diff --git a/src/circuit_data.rs b/src/circuit_data.rs index 79dae85b..726e80c6 100644 --- a/src/circuit_data.rs +++ b/src/circuit_data.rs @@ -1,12 +1,12 @@ +use crate::circuit_builder::CircuitBuilder; use crate::field::field::Field; use crate::gates::gate::GateRef; use crate::generator::WitnessGenerator; -use crate::proof::{Hash, Proof}; +use crate::proof::{Hash, Proof, HashTarget}; use crate::prover::prove; use crate::target::Target; use crate::verifier::verify; use crate::witness::PartialWitness; -use crate::circuit_builder::CircuitBuilder; #[derive(Copy, Clone)] pub struct CircuitConfig { @@ -53,7 +53,13 @@ impl CircuitData { } } -/// Circuit data required by the prover. +/// Circuit data required by the prover. This may be thought of as a proving key, although it +/// includes code for witness generation. +/// +/// The goal here is to make proof generation as fast as we can, rather than making this prover +/// structure as succinct as we can. Thus we include various precomputed data which isn't strictly +/// required, like LDEs of preprocessed polynomials. If more succinctness was desired, we could +/// construct a more minimal prover structure and convert back and forth. pub struct ProverCircuitData { pub(crate) prover_only: ProverOnlyCircuitData, pub(crate) common: CommonCircuitData, @@ -139,3 +145,15 @@ impl CommonCircuitData { self.config.num_checks * 2 + self.num_gate_constraints } } + +/// The `Target` version of `VerifierCircuitData`, for use inside recursive circuits. Note that this +/// is intentionally missing certain fields, such as `CircuitConfig`, because we support only a +/// limited form of dynamic inner circuits. We can't practically make things like the wire count +/// dynamic, at least not without setting a maximum wire count and paying for the worst case. +pub(crate) struct VerifierCircuitTarget { + /// A commitment to each constant polynomial. + pub(crate) constants_root: HashTarget, + + /// A commitment to each permutation polynomial. + pub(crate) sigmas_root: HashTarget, +} diff --git a/src/plonk_common.rs b/src/plonk_common.rs index de9a0520..c1965995 100644 --- a/src/plonk_common.rs +++ b/src/plonk_common.rs @@ -4,6 +4,11 @@ use crate::target::Target; use crate::vars::{EvaluationTargets, EvaluationVars}; use crate::gates::gate::GateRef; +/// Evaluates all gate constraints. +/// +/// `num_gate_constraints` is the largest number of constraints imposed by any gate. It is not +/// strictly necessary, but it helps performance by ensuring that we allocate a vector with exactly +/// the capacity that we need. pub fn evaluate_gate_constraints( gates: &[GateRef], num_gate_constraints: usize, diff --git a/src/recursive_verifier.rs b/src/recursive_verifier.rs index fccceb8c..54d35bf0 100644 --- a/src/recursive_verifier.rs +++ b/src/recursive_verifier.rs @@ -1,10 +1,20 @@ use crate::circuit_builder::CircuitBuilder; +use crate::circuit_data::{CircuitConfig, VerifierCircuitTarget}; use crate::field::field::Field; +use crate::gates::gate::GateRef; +use crate::proof::ProofTarget; const MIN_WIRES: usize = 120; // TODO: Double check. const MIN_ROUTED_WIRES: usize = 8; // TODO: Double check. -pub fn add_recursive_verifier(builder: &mut CircuitBuilder) { +/// Recursively verifies an inner proof. +pub fn add_recursive_verifier( + builder: &mut CircuitBuilder, + inner_config: CircuitConfig, + inner_circuit: VerifierCircuitTarget, + inner_gates: Vec>, + inner_proof: ProofTarget, +) { assert!(builder.config.num_wires >= MIN_WIRES); assert!(builder.config.num_wires >= MIN_ROUTED_WIRES); }