Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
multilinear_batching_flavor.cpp
Go to the documentation of this file.
1// === AUDIT STATUS ===
2// internal: { status: Complete, auditors: [Sergei], commit: }
3// external_1: { status: not started, auditors: [], commit: }
4// external_2: { status: not started, auditors: [], commit: }
5// =====================
6
7#include "multilinear_batching_flavor.hpp"
8#include "barretenberg/common/bb_bench.hpp"
9#include "barretenberg/multilinear_batching/multilinear_batching_claims.hpp"
10#include "barretenberg/polynomials/eq_polynomial.hpp"
11
12namespace bb {
13
14MultilinearBatchingFlavor::ProvingKey::ProvingKey(ProverClaim&& accumulator_claim, ProverClaim&& instance_claim)
15{
16 BB_BENCH();
17
18 circuit_size = std::max(accumulator_claim.dyadic_size, instance_claim.dyadic_size);
19 size_t virtual_circuit_size = 1 << MultilinearBatchingFlavor::VIRTUAL_LOG_N;
20
21 // Move unshifted polynomials (the "P" in evaluation claims P(r) = v)
22 polynomials.batched_unshifted_accumulator = std::move(accumulator_claim.non_shifted_polynomial);
23 polynomials.batched_unshifted_instance = std::move(instance_claim.non_shifted_polynomial);
24
25 // Initialize shiftable polynomials that are required to create the output claim's shifted polynomial
26 preshifted_accumulator = std::move(accumulator_claim.shifted_polynomial);
27 preshifted_instance = std::move(instance_claim.shifted_polynomial);
28
29 // Create shifted views for sumcheck. These share the underlying memory buffer with preshifted_*
30 polynomials.batched_shifted_accumulator = preshifted_accumulator.shifted();
31 polynomials.batched_shifted_instance = preshifted_instance.shifted();
32
33 // Construct `eq` polynomials from challenges
34 polynomials.eq_accumulator =
35 ProverEqPolynomial<FF>::construct(accumulator_claim.challenge, bb::numeric::get_msb(circuit_size));
36 polynomials.eq_instance =
37 ProverEqPolynomial<FF>::construct(instance_claim.challenge, bb::numeric::get_msb(circuit_size));
38 polynomials.increase_polynomials_virtual_size(virtual_circuit_size);
39
40 // Move incoming challenges and copy commitments with corresponding evaluations
41 accumulator_challenge = std::move(accumulator_claim.challenge);
42 instance_challenge = std::move(instance_claim.challenge);
43
44 accumulator_evaluations = { accumulator_claim.non_shifted_evaluation, accumulator_claim.shifted_evaluation };
45 instance_evaluations = { instance_claim.non_shifted_evaluation, instance_claim.shifted_evaluation };
46
47 non_shifted_accumulator_commitment = accumulator_claim.non_shifted_commitment;
48 shifted_accumulator_commitment = accumulator_claim.shifted_commitment;
49 non_shifted_instance_commitment = instance_claim.non_shifted_commitment;
50 shifted_instance_commitment = instance_claim.shifted_commitment;
51}
52
53#ifndef NDEBUG
54bool MultilinearBatchingFlavor::ProverClaim::compare_with_verifier_claim(
55 const MultilinearBatchingVerifierClaim<curve::BN254>& verifier_claim)
56{
57 bool is_a_match = true;
58 CommitmentKey bn254_commitment_key(dyadic_size);
59
60 for (size_t idx = 0; auto [prover_challenge, verifier_challenge] : zip_view(challenge, verifier_claim.challenge)) {
61 if (prover_challenge != verifier_challenge) {
62 info("Challenge mismatch at index ", idx);
63 is_a_match = false;
64 }
65 idx++;
66 }
67
68 if (verifier_claim.non_shifted_commitment != bn254_commitment_key.commit(non_shifted_polynomial)) {
69 info("Non-shifted commitment mismatch");
70 is_a_match = false;
71 }
72
73 if (verifier_claim.shifted_commitment != bn254_commitment_key.commit(shifted_polynomial)) {
74 info("Shifted commitment mismatch");
75 is_a_match = false;
76 }
77
78 // Bump the virtual size to compute mle evaluations
79 non_shifted_polynomial.increase_virtual_size(1 << challenge.size());
80 shifted_polynomial.increase_virtual_size(1 << challenge.size());
81
82 if (verifier_claim.non_shifted_evaluation != non_shifted_polynomial.evaluate_mle(verifier_claim.challenge)) {
83 info("Non-shifted evaluation mismatch");
84 is_a_match = false;
85 }
86
87 if (verifier_claim.shifted_evaluation != shifted_polynomial.evaluate_mle(verifier_claim.challenge, true)) {
88 info("Shifted evaluation mismatch");
89 is_a_match = false;
90 }
91
92 return is_a_match;
93}
94#endif
95
96} // namespace bb
bb_bench.hpp
BB_BENCH
#define BB_BENCH()
Definition bb_bench.hpp:223
bb::CommitmentKey
CommitmentKey object over a pairing group 𝔾₁.
Definition commitment_key.hpp:35
bb::CommitmentKey::commit
Commitment commit(PolynomialSpan< const Fr > polynomial) const
Uses the ProverSRS to create a commitment to p(X)
Definition commitment_key.hpp:73
bb::Polynomial::shifted
Polynomial shifted() const
Returns a Polynomial the left-shift of self.
Definition polynomial.cpp:278
bb::ProverEqPolynomial::construct
static Polynomial< FF > construct(std::span< const FF > challenges, size_t log_num_monomials)
Construct eq(X, r) coefficient table over Boolean hypercube {0,1}^d.
Definition eq_polynomial.hpp:56
zip_view
Definition zip_view.hpp:166
info
#define info(...)
Definition log.hpp:93
eq_polynomial.hpp
multilinear_batching_claims.hpp
multilinear_batching_flavor.hpp
bb::numeric::get_msb
constexpr T get_msb(const T in)
Definition get_msb.hpp:47
bb
Entry point for Barretenberg command-line interface.
Definition api.hpp:5
std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13
bb::MultilinearBatchingFlavor::ProverClaim
Prover's claim for multilinear batching - contains polynomials and their evaluation claims.
Definition multilinear_batching_flavor.hpp:156
bb::MultilinearBatchingFlavor::ProverClaim::compare_with_verifier_claim
bool compare_with_verifier_claim(const MultilinearBatchingVerifierClaim< curve::BN254 > &verifier_claim)
Debug helper to compare prover claim against verifier claim.
Definition multilinear_batching_flavor.cpp:54
bb::MultilinearBatchingVerifierClaim
Verifier's claim for multilinear batching - contains commitments and evaluation claims.
Definition multilinear_batching_claims.hpp:18