Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[easy] develop counterpart of PR#2590 #2756

Merged
merged 4 commits into from
Nov 14, 2024
Merged

[easy] develop counterpart of PR#2590 #2756

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2cd875b
fix mismatch in number of zk rows in error message
querolita Sep 23, 2024
424810a
constants for default values
querolita Sep 23, 2024
f585647
adding comments for better understanding of the strict lower bound on…
querolita Sep 30, 2024
0f1718b
cargo fmt
querolita Sep 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions kimchi/src/circuits/constraints.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -639,6 +639,22 @@ impl<F: PrimeField> ConstraintSystem<F> {
}
}

/// The default number of chunks in a circuit is one (< 2^16 rows)
pub const NUM_CHUNKS_BY_DEFAULT: usize = 1;

/// The number of rows required for zero knowledge in circuits with one single chunk
pub const ZK_ROWS_BY_DEFAULT: u64 = 3;

/// This function computes a strict lower bound in the number of rows required
/// for zero knowledge in circuits with `num_chunks` chunks. This means that at
/// least one needs 1 more row than the result of this function to achieve zero
/// knowledge.
/// Example:
/// for 1 chunk, this function returns 2, but at least 3 rows are needed
/// Note:
/// the number of zero knowledge rows is usually computed across the codebase
/// as the formula `(16 * num_chunks + 5) / 7`, which is precisely the formula
/// in this function plus one.
pub fn zk_rows_strict_lower_bound(num_chunks: usize) -> usize {
(2 * (PERMUTS + 1) * num_chunks - 2) / PERMUTS
}
Expand Down
12 changes: 10 additions & 2 deletions kimchi/src/prover.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -210,9 +210,17 @@ where
.ok_or(ProverError::NoRoomForZkInWitness)?;

let zero_knowledge_limit = zk_rows_strict_lower_bound(num_chunks);
if (index.cs.zk_rows as usize) < zero_knowledge_limit {
// Because the lower bound is strict, the result of the function above
// is not a sufficient number of zero knowledge rows, so the error must
// be raised anytime the number of zero knowledge rows is not greater
// than the strict lower bound.
// Example:
// for 1 chunk, `zero_knowledge_limit` is 2, and we need at least 3,
// thus the error should be raised and the message should say that the
// expected number of zero knowledge rows is 3 (hence the + 1).
if (index.cs.zk_rows as usize) <= zero_knowledge_limit {
return Err(ProverError::NotZeroKnowledge(
zero_knowledge_limit,
zero_knowledge_limit + 1,
index.cs.zk_rows as usize,
));
}
Expand Down