First bit of verifier

Mostly stubbed out, more coming soon...
2026-01-03 22:33:06 +00:00 · 2021-05-26 16:23:17 -07:00 · 2021-05-26 16:23:17 -07:00 · 5a5a86a416
commit 5a5a86a416
parent 9cf586274e
2 changed files with 62 additions and 9 deletions
--- a/src/circuit_data.rs
+++ b/src/circuit_data.rs
@ -1,3 +1,5 @@
+use anyhow::Result;
+
 use crate::field::extension_field::Extendable;
 use crate::field::field::Field;
 use crate::fri::FriConfig;
@ -64,8 +66,11 @@ impl<F: Field> CircuitData<F> {
        prove(&self.prover_only, &self.common, inputs)
    }

-    pub fn verify(&self) {
-        verify(&self.verifier_only, &self.common)
+    pub fn verify<const D: usize>(&self, proof: Proof<F, D>) -> Result<()>
+    where
+        F: Extendable<D>,
+    {
+        verify(proof, &self.verifier_only, &self.common)
    }
 }

@ -97,8 +102,11 @@ pub struct VerifierCircuitData<F: Field> {
 }

 impl<F: Field> VerifierCircuitData<F> {
-    pub fn verify2(&self) {
-        verify(&self.verifier_only, &self.common)
+    pub fn verify<const D: usize>(&self, proof: Proof<F, D>) -> Result<()>
+    where
+        F: Extendable<D>,
+    {
+        verify(proof, &self.verifier_only, &self.common)
    }
 }

--- a/src/verifier.rs
+++ b/src/verifier.rs
@ -1,9 +1,54 @@
-use crate::circuit_data::{CommonCircuitData, VerifierOnlyCircuitData};
-use crate::field::field::Field;
+use anyhow::Result;

-pub(crate) fn verify<F: Field>(
+use crate::circuit_data::{CommonCircuitData, VerifierOnlyCircuitData};
+use crate::field::extension_field::Extendable;
+use crate::field::field::Field;
+use crate::plonk_challenger::Challenger;
+use crate::proof::Proof;
+
+pub(crate) fn verify<F: Field + Extendable<D>, const D: usize>(
+    proof: Proof<F, D>,
    verifier_data: &VerifierOnlyCircuitData<F>,
    common_data: &CommonCircuitData<F>,
-) {
-    todo!()
+) -> Result<()> {
+    let config = &common_data.config;
+    let fri_config = &config.fri_config;
+    let num_challenges = config.num_challenges;
+
+    let mut challenger = Challenger::new();
+    // Observe the instance.
+    // TODO: Need to include public inputs as well.
+    challenger.observe_hash(&common_data.circuit_digest);
+
+    challenger.observe_hash(&proof.wires_root);
+    let betas = challenger.get_n_challenges(num_challenges);
+    let gammas = challenger.get_n_challenges(num_challenges);
+
+    challenger.observe_hash(&proof.plonk_zs_root);
+    let alphas = challenger.get_n_challenges(num_challenges);
+
+    challenger.observe_hash(&proof.quotient_polys_root);
+    let zetas = challenger.get_n_extension_challenges(config.num_challenges);
+
+    // TODO: Compute PI(zeta), Z_H(zeta), etc. and check the identity at zeta.
+
+    let evaluations = todo!();
+
+    let merkle_roots = &[
+        verifier_data.constants_root,
+        verifier_data.sigmas_root,
+        proof.wires_root,
+        proof.plonk_zs_root,
+        proof.quotient_polys_root,
+    ];
+
+    proof.opening_proof.verify(
+        &zetas,
+        evaluations,
+        merkle_roots,
+        &mut challenger,
+        fri_config,
+    )?;
+
+    Ok(())
 }