tools: misc improvements (#83)

* cache params in target folder

* store & verify sequential proofs

* default base to seq-16

* default to release build

* prohibit "debug" profile

* improve pcd docs

* typo

* quick proof store

* doc tests

config/Cargo.toml

@@ -13,7 +13,6 @@ categories = { workspace = true }
 serde = { version = "1.0", features = ["derive"] }
 serde_wrapper = { path = "./serde_wrapper" }
 config = { version = "0.13.4", default-features = false }
-dotenvy = { version = "0.15.7" }
 
 url = { version = "2.5.0", features = ["serde"] }
 

config/bases/vm.toml

@@ -1,3 +1,3 @@
 [vm]
-k = 1             # number of NexusVM instructions proved per Nova folding step.
-nova_impl = "par" # IVC implementation to be used, should be one of "seq" (sequential), "par" (parallel).
+k = 16            # number of NexusVM instructions proved per Nova folding step.
+nova_impl = "seq" # IVC implementation to be used, should be one of "seq" (sequential), "par" (parallel).

config/src/error.rs

@@ -3,7 +3,6 @@ use std::fmt::{Display, Formatter};
 #[derive(Debug)]
 pub enum Error {
     Config(config::ConfigError),
-    DotEnv(dotenvy::Error),
 }
 
 impl From<config::ConfigError> for Error {
@@ -12,17 +11,10 @@ impl From<config::ConfigError> for Error {
     }
 }
 
-impl From<dotenvy::Error> for Error {
-    fn from(err: dotenvy::Error) -> Self {
-        Self::DotEnv(err)
-    }
-}
-
 impl Display for Error {
     fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
         match self {
             Error::Config(err) => write!(f, "{err}"),
-            Error::DotEnv(err) => write!(f, "{err}"),
         }
     }
 }
@@ -31,7 +23,6 @@ impl std::error::Error for Error {
     fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
         match self {
             Error::Config(err) => err.source(),
-            Error::DotEnv(err) => err.source(),
         }
     }
 }

config/src/lib.rs

@@ -12,17 +12,15 @@ pub trait Config: DeserializeOwned {
     const PREFIX: &'static str;
 
     fn from_env() -> Result<Self, Error> {
-        let prefix =
-            &[constants::CONFIG_ENV_PREFIX, Self::PREFIX].join(constants::CONFIG_SEPARATOR);
-
-        let _result = dotenvy::from_path(constants::CONFIG_ENV_PATH);
-        // don't bail in tests to keep them isolated from env files.
-        #[cfg(not(test))]
-        _result?;
+        let prefix = if Self::PREFIX.is_empty() {
+            constants::CONFIG_ENV_PREFIX.to_owned()
+        } else {
+            [constants::CONFIG_ENV_PREFIX, Self::PREFIX].join(constants::CONFIG_SEPARATOR)
+        };
 
         Ok(config::Config::builder()
             .add_source(
-                config::Environment::with_prefix(prefix).separator(constants::CONFIG_SEPARATOR),
+                config::Environment::with_prefix(&prefix).separator(constants::CONFIG_SEPARATOR),
             )
             .build()?
             .try_deserialize()?)

config/src/misc.rs

@@ -1,24 +1,27 @@
 use std::path::PathBuf;
 
-use super::{Config, Error};
+use super::Config;
 
 #[derive(serde_wrapper::Deserialize)]
 pub struct MiscConfig {
-    pub cache_path: PathBuf,
+    pub cache: PathBuf,
 }
 
+// NOTE: there's no base value for cache path -- cli reuse workspace target directory for simplicity.
+//
+// Subject to change.
 impl Config for MiscConfig {
-    const PREFIX: &'static str = "MISC";
+    const PREFIX: &'static str = "";
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn read_config() {
+        std::env::set_var("NEXUS_CACHE", "/dev/null");
 
-    fn from_env() -> Result<Self, Error> {
-        // NOTE: non-configurable -- hardcoded to reuse workspace target directory for simplicity.
-        //
-        // Subject to change.
-        let manifest_path: PathBuf = env!("CARGO_MANIFEST_DIR").into();
-        let cache_path = manifest_path
-            .parent()
-            .expect("parent directory not found")
-            .join("target/nexus-cache");
-        Ok(Self { cache_path })
+        <MiscConfig as Config>::from_env().unwrap();
     }
 }

network/src/bin/pcdnode/workers.rs

@@ -155,7 +155,7 @@ fn prove_leaf(
         ?i,
         "proving leaf",
     );
-    let node = PCDNode::prove_step_with_commit_fn(&st.pp, &tr, i, &tr.input(i)?, |_pp, w| {
+    let node = PCDNode::prove_leaf_with_commit_fn(&st.pp, &tr, i, &tr.input(i)?, |_pp, w| {
         request_msm(rt, st, w)
     })?;
     Ok(node)
@@ -170,7 +170,7 @@ fn prove_node(
 ) -> std::result::Result<PCDNode, ProofError> {
     let tr = Tr(trace);
     let node =
-        PCDNode::prove_from_with_commit_fn(&st.pp, &tr, &l, &r, |_pp, w| request_msm(rt, st, w))?;
+        PCDNode::prove_parent_with_commit_fn(&st.pp, &tr, &l, &r, |_pp, w| request_msm(rt, st, w))?;
     Ok(node)
 }
 

network/src/pcd.rs

@@ -216,9 +216,9 @@ mod test {
     fn round_trip_node() {
         let circuit = nop_circuit(3).unwrap();
         let pp: ParPP = gen_pp(&circuit).unwrap();
-        let n0 = PCDNode::prove_step(&pp, &circuit, 0, &circuit.input(0).unwrap()).unwrap();
-        let n2 = PCDNode::prove_step(&pp, &circuit, 2, &circuit.input(2).unwrap()).unwrap();
-        let n = PCDNode::prove_from(&pp, &circuit, &n0, &n2).unwrap();
+        let n0 = PCDNode::prove_leaf(&pp, &circuit, 0, &circuit.input(0).unwrap()).unwrap();
+        let n2 = PCDNode::prove_leaf(&pp, &circuit, 2, &circuit.input(2).unwrap()).unwrap();
+        let n = PCDNode::prove_parent(&pp, &circuit, &n0, &n2).unwrap();
 
         let i = std::time::Instant::now();
         round_trip(&NodeReq(vec![(n0, circuit.0.clone())]));

nova/src/circuits/nova/pcd/compression/mod.rs

@@ -370,7 +370,7 @@ mod tests {
         .unwrap();
 
         // Now, we perform a PCD proof step and check that the resulting proof verifies.
-        let nova_proof = PCDNode::prove_step(&params, &circuit, 0, &z_0).unwrap();
+        let nova_proof = PCDNode::prove_leaf(&params, &circuit, 0, &z_0).unwrap();
         nova_proof.verify(&params).unwrap();
 
         assert_eq!(&nova_proof.z_j, &z_1);

nova/src/circuits/nova/pcd/mod.rs

@@ -1,3 +1,41 @@
+//! Cycle-fold Nova based proof carrying data construction.
+//!
+//! Similar to [IVC](super::sequential::IVCProof) each [`PCDNode`] proves a range of computing F_i,
+//! with the difference of left index possibly being non-zero.
+//!
+//! A node proving range [i; k) can be folded with another node that proves range [k; j) to build a new
+//! node with range [i; j). These indices correspond to [`PCDNode::min_step`] and [`PCDNode::max_step`].
+//! Therefore, this construction is often associated with binary tree, where the root proves the whole
+//! n steps in range [0; n).
+//!
+//! ### Example
+//!
+//! For simplicity, notating i as F_i(z_i), one can prove sequential computation
+//!
+//! 0 -> 1 -> 2 -> 3 -> 4 -> 5 -> 6
+//!
+//! as a full binary tree of pcd nodes
+//!
+//!```text
+//!              ┌───┐
+//!        ┌─────┤ 3 ├─────┐
+//!        │     └───┘     │
+//!      ┌─┴─┐           ┌─┴─┐
+//!    ┌─┤ 1 ├─┐       ┌─┤ 5 ├─┐
+//!    │ └───┘ │       │ └───┘ │
+//!  ┌─┴─┐   ┌─┴─┐   ┌─┴─┐   ┌─┴─┐
+//!  │ 0 │   │ 2 │   │ 4 │   │ 6 │
+//!  └───┘   └───┘   └───┘   └───┘
+//!```
+//!
+//! To get to the root of the tree, a prover would start with proving even steps of F_i -- leaves.
+//! Folding leaf [i; i + 1) with [i + 1; i + 2) will require prover to execute step i + 1, the output
+//! will be a parent node proving [i; i + 2).
+//!
+//! This algorithm is then applied recursively to each pair of nodes.
+//!
+//! Current implementation requires padding execution of F to next (2 ** n - 1).
+
 use std::marker::PhantomData;
 
 use ark_crypto_primitives::sponge::{
@@ -164,18 +202,18 @@ where
         self.j
     }
 
-    pub fn prove_step(
+    pub fn prove_leaf(
         params: &PublicParams<G1, G2, C1, C2, RO, SC>,
         step_circuit: &SC,
         i: usize,
         z_i: &[G1::ScalarField],
     ) -> Result<Self, cyclefold::Error> {
-        Self::prove_step_with_commit_fn(params, step_circuit, i, z_i, |pp, w| w.commit::<C1>(pp))
+        Self::prove_leaf_with_commit_fn(params, step_circuit, i, z_i, |pp, w| w.commit::<C1>(pp))
     }
 
     /// Proves step of step circuit execution and calls `commit_fn(pp, w)` to
     /// compute commitment to the witness of the augmented circuit.
-    pub fn prove_step_with_commit_fn(
+    pub fn prove_leaf_with_commit_fn(
         params: &PublicParams<G1, G2, C1, C2, RO, SC>,
         step_circuit: &SC,
         i: usize,
@@ -239,18 +277,18 @@ where
         })
     }
 
-    pub fn prove_from(
+    pub fn prove_parent(
         params: &PublicParams<G1, G2, C1, C2, RO, SC>,
         step_circuit: &SC,
         left_node: &Self,
         right_node: &Self,
     ) -> Result<Self, cyclefold::Error> {
-        Self::prove_from_with_commit_fn(params, step_circuit, left_node, right_node, |pp, w| {
+        Self::prove_parent_with_commit_fn(params, step_circuit, left_node, right_node, |pp, w| {
             w.commit::<C1>(pp)
         })
     }
 
-    pub fn prove_from_with_commit_fn(
+    pub fn prove_parent_with_commit_fn(
         params: &PublicParams<G1, G2, C1, C2, RO, SC>,
         step_circuit: &SC,
         left_node: &Self,
@@ -470,7 +508,7 @@ mod tests {
             CubicCircuit<G1::ScalarField>,
         >::setup(ro_config, &circuit, &(), &())?;
 
-        let recursive_snark = PCDNode::prove_step(&params, &circuit, 0, &z_0)?;
+        let recursive_snark = PCDNode::prove_leaf(&params, &circuit, 0, &z_0)?;
         recursive_snark.verify(&params)?;
 
         assert_eq!(&recursive_snark.z_j, &z_1);
@@ -525,10 +563,10 @@ mod tests {
             CubicCircuit<G1::ScalarField>,
         >::setup(ro_config, &circuit, &(), &())?;
 
-        let node_0 = PCDNode::prove_step(&params, &circuit, 0, z[0])?;
-        let node_1 = PCDNode::prove_step(&params, &circuit, 2, z[2])?;
+        let node_0 = PCDNode::prove_leaf(&params, &circuit, 0, z[0])?;
+        let node_1 = PCDNode::prove_leaf(&params, &circuit, 2, z[2])?;
 
-        let root = PCDNode::prove_from(&params, &circuit, &node_0, &node_1)?;
+        let root = PCDNode::prove_parent(&params, &circuit, &node_0, &node_1)?;
 
         assert_eq!(&root.z_i, &z[0]);
         assert_eq!(&root.z_j, &z[3]);