logos-storage/plonky2
1
0
Fork 0
mirror of https://github.com/logos-storage/plonky2.git synced 2026-04-25 04:53:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Little refactor (#178)

Browse Source
This commit is contained in:
Daniel Lubarov 2021-08-14 08:47:03 -07:00 committed by GitHub
parent 47e9f5461e
commit 9c42fef997
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 17 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/fri/mod.rs
View File

@ -4,10 +4,6 @@ pub mod prover;
pub mod recursive_verifier; pub mod recursive_verifier;
pub mod verifier; pub mod verifier;
/// Somewhat arbitrary. Smaller values will increase delta, but with diminishing returns,
/// while increasing L, potentially requiring more challenge points.
const EPSILON: f64 = 0.01;
#[derive(Debug, Clone, Eq, PartialEq)] #[derive(Debug, Clone, Eq, PartialEq)]
pub struct FriConfig { pub struct FriConfig {
pub proof_of_work_bits: u32, pub proof_of_work_bits: u32,
@ -23,26 +19,3 @@ pub struct FriConfig {
pub cap_height: usize, pub cap_height: usize,
} }
fn fri_delta(rate_log: usize, conjecture: bool) -> f64 {
let rate = (1 << rate_log) as f64;
if conjecture {
// See Conjecture 2.3 in DEEP-FRI.
1.0 - rate - EPSILON
} else {
// See the Johnson radius.
1.0 - rate.sqrt() - EPSILON
}
}
fn fri_l(codeword_len: usize, rate_log: usize, conjecture: bool) -> f64 {
let rate = (1 << rate_log) as f64;
if conjecture {
// See Conjecture 2.3 in DEEP-FRI.
// We assume the conjecture holds with a constant of 1 (as do other STARK implementations).
(codeword_len as f64) / EPSILON
} else {
// See the Johnson bound.
1.0 / (2.0 * EPSILON * rate.sqrt())
}
}

6
src/fri/recursive_verifier.rs
View File

@ -22,18 +22,18 @@ impl<F: Extendable<D>, const D: usize> CircuitBuilder<F, D> {
x: Target, x: Target,
x_index_within_coset_bits: &[Target], x_index_within_coset_bits: &[Target],
arity_bits: usize, arity_bits: usize,
last_evals: &[ExtensionTarget<D>], evals: &[ExtensionTarget<D>],
beta: ExtensionTarget<D>, beta: ExtensionTarget<D>,
) -> ExtensionTarget<D> { ) -> ExtensionTarget<D> {
let arity = 1 << arity_bits; let arity = 1 << arity_bits;
debug_assert_eq!(last_evals.len(), arity); debug_assert_eq!(evals.len(), arity);
let g = F::primitive_root_of_unity(arity_bits); let g = F::primitive_root_of_unity(arity_bits);
let g_inv = g.exp((arity as u64) - 1); let g_inv = g.exp((arity as u64) - 1);
let g_inv_t = self.constant(g_inv); let g_inv_t = self.constant(g_inv);
// The evaluation vector needs to be reordered first. // The evaluation vector needs to be reordered first.
let mut evals = last_evals.to_vec(); let mut evals = evals.to_vec();
reverse_index_bits_in_place(&mut evals); reverse_index_bits_in_place(&mut evals);
// Want `g^(arity - rev_x_index_within_coset)` as in the out-of-circuit version. Compute it // Want `g^(arity - rev_x_index_within_coset)` as in the out-of-circuit version. Compute it
// as `(g^-1)^rev_x_index_within_coset`. // as `(g^-1)^rev_x_index_within_coset`.

8
src/fri/verifier.rs
View File

@ -21,24 +21,24 @@ fn compute_evaluation<F: Field + Extendable<D>, const D: usize>(
x: F, x: F,
x_index_within_coset: usize, x_index_within_coset: usize,
arity_bits: usize, arity_bits: usize,
last_evals: &[F::Extension], evals: &[F::Extension],
beta: F::Extension, beta: F::Extension,
) -> F::Extension { ) -> F::Extension {
let arity = 1 << arity_bits; let arity = 1 << arity_bits;
debug_assert_eq!(last_evals.len(), arity); debug_assert_eq!(evals.len(), arity);
let g = F::primitive_root_of_unity(arity_bits); let g = F::primitive_root_of_unity(arity_bits);
// The evaluation vector needs to be reordered first. // The evaluation vector needs to be reordered first.
let mut evals = last_evals.to_vec(); let mut evals = evals.to_vec();
reverse_index_bits_in_place(&mut evals); reverse_index_bits_in_place(&mut evals);
let rev_x_index_within_coset = reverse_bits(x_index_within_coset, arity_bits); let rev_x_index_within_coset = reverse_bits(x_index_within_coset, arity_bits);
let coset_start = x * g.exp((arity - rev_x_index_within_coset) as u64); let coset_start = x * g.exp((arity - rev_x_index_within_coset) as u64);
// The answer is gotten by interpolating {(x*g^i, P(x*g^i))} and evaluating at beta. // The answer is gotten by interpolating {(x*g^i, P(x*g^i))} and evaluating at beta.
let points = g let points = g
.powers() .powers()
.map(|y| (coset_start * y).into())
.zip(evals) .zip(evals)
.map(|(y, e)| ((coset_start * y).into(), e))
.collect::<Vec<_>>(); .collect::<Vec<_>>();
let barycentric_weights = barycentric_weights(&points); let barycentric_weights = barycentric_weights(&points);
interpolate(&points, beta, &barycentric_weights) interpolate(&points, beta, &barycentric_weights)

45
src/gadgets/split_join.rs
View File

@ -1,29 +1,13 @@
use crate::field::extension_field::Extendable; use crate::field::extension_field::Extendable;
use crate::field::field_types::Field; use crate::field::field_types::Field;
use crate::gates::base_sum::BaseSumGate; use crate::gates::base_sum::BaseSumGate;
use crate::iop::generator::{GeneratedValues, SimpleGenerator, WitnessGenerator}; use crate::iop::generator::{GeneratedValues, SimpleGenerator};
use crate::iop::target::Target; use crate::iop::target::Target;
use crate::iop::wire::Wire;
use crate::iop::witness::PartialWitness; use crate::iop::witness::PartialWitness;
use crate::plonk::circuit_builder::CircuitBuilder; use crate::plonk::circuit_builder::CircuitBuilder;
use crate::util::ceil_div_usize; use crate::util::ceil_div_usize;
impl<F: Extendable<D>, const D: usize> CircuitBuilder<F, D> { impl<F: Extendable<D>, const D: usize> CircuitBuilder<F, D> {
/// Split the given integer into a list of virtual targets, where each one represents a bit of
/// the integer, with little-endian ordering.
///
/// Note that this only handles witness generation; it does not enforce that the decomposition
/// is correct. The output should be treated as a "purported" decomposition which must be
/// enforced elsewhere.
pub(crate) fn split_le_virtual(&mut self, integer: Target, num_bits: usize) -> Vec<Target> {
let bit_targets = self.add_virtual_targets(num_bits);
self.add_generator(SplitGenerator {
integer,
bits: bit_targets.clone(),
});
bit_targets
}
/// Split the given integer into a list of wires, where each one represents a /// Split the given integer into a list of wires, where each one represents a
/// bit of the integer, with little-endian ordering. /// bit of the integer, with little-endian ordering.
/// Verifies that the decomposition is correct by using `k` `BaseSum<2>` gates /// Verifies that the decomposition is correct by using `k` `BaseSum<2>` gates
@ -72,33 +56,6 @@ impl<F: Extendable<D>, const D: usize> CircuitBuilder<F, D> {
} }
} }
/// Generator for a little-endian split.
#[must_use]
pub fn split_le_generator<F: Field>(
integer: Target,
bits: Vec<Target>,
) -> Box<dyn WitnessGenerator<F>> {
Box::new(SplitGenerator { integer, bits })
}
/// Generator for a little-endian split.
#[must_use]
pub fn split_le_generator_local_wires<F: Field>(
gate: usize,
integer_input_index: usize,
bit_input_indices: &[usize],
) -> Box<dyn WitnessGenerator<F>> {
let integer = Target::Wire(Wire {
gate,
input: integer_input_index,
});
let bits = bit_input_indices
.iter()
.map(|&input| Target::Wire(Wire { gate, input }))
.collect();
Box::new(SplitGenerator { integer, bits })
}
#[derive(Debug)] #[derive(Debug)]
struct SplitGenerator { struct SplitGenerator {
integer: Target, integer: Target,

4
src/gates/exponentiation.rs
View File

@ -322,14 +322,14 @@ mod tests {
let num_power_bits = power_bits.len(); let num_power_bits = power_bits.len();
let power_bits_F: Vec<_> = power_bits let power_bits_f: Vec<_> = power_bits
.iter() .iter()
.map(|b| F::from_canonical_u64(*b)) .map(|b| F::from_canonical_u64(*b))
.collect(); .collect();
let mut v = Vec::new(); let mut v = Vec::new();
v.push(base); v.push(base);
v.extend(power_bits_F.clone()); v.extend(power_bits_f.clone());
let mut intermediate_values = Vec::new(); let mut intermediate_values = Vec::new();
let mut current_intermediate_value = F::ONE; let mut current_intermediate_value = F::ONE;

6
src/hash/merkle_tree.rs
View File

@ -13,6 +13,12 @@ use crate::util::{log2_strict, reverse_bits, reverse_index_bits_in_place};
#[serde(bound = "")] #[serde(bound = "")]
pub struct MerkleCap<F: Field>(pub Vec<HashOut<F>>); pub struct MerkleCap<F: Field>(pub Vec<HashOut<F>>);
impl<F: Field> MerkleCap<F> {
pub fn flatten(&self) -> Vec<F> {
self.0.iter().flat_map(|h| h.elements).collect()
}
}
#[derive(Clone, Debug)] #[derive(Clone, Debug)]
pub struct MerkleTree<F: Field> { pub struct MerkleTree<F: Field> {
/// The data in the leaves of the Merkle tree. /// The data in the leaves of the Merkle tree.

6
src/plonk/circuit_builder.rs
View File

@ -602,11 +602,7 @@ impl<F: Extendable<D>, const D: usize> CircuitBuilder<F, D> {
// TODO: This should also include an encoding of gate constraints. // TODO: This should also include an encoding of gate constraints.
let circuit_digest_parts = [ let circuit_digest_parts = [
constants_sigmas_cap constants_sigmas_cap.flatten(),
.0
.into_iter()
.flat_map(|h| h.elements)
.collect::<Vec<_>>(),
vec![/* Add other circuit data here */], vec![/* Add other circuit data here */],
]; ];
let circuit_digest = hash_n_to_hash(circuit_digest_parts.concat(), false); let circuit_digest = hash_n_to_hash(circuit_digest_parts.concat(), false);