logos-storage/plonky2
1
0
Fork 0
mirror of https://github.com/logos-storage/plonky2.git synced 2026-02-25 08:13:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

PR feedback

Browse Source
This commit is contained in:
wborgeaud 2022-10-03 11:44:52 +02:00
parent 3579f9e875
commit 668957176a
7 changed files with 44 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
evm/src/all_stark.rs
View File

@ -221,7 +221,7 @@ mod tests {
keccak_memory_stark: &KeccakMemoryStark<F, D>,
config: &StarkConfig,
) -> Vec<PolynomialValues<F>> {
keccak_memory_stark.generate_trace(vec![], 1 << config.fri_config.cap_height)
keccak_memory_stark.generate_trace(vec![], config.fri_config.num_cap_elements())
}
fn make_logic_trace<R: Rng>(
@ -764,7 +764,13 @@ mod tests {
let circuit_config = CircuitConfig::standard_recursion_config();
let mut builder = CircuitBuilder::<F, D>::new(circuit_config);
let mut pw = PartialWitness::new();
recursive_all_proof.verify_circuit(&mut builder, &mut pw, &verifier_data, inner_config);
recursive_all_proof.verify_circuit(
&mut builder,
&mut pw,
&verifier_data,
inner_all_stark.cross_table_lookups,
inner_config,
);
let data = builder.build::<C>();
let proof = data.prove(pw)?;

1
evm/src/cross_table_lookup.rs
View File

@ -509,6 +509,7 @@ impl<'a, F: Field, const D: usize> CtlCheckVarsTarget<'a, F, D> {
}
}
}
assert!(ctl_zs.next().is_none());
ctl_vars
}
}

2
evm/src/generation/mod.rs
View File

@ -95,7 +95,7 @@ pub(crate) fn generate_traces<F: RichField + Extendable<D>, const D: usize>(
let keccak_trace = all_stark.keccak_stark.generate_trace(keccak_inputs);
let keccak_memory_trace = all_stark
.keccak_memory_stark
.generate_trace(keccak_memory_inputs, 1 << config.fri_config.cap_height);
.generate_trace(keccak_memory_inputs, config.fri_config.num_cap_elements());
let logic_trace = all_stark.logic_stark.generate_trace(logic_ops);
let memory_trace = all_stark.memory_stark.generate_trace(memory.log);
let traces = [

4
evm/src/proof.rs
View File

@ -28,10 +28,6 @@ impl<F: RichField + Extendable<D>, C: GenericConfig<D, F = F>, const D: usize> A
pub fn degree_bits(&self, config: &StarkConfig) -> [usize; NUM_TABLES] {
std::array::from_fn(|i| self.stark_proofs[i].recover_degree_bits(config))
}
pub fn nums_ctl_zs(&self) -> [usize; NUM_TABLES] {
std::array::from_fn(|i| self.stark_proofs[i].num_ctl_zs())
}
}
pub(crate) struct AllProofChallenges<F: RichField + Extendable<D>, const D: usize> {

55
evm/src/recursive_verifier.rs
View File

@ -52,7 +52,6 @@ pub struct RecursiveAllProof<
const D: usize,
> {
pub recursive_proofs: [ProofWithPublicInputs<F, C, D>; NUM_TABLES],
pub cross_table_lookups: Vec<CrossTableLookup<F>>,
}
struct PublicInputs<T: Copy + Eq + PartialEq + Debug> {
@ -63,30 +62,32 @@ struct PublicInputs<T: Copy + Eq + PartialEq + Debug> {
challenger_state_after: [T; SPONGE_WIDTH],
}
/// Similar to the unstable `Iterator::next_chunk`. Could be replaced with that when it's stable.
fn next_chunk<T: Debug, const N: usize>(iter: &mut impl Iterator<Item = T>) -> [T; N] {
(0..N)
.flat_map(|_| iter.next())
.collect_vec()
.try_into()
.expect("Not enough elements")
}
impl<T: Copy + Eq + PartialEq + Debug> PublicInputs<T> {
fn from_vec(v: &[T], config: &StarkConfig) -> Self {
let mut start = 0;
let trace_cap = v[start..4 * (1 << config.fri_config.cap_height)]
.chunks(4)
.map(|chunk| chunk.to_vec())
let mut iter = v.iter().copied();
let trace_cap = (0..1 << config.fri_config.cap_height)
.map(|_| next_chunk::<_, 4>(&mut iter).to_vec())
.collect();
start += 4 * (1 << config.fri_config.cap_height);
let ctl_challenges = GrandProductChallengeSet {
challenges: (0..config.num_challenges)
.map(|i| GrandProductChallenge {
beta: v[start + 2 * i],
gamma: v[start + 2 * i + 1],
.map(|_| GrandProductChallenge {
beta: iter.next().unwrap(),
gamma: iter.next().unwrap(),
})
.collect(),
};
start += 2 * config.num_challenges;
let challenger_state_before = v[start..start + SPONGE_WIDTH].try_into().unwrap();
let challenger_state_after = v[start + SPONGE_WIDTH..start + 2 * SPONGE_WIDTH]
.try_into()
.unwrap();
start += 2 * SPONGE_WIDTH;
let ctl_zs_last = v[start..].to_vec();
let challenger_state_before = next_chunk(&mut iter);
let challenger_state_after = next_chunk(&mut iter);
let ctl_zs_last = iter.collect();
Self {
trace_cap,
@ -105,6 +106,7 @@ impl<F: RichField + Extendable<D>, C: GenericConfig<D, F = F>, const D: usize>
pub fn verify(
self,
verifier_data: &[VerifierCircuitData<F, C, D>; NUM_TABLES],
cross_table_lookups: Vec<CrossTableLookup<F>>,
inner_config: &StarkConfig,
) -> Result<()>
where
@ -137,7 +139,7 @@ impl<F: RichField + Extendable<D>, C: GenericConfig<D, F = F>, const D: usize>
// Verify the CTL checks.
let degrees_bits = std::array::from_fn(|i| verifier_data[i].common.degree_bits);
verify_cross_table_lookups::<F, C, D>(
self.cross_table_lookups,
cross_table_lookups,
pis.map(|p| p.ctl_zs_last),
degrees_bits,
ctl_challenges,
@ -157,6 +159,7 @@ impl<F: RichField + Extendable<D>, C: GenericConfig<D, F = F>, const D: usize>
builder: &mut CircuitBuilder<F, D>,
pw: &mut W,
verifier_data: &[VerifierCircuitData<F, C, D>; NUM_TABLES],
cross_table_lookups: Vec<CrossTableLookup<F>>,
inner_config: &StarkConfig,
) where
W: Witness<F>,
@ -226,7 +229,7 @@ impl<F: RichField + Extendable<D>, C: GenericConfig<D, F = F>, const D: usize>
let degrees_bits = std::array::from_fn(|i| verifier_data[i].common.degree_bits);
verify_cross_table_lookups_circuit::<F, C, D>(
builder,
self.cross_table_lookups,
cross_table_lookups,
pis.map(|p| p.ctl_zs_last),
degrees_bits,
ctl_challenges,
@ -251,7 +254,7 @@ fn recursively_verify_stark_proof<
proof: &StarkProof<F, C, D>,
cross_table_lookups: &[CrossTableLookup<F>],
ctl_challenges: &GrandProductChallengeSet<F>,
challenger_state_before: [F; SPONGE_WIDTH],
challenger_state_before_vals: [F; SPONGE_WIDTH],
inner_config: &StarkConfig,
circuit_config: &CircuitConfig,
) -> Result<(ProofWithPublicInputs<F, C, D>, VerifierCircuitData<F, C, D>)>
@ -309,9 +312,10 @@ where
num_permutation_zs,
);
let challenger_state = std::array::from_fn(|_| builder.add_virtual_public_input());
pw.set_target_arr(challenger_state, challenger_state_before);
let mut challenger = RecursiveChallenger::<F, C::Hasher, D>::from_state(challenger_state);
let challenger_state_before = std::array::from_fn(|_| builder.add_virtual_public_input());
pw.set_target_arr(challenger_state_before, challenger_state_before_vals);
let mut challenger =
RecursiveChallenger::<F, C::Hasher, D>::from_state(challenger_state_before);
let challenges = proof_target.get_challenges::<F, C>(
&mut builder,
&mut challenger,
@ -319,8 +323,8 @@ where
num_permutation_batch_size,
inner_config,
);
let challenger_state = challenger.compact(&mut builder);
builder.register_public_inputs(&challenger_state);
let challenger_state_after = challenger.compact(&mut builder);
builder.register_public_inputs(&challenger_state_after);
builder.register_public_inputs(&proof_target.openings.ctl_zs_last);
@ -563,7 +567,6 @@ where
)?
.0,
],
cross_table_lookups: all_stark.cross_table_lookups.clone(),
})
}

4
plonky2/src/fri/mod.rs
View File

@ -45,6 +45,10 @@ impl FriConfig {
reduction_arity_bits,
}
}
pub fn num_cap_elements(&self) -> usize {
1 << self.cap_height
}
}
/// FRI parameters, including generated parameters which are specific to an instance size, in

2
plonky2/src/iop/challenger.rs
View File

@ -129,7 +129,7 @@ impl<F: RichField, H: Hasher<F>> Challenger<F, H> {
/// Absorb any buffered inputs. After calling this, the input buffer will be empty, and the
/// output buffer will be full.
pub fn duplexing(&mut self) {
fn duplexing(&mut self) {
assert!(self.input_buffer.len() <= SPONGE_RATE);
// Overwrite the first r elements with the inputs. This differs from a standard sponge,