-
Notifications
You must be signed in to change notification settings - Fork 160
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feat/fri #85
Feat/fri #85
Conversation
// last round, provide the evaluation. The fully folded polynomial is of size rho. It should | ||
// correspond to the evaluation of a polynomial of degree 1 on ρ points, so those points | ||
// are supposed to be on a line. | ||
res.evaluation = make([]fr.Element, rho) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if rho
is a constant, evaluation
should be an array of size rho in the struct, not a slice
// point and its neighbor. | ||
c := si[i] % 2 | ||
res.interactions[i][c] = partialMerkleProof{mr, proofSet, numLeaves} | ||
res.interactions[i][1-c] = partialMerkleProof{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1-c
is never < 0
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no, here c is 0 or 1 here. The c-th entry contains the full Merkle path, the (1-c)-th the partial Merkle path.
|
||
properties := gopter.NewProperties(parameters) | ||
|
||
size := 4096 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remark; shouldn't his vary during the tests?
Similarly, randomPolynomial
is not super random; (ie always the same form with coeff squared)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
|
||
const rho = 8 | ||
|
||
var NbRounds = 1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is it a constant? if it's not, should be made a parameter to the functions where it's needed.
|
||
var NbRounds = 1 | ||
|
||
// var ErrorRate float32 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
deadcode
@yelhousni can you review before merge? |
// "testing" | ||
// ) | ||
|
||
// func TestMimc(t *testing.T) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ThomasPiellard why is this commented / in the PR ?
A basic version of the FRI protocol is now available, in ecc/curve/fr/fri.
The multiplicative version only has been implemented, it works on the prime-order subgroup of the corresponding curves.
The version is not tunable yet (only by hand), and should not be used unless careful choice of the parameters (e.g. rho, the number of rounds of verification) have been made.
It provides a working base for future work on FRI (possibly using ECFFT).
API
example:
Internally, a proof of proximity is a sequence of interactions between a prover and a verifier (made non interactive using Fiat Shamir), where each interaction consists of a Merkle path proof verification, and a consistancy check between one round to the next.