feat: zk shplemini #9830
feat: zk shplemini #9830
Conversation
…ages into si/zk-shplemini
| @@ -120,7 +120,8 @@ template <typename Curve> class GeminiProver_ { | |||
| const std::shared_ptr<CommitmentKey<Curve>>& commitment_key, | |||
| const std::shared_ptr<Transcript>& transcript, | |||
| RefSpan<Polynomial> concatenated_polynomials = {}, | |||
| const std::vector<RefVector<Polynomial>>& groups_to_be_concatenated = {}); | |||
| const std::vector<RefVector<Polynomial>>& groups_to_be_concatenated = {}, | |||
| bool HasZK = false); | |||
There was a problem hiding this comment.
Please rename to has_zk for style--this case is for classes and concepts.
|
|
||
| // To achieve ZK, we mask the batched polynomial by a random polynomial of the same size | ||
| if (HasZK) { | ||
| batched_unshifted = Polynomial::random(n); |
There was a problem hiding this comment.
Before: initialize poly to zero then start to accumulate f_polynomials[0]:
More efficient: initialize with f_polynomials[0] and start the loop at index 1.
After: initialize poly to zero then start to accumulate f_polynomials[0] OR overwrite with random.
More efficient: conditionally initialize as in
Polynomial batched_unshifted = has_zk ? Polynomial::random(n) : f_polynomials[0];
size_t starting_idx = has_zk ? 0 : 1;
...
for (size_t i = starting_idx; i < f_polynomials.size(); i++) {
...
But then you have to similarly define a conditional starting point for the loop. Anyway, you're not making things worse so don't worry about it, just remarking.
There was a problem hiding this comment.
thanks for the suggestion! it breaks some edge case tests in Gemini though, namely when we open shifts without unshifted (quite unrealistic). adding another check (f_polynomials.size()>0) would be somewhat ugly
Changes to public function bytecode sizes
🧾 Summary (100% most significant diffs)
Full diff report 👇
|
* master: (182 commits) feat(avm): mem specific range check (#9828) refactor: remove public kernel inner (#9865) chore: Revert "chore: Validate RPC inputs" (#9875) Revert "fix: deploy l2 contracts fails on 48 validator" (#9871) fix: deploy l2 contracts fails on 48 validator (#9860) chore: Validate RPC inputs (#9672) fix: fixing devcontainers to use the sandbox docker-compose file (#9782) fix: Revert changes to ci.yml (#9863) chore: Move epoch and slot durations to config (#9861) git subrepo push --branch=master noir-projects/aztec-nr git_subrepo.sh: Fix parent in .gitrepo file. [skip ci] chore: replace relative paths to noir-protocol-circuits git subrepo push --branch=master barretenberg fix: tree heights that last past 3 days (#9760) fix(build): l1-contracts .rebuild_patterns did not cover test files (#9862) fix: bench prover test (#9856) fix: Fix mac build by calling `count` on durations (#9855) feat: zk shplemini (#9830) feat: domain separate block proposals and attestations (#9842) chore: bump runner cache disk size (#9849) ...
We achieve ZK in Shplemini as follows. Before batching the multilinear evaluation claims obtained as the sumcheck output, the Gemini prover
The verifier simply adds this new commitment and the appropriate scalar multiplier to the BatchOpeningClaim.