From b0eb7c8c9a45f71870da1c21af4d4b67e125e782 Mon Sep 17 00:00:00 2001 From: Vasiliy Olekhov Date: Tue, 20 Aug 2024 11:48:59 +0300 Subject: [PATCH] Fixes for review #309 --- libs/blueprint/example/CMakeLists.txt | 12 +- .../detail/polynomial/basic_fri.hpp | 163 +++++++++--------- libs/zk/test/commitment/fri.cpp | 4 +- 3 files changed, 93 insertions(+), 86 deletions(-) diff --git a/libs/blueprint/example/CMakeLists.txt b/libs/blueprint/example/CMakeLists.txt index 050135348..67f80a5c6 100644 --- a/libs/blueprint/example/CMakeLists.txt +++ b/libs/blueprint/example/CMakeLists.txt @@ -8,8 +8,11 @@ #---------------------------------------------------------------------------# macro(define_blueprint_example name) - add_executable(blueprint_${name}_example ${name}.cpp) - target_link_libraries(blueprint_${name}_example PRIVATE + + string(REPLACE "/" "_" full_example_name blueprint_${name}_example) + + add_executable(${full_example_name} ${name}.cpp) + target_link_libraries(${full_example_name} PRIVATE ${CMAKE_WORKSPACE_NAME}_blueprint ${CMAKE_WORKSPACE_NAME}::algebra @@ -18,10 +21,9 @@ macro(define_blueprint_example name) ${CMAKE_WORKSPACE_NAME}::hash ${CMAKE_WORKSPACE_NAME}::multiprecision ${CMAKE_WORKSPACE_NAME}::zk - marshalling::crypto3_zk ${Boost_LIBRARIES}) - set_target_properties(blueprint_${name}_example PROPERTIES CXX_STANDARD 17 CXX_STANDARD_REQUIRED TRUE) + set_target_properties(${full_example_name} PROPERTIES CXX_STANDARD 17 CXX_STANDARD_REQUIRED TRUE) endmacro() @@ -33,4 +35,4 @@ set(EXAMPLES_NAMES foreach(EXAMPLE_NAME ${EXAMPLES_NAMES}) define_blueprint_example(${EXAMPLE_NAME}) -endforeach() \ No newline at end of file +endforeach() diff --git a/libs/zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp b/libs/zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp index 9fb233588..2a328871c 100644 --- a/libs/zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp +++ b/libs/zk/include/nil/crypto3/zk/commitments/detail/polynomial/basic_fri.hpp @@ -665,19 +665,25 @@ namespace nil { } template - static void commit_phase( + static std::tuple< + std::vector, + std::vector, + std::vector, + math::polynomial + > + commit_phase( const PolynomialType& combined_Q, const std::map &precommitments, const typename FRI::precommitment_type &combined_Q_precommitment, const typename FRI::params_type &fri_params, - typename FRI::transcript_type &transcript, - std::vector &fs, - std::vector &fri_trees, - std::vector &fri_roots, - math::polynomial &final_polynomial) + typename FRI::transcript_type &transcript) { - // Commit phase PROFILE_SCOPE("Basic FRI commit phase"); + std::vector fs; + std::vector fri_trees; + std::vector fri_roots; + math::polynomial final_polynomial; + auto f = combined_Q; auto precommitment = combined_Q_precommitment; std::size_t t = 0; @@ -707,6 +713,8 @@ namespace nil { } else { final_polynomial = f; } + + return std::make_tuple(fs, fri_trees, fri_roots, final_polynomial); } /** @brief Convert a set of polynomials from DFS form into coefficients form */ @@ -715,8 +723,8 @@ namespace nil { std::size_t, std::vector> > convert_polynomials_to_coefficients( - typename FRI::params_type const& fri_params, - std::map> const& g) + const typename FRI::params_type &fri_params, + const std::map> &g) { std::map< std::size_t, @@ -751,13 +759,13 @@ namespace nil { template static std::map build_initial_proof( - std::map const& precommitments, - typename FRI::params_type const& fri_params, - std::map> const& g, - std::map< + const std::map &precommitments, + const typename FRI::params_type &fri_params, + const std::map> &g, + const std::map< std::size_t, std::vector> - > const& g_coeffs, + > &g_coeffs, std::uint64_t x_index) { std::vector> s; @@ -782,7 +790,7 @@ namespace nil { if constexpr (std::is_same< math::polynomial_dfs, PolynomialType>::value - ) { + ) { if (g_k[polynomial_index].size() == fri_params.D[0]->size()) { for (std::size_t j = 0; j < coset_size / FRI::m; j++) { std::size_t ind0 = std::min(s_indices[j][0], s_indices[j][1]); @@ -838,15 +846,15 @@ namespace nil { template static std::vector build_round_proofs( - typename FRI::params_type const& fri_params, - std::map> const& g, - std::map< + const typename FRI::params_type &fri_params, + const std::map> &g, + const std::map< std::size_t, std::vector> - > const& g_coeffs, - std::vector const& fri_trees, - std::vector const& fs, - math::polynomial const& final_polynomial, + > &g_coeffs, + const std::vector &fri_trees, + const std::vector &fs, + const math::polynomial &final_polynomial, std::uint64_t x_index) { std::size_t domain_size = fri_params.D[0]->size(); @@ -912,6 +920,55 @@ namespace nil { return std::move(round_proofs); } + template + static std::vector + query_phase( + const std::map &precommitments, + const typename FRI::params_type &fri_params, + typename FRI::transcript_type &transcript, + const std::map> &g, + const std::vector &fri_trees, + const std::vector &fs, + const math::polynomial &final_polynomial) + { + PROFILE_SCOPE("Basic FRI query phase"); + std::vector query_proofs(fri_params.lambda); + + // If we have DFS polynomials, and we are going to resize them, better convert them to coefficients form, + // and compute their values in those 2 * FRI::lambda points each, which is normally 2 * 20. + // In case lambda becomes much larger than log(2, average polynomial size), then this will not be optimal. + // For lambda = 20 and 2^20 rows in assignment table, it's faster and uses less RAM. + std::map>> g_coeffs = + convert_polynomials_to_coefficients(fri_params, g); + + for (std::size_t query_id = 0; query_id < fri_params.lambda; query_id++) { + std::size_t domain_size = fri_params.D[0]->size(); + typename FRI::field_type::value_type x = transcript.template challenge(); + x = x.pow((FRI::field_type::modulus - 1)/domain_size); + + std::uint64_t x_index = 0; + + while (fri_params.D[0]->get_domain_element(x_index) != x) { + ++x_index; + } + + // Initial proof + std::map + initial_proof = build_initial_proof( + precommitments, + fri_params, g, g_coeffs, x_index); + + // Fill round proofs + std::vector + round_proofs = build_round_proofs( + fri_params, g, g_coeffs, fri_trees, fs, final_polynomial, x_index); + + typename FRI::query_proof_type query_proof = {std::move(initial_proof), std::move(round_proofs)}; + query_proofs[query_id] = std::move(query_proof); + } + return std::move(query_proofs); + } + template(precommitments, fri_params)); - // This resizes actually happens when called at the end of prover: - // _proof.eval_proof.eval_proof = _commitment_scheme.proof_eval(transcript); - // We DO NOT resize it here, it takes waaay too much RAM, resize it when needed. - - //if constexpr (std::is_same, PolynomialType>::value) { - // for( auto const &it:g ){ - // auto k = it.first; - // for (int i = 0; i < g[k].size(); ++i ){ - // // If LPC works properly this if is never executed. - // if (g[k][i].size() != fri_params.D[0]->size()) { - // g[k][i].resize(fri_params.D[0]->size()); - // } - // } - // } - //} - // Commit phase std::vector fri_trees; @@ -958,11 +999,11 @@ namespace nil { std::vector fs; math::polynomial final_polynomial; + std::tie(fs, fri_trees, fri_roots, final_polynomial) = commit_phase( combined_Q, precommitments, combined_Q_precommitment, - fri_params, transcript, fs, - fri_trees, fri_roots, final_polynomial); + fri_params, transcript); // Grinding if ( fri_params.use_grinding ) { @@ -971,48 +1012,12 @@ namespace nil { } // Query phase - std::vector query_proofs(fri_params.lambda); - - // If we have DFS polynomials, and we are going to resize them, better convert them to coefficients form, - // and compute their values in those 2 * FRI::lambda points each, which is normally 2 * 20. - // In case lambda becomes much larger than log(2, average polynomial size), then this will not be optimal. - // For lambda = 20 and 2^20 rows in assignment table, it's faster and uses less RAM. - { - PROFILE_SCOPE("Basic FRI query phase"); - std::map>> g_coeffs = - convert_polynomials_to_coefficients(fri_params, g); - - for (std::size_t query_id = 0; query_id < fri_params.lambda; query_id++) { - std::size_t domain_size = fri_params.D[0]->size(); - typename FRI::field_type::value_type x = transcript.template challenge(); - x = x.pow((FRI::field_type::modulus - 1)/domain_size); - - std::uint64_t x_index = 0; - - while (fri_params.D[0]->get_domain_element(x_index) != x) { - ++x_index; - if (x_index >= domain_size) { - // unreachable - } - } - - //Initial proof - std::map - initial_proof = build_initial_proof(precommitments, fri_params, g, g_coeffs, x_index); - - // Fill round proofs - std::vector - round_proofs = build_round_proofs(fri_params, g, g_coeffs, fri_trees, fs, final_polynomial, x_index); - - typename FRI::query_proof_type query_proof = {std::move(initial_proof), std::move(round_proofs)}; - query_proofs[query_id] = std::move(query_proof); - } - - } // profile + proof.query_proofs = query_phase( + precommitments, fri_params, transcript, + g, fri_trees, fs, final_polynomial); proof.fri_roots = std::move(fri_roots); proof.final_polynomial = std::move(final_polynomial); - proof.query_proofs = std::move(query_proofs); return proof; } diff --git a/libs/zk/test/commitment/fri.cpp b/libs/zk/test/commitment/fri.cpp index cb0bbf5d0..6397451b6 100644 --- a/libs/zk/test/commitment/fri.cpp +++ b/libs/zk/test/commitment/fri.cpp @@ -117,7 +117,7 @@ BOOST_AUTO_TEST_SUITE(fri_test_suite) 2, //expand_factor lambda, true, - 20 + 16 ); BOOST_CHECK(D[1]->m == D[0]->m / 2); @@ -203,7 +203,7 @@ inline math::polynomial_dfs generate_random_poly 2, //expand_factor lambda, true, - 20 + 16 ); BOOST_CHECK(D[1]->m == D[0]->m / 2);