From e50d0aa63d20af951a3f71e0e4f8f80f625a0f12 Mon Sep 17 00:00:00 2001 From: wborgeaud Date: Mon, 7 Jun 2021 21:24:41 +0200 Subject: [PATCH] Interpolation of two points --- src/fri/recursive_verifier.rs | 45 ++++++++++++++++++++++------------- src/gadgets/interpolation.rs | 15 ++++++++++++ src/gadgets/mod.rs | 1 + 3 files changed, 44 insertions(+), 17 deletions(-) create mode 100644 src/gadgets/interpolation.rs diff --git a/src/fri/recursive_verifier.rs b/src/fri/recursive_verifier.rs index edb9b075..bd5559a3 100644 --- a/src/fri/recursive_verifier.rs +++ b/src/fri/recursive_verifier.rs @@ -174,23 +174,34 @@ impl, const D: usize> CircuitBuilder { let quotient = self.div_unsafe_extension(numerator, denominator); let sum = self.add_extension(sum, quotient); - // let ev: F::Extension = proof - // .unsalted_evals(3, config) - // .iter() - // .zip(alpha_powers.clone()) - // .map(|(&e, a)| a * e.into()) - // .sum(); - // let zeta_right = F::Extension::primitive_root_of_unity(degree_log) * zeta; - // let zs_interpol = interpolant(&[ - // (zeta, reduce_with_iter(&os.plonk_zs, alpha_powers.clone())), - // ( - // zeta_right, - // reduce_with_iter(&os.plonk_zs_right, &mut alpha_powers), - // ), - // ]); - // let numerator = ev - zs_interpol.eval(subgroup_x); - // let denominator = (subgroup_x - zeta) * (subgroup_x - zeta_right); - // sum += numerator / denominator; + let evs = proof + .unsalted_evals(3, config) + .iter() + .map(|&e| self.convert_to_ext(e)) + .collect::>(); + let mut ev = self.zero_extension(); + for &e in &evs { + let a = alpha_powers.next(self); + let tmp = self.mul_extension(a, e); + ev = self.add_extension(ev, tmp); + } + + let g = self.constant_extension(F::Extension::primitive_root_of_unity(degree_log)); + let zeta_right = self.mul_extension(g, zeta); + let zs_interpol = self.interpolate2([ + (zeta, reduce_with_iter(&os.plonk_zs, alpha_powers.clone())), + ( + zeta_right, + reduce_with_iter(&os.plonk_zs_right, &mut alpha_powers), + ), + ]); + let interpol_val = zs_interpol.eval(self, subgroup_x); + let numerator = self.sub_extension(ev, interpol_val); + let vanish = self.sub_extension(subgroup_x, zeta); + let vanish_right = self.sub_extension(subgroup_x, zeta_right); + let denominator = self.mul_extension(vanish, vanish_right); + let quotient = self.div_unsafe_extension(numerator, denominator); + let sum = self.add_extension(sum, quotient); // // let ev: F::Extension = proof // .unsalted_evals(2, config) diff --git a/src/gadgets/interpolation.rs b/src/gadgets/interpolation.rs new file mode 100644 index 00000000..6d44cd76 --- /dev/null +++ b/src/gadgets/interpolation.rs @@ -0,0 +1,15 @@ +use crate::circuit_builder::CircuitBuilder; +use crate::field::extension_field::target::ExtensionTarget; +use crate::field::extension_field::Extendable; +use crate::gadgets::polynomial::PolynomialCoeffsExtTarget; + +impl, const D: usize> CircuitBuilder { + /// Interpolate two points. No need for an `InterpolationGate` since the coefficients + /// of the linear interpolation polynomial can be easily computed with arithmetic operations. + pub fn interpolate2( + &mut self, + points: [(ExtensionTarget, ExtensionTarget); 2], + ) -> PolynomialCoeffsExtTarget { + todo!() + } +} diff --git a/src/gadgets/mod.rs b/src/gadgets/mod.rs index 22bef43b..ee331012 100644 --- a/src/gadgets/mod.rs +++ b/src/gadgets/mod.rs @@ -1,5 +1,6 @@ pub mod arithmetic; pub mod hash; +pub mod interpolation; pub mod polynomial; pub mod split_base; pub(crate) mod split_join;