) in values.iter().enumerate() {`
`route, assert_equal` -> `connect` 2021-08-24 08:25:11 +02:00			`self.connect_extension(`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00			`v,`
			`ExtensionTarget::from_range(gate_index, gate.wires_value(i)),`
			`);`
			`}`
`route, assert_equal` -> `connect` 2021-08-24 08:25:11 +02:00			`self.connect_extension(`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00			`evaluation_point,`
			`ExtensionTarget::from_range(gate_index, gate.wires_evaluation_point()),`
			`);`

			`ExtensionTarget::from_range(gate_index, gate.wires_evaluation_value())`
			`}`
			`}`

			`#[cfg(test)]`
			`mod tests {`
Have `prove` return `Result` (#100) * Have `prove` return `Result` To address that TODO. * PR feedback 2021-07-18 23:14:48 -07:00			`use anyhow::Result;`

Replace `CrandallQuarticField` with a more generic `QuarticExtension` (#232) * Replace `CrandallQuarticField` with a more generic `QuarticExtension` And likewise for `CrandallQuadraticField`. There are a few parameters which we can't automatically derive (in const Rust), so I specified them in a `AutoExtendable` trait. This would make it fairly easy to add extension fields for `GoldilocksField` and any future fields. * Attempt to derive 2-adicity, see Hamish's feedback * Simplify TWO_ADICITY based on chat with Hamish * PR feedback * Merge AutoExtendable into Extendable (#235) 2021-09-13 11:45:17 -07:00			`use crate::field::extension_field::quartic::QuarticExtension;`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00			`use crate::field::extension_field::FieldExtension;`
Move stuff around (#135) No functional changes here. The biggest change was moving certain files into new directories like `plonk` and `iop` (for things like `Challenger` that could be used in STARKs or other IOPs). I also split a few files, renames, etc, but again nothing functional, so I don't think a careful review is necessary (just a sanity check). 2021-07-29 22:00:29 -07:00			`use crate::field::field_types::Field;`
Delete CrandallField 2021-11-02 12:04:42 -07:00			`use crate::field::goldilocks_field::GoldilocksField;`
Clipp 2021-07-15 10:39:57 +02:00			`use crate::field::interpolation::interpolant;`
Move stuff around (#135) No functional changes here. The biggest change was moving certain files into new directories like `plonk` and `iop` (for things like `Challenger` that could be used in STARKs or other IOPs). I also split a few files, renames, etc, but again nothing functional, so I don't think a careful review is necessary (just a sanity check). 2021-07-29 22:00:29 -07:00			`use crate::iop::witness::PartialWitness;`
			`use crate::plonk::circuit_builder::CircuitBuilder;`
			`use crate::plonk::circuit_data::CircuitConfig;`
			`use crate::plonk::verifier::verify;`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00
			`#[test]`
Have `prove` return `Result` (#100) * Have `prove` return `Result` To address that TODO. * PR feedback 2021-07-18 23:14:48 -07:00			`fn test_interpolate() -> Result<()> {`
Delete CrandallField 2021-11-02 12:04:42 -07:00			`type F = GoldilocksField;`
			`type FF = QuarticExtension<GoldilocksField>;`
Standard configs (#337) `large_config` was similar to `standard_recursion_config`; let's standardize on the latter. 2021-11-03 14:30:32 -07:00			`let config = CircuitConfig::standard_recursion_config();`
PartialWitness back to HashMap 2021-08-20 11:56:57 +02:00			`let pw = PartialWitness::new();`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00			`let mut builder = CircuitBuilder::<F, 4>::new(config);`

Specialize `InterpolationGate` (#339) * Specialize `InterpolationGate` To cosets of subgroups of roots of unity. This way - `InterpolationGate` needs fewer routed wires, bringing our minimum routed wires down from 28 to 25. - The recursive `compute_evaluation` avoids some multiplications, saving 100~200 gates depending on `num_routed_wires`. * Update test * feedback 2021-11-05 09:29:08 -07:00			`let subgroup_bits = 2;`
			`let len = 1 << subgroup_bits;`
			`let coset_shift = F::rand();`
			`let g = F::primitive_root_of_unity(subgroup_bits);`
			`let points = F::cyclic_subgroup_coset_known_order(g, coset_shift, len);`
			`let values = FF::rand_vec(len);`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00
			`let homogeneous_points = points`
			`.iter()`
Specialize `InterpolationGate` (#339) * Specialize `InterpolationGate` To cosets of subgroups of roots of unity. This way - `InterpolationGate` needs fewer routed wires, bringing our minimum routed wires down from 28 to 25. - The recursive `compute_evaluation` avoids some multiplications, saving 100~200 gates depending on `num_routed_wires`. * Update test * feedback 2021-11-05 09:29:08 -07:00			`.zip(values.iter())`
			`.map(\|(&a, &b)\| (<FF as FieldExtension<4>>::from_basefield(a), b))`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00			`.collect::<Vec<_>>();`

			`let true_interpolant = interpolant(&homogeneous_points);`

			`let z = FF::rand();`
			`let true_eval = true_interpolant.eval(z);`

Specialize `InterpolationGate` (#339) * Specialize `InterpolationGate` To cosets of subgroups of roots of unity. This way - `InterpolationGate` needs fewer routed wires, bringing our minimum routed wires down from 28 to 25. - The recursive `compute_evaluation` avoids some multiplications, saving 100~200 gates depending on `num_routed_wires`. * Update test * feedback 2021-11-05 09:29:08 -07:00			`let coset_shift_target = builder.constant(coset_shift);`

			`let value_targets = values`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00			`.iter()`
Specialize `InterpolationGate` (#339) * Specialize `InterpolationGate` To cosets of subgroups of roots of unity. This way - `InterpolationGate` needs fewer routed wires, bringing our minimum routed wires down from 28 to 25. - The recursive `compute_evaluation` avoids some multiplications, saving 100~200 gates depending on `num_routed_wires`. * Update test * feedback 2021-11-05 09:29:08 -07:00			`.map(\|&v\| (builder.constant_extension(v)))`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00			`.collect::<Vec<_>>();`

			`let zt = builder.constant_extension(z);`

Specialize `InterpolationGate` (#339) * Specialize `InterpolationGate` To cosets of subgroups of roots of unity. This way - `InterpolationGate` needs fewer routed wires, bringing our minimum routed wires down from 28 to 25. - The recursive `compute_evaluation` avoids some multiplications, saving 100~200 gates depending on `num_routed_wires`. * Update test * feedback 2021-11-05 09:29:08 -07:00			`let eval = builder.interpolate_coset(subgroup_bits, coset_shift_target, &value_targets, zt);`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00			`let true_eval_target = builder.constant_extension(true_eval);`
Minor 2021-08-24 08:30:34 +02:00			`builder.connect_extension(eval, true_eval_target);`
Add interpolation gadgets 2021-06-11 16:22:29 +02:00
			`let data = builder.build();`
Fix tests 2021-08-06 15:14:38 +02:00			`let proof = data.prove(pw)?;`
Working verifier 2021-07-08 15:13:29 +02:00
Have `prove` return `Result` (#100) * Have `prove` return `Result` To address that TODO. * PR feedback 2021-07-18 23:14:48 -07:00			`verify(proof, &data.verifier_only, &data.common)`
Interpolation of two points 2021-06-07 21:24:41 +02:00			`}`
			`}`