logos-storage/plonky2
1
0
Fork 0
mirror of https://github.com/logos-storage/plonky2.git synced 2026-01-10 09:43:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
245 Commits 4 Branches 0 Tags 17 MiB
Commit Graph

46 Commits

Author SHA1 Message Date
Daniel Lubarov
cb7f8c8b8c
Draw challenge points from the extension field (#51) 
* Draw challenge points from the extension field

* Now building

* Misc

* Default eval_unfiltered_base

* fmt

* A few field settings

* Add to Sage

* Display tweak

* eval_filtered_base

* Quartic in bench

* Missing methods

* Fix tests

* PR feedback
 2021-05-30 13:25:53 -07:00
Daniel Lubarov
26845c5910 Compute the three quotient polys in parallel 
Reduces that step from ~0.19s to ~0.09s on my laptop.
 2021-05-23 22:21:27 -07:00
wborgeaud
9cd00532ce Generic tests 2021-05-18 16:06:47 +02:00
wborgeaud
adf5c2d4ec Const generics everywhere 2021-05-18 15:44:50 +02:00
wborgeaud
a2cf2c03b6 Working FRI with field extensions 2021-05-18 15:22:06 +02:00
Daniel Lubarov
de0b382fb6 Merge pull request #39 from mir-protocol/three_zeta 
Use num_checks zetas
 2021-05-14 08:07:34 -07:00
Daniel Lubarov
7ff5496308 num_checks -> num_challenges 2021-05-14 08:07:00 -07:00
Daniel Lubarov
13fc0c2261 Merge pull request #40 from mir-protocol/move_timed 
Move timed! and call from ListPolynomialCommitment
 2021-05-14 08:04:22 -07:00
Daniel Lubarov
b14328c2df Move timed! and call from ListPolynomialCommitment 2021-05-14 07:35:09 -07:00
Daniel Lubarov
a04bed282d Use num_checks zetas 
The soundness error is (degree of combined constraints)/|F|, so three zetas should be appropriate for all practical circuit sizes.
 2021-05-13 21:32:08 -07:00
Daniel Lubarov
6d03dd06f5 Finish merging in old_polynomial 2021-05-13 15:35:26 -07:00
wborgeaud
cdbac76149 Fixes based on PR comments 2021-05-11 10:01:35 +02:00
wborgeaud
ce0507ba12 Blinding parameter can be set differently for each Merkle tree in a FRI proof. 2021-05-11 09:56:21 +02:00
wborgeaud
ed805453c3 Minor 2021-05-10 13:10:40 +02:00
wborgeaud
d529afcdef Minor 2021-05-07 16:49:27 +02:00
wborgeaud
6ca1b28f7c Fix bug 2021-05-07 16:22:13 +02:00
wborgeaud
6f13263d56 Minor 2021-05-07 11:32:15 +02:00
wborgeaud
1bae3a02f6 Batch open for PLONK 2021-05-07 11:30:03 +02:00
wborgeaud
ea7926bd95 Update PLONK prover. 2021-05-06 23:14:37 +02:00
Daniel Lubarov
a50ba9f590 More unnecessary clones 2021-04-24 11:20:28 -07:00
Daniel Lubarov
6d164adc6a Have the prover use the new MerkleTree API 
Before it was storing leaf data and Merkle roots, but nothing in between, since it wasn't yet interacting with intermediate layers (but it will once we hook up the FRI code).
 2021-04-24 11:15:11 -07:00
Daniel Lubarov
518470a2d7 Merge pull request #20 from mir-protocol/beta_gamma 
Properly use the three betas and gammas
 2021-04-24 10:54:32 -07:00
Daniel Lubarov
4f9aa8879b Properly use the three betas and gammas 
... for the three different `Z`s we use. Before I was just using the first value as a temporary thing.
 2021-04-23 14:25:24 -07:00
Daniel Lubarov
b18f152c43 Remove access to "next" wire & constant values 
As discussed, it seems like the batch opening argument will be a significant cost, and we can reduce that cost by not including shifted openings (except for `Z`s which need them).
 2021-04-23 13:54:35 -07:00
Daniel Lubarov
b7bc1bf313 Seed Challenger with a hash of the instance 
I think this is the recommended way to apply Fiat-Shamir, to avoid any possible attacks like taking someone else's proof and using it to prove a slightly different statement.
 2021-04-22 16:38:49 -07:00
wborgeaud
6b407e45ef Progress on FRI 2021-04-21 22:31:45 +02:00
Daniel Lubarov
e8eb658f8e Candidate API for Merkle proof data 
Does this make sense? I think other libraries tend to include the leaf's index (either as an integer, or a series of bits indicating left/right turns) as part of a "proof". In FRI, the leaf indices are chosen by the verifier, so I thought that approach might be sort of redundant. Let me know what you think though.
 2021-04-06 19:17:38 -07:00
Daniel Lubarov
9b158103d2 Rename 2021-04-02 20:34:27 -07:00
Daniel Lubarov
80e87becb8 Minor refactor 2021-04-02 19:15:39 -07:00
Daniel Lubarov
8565e5015d Minor 2021-04-01 20:39:21 -07:00
Daniel Lubarov
524a974de3 Parallelize vanishing poly computation 2021-04-01 13:46:24 -07:00
Daniel Lubarov
8302c10f21 Multiple vanishing polys, and multiple associated quotient polys 
With different random alphas
 2021-04-01 13:22:54 -07:00
Daniel Lubarov
234fdc7c99 Bit of refactoring, comments, etc. 2021-04-01 12:49:31 -07:00
Daniel Lubarov
cca79a992c Sponges etc 2021-03-31 21:15:24 -07:00
Daniel Lubarov
16817d1268 Minor 2021-03-30 23:47:29 -07:00
Daniel Lubarov
347206d161 Add Z terms in vanishing poly 2021-03-30 23:12:47 -07:00
Daniel Lubarov
3c262a8c49 Fix some warnings 2021-03-30 20:16:20 -07:00
Daniel Lubarov
6c8dfb97ac Refactor polynomial code 2021-03-30 13:30:31 -07:00
Daniel Lubarov
07718397ea Fix coset [i]fft 2021-03-30 11:46:58 -07:00
Daniel Lubarov
44eeb505eb Tweaks 2021-03-30 10:02:00 -07:00
Daniel Lubarov
f42120482a No more polynomial programming abstraction 
It was too expensive.
 2021-03-28 19:52:01 -07:00
Daniel Lubarov
ba96ab4e99 More prover work 2021-03-26 23:51:48 -07:00
Daniel Lubarov
8c95dd11d7 Bit of prover work 2021-03-21 19:50:05 -07:00
Daniel Lubarov
5f92611df1 Bit of prover work 2021-03-21 11:57:33 -07:00
Daniel Lubarov
75b9340000 Tweak APIs 2021-03-21 11:29:47 -07:00
Daniel Lubarov
13cc76316c Initial commit 2021-02-17 14:36:32 -08:00