From 7a908c6f5dd285e9235e1b04c59e86967edd1d41 Mon Sep 17 00:00:00 2001 From: maramihali Date: Thu, 27 Mar 2025 17:55:47 +0000 Subject: [PATCH 1/2] remove templating by flavor in merge protocol --- .../cpp/src/barretenberg/constants.hpp | 6 +++ .../cpp/src/barretenberg/goblin/goblin.hpp | 2 - .../goblin_verifier/merge_verifier.test.cpp | 2 - .../ultra_honk/mega_honk.test.cpp | 3 -- .../barretenberg/ultra_honk/merge_prover.cpp | 26 +++++-------- .../barretenberg/ultra_honk/merge_prover.hpp | 19 +++++----- .../ultra_honk/merge_verifier.cpp | 38 ++++++++----------- .../ultra_honk/merge_verifier.hpp | 7 ++-- 8 files changed, 44 insertions(+), 59 deletions(-) diff --git a/barretenberg/cpp/src/barretenberg/constants.hpp b/barretenberg/cpp/src/barretenberg/constants.hpp index 7f8959b5e312..bbea8719fe31 100644 --- a/barretenberg/cpp/src/barretenberg/constants.hpp +++ b/barretenberg/cpp/src/barretenberg/constants.hpp @@ -13,6 +13,8 @@ static constexpr uint32_t CONST_PG_LOG_N = 20; static constexpr uint32_t CONST_ECCVM_LOG_N = 16; +static constexpr uint32_t NUM_OP_QUEUE_COLUMNS = 4; + // TODO(https://github.com/AztecProtocol/barretenberg/issues/1193): potentially reenable for better memory performance // static constexpr uint32_t MAX_LOOKUP_TABLES_SIZE = 80000; @@ -21,16 +23,20 @@ static constexpr uint32_t MAX_DATABUS_SIZE = 10000; // The number of entries in ProverPolynomials reserved for randomness intended to mask witness commitments, witness // evaluation at the sumcheck challenge, and, if necessary, the evaluation of the corresponding shift static constexpr uint32_t MASKING_OFFSET = 4; + // For ZK Flavors: the number of the commitments required by Libra and SmallSubgroupIPA. static constexpr uint32_t NUM_LIBRA_COMMITMENTS = 3; + // The SmallSubgroupIPA is a sub-protocol used in several Flavors, to prove claimed inner product, the Prover sends 4 // extra evaluations static constexpr uint32_t NUM_SMALL_IPA_EVALUATIONS = 4; static constexpr uint32_t MERGE_PROOF_SIZE = 65; // used to ensure mock proofs are generated correctly + // There are 5 distinguished wires in ECCVM that have to be opened as univariates to establish the connection between // ECCVM and Translator static constexpr uint32_t NUM_TRANSLATION_EVALUATIONS = 5; + // Upper bound on the number of claims produced GeminiProver: // - Each fold polynomial is opened at two points, the number of resulting claims is bounded by 2*CONST_PROOF_SIZE_LOG_N // - The interleaving trick needed for Translator adds 2 extra claims diff --git a/barretenberg/cpp/src/barretenberg/goblin/goblin.hpp b/barretenberg/cpp/src/barretenberg/goblin/goblin.hpp index 582d64e1e301..7e6477c47326 100644 --- a/barretenberg/cpp/src/barretenberg/goblin/goblin.hpp +++ b/barretenberg/cpp/src/barretenberg/goblin/goblin.hpp @@ -36,7 +36,6 @@ class GoblinProver { using TranslationEvaluations = ECCVMProver::TranslationEvaluations; using TranslatorBuilder = TranslatorCircuitBuilder; - using MergeProver = MergeProver_; using VerificationKey = MegaFlavor::VerificationKey; using MergeProof = MergeProver::MergeProof; @@ -170,7 +169,6 @@ class GoblinVerifier { public: using ECCVMVerificationKey = ECCVMFlavor::VerificationKey; using TranslatorVerificationKey = bb::TranslatorFlavor::VerificationKey; - using MergeVerifier = bb::MergeVerifier_; using Builder = MegaCircuitBuilder; using RecursiveMergeVerifier = stdlib::recursion::goblin::MergeRecursiveVerifier_; using PairingPoints = RecursiveMergeVerifier::PairingPoints; diff --git a/barretenberg/cpp/src/barretenberg/stdlib/goblin_verifier/merge_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/goblin_verifier/merge_verifier.test.cpp index bde2df6f622f..8180548bbc0a 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/goblin_verifier/merge_verifier.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/goblin_verifier/merge_verifier.test.cpp @@ -31,8 +31,6 @@ template class RecursiveMergeVerifierTest : public test using Commitment = InnerFlavor::Commitment; using FF = InnerFlavor::FF; using VerifierCommitmentKey = bb::VerifierCommitmentKey; - using MergeProver = MergeProver_; - using MergeVerifier = MergeVerifier_; public: static void SetUpTestSuite() { bb::srs::init_crs_factory(bb::srs::get_ignition_crs_path()); } diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/mega_honk.test.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/mega_honk.test.cpp index 7a2997829e9c..4d9b41181b77 100644 --- a/barretenberg/cpp/src/barretenberg/ultra_honk/mega_honk.test.cpp +++ b/barretenberg/cpp/src/barretenberg/ultra_honk/mega_honk.test.cpp @@ -27,8 +27,6 @@ template class MegaHonkTests : public ::testing::Test { using FF = Curve::ScalarField; using Point = Curve::AffineElement; using CommitmentKey = bb::CommitmentKey; - using MergeProver = MergeProver_; - using MergeVerifier = MergeVerifier_; using Prover = UltraProver_; using Verifier = UltraVerifier_; using VerificationKey = typename Flavor::VerificationKey; @@ -97,7 +95,6 @@ TYPED_TEST_SUITE(MegaHonkTests, FlavorTypes); TYPED_TEST(MegaHonkTests, MergeProofSizeCheck) { using Flavor = TypeParam; - using MergeProver = MergeProver_; auto builder = typename Flavor::CircuitBuilder{}; GoblinMockCircuits::construct_simple_circuit(builder); diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.cpp index 2d64775dbc1d..32558df478cc 100644 --- a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.cpp +++ b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.cpp @@ -1,4 +1,5 @@ #include "merge_prover.hpp" +#include "barretenberg/constants.hpp" #include "barretenberg/stdlib_circuit_builders/mega_zk_flavor.hpp" namespace bb { @@ -8,9 +9,7 @@ namespace bb { * @details We require an SRS at least as large as the current ultra ecc ops table * TODO(https://github.com/AztecProtocol/barretenberg/issues/1267): consider possible efficiency improvements */ -template -MergeProver_::MergeProver_(const std::shared_ptr& op_queue, - std::shared_ptr commitment_key) +MergeProver::MergeProver(const std::shared_ptr& op_queue, std::shared_ptr commitment_key) : op_queue(op_queue) , pcs_commitment_key(commitment_key ? commitment_key : std::make_shared(op_queue->get_ultra_ops_table_num_rows())) @@ -30,14 +29,14 @@ MergeProver_::MergeProver_(const std::shared_ptr& op_queue, * * @return honk::proof */ -template MergeProver_::MergeProof MergeProver_::construct_proof() +MergeProver::MergeProof MergeProver::construct_proof() { transcript = std::make_shared(); // Extract columns of the full table T_j, the previous table T_{j,prev}, and the current subtable t_j - std::array T_current = op_queue->construct_ultra_ops_table_columns(); - std::array T_prev = op_queue->construct_previous_ultra_ops_table_columns(); - std::array t_current = op_queue->construct_current_ultra_ops_subtable_columns(); + std::array T_current = op_queue->construct_ultra_ops_table_columns(); + std::array T_prev = op_queue->construct_previous_ultra_ops_table_columns(); + std::array t_current = op_queue->construct_current_ultra_ops_subtable_columns(); const size_t current_table_size = T_current[0].size(); const size_t current_subtable_size = t_current[0].size(); @@ -45,7 +44,7 @@ template MergeProver_::MergeProof MergeProver_ transcript->send_to_verifier("subtable_size", static_cast(current_subtable_size)); // Compute/get commitments [t^{shift}], [T_prev], and [T] and add to transcript - for (size_t idx = 0; idx < NUM_WIRES; ++idx) { + for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { // Compute commitments Commitment t_commitment = pcs_commitment_key->commit(t_current[idx]); Commitment T_prev_commitment = pcs_commitment_key->commit(T_prev[idx]); @@ -64,19 +63,19 @@ template MergeProver_::MergeProof MergeProver_ // Add univariate opening claims for each polynomial. std::vector opening_claims; // Compute evaluation t(\kappa) - for (size_t idx = 0; idx < NUM_WIRES; ++idx) { + for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { FF evaluation = t_current[idx].evaluate(kappa); transcript->send_to_verifier("t_eval_" + std::to_string(idx), evaluation); opening_claims.emplace_back(OpeningClaim{ std::move(t_current[idx]), { kappa, evaluation } }); } // Compute evaluation T_prev(\kappa) - for (size_t idx = 0; idx < NUM_WIRES; ++idx) { + for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { FF evaluation = T_prev[idx].evaluate(kappa); transcript->send_to_verifier("T_prev_eval_" + std::to_string(idx), evaluation); opening_claims.emplace_back(OpeningClaim{ T_prev[idx], { kappa, evaluation } }); } // Compute evaluation T(\kappa) - for (size_t idx = 0; idx < NUM_WIRES; ++idx) { + for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { FF evaluation = T_current[idx].evaluate(kappa); transcript->send_to_verifier("T_eval_" + std::to_string(idx), evaluation); opening_claims.emplace_back(OpeningClaim{ std::move(T_current[idx]), { kappa, evaluation } }); @@ -100,9 +99,4 @@ template MergeProver_::MergeProof MergeProver_ return transcript->proof_data; } - -template class MergeProver_; -template class MergeProver_; -template class MergeProver_; - } // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.hpp index 2abab06f3865..0daadc86b282 100644 --- a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.hpp +++ b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.hpp @@ -13,13 +13,13 @@ namespace bb { * @brief Prover class for the Goblin ECC op queue transcript merge protocol * */ -template class MergeProver_ { - using FF = typename Flavor::FF; - using Polynomial = typename Flavor::Polynomial; - using CommitmentKey = typename Flavor::CommitmentKey; - using Commitment = typename Flavor::Commitment; - using PCS = typename Flavor::PCS; - using Curve = typename Flavor::Curve; +class MergeProver { + using Curve = curve::BN254; + using FF = Curve::ScalarField; + using Commitment = Curve::AffineElement; + using Polynomial = bb::Polynomial; + using CommitmentKey = bb::CommitmentKey; + using PCS = KZG; using OpeningClaim = ProverOpeningClaim; using OpeningPair = bb::OpeningPair; using Transcript = NativeTranscript; @@ -29,15 +29,14 @@ template class MergeProver_ { std::shared_ptr transcript; - explicit MergeProver_(const std::shared_ptr& op_queue, - std::shared_ptr commitment_key = nullptr); + explicit MergeProver(const std::shared_ptr& op_queue, + std::shared_ptr commitment_key = nullptr); BB_PROFILE MergeProof construct_proof(); private: std::shared_ptr op_queue; std::shared_ptr pcs_commitment_key; - static constexpr size_t NUM_WIRES = MegaFlavor::NUM_WIRES; }; } // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.cpp index 9569d44038d8..cf4b281465bc 100644 --- a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.cpp +++ b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.cpp @@ -4,8 +4,7 @@ namespace bb { -template -MergeVerifier_::MergeVerifier_() +MergeVerifier::MergeVerifier() : transcript(std::make_shared()) , pcs_verification_key(std::make_unique()){}; @@ -22,17 +21,17 @@ MergeVerifier_::MergeVerifier_() * @tparam Flavor * @return bool Verification result */ -template bool MergeVerifier_::verify_proof(const HonkProof& proof) +bool MergeVerifier::verify_proof(const HonkProof& proof) { transcript = std::make_shared(proof); uint32_t subtable_size = transcript->template receive_from_prover("subtable_size"); // Receive table column polynomial commitments [t_j], [T_{j,prev}], and [T_j], j = 1,2,3,4 - std::array t_commitments; - std::array T_prev_commitments; - std::array T_commitments; - for (size_t idx = 0; idx < Flavor::NUM_WIRES; ++idx) { + std::array t_commitments; + std::array T_prev_commitments; + std::array T_commitments; + for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { std::string suffix = std::to_string(idx); t_commitments[idx] = transcript->template receive_from_prover("t_CURRENT_" + suffix); T_prev_commitments[idx] = transcript->template receive_from_prover("T_PREV_" + suffix); @@ -42,22 +41,22 @@ template bool MergeVerifier_::verify_proof(const HonkP FF kappa = transcript->template get_challenge("kappa"); // Receive evaluations t_j(\kappa), T_{j,prev}(\kappa), T_j(\kappa), j = 1,2,3,4 - std::array t_evals; - std::array T_prev_evals; - std::array T_evals; - for (size_t idx = 0; idx < Flavor::NUM_WIRES; ++idx) { + std::array t_evals; + std::array T_prev_evals; + std::array T_evals; + for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { t_evals[idx] = transcript->template receive_from_prover("t_eval_" + std::to_string(idx)); } - for (size_t idx = 0; idx < Flavor::NUM_WIRES; ++idx) { + for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { T_prev_evals[idx] = transcript->template receive_from_prover("T_prev_eval_" + std::to_string(idx)); } - for (size_t idx = 0; idx < NUM_WIRES; ++idx) { + for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { T_evals[idx] = transcript->template receive_from_prover("T_eval_" + std::to_string(idx)); } // Check the identity T_j(\kappa) = t_j(\kappa) + \kappa^m * T_{j,prev}(\kappa). If it fails, return false bool identity_checked = true; - for (size_t idx = 0; idx < NUM_WIRES; ++idx) { + for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { FF T_prev_shifted_eval_reconstructed = T_prev_evals[idx] * kappa.pow(subtable_size); bool current_check = T_evals[idx] == t_evals[idx] + T_prev_shifted_eval_reconstructed; identity_checked = identity_checked && current_check; @@ -69,17 +68,17 @@ template bool MergeVerifier_::verify_proof(const HonkP Commitment batched_commitment = t_commitments[0]; FF batched_eval = t_evals[0]; auto alpha_pow = alpha; - for (size_t idx = 1; idx < NUM_WIRES; ++idx) { + for (size_t idx = 1; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { batched_commitment = batched_commitment + (t_commitments[idx] * alpha_pow); batched_eval += alpha_pow * t_evals[idx]; alpha_pow *= alpha; } - for (size_t idx = 0; idx < NUM_WIRES; ++idx) { + for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { batched_commitment = batched_commitment + (T_prev_commitments[idx] * alpha_pow); batched_eval += alpha_pow * T_prev_evals[idx]; alpha_pow *= alpha; } - for (size_t idx = 0; idx < NUM_WIRES; ++idx) { + for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { batched_commitment = batched_commitment + (T_commitments[idx] * alpha_pow); batched_eval += alpha_pow * T_evals[idx]; alpha_pow *= alpha; @@ -91,9 +90,4 @@ template bool MergeVerifier_::verify_proof(const HonkP auto verified = pcs_verification_key->pairing_check(pairing_points[0], pairing_points[1]); return identity_checked && verified; } - -template class MergeVerifier_; -template class MergeVerifier_; -template class MergeVerifier_; - } // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.hpp index 80e0ccc158af..c3f3db53cb36 100644 --- a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.hpp +++ b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.hpp @@ -13,8 +13,8 @@ namespace bb { * @brief Verifier class for the Goblin ECC op queue transcript merge protocol * */ -template class MergeVerifier_ { - using Curve = typename Flavor::Curve; +class MergeVerifier { + using Curve = curve::BN254; using FF = typename Curve::ScalarField; using Commitment = typename Curve::AffineElement; using PCS = bb::KZG; @@ -25,12 +25,11 @@ template class MergeVerifier_ { public: std::shared_ptr transcript; - explicit MergeVerifier_(); + explicit MergeVerifier(); bool verify_proof(const HonkProof& proof); private: std::shared_ptr pcs_verification_key; - static constexpr size_t NUM_WIRES = Flavor::NUM_WIRES; }; } // namespace bb From e6bf11388fe2d4724648b472376100da6308484c Mon Sep 17 00:00:00 2001 From: maramihali Date: Mon, 31 Mar 2025 13:10:28 +0000 Subject: [PATCH 2/2] remove constant --- .../cpp/src/barretenberg/constants.hpp | 2 -- .../src/barretenberg/goblin/mock_circuits.hpp | 2 +- .../barretenberg/ultra_honk/merge_prover.cpp | 15 +++++----- .../barretenberg/ultra_honk/merge_prover.hpp | 3 ++ .../ultra_honk/merge_verifier.cpp | 28 +++++++++---------- .../ultra_honk/merge_verifier.hpp | 3 ++ 6 files changed, 28 insertions(+), 25 deletions(-) diff --git a/barretenberg/cpp/src/barretenberg/constants.hpp b/barretenberg/cpp/src/barretenberg/constants.hpp index bbea8719fe31..732e6eea5fc1 100644 --- a/barretenberg/cpp/src/barretenberg/constants.hpp +++ b/barretenberg/cpp/src/barretenberg/constants.hpp @@ -13,8 +13,6 @@ static constexpr uint32_t CONST_PG_LOG_N = 20; static constexpr uint32_t CONST_ECCVM_LOG_N = 16; -static constexpr uint32_t NUM_OP_QUEUE_COLUMNS = 4; - // TODO(https://github.com/AztecProtocol/barretenberg/issues/1193): potentially reenable for better memory performance // static constexpr uint32_t MAX_LOOKUP_TABLES_SIZE = 80000; diff --git a/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp b/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp index f6b11123a589..d96801403b34 100644 --- a/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp +++ b/barretenberg/cpp/src/barretenberg/goblin/mock_circuits.hpp @@ -53,7 +53,7 @@ class GoblinMockCircuits { using RecursiveVerificationKey = RecursiveDeciderVerificationKey::VerificationKey; using RecursiveVerifierAccumulator = std::shared_ptr; using VerificationKey = Flavor::VerificationKey; - static constexpr size_t NUM_OP_QUEUE_COLUMNS = Flavor::NUM_WIRES; + static constexpr size_t NUM_WIRES = Flavor::NUM_WIRES; struct KernelInput { HonkProof proof; diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.cpp index 32558df478cc..2b43a17e4f4a 100644 --- a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.cpp +++ b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.cpp @@ -1,5 +1,4 @@ #include "merge_prover.hpp" -#include "barretenberg/constants.hpp" #include "barretenberg/stdlib_circuit_builders/mega_zk_flavor.hpp" namespace bb { @@ -34,9 +33,9 @@ MergeProver::MergeProof MergeProver::construct_proof() transcript = std::make_shared(); // Extract columns of the full table T_j, the previous table T_{j,prev}, and the current subtable t_j - std::array T_current = op_queue->construct_ultra_ops_table_columns(); - std::array T_prev = op_queue->construct_previous_ultra_ops_table_columns(); - std::array t_current = op_queue->construct_current_ultra_ops_subtable_columns(); + std::array T_current = op_queue->construct_ultra_ops_table_columns(); + std::array T_prev = op_queue->construct_previous_ultra_ops_table_columns(); + std::array t_current = op_queue->construct_current_ultra_ops_subtable_columns(); const size_t current_table_size = T_current[0].size(); const size_t current_subtable_size = t_current[0].size(); @@ -44,7 +43,7 @@ MergeProver::MergeProof MergeProver::construct_proof() transcript->send_to_verifier("subtable_size", static_cast(current_subtable_size)); // Compute/get commitments [t^{shift}], [T_prev], and [T] and add to transcript - for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { + for (size_t idx = 0; idx < NUM_WIRES; ++idx) { // Compute commitments Commitment t_commitment = pcs_commitment_key->commit(t_current[idx]); Commitment T_prev_commitment = pcs_commitment_key->commit(T_prev[idx]); @@ -63,19 +62,19 @@ MergeProver::MergeProof MergeProver::construct_proof() // Add univariate opening claims for each polynomial. std::vector opening_claims; // Compute evaluation t(\kappa) - for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { + for (size_t idx = 0; idx < NUM_WIRES; ++idx) { FF evaluation = t_current[idx].evaluate(kappa); transcript->send_to_verifier("t_eval_" + std::to_string(idx), evaluation); opening_claims.emplace_back(OpeningClaim{ std::move(t_current[idx]), { kappa, evaluation } }); } // Compute evaluation T_prev(\kappa) - for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { + for (size_t idx = 0; idx < NUM_WIRES; ++idx) { FF evaluation = T_prev[idx].evaluate(kappa); transcript->send_to_verifier("T_prev_eval_" + std::to_string(idx), evaluation); opening_claims.emplace_back(OpeningClaim{ T_prev[idx], { kappa, evaluation } }); } // Compute evaluation T(\kappa) - for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { + for (size_t idx = 0; idx < NUM_WIRES; ++idx) { FF evaluation = T_current[idx].evaluate(kappa); transcript->send_to_verifier("T_eval_" + std::to_string(idx), evaluation); opening_claims.emplace_back(OpeningClaim{ std::move(T_current[idx]), { kappa, evaluation } }); diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.hpp index 0daadc86b282..b4ab9a1e4658 100644 --- a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.hpp +++ b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_prover.hpp @@ -37,6 +37,9 @@ class MergeProver { private: std::shared_ptr op_queue; std::shared_ptr pcs_commitment_key; + // Number of columns that jointly constitute the op_queue, should be the same as the number of wires in the + // MegaCircuitBuilder + static constexpr size_t NUM_WIRES = MegaExecutionTraceBlocks::NUM_WIRES; }; } // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.cpp b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.cpp index cf4b281465bc..8d49131aa301 100644 --- a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.cpp +++ b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.cpp @@ -28,10 +28,10 @@ bool MergeVerifier::verify_proof(const HonkProof& proof) uint32_t subtable_size = transcript->template receive_from_prover("subtable_size"); // Receive table column polynomial commitments [t_j], [T_{j,prev}], and [T_j], j = 1,2,3,4 - std::array t_commitments; - std::array T_prev_commitments; - std::array T_commitments; - for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { + std::array t_commitments; + std::array T_prev_commitments; + std::array T_commitments; + for (size_t idx = 0; idx < NUM_WIRES; ++idx) { std::string suffix = std::to_string(idx); t_commitments[idx] = transcript->template receive_from_prover("t_CURRENT_" + suffix); T_prev_commitments[idx] = transcript->template receive_from_prover("T_PREV_" + suffix); @@ -41,22 +41,22 @@ bool MergeVerifier::verify_proof(const HonkProof& proof) FF kappa = transcript->template get_challenge("kappa"); // Receive evaluations t_j(\kappa), T_{j,prev}(\kappa), T_j(\kappa), j = 1,2,3,4 - std::array t_evals; - std::array T_prev_evals; - std::array T_evals; - for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { + std::array t_evals; + std::array T_prev_evals; + std::array T_evals; + for (size_t idx = 0; idx < NUM_WIRES; ++idx) { t_evals[idx] = transcript->template receive_from_prover("t_eval_" + std::to_string(idx)); } - for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { + for (size_t idx = 0; idx < NUM_WIRES; ++idx) { T_prev_evals[idx] = transcript->template receive_from_prover("T_prev_eval_" + std::to_string(idx)); } - for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { + for (size_t idx = 0; idx < NUM_WIRES; ++idx) { T_evals[idx] = transcript->template receive_from_prover("T_eval_" + std::to_string(idx)); } // Check the identity T_j(\kappa) = t_j(\kappa) + \kappa^m * T_{j,prev}(\kappa). If it fails, return false bool identity_checked = true; - for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { + for (size_t idx = 0; idx < NUM_WIRES; ++idx) { FF T_prev_shifted_eval_reconstructed = T_prev_evals[idx] * kappa.pow(subtable_size); bool current_check = T_evals[idx] == t_evals[idx] + T_prev_shifted_eval_reconstructed; identity_checked = identity_checked && current_check; @@ -68,17 +68,17 @@ bool MergeVerifier::verify_proof(const HonkProof& proof) Commitment batched_commitment = t_commitments[0]; FF batched_eval = t_evals[0]; auto alpha_pow = alpha; - for (size_t idx = 1; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { + for (size_t idx = 1; idx < NUM_WIRES; ++idx) { batched_commitment = batched_commitment + (t_commitments[idx] * alpha_pow); batched_eval += alpha_pow * t_evals[idx]; alpha_pow *= alpha; } - for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { + for (size_t idx = 0; idx < NUM_WIRES; ++idx) { batched_commitment = batched_commitment + (T_prev_commitments[idx] * alpha_pow); batched_eval += alpha_pow * T_prev_evals[idx]; alpha_pow *= alpha; } - for (size_t idx = 0; idx < NUM_OP_QUEUE_COLUMNS; ++idx) { + for (size_t idx = 0; idx < NUM_WIRES; ++idx) { batched_commitment = batched_commitment + (T_commitments[idx] * alpha_pow); batched_eval += alpha_pow * T_evals[idx]; alpha_pow *= alpha; diff --git a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.hpp b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.hpp index c3f3db53cb36..2afe0ba27614 100644 --- a/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.hpp +++ b/barretenberg/cpp/src/barretenberg/ultra_honk/merge_verifier.hpp @@ -30,6 +30,9 @@ class MergeVerifier { private: std::shared_ptr pcs_verification_key; + // Number of columns that jointly constitute the op_queue, should be the same as the number of wires in the + // MegaCircuitBuilder + static constexpr size_t NUM_WIRES = MegaExecutionTraceBlocks::NUM_WIRES; }; } // namespace bb