logos-storage/plonky2
1
0
Fork 0
mirror of https://github.com/logos-storage/plonky2.git synced 2026-05-23 02:09:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Comment out errors

Browse Source
This commit is contained in:
wborgeaud 2021-06-09 17:55:49 +02:00
parent 89761ef22a
commit f7e92af963
5 changed files with 27 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/fri/recursive_verifier.rs
View File

@ -308,14 +308,14 @@ impl<F: Extendable<D>, const D: usize> CircuitBuilder<F, D> {
}; };
let mut evals = round_proof.steps[i].evals.clone(); let mut evals = round_proof.steps[i].evals.clone();
// Insert P(y) into the evaluation vector, since it wasn't included by the prover. // Insert P(y) into the evaluation vector, since it wasn't included by the prover.
evals.insert(x_index & (arity - 1), e_x); // evals.insert(x_index & (arity - 1), e_x);
evaluations.push(evals); // evaluations.push(evals);
self.verify_merkle_proof( // self.verify_merkle_proof(
flatten_target(&evaluations[i]), // flatten_target(&evaluations[i]),
x_index >> arity_bits, // x_index >> arity_bits,
proof.commit_phase_merkle_roots[i], // proof.commit_phase_merkle_roots[i],
&round_proof.steps[i].merkle_proof, // &round_proof.steps[i].merkle_proof,
)?; // )?;
if i > 0 { if i > 0 {
// Update the point x to x^arity. // Update the point x to x^arity.
@ -325,7 +325,7 @@ impl<F: Extendable<D>, const D: usize> CircuitBuilder<F, D> {
} }
domain_size = next_domain_size; domain_size = next_domain_size;
old_x_index = x_index; old_x_index = x_index;
x_index >>= arity_bits; // x_index >>= arity_bits;
} }
let last_evals = evaluations.last().unwrap(); let last_evals = evaluations.last().unwrap();
@ -343,10 +343,8 @@ impl<F: Extendable<D>, const D: usize> CircuitBuilder<F, D> {
// Final check of FRI. After all the reductions, we check that the final polynomial is equal // Final check of FRI. After all the reductions, we check that the final polynomial is equal
// to the one sent by the prover. // to the one sent by the prover.
ensure!( let eval = proof.final_poly.eval_scalar(self, subgroup_x);
proof.final_poly.eval(subgroup_x.into()) == purported_eval, self.assert_equal_extension(eval, purported_eval);
"Final polynomial evaluation is invalid."
);
Ok(()) Ok(())
} }

9
src/gadgets/split_base.rs
View File

@ -48,8 +48,13 @@ impl<F: Extendable<D>, const D: usize> CircuitBuilder<F, D> {
/// Returns `k` such that any number with `k` trailing zeros in base `base` has at least /// Returns `k` such that any number with `k` trailing zeros in base `base` has at least
/// `n` trailing zeros in base 2. /// `n` trailing zeros in base 2.
const fn num_limbs_to_check(n: u32, base: usize) -> usize { const fn num_limbs_to_check(n: u32, base: usize) -> usize {
assert_eq!(base % 2, 0, "Base should be even."); if base % 2 == 1 {
ceil_div_usize(n as usize, base.trailing_zeros() as usize) // Dirty trick to panic if the base is odd.
// TODO: replace with `assert_eq!(base % 2, 0, "Base should be even.")` when stable.
[][0]
} else {
ceil_div_usize(n as usize, base.trailing_zeros() as usize)
}
} }
#[cfg(test)] #[cfg(test)]

12
src/gadgets/split_join.rs
View File

@ -29,24 +29,24 @@ impl<F: Extendable<D>, const D: usize> CircuitBuilder<F, D> {
/// Verifies that the decomposition is correct by using `k` `BaseSum<2>` gates /// Verifies that the decomposition is correct by using `k` `BaseSum<2>` gates
/// with `k` such that `k*num_routed_bits>=64`. /// with `k` such that `k*num_routed_bits>=64`.
pub(crate) fn split_le(&mut self, integer: Target) -> Vec<Target> { pub(crate) fn split_le(&mut self, integer: Target) -> Vec<Target> {
let num_limbs = self.config.num_routed_wires - BaseSumGate::WIRE_LIMBS_START; let num_limbs = self.config.num_routed_wires - BaseSumGate::<2>::WIRE_LIMBS_START;
let k = ceil_div_usize(64, num_limbs); let k = ceil_div_usize(64, num_limbs);
let gates = (0..k) let gates = (0..k)
.map(|_| self.add_gate_no_constants(BaseSumGate::new(num_limbs))) .map(|_| self.add_gate_no_constants(BaseSumGate::<2>::new(num_limbs)))
.collect::<Vec<_>>(); .collect::<Vec<_>>();
let mut bits = Vec::with_capacity(64); let mut bits = Vec::with_capacity(64);
for &gate in &gates { for &gate in &gates {
bits.extend(Target::wires_from_range( bits.extend(Target::wires_from_range(
gate, gate,
BaseSumGate::WIRE_LIMBS_START..BaseSumGate::WIRE_LIMBS_START + num_limbs, BaseSumGate::<2>::WIRE_LIMBS_START..BaseSumGate::<2>::WIRE_LIMBS_START + num_limbs,
)); ));
} }
let zero = self.zero(); let zero = self.zero();
let mut acc = zero; let mut acc = zero;
for &gate in gates.iter().rev() { for &gate in gates.iter().rev() {
let sum = Target::wire(gate, BaseSumGate::WIRE_SUM); let sum = Target::wire(gate, BaseSumGate::<2>::WIRE_SUM);
acc = self.arithmetic( acc = self.arithmetic(
F::from_canonical_usize(1 << num_limbs), F::from_canonical_usize(1 << num_limbs),
acc, acc,
@ -140,8 +140,8 @@ impl<F: Field> SimpleGenerator<F> for WireSplitGenerator {
let mut integer_value = witness.get_target(self.integer).to_canonical_u64(); let mut integer_value = witness.get_target(self.integer).to_canonical_u64();
let mut result = PartialWitness::new(); let mut result = PartialWitness::new();
for gate in self.gates { for &gate in &self.gates {
let sum = Target::wire(gate, BaseSumGate::WIRE_SUM); let sum = Target::wire(gate, BaseSumGate::<2>::WIRE_SUM);
result.set_target( result.set_target(
sum, sum,
F::from_canonical_u64(integer_value & ((1 << self.num_limbs) - 1)), F::from_canonical_u64(integer_value & ((1 << self.num_limbs) - 1)),

1
src/proof.rs
View File

@ -144,6 +144,7 @@ pub struct FriProofTarget<const D: usize> {
pub pow_witness: Target, pub pow_witness: Target,
} }
#[derive(Clone, Debug)]
/// The purported values of each polynomial at a single point. /// The purported values of each polynomial at a single point.
pub struct OpeningSet<F: Field + Extendable<D>, const D: usize> { pub struct OpeningSet<F: Field + Extendable<D>, const D: usize> {
pub constants: Vec<F::Extension>, pub constants: Vec<F::Extension>,

4
src/verifier.rs
View File

@ -55,13 +55,13 @@ pub(crate) fn verify<F: Extendable<D>, const D: usize>(
); );
// Check each polynomial identity, of the form `vanishing(x) = Z_H(x) quotient(x)`, at zeta. // Check each polynomial identity, of the form `vanishing(x) = Z_H(x) quotient(x)`, at zeta.
let quotient_polys_zeta = proof.openings.quotient_polys; let quotient_polys_zeta = &proof.openings.quotient_polys;
let z_h_zeta = eval_zero_poly(common_data.degree(), zeta); let z_h_zeta = eval_zero_poly(common_data.degree(), zeta);
for i in 0..num_challenges { for i in 0..num_challenges {
ensure!(vanishing_polys_zeta[i] == z_h_zeta * quotient_polys_zeta[i]); ensure!(vanishing_polys_zeta[i] == z_h_zeta * quotient_polys_zeta[i]);
} }
let evaluations = proof.openings; let evaluations = proof.openings.clone();
let merkle_roots = &[ let merkle_roots = &[
verifier_data.constants_root, verifier_data.constants_root,