diff --git a/src/bin/bench_recursion.rs b/src/bin/bench_recursion.rs index b55ee841..b75d4bdc 100644 --- a/src/bin/bench_recursion.rs +++ b/src/bin/bench_recursion.rs @@ -5,9 +5,6 @@ use plonky2::field::crandall_field::CrandallField; use plonky2::field::extension_field::Extendable; use plonky2::field::field::Field; use plonky2::fri::FriConfig; -use plonky2::gates::constant::ConstantGate; -use plonky2::gates::gmimc::GMiMCGate; -use plonky2::hash::GMIMC_ROUNDS; use plonky2::witness::PartialWitness; fn main() { diff --git a/src/gadgets/insert.rs b/src/gadgets/insert.rs index aee4dcd3..734b6c03 100644 --- a/src/gadgets/insert.rs +++ b/src/gadgets/insert.rs @@ -37,8 +37,7 @@ impl, const D: usize> CircuitBuilder { self.sub(one, not_equal) } - /// Inserts a `Target` in a vector at a non-deterministic index. This is done by rotating to the - /// left, inserting at 0 and then rotating to the right. + /// Inserts a `Target` in a vector at a non-deterministic index. /// Note: `index` is not range-checked. pub fn insert( &mut self, @@ -49,9 +48,8 @@ impl, const D: usize> CircuitBuilder { let mut already_inserted = self.zero(); let mut new_list = Vec::new(); + let one = self.one(); for i in 0..=v.len() { - let one = self.one(); - let cur_index = self.constant(F::from_canonical_usize(i)); let insert_here = self.is_equal(cur_index, index); @@ -108,6 +106,7 @@ mod tests { let elem = builder.constant_extension(FF::rand()); let inserted = real_insert(i, elem, &v); let purported_inserted = builder.insert(it, elem, v.clone()); + assert_eq!(inserted.len(), purported_inserted.len()); for (x, y) in inserted.into_iter().zip(purported_inserted) { diff --git a/src/polynomial/commitment.rs b/src/polynomial/commitment.rs index d27718ae..8e3a5579 100644 --- a/src/polynomial/commitment.rs +++ b/src/polynomial/commitment.rs @@ -7,7 +7,7 @@ use crate::field::extension_field::target::ExtensionTarget; use crate::field::extension_field::Extendable; use crate::field::extension_field::{FieldExtension, Frobenius}; use crate::field::field::Field; -use crate::fri::{prover::fri_proof, verifier::verify_fri_proof, FriConfig}; +use crate::fri::{prover::fri_proof, verifier::verify_fri_proof}; use crate::merkle_tree::MerkleTree; use crate::plonk_challenger::{Challenger, RecursiveChallenger}; use crate::plonk_common::PlonkPolynomials; diff --git a/src/polynomial/polynomial.rs b/src/polynomial/polynomial.rs index aa06d641..81d07b8f 100644 --- a/src/polynomial/polynomial.rs +++ b/src/polynomial/polynomial.rs @@ -1,7 +1,6 @@ use std::cmp::max; use std::iter::Sum; use std::ops::{Add, AddAssign, Mul, MulAssign, Sub, SubAssign}; -use std::time::Instant; use anyhow::{ensure, Result}; diff --git a/src/verifier.rs b/src/verifier.rs index e1d6d967..864a2c15 100644 --- a/src/verifier.rs +++ b/src/verifier.rs @@ -61,6 +61,11 @@ pub(crate) fn verify, const D: usize>( let quotient_polys_zeta = &proof.openings.quotient_polys; let zeta_pow_deg = zeta.exp_power_of_2(common_data.degree_bits); let z_h_zeta = zeta_pow_deg - F::Extension::ONE; + // `quotient_polys_zeta` holds `num_challenges * quotient_degree_factor` evaluations. + // Each chunk of `quotient_degree_factor` holds the evaluations of `t_0(zeta),...,t_{quotient_degree_factor-1}(zeta)` + // where the "real" quotient polynomial is `t(X) = t_0(X) + t_1(X)*X^n + t_2(X)*X^{2n} + ...`. + // So to reconstruct `t(zeta)` we can compute `reduce_with_powers(chunk, zeta^n)` for each + // `quotient_degree_factor`-sized chunk of the original evaluations. for (i, chunk) in quotient_polys_zeta .chunks(common_data.quotient_degree_factor) .enumerate()