From 50936e5d97c4761dfb22bd490d19ce13931ded32 Mon Sep 17 00:00:00 2001 From: Al-Kindi-0 <82364884+Al-Kindi-0@users.noreply.github.com> Date: Thu, 30 Jan 2025 09:26:18 +0100 Subject: [PATCH] chore: address feedback --- air/src/air/coefficients.rs | 56 +++++- air/src/air/mod.rs | 70 ++----- math/src/field/f128/tests.rs | 1 + math/src/field/f62/tests.rs | 1 + math/src/field/f64/tests.rs | 1 + winterfell/src/lib.rs | 3 - winterfell/src/tests.rs | 348 ----------------------------------- 7 files changed, 69 insertions(+), 411 deletions(-) delete mode 100644 winterfell/src/tests.rs diff --git a/air/src/air/coefficients.rs b/air/src/air/coefficients.rs index 1b8efef0b..07110e7e9 100644 --- a/air/src/air/coefficients.rs +++ b/air/src/air/coefficients.rs @@ -5,7 +5,8 @@ use alloc::vec::Vec; -use math::FieldElement; +use crypto::{RandomCoin, RandomCoinError}; +use math::{get_power_series, get_power_series_with_offset, FieldElement}; // CONSTRAINT COMPOSITION COEFFICIENTS // ================================================================================================ @@ -110,3 +111,56 @@ pub struct DeepCompositionCoefficients { /// Lagrange kernel trace polynomial composition coefficient $\gamma$. pub lagrange: Option, } + +impl DeepCompositionCoefficients { + /// Generates the random values used in the construction of the DEEP polynomial when linear + /// batching is used. + pub fn draw_linear( + public_coin: &mut impl RandomCoin, + trace_width: usize, + num_constraint_composition_columns: usize, + ) -> Result { + let mut t_coefficients = Vec::new(); + for _ in 0..trace_width { + t_coefficients.push(public_coin.draw()?); + } + + let mut c_coefficients = Vec::new(); + for _ in 0..num_constraint_composition_columns { + c_coefficients.push(public_coin.draw()?); + } + + Ok(DeepCompositionCoefficients { + trace: t_coefficients, + constraints: c_coefficients, + lagrange: None, + }) + } + + /// Generates the random values used in the construction of the DEEP polynomial when algebraic + /// batching is used. + pub fn draw_algebraic( + public_coin: &mut impl RandomCoin, + trace_width: usize, + num_constraint_composition_columns: usize, + ) -> Result { + let mut t_coefficients = Vec::new(); + let alpha: E = public_coin.draw()?; + t_coefficients.extend_from_slice(&get_power_series(alpha, trace_width)); + + let mut c_coefficients = Vec::new(); + + let alpha_pow_trace_width = alpha.exp((trace_width as u32).into()); + c_coefficients.extend_from_slice(&get_power_series_with_offset( + alpha, + alpha_pow_trace_width, + num_constraint_composition_columns, + )); + + Ok(DeepCompositionCoefficients { + trace: t_coefficients, + constraints: c_coefficients, + lagrange: None, + }) + } +} diff --git a/air/src/air/mod.rs b/air/src/air/mod.rs index e165eb8b7..0ad8941ed 100644 --- a/air/src/air/mod.rs +++ b/air/src/air/mod.rs @@ -6,10 +6,7 @@ use alloc::{collections::BTreeMap, vec::Vec}; use crypto::{RandomCoin, RandomCoinError}; -use math::{ - fft, get_power_series, get_power_series_with_offset, ExtensibleField, ExtensionOf, - FieldElement, StarkField, ToElements, -}; +use math::{fft, ExtensibleField, ExtensionOf, FieldElement, StarkField, ToElements}; use crate::{BatchingMethod, ProofOptions}; @@ -581,62 +578,17 @@ pub trait Air: Send + Sync { E: FieldElement, R: RandomCoin, { - let mut t_coefficients = Vec::new(); match self.context().options.deep_poly_batching_method() { - BatchingMethod::Linear => { - for _ in 0..self.trace_info().width() { - t_coefficients.push(public_coin.draw()?); - } - - let mut c_coefficients = Vec::new(); - for _ in 0..self.context().num_constraint_composition_columns() { - c_coefficients.push(public_coin.draw()?); - } - - let lagrange_cc = if self.context().has_lagrange_kernel_aux_column() { - Some(public_coin.draw()?) - } else { - None - }; - - Ok(DeepCompositionCoefficients { - trace: t_coefficients, - constraints: c_coefficients, - lagrange: lagrange_cc, - }) - }, - BatchingMethod::Algebraic => { - let mut t_coefficients = Vec::new(); - let alpha: E = public_coin.draw()?; - t_coefficients - .extend_from_slice(&get_power_series(alpha, self.trace_info().width())); - - let mut c_coefficients = Vec::new(); - - let alpha_pow_trace_width = alpha.exp(((self.trace_info().width()) as u32).into()); - c_coefficients.extend_from_slice(&get_power_series_with_offset( - alpha, - alpha_pow_trace_width, - self.context().num_constraint_composition_columns(), - )); - - let lagrange_cc = if self.context().has_lagrange_kernel_aux_column() { - Some( - *c_coefficients - .last() - .expect("there should be at least one constraint coefficient") - * alpha, - ) - } else { - None - }; - - Ok(DeepCompositionCoefficients { - trace: t_coefficients, - constraints: c_coefficients, - lagrange: lagrange_cc, - }) - }, + BatchingMethod::Linear => DeepCompositionCoefficients::draw_linear( + public_coin, + self.trace_info().width(), + self.context().num_constraint_composition_columns(), + ), + BatchingMethod::Algebraic => DeepCompositionCoefficients::draw_algebraic( + public_coin, + self.trace_info().width(), + self.context().num_constraint_composition_columns(), + ), } } } diff --git a/math/src/field/f128/tests.rs b/math/src/field/f128/tests.rs index 3def7c3ba..507e5348c 100644 --- a/math/src/field/f128/tests.rs +++ b/math/src/field/f128/tests.rs @@ -69,6 +69,7 @@ fn mul() { assert_eq!(BaseElement::new(m - 2), t * BaseElement::from(2u8)); assert_eq!(BaseElement::new(m - 4), t * BaseElement::from(4u8)); + #[allow(clippy::manual_div_ceil)] let t = (m + 1) / 2; assert_eq!(BaseElement::ONE, BaseElement::new(t) * BaseElement::from(2u8)); diff --git a/math/src/field/f62/tests.rs b/math/src/field/f62/tests.rs index 963affb95..9757238e1 100644 --- a/math/src/field/f62/tests.rs +++ b/math/src/field/f62/tests.rs @@ -59,6 +59,7 @@ fn mul() { assert_eq!(BaseElement::new(m - 2), t * BaseElement::from(2u8)); assert_eq!(BaseElement::new(m - 4), t * BaseElement::from(4u8)); + #[allow(clippy::manual_div_ceil)] let t = (m + 1) / 2; assert_eq!(BaseElement::ONE, BaseElement::new(t) * BaseElement::from(2u8)); } diff --git a/math/src/field/f64/tests.rs b/math/src/field/f64/tests.rs index 263675bec..0659f493b 100644 --- a/math/src/field/f64/tests.rs +++ b/math/src/field/f64/tests.rs @@ -68,6 +68,7 @@ fn mul() { assert_eq!(BaseElement::new(m - 2), t * BaseElement::from(2u8)); assert_eq!(BaseElement::new(m - 4), t * BaseElement::from(4u8)); + #[allow(clippy::manual_div_ceil)] let t = (m + 1) / 2; assert_eq!(BaseElement::ONE, BaseElement::new(t) * BaseElement::from(2u8)); } diff --git a/winterfell/src/lib.rs b/winterfell/src/lib.rs index 6ee9f52c6..9e23ef8e1 100644 --- a/winterfell/src/lib.rs +++ b/winterfell/src/lib.rs @@ -644,6 +644,3 @@ pub use prover::{ TraceTableFragment, TransitionConstraintDegree, }; pub use verifier::{verify, AcceptableOptions, ByteWriter, VerifierError}; - -#[cfg(test)] -mod tests; diff --git a/winterfell/src/tests.rs b/winterfell/src/tests.rs deleted file mode 100644 index 9d536a4d4..000000000 --- a/winterfell/src/tests.rs +++ /dev/null @@ -1,348 +0,0 @@ -// Copyright (c) Facebook, Inc. and its affiliates. -// -// This source code is licensed under the MIT license found in the -// LICENSE file in the root directory of this source tree. - -use std::{vec, vec::Vec}; - -use air::{GkrRandElements, LagrangeKernelRandElements}; -use crypto::MerkleTree; -use prover::{ - crypto::{hashers::Blake3_256, DefaultRandomCoin, RandomCoin}, - math::{fields::f64::BaseElement, ExtensionOf, FieldElement}, - matrix::ColMatrix, - CompositionPoly, DefaultConstraintCommitment, -}; - -use super::*; - -const AUX_TRACE_WIDTH: usize = 2; - -#[test] -fn test_complex_lagrange_kernel_air() { - let trace = LagrangeComplexTrace::new(2_usize.pow(10), AUX_TRACE_WIDTH); - - let prover = LagrangeComplexProver::new(AUX_TRACE_WIDTH); - - let proof = prover.prove(trace).unwrap(); - - verify::< - LagrangeKernelComplexAir, - Blake3_256, - DefaultRandomCoin>, - MerkleTree>, - >(proof, (), &AcceptableOptions::MinConjecturedSecurity(0)) - .unwrap() -} - -// LagrangeComplexTrace -// ================================================================================================= - -#[derive(Clone, Debug)] -struct LagrangeComplexTrace { - // dummy main trace - main_trace: ColMatrix, - info: TraceInfo, -} - -impl LagrangeComplexTrace { - fn new(trace_len: usize, aux_segment_width: usize) -> Self { - assert!(trace_len < u32::MAX.try_into().unwrap()); - - let main_trace_col: Vec = - (0..trace_len).map(|idx| BaseElement::from(idx as u32)).collect(); - - Self { - main_trace: ColMatrix::new(vec![main_trace_col]), - info: TraceInfo::new_multi_segment(1, aux_segment_width, 0, trace_len, vec![]), - } - } - - fn len(&self) -> usize { - self.main_trace.num_rows() - } -} - -impl Trace for LagrangeComplexTrace { - type BaseField = BaseElement; - - fn info(&self) -> &TraceInfo { - &self.info - } - - fn main_segment(&self) -> &ColMatrix { - &self.main_trace - } - - fn read_main_frame(&self, row_idx: usize, frame: &mut EvaluationFrame) { - let next_row_idx = row_idx + 1; - assert_ne!(next_row_idx, self.len()); - - self.main_trace.read_row_into(row_idx, frame.current_mut()); - self.main_trace.read_row_into(next_row_idx, frame.next_mut()); - } -} - -// AIR -// ================================================================================================= - -#[derive(Debug, Clone, Default)] -struct DummyGkrVerifier; - -impl GkrVerifier for DummyGkrVerifier { - // `GkrProof` is log(trace_len) for this dummy example, so that the verifier knows how many aux - // random variables to generate - type GkrProof = usize; - type Error = VerifierError; - - fn verify( - &self, - gkr_proof: usize, - public_coin: &mut impl RandomCoin, - ) -> Result, Self::Error> - where - E: FieldElement, - Hasher: crypto::ElementHasher, - { - let log_trace_len = gkr_proof; - let lagrange_kernel_rand_elements: LagrangeKernelRandElements = { - let mut rand_elements = Vec::with_capacity(log_trace_len); - for _ in 0..log_trace_len { - rand_elements.push(public_coin.draw().unwrap()); - } - - LagrangeKernelRandElements::new(rand_elements) - }; - - Ok(GkrRandElements::new(lagrange_kernel_rand_elements, Vec::new())) - } -} - -struct LagrangeKernelComplexAir { - context: AirContext, -} - -impl Air for LagrangeKernelComplexAir { - type BaseField = BaseElement; - // `GkrProof` is log(trace_len) for this dummy example, so that the verifier knows how many aux - // random variables to generate - type GkrProof = usize; - type GkrVerifier = DummyGkrVerifier; - - type PublicInputs = (); - - fn new(trace_info: TraceInfo, _pub_inputs: Self::PublicInputs, options: ProofOptions) -> Self { - Self { - context: AirContext::new_multi_segment( - trace_info, - vec![TransitionConstraintDegree::new(1)], - vec![TransitionConstraintDegree::new(1)], - 1, - 1, - Some(1), - options, - ), - } - } - - fn context(&self) -> &AirContext { - &self.context - } - - fn evaluate_transition>( - &self, - frame: &EvaluationFrame, - _periodic_values: &[E], - result: &mut [E], - ) { - let current = frame.current()[0]; - let next = frame.next()[0]; - - // increments by 1 - result[0] = next - current - E::ONE; - } - - fn get_assertions(&self) -> Vec> { - vec![Assertion::single(0, 0, BaseElement::ZERO)] - } - - fn evaluate_aux_transition( - &self, - _main_frame: &EvaluationFrame, - _aux_frame: &EvaluationFrame, - _periodic_values: &[F], - _aux_rand_elements: &AuxRandElements, - _result: &mut [E], - ) where - F: FieldElement, - E: FieldElement + ExtensionOf, - { - // do nothing - } - - fn get_aux_assertions>( - &self, - _aux_rand_elements: &AuxRandElements, - ) -> Vec> { - vec![Assertion::single(0, 0, E::ZERO)] - } - - fn get_gkr_proof_verifier>( - &self, - ) -> Self::GkrVerifier { - DummyGkrVerifier - } -} - -// LagrangeComplexProver -// ================================================================================================ - -struct LagrangeComplexProver { - aux_trace_width: usize, - options: ProofOptions, -} - -impl LagrangeComplexProver { - fn new(aux_trace_width: usize) -> Self { - Self { - aux_trace_width, - options: ProofOptions::new(1, 2, 0, FieldExtension::None, 2, 1, BatchingMethod::Linear), - } - } -} - -impl Prover for LagrangeComplexProver { - type BaseField = BaseElement; - type Air = LagrangeKernelComplexAir; - type Trace = LagrangeComplexTrace; - type HashFn = Blake3_256; - type VC = MerkleTree>; - type RandomCoin = DefaultRandomCoin; - type TraceLde> = - DefaultTraceLde; - type ConstraintCommitment> = - DefaultConstraintCommitment, Self::VC>; - type ConstraintEvaluator<'a, E: FieldElement> = - DefaultConstraintEvaluator<'a, LagrangeKernelComplexAir, E>; - - fn get_pub_inputs(&self, _trace: &Self::Trace) -> <::Air as Air>::PublicInputs { - } - - fn options(&self) -> &ProofOptions { - &self.options - } - - fn new_trace_lde( - &self, - trace_info: &TraceInfo, - main_trace: &ColMatrix, - domain: &StarkDomain, - partition_option: PartitionOptions, - ) -> (Self::TraceLde, TracePolyTable) - where - E: math::FieldElement, - { - DefaultTraceLde::new(trace_info, main_trace, domain, partition_option) - } - - fn build_constraint_commitment>( - &self, - composition_poly_trace: CompositionPolyTrace, - num_constraint_composition_columns: usize, - domain: &StarkDomain, - partition_options: PartitionOptions, - ) -> (Self::ConstraintCommitment, CompositionPoly) { - DefaultConstraintCommitment::new( - composition_poly_trace, - num_constraint_composition_columns, - domain, - partition_options, - ) - } - - fn new_evaluator<'a, E>( - &self, - air: &'a Self::Air, - aux_rand_elements: Option>, - composition_coefficients: ConstraintCompositionCoefficients, - ) -> Self::ConstraintEvaluator<'a, E> - where - E: math::FieldElement, - { - DefaultConstraintEvaluator::new(air, aux_rand_elements, composition_coefficients) - } - - fn generate_gkr_proof( - &self, - main_trace: &Self::Trace, - public_coin: &mut Self::RandomCoin, - ) -> (ProverGkrProof, GkrRandElements) - where - E: FieldElement, - { - let main_trace = main_trace.main_segment(); - let log_trace_len = main_trace.num_rows().ilog2() as usize; - let lagrange_kernel_rand_elements = { - let mut rand_elements = Vec::with_capacity(log_trace_len); - for _ in 0..log_trace_len { - rand_elements.push(public_coin.draw().unwrap()); - } - - LagrangeKernelRandElements::new(rand_elements) - }; - - (log_trace_len, GkrRandElements::new(lagrange_kernel_rand_elements, Vec::new())) - } - - fn build_aux_trace( - &self, - main_trace: &Self::Trace, - aux_rand_elements: &AuxRandElements, - ) -> ColMatrix - where - E: FieldElement, - { - let main_trace = main_trace.main_segment(); - let lagrange_kernel_rand_elements = aux_rand_elements - .lagrange() - .expect("expected lagrange random elements to be present."); - - let mut columns = Vec::new(); - - // First all other auxiliary columns - let rand_summed = lagrange_kernel_rand_elements.iter().fold(E::ZERO, |acc, &r| acc + r); - for _ in 1..self.aux_trace_width { - // building a dummy auxiliary column - let column = main_trace - .get_column(0) - .iter() - .map(|row_val| rand_summed.mul_base(*row_val)) - .collect(); - - columns.push(column); - } - - // then build the Lagrange kernel column - { - let r = &lagrange_kernel_rand_elements; - - let mut lagrange_col = Vec::with_capacity(main_trace.num_rows()); - - for row_idx in 0..main_trace.num_rows() { - let mut row_value = E::ONE; - for (bit_idx, &r_i) in r.iter().enumerate() { - if row_idx & (1 << bit_idx) == 0 { - row_value *= E::ONE - r_i; - } else { - row_value *= r_i; - } - } - lagrange_col.push(row_value); - } - - columns.push(lagrange_col); - } - - ColMatrix::new(columns) - } -}