diff --git a/src/fri/recursive_verifier.rs b/src/fri/recursive_verifier.rs index fc90be35..35fd6765 100644 --- a/src/fri/recursive_verifier.rs +++ b/src/fri/recursive_verifier.rs @@ -210,8 +210,12 @@ impl, const D: usize> CircuitBuilder { ) -> ExtensionTarget { assert!(D > 1, "Not implemented for D=1."); let config = self.config.clone(); - let degree_log = common_data.config.cap_height + proof.evals_proofs[0].1.siblings.len() - - config.rate_bits; + let degree_log = common_data.degree_bits; + debug_assert_eq!( + degree_log, + common_data.config.cap_height + proof.evals_proofs[0].1.siblings.len() + - config.rate_bits + ); let subgroup_x = self.convert_to_ext(subgroup_x); let vanish_zeta = self.sub_extension(subgroup_x, zeta); let mut alpha = ReducingFactorTarget::new(alpha); @@ -292,7 +296,6 @@ impl, const D: usize> CircuitBuilder { let mut x_index_bits = self.low_bits(x_index, n_log, 64); let cap_index = self.le_sum( x_index_bits[x_index_bits.len() - common_data.config.fri_config.cap_height..] - .to_vec() .into_iter(), ); let mut domain_size = n; diff --git a/src/fri/verifier.rs b/src/fri/verifier.rs index e9f64720..021ab122 100644 --- a/src/fri/verifier.rs +++ b/src/fri/verifier.rs @@ -189,8 +189,11 @@ fn fri_combine_initial, const D: usize>( ) -> F::Extension { let config = &common_data.config; assert!(D > 1, "Not implemented for D=1."); - let degree_log = - common_data.config.cap_height + proof.evals_proofs[0].1.siblings.len() - config.rate_bits; + let degree_log = common_data.degree_bits; + debug_assert_eq!( + degree_log, + common_data.config.cap_height + proof.evals_proofs[0].1.siblings.len() - config.rate_bits + ); let subgroup_x = F::Extension::from_basefield(subgroup_x); let mut alpha = ReducingFactor::new(alpha); let mut sum = F::Extension::ZERO; diff --git a/src/hash/merkle_proofs.rs b/src/hash/merkle_proofs.rs index 5b99fa19..45009c7d 100644 --- a/src/hash/merkle_proofs.rs +++ b/src/hash/merkle_proofs.rs @@ -1,3 +1,5 @@ +use std::convert::TryInto; + use anyhow::{ensure, Result}; use serde::{Deserialize, Serialize}; @@ -111,15 +113,13 @@ impl, const D: usize> CircuitBuilder { } let index = self.le_sum(leaf_index_bits[proof.siblings.len()..].to_vec().into_iter()); - let mut state_ext = [zero; D]; - state_ext[..D].copy_from_slice(&state.elements[..D]); + let state_ext = state.elements[..].try_into().expect("requires D = 4"); let state_ext = ExtensionTarget(state_ext); let cap_ext = merkle_cap .0 .iter() .map(|h| { - let mut tmp = [zero; D]; - tmp[..D].copy_from_slice(&h.elements[..D]); + let tmp = h.elements[..].try_into().expect("requires D = 4"); ExtensionTarget(tmp) }) .collect(); @@ -178,15 +178,13 @@ impl, const D: usize> CircuitBuilder { ) } - let mut state_ext = [zero; D]; - state_ext[..D].copy_from_slice(&state.elements[..D]); + let state_ext = state.elements[..].try_into().expect("requires D = 4"); let state_ext = ExtensionTarget(state_ext); let cap_ext = merkle_cap .0 .iter() .map(|h| { - let mut tmp = [zero; D]; - tmp[..D].copy_from_slice(&h.elements[..D]); + let tmp = h.elements[..].try_into().expect("requires D = 4"); ExtensionTarget(tmp) }) .collect(); diff --git a/src/hash/merkle_tree.rs b/src/hash/merkle_tree.rs index 08e49c42..334e65bf 100644 --- a/src/hash/merkle_tree.rs +++ b/src/hash/merkle_tree.rs @@ -7,6 +7,8 @@ use crate::hash::hashing::{compress, hash_or_noop}; use crate::hash::merkle_proofs::MerkleProof; use crate::util::{log2_strict, reverse_bits, reverse_index_bits_in_place}; +/// The Merkle cap of height `h` of a Merkle tree is the `h`-th layer (from the root) of the tree. +/// It can be used in place of the root to verify Merkle paths, which are `h` elements shorter. #[derive(Clone, Debug, Serialize, Deserialize)] #[serde(bound = "")] pub struct MerkleCap(pub Vec>);