2021-02-09 21:25:21 -08:00
|
|
|
use crate::field::field::Field;
|
2021-02-26 13:18:41 -08:00
|
|
|
use crate::target::Target;
|
2021-02-09 21:25:21 -08:00
|
|
|
|
2021-03-25 15:20:14 -07:00
|
|
|
/// Represents a ~256 bit hash output.
|
|
|
|
|
#[derive(Copy, Clone)]
|
2021-02-09 21:25:21 -08:00
|
|
|
pub struct Hash<F: Field> {
|
2021-03-25 15:20:14 -07:00
|
|
|
pub(crate) elements: [F; 4],
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl<F: Field> Hash<F> {
|
|
|
|
|
pub(crate) fn from_partial(mut elements: Vec<F>) -> Self {
|
|
|
|
|
debug_assert!(elements.len() <= 4);
|
|
|
|
|
while elements.len() < 4 {
|
|
|
|
|
elements.push(F::ZERO);
|
|
|
|
|
}
|
|
|
|
|
Self { elements: [elements[0], elements[1], elements[2], elements[3]] }
|
|
|
|
|
}
|
2021-02-09 21:25:21 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pub struct HashTarget {
|
2021-02-26 13:18:41 -08:00
|
|
|
elements: Vec<Target>,
|
2021-02-09 21:25:21 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pub struct Proof2<F: Field> {
|
|
|
|
|
/// Merkle root of LDEs of wire values.
|
|
|
|
|
pub wires_root: Hash<F>,
|
|
|
|
|
/// Merkle root of LDEs of Z, in the context of Plonk's permutation argument.
|
|
|
|
|
pub plonk_z_root: Hash<F>,
|
|
|
|
|
/// Merkle root of LDEs of the quotient polynomial components.
|
|
|
|
|
pub plonk_t_root: Hash<F>,
|
|
|
|
|
|
|
|
|
|
/// Purported values of each polynomial at each challenge point.
|
|
|
|
|
pub openings: Vec<OpeningSet<F>>,
|
|
|
|
|
|
|
|
|
|
// TODO: FRI Merkle proofs.
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pub struct ProofTarget2 {
|
|
|
|
|
/// Merkle root of LDEs of wire values.
|
|
|
|
|
pub wires_root: HashTarget,
|
|
|
|
|
/// Merkle root of LDEs of Z, in the context of Plonk's permutation argument.
|
|
|
|
|
pub plonk_z_root: HashTarget,
|
|
|
|
|
/// Merkle root of LDEs of the quotient polynomial components.
|
|
|
|
|
pub plonk_t_root: HashTarget,
|
|
|
|
|
|
|
|
|
|
/// Purported values of each polynomial at each challenge point.
|
|
|
|
|
pub openings: Vec<OpeningSetTarget>,
|
|
|
|
|
|
2021-02-26 13:18:41 -08:00
|
|
|
/// A FRI argument for each FRI query.
|
|
|
|
|
pub fri_proofs: Vec<FriProofTarget>,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Represents a single FRI query, i.e. a path through the reduction tree.
|
|
|
|
|
pub struct FriProofTarget {
|
|
|
|
|
/// Merkle proofs for the original purported codewords, i.e. the subject of the LDT.
|
|
|
|
|
pub initial_merkle_proofs: Vec<MerkleProofTarget>,
|
|
|
|
|
/// Merkle proofs for the reduced polynomials that were sent in the commit phase.
|
|
|
|
|
pub intermediate_merkle_proofs: Vec<MerkleProofTarget>,
|
|
|
|
|
/// The final polynomial in point-value form.
|
|
|
|
|
pub final_poly: Vec<Target>,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pub struct MerkleProofTarget {
|
|
|
|
|
pub leaf: Vec<Target>,
|
|
|
|
|
pub siblings: Vec<Target>,
|
|
|
|
|
// TODO: Also need left/right turn info.
|
2021-02-09 21:25:21 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// The purported values of each polynomial at a single point.
|
|
|
|
|
pub struct OpeningSet<F: Field> {
|
|
|
|
|
pub constants: Vec<F>,
|
|
|
|
|
pub plonk_sigmas: Vec<F>,
|
|
|
|
|
pub wires: Vec<F>,
|
|
|
|
|
// TODO: One or multiple?
|
|
|
|
|
pub plonk_z: Vec<F>,
|
|
|
|
|
pub plonk_t: Vec<F>,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// The purported values of each polynomial at a single point.
|
|
|
|
|
pub struct OpeningSetTarget {
|
2021-02-26 13:18:41 -08:00
|
|
|
pub constants: Vec<Target>,
|
|
|
|
|
pub plonk_sigmas: Vec<Target>,
|
|
|
|
|
pub wires: Vec<Target>,
|
2021-02-09 21:25:21 -08:00
|
|
|
// TODO: One or multiple?
|
2021-02-26 13:18:41 -08:00
|
|
|
pub plonk_z: Vec<Target>,
|
|
|
|
|
pub plonk_t: Vec<Target>,
|
2021-02-09 21:25:21 -08:00
|
|
|
}
|
