Bit of prover work

src/circuit_builder.rs

@@ -10,8 +10,12 @@ use crate::wire::Wire;
 
 pub struct CircuitBuilder2<F: Field> {
     config: CircuitConfig,
+
+    /// The types of gates used in this circuit.
     gates: HashSet<GateRef<F>>,
+
     gate_instances: Vec<GateInstance<F>>,
+
     generators: Vec<Box<dyn WitnessGenerator<F>>>,
 }
 

src/circuit_data.rs

@@ -5,6 +5,7 @@ use crate::proof::{Hash, Proof2};
 use crate::prover::prove;
 use crate::verifier::verify;
 use crate::witness::PartialWitness;
+use crate::gates::gate::{GateRef, Gate};
 
 #[derive(Copy, Clone)]
 pub struct CircuitConfig {
@@ -14,7 +15,7 @@ pub struct CircuitConfig {
 }
 
 impl CircuitConfig {
-    pub fn advice_wires(&self) -> usize {
+    pub fn num_advice_wires(&self) -> usize {
         self.num_wires - self.num_routed_wires
     }
 }
@@ -74,9 +75,21 @@ pub(crate) struct CommonCircuitData<F: Field> {
 
     pub degree: usize,
 
+    /// The types of gates used in this circuit.
+    pub gates: Vec<GateRef<F>>,
+
     /// A commitment to each constant polynomial.
     pub constants_root: Hash<F>,
 
     /// A commitment to each permutation polynomial.
     pub sigmas_root: Hash<F>,
 }
+
+impl<F: Field> CommonCircuitData<F> {
+    pub fn constraint_degree(&self, config: CircuitConfig) -> usize {
+        self.gates.iter()
+            .map(|g| g.0.degree(config))
+            .max()
+            .expect("No gates?")
+    }
+}

src/field/fft.rs

@@ -128,10 +128,14 @@ pub fn coset_fft<F: Field>(coefficients: Vec<F>, shift: F) -> Vec<F> {
         .collect()
 }
 
-pub fn coset_ifft<F: Field>(points: Vec<F>, shift: F) -> Vec<F> {
-    let shift_inv = shift.inverse();
+pub fn ifft<F: Field>(points: Vec<F>) -> Vec<F> {
     let precomputation = fft_precompute(points.len());
     ifft_with_precomputation_power_of_2(points, &precomputation)
+}
+
+pub fn coset_ifft<F: Field>(points: Vec<F>, shift: F) -> Vec<F> {
+    let shift_inv = shift.inverse();
+    ifft(points)
         .into_iter()
         .map(|x| x * shift_inv)
         .collect()

src/prover.rs

@@ -1,7 +1,10 @@
 use crate::circuit_data::{CommonCircuitData, ProverOnlyCircuitData};
+use crate::field::fft::{fft, ifft};
 use crate::field::field::Field;
 use crate::generator::generate_partial_witness;
-use crate::proof::Proof2;
+use crate::proof::{Proof2, Hash};
+use crate::util::log2_ceil;
+use crate::wire::Wire;
 use crate::witness::PartialWitness;
 
 pub(crate) fn prove<F: Field>(
@@ -12,10 +15,51 @@ pub(crate) fn prove<F: Field>(
     let mut witness = inputs;
     generate_partial_witness(&mut witness, &prover_data.generators);
 
+    let config = common_data.config;
+    let constraint_degree = 1 << log2_ceil(common_data.constraint_degree(config));
+    let lde_size = constraint_degree * common_data.degree;
+
+    let num_wires = config.num_wires;
+    let wire_ldes = (0..num_wires)
+        .map(|i| compute_wire_lde(i, &witness, common_data.degree, lde_size))
+        .collect::<Vec<_>>();
+    let wires_root = merkle_root_batch(wire_ldes);
+
+    let z_ldes = todo!();
+    let plonk_z_root = merkle_root_batch(z_ldes);
+
+    let plonk_t_root = todo!();
+
+    let openings = todo!();
+
     Proof2 {
-        wires_root: todo!(),
-        plonk_z_root: todo!(),
-        plonk_t_root: todo!(),
-        openings: todo!(),
+        wires_root,
+        plonk_z_root,
+        plonk_t_root,
+        openings,
     }
 }
+
+fn merkle_root<F: Field>(vec: Vec<F>) -> Hash<F> {
+    todo!()
+}
+
+fn merkle_root_batch<F: Field>(vecs: Vec<Vec<F>>) -> Hash<F> {
+    todo!()
+}
+
+fn compute_wire_lde<F: Field>(
+    input: usize,
+    witness: &PartialWitness<F>,
+    degree: usize,
+    lde_size: usize,
+) -> Vec<F> {
+    let wire = (0..degree)
+        .map(|gate| witness.get_wire(Wire { gate, input }))
+        .collect();
+    let mut coeffs = ifft(wire);
+    for _ in 0..(lde_size - degree) {
+        coeffs.push(F::ZERO);
+    }
+    fft(coeffs)
+}

src/util.rs

@@ -13,7 +13,7 @@ pub(crate) fn log2_ceil(n: usize) -> usize {
 }
 
 /// Computes `log_2(n)`, panicking if `n` is not a power of two.
-pub fn log2_strict(n: usize) -> usize {
+pub(crate) fn log2_strict(n: usize) -> usize {
     assert!(n.is_power_of_two(), "Not a power of two");
     log2_ceil(n)
 }