diff --git a/src/gadgets/merkle_proofs.rs b/src/gadgets/merkle_proofs.rs new file mode 100644 index 00000000..246406b6 --- /dev/null +++ b/src/gadgets/merkle_proofs.rs @@ -0,0 +1,39 @@ +use crate::circuit_builder::CircuitBuilder; +use crate::field::field::Field; +use crate::proof::{Hash, HashTarget}; +use crate::target::Target; + +pub struct MerkleProof { + /// The Merkle digest of each sibling subtree, staying from the bottommost layer. + pub siblings: Vec>, +} + +pub struct MerkleProofTarget { + /// The Merkle digest of each sibling subtree, staying from the bottommost layer. + pub siblings: Vec, +} + +/// Verifies that the given leaf data is present at the given index in the Merkle tree with the +/// given root. +pub(crate) fn verify_merkle_proof( + leaf_data: Vec, + leaf_index: usize, + merkle_root: Hash, + proof: MerkleProof, +) { + todo!() +} + +impl CircuitBuilder { + /// Verifies that the given leaf data is present at the given index in the Merkle tree with the + /// given root. + pub(crate) fn verify_merkle_proof( + &mut self, + leaf_data: Vec, + leaf_index: Target, + merkle_root: HashTarget, + proof: MerkleProofTarget, + ) { + todo!() + } +} diff --git a/src/gadgets/mod.rs b/src/gadgets/mod.rs index f2c22478..8407efe7 100644 --- a/src/gadgets/mod.rs +++ b/src/gadgets/mod.rs @@ -1,3 +1,4 @@ pub(crate) mod arithmetic; -pub(crate) mod split_join; pub(crate) mod hash; +pub(crate) mod merkle_proofs; +pub(crate) mod split_join; diff --git a/src/proof.rs b/src/proof.rs index e9e61888..d25196cb 100644 --- a/src/proof.rs +++ b/src/proof.rs @@ -1,5 +1,6 @@ use crate::field::field::Field; use crate::target::Target; +use crate::gadgets::merkle_proofs::{MerkleProofTarget, MerkleProof}; /// Represents a ~256 bit hash output. #[derive(Copy, Clone, Debug)] @@ -32,7 +33,8 @@ pub struct Proof { /// Purported values of each polynomial at each challenge point. pub openings: Vec>, - // TODO: FRI Merkle proofs. + /// A FRI argument for each FRI query. + pub fri_proofs: Vec>, } pub struct ProofTarget { @@ -50,22 +52,29 @@ pub struct ProofTarget { pub fri_proofs: Vec, } +pub struct FriProof { + /// A Merkle root for each reduced polynomial in the commit phase. + pub commit_phase_merkle_roots: Vec>, + /// Merkle proofs for the original purported codewords, i.e. the subject of the LDT. + pub initial_merkle_proofs: Vec>, + /// Merkle proofs for the reduced polynomials that were sent in the commit phase. + pub intermediate_merkle_proofs: Vec>, + /// The final polynomial in coefficient form. + pub final_poly: Vec, +} + /// Represents a single FRI query, i.e. a path through the reduction tree. pub struct FriProofTarget { + /// A Merkle root for each reduced polynomial in the commit phase. + pub commit_phase_merkle_roots: Vec, /// Merkle proofs for the original purported codewords, i.e. the subject of the LDT. pub initial_merkle_proofs: Vec, /// Merkle proofs for the reduced polynomials that were sent in the commit phase. pub intermediate_merkle_proofs: Vec, - /// The final polynomial in point-value form. + /// The final polynomial in coefficient form. pub final_poly: Vec, } -pub struct MerkleProofTarget { - pub leaf: Vec, - pub siblings: Vec, - // TODO: Also need left/right turn info. -} - /// The purported values of each polynomial at a single point. pub struct OpeningSet { pub constants: Vec, diff --git a/src/prover.rs b/src/prover.rs index fe60e697..d4de3f5d 100644 --- a/src/prover.rs +++ b/src/prover.rs @@ -111,6 +111,8 @@ pub(crate) fn prove( let openings = Vec::new(); // TODO + let fri_proofs = Vec::new(); // TODO + info!("{:.3}s for overall witness & proof generation", start_proof_gen.elapsed().as_secs_f32()); @@ -119,6 +121,7 @@ pub(crate) fn prove( plonk_zs_root, quotient_polys_root, openings, + fri_proofs, } }