Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New PCS trait and implementation #116

Merged
merged 14 commits into from
Sep 1, 2022
Merged

New PCS trait and implementation #116

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
eea88a7
new PCS
mrain Aug 24, 2022
a267fac
Merge branch 'main' into chengyu/pcs
mrain Aug 24, 2022
9c16856
Updated PCS interfaces. Now using for UnivariatePCS and for Multili…
mrain Aug 26, 2022
4749d24
Now plonk proof system use our own KZG implementation
mrain Aug 26, 2022
a030dbc
fmt & last piece of code update
mrain Aug 26, 2022
0ff1956
Remove redundant codes. Parallize UnivariatePCS multi_commit
mrain Aug 26, 2022
3edf390
Update import for `no_std`
mrain Aug 26, 2022
cbd14b3
doc fixed.
mrain Aug 26, 2022
8430027
fmt
mrain Aug 27, 2022
9e95713
add bench & update correct feature flag
mrain Aug 29, 2022
ec55ed2
Resolving comments.
mrain Aug 30, 2022
6cc95f1
Resolving comments. Better namine + trait + comments.
mrain Aug 31, 2022
2605deb
Trait bound.
mrain Aug 31, 2022
5a87440
trait bound + TODO comment.
mrain Aug 31, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 7 additions & 7 deletions plonk/src/proof_system/prover.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ use ark_std::{
vec::Vec,
};
use jf_primitives::pcs::{
prelude::{Commitment, KZGUnivariatePCS},
prelude::{Commitment, UnivariateKZGPCS},
PolynomialCommitmentScheme,
};
use jf_relation::{constants::GATE_WIDTH, Arithmetization};
Expand Down Expand Up @@ -82,7 +82,7 @@ impl<E: PairingEngine> Prover<E> {
.into_iter()
.map(|poly| self.mask_polynomial(prng, poly, 1))
.collect();
let wires_poly_comms = KZGUnivariatePCS::multi_commit(ck, &wire_polys)?;
let wires_poly_comms = UnivariateKZGPCS::multi_commit(ck, &wire_polys)?;
let pub_input_poly = cs.compute_pub_input_polynomial()?;
Ok(((wires_poly_comms, wire_polys), pub_input_poly))
}
Expand All @@ -106,7 +106,7 @@ impl<E: PairingEngine> Prover<E> {
let h_1_poly = self.mask_polynomial(prng, h_1_poly, 2);
let h_2_poly = self.mask_polynomial(prng, h_2_poly, 2);
let h_polys = vec![h_1_poly, h_2_poly];
let h_poly_comms = KZGUnivariatePCS::multi_commit(ck, &h_polys)?;
let h_poly_comms = UnivariateKZGPCS::multi_commit(ck, &h_polys)?;
Ok(((h_poly_comms, h_polys), sorted_vec, merged_lookup_table))
}

Expand All @@ -124,7 +124,7 @@ impl<E: PairingEngine> Prover<E> {
cs.compute_prod_permutation_polynomial(&challenges.beta, &challenges.gamma)?,
2,
);
let prod_perm_comm = KZGUnivariatePCS::commit(ck, &prod_perm_poly)?;
let prod_perm_comm = UnivariateKZGPCS::commit(ck, &prod_perm_poly)?;
Ok((prod_perm_comm, prod_perm_poly))
}

Expand Down Expand Up @@ -157,7 +157,7 @@ impl<E: PairingEngine> Prover<E> {
)?,
2,
);
let prod_lookup_comm = KZGUnivariatePCS::commit(ck, &prod_lookup_poly)?;
let prod_lookup_comm = UnivariateKZGPCS::commit(ck, &prod_lookup_poly)?;
Ok((prod_lookup_comm, prod_lookup_poly))
}

Expand All @@ -176,7 +176,7 @@ impl<E: PairingEngine> Prover<E> {
let quot_poly =
self.compute_quotient_polynomial(challenges, pks, online_oracles, num_wire_types)?;
let split_quot_polys = self.split_quotient_polynomial(prng, &quot_poly, num_wire_types)?;
let split_quot_poly_comms = KZGUnivariatePCS::multi_commit(ck, &split_quot_polys)?;
let split_quot_poly_comms = UnivariateKZGPCS::multi_commit(ck, &split_quot_polys)?;

Ok((split_quot_poly_comms, split_quot_polys))
}
Expand Down Expand Up @@ -469,7 +469,7 @@ impl<E: PairingEngine> Prover<E> {
let divisor = DensePolynomial::from_coefficients_vec(vec![-*eval_point, E::Fr::one()]);
let witness_poly = &batch_poly / &divisor;

KZGUnivariatePCS::commit(ck, &witness_poly).map_err(PlonkError::PCSError)
UnivariateKZGPCS::commit(ck, &witness_poly).map_err(PlonkError::PCSError)
}

/// Compute the quotient polynomial via (i)FFTs.
Expand Down
26 changes: 13 additions & 13 deletions plonk/src/proof_system/snark.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ use ark_std::{
vec::Vec,
};
use jf_primitives::{
pcs::{prelude::KZGUnivariatePCS, PolynomialCommitmentScheme, StructuredReferenceString},
pcs::{prelude::UnivariateKZGPCS, PolynomialCommitmentScheme, StructuredReferenceString},
rescue::RescueParameter,
};
use jf_relation::{
Expand Down Expand Up @@ -433,7 +433,7 @@ where
max_degree: usize,
rng: &mut R,
) -> Result<Self::UniversalSRS, Self::Error> {
KZGUnivariatePCS::<E>::gen_srs_for_testing(rng, max_degree).map_err(PlonkError::PCSError)
UnivariateKZGPCS::<E>::gen_srs_for_testing(rng, max_degree).map_err(PlonkError::PCSError)
}

/// Input a circuit and the SRS, precompute the proving key and verification
Expand Down Expand Up @@ -472,12 +472,12 @@ where
// 2. Compute VerifyingKey
let (commit_key, open_key) = srs.trim(srs_size)?;
let selector_comms = parallelizable_slice_iter(&selectors_polys)
.map(|poly| KZGUnivariatePCS::commit(&commit_key, poly).map_err(PlonkError::PCSError))
.map(|poly| UnivariateKZGPCS::commit(&commit_key, poly).map_err(PlonkError::PCSError))
.collect::<Result<Vec<_>, PlonkError>>()?
.into_iter()
.collect();
let sigma_comms = parallelizable_slice_iter(&sigma_polys)
.map(|poly| KZGUnivariatePCS::commit(&commit_key, poly).map_err(PlonkError::PCSError))
.map(|poly| UnivariateKZGPCS::commit(&commit_key, poly).map_err(PlonkError::PCSError))
.collect::<Result<Vec<_>, PlonkError>>()?
.into_iter()
.collect();
Expand All @@ -486,19 +486,19 @@ where
let plookup_vk = match circuit.support_lookup() {
false => None,
true => Some(PlookupVerifyingKey {
range_table_comm: KZGUnivariatePCS::commit(
range_table_comm: UnivariateKZGPCS::commit(
&commit_key,
&plookup_pk.as_ref().unwrap().range_table_poly,
)?,
key_table_comm: KZGUnivariatePCS::commit(
key_table_comm: UnivariateKZGPCS::commit(
&commit_key,
&plookup_pk.as_ref().unwrap().key_table_poly,
)?,
table_dom_sep_comm: KZGUnivariatePCS::commit(
table_dom_sep_comm: UnivariateKZGPCS::commit(
&commit_key,
&plookup_pk.as_ref().unwrap().table_dom_sep_poly,
)?,
q_dom_sep_comm: KZGUnivariatePCS::commit(
q_dom_sep_comm: UnivariateKZGPCS::commit(
&commit_key,
&plookup_pk.as_ref().unwrap().q_dom_sep_poly,
)?,
Expand Down Expand Up @@ -618,7 +618,7 @@ pub mod test {
use core::ops::{Mul, Neg};
use jf_primitives::{
pcs::{
prelude::{Commitment, KZGUnivariatePCS},
prelude::{Commitment, UnivariateKZGPCS},
PolynomialCommitmentScheme,
},
rescue::RescueParameter,
Expand Down Expand Up @@ -761,19 +761,19 @@ pub mod test {
.iter()
.zip(vk.selector_comms.iter())
.for_each(|(p, &p_comm)| {
let expected_comm = KZGUnivariatePCS::commit(&pk.commit_key, p).unwrap();
let expected_comm = UnivariateKZGPCS::commit(&pk.commit_key, p).unwrap();
assert_eq!(expected_comm, p_comm);
});
sigmas
.iter()
.zip(vk.sigma_comms.iter())
.for_each(|(p, &p_comm)| {
let expected_comm = KZGUnivariatePCS::commit(&pk.commit_key, p).unwrap();
let expected_comm = UnivariateKZGPCS::commit(&pk.commit_key, p).unwrap();
assert_eq!(expected_comm, p_comm);
});
// check plookup verification key
if plonk_type == PlonkType::UltraPlonk {
let expected_comm = KZGUnivariatePCS::commit(
let expected_comm = UnivariateKZGPCS::commit(
&pk.commit_key,
&pk.plookup_pk.as_ref().unwrap().range_table_poly,
)
Expand All @@ -783,7 +783,7 @@ pub mod test {
vk.plookup_vk.as_ref().unwrap().range_table_comm
);

let expected_comm = KZGUnivariatePCS::commit(
let expected_comm = UnivariateKZGPCS::commit(
&pk.commit_key,
&pk.plookup_pk.as_ref().unwrap().key_table_poly,
)
Expand Down
14 changes: 7 additions & 7 deletions primitives/benches/pcs.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ use ark_ff::UniformRand;
use ark_poly::{DenseMultilinearExtension, MultilinearExtension};
use ark_std::{rc::Rc, test_rng};
use jf_primitives::pcs::{
prelude::{KZGMultilinearPCS, PCSError, PolynomialCommitmentScheme},
prelude::{MultilinearKZGPCS, PCSError, PolynomialCommitmentScheme},
StructuredReferenceString,
};
use std::time::Instant;
Expand All @@ -16,7 +16,7 @@ fn bench_pcs() -> Result<(), PCSError> {
let mut rng = test_rng();

// normal polynomials
let uni_params = KZGMultilinearPCS::<Bls12_381>::gen_srs_for_testing(&mut rng, 18)?;
let uni_params = MultilinearKZGPCS::<Bls12_381>::gen_srs_for_testing(&mut rng, 18)?;

for nv in 4..19 {
let repetition = if nv < 10 {
Expand All @@ -39,7 +39,7 @@ fn bench_pcs() -> Result<(), PCSError> {
let com = {
let start = Instant::now();
for _ in 0..repetition {
let _commit = KZGMultilinearPCS::commit(&ck, &poly)?;
let _commit = MultilinearKZGPCS::commit(&ck, &poly)?;
}

println!(
Expand All @@ -48,29 +48,29 @@ fn bench_pcs() -> Result<(), PCSError> {
start.elapsed().as_nanos() / repetition as u128
);

KZGMultilinearPCS::commit(&ck, &poly)?
MultilinearKZGPCS::commit(&ck, &poly)?
};

// open
let (proof, value) = {
let start = Instant::now();
for _ in 0..repetition {
let _open = KZGMultilinearPCS::open(&ck, &poly, &point)?;
let _open = MultilinearKZGPCS::open(&ck, &poly, &point)?;
}

println!(
"KZG open for {} variables: {} ns",
nv,
start.elapsed().as_nanos() / repetition as u128
);
KZGMultilinearPCS::open(&ck, &poly, &point)?
MultilinearKZGPCS::open(&ck, &poly, &point)?
};

// verify
{
let start = Instant::now();
for _ in 0..repetition {
assert!(KZGMultilinearPCS::verify(
assert!(MultilinearKZGPCS::verify(
&vk, &com, &point, &value, &proof
)?);
}
Expand Down
28 changes: 16 additions & 12 deletions primitives/src/pcs/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,11 @@ mod univariate_kzg;

use ark_ec::PairingEngine;
use ark_serialize::CanonicalSerialize;
use ark_std::{rand::RngCore, vec::Vec};
use ark_std::{
borrow::Borrow,
rand::{CryptoRng, RngCore},
vec::Vec,
};
use errors::PCSError;

/// This trait defines APIs for polynomial commitment schemes.
Expand Down Expand Up @@ -49,7 +53,7 @@ pub trait PolynomialCommitmentScheme<E: PairingEngine> {
///
/// WARNING: THIS FUNCTION IS FOR TESTING PURPOSE ONLY.
/// THE OUTPUT SRS SHOULD NOT BE USED IN PRODUCTION.
fn gen_srs_for_testing<R: RngCore>(
fn gen_srs_for_testing<R: RngCore + CryptoRng>(
rng: &mut R,
supported_size: usize,
) -> Result<Self::SRS, PCSError>;
Expand All @@ -58,36 +62,36 @@ pub trait PolynomialCommitmentScheme<E: PairingEngine> {
/// Input both `supported_degree` for univariate and
/// `supported_num_vars` for multilinear.
fn trim(
srs: &Self::SRS,
srs: impl Borrow<Self::SRS>,
supported_degree: usize,
supported_num_vars: Option<usize>,
) -> Result<(Self::ProverParam, Self::VerifierParam), PCSError>;

/// Generate a commitment for a polynomial
fn commit(
prover_param: &Self::ProverParam,
alxiong marked this conversation as resolved.
Show resolved Hide resolved
prover_param: impl Borrow<Self::ProverParam>,
poly: &Self::Polynomial,
) -> Result<Self::Commitment, PCSError>;

/// Generate a commitment for a list of polynomials
fn multi_commit(
prover_param: &Self::ProverParam,
prover_param: impl Borrow<Self::ProverParam>,
polys: &[Self::Polynomial],
) -> Result<Self::BatchCommitment, PCSError>;

/// On input a polynomial `p` and a point `point`, outputs a proof for the
/// same.
fn open(
prover_param: &Self::ProverParam,
prover_param: impl Borrow<Self::ProverParam>,
polynomial: &Self::Polynomial,
point: &Self::Point,
) -> Result<(Self::Proof, Self::Evaluation), PCSError>;

/// Input a list of MLEs, and a same number of points, and a transcript,
/// compute a multi-opening for all the polynomials.
/// Input a list of multilinear extensions, and a same number of points, and
/// a transcript, compute a multi-opening for all the polynomials.
fn multi_open(
prover_param: &Self::ProverParam,
multi_commitment: &Self::Commitment,
prover_param: impl Borrow<Self::ProverParam>,
multi_commitment: &Self::BatchCommitment,
polynomials: &[Self::Polynomial],
points: &[Self::Point],
) -> Result<(Self::BatchProof, Vec<Self::Evaluation>), PCSError>;
Expand All @@ -104,7 +108,7 @@ pub trait PolynomialCommitmentScheme<E: PairingEngine> {

/// Verifies that `value_i` is the evaluation at `x_i` of the polynomial
/// `poly_i` committed inside `comm`.
fn batch_verify<R: RngCore>(
fn batch_verify<R: RngCore + CryptoRng>(
verifier_param: &Self::VerifierParam,
multi_commitment: &Self::BatchCommitment,
points: &[Self::Point],
Expand Down Expand Up @@ -148,7 +152,7 @@ pub trait StructuredReferenceString<E: PairingEngine>: Sized {
///
/// WARNING: THIS FUNCTION IS FOR TESTING PURPOSE ONLY.
/// THE OUTPUT SRS SHOULD NOT BE USED IN PRODUCTION.
fn gen_srs_for_testing<R: RngCore>(
fn gen_srs_for_testing<R: RngCore + CryptoRng>(
rng: &mut R,
supported_size: usize,
) -> Result<Self, PCSError>;
Expand Down
Loading