diff --git a/src/field/extension_field/mod.rs b/src/field/extension_field/mod.rs index 2ddea4ee..f8322e6d 100644 --- a/src/field/extension_field/mod.rs +++ b/src/field/extension_field/mod.rs @@ -1,4 +1,3 @@ -use crate::field::field_types::{Field, PrimeField}; use std::convert::TryInto; use crate::field::field_types::{Field, RichField}; diff --git a/src/fri/recursive_verifier.rs b/src/fri/recursive_verifier.rs index 86e30602..0423e8c8 100644 --- a/src/fri/recursive_verifier.rs +++ b/src/fri/recursive_verifier.rs @@ -13,7 +13,6 @@ use crate::iop::challenger::RecursiveChallenger; use crate::iop::target::{BoolTarget, Target}; use crate::plonk::circuit_builder::CircuitBuilder; use crate::plonk::circuit_data::{CircuitConfig, CommonCircuitData}; -use crate::plonk::circuit_data::CommonCircuitData; use crate::plonk::config::{AlgebraicConfig, AlgebraicHasher, GenericConfig}; use crate::plonk::plonk_common::PlonkPolynomials; use crate::plonk::proof::OpeningSetTarget; @@ -24,14 +23,14 @@ use crate::with_context; impl, const D: usize> CircuitBuilder { /// Computes P'(x^arity) from {P(x*g^i)}_(i=0..arity), where g is a `arity`-th root of unity /// and P' is the FRI reduced polynomial. - fn compute_evaluation( + fn compute_evaluation>( &mut self, x: Target, x_index_within_coset_bits: &[BoolTarget], arity_bits: usize, evals: &[ExtensionTarget], beta: ExtensionTarget, - common_data: &CommonCircuitData, + common_data: &CommonCircuitData, ) -> ExtensionTarget { let arity = 1 << arity_bits; debug_assert_eq!(evals.len(), arity); @@ -70,10 +69,10 @@ impl, const D: usize> CircuitBuilder { /// Make sure we have enough wires and routed wires to do the FRI checks efficiently. This check /// isn't required -- without it we'd get errors elsewhere in the stack -- but just gives more /// helpful errors. - fn check_recursion_config( + fn check_recursion_config>( &self, max_fri_arity_bits: usize, - common_data: &CommonCircuitData, + common_data: &CommonCircuitData, ) { let random_access = RandomAccessGate::::new_from_config( &self.config, diff --git a/src/gadgets/arithmetic.rs b/src/gadgets/arithmetic.rs index 1d8a4835..69a39bda 100644 --- a/src/gadgets/arithmetic.rs +++ b/src/gadgets/arithmetic.rs @@ -1,7 +1,6 @@ use std::borrow::Borrow; use crate::field::extension_field::Extendable; -use crate::gates::arithmetic::ArithmeticExtensionGate; use crate::field::field_types::{PrimeField, RichField}; use crate::gates::arithmetic_base::ArithmeticGate; use crate::gates::exponentiation::ExponentiationGate; diff --git a/src/gadgets/arithmetic_extension.rs b/src/gadgets/arithmetic_extension.rs index b48b25bb..ce1e4460 100644 --- a/src/gadgets/arithmetic_extension.rs +++ b/src/gadgets/arithmetic_extension.rs @@ -4,8 +4,6 @@ use crate::field::extension_field::{Extendable, OEF}; use crate::field::field_types::{Field, PrimeField, RichField}; use crate::gates::arithmetic_extension::ArithmeticExtensionGate; use crate::gates::multiplication_extension::MulExtensionGate; -use crate::field::field_types::{Field, PrimeField}; -use crate::gates::arithmetic::ArithmeticExtensionGate; use crate::iop::generator::{GeneratedValues, SimpleGenerator}; use crate::iop::target::Target; use crate::iop::witness::{PartitionWitness, Witness}; diff --git a/src/gadgets/biguint.rs b/src/gadgets/biguint.rs index e037c402..bb81d9c7 100644 --- a/src/gadgets/biguint.rs +++ b/src/gadgets/biguint.rs @@ -248,6 +248,7 @@ mod tests { use rand::Rng; use crate::iop::witness::Witness; + use crate::plonk::config::{GenericConfig, PoseidonGoldilocksConfig}; use crate::{ field::goldilocks_field::GoldilocksField, iop::witness::PartialWitness, @@ -256,16 +257,19 @@ mod tests { #[test] fn test_biguint_add() -> Result<()> { + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + type FF = >::FE; let mut rng = rand::thread_rng(); let x_value = BigUint::from_u128(rng.gen()).unwrap(); let y_value = BigUint::from_u128(rng.gen()).unwrap(); let expected_z_value = &x_value + &y_value; - type F = GoldilocksField; let config = CircuitConfig::standard_recursion_config(); let mut pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); + let mut builder = CircuitBuilder::::new(config); let x = builder.add_virtual_biguint_target(x_value.to_u32_digits().len()); let y = builder.add_virtual_biguint_target(y_value.to_u32_digits().len()); @@ -277,13 +281,17 @@ mod tests { pw.set_biguint_target(&y, &y_value); pw.set_biguint_target(&expected_z, &expected_z_value); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) } #[test] fn test_biguint_sub() -> Result<()> { + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + type FF = >::FE; let mut rng = rand::thread_rng(); let mut x_value = BigUint::from_u128(rng.gen()).unwrap(); @@ -293,10 +301,9 @@ mod tests { } let expected_z_value = &x_value - &y_value; - type F = GoldilocksField; let config = CircuitConfig::standard_recursion_config(); let pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); + let mut builder = CircuitBuilder::::new(config); let x = builder.constant_biguint(&x_value); let y = builder.constant_biguint(&y_value); @@ -305,23 +312,26 @@ mod tests { builder.connect_biguint(&z, &expected_z); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) } #[test] fn test_biguint_mul() -> Result<()> { + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + type FF = >::FE; let mut rng = rand::thread_rng(); let x_value = BigUint::from_u128(rng.gen()).unwrap(); let y_value = BigUint::from_u128(rng.gen()).unwrap(); let expected_z_value = &x_value * &y_value; - type F = GoldilocksField; let config = CircuitConfig::standard_recursion_config(); let mut pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); + let mut builder = CircuitBuilder::::new(config); let x = builder.add_virtual_biguint_target(x_value.to_u32_digits().len()); let y = builder.add_virtual_biguint_target(y_value.to_u32_digits().len()); @@ -333,22 +343,25 @@ mod tests { pw.set_biguint_target(&y, &y_value); pw.set_biguint_target(&expected_z, &expected_z_value); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) } #[test] fn test_biguint_cmp() -> Result<()> { + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + type FF = >::FE; let mut rng = rand::thread_rng(); let x_value = BigUint::from_u128(rng.gen()).unwrap(); let y_value = BigUint::from_u128(rng.gen()).unwrap(); - type F = GoldilocksField; let config = CircuitConfig::standard_recursion_config(); let pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); + let mut builder = CircuitBuilder::::new(config); let x = builder.constant_biguint(&x_value); let y = builder.constant_biguint(&y_value); @@ -357,13 +370,17 @@ mod tests { builder.connect(cmp.target, expected_cmp.target); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) } #[test] fn test_biguint_div_rem() -> Result<()> { + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + type FF = >::FE; let mut rng = rand::thread_rng(); let mut x_value = BigUint::from_u128(rng.gen()).unwrap(); @@ -373,10 +390,9 @@ mod tests { } let (expected_div_value, expected_rem_value) = x_value.div_rem(&y_value); - type F = GoldilocksField; let config = CircuitConfig::standard_recursion_config(); let pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); + let mut builder = CircuitBuilder::::new(config); let x = builder.constant_biguint(&x_value); let y = builder.constant_biguint(&y_value); @@ -388,7 +404,7 @@ mod tests { builder.connect_biguint(&div, &expected_div); builder.connect_biguint(&rem, &expected_rem); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) } diff --git a/src/gadgets/curve.rs b/src/gadgets/curve.rs index c86c3c0d..c50589ef 100644 --- a/src/gadgets/curve.rs +++ b/src/gadgets/curve.rs @@ -186,12 +186,15 @@ mod tests { use crate::iop::witness::PartialWitness; use crate::plonk::circuit_builder::CircuitBuilder; use crate::plonk::circuit_data::CircuitConfig; + use crate::plonk::config::{GenericConfig, PoseidonGoldilocksConfig}; use crate::plonk::verifier::verify; #[test] fn test_curve_point_is_valid() -> Result<()> { - type F = GoldilocksField; - const D: usize = 4; + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + type FF = >::FE; let config = CircuitConfig::standard_recursion_config(); @@ -205,7 +208,7 @@ mod tests { builder.curve_assert_valid(&g_target); builder.curve_assert_valid(&neg_g_target); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) @@ -214,8 +217,10 @@ mod tests { #[test] #[should_panic] fn test_curve_point_is_not_valid() { - type F = GoldilocksField; - const D: usize = 4; + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + type FF = >::FE; let config = CircuitConfig::standard_recursion_config(); @@ -232,7 +237,7 @@ mod tests { builder.curve_assert_valid(¬_g_target); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common).unwrap(); @@ -240,8 +245,10 @@ mod tests { #[test] fn test_curve_double() -> Result<()> { - type F = GoldilocksField; - const D: usize = 4; + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + type FF = >::FE; let config = CircuitConfig::standard_recursion_config(); @@ -268,7 +275,7 @@ mod tests { builder.connect_affine_point(&double_g_expected, &double_g_actual); builder.connect_affine_point(&double_neg_g_expected, &double_neg_g_actual); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) @@ -276,8 +283,10 @@ mod tests { #[test] fn test_curve_add() -> Result<()> { - type F = GoldilocksField; - const D: usize = 4; + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + type FF = >::FE; let config = CircuitConfig::standard_recursion_config(); @@ -297,7 +306,7 @@ mod tests { builder.connect_affine_point(&g_plus_2g_expected, &g_plus_2g_actual); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) @@ -306,8 +315,10 @@ mod tests { #[test] #[ignore] fn test_curve_mul() -> Result<()> { - type F = GoldilocksField; - const D: usize = 4; + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + type FF = >::FE; let config = CircuitConfig { num_routed_wires: 33, @@ -331,7 +342,7 @@ mod tests { builder.connect_affine_point(&five_g_expected, &five_g_actual); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) @@ -340,8 +351,10 @@ mod tests { #[test] #[ignore] fn test_curve_random() -> Result<()> { - type F = GoldilocksField; - const D: usize = 4; + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + type FF = >::FE; let config = CircuitConfig { num_routed_wires: 33, @@ -360,7 +373,7 @@ mod tests { let randot_times_two = builder.curve_scalar_mul(&randot, &two_target); builder.connect_affine_point(&randot_doubled, &randot_times_two); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) diff --git a/src/gadgets/interpolation.rs b/src/gadgets/interpolation.rs index 4081404c..8d241fc8 100644 --- a/src/gadgets/interpolation.rs +++ b/src/gadgets/interpolation.rs @@ -4,7 +4,6 @@ use crate::field::extension_field::target::ExtensionTarget; use crate::field::extension_field::Extendable; use crate::field::field_types::RichField; use crate::gates::gate::Gate; -use crate::gates::interpolation::InterpolationGate; use crate::iop::target::Target; use crate::plonk::circuit_builder::CircuitBuilder; @@ -113,6 +112,8 @@ mod tests { use crate::field::extension_field::FieldExtension; use crate::field::field_types::Field; use crate::field::interpolation::interpolant; + use crate::gates::interpolation::HighDegreeInterpolationGate; + use crate::gates::low_degree_interpolation::LowDegreeInterpolationGate; use crate::iop::witness::PartialWitness; use crate::plonk::circuit_builder::CircuitBuilder; use crate::plonk::circuit_data::CircuitConfig; diff --git a/src/gadgets/multiple_comparison.rs b/src/gadgets/multiple_comparison.rs index 3a5f2421..38e2e82d 100644 --- a/src/gadgets/multiple_comparison.rs +++ b/src/gadgets/multiple_comparison.rs @@ -76,13 +76,17 @@ mod tests { use crate::iop::witness::PartialWitness; use crate::plonk::circuit_builder::CircuitBuilder; use crate::plonk::circuit_data::CircuitConfig; + use crate::plonk::config::{GenericConfig, PoseidonGoldilocksConfig}; use crate::plonk::verifier::verify; fn test_list_le(size: usize, num_bits: usize) -> Result<()> { - type F = GoldilocksField; + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + type FF = >::FE; let config = CircuitConfig::standard_recursion_config(); let pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); + let mut builder = CircuitBuilder::::new(config); let mut rng = rand::thread_rng(); @@ -120,7 +124,7 @@ mod tests { let expected_result = builder.constant_bool(a_biguint <= b_biguint); builder.connect(result.target, expected_result.target); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) } diff --git a/src/gadgets/nonnative.rs b/src/gadgets/nonnative.rs index 56d717e3..ffbfa40c 100644 --- a/src/gadgets/nonnative.rs +++ b/src/gadgets/nonnative.rs @@ -219,19 +219,22 @@ mod tests { use crate::iop::witness::PartialWitness; use crate::plonk::circuit_builder::CircuitBuilder; use crate::plonk::circuit_data::CircuitConfig; + use crate::plonk::config::{GenericConfig, PoseidonGoldilocksConfig}; use crate::plonk::verifier::verify; #[test] fn test_nonnative_add() -> Result<()> { type FF = Secp256K1Base; + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; let x_ff = FF::rand(); let y_ff = FF::rand(); let sum_ff = x_ff + y_ff; - type F = GoldilocksField; let config = CircuitConfig::standard_recursion_config(); let pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); + let mut builder = CircuitBuilder::::new(config); let x = builder.constant_nonnative(x_ff); let y = builder.constant_nonnative(y_ff); @@ -240,7 +243,7 @@ mod tests { let sum_expected = builder.constant_nonnative(sum_ff); builder.connect_nonnative(&sum, &sum_expected); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) } @@ -248,6 +251,9 @@ mod tests { #[test] fn test_nonnative_sub() -> Result<()> { type FF = Secp256K1Base; + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; let x_ff = FF::rand(); let mut y_ff = FF::rand(); while y_ff.to_biguint() > x_ff.to_biguint() { @@ -255,10 +261,9 @@ mod tests { } let diff_ff = x_ff - y_ff; - type F = GoldilocksField; let config = CircuitConfig::standard_recursion_config(); let pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); + let mut builder = CircuitBuilder::::new(config); let x = builder.constant_nonnative(x_ff); let y = builder.constant_nonnative(y_ff); @@ -267,7 +272,7 @@ mod tests { let diff_expected = builder.constant_nonnative(diff_ff); builder.connect_nonnative(&diff, &diff_expected); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) } @@ -275,14 +280,16 @@ mod tests { #[test] fn test_nonnative_mul() -> Result<()> { type FF = Secp256K1Base; + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; let x_ff = FF::rand(); let y_ff = FF::rand(); let product_ff = x_ff * y_ff; - type F = GoldilocksField; let config = CircuitConfig::standard_recursion_config(); let pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); + let mut builder = CircuitBuilder::::new(config); let x = builder.constant_nonnative(x_ff); let y = builder.constant_nonnative(y_ff); @@ -291,7 +298,7 @@ mod tests { let product_expected = builder.constant_nonnative(product_ff); builder.connect_nonnative(&product, &product_expected); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) } @@ -299,13 +306,15 @@ mod tests { #[test] fn test_nonnative_neg() -> Result<()> { type FF = Secp256K1Base; + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; let x_ff = FF::rand(); let neg_x_ff = -x_ff; - type F = GoldilocksField; let config = CircuitConfig::standard_recursion_config(); let pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); + let mut builder = CircuitBuilder::::new(config); let x = builder.constant_nonnative(x_ff); let neg_x = builder.neg_nonnative(&x); @@ -313,7 +322,7 @@ mod tests { let neg_x_expected = builder.constant_nonnative(neg_x_ff); builder.connect_nonnative(&neg_x, &neg_x_expected); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) } @@ -321,13 +330,15 @@ mod tests { #[test] fn test_nonnative_inv() -> Result<()> { type FF = Secp256K1Base; + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; let x_ff = FF::rand(); let inv_x_ff = x_ff.inverse(); - type F = GoldilocksField; let config = CircuitConfig::standard_recursion_config(); let pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); + let mut builder = CircuitBuilder::::new(config); let x = builder.constant_nonnative(x_ff); let inv_x = builder.inv_nonnative(&x); @@ -335,7 +346,7 @@ mod tests { let inv_x_expected = builder.constant_nonnative(inv_x_ff); builder.connect_nonnative(&inv_x, &inv_x_expected); - let data = builder.build(); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); verify(proof, &data.verifier_only, &data.common) } diff --git a/src/gadgets/polynomial.rs b/src/gadgets/polynomial.rs index 9e0229fe..1008b2ab 100644 --- a/src/gadgets/polynomial.rs +++ b/src/gadgets/polynomial.rs @@ -71,7 +71,7 @@ impl PolynomialCoeffsExtAlgebraTarget { powers: &[ExtensionAlgebraTarget], ) -> ExtensionAlgebraTarget where - F: RichField + Extendable, + F: Extendable, { debug_assert_eq!(self.0.len(), powers.len() + 1); let acc = self.0[0]; diff --git a/src/gadgets/sorting.rs b/src/gadgets/sorting.rs index f4754d75..81cdee10 100644 --- a/src/gadgets/sorting.rs +++ b/src/gadgets/sorting.rs @@ -5,7 +5,6 @@ use itertools::izip; use crate::field::extension_field::Extendable; use crate::field::field_types::{Field, RichField}; use crate::gates::assert_le::AssertLessThanGate; -use crate::field::field_types::Field; use crate::gates::comparison::ComparisonGate; use crate::iop::generator::{GeneratedValues, SimpleGenerator}; use crate::iop::target::{BoolTarget, Target}; diff --git a/src/gates/arithmetic_base.rs b/src/gates/arithmetic_base.rs index d5c131a5..b50af7a1 100644 --- a/src/gates/arithmetic_base.rs +++ b/src/gates/arithmetic_base.rs @@ -197,6 +197,7 @@ mod tests { use crate::gates::arithmetic_base::ArithmeticGate; use crate::gates::gate_testing::{test_eval_fns, test_low_degree}; use crate::plonk::circuit_data::CircuitConfig; + use crate::plonk::config::{GenericConfig, PoseidonGoldilocksConfig}; #[test] fn low_degree() { @@ -206,7 +207,10 @@ mod tests { #[test] fn eval_fns() -> Result<()> { + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; let gate = ArithmeticGate::new_from_config(&CircuitConfig::standard_recursion_config()); - test_eval_fns::(gate) + test_eval_fns::(gate) } } diff --git a/src/gates/arithmetic_u32.rs b/src/gates/arithmetic_u32.rs index 472e1592..d99a4f31 100644 --- a/src/gates/arithmetic_u32.rs +++ b/src/gates/arithmetic_u32.rs @@ -344,7 +344,10 @@ mod tests { #[test] fn eval_fns() -> Result<()> { - test_eval_fns::(U32ArithmeticGate:: { + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + test_eval_fns::(U32ArithmeticGate:: { num_ops: 3, _phantom: PhantomData, }) diff --git a/src/gates/assert_le.rs b/src/gates/assert_le.rs index 4da3c44b..de52b298 100644 --- a/src/gates/assert_le.rs +++ b/src/gates/assert_le.rs @@ -439,6 +439,7 @@ mod tests { use crate::gates::gate::Gate; use crate::gates::gate_testing::{test_eval_fns, test_low_degree}; use crate::hash::hash_types::HashOut; + use crate::plonk::config::{GenericConfig, PoseidonGoldilocksConfig}; use crate::plonk::vars::EvaluationVars; #[test] @@ -480,10 +481,14 @@ mod tests { #[test] fn eval_fns() -> Result<()> { + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + let num_bits = 20; let num_chunks = 4; - test_eval_fns::(AssertLessThanGate::<_, 4>::new( + test_eval_fns::(AssertLessThanGate::<_, D>::new( num_bits, num_chunks, )) } diff --git a/src/gates/gate_tree.rs b/src/gates/gate_tree.rs index 2d203ed0..a73587b8 100644 --- a/src/gates/gate_tree.rs +++ b/src/gates/gate_tree.rs @@ -227,7 +227,6 @@ mod tests { use crate::field::goldilocks_field::GoldilocksField; use crate::gadgets::interpolation::InterpolationGate; use crate::gates::arithmetic_extension::ArithmeticExtensionGate; - use crate::gates::arithmetic::ArithmeticExtensionGate; use crate::gates::base_sum::BaseSumGate; use crate::gates::constant::ConstantGate; use crate::gates::gmimc::GMiMCGate; diff --git a/src/gates/interpolation.rs b/src/gates/interpolation.rs index aa39ae15..2dbe8ef8 100644 --- a/src/gates/interpolation.rs +++ b/src/gates/interpolation.rs @@ -19,7 +19,7 @@ use crate::polynomial::PolynomialCoeffs; /// Interpolation gate with constraints of degree at most `1<, const D: usize> { +pub(crate) struct HighDegreeInterpolationGate, const D: usize> { pub subgroup_bits: usize, _phantom: PhantomData, } @@ -39,7 +39,7 @@ impl, const D: usize> InterpolationGate } } -impl, const D: usize> HighDegreeInterpolationGate { +impl, const D: usize> HighDegreeInterpolationGate { /// End of wire indices, exclusive. fn end(&self) -> usize { self.start_coeffs() + self.num_points() * D @@ -78,9 +78,7 @@ impl, const D: usize> HighDegreeInterpolationGate, const D: usize> Gate - for HighDegreeInterpolationGate -{ +impl, const D: usize> Gate for HighDegreeInterpolationGate { fn id(&self) -> String { format!("{:?}", self, D) } diff --git a/src/gates/low_degree_interpolation.rs b/src/gates/low_degree_interpolation.rs index 709c5e9a..9f158191 100644 --- a/src/gates/low_degree_interpolation.rs +++ b/src/gates/low_degree_interpolation.rs @@ -392,6 +392,7 @@ mod tests { use crate::gates::gate_testing::{test_eval_fns, test_low_degree}; use crate::gates::low_degree_interpolation::LowDegreeInterpolationGate; use crate::hash::hash_types::HashOut; + use crate::plonk::config::{GenericConfig, PoseidonGoldilocksConfig}; use crate::plonk::vars::EvaluationVars; use crate::polynomial::PolynomialCoeffs; @@ -402,7 +403,10 @@ mod tests { #[test] fn eval_fns() -> Result<()> { - test_eval_fns::(LowDegreeInterpolationGate::new(4)) + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + test_eval_fns::(LowDegreeInterpolationGate::new(4)) } #[test] diff --git a/src/gates/multiplication_extension.rs b/src/gates/multiplication_extension.rs index 4c385b79..ddec9509 100644 --- a/src/gates/multiplication_extension.rs +++ b/src/gates/multiplication_extension.rs @@ -189,6 +189,7 @@ mod tests { use crate::gates::gate_testing::{test_eval_fns, test_low_degree}; use crate::gates::multiplication_extension::MulExtensionGate; use crate::plonk::circuit_data::CircuitConfig; + use crate::plonk::config::{GenericConfig, PoseidonGoldilocksConfig}; #[test] fn low_degree() { @@ -198,7 +199,10 @@ mod tests { #[test] fn eval_fns() -> Result<()> { + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; let gate = MulExtensionGate::new_from_config(&CircuitConfig::standard_recursion_config()); - test_eval_fns::(gate) + test_eval_fns::(gate) } } diff --git a/src/gates/poseidon.rs b/src/gates/poseidon.rs index 6d9d97d5..0f5963e3 100644 --- a/src/gates/poseidon.rs +++ b/src/gates/poseidon.rs @@ -46,7 +46,7 @@ impl, const D: usize> PoseidonGate { /// is useful for ordering hashes in Merkle proofs. Otherwise, this should be set to 0. pub const WIRE_SWAP: usize = 2 * SPONGE_WIDTH; - const START_DELTA: usize = 2 * WIDTH + 1; + const START_DELTA: usize = 2 * SPONGE_WIDTH + 1; /// A wire which stores `swap * (input[i + 4] - input[i])`; used to compute the swapped inputs. fn wire_delta(i: usize) -> usize { @@ -64,11 +64,12 @@ impl, const D: usize> PoseidonGate { "First round S-box inputs are not stored as wires" ); debug_assert!(round < poseidon::HALF_N_FULL_ROUNDS); - debug_assert!(i < WIDTH); - Self::START_FULL_0 + WIDTH * (round - 1) + i + debug_assert!(i < SPONGE_WIDTH); + Self::START_FULL_0 + SPONGE_WIDTH * (round - 1) + i } - const START_PARTIAL: usize = Self::START_FULL_0 + WIDTH * (poseidon::HALF_N_FULL_ROUNDS - 1); + const START_PARTIAL: usize = + Self::START_FULL_0 + SPONGE_WIDTH * (poseidon::HALF_N_FULL_ROUNDS - 1); /// A wire which stores the input of the S-box of the `round`-th round of the partial rounds. fn wire_partial_sbox(round: usize) -> usize { @@ -82,23 +83,19 @@ impl, const D: usize> PoseidonGate { /// of full rounds. fn wire_full_sbox_1(round: usize, i: usize) -> usize { debug_assert!(round < poseidon::HALF_N_FULL_ROUNDS); - debug_assert!(i < WIDTH); - Self::START_FULL_1 + WIDTH * round + i + debug_assert!(i < SPONGE_WIDTH); + Self::START_FULL_1 + SPONGE_WIDTH * round + i } /// End of wire indices, exclusive. fn end() -> usize { - Self::START_FULL_1 + WIDTH * poseidon::HALF_N_FULL_ROUNDS + Self::START_FULL_1 + SPONGE_WIDTH * poseidon::HALF_N_FULL_ROUNDS } } -impl + Poseidon, const D: usize, const WIDTH: usize> Gate - for PoseidonGate -where - [(); WIDTH - 1]:, -{ +impl, const D: usize> Gate for PoseidonGate { fn id(&self) -> String { - format!("{:?}", self, WIDTH) + format!("{:?}", self, SPONGE_WIDTH) } fn eval_unfiltered(&self, vars: EvaluationVars) -> Vec { @@ -117,7 +114,7 @@ where } // Compute the possibly-swapped input layer. - let mut state = [F::Extension::ZERO; WIDTH]; + let mut state = [F::Extension::ZERO; SPONGE_WIDTH]; for i in 0..4 { let delta_i = vars.local_wires[Self::wire_delta(i)]; let input_lhs = Self::wire_input(i); @@ -125,7 +122,7 @@ where state[i] = vars.local_wires[input_lhs] + delta_i; state[i + 4] = vars.local_wires[input_rhs] - delta_i; } - for i in 8..WIDTH { + for i in 8..SPONGE_WIDTH { state[i] = vars.local_wires[Self::wire_input(i)]; } @@ -133,54 +130,51 @@ where // First set of full rounds. for r in 0..poseidon::HALF_N_FULL_ROUNDS { - >::constant_layer_field(&mut state, round_ctr); + ::constant_layer_field(&mut state, round_ctr); if r != 0 { - for i in 0..WIDTH { + for i in 0..SPONGE_WIDTH { let sbox_in = vars.local_wires[Self::wire_full_sbox_0(r, i)]; constraints.push(state[i] - sbox_in); state[i] = sbox_in; } } - >::sbox_layer_field(&mut state); - state = >::mds_layer_field(&state); + ::sbox_layer_field(&mut state); + state = ::mds_layer_field(&state); round_ctr += 1; } // Partial rounds. - >::partial_first_constant_layer(&mut state); - state = >::mds_partial_layer_init(&state); + ::partial_first_constant_layer(&mut state); + state = ::mds_partial_layer_init(&state); for r in 0..(poseidon::N_PARTIAL_ROUNDS - 1) { let sbox_in = vars.local_wires[Self::wire_partial_sbox(r)]; constraints.push(state[0] - sbox_in); - state[0] = >::sbox_monomial(sbox_in); - state[0] += F::Extension::from_canonical_u64( - >::FAST_PARTIAL_ROUND_CONSTANTS[r], - ); - state = >::mds_partial_layer_fast_field(&state, r); + state[0] = ::sbox_monomial(sbox_in); + state[0] += + F::Extension::from_canonical_u64(::FAST_PARTIAL_ROUND_CONSTANTS[r]); + state = ::mds_partial_layer_fast_field(&state, r); } let sbox_in = vars.local_wires[Self::wire_partial_sbox(poseidon::N_PARTIAL_ROUNDS - 1)]; constraints.push(state[0] - sbox_in); - state[0] = >::sbox_monomial(sbox_in); - state = >::mds_partial_layer_fast_field( - &state, - poseidon::N_PARTIAL_ROUNDS - 1, - ); + state[0] = ::sbox_monomial(sbox_in); + state = + ::mds_partial_layer_fast_field(&state, poseidon::N_PARTIAL_ROUNDS - 1); round_ctr += poseidon::N_PARTIAL_ROUNDS; // Second set of full rounds. for r in 0..poseidon::HALF_N_FULL_ROUNDS { - >::constant_layer_field(&mut state, round_ctr); - for i in 0..WIDTH { + ::constant_layer_field(&mut state, round_ctr); + for i in 0..SPONGE_WIDTH { let sbox_in = vars.local_wires[Self::wire_full_sbox_1(r, i)]; constraints.push(state[i] - sbox_in); state[i] = sbox_in; } - >::sbox_layer_field(&mut state); - state = >::mds_layer_field(&state); + ::sbox_layer_field(&mut state); + state = ::mds_layer_field(&state); round_ctr += 1; } - for i in 0..WIDTH { + for i in 0..SPONGE_WIDTH { constraints.push(state[i] - vars.local_wires[Self::wire_output(i)]); } @@ -203,7 +197,7 @@ where } // Compute the possibly-swapped input layer. - let mut state = [F::ZERO; WIDTH]; + let mut state = [F::ZERO; SPONGE_WIDTH]; for i in 0..4 { let delta_i = vars.local_wires[Self::wire_delta(i)]; let input_lhs = Self::wire_input(i); @@ -211,7 +205,7 @@ where state[i] = vars.local_wires[input_lhs] + delta_i; state[i + 4] = vars.local_wires[input_rhs] - delta_i; } - for i in 8..WIDTH { + for i in 8..SPONGE_WIDTH { state[i] = vars.local_wires[Self::wire_input(i)]; } @@ -219,51 +213,49 @@ where // First set of full rounds. for r in 0..poseidon::HALF_N_FULL_ROUNDS { - >::constant_layer(&mut state, round_ctr); + ::constant_layer(&mut state, round_ctr); if r != 0 { - for i in 0..WIDTH { + for i in 0..SPONGE_WIDTH { let sbox_in = vars.local_wires[Self::wire_full_sbox_0(r, i)]; constraints.push(state[i] - sbox_in); state[i] = sbox_in; } } - >::sbox_layer(&mut state); - state = >::mds_layer(&state); + ::sbox_layer(&mut state); + state = ::mds_layer(&state); round_ctr += 1; } // Partial rounds. - >::partial_first_constant_layer(&mut state); - state = >::mds_partial_layer_init(&state); + ::partial_first_constant_layer(&mut state); + state = ::mds_partial_layer_init(&state); for r in 0..(poseidon::N_PARTIAL_ROUNDS - 1) { let sbox_in = vars.local_wires[Self::wire_partial_sbox(r)]; constraints.push(state[0] - sbox_in); - state[0] = >::sbox_monomial(sbox_in); - state[0] += - F::from_canonical_u64(>::FAST_PARTIAL_ROUND_CONSTANTS[r]); - state = >::mds_partial_layer_fast(&state, r); + state[0] = ::sbox_monomial(sbox_in); + state[0] += F::from_canonical_u64(::FAST_PARTIAL_ROUND_CONSTANTS[r]); + state = ::mds_partial_layer_fast(&state, r); } let sbox_in = vars.local_wires[Self::wire_partial_sbox(poseidon::N_PARTIAL_ROUNDS - 1)]; constraints.push(state[0] - sbox_in); - state[0] = >::sbox_monomial(sbox_in); - state = - >::mds_partial_layer_fast(&state, poseidon::N_PARTIAL_ROUNDS - 1); + state[0] = ::sbox_monomial(sbox_in); + state = ::mds_partial_layer_fast(&state, poseidon::N_PARTIAL_ROUNDS - 1); round_ctr += poseidon::N_PARTIAL_ROUNDS; // Second set of full rounds. for r in 0..poseidon::HALF_N_FULL_ROUNDS { - >::constant_layer(&mut state, round_ctr); - for i in 0..WIDTH { + ::constant_layer(&mut state, round_ctr); + for i in 0..SPONGE_WIDTH { let sbox_in = vars.local_wires[Self::wire_full_sbox_1(r, i)]; constraints.push(state[i] - sbox_in); state[i] = sbox_in; } - >::sbox_layer(&mut state); - state = >::mds_layer(&state); + ::sbox_layer(&mut state); + state = ::mds_layer(&state); round_ctr += 1; } - for i in 0..WIDTH { + for i in 0..SPONGE_WIDTH { constraints.push(state[i] - vars.local_wires[Self::wire_output(i)]); } @@ -277,7 +269,7 @@ where ) -> Vec> { // The naive method is more efficient if we have enough routed wires for PoseidonMdsGate. let use_mds_gate = - builder.config.num_routed_wires >= PoseidonMdsGate::::new().num_wires(); + builder.config.num_routed_wires >= PoseidonMdsGate::::new().num_wires(); let mut constraints = Vec::with_capacity(self.num_constraints()); @@ -295,7 +287,7 @@ where } // Compute the possibly-swapped input layer. - let mut state = [builder.zero_extension(); WIDTH]; + let mut state = [builder.zero_extension(); SPONGE_WIDTH]; for i in 0..4 { let delta_i = vars.local_wires[Self::wire_delta(i)]; let input_lhs = vars.local_wires[Self::wire_input(i)]; @@ -303,7 +295,7 @@ where state[i] = builder.add_extension(input_lhs, delta_i); state[i + 4] = builder.sub_extension(input_rhs, delta_i); } - for i in 8..WIDTH { + for i in 8..SPONGE_WIDTH { state[i] = vars.local_wires[Self::wire_input(i)]; } @@ -311,47 +303,46 @@ where // First set of full rounds. for r in 0..poseidon::HALF_N_FULL_ROUNDS { - >::constant_layer_recursive(builder, &mut state, round_ctr); + ::constant_layer_recursive(builder, &mut state, round_ctr); if r != 0 { - for i in 0..WIDTH { + for i in 0..SPONGE_WIDTH { let sbox_in = vars.local_wires[Self::wire_full_sbox_0(r, i)]; constraints.push(builder.sub_extension(state[i], sbox_in)); state[i] = sbox_in; } } - >::sbox_layer_recursive(builder, &mut state); - state = >::mds_layer_recursive(builder, &state); + ::sbox_layer_recursive(builder, &mut state); + state = ::mds_layer_recursive(builder, &state); round_ctr += 1; } // Partial rounds. if use_mds_gate { for r in 0..poseidon::N_PARTIAL_ROUNDS { - >::constant_layer_recursive(builder, &mut state, round_ctr); + ::constant_layer_recursive(builder, &mut state, round_ctr); let sbox_in = vars.local_wires[Self::wire_partial_sbox(r)]; constraints.push(builder.sub_extension(state[0], sbox_in)); - state[0] = >::sbox_monomial_recursive(builder, sbox_in); - state = >::mds_layer_recursive(builder, &state); + state[0] = ::sbox_monomial_recursive(builder, sbox_in); + state = ::mds_layer_recursive(builder, &state); round_ctr += 1; } } else { - >::partial_first_constant_layer_recursive(builder, &mut state); - state = >::mds_partial_layer_init_recursive(builder, &state); + ::partial_first_constant_layer_recursive(builder, &mut state); + state = ::mds_partial_layer_init_recursive(builder, &state); for r in 0..(poseidon::N_PARTIAL_ROUNDS - 1) { let sbox_in = vars.local_wires[Self::wire_partial_sbox(r)]; constraints.push(builder.sub_extension(state[0], sbox_in)); - state[0] = >::sbox_monomial_recursive(builder, sbox_in); - let c = >::FAST_PARTIAL_ROUND_CONSTANTS[r]; + state[0] = ::sbox_monomial_recursive(builder, sbox_in); + let c = ::FAST_PARTIAL_ROUND_CONSTANTS[r]; let c = F::Extension::from_canonical_u64(c); let c = builder.constant_extension(c); state[0] = builder.add_extension(state[0], c); - state = - >::mds_partial_layer_fast_recursive(builder, &state, r); + state = ::mds_partial_layer_fast_recursive(builder, &state, r); } let sbox_in = vars.local_wires[Self::wire_partial_sbox(poseidon::N_PARTIAL_ROUNDS - 1)]; constraints.push(builder.sub_extension(state[0], sbox_in)); - state[0] = >::sbox_monomial_recursive(builder, sbox_in); - state = >::mds_partial_layer_fast_recursive( + state[0] = ::sbox_monomial_recursive(builder, sbox_in); + state = ::mds_partial_layer_fast_recursive( builder, &state, poseidon::N_PARTIAL_ROUNDS - 1, @@ -361,18 +352,18 @@ where // Second set of full rounds. for r in 0..poseidon::HALF_N_FULL_ROUNDS { - >::constant_layer_recursive(builder, &mut state, round_ctr); - for i in 0..WIDTH { + ::constant_layer_recursive(builder, &mut state, round_ctr); + for i in 0..SPONGE_WIDTH { let sbox_in = vars.local_wires[Self::wire_full_sbox_1(r, i)]; constraints.push(builder.sub_extension(state[i], sbox_in)); state[i] = sbox_in; } - >::sbox_layer_recursive(builder, &mut state); - state = >::mds_layer_recursive(builder, &state); + ::sbox_layer_recursive(builder, &mut state); + state = ::mds_layer_recursive(builder, &state); round_ctr += 1; } - for i in 0..WIDTH { + for i in 0..SPONGE_WIDTH { constraints .push(builder.sub_extension(state[i], vars.local_wires[Self::wire_output(i)])); } @@ -385,7 +376,7 @@ where gate_index: usize, _local_constants: &[F], ) -> Vec>> { - let gen = PoseidonGenerator:: { + let gen = PoseidonGenerator:: { gate_index, _phantom: PhantomData, }; @@ -405,31 +396,27 @@ where } fn num_constraints(&self) -> usize { - WIDTH * (poseidon::N_FULL_ROUNDS_TOTAL - 1) + poseidon::N_PARTIAL_ROUNDS + WIDTH + 1 + 4 + SPONGE_WIDTH * (poseidon::N_FULL_ROUNDS_TOTAL - 1) + + poseidon::N_PARTIAL_ROUNDS + + SPONGE_WIDTH + + 1 + + 4 } } #[derive(Debug)] -struct PoseidonGenerator< - F: RichField + Extendable + Poseidon, - const D: usize, - const WIDTH: usize, -> where - [(); WIDTH - 1]:, -{ +struct PoseidonGenerator + Poseidon, const D: usize> { gate_index: usize, _phantom: PhantomData, } -impl + Poseidon, const D: usize, const WIDTH: usize> - SimpleGenerator for PoseidonGenerator -where - [(); WIDTH - 1]:, +impl + Poseidon, const D: usize> SimpleGenerator + for PoseidonGenerator { fn dependencies(&self) -> Vec { - (0..WIDTH) - .map(|i| PoseidonGate::::wire_input(i)) - .chain(Some(PoseidonGate::::WIRE_SWAP)) + (0..SPONGE_WIDTH) + .map(|i| PoseidonGate::::wire_input(i)) + .chain(Some(PoseidonGate::::WIRE_SWAP)) .map(|input| Target::wire(self.gate_index, input)) .collect() } @@ -440,19 +427,16 @@ where input, }; - let mut state = (0..WIDTH) - .map(|i| witness.get_wire(local_wire(PoseidonGate::::wire_input(i)))) + let mut state = (0..SPONGE_WIDTH) + .map(|i| witness.get_wire(local_wire(PoseidonGate::::wire_input(i)))) .collect::>(); - let swap_value = witness.get_wire(local_wire(PoseidonGate::::WIRE_SWAP)); + let swap_value = witness.get_wire(local_wire(PoseidonGate::::WIRE_SWAP)); debug_assert!(swap_value == F::ZERO || swap_value == F::ONE); for i in 0..4 { let delta_i = swap_value * (state[i + 4] - state[i]); - out_buffer.set_wire( - local_wire(PoseidonGate::::wire_delta(i)), - delta_i, - ); + out_buffer.set_wire(local_wire(PoseidonGate::::wire_delta(i)), delta_i); } if swap_value == F::ONE { @@ -461,67 +445,61 @@ where } } - let mut state: [F; WIDTH] = state.try_into().unwrap(); + let mut state: [F; SPONGE_WIDTH] = state.try_into().unwrap(); let mut round_ctr = 0; for r in 0..poseidon::HALF_N_FULL_ROUNDS { - >::constant_layer_field(&mut state, round_ctr); + ::constant_layer_field(&mut state, round_ctr); if r != 0 { - for i in 0..WIDTH { + for i in 0..SPONGE_WIDTH { out_buffer.set_wire( - local_wire(PoseidonGate::::wire_full_sbox_0(r, i)), + local_wire(PoseidonGate::::wire_full_sbox_0(r, i)), state[i], ); } } - >::sbox_layer_field(&mut state); - state = >::mds_layer_field(&state); + ::sbox_layer_field(&mut state); + state = ::mds_layer_field(&state); round_ctr += 1; } - >::partial_first_constant_layer(&mut state); - state = >::mds_partial_layer_init(&state); + ::partial_first_constant_layer(&mut state); + state = ::mds_partial_layer_init(&state); for r in 0..(poseidon::N_PARTIAL_ROUNDS - 1) { out_buffer.set_wire( - local_wire(PoseidonGate::::wire_partial_sbox(r)), + local_wire(PoseidonGate::::wire_partial_sbox(r)), state[0], ); - state[0] = >::sbox_monomial(state[0]); - state[0] += - F::from_canonical_u64(>::FAST_PARTIAL_ROUND_CONSTANTS[r]); - state = >::mds_partial_layer_fast_field(&state, r); + state[0] = ::sbox_monomial(state[0]); + state[0] += F::from_canonical_u64(::FAST_PARTIAL_ROUND_CONSTANTS[r]); + state = ::mds_partial_layer_fast_field(&state, r); } out_buffer.set_wire( - local_wire(PoseidonGate::::wire_partial_sbox( + local_wire(PoseidonGate::::wire_partial_sbox( poseidon::N_PARTIAL_ROUNDS - 1, )), state[0], ); - state[0] = >::sbox_monomial(state[0]); - state = >::mds_partial_layer_fast_field( - &state, - poseidon::N_PARTIAL_ROUNDS - 1, - ); + state[0] = ::sbox_monomial(state[0]); + state = + ::mds_partial_layer_fast_field(&state, poseidon::N_PARTIAL_ROUNDS - 1); round_ctr += poseidon::N_PARTIAL_ROUNDS; for r in 0..poseidon::HALF_N_FULL_ROUNDS { - >::constant_layer_field(&mut state, round_ctr); - for i in 0..WIDTH { + ::constant_layer_field(&mut state, round_ctr); + for i in 0..SPONGE_WIDTH { out_buffer.set_wire( - local_wire(PoseidonGate::::wire_full_sbox_1(r, i)), + local_wire(PoseidonGate::::wire_full_sbox_1(r, i)), state[i], ); } - >::sbox_layer_field(&mut state); - state = >::mds_layer_field(&state); + ::sbox_layer_field(&mut state); + state = ::mds_layer_field(&state); round_ctr += 1; } - for i in 0..WIDTH { - out_buffer.set_wire( - local_wire(PoseidonGate::::wire_output(i)), - state[i], - ); + for i in 0..SPONGE_WIDTH { + out_buffer.set_wire(local_wire(PoseidonGate::::wire_output(i)), state[i]); } } } @@ -546,8 +524,7 @@ mod tests { #[test] fn wire_indices() { type F = GoldilocksField; - const WIDTH: usize = 12; - type Gate = PoseidonGate; + type Gate = PoseidonGate; assert_eq!(Gate::wire_input(0), 0); assert_eq!(Gate::wire_input(11), 11); diff --git a/src/gates/poseidon_mds.rs b/src/gates/poseidon_mds.rs index 1abbe71f..400c0716 100644 --- a/src/gates/poseidon_mds.rs +++ b/src/gates/poseidon_mds.rs @@ -7,6 +7,7 @@ use crate::field::extension_field::Extendable; use crate::field::extension_field::FieldExtension; use crate::field::field_types::{Field, RichField}; use crate::gates::gate::Gate; +use crate::hash::hashing::SPONGE_WIDTH; use crate::hash::poseidon::Poseidon; use crate::iop::generator::{GeneratedValues, SimpleGenerator, WitnessGenerator}; use crate::iop::target::Target; @@ -15,21 +16,11 @@ use crate::plonk::circuit_builder::CircuitBuilder; use crate::plonk::vars::{EvaluationTargets, EvaluationVars, EvaluationVarsBase}; #[derive(Debug)] -pub struct PoseidonMdsGate< - F: RichField + Extendable + Poseidon, - const D: usize, - const WIDTH: usize, -> where - [(); WIDTH - 1]:, -{ +pub struct PoseidonMdsGate + Poseidon, const D: usize> { _phantom: PhantomData, } -impl + Poseidon, const D: usize, const WIDTH: usize> - PoseidonMdsGate -where - [(); WIDTH - 1]:, -{ +impl + Poseidon, const D: usize> PoseidonMdsGate { pub fn new() -> Self { PoseidonMdsGate { _phantom: PhantomData, @@ -37,13 +28,13 @@ where } pub fn wires_input(i: usize) -> Range { - assert!(i < WIDTH); + assert!(i < SPONGE_WIDTH); i * D..(i + 1) * D } pub fn wires_output(i: usize) -> Range { - assert!(i < WIDTH); - (WIDTH + i) * D..(WIDTH + i + 1) * D + assert!(i < SPONGE_WIDTH); + (SPONGE_WIDTH + i) * D..(SPONGE_WIDTH + i + 1) * D } // Following are methods analogous to ones in `Poseidon`, but for extension algebras. @@ -51,15 +42,14 @@ where /// Same as `mds_row_shf` for an extension algebra of `F`. fn mds_row_shf_algebra( r: usize, - v: &[ExtensionAlgebra; WIDTH], + v: &[ExtensionAlgebra; SPONGE_WIDTH], ) -> ExtensionAlgebra { - debug_assert!(r < WIDTH); + debug_assert!(r < SPONGE_WIDTH); let mut res = ExtensionAlgebra::ZERO; - for i in 0..WIDTH { - let coeff = - F::Extension::from_canonical_u64(1 << >::MDS_MATRIX_EXPS[i]); - res += v[(i + r) % WIDTH].scalar_mul(coeff); + for i in 0..SPONGE_WIDTH { + let coeff = F::Extension::from_canonical_u64(1 << ::MDS_MATRIX_EXPS[i]); + res += v[(i + r) % SPONGE_WIDTH].scalar_mul(coeff); } res @@ -69,16 +59,16 @@ where fn mds_row_shf_algebra_recursive( builder: &mut CircuitBuilder, r: usize, - v: &[ExtensionAlgebraTarget; WIDTH], + v: &[ExtensionAlgebraTarget; SPONGE_WIDTH], ) -> ExtensionAlgebraTarget { - debug_assert!(r < WIDTH); + debug_assert!(r < SPONGE_WIDTH); let mut res = builder.zero_ext_algebra(); - for i in 0..WIDTH { + for i in 0..SPONGE_WIDTH { let coeff = builder.constant_extension(F::Extension::from_canonical_u64( - 1 << >::MDS_MATRIX_EXPS[i], + 1 << ::MDS_MATRIX_EXPS[i], )); - res = builder.scalar_mul_add_ext_algebra(coeff, v[(i + r) % WIDTH], res); + res = builder.scalar_mul_add_ext_algebra(coeff, v[(i + r) % SPONGE_WIDTH], res); } res @@ -86,11 +76,11 @@ where /// Same as `mds_layer` for an extension algebra of `F`. fn mds_layer_algebra( - state: &[ExtensionAlgebra; WIDTH], - ) -> [ExtensionAlgebra; WIDTH] { - let mut result = [ExtensionAlgebra::ZERO; WIDTH]; + state: &[ExtensionAlgebra; SPONGE_WIDTH], + ) -> [ExtensionAlgebra; SPONGE_WIDTH] { + let mut result = [ExtensionAlgebra::ZERO; SPONGE_WIDTH]; - for r in 0..WIDTH { + for r in 0..SPONGE_WIDTH { result[r] = Self::mds_row_shf_algebra(r, state); } @@ -100,11 +90,11 @@ where /// Same as `mds_layer_recursive` for an extension algebra of `F`. fn mds_layer_algebra_recursive( builder: &mut CircuitBuilder, - state: &[ExtensionAlgebraTarget; WIDTH], - ) -> [ExtensionAlgebraTarget; WIDTH] { - let mut result = [builder.zero_ext_algebra(); WIDTH]; + state: &[ExtensionAlgebraTarget; SPONGE_WIDTH], + ) -> [ExtensionAlgebraTarget; SPONGE_WIDTH] { + let mut result = [builder.zero_ext_algebra(); SPONGE_WIDTH]; - for r in 0..WIDTH { + for r in 0..SPONGE_WIDTH { result[r] = Self::mds_row_shf_algebra_recursive(builder, r, state); } @@ -112,17 +102,13 @@ where } } -impl + Poseidon, const D: usize, const WIDTH: usize> Gate - for PoseidonMdsGate -where - [(); WIDTH - 1]:, -{ +impl + Poseidon, const D: usize> Gate for PoseidonMdsGate { fn id(&self) -> String { - format!("{:?}", self, WIDTH) + format!("{:?}", self, SPONGE_WIDTH) } fn eval_unfiltered(&self, vars: EvaluationVars) -> Vec { - let inputs: [_; WIDTH] = (0..WIDTH) + let inputs: [_; SPONGE_WIDTH] = (0..SPONGE_WIDTH) .map(|i| vars.get_local_ext_algebra(Self::wires_input(i))) .collect::>() .try_into() @@ -130,7 +116,7 @@ where let computed_outputs = Self::mds_layer_algebra(&inputs); - (0..WIDTH) + (0..SPONGE_WIDTH) .map(|i| vars.get_local_ext_algebra(Self::wires_output(i))) .zip(computed_outputs) .flat_map(|(out, computed_out)| (out - computed_out).to_basefield_array()) @@ -138,7 +124,7 @@ where } fn eval_unfiltered_base(&self, vars: EvaluationVarsBase) -> Vec { - let inputs: [_; WIDTH] = (0..WIDTH) + let inputs: [_; SPONGE_WIDTH] = (0..SPONGE_WIDTH) .map(|i| vars.get_local_ext(Self::wires_input(i))) .collect::>() .try_into() @@ -146,7 +132,7 @@ where let computed_outputs = F::mds_layer_field(&inputs); - (0..WIDTH) + (0..SPONGE_WIDTH) .map(|i| vars.get_local_ext(Self::wires_output(i))) .zip(computed_outputs) .flat_map(|(out, computed_out)| (out - computed_out).to_basefield_array()) @@ -158,7 +144,7 @@ where builder: &mut CircuitBuilder, vars: EvaluationTargets, ) -> Vec> { - let inputs: [_; WIDTH] = (0..WIDTH) + let inputs: [_; SPONGE_WIDTH] = (0..SPONGE_WIDTH) .map(|i| vars.get_local_ext_algebra(Self::wires_input(i))) .collect::>() .try_into() @@ -166,7 +152,7 @@ where let computed_outputs = Self::mds_layer_algebra_recursive(builder, &inputs); - (0..WIDTH) + (0..SPONGE_WIDTH) .map(|i| vars.get_local_ext_algebra(Self::wires_output(i))) .zip(computed_outputs) .flat_map(|(out, computed_out)| { @@ -182,12 +168,12 @@ where gate_index: usize, _local_constants: &[F], ) -> Vec>> { - let gen = PoseidonMdsGenerator:: { gate_index }; + let gen = PoseidonMdsGenerator:: { gate_index }; vec![Box::new(gen.adapter())] } fn num_wires(&self) -> usize { - 2 * D * WIDTH + 2 * D * SPONGE_WIDTH } fn num_constants(&self) -> usize { @@ -199,30 +185,22 @@ where } fn num_constraints(&self) -> usize { - WIDTH * D + SPONGE_WIDTH * D } } #[derive(Clone, Debug)] -struct PoseidonMdsGenerator -where - [(); WIDTH - 1]:, -{ +struct PoseidonMdsGenerator { gate_index: usize, } -impl + Poseidon, const D: usize, const WIDTH: usize> - SimpleGenerator for PoseidonMdsGenerator -where - [(); WIDTH - 1]:, +impl + Poseidon, const D: usize> SimpleGenerator + for PoseidonMdsGenerator { fn dependencies(&self) -> Vec { - (0..WIDTH) + (0..SPONGE_WIDTH) .flat_map(|i| { - Target::wires_from_range( - self.gate_index, - PoseidonMdsGate::::wires_input(i), - ) + Target::wires_from_range(self.gate_index, PoseidonMdsGate::::wires_input(i)) }) .collect() } @@ -233,8 +211,8 @@ where let get_local_ext = |wire_range| witness.get_extension_target(get_local_get_target(wire_range)); - let inputs: [_; WIDTH] = (0..WIDTH) - .map(|i| get_local_ext(PoseidonMdsGate::::wires_input(i))) + let inputs: [_; SPONGE_WIDTH] = (0..SPONGE_WIDTH) + .map(|i| get_local_ext(PoseidonMdsGate::::wires_input(i))) .collect::>() .try_into() .unwrap(); @@ -243,7 +221,7 @@ where for (i, &out) in outputs.iter().enumerate() { out_buffer.set_extension_target( - get_local_get_target(PoseidonMdsGate::::wires_output(i)), + get_local_get_target(PoseidonMdsGate::::wires_output(i)), out, ); } @@ -256,18 +234,23 @@ mod tests { use crate::gates::gate_testing::{test_eval_fns, test_low_degree}; use crate::gates::poseidon_mds::PoseidonMdsGate; use crate::hash::hashing::SPONGE_WIDTH; + use crate::plonk::config::{GenericConfig, PoseidonGoldilocksConfig}; #[test] fn low_degree() { - type F = GoldilocksField; - let gate = PoseidonMdsGate::::new(); + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + let gate = PoseidonMdsGate::::new(); test_low_degree(gate) } #[test] fn eval_fns() -> anyhow::Result<()> { - type F = GoldilocksField; - let gate = PoseidonMdsGate::::new(); - test_eval_fns(gate) + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + let gate = PoseidonMdsGate::::new(); + test_eval_fns::(gate) } } diff --git a/src/gates/random_access.rs b/src/gates/random_access.rs index 41a14288..9ea0db55 100644 --- a/src/gates/random_access.rs +++ b/src/gates/random_access.rs @@ -16,13 +16,13 @@ use crate::plonk::vars::{EvaluationTargets, EvaluationVars, EvaluationVarsBase}; /// A gate for checking that a particular element of a list matches a given value. #[derive(Copy, Clone, Debug)] -pub(crate) struct RandomAccessGate, const D: usize> { +pub(crate) struct RandomAccessGate, const D: usize> { pub bits: usize, pub num_copies: usize, _phantom: PhantomData, } -impl, const D: usize> RandomAccessGate { +impl, const D: usize> RandomAccessGate { fn new(num_copies: usize, bits: usize) -> Self { Self { bits, diff --git a/src/gates/reducing_extension.rs b/src/gates/reducing_extension.rs index 532b484f..1d09585c 100644 --- a/src/gates/reducing_extension.rs +++ b/src/gates/reducing_extension.rs @@ -209,6 +209,7 @@ mod tests { use crate::field::goldilocks_field::GoldilocksField; use crate::gates::gate_testing::{test_eval_fns, test_low_degree}; use crate::gates::reducing_extension::ReducingExtensionGate; + use crate::plonk::config::{GenericConfig, PoseidonGoldilocksConfig}; #[test] fn low_degree() { @@ -217,6 +218,9 @@ mod tests { #[test] fn eval_fns() -> Result<()> { - test_eval_fns::(ReducingExtensionGate::new(22)) + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + test_eval_fns::(ReducingExtensionGate::new(22)) } } diff --git a/src/gates/subtraction_u32.rs b/src/gates/subtraction_u32.rs index fc4cd646..23c086ba 100644 --- a/src/gates/subtraction_u32.rs +++ b/src/gates/subtraction_u32.rs @@ -321,6 +321,7 @@ mod tests { use crate::gates::gate_testing::{test_eval_fns, test_low_degree}; use crate::gates::subtraction_u32::U32SubtractionGate; use crate::hash::hash_types::HashOut; + use crate::plonk::config::{GenericConfig, PoseidonGoldilocksConfig}; use crate::plonk::vars::EvaluationVars; #[test] @@ -333,7 +334,10 @@ mod tests { #[test] fn eval_fns() -> Result<()> { - test_eval_fns::(U32SubtractionGate:: { + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + test_eval_fns::(U32SubtractionGate:: { num_ops: 3, _phantom: PhantomData, }) diff --git a/src/hash/arch/aarch64/poseidon_goldilocks_neon.rs b/src/hash/arch/aarch64/poseidon_goldilocks_neon.rs index 6437818b..6736cd34 100644 --- a/src/hash/arch/aarch64/poseidon_goldilocks_neon.rs +++ b/src/hash/arch/aarch64/poseidon_goldilocks_neon.rs @@ -53,7 +53,7 @@ const fn check_mds_matrix() -> bool { let mut i = 0; let wanted_matrix_exps = [0, 0, 1, 0, 3, 5, 1, 8, 12, 3, 16, 10]; while i < WIDTH { - if >::MDS_MATRIX_EXPS[i] != wanted_matrix_exps[i] { + if ::MDS_MATRIX_EXPS[i] != wanted_matrix_exps[i] { return false; } i += 1; @@ -68,7 +68,7 @@ const fn mds_matrix_inf_norm() -> u64 { let mut cumul = 0; let mut i = 0; while i < WIDTH { - cumul += 1 << >::MDS_MATRIX_EXPS[i]; + cumul += 1 << ::MDS_MATRIX_EXPS[i]; i += 1; } cumul diff --git a/src/hash/hashing.rs b/src/hash/hashing.rs index 44e7e831..4760b882 100644 --- a/src/hash/hashing.rs +++ b/src/hash/hashing.rs @@ -130,7 +130,7 @@ pub fn hash_n_to_m>( // Absorb all input chunks. for input_chunk in inputs.chunks(SPONGE_RATE) { state[..input_chunk.len()].copy_from_slice(input_chunk); - state = permute(state); + state = P::permute(state); } // Squeeze until we have the desired number of outputs. diff --git a/src/hash/merkle_proofs.rs b/src/hash/merkle_proofs.rs index a2ec2a31..20654fa2 100644 --- a/src/hash/merkle_proofs.rs +++ b/src/hash/merkle_proofs.rs @@ -93,7 +93,7 @@ impl, const D: usize> CircuitBuilder { proof: &MerkleProofTarget, ) { let zero = self.zero(); - let mut state:HashOutTarget = self.hash_or_noop(leaf_data); + let mut state: HashOutTarget = self.hash_or_noop::(leaf_data); for (&bit, &sibling) in leaf_index_bits.iter().zip(&proof.siblings) { let mut perm_inputs = [zero; SPONGE_WIDTH]; diff --git a/src/hash/poseidon.rs b/src/hash/poseidon.rs index 1abda74b..f8e7f78f 100644 --- a/src/hash/poseidon.rs +++ b/src/hash/poseidon.rs @@ -450,7 +450,7 @@ pub trait Poseidon: PrimeField { s0, ); for i in 1..WIDTH { - let t = >::FAST_PARTIAL_ROUND_W_HATS[r][i - 1]; + let t = ::FAST_PARTIAL_ROUND_W_HATS[r][i - 1]; let t = Self::Extension::from_canonical_u64(t); let t = builder.constant_extension(t); d = builder.mul_add_extension(t, state[i], d); diff --git a/src/iop/challenger.rs b/src/iop/challenger.rs index b8801f79..1e2cd293 100644 --- a/src/iop/challenger.rs +++ b/src/iop/challenger.rs @@ -1,7 +1,7 @@ -use crate::field::extension_field::target::ExtensionTarget; use std::convert::TryInto; use std::marker::PhantomData; +use crate::field::extension_field::target::ExtensionTarget; use crate::field::extension_field::{Extendable, FieldExtension}; use crate::field::field_types::RichField; use crate::hash::hash_types::{HashOut, HashOutTarget, MerkleCapTarget}; diff --git a/src/iop/generator.rs b/src/iop/generator.rs index 6dfae5ef..d1d300b4 100644 --- a/src/iop/generator.rs +++ b/src/iop/generator.rs @@ -6,7 +6,6 @@ use num::BigUint; use crate::field::extension_field::target::ExtensionTarget; use crate::field::extension_field::{Extendable, FieldExtension}; use crate::field::field_types::Field; -use crate::field::field_types::{Field, RichField}; use crate::gadgets::arithmetic_u32::U32Target; use crate::gadgets::biguint::BigUintTarget; use crate::gadgets::nonnative::NonNativeTarget; diff --git a/src/iop/witness.rs b/src/iop/witness.rs index a614ca4a..17fd0823 100644 --- a/src/iop/witness.rs +++ b/src/iop/witness.rs @@ -5,7 +5,6 @@ use num::{BigUint, FromPrimitive, Zero}; use crate::field::extension_field::target::ExtensionTarget; use crate::field::extension_field::{Extendable, FieldExtension}; use crate::field::field_types::{Field, RichField}; -use crate::field::field_types::Field; use crate::gadgets::arithmetic_u32::U32Target; use crate::gadgets::biguint::BigUintTarget; use crate::gadgets::nonnative::NonNativeTarget; diff --git a/src/plonk/circuit_builder.rs b/src/plonk/circuit_builder.rs index 9398dc97..e1cd5bbf 100644 --- a/src/plonk/circuit_builder.rs +++ b/src/plonk/circuit_builder.rs @@ -765,7 +765,7 @@ impl, const D: usize> CircuitBuilder { /// Various gate types can contain multiple copies in a single Gate. This helper struct lets a /// CircuitBuilder track such gates that are currently being "filled up." -pub struct BatchedGates, const D: usize> { +pub struct BatchedGates, const D: usize> { /// A map `(c0, c1) -> (g, i)` from constants `(c0,c1)` to an available arithmetic gate using /// these constants with gate index `g` and already using `i` arithmetic operations. pub(crate) free_arithmetic: HashMap<(F, F), (usize, usize)>, @@ -792,7 +792,7 @@ pub struct BatchedGates, const D: usize> { pub(crate) free_constant: Option<(usize, usize)>, } -impl, const D: usize> BatchedGates { +impl, const D: usize> BatchedGates { pub fn new() -> Self { Self { free_arithmetic: HashMap::new(), @@ -807,7 +807,7 @@ impl, const D: usize> BatchedGates { } } -impl, const D: usize> CircuitBuilder { +impl, const D: usize> CircuitBuilder { /// Finds the last available arithmetic gate with the given constants or add one if there aren't any. /// Returns `(g,i)` such that there is an arithmetic gate with the given constants at index /// `g` and the gate's `i`-th operation is available. diff --git a/src/plonk/circuit_data.rs b/src/plonk/circuit_data.rs index ea90fb1b..668f350f 100644 --- a/src/plonk/circuit_data.rs +++ b/src/plonk/circuit_data.rs @@ -15,7 +15,6 @@ use crate::iop::generator::WitnessGenerator; use crate::iop::target::Target; use crate::iop::witness::PartialWitness; use crate::plonk::config::{GenericConfig, Hasher}; -use crate::plonk::proof::ProofWithPublicInputs; use crate::plonk::proof::{CompressedProofWithPublicInputs, ProofWithPublicInputs}; use crate::plonk::prover::prove; use crate::plonk::verifier::verify; @@ -108,7 +107,7 @@ impl, C: GenericConfig, const D: usize> CircuitData, + compressed_proof_with_pis: CompressedProofWithPublicInputs, ) -> Result<()> { compressed_proof_with_pis.verify(&self.verifier_only, &self.common) } @@ -151,7 +150,7 @@ impl, C: GenericConfig, const D: usize> VerifierCircu pub fn verify_compressed( &self, - compressed_proof_with_pis: CompressedProofWithPublicInputs, + compressed_proof_with_pis: CompressedProofWithPublicInputs, ) -> Result<()> { compressed_proof_with_pis.verify(&self.verifier_only, &self.common) } diff --git a/src/plonk/recursive_verifier.rs b/src/plonk/recursive_verifier.rs index 64c2b3fd..a5f5c7dd 100644 --- a/src/plonk/recursive_verifier.rs +++ b/src/plonk/recursive_verifier.rs @@ -370,8 +370,9 @@ mod tests { type F = >::F; let config = CircuitConfig::standard_recursion_config(); - let (proof, vd, cd) = dummy_proof::(&config, 4_000)?; - let (proof, _vd, cd) = recursive_proof::(proof, vd, cd, &config, &config, None, true, true)?; + let (proof, vd, cd) = dummy_proof::(&config, 4_000)?; + let (proof, _vd, cd) = + recursive_proof::(proof, vd, cd, &config, &config, None, true, true)?; test_serialization(&proof, &cd)?; Ok(()) @@ -389,12 +390,13 @@ mod tests { let config = CircuitConfig::standard_recursion_config(); // Start with a degree 2^14 proof, then shrink it to 2^13, then to 2^12. - let (proof, vd, cd) = dummy_proof::(&config, 16_000)?; + let (proof, vd, cd) = dummy_proof::(&config, 16_000)?; assert_eq!(cd.degree_bits, 14); let (proof, vd, cd) = - recursive_proof::(proof, vd, cd, &config, &config, Some(13), false, false)?; + recursive_proof::(proof, vd, cd, &config, &config, Some(13), false, false)?; assert_eq!(cd.degree_bits, 13); - let (proof, _vd, cd) = recursive_proof::(proof, vd, cd, &config, &config, None, true, true)?; + let (proof, _vd, cd) = + recursive_proof::(proof, vd, cd, &config, &config, None, true, true)?; assert_eq!(cd.degree_bits, 12); test_serialization(&proof, &cd)?; @@ -416,7 +418,7 @@ mod tests { let standard_config = CircuitConfig::standard_recursion_config(); // An initial dummy proof. - let (proof, vd, cd) = dummy_proof::(&standard_config, 4_000)?; + let (proof, vd, cd) = dummy_proof::(&standard_config, 4_000)?; assert_eq!(cd.degree_bits, 12); // A standard recursive proof. diff --git a/src/util/reducing.rs b/src/util/reducing.rs index 2b8e80e7..562293e5 100644 --- a/src/util/reducing.rs +++ b/src/util/reducing.rs @@ -2,9 +2,8 @@ use std::borrow::Borrow; use crate::field::extension_field::target::ExtensionTarget; use crate::field::extension_field::Extendable; -use crate::field::field_types::{Field, RichField}; -use crate::gates::arithmetic_extension::ArithmeticExtensionGate; use crate::field::field_types::Field; +use crate::gates::arithmetic_extension::ArithmeticExtensionGate; use crate::gates::reducing::ReducingGate; use crate::gates::reducing_extension::ReducingExtensionGate; use crate::iop::target::Target; @@ -218,7 +217,7 @@ impl ReducingFactorTarget { builder: &mut CircuitBuilder, ) -> ExtensionTarget where - F: RichField + Extendable, + F: Extendable, { self.count += terms.len() as u64; terms