logos-storage/plonky2
1
0
Fork 0
mirror of https://github.com/logos-storage/plonky2.git synced 2026-01-03 22:33:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,838 Commits 4 Branches 0 Tags 17 MiB
Commit Graph

1838 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
wborgeaud
47523c086a Minor 2022-03-03 07:59:47 +01:00
wborgeaud
90df0d9d3a Clippy 2022-03-03 07:59:44 +01:00
wborgeaud
f6525ed11a Add wide config for ECDSA in < 2^16 gates 2022-03-03 07:59:32 +01:00
Daniel Lubarov
7329dade94
IS_MUL -> IS_MUL_ADD (#510) 2022-03-02 22:49:57 -08:00
Hamish Ivey-Law
2644f5f74a
System Zero subtraction operation (#508) 
* First draft of subtraction operation.

* Daniel comments.

* Fix constraint calculation.

* cargo fmt

* Align native and recursive eval functions; fix typo.
 2022-03-03 14:18:19 +11:00
wborgeaud
c8d3335bce ECDSA verification in 101k gates 2022-03-02 13:37:01 +01:00
wborgeaud
2571862f00 Working GLV decomposition check 2022-03-02 13:31:16 +01:00
wborgeaud
7c70c46ca7 Working GLV with MSM 2022-03-02 13:19:31 +01:00
wborgeaud
850df4dfb1 Add fixed base file 2022-03-02 11:16:32 +01:00
wborgeaud
6f3ca6a0bc Fixed base works 2022-03-02 11:04:05 +01:00
wborgeaud
ba5b1f7278 Fix set_biguint_target 2022-03-02 10:27:20 +01:00
wborgeaud
74cf1d3887 Minor improvement 2022-03-01 07:59:35 +01:00
wborgeaud
61af3a0de2 Cleaning 2022-02-25 19:39:30 +01:00
wborgeaud
efb074b247 Works with 2 2022-02-25 17:21:35 +01:00
wborgeaud
772ff8d69a Works 2022-02-25 16:30:01 +01:00
Nicholas Ward
6b386e756a
Merge pull request #503 from mir-protocol/ecdsa_target_visibility 
ECDSA targets visibility
 2022-02-24 12:44:03 -08:00
Nicholas Ward
bd7f43adc2 visibility 2022-02-24 10:19:16 -08:00
Nicholas Ward
7b4ddf852c
Merge pull request #502 from mir-protocol/ecdsa_secret_to_public 
ECDSA secret_to_public fn
 2022-02-24 10:09:08 -08:00
Nicholas Ward
383b8b68b3 secret_to_public fn 2022-02-24 10:01:38 -08:00
wborgeaud
517d26e4c1
Merge pull request #499 from mir-protocol/stark_permutation_checks 
Stark verifier permutation checks
 2022-02-23 09:56:02 +01:00
wborgeaud
dd4cc21309 PR feedback 2022-02-23 09:36:28 +01:00
wborgeaud
8c5cbbc7c6 Add first row Z check 2022-02-22 17:40:48 +01:00
wborgeaud
17bbc6f3e4 Minor 2022-02-22 17:30:08 +01:00
wborgeaud
a31c58b69d Use ReducingFactor 2022-02-22 17:23:55 +01:00
wborgeaud
150d764440 Simplification 2022-02-22 17:00:08 +01:00
wborgeaud
4ea418a486 Clippy 2022-02-22 16:35:20 +01:00
wborgeaud
064b3c07a8 Forgot to set permutation cap 2022-02-22 16:18:41 +01:00
wborgeaud
6cd2fc62b5 Should work (does not) 2022-02-22 11:44:24 +01:00
wborgeaud
ed4aef0fa0 Fill permutation todos 2022-02-22 10:46:51 +01:00
wborgeaud
56e269e27a Working (not recursively) 2022-02-22 10:37:08 +01:00
Jakub Nabaglo
c7af639579
Restore vectorization to full Poseidon rounds on Aarch64 (#498) 
* Restore vectorization to full Poseidon layers on Aarch64

* Typos
 2022-02-21 17:45:01 -08:00
wborgeaud
85c1e1d5e0 Should work (does not) 2022-02-21 18:00:03 +01:00
wborgeaud
5c1173379e Compiles 2022-02-21 16:05:24 +01:00
wborgeaud
79ba85eb08 Compiles 2022-02-21 10:52:04 +01:00
wborgeaud
f4a29a0249 Merge branch 'main' into stark_permutation_checks 2022-02-21 10:19:12 +01:00
wborgeaud
d52fabaf26 First pass 2022-02-21 10:18:05 +01:00
Daniel Lubarov
6072fab077
Implement a mul-add circuit in the ALU (#495) 
* Implement a mul-add circuit in the ALU

The inputs are assumed to be `u32`s, while the output is encoded as four `u16 limbs`. Each output limb is range-checked.

So, our basic mul-add constraint looks like

    out_0 + 2^16 out_1 + 2^32 out_2 + 2^48 out_3 = in_1 * in_2 + in_3

The right hand side will never overflow, since `u32::MAX * u32::MAX + u32::MAX < |F|`. However, the left hand side could overflow, even though we know each limb is less than `2^16`.

For example, an operation like `0 * 0 + 0` could have two possible outputs, 0 and `|F|`, both of which would satisfy the constraint above. To prevent these non-canonical outputs, we need a comparison to enforce that `out < |F|`.

Thankfully, `F::MAX` has all zeros in its low 32 bits, so `x <= F::MAX` is equivalent to `x_lo == 0 || x_hi != u32::MAX`. `x_hi != u32::MAX` can be checked by showing that `u32::MAX - x_hi` has an inverse. If `x_hi != u32::MAX`, the prover provides this (purported) inverse in an advice column.

See @bobbinth's [post](https://hackmd.io/NC-yRmmtRQSvToTHb96e8Q#Checking-element-validity) for details. That post calls the purported inverse column `m`; I named it `canonical_inv` in this code.

* fix

* PR feedback

* naming
 2022-02-21 00:39:04 -08:00
Daniel Lubarov
bc3685587c
Rename constraint methods (#497) 
Most of our constraints apply to all rows, and it seems safest to make that the "default".
 2022-02-20 16:48:31 -08:00
Daniel Lubarov
bedd2aa711
Rename arithmetic unit to ALU (#496) 2022-02-19 17:32:11 -08:00
wborgeaud
9516e14c3e
Merge pull request #491 from mir-protocol/fix_reduction_strategy 
Fix reduction strategy
 2022-02-18 17:07:03 +01:00
Jakub Nabaglo
a736aa8e70
Update MDS matrix and round consts in Poseidon; disable vectorization (#493) 2022-02-17 22:01:07 -08:00
wborgeaud
67cb5dfd58 PR feedback 2022-02-17 08:26:23 +01:00
Daniel Lubarov
431faccbdb
Change compute_permutation_z_polys to batch permutation checks (#492) 
* Change `compute_permutation_z_polys` to batch permutation checks

* feedback
 2022-02-16 23:37:20 -07:00
Nicholas Ward
20fc5e2da5 merge fixes 2022-02-16 11:36:51 -08:00
Nicholas Ward
74cf5da8e0 clippy 2022-02-16 11:31:45 -08:00
Nicholas Ward
25555c15e0 fixed native GLV; fixed precompute window; other fixes 2022-02-16 11:31:43 -08:00
Nicholas Ward
8ad193db17 use windowed mul in GLV 2022-02-16 11:31:29 -08:00
Nicholas Ward
1e3743f46c fmt 2022-02-16 11:31:29 -08:00
Nicholas Ward
0140f7a3cf fixes 2022-02-16 11:31:29 -08:00
Nicholas Ward
e88564ce5e correct point subtraction 2022-02-16 11:31:29 -08:00