diff --git a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_circuit_builder.hpp b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_circuit_builder.hpp index 4219d344602..815659ee3aa 100644 --- a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_circuit_builder.hpp +++ b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_circuit_builder.hpp @@ -209,7 +209,8 @@ class ECCVMCircuitBuilder { [[nodiscard]] size_t get_num_gates() const { - // (issue #2218) + // TODO(https://github.com/AztecProtocol/aztec-packages/issues/2218): Reduce the amount of computation needed + // for this method return op_queue->get_num_rows(); } diff --git a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_composer.test.cpp b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_composer.test.cpp index 751f056904a..cd2db6b7124 100644 --- a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_composer.test.cpp +++ b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_composer.test.cpp @@ -14,26 +14,31 @@ #include "barretenberg/sumcheck/sumcheck_round.hpp" using namespace bb; -using G1 = bb::g1; -using Fr = bb::fr; class ECCVMComposerTests : public ::testing::Test { protected: - // TODO(640): The Standard Honk on Grumpkin test suite fails unless the SRS is initialized for every test. void SetUp() override { srs::init_grumpkin_crs_factory("../srs_db/grumpkin"); }; }; namespace { auto& engine = numeric::get_debug_randomness(); } + +/** + * @brief Adds operations in BN254 to the op_queue and then constructs and ECCVM circuit from the op_queue. + * + * @param engine + * @return ECCVMCircuitBuilder + */ ECCVMCircuitBuilder generate_circuit(numeric::RNG* engine = nullptr) { - std::shared_ptr op_queue = std::make_shared(); + using Curve = curve::BN254; + using G1 = Curve::Element; + using Fr = Curve::ScalarField; - auto generators = G1::derive_generators("test generators", 3); - - typename G1::element a = generators[0]; - typename G1::element b = generators[1]; - typename G1::element c = generators[2]; + std::shared_ptr op_queue = std::make_shared(); + G1 a = G1::random_element(engine); + G1 b = G1::random_element(engine); + G1 c = G1::random_element(engine); Fr x = Fr::random_element(engine); Fr y = Fr::random_element(engine); diff --git a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.cpp b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.cpp index 62415b77cc6..8cc715a97c5 100644 --- a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.cpp +++ b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.cpp @@ -17,120 +17,28 @@ bool ECCVMVerifier::verify_proof(const HonkProof& proof) CommitmentLabels commitment_labels; const auto circuit_size = transcript->template receive_from_prover("circuit_size"); + ASSERT(circuit_size == key->circuit_size); - if (circuit_size != key->circuit_size) { - return false; + for (auto [comm, label] : zip_view(commitments.get_wires(), commitment_labels.get_wires())) { + comm = transcript->template receive_from_prover(label); } - // Utility for extracting commitments from transcript - const auto receive_commitment = [&](const std::string& label) { - return transcript->template receive_from_prover(label); - }; - - // Get commitments to VM wires - commitments.transcript_add = receive_commitment(commitment_labels.transcript_add); - commitments.transcript_mul = receive_commitment(commitment_labels.transcript_mul); - commitments.transcript_eq = receive_commitment(commitment_labels.transcript_eq); - commitments.transcript_msm_transition = receive_commitment(commitment_labels.transcript_msm_transition); - commitments.transcript_pc = receive_commitment(commitment_labels.transcript_pc); - commitments.transcript_msm_count = receive_commitment(commitment_labels.transcript_msm_count); - commitments.transcript_Px = receive_commitment(commitment_labels.transcript_Px); - commitments.transcript_Py = receive_commitment(commitment_labels.transcript_Py); - commitments.transcript_z1 = receive_commitment(commitment_labels.transcript_z1); - commitments.transcript_z2 = receive_commitment(commitment_labels.transcript_z2); - commitments.transcript_z1zero = receive_commitment(commitment_labels.transcript_z1zero); - commitments.transcript_z2zero = receive_commitment(commitment_labels.transcript_z2zero); - commitments.transcript_op = receive_commitment(commitment_labels.transcript_op); - commitments.transcript_accumulator_x = receive_commitment(commitment_labels.transcript_accumulator_x); - commitments.transcript_accumulator_y = receive_commitment(commitment_labels.transcript_accumulator_y); - commitments.transcript_msm_x = receive_commitment(commitment_labels.transcript_msm_x); - commitments.transcript_msm_y = receive_commitment(commitment_labels.transcript_msm_y); - commitments.precompute_pc = receive_commitment(commitment_labels.precompute_pc); - commitments.precompute_point_transition = receive_commitment(commitment_labels.precompute_point_transition); - commitments.precompute_round = receive_commitment(commitment_labels.precompute_round); - commitments.precompute_scalar_sum = receive_commitment(commitment_labels.precompute_scalar_sum); - commitments.precompute_s1hi = receive_commitment(commitment_labels.precompute_s1hi); - commitments.precompute_s1lo = receive_commitment(commitment_labels.precompute_s1lo); - commitments.precompute_s2hi = receive_commitment(commitment_labels.precompute_s2hi); - commitments.precompute_s2lo = receive_commitment(commitment_labels.precompute_s2lo); - commitments.precompute_s3hi = receive_commitment(commitment_labels.precompute_s3hi); - commitments.precompute_s3lo = receive_commitment(commitment_labels.precompute_s3lo); - commitments.precompute_s4hi = receive_commitment(commitment_labels.precompute_s4hi); - commitments.precompute_s4lo = receive_commitment(commitment_labels.precompute_s4lo); - commitments.precompute_skew = receive_commitment(commitment_labels.precompute_skew); - commitments.precompute_dx = receive_commitment(commitment_labels.precompute_dx); - commitments.precompute_dy = receive_commitment(commitment_labels.precompute_dy); - commitments.precompute_tx = receive_commitment(commitment_labels.precompute_tx); - commitments.precompute_ty = receive_commitment(commitment_labels.precompute_ty); - commitments.msm_transition = receive_commitment(commitment_labels.msm_transition); - commitments.msm_add = receive_commitment(commitment_labels.msm_add); - commitments.msm_double = receive_commitment(commitment_labels.msm_double); - commitments.msm_skew = receive_commitment(commitment_labels.msm_skew); - commitments.msm_accumulator_x = receive_commitment(commitment_labels.msm_accumulator_x); - commitments.msm_accumulator_y = receive_commitment(commitment_labels.msm_accumulator_y); - commitments.msm_pc = receive_commitment(commitment_labels.msm_pc); - commitments.msm_size_of_msm = receive_commitment(commitment_labels.msm_size_of_msm); - commitments.msm_count = receive_commitment(commitment_labels.msm_count); - commitments.msm_round = receive_commitment(commitment_labels.msm_round); - commitments.msm_add1 = receive_commitment(commitment_labels.msm_add1); - commitments.msm_add2 = receive_commitment(commitment_labels.msm_add2); - commitments.msm_add3 = receive_commitment(commitment_labels.msm_add3); - commitments.msm_add4 = receive_commitment(commitment_labels.msm_add4); - commitments.msm_x1 = receive_commitment(commitment_labels.msm_x1); - commitments.msm_y1 = receive_commitment(commitment_labels.msm_y1); - commitments.msm_x2 = receive_commitment(commitment_labels.msm_x2); - commitments.msm_y2 = receive_commitment(commitment_labels.msm_y2); - commitments.msm_x3 = receive_commitment(commitment_labels.msm_x3); - commitments.msm_y3 = receive_commitment(commitment_labels.msm_y3); - commitments.msm_x4 = receive_commitment(commitment_labels.msm_x4); - commitments.msm_y4 = receive_commitment(commitment_labels.msm_y4); - commitments.msm_collision_x1 = receive_commitment(commitment_labels.msm_collision_x1); - commitments.msm_collision_x2 = receive_commitment(commitment_labels.msm_collision_x2); - commitments.msm_collision_x3 = receive_commitment(commitment_labels.msm_collision_x3); - commitments.msm_collision_x4 = receive_commitment(commitment_labels.msm_collision_x4); - commitments.msm_lambda1 = receive_commitment(commitment_labels.msm_lambda1); - commitments.msm_lambda2 = receive_commitment(commitment_labels.msm_lambda2); - commitments.msm_lambda3 = receive_commitment(commitment_labels.msm_lambda3); - commitments.msm_lambda4 = receive_commitment(commitment_labels.msm_lambda4); - commitments.msm_slice1 = receive_commitment(commitment_labels.msm_slice1); - commitments.msm_slice2 = receive_commitment(commitment_labels.msm_slice2); - commitments.msm_slice3 = receive_commitment(commitment_labels.msm_slice3); - commitments.msm_slice4 = receive_commitment(commitment_labels.msm_slice4); - commitments.transcript_accumulator_empty = receive_commitment(commitment_labels.transcript_accumulator_empty); - commitments.transcript_reset_accumulator = receive_commitment(commitment_labels.transcript_reset_accumulator); - commitments.precompute_select = receive_commitment(commitment_labels.precompute_select); - commitments.lookup_read_counts_0 = receive_commitment(commitment_labels.lookup_read_counts_0); - commitments.lookup_read_counts_1 = receive_commitment(commitment_labels.lookup_read_counts_1); - commitments.transcript_base_infinity = receive_commitment(commitment_labels.transcript_base_infinity); - commitments.transcript_base_x_inverse = receive_commitment(commitment_labels.transcript_base_x_inverse); - commitments.transcript_base_y_inverse = receive_commitment(commitment_labels.transcript_base_y_inverse); - commitments.transcript_add_x_equal = receive_commitment(commitment_labels.transcript_add_x_equal); - commitments.transcript_add_y_equal = receive_commitment(commitment_labels.transcript_add_y_equal); - commitments.transcript_add_lambda = receive_commitment(commitment_labels.transcript_add_lambda); - commitments.transcript_msm_intermediate_x = receive_commitment(commitment_labels.transcript_msm_intermediate_x); - commitments.transcript_msm_intermediate_y = receive_commitment(commitment_labels.transcript_msm_intermediate_y); - commitments.transcript_msm_infinity = receive_commitment(commitment_labels.transcript_msm_infinity); - commitments.transcript_msm_x_inverse = receive_commitment(commitment_labels.transcript_msm_x_inverse); - commitments.transcript_msm_count_zero_at_transition = - receive_commitment(commitment_labels.transcript_msm_count_zero_at_transition); - commitments.transcript_msm_count_at_transition_inverse = - receive_commitment(commitment_labels.transcript_msm_count_at_transition_inverse); - // Get challenge for sorted list batching and wire four memory records auto [beta, gamma] = transcript->template get_challenges("beta", "gamma"); - relation_parameters.gamma = gamma; auto beta_sqr = beta * beta; + relation_parameters.gamma = gamma; relation_parameters.beta = beta; - relation_parameters.beta_sqr = beta_sqr; + relation_parameters.beta_sqr = beta * beta; relation_parameters.beta_cube = beta_sqr * beta; relation_parameters.eccvm_set_permutation_delta = gamma * (gamma + beta_sqr) * (gamma + beta_sqr + beta_sqr) * (gamma + beta_sqr + beta_sqr + beta_sqr); relation_parameters.eccvm_set_permutation_delta = relation_parameters.eccvm_set_permutation_delta.invert(); // Get commitment to permutation and lookup grand products - commitments.lookup_inverses = receive_commitment(commitment_labels.lookup_inverses); - commitments.z_perm = receive_commitment(commitment_labels.z_perm); + commitments.lookup_inverses = + transcript->template receive_from_prover(commitment_labels.lookup_inverses); + commitments.z_perm = transcript->template receive_from_prover(commitment_labels.z_perm); // Execute Sumcheck Verifier const size_t log_circuit_size = numeric::get_msb(circuit_size); @@ -160,7 +68,7 @@ bool ECCVMVerifier::verify_proof(const HonkProof& proof) // TODO(#768): Find a better way to do this. See issue for details. bool univariate_opening_verified = false; { - auto hack_commitment = receive_commitment("Translation:hack_commitment"); + auto hack_commitment = transcript->template receive_from_prover("Translation:hack_commitment"); FF evaluation_challenge_x = transcript->template get_challenge("Translation:evaluation_challenge_x"); diff --git a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.hpp b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.hpp index 5ef29beff58..10e49d08a76 100644 --- a/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.hpp +++ b/barretenberg/cpp/src/barretenberg/eccvm/eccvm_verifier.hpp @@ -26,7 +26,6 @@ class ECCVMVerifier { std::shared_ptr key; std::map commitments; - std::map pcs_fr_elements; std::shared_ptr transcript; }; } // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/eccvm_recursion/CMakeLists.txt b/barretenberg/cpp/src/barretenberg/eccvm_recursion/CMakeLists.txt index 622d5d6f89b..f97e8aa23cb 100644 --- a/barretenberg/cpp/src/barretenberg/eccvm_recursion/CMakeLists.txt +++ b/barretenberg/cpp/src/barretenberg/eccvm_recursion/CMakeLists.txt @@ -1 +1 @@ -barretenberg_module(eccvm_recursion eccvm stdlib_circuit_builders stdlib_primitives) \ No newline at end of file +barretenberg_module(eccvm_recursion eccvm stdlib_honk_recursion) diff --git a/barretenberg/cpp/src/barretenberg/eccvm_recursion/ecc_bools_relation.cpp b/barretenberg/cpp/src/barretenberg/eccvm_recursion/ecc_bools_relation.cpp new file mode 100644 index 00000000000..e75efef6059 --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/eccvm_recursion/ecc_bools_relation.cpp @@ -0,0 +1,11 @@ +#include "barretenberg/eccvm_recursion/eccvm_recursive_flavor.hpp" +#include "barretenberg/flavor/relation_definitions.hpp" +#include "barretenberg/relations/ecc_vm/ecc_bools_relation_impl.hpp" +#include "barretenberg/stdlib/primitives/bigfield/bigfield.hpp" + +namespace bb { +template class ECCVMBoolsRelationImpl>; +template class ECCVMBoolsRelationImpl>; +DEFINE_SUMCHECK_VERIFIER_RELATION_CLASS(ECCVMBoolsRelationImpl, ECCVMRecursiveFlavor_); +DEFINE_SUMCHECK_VERIFIER_RELATION_CLASS(ECCVMBoolsRelationImpl, ECCVMRecursiveFlavor_); +} // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/eccvm_recursion/ecc_relation_consistency.test.cpp b/barretenberg/cpp/src/barretenberg/eccvm_recursion/ecc_relation_consistency.test.cpp index 34bce8fe117..50bf77b1084 100644 --- a/barretenberg/cpp/src/barretenberg/eccvm_recursion/ecc_relation_consistency.test.cpp +++ b/barretenberg/cpp/src/barretenberg/eccvm_recursion/ecc_relation_consistency.test.cpp @@ -55,5 +55,6 @@ TEST_F(EccRelationsConsistency, RecursiveToNativeConsistency) validate_relation_execution(); validate_relation_execution(); validate_relation_execution(); + validate_relation_execution(); } } // namespace bb \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_flavor.hpp b/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_flavor.hpp index a75e8053765..0a8c774e613 100644 --- a/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_flavor.hpp @@ -14,6 +14,7 @@ #include "barretenberg/relations/ecc_vm/ecc_wnaf_relation.hpp" #include "barretenberg/relations/relation_parameters.hpp" #include "barretenberg/stdlib/honk_recursion/transcript/transcript.hpp" +#include "barretenberg/stdlib/primitives/curves/grumpkin.hpp" // NOLINTBEGIN(cppcoreguidelines-avoid-const-or-ref-data-members) ? @@ -22,8 +23,10 @@ namespace bb { template class ECCVMRecursiveFlavor_ { public: using CircuitBuilder = BuilderType; // determines the arithmetisation of recursive verifier - using FF = stdlib::bigfield; - using BF = stdlib::field_t; + using Curve = stdlib::grumpkin; + using Commitment = Curve::AffineElement; + using FF = Curve::ScalarField; + using BF = Curve::BaseField; using RelationSeparator = FF; using NativeFlavor = ECCVMFlavor; using NativeVerificationKey = NativeFlavor::VerificationKey; @@ -70,6 +73,59 @@ template class ECCVMRecursiveFlavor_ { using Base::Base; }; + using VerifierCommitmentKey = bb::VerifierCommitmentKey; + /** + * @brief The verification key is responsible for storing the the commitments to the precomputed (non-witness) + * polynomials used by the verifier. + * + * @note Note the discrepancy with what sort of data is stored here vs in the proving key. We may want to + * resolve that, and split out separate PrecomputedPolynomials/Commitments data for clarity but also for + * portability of our circuits. + */ + class VerificationKey + : public VerificationKey_, VerifierCommitmentKey> { + public: + VerificationKey(const size_t circuit_size, const size_t num_public_inputs) + { + this->circuit_size = circuit_size; + this->log_circuit_size = numeric::get_msb(circuit_size); + this->num_public_inputs = num_public_inputs; + }; + + /** + * @brief Construct a new Verification Key with stdlib types from a provided native verification + * key + * + * @param builder + * @param native_key Native verification key from which to extract the precomputed commitments + */ + + VerificationKey(CircuitBuilder* builder, const std::shared_ptr& native_key) + { + this->pcs_verification_key = std::make_shared( + builder, native_key->circuit_size, native_key->pcs_verification_key); + this->circuit_size = native_key->circuit_size; + this->log_circuit_size = numeric::get_msb(this->circuit_size); + this->num_public_inputs = native_key->num_public_inputs; + this->pub_inputs_offset = native_key->pub_inputs_offset; + + for (auto [native_commitment, commitment] : zip_view(native_key->get_all(), this->get_all())) { + commitment = Commitment::from_witness(builder, native_commitment); + } + } + }; + + /** + * @brief A container for the witness commitments. + */ + using WitnessCommitments = ECCVMFlavor::WitnessEntities; + + using CommitmentLabels = ECCVMFlavor::CommitmentLabels; + // Reuse the VerifierCommitments from ECCVM + using VerifierCommitments = ECCVMFlavor::VerifierCommitments_; + // Reuse the transcript from ECCVM + using Transcript = bb::BaseTranscript>; + }; // NOLINTEND(cppcoreguidelines-avoid-const-or-ref-data-members) } // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_verifier.cpp b/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_verifier.cpp new file mode 100644 index 00000000000..0e976b35bd5 --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_verifier.cpp @@ -0,0 +1,70 @@ +#include "./eccvm_recursive_verifier.hpp" +#include "barretenberg/commitment_schemes/zeromorph/zeromorph.hpp" +#include "barretenberg/sumcheck/sumcheck.hpp" +#include "barretenberg/transcript/transcript.hpp" + +namespace bb { + +template +ECCVMRecursiveVerifier_::ECCVMRecursiveVerifier_( + Builder* builder, const std::shared_ptr& native_verifier_key) + : key(std::make_shared(builder, native_verifier_key)) + , builder(builder) +{} + +/** + * @brief This function verifies an ECCVM Honk proof for given program settings up to sumcheck. + */ +// TODO(https://github.com/AztecProtocol/barretenberg/issues/1007): Finish this +template void ECCVMRecursiveVerifier_::verify_proof(const HonkProof& proof) +{ + + RelationParameters relation_parameters; + + StdlibProof stdlib_proof = bb::convert_proof_to_witness(builder, proof); + transcript = std::make_shared(stdlib_proof); + + VerifierCommitments commitments{ key }; + CommitmentLabels commitment_labels; + + const auto circuit_size = transcript->template receive_from_prover("circuit_size"); + for (auto [comm, label] : zip_view(commitments.get_wires(), commitment_labels.get_wires())) { + comm = transcript->template receive_from_prover(label); + } + + // Get challenge for sorted list batching and wire four memory records + auto [beta, gamma] = transcript->template get_challenges("beta", "gamma"); + + auto beta_sqr = beta * beta; + + relation_parameters.gamma = gamma; + relation_parameters.beta = beta; + relation_parameters.beta_sqr = beta * beta; + relation_parameters.beta_cube = beta_sqr * beta; + relation_parameters.eccvm_set_permutation_delta = + gamma * (gamma + beta_sqr) * (gamma + beta_sqr + beta_sqr) * (gamma + beta_sqr + beta_sqr + beta_sqr); + relation_parameters.eccvm_set_permutation_delta = relation_parameters.eccvm_set_permutation_delta.invert(); + + // Get commitment to permutation and lookup grand products + commitments.lookup_inverses = + transcript->template receive_from_prover(commitment_labels.lookup_inverses); + commitments.z_perm = transcript->template receive_from_prover(commitment_labels.z_perm); + + // Execute Sumcheck Verifier + // TODO(https://github.com/AztecProtocol/barretenberg/issues/1009): probably the size of this should be fixed to the + // maximum possible size of an ECCVM circuit otherwise we might run into problem because the number of rounds of + // sumcheck is dependent on circuit size. + const size_t log_circuit_size = numeric::get_msb(static_cast(circuit_size.get_value())); + auto sumcheck = SumcheckVerifier(log_circuit_size, transcript, FF(0)); + FF alpha = transcript->template get_challenge("Sumcheck:alpha"); + std::vector gate_challenges(static_cast(numeric::get_msb(key->circuit_size))); + for (size_t idx = 0; idx < gate_challenges.size(); idx++) { + gate_challenges[idx] = transcript->template get_challenge("Sumcheck:gate_challenge_" + std::to_string(idx)); + } + + auto [multivariate_challenge, claimed_evaluations, sumcheck_verified] = + sumcheck.verify(relation_parameters, alpha, gate_challenges); +} + +template class ECCVMRecursiveVerifier_>; +} // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_verifier.hpp b/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_verifier.hpp new file mode 100644 index 00000000000..1b5c1386054 --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_verifier.hpp @@ -0,0 +1,31 @@ +#pragma once +#include "barretenberg/eccvm_recursion/eccvm_recursive_flavor.hpp" + +namespace bb { +template class ECCVMRecursiveVerifier_ { + using FF = typename Flavor::FF; + using BF = typename Flavor::BF; + using Curve = typename Flavor::Curve; + using Commitment = typename Flavor::Commitment; + using CommitmentLabels = typename Flavor::CommitmentLabels; + using VerificationKey = typename Flavor::VerificationKey; + using NativeVerificationKey = typename Flavor::NativeVerificationKey; + using VerifierCommitmentKey = typename Flavor::VerifierCommitmentKey; + using Builder = typename Flavor::CircuitBuilder; + // using PCS = typename Flavor::PCS; + using Transcript = bb::BaseTranscript>; + using VerifierCommitments = typename Flavor::VerifierCommitments; // dunno if I need thos + public: + explicit ECCVMRecursiveVerifier_(Builder* builder, + const std::shared_ptr& native_verifier_key); + + // TODO(https://github.com/AztecProtocol/barretenberg/issues/991): switch recursive verifiers to StdlibProof + void verify_proof(const HonkProof& proof); + + std::shared_ptr key; + std::map commitments; + + Builder* builder; + std::shared_ptr transcript; +}; +} // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_verifier.test.cpp new file mode 100644 index 00000000000..ed9a6b02f79 --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/eccvm_recursion/eccvm_recursive_verifier.test.cpp @@ -0,0 +1,139 @@ +#include "barretenberg/eccvm_recursion/eccvm_recursive_verifier.hpp" +#include "barretenberg/eccvm/eccvm_prover.hpp" +#include "barretenberg/eccvm/eccvm_verifier.hpp" +#include "barretenberg/ultra_honk/ultra_prover.hpp" +#include "barretenberg/ultra_honk/ultra_verifier.hpp" + +#include + +namespace { +auto& engine = bb::numeric::get_debug_randomness(); +} +namespace bb { +template class ECCVMRecursiveTests : public ::testing::Test { + public: + using InnerFlavor = typename RecursiveFlavor::NativeFlavor; + using InnerBuilder = typename InnerFlavor::CircuitBuilder; + using InnerProver = ECCVMProver; + using InnerVerifier = ECCVMVerifier; + using InnerG1 = InnerFlavor::Commitment; + using InnerFF = InnerFlavor::FF; + using InnerBF = InnerFlavor::BF; + + using RecursiveVerifier = ECCVMRecursiveVerifier_; + + using OuterBuilder = typename RecursiveFlavor::CircuitBuilder; + using OuterFlavor = std::conditional_t, MegaFlavor, UltraFlavor>; + using OuterProver = UltraProver_; + using OuterVerifier = UltraVerifier_; + using OuterProverInstance = ProverInstance_; + static void SetUpTestSuite() + { + srs::init_grumpkin_crs_factory("../srs_db/grumpkin"); + bb::srs::init_crs_factory("../srs_db/ignition"); + } + + /** + * @brief Adds operations in BN254 to the op_queue and then constructs and ECCVM circuit from the op_queue. + * + * @param engine + * @return ECCVMCircuitBuilder + */ + static InnerBuilder generate_circuit(numeric::RNG* engine = nullptr) + { + using Curve = curve::BN254; + using G1 = Curve::Element; + using Fr = Curve::ScalarField; + + std::shared_ptr op_queue = std::make_shared(); + G1 a = G1::random_element(engine); + G1 b = G1::random_element(engine); + G1 c = G1::random_element(engine); + Fr x = Fr::random_element(engine); + Fr y = Fr::random_element(engine); + + op_queue->add_accumulate(a); + op_queue->mul_accumulate(a, x); + op_queue->mul_accumulate(b, x); + op_queue->mul_accumulate(b, y); + op_queue->add_accumulate(a); + op_queue->mul_accumulate(b, x); + op_queue->eq_and_reset(); + op_queue->add_accumulate(c); + op_queue->mul_accumulate(a, x); + op_queue->mul_accumulate(b, x); + op_queue->eq_and_reset(); + op_queue->mul_accumulate(a, x); + op_queue->mul_accumulate(b, x); + op_queue->mul_accumulate(c, x); + InnerBuilder builder{ op_queue }; + return builder; + } + + static void test_recursive_verification() + { + InnerBuilder builder = generate_circuit(&engine); + InnerProver prover(builder); + auto proof = prover.construct_proof(); + auto verification_key = std::make_shared(prover.key); + + OuterBuilder outer_circuit; + RecursiveVerifier verifier{ &outer_circuit, verification_key }; + verifier.verify_proof(proof); + info("Recursive Verifier: num gates = ", outer_circuit.num_gates); + + // Check for a failure flag in the recursive verifier circuit + EXPECT_EQ(outer_circuit.failed(), false) << outer_circuit.err(); + + // Ensure verification key is the same + EXPECT_EQ(verifier.key->circuit_size, verification_key->circuit_size); + EXPECT_EQ(verifier.key->log_circuit_size, verification_key->log_circuit_size); + EXPECT_EQ(verifier.key->num_public_inputs, verification_key->num_public_inputs); + for (auto [vk_poly, native_vk_poly] : zip_view(verifier.key->get_all(), verification_key->get_all())) { + EXPECT_EQ(vk_poly.get_value(), native_vk_poly); + } + + // Construct a full proof from the recursive verifier circuit + { + auto instance = std::make_shared(outer_circuit); + OuterProver prover(instance); + auto verification_key = std::make_shared(instance->proving_key); + OuterVerifier verifier(verification_key); + auto proof = prover.construct_proof(); + bool verified = verifier.verify_proof(proof); + + ASSERT(verified); + } + } + + static void test_recursive_verification_failure() + { + InnerBuilder builder = generate_circuit(&engine); + builder.op_queue->add_erroneous_equality_op_for_testing(); + InnerProver prover(builder); + auto proof = prover.construct_proof(); + auto verification_key = std::make_shared(prover.key); + + OuterBuilder outer_circuit; + RecursiveVerifier verifier{ &outer_circuit, verification_key }; + verifier.verify_proof(proof); + info("Recursive Verifier: num gates = ", outer_circuit.num_gates); + + // Check for a failure flag in the recursive verifier circuit + EXPECT_EQ(outer_circuit.failed(), true) << outer_circuit.err(); + } +}; +using FlavorTypes = testing::Types>; + +TYPED_TEST_SUITE(ECCVMRecursiveTests, FlavorTypes); + +TYPED_TEST(ECCVMRecursiveTests, SingleRecursiveVerification) +{ + TestFixture::test_recursive_verification(); +}; + +TYPED_TEST(ECCVMRecursiveTests, SingleRecursiveVerificationFailure) +{ + TestFixture::test_recursive_verification_failure(); +}; +} // namespace bb \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/eccvm_recursion/verifier_commitment_key.hpp b/barretenberg/cpp/src/barretenberg/eccvm_recursion/verifier_commitment_key.hpp index ff981670ef7..66331ed20c8 100644 --- a/barretenberg/cpp/src/barretenberg/eccvm_recursion/verifier_commitment_key.hpp +++ b/barretenberg/cpp/src/barretenberg/eccvm_recursion/verifier_commitment_key.hpp @@ -9,20 +9,22 @@ namespace bb { * * @tparam Builder */ -template class VerifierCommitmentKey> { +template class VerifierCommitmentKey { + using Builder = Curve::Builder; using Commitment = stdlib::cycle_group; + using NativeEmbeddedCurve = typename Builder::EmbeddedCurve; public: /** - * @brief Construct a new Verifier Commitment Key object from its native counterpart. instantiated on Grumpkin. This - * will potentially be part of the ECCVMRecursiveFlavor once implemented. + * @brief Construct a new Verifier Commitment Key object from its native counterpart. instantiated on Grumpkin. + * This will potentially be part of the ECCVMRecursiveFlavor once implemented. * - * @details The Grumpkin SRS points will be initialised as constants in the circuit but might be subsequently turned - * into constant witnesses to make operations in the circuit more efficient. + * @details The Grumpkin SRS points will be initialised as constants in the circuit but might be subsequently + * turned into constant witnesses to make operations in the circuit more efficient. */ VerifierCommitmentKey([[maybe_unused]] Builder* builder, size_t num_points, - std::shared_ptr>& native_pcs_verification_key) + std::shared_ptr>& native_pcs_verification_key) : first_g1(Commitment(native_pcs_verification_key->get_first_g1())) { diff --git a/barretenberg/cpp/src/barretenberg/eccvm_recursion/verifier_commitment_key.test.cpp b/barretenberg/cpp/src/barretenberg/eccvm_recursion/verifier_commitment_key.test.cpp index e7b2c49d102..de430c13cc6 100644 --- a/barretenberg/cpp/src/barretenberg/eccvm_recursion/verifier_commitment_key.test.cpp +++ b/barretenberg/cpp/src/barretenberg/eccvm_recursion/verifier_commitment_key.test.cpp @@ -2,10 +2,12 @@ #include "barretenberg/eccvm_recursion/verifier_commitment_key.hpp" #include namespace bb { -template class RecursiveVeriferCommitmentKeyTest : public testing::Test { +template class RecursiveVeriferCommitmentKeyTest : public testing::Test { public: - using native_VK = VerifierCommitmentKey; - using VK = VerifierCommitmentKey>; + using Builder = typename Curve::Builder; + using NativeEmbeddedCurve = Builder::EmbeddedCurve; + using native_VK = VerifierCommitmentKey; + using VK = VerifierCommitmentKey; static void SetUpTestSuite() { srs::init_crs_factory("../srs_db/ignition"); @@ -31,9 +33,9 @@ template class RecursiveVeriferCommitmentKeyTest : public tes } }; -using Builders = testing::Types; +using Curves = testing::Types, stdlib::bn254>; -TYPED_TEST_SUITE(RecursiveVeriferCommitmentKeyTest, Builders); +TYPED_TEST_SUITE(RecursiveVeriferCommitmentKeyTest, Curves); TYPED_TEST(RecursiveVeriferCommitmentKeyTest, EqualityTest) { diff --git a/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp b/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp index ca4e787faa7..301597a6299 100644 --- a/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/flavor/flavor.hpp @@ -176,6 +176,7 @@ class ProvingKeyAvm_ : public PrecomputedPolynomials, public WitnessPolynomials * @brief Base verification key class. * * @tparam PrecomputedEntities An instance of PrecomputedEntities_ with affine_element data type and handle type. + * @tparam VerifierCommitmentKey The PCS verification key */ template class VerificationKey_ : public PrecomputedCommitments { @@ -314,6 +315,7 @@ class TranslatorFlavor; template class UltraRecursiveFlavor_; template class MegaRecursiveFlavor_; template class TranslatorRecursiveFlavor_; +template class ECCVMRecursiveFlavor_; } // namespace bb // Forward declare plonk flavors @@ -357,8 +359,14 @@ concept IsRecursiveFlavor = IsAnyOf, UltraRecursiveFlavor_, MegaRecursiveFlavor_, - MegaRecursiveFlavor_ -,MegaRecursiveFlavor_, TranslatorRecursiveFlavor_, TranslatorRecursiveFlavor_, TranslatorRecursiveFlavor_>; + MegaRecursiveFlavor_, +MegaRecursiveFlavor_, +TranslatorRecursiveFlavor_, +TranslatorRecursiveFlavor_, +TranslatorRecursiveFlavor_, +ECCVMRecursiveFlavor_>; + +template concept IsECCVMRecursiveFlavor = IsAnyOf>; template concept IsGrumpkinFlavor = IsAnyOf; diff --git a/barretenberg/cpp/src/barretenberg/relations/ecc_vm/ecc_bools_relation.cpp b/barretenberg/cpp/src/barretenberg/relations/ecc_vm/ecc_bools_relation.cpp index 6d765c8a3c4..539b6e6cd6d 100644 --- a/barretenberg/cpp/src/barretenberg/relations/ecc_vm/ecc_bools_relation.cpp +++ b/barretenberg/cpp/src/barretenberg/relations/ecc_vm/ecc_bools_relation.cpp @@ -1,74 +1,9 @@ -#include -#include - -#include "./ecc_bools_relation.hpp" +#include "./ecc_bools_relation_impl.hpp" +#include "barretenberg/ecc/curves/grumpkin/grumpkin.hpp" #include "barretenberg/eccvm/eccvm_flavor.hpp" #include "barretenberg/flavor/relation_definitions.hpp" namespace bb { - -/** - * @brief ECCVMBoolsRelationImpl evaluates the correctness of ECCVM boolean checks - * - * @details There are a lot of columns in ECCVM that are boolean. As these are all low-degree we place them in a - * separate relation class - * @tparam FF - * @tparam ContainerOverSubrelations - * @tparam AllEntities - * @tparam Parameters - */ -template -template -void ECCVMBoolsRelationImpl::accumulate(ContainerOverSubrelations& accumulator, - const AllEntities& in, - const Parameters& /*unused*/, - const FF& scaling_factor) -{ - using Accumulator = typename std::tuple_element_t<0, ContainerOverSubrelations>; - using View = typename Accumulator::View; - - auto z1_zero = View(in.transcript_z1zero); - auto z2_zero = View(in.transcript_z2zero); - auto msm_count_zero_at_transition = View(in.transcript_msm_count_zero_at_transition); - auto q_add = View(in.transcript_add); - auto q_mul = View(in.transcript_mul); - auto q_eq = View(in.transcript_eq); - auto transcript_msm_transition = View(in.transcript_msm_transition); - auto is_accumulator_empty = View(in.transcript_accumulator_empty); - auto q_reset_accumulator = View(in.transcript_reset_accumulator); - auto transcript_Pinfinity = View(in.transcript_base_infinity); - auto transcript_msm_infinity = View(in.transcript_msm_infinity); - auto transcript_add_x_equal = View(in.transcript_add_x_equal); - auto transcript_add_y_equal = View(in.transcript_add_y_equal); - auto precompute_point_transition = View(in.precompute_point_transition); - auto msm_transition = View(in.msm_transition); - auto msm_add = View(in.msm_add); - auto msm_double = View(in.msm_double); - auto msm_skew = View(in.msm_skew); - auto precompute_select = View(in.precompute_select); - - std::get<0>(accumulator) += q_eq * (q_eq - 1) * scaling_factor; - std::get<1>(accumulator) += q_add * (q_add - 1) * scaling_factor; - std::get<2>(accumulator) += q_mul * (q_mul - 1) * scaling_factor; - std::get<3>(accumulator) += q_reset_accumulator * (q_reset_accumulator - 1) * scaling_factor; - std::get<4>(accumulator) += transcript_msm_transition * (transcript_msm_transition - 1) * scaling_factor; - std::get<5>(accumulator) += is_accumulator_empty * (is_accumulator_empty - 1) * scaling_factor; - std::get<6>(accumulator) += z1_zero * (z1_zero - 1) * scaling_factor; - std::get<7>(accumulator) += z2_zero * (z2_zero - 1) * scaling_factor; - std::get<8>(accumulator) += transcript_add_x_equal * (transcript_add_x_equal - 1) * scaling_factor; - std::get<9>(accumulator) += transcript_add_y_equal * (transcript_add_y_equal - 1) * scaling_factor; - std::get<10>(accumulator) += transcript_Pinfinity * (transcript_Pinfinity - 1) * scaling_factor; - std::get<11>(accumulator) += transcript_msm_infinity * (transcript_msm_infinity - 1) * scaling_factor; - std::get<12>(accumulator) += msm_count_zero_at_transition * (msm_count_zero_at_transition - 1) * scaling_factor; - std::get<13>(accumulator) += msm_transition * (msm_transition - 1) * scaling_factor; - std::get<14>(accumulator) += precompute_point_transition * (precompute_point_transition - 1) * scaling_factor; - std::get<15>(accumulator) += msm_add * (msm_add - 1) * scaling_factor; - std::get<16>(accumulator) += msm_double * (msm_double - 1) * scaling_factor; - std::get<17>(accumulator) += msm_skew * (msm_skew - 1) * scaling_factor; - std::get<18>(accumulator) += precompute_select * (precompute_select - 1) * scaling_factor; -} - template class ECCVMBoolsRelationImpl; DEFINE_SUMCHECK_RELATION_CLASS(ECCVMBoolsRelationImpl, ECCVMFlavor); - -} // namespace bb +} // namespace bb \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/relations/ecc_vm/ecc_bools_relation_impl.hpp b/barretenberg/cpp/src/barretenberg/relations/ecc_vm/ecc_bools_relation_impl.hpp new file mode 100644 index 00000000000..4dafd0a0f38 --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/relations/ecc_vm/ecc_bools_relation_impl.hpp @@ -0,0 +1,70 @@ + +#pragma once +#include +#include + +#include "./ecc_bools_relation.hpp" + +namespace bb { + +/** + * @brief ECCVMBoolsRelationImpl evaluates the correctness of ECCVM boolean checks + * + * @details There are a lot of columns in ECCVM that are boolean. As these are all low-degree we place them in a + * separate relation class + * @tparam FF + * @tparam ContainerOverSubrelations + * @tparam AllEntities + * @tparam Parameters + */ +template +template +void ECCVMBoolsRelationImpl::accumulate(ContainerOverSubrelations& accumulator, + const AllEntities& in, + const Parameters& /*unused*/, + const FF& scaling_factor) +{ + using Accumulator = typename std::tuple_element_t<0, ContainerOverSubrelations>; + using View = typename Accumulator::View; + + auto z1_zero = View(in.transcript_z1zero); + auto z2_zero = View(in.transcript_z2zero); + auto msm_count_zero_at_transition = View(in.transcript_msm_count_zero_at_transition); + auto q_add = View(in.transcript_add); + auto q_mul = View(in.transcript_mul); + auto q_eq = View(in.transcript_eq); + auto transcript_msm_transition = View(in.transcript_msm_transition); + auto is_accumulator_empty = View(in.transcript_accumulator_empty); + auto q_reset_accumulator = View(in.transcript_reset_accumulator); + auto transcript_Pinfinity = View(in.transcript_base_infinity); + auto transcript_msm_infinity = View(in.transcript_msm_infinity); + auto transcript_add_x_equal = View(in.transcript_add_x_equal); + auto transcript_add_y_equal = View(in.transcript_add_y_equal); + auto precompute_point_transition = View(in.precompute_point_transition); + auto msm_transition = View(in.msm_transition); + auto msm_add = View(in.msm_add); + auto msm_double = View(in.msm_double); + auto msm_skew = View(in.msm_skew); + auto precompute_select = View(in.precompute_select); + + std::get<0>(accumulator) += q_eq * (q_eq - 1) * scaling_factor; + std::get<1>(accumulator) += q_add * (q_add - 1) * scaling_factor; + std::get<2>(accumulator) += q_mul * (q_mul - 1) * scaling_factor; + std::get<3>(accumulator) += q_reset_accumulator * (q_reset_accumulator - 1) * scaling_factor; + std::get<4>(accumulator) += transcript_msm_transition * (transcript_msm_transition - 1) * scaling_factor; + std::get<5>(accumulator) += is_accumulator_empty * (is_accumulator_empty - 1) * scaling_factor; + std::get<6>(accumulator) += z1_zero * (z1_zero - 1) * scaling_factor; + std::get<7>(accumulator) += z2_zero * (z2_zero - 1) * scaling_factor; + std::get<8>(accumulator) += transcript_add_x_equal * (transcript_add_x_equal - 1) * scaling_factor; + std::get<9>(accumulator) += transcript_add_y_equal * (transcript_add_y_equal - 1) * scaling_factor; + std::get<10>(accumulator) += transcript_Pinfinity * (transcript_Pinfinity - 1) * scaling_factor; + std::get<11>(accumulator) += transcript_msm_infinity * (transcript_msm_infinity - 1) * scaling_factor; + std::get<12>(accumulator) += msm_count_zero_at_transition * (msm_count_zero_at_transition - 1) * scaling_factor; + std::get<13>(accumulator) += msm_transition * (msm_transition - 1) * scaling_factor; + std::get<14>(accumulator) += precompute_point_transition * (precompute_point_transition - 1) * scaling_factor; + std::get<15>(accumulator) += msm_add * (msm_add - 1) * scaling_factor; + std::get<16>(accumulator) += msm_double * (msm_double - 1) * scaling_factor; + std::get<17>(accumulator) += msm_skew * (msm_skew - 1) * scaling_factor; + std::get<18>(accumulator) += precompute_select * (precompute_select - 1) * scaling_factor; +} +} // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/relations/ecc_vm/ecc_transcript_relation_impl.hpp b/barretenberg/cpp/src/barretenberg/relations/ecc_vm/ecc_transcript_relation_impl.hpp index 114660f22f6..bffead6bc64 100644 --- a/barretenberg/cpp/src/barretenberg/relations/ecc_vm/ecc_transcript_relation_impl.hpp +++ b/barretenberg/cpp/src/barretenberg/relations/ecc_vm/ecc_transcript_relation_impl.hpp @@ -1,3 +1,4 @@ +#pragma once #include #include diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.hpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.hpp index c63941c8748..f8b9402435a 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.hpp @@ -75,6 +75,16 @@ template class bigfield { : bigfield(nullptr, uint256_t(native(value))) {} + // NOLINTNEXTLINE(google-runtime-int) intended behavior + bigfield(const unsigned long value) + : bigfield(nullptr, value) + {} + + // NOLINTNEXTLINE(google-runtime-int) intended behavior + bigfield(const unsigned long long value) + : bigfield(nullptr, value) + {} + /** * @brief Construct a new bigfield object from bb::fq. We first convert to uint256_t as field elements are in * Montgomery form internally. diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/curves/grumpkin.hpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/curves/grumpkin.hpp new file mode 100644 index 00000000000..66c704e9d9b --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/curves/grumpkin.hpp @@ -0,0 +1,36 @@ +#pragma once +#include "../bigfield/bigfield.hpp" +#include "../biggroup/biggroup.hpp" +#include "../field/field.hpp" +#include "barretenberg/ecc/curves/types.hpp" +#include "barretenberg/stdlib/primitives/group/cycle_group.hpp" + +namespace bb::stdlib { + +/** + * @brief Curve grumpkin in circuit setting + * + * @tparam CircuitBuilder The type of builder the curve is going to be used within + */ +template struct grumpkin { + static constexpr bool is_stdlib_type = true; + + using Builder = CircuitBuilder; + + // Stdlib types corresponding to those defined in the native description of the curve. + // Note: its useful to have these type names match the native analog exactly so that components that digest a + // Curve (e.g. the PCS) can be agnostic as to whether they're operating on native or stdlib types. + using ScalarField = bigfield; + using BaseField = field_t; + using Group = cycle_group; + using AffineElement = Group; + using Element = Group; + + // Additional types with no analog in the native description of the curve + using witness_ct = witness_t; + using public_witness_ct = public_witness_t; + using byte_array_ct = byte_array; + using bool_ct = bool_t; + using uint32_ct = stdlib::uint32; +}; +} // namespace bb::stdlib \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_recursive_flavor.hpp b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_recursive_flavor.hpp index 1040dbea88c..aa5dd42eafa 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_recursive_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib_circuit_builders/ultra_recursive_flavor.hpp @@ -457,4 +457,4 @@ template class UltraRecursiveFlavor_ { using Transcript = bb::BaseTranscript>; }; -} // namespace bb +} // namespace bb \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp b/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp index 5a78502f149..71918f18a98 100644 --- a/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp +++ b/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck.hpp @@ -417,7 +417,7 @@ template class SumcheckVerifier { bool checked = false; //! [Final Verification Step] if constexpr (IsRecursiveFlavor) { - checked = (full_honk_relation_purported_value == round.target_total_sum).get_value(); + checked = (full_honk_relation_purported_value.get_value() == round.target_total_sum.get_value()); } else { checked = (full_honk_relation_purported_value == round.target_total_sum); } diff --git a/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck_round.hpp b/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck_round.hpp index 0cbed010cf4..41aead2179a 100644 --- a/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck_round.hpp +++ b/barretenberg/cpp/src/barretenberg/sumcheck/sumcheck_round.hpp @@ -376,8 +376,15 @@ template class SumcheckVerifierRound { // with a simulated builder. bool sumcheck_round_failed(false); if constexpr (IsRecursiveFlavor) { + if constexpr (IsECCVMRecursiveFlavor) { + // https://github.com/AztecProtocol/barretenberg/issues/998): Avoids the scenario where the assert_equal + // below fails because we are comparing a constant against a non-constant value and the non-constant + // value is in relaxed form. This happens at the first round when target_total_sum is initially set to + // 0. + total_sum.self_reduce(); + } target_total_sum.assert_equal(total_sum); - sumcheck_round_failed = (target_total_sum != total_sum).get_value(); + sumcheck_round_failed = (target_total_sum.get_value() != total_sum.get_value()); } else { sumcheck_round_failed = (target_total_sum != total_sum); } diff --git a/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp b/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp index d3823592a48..4ce0ebff6b2 100644 --- a/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/translator_vm/translator_flavor.hpp @@ -877,12 +877,6 @@ class TranslatorFlavor { */ using ProverPolynomialIds = AllEntities; - /** - * @brief A container for polynomials produced after the first round of sumcheck. - * @todo TODO(#394) Use polynomial classes for guaranteed memory alignment. - */ - using RowPolynomials = AllEntities; - /** * @brief A container for storing the partially evaluated multivariates produced by sumcheck. */ diff --git a/barretenberg/cpp/src/barretenberg/vm/generated/avm_flavor.hpp b/barretenberg/cpp/src/barretenberg/vm/generated/avm_flavor.hpp index f207aaa5477..48af07a0783 100644 --- a/barretenberg/cpp/src/barretenberg/vm/generated/avm_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/generated/avm_flavor.hpp @@ -2317,8 +2317,6 @@ class AvmFlavor { using VerificationKey = VerificationKey_, VerifierCommitmentKey>; - using FoldedPolynomials = AllEntities>; - class AllValues : public AllEntities { public: using Base = AllEntities; @@ -2365,8 +2363,6 @@ class AvmFlavor { } }; - using RowPolynomials = AllEntities; - class PartiallyEvaluatedMultivariates : public AllEntities { public: PartiallyEvaluatedMultivariates() = default; diff --git a/barretenberg/cpp/src/barretenberg/vm/generated/spike_flavor.hpp b/barretenberg/cpp/src/barretenberg/vm/generated/spike_flavor.hpp index 14e81c04dda..b901eedb6f2 100644 --- a/barretenberg/cpp/src/barretenberg/vm/generated/spike_flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/generated/spike_flavor.hpp @@ -102,8 +102,6 @@ class SpikeFlavor { using VerificationKey = VerificationKey_, VerifierCommitmentKey>; - using FoldedPolynomials = AllEntities>; - class AllValues : public AllEntities { public: using Base = AllEntities; @@ -150,8 +148,6 @@ class SpikeFlavor { } }; - using RowPolynomials = AllEntities; - class PartiallyEvaluatedMultivariates : public AllEntities { public: PartiallyEvaluatedMultivariates() = default; diff --git a/barretenberg/ts/src/barretenberg_wasm/barretenberg_wasm_main/index.ts b/barretenberg/ts/src/barretenberg_wasm/barretenberg_wasm_main/index.ts index d5b573dc31c..e8022343df8 100644 --- a/barretenberg/ts/src/barretenberg_wasm/barretenberg_wasm_main/index.ts +++ b/barretenberg/ts/src/barretenberg_wasm/barretenberg_wasm_main/index.ts @@ -32,7 +32,7 @@ export class BarretenbergWasmMain extends BarretenbergWasmBase { module: WebAssembly.Module, threads = Math.min(getNumCpu(), BarretenbergWasmMain.MAX_THREADS), logger: (msg: string) => void = debug, - initial = 27, + initial = 28, maximum = 2 ** 16, ) { this.logger = logger;