From d7d50e9d5ad7a8311c0d1aa6a166aad67efc82a7 Mon Sep 17 00:00:00 2001
From: Daniel Lubarov <daniel@lubarov.com>
Date: Mon, 19 Sep 2022 23:04:53 -0700
Subject: [PATCH] Minor

---
 evm/src/verifier.rs                 | 24 ++++++++----
 plonky2/src/plonk/validate_shape.rs | 28 +++++++++-----
 starky/src/verifier.rs              | 57 ++++++++++++++++++-----------
 3 files changed, 71 insertions(+), 38 deletions(-)

diff --git a/evm/src/verifier.rs b/evm/src/verifier.rs
index 8c238e93..53ac3c7c 100644
--- a/evm/src/verifier.rs
+++ b/evm/src/verifier.rs
@@ -228,20 +228,30 @@ where
         opening_proof: _,
     } = proof;
 
+    let StarkOpeningSet {
+        local_values,
+        next_values,
+        permutation_ctl_zs,
+        permutation_ctl_zs_next,
+        ctl_zs_last,
+        quotient_polys,
+    } = openings;
+
     let degree_bits = proof.recover_degree_bits(config);
     let fri_params = config.fri_params(degree_bits);
     let cap_height = fri_params.config.cap_height;
+    let num_zs = num_ctl_zs + stark.num_permutation_batches(config);
+
     ensure!(trace_cap.height() == cap_height);
     ensure!(permutation_ctl_zs_cap.height() == cap_height);
     ensure!(quotient_polys_cap.height() == cap_height);
 
-    ensure!(openings.local_values.len() == S::COLUMNS);
-    ensure!(openings.next_values.len() == S::COLUMNS);
-    let num_zs = num_ctl_zs + stark.num_permutation_batches(config);
-    ensure!(openings.permutation_ctl_zs.len() == num_zs);
-    ensure!(openings.permutation_ctl_zs_next.len() == num_zs);
-    ensure!(openings.ctl_zs_last.len() == num_ctl_zs);
-    ensure!(openings.quotient_polys.len() == stark.num_quotient_polys(config));
+    ensure!(local_values.len() == S::COLUMNS);
+    ensure!(next_values.len() == S::COLUMNS);
+    ensure!(permutation_ctl_zs.len() == num_zs);
+    ensure!(permutation_ctl_zs_next.len() == num_zs);
+    ensure!(ctl_zs_last.len() == num_ctl_zs);
+    ensure!(quotient_polys.len() == stark.num_quotient_polys(config));
 
     Ok(())
 }
diff --git a/plonky2/src/plonk/validate_shape.rs b/plonky2/src/plonk/validate_shape.rs
index 3e0082fc..f7ec1b6e 100644
--- a/plonky2/src/plonk/validate_shape.rs
+++ b/plonky2/src/plonk/validate_shape.rs
@@ -4,7 +4,7 @@ use plonky2_field::extension::Extendable;
 use crate::hash::hash_types::RichField;
 use crate::plonk::circuit_data::CommonCircuitData;
 use crate::plonk::config::{GenericConfig, Hasher};
-use crate::plonk::proof::{Proof, ProofWithPublicInputs};
+use crate::plonk::proof::{OpeningSet, Proof, ProofWithPublicInputs};
 
 pub(crate) fn validate_proof_with_pis_shape<F, C, const D: usize>(
     proof_with_pis: &ProofWithPublicInputs<F, C, D>,
@@ -50,20 +50,28 @@ where
         opening_proof: _,
     } = proof;
 
+    let OpeningSet {
+        constants,
+        plonk_sigmas,
+        wires,
+        plonk_zs,
+        plonk_zs_next,
+        partial_products,
+        quotient_polys,
+    } = openings;
+
     let cap_height = common_data.fri_params.config.cap_height;
     ensure!(wires_cap.height() == cap_height);
     ensure!(plonk_zs_partial_products_cap.height() == cap_height);
     ensure!(quotient_polys_cap.height() == cap_height);
 
-    ensure!(openings.constants.len() == common_data.num_constants);
-    ensure!(openings.plonk_sigmas.len() == config.num_routed_wires);
-    ensure!(openings.wires.len() == config.num_wires);
-    ensure!(openings.plonk_zs.len() == config.num_challenges);
-    ensure!(openings.plonk_zs_next.len() == config.num_challenges);
-    ensure!(
-        openings.partial_products.len() == config.num_challenges * common_data.num_partial_products
-    );
-    ensure!(openings.quotient_polys.len() == common_data.num_quotient_polys());
+    ensure!(constants.len() == common_data.num_constants);
+    ensure!(plonk_sigmas.len() == config.num_routed_wires);
+    ensure!(wires.len() == config.num_wires);
+    ensure!(plonk_zs.len() == config.num_challenges);
+    ensure!(plonk_zs_next.len() == config.num_challenges);
+    ensure!(partial_products.len() == config.num_challenges * common_data.num_partial_products);
+    ensure!(quotient_polys.len() == common_data.num_quotient_polys());
 
     Ok(())
 }
diff --git a/starky/src/verifier.rs b/starky/src/verifier.rs
index d4847859..18ae9a27 100644
--- a/starky/src/verifier.rs
+++ b/starky/src/verifier.rs
@@ -55,6 +55,7 @@ where
     [(); S::PUBLIC_INPUTS]:,
     [(); C::Hasher::HASH_SIZE]:,
 {
+    validate_proof_shape(&stark, &proof_with_pis, config)?;
     check_permutation_options(&stark, &proof_with_pis, &challenges)?;
     let StarkProofWithPublicInputs {
         proof,
@@ -146,7 +147,7 @@ where
 
 fn validate_proof_shape<F, C, S, const D: usize>(
     stark: &S,
-    proof_with_pis: StarkProofWithPublicInputs<F, C, D>,
+    proof_with_pis: &StarkProofWithPublicInputs<F, C, D>,
     config: &StarkConfig,
 ) -> anyhow::Result<()>
 where
@@ -156,21 +157,29 @@ where
     [(); S::COLUMNS]:,
     [(); C::Hasher::HASH_SIZE]:,
 {
-    let degree_bits = proof_with_pis.proof.recover_degree_bits(config);
-
     let StarkProofWithPublicInputs {
-        proof:
-            StarkProof {
-                trace_cap,
-                permutation_zs_cap,
-                quotient_polys_cap,
-                openings,
-                // The shape of the opening proof will be checked in the FRI verifier (see
-                // validate_fri_proof_shape), so we ignore it here.
-                opening_proof: _,
-            },
+        proof,
         public_inputs,
     } = proof_with_pis;
+    let degree_bits = proof.recover_degree_bits(config);
+
+    let StarkProof {
+        trace_cap,
+        permutation_zs_cap,
+        quotient_polys_cap,
+        openings,
+        // The shape of the opening proof will be checked in the FRI verifier (see
+        // validate_fri_proof_shape), so we ignore it here.
+        opening_proof: _,
+    } = proof;
+
+    let StarkOpeningSet {
+        local_values,
+        next_values,
+        permutation_zs,
+        permutation_zs_next,
+        quotient_polys,
+    } = openings;
 
     ensure!(public_inputs.len() == S::PUBLIC_INPUTS);
 
@@ -181,22 +190,28 @@ where
     ensure!(trace_cap.height() == cap_height);
     ensure!(quotient_polys_cap.height() == cap_height);
 
-    ensure!(openings.local_values.len() == S::COLUMNS);
-    ensure!(openings.next_values.len() == S::COLUMNS);
-    ensure!(openings.quotient_polys.len() == stark.num_quotient_polys(config));
+    ensure!(local_values.len() == S::COLUMNS);
+    ensure!(next_values.len() == S::COLUMNS);
+    ensure!(quotient_polys.len() == stark.num_quotient_polys(config));
 
     if stark.uses_permutation_args() {
-        let permutation_zs_cap = permutation_zs_cap.ok_or_else(|| anyhow!("Missing Zs cap"))?;
-        let permutation_zs = openings
-            .permutation_zs
+        let permutation_zs_cap = permutation_zs_cap
+            .as_ref()
+            .ok_or_else(|| anyhow!("Missing Zs cap"))?;
+        let permutation_zs = permutation_zs
+            .as_ref()
             .ok_or_else(|| anyhow!("Missing permutation_zs"))?;
-        let permutation_zs_next = openings
-            .permutation_zs_next
+        let permutation_zs_next = permutation_zs_next
+            .as_ref()
             .ok_or_else(|| anyhow!("Missing permutation_zs_next"))?;
 
         ensure!(permutation_zs_cap.height() == cap_height);
         ensure!(permutation_zs.len() == num_zs);
         ensure!(permutation_zs_next.len() == num_zs);
+    } else {
+        ensure!(permutation_zs_cap.is_none());
+        ensure!(permutation_zs.is_none());
+        ensure!(permutation_zs_next.is_none());
     }
 
     Ok(())