Skip to content

Commit

Permalink
table description, permutation cycles, permutation test #20
Browse files Browse the repository at this point in the history
  • Loading branch information
@SK0M0R0H
SK0M0R0H committed Mar 10, 2022
1 parent 41b887f commit 3a823d3
Show file tree
Hide file tree
Showing 9 changed files with 266 additions and 36 deletions.
2 changes: 2 additions & 0 deletions include/nil/crypto3/zk/snark/relations/plonk/permutation.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,12 +27,14 @@
#ifndef CRYPTO3_ZK_PLONK_PERMUTATION_HPP
#define CRYPTO3_ZK_PLONK_PERMUTATION_HPP


namespace nil {
namespace crypto3 {
namespace zk {
namespace snark {

struct plonk_permutation {

typedef std::pair<std::size_t, std::size_t> key_type;
typedef std::pair<std::size_t, std::size_t> value_type;

Expand Down
2 changes: 1 addition & 1 deletion include/nil/crypto3/zk/snark/relations/plonk/plonk.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ namespace nil {
return _gates;
}

std::vector<math::polynomial<typename FieldType::value_type>> copy_constraints() const {
std::vector<plonk_copy_constraint<FieldType>> copy_constraints() const {
return _copy_constraints;
}

Expand Down
21 changes: 21 additions & 0 deletions include/nil/crypto3/zk/snark/relations/plonk/table.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,8 @@
#ifndef CRYPTO3_ZK_PLONK_REDSHIFT_TABLE_HPP
#define CRYPTO3_ZK_PLONK_REDSHIFT_TABLE_HPP

#include <nil/crypto3/zk/snark/relations/plonk/table_description.hpp>

namespace nil {
namespace crypto3 {
namespace zk {
Expand Down Expand Up @@ -102,6 +104,10 @@ namespace nil {
return selector_columns;
}

std::size_t selectors_size() {
return selector_columns.size();
}

ColumnType public_input(std::size_t index) const {
assert(index < PublicInputColumns);
return public_input_columns[index];
Expand All @@ -111,6 +117,10 @@ namespace nil {
return public_input_columns;
}

std::size_t public_input_size() {
return public_input_columns.size();
}

ColumnType constant(std::size_t index) const {
assert(index < ConstantColumns);
return constant_columns[index];
Expand All @@ -120,6 +130,10 @@ namespace nil {
return constant_columns;
}

std::size_t constant_size() {
return constant_columns.size();
}

ColumnType operator[](std::size_t index) const {
if (index < SelectorColumns)
return selector_columns[index];
Expand Down Expand Up @@ -192,6 +206,13 @@ namespace nil {
std::size_t size() const {
return _private_table.size() + _public_table.size();
}

plonk_table_description<FieldType> table_description() {
return plonk_table_description<FieldType> {_private_table.size(),
_public_table.selectors_size(),
_public_table.public_input_size(),
_public_table.constant_size()};
}
};

template<typename FieldType, std::size_t WitnessColumns>
Expand Down
62 changes: 62 additions & 0 deletions include/nil/crypto3/zk/snark/relations/plonk/table_description.hpp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
//---------------------------------------------------------------------------//
// Copyright (c) 2021 Mikhail Komarov <nemo@nil.foundation>
// Copyright (c) 2021 Nikita Kaskov <nbering@nil.foundation>
// Copyright (c) 2022 Ilia Shirobokov <i.shirobokov@nil.foundation>
//
// MIT License
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in all
// copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
// SOFTWARE.
//---------------------------------------------------------------------------//

#ifndef CRYPTO3_ZK_PLONK_REDSHIFT_TABLE_DESCRIPTION_HPP
#define CRYPTO3_ZK_PLONK_REDSHIFT_TABLE_DESCRIPTION_HPP

#include <nil/crypto3/zk/snark/relations/plonk/variable.hpp>

namespace nil {
namespace crypto3 {
namespace zk {
namespace snark {
template<typename FieldType>
struct plonk_table_description {
std::size_t witness_columns;
std::size_t selector_columns;
std::size_t public_input_columns;
std::size_t constant_columns;

std::size_t global_index(const plonk_variable<FieldType> &a) const {
switch (a.type)
{
case plonk_variable<FieldType>::column_type::witness:
return a.index;
case plonk_variable<FieldType>::column_type::selector:
return witness_columns + a.index;
case plonk_variable<FieldType>::column_type::public_input:
return witness_columns + selector_columns + a.index;
case plonk_variable<FieldType>::column_type::constant:
return witness_columns + selector_columns + public_input_columns + a.index;
}
}
};
} // namespace snark
} // namespace zk
} // namespace crypto3
} // namespace nil

#endif // CRYPTO3_ZK_PLONK_REDSHIFT_TABLE_DESCRIPTION_HPP
26 changes: 23 additions & 3 deletions include/nil/crypto3/zk/snark/systems/plonk/redshift/permutation_argument.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ namespace nil {
typename FieldType::value_type gamma = transcript.template challenge<FieldType>();

// 2. Calculate id_binding, sigma_binding for j from 1 to N_rows
std::vector<typename FieldType::value_type> id_binding(table_rows);
/*std::vector<typename FieldType::value_type> id_binding(table_rows);
std::vector<typename FieldType::value_type> sigma_binding(table_rows);
for (std::size_t j = 0; j < table_rows; j++) {
Expand All @@ -104,6 +104,13 @@ namespace nil {
sigma_binding[j] *= (column_polynomials[i].evaluate(domain->get_domain_element(j)) +
beta * S_sigma[i].evaluate(domain->get_domain_element(j)) + gamma);
}
}*/
math::polynomial<typename FieldType::value_type> id_binding = {1};
math::polynomial<typename FieldType::value_type> sigma_binding = {1};

for (std::size_t i = 0; i < S_id.size(); i++) {
id_binding = id_binding * (column_polynomials[i] + beta * S_id[i] + gamma);
sigma_binding = sigma_binding * (column_polynomials[i] + beta * S_sigma[i] + gamma);
}

// 3. Calculate $V_P$
Expand All @@ -115,7 +122,8 @@ namespace nil {
typename FieldType::value_type tmp_mul_result = FieldType::value_type::one();
for (std::size_t i = 0; i <= j - 1; i++) {
// TODO: use one division
tmp_mul_result *= id_binding[i] / sigma_binding[i];
tmp_mul_result = tmp_mul_result *
(id_binding.evaluate(domain->get_domain_element(i)) / sigma_binding.evaluate(domain->get_domain_element(i)));
}

V_P_interpolation_points[j] = tmp_mul_result;
Expand Down Expand Up @@ -147,11 +155,23 @@ namespace nil {
math::polynomial<typename FieldType::value_type> V_P_shifted =
math::polynomial_shift<FieldType>(V_P, domain->get_domain_element(1));


F[0] = preprocessed_data.lagrange_0 * (one_polynomial - V_P);
F[1] = (one_polynomial - (preprocessed_data.q_last + preprocessed_data.q_blind)) *
F[1] = //(one_polynomial - (preprocessed_data.q_last + preprocessed_data.q_blind)) *
(V_P_shifted * h - V_P * g);
F[2] = preprocessed_data.q_last * (V_P * V_P - V_P);

for (std::size_t i = 0; i < table_rows; i++) {
typename FieldType::value_type omega = domain->get_domain_element(i);
for (std::size_t j = 0; j < 3; j++) {
if (F[j].evaluate(omega) != FieldType::value_type::zero()) {
std::cout<<"Fail for i = "<<i<<", j = "<<j<<std::endl;

}
}
}


prover_result_type res = {F, V_P, V_P_tree};

return res;
Expand Down
83 changes: 71 additions & 12 deletions include/nil/crypto3/zk/snark/systems/plonk/redshift/preprocessor.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,8 @@

#include "nil/crypto3/zk/snark/systems/plonk/redshift/detail/redshift_policy.hpp"
#include <nil/crypto3/zk/snark/relations/plonk/permutation.hpp>
#include <nil/crypto3/zk/snark/relations/plonk/copy_constraint.hpp>
#include <nil/crypto3/zk/snark/relations/plonk/table_description.hpp>

using namespace nil::crypto3;

Expand Down Expand Up @@ -111,6 +113,68 @@ namespace nil {
return f;
}

struct cycle_representation {
typedef std::pair<std::size_t, std::size_t> key_type;

std::map<key_type, key_type> _mapping;
std::map<key_type, key_type> _aux;
std::map<key_type, std::size_t> _sizes;

cycle_representation (typename policy_type::constraint_system_type &constraint_system,
const plonk_table_description<FieldType> &table_description) {
std::vector<plonk_copy_constraint<FieldType>> copy_constraints =
constraint_system.copy_constraints();
for (std::size_t i = 0; i < copy_constraints.size(); i++) {
std::size_t x_idx = table_description.global_index(copy_constraints[i].first);
key_type x = key_type(x_idx, copy_constraints[i].first.rotation);

std::size_t y_idx = table_description.global_index(copy_constraints[i].second);
key_type y = key_type(y_idx, copy_constraints[i].second.rotation);
this->apply_copy_constraint(x, y);
}
}

void apply_copy_constraint(key_type x, key_type y) {

if (!_mapping.count(x)) {
_mapping[x] = x;
_aux[x] = x;
_sizes[x] = 1;
}

if (!_mapping.count(y)) {
_mapping[y] = y;
_aux[y] = y;
_sizes[y] = 1;
}

if (_aux[x] != _aux[y]) {
key_type &left = x;
key_type &right = y;
if (_sizes[_aux[left]] < _sizes[_aux[right]]){
left = y;
right = x;
}

_sizes[_aux[left]] = _sizes[_aux[left]] + _sizes[_aux[right]];
key_type z = _aux[right];

do {
_aux[z] = _aux[left];
z = _mapping[z];
} while (z != _aux[right]);

key_type tmp = _mapping[left];
_mapping[left] = _mapping[right];
_mapping[right] = tmp;
}
}

key_type &operator[](key_type key) {
return _mapping[key];
}
};

public:
static inline std::vector<math::polynomial<typename FieldType::value_type>>
identity_polynomials(std::size_t permutation_size, std::size_t table_size,
Expand All @@ -137,7 +201,7 @@ namespace nil {
permutation_polynomials(std::size_t permutation_size, std::size_t table_size,
const typename FieldType::value_type &omega,
const typename FieldType::value_type &delta,
plonk_permutation &permutation,
cycle_representation &permutation,
const std::shared_ptr<math::evaluation_domain<FieldType>> &domain) {

std::vector<math::polynomial<typename FieldType::value_type>> S_perm(permutation_size);
Expand Down Expand Up @@ -187,8 +251,9 @@ namespace nil {
}

static inline typename policy_type::preprocessed_public_data_type process(
const typename policy_type::constraint_system_type &constraint_system,
typename policy_type::constraint_system_type &constraint_system,
const typename policy_type::variable_assignment_type::public_table_type &public_assignment,
const plonk_table_description<FieldType> &table_description,
std::vector<std::size_t> columns_with_copy_constraints) {

std::size_t N_rows = constraint_system.rows_amount();
Expand All @@ -198,8 +263,7 @@ namespace nil {
math::make_evaluation_domain<FieldType>(N_rows);

// TODO: add std::vector<std::size_t> columns_with_copy_constraints;

plonk_permutation permutation;
cycle_representation permutation(constraint_system, table_description);

std::vector<math::polynomial<typename FieldType::value_type>> _permutation_polynomials =
permutation_polynomials(columns_with_copy_constraints.size(),
Expand Down Expand Up @@ -232,14 +296,9 @@ namespace nil {
detail::column_range_polynomials<FieldType>(public_assignment.constants(),
basic_domain));

std::vector<typename FieldType::value_type> z_numenator(N_rows + 1);
z_numenator[0] = -FieldType::value_type::one();
z_numenator[N_rows] = FieldType::value_type::one();

math::polynomial<typename FieldType::value_type> Z = z_numenator;
math::polynomial<typename FieldType::value_type> z_denominator = {-FieldType::value_type::one(),
FieldType::value_type::one()};
Z = Z / z_denominator;
std::vector<typename FieldType::value_type> Z(N_rows + 1);
Z[0] = -FieldType::value_type::one();
Z[N_rows] = FieldType::value_type::one();

return typename policy_type::preprocessed_public_data_type(
{basic_domain, public_polynomial_table, _permutation_polynomials, _identity_polynomials,
Expand Down
11 changes: 10 additions & 1 deletion include/nil/crypto3/zk/snark/systems/plonk/redshift/prover.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,15 @@ namespace nil {
std::array<typename FieldType::value_type, f_parts> alphas =
transcript.template challenges<FieldType, f_parts>();

for (std::size_t i = 0; i < f_parts; i++) {
math::polynomial<typename FieldType::value_type> T0 = F[i] / preprocessed_public_data.Z;
math::polynomial<typename FieldType::value_type> F0_restored = T0 * preprocessed_public_data.Z;
typename FieldType::value_type F0_at_y = F[i].evaluate(alphas[0]);
typename FieldType::value_type F0_restored_at_y = F0_restored.evaluate(alphas[0]);
std::cout<<"F_"<<i<<": "<<F0_at_y.data<<std::endl;
std::cout<<"F_"<<i<<"(R): "<<F0_restored_at_y.data<<std::endl;
}

// 7.2. Compute F_consolidated
math::polynomial<typename FieldType::value_type> F_consolidated = {0};
for (std::size_t i = 0; i < f_parts; i++) {
Expand Down Expand Up @@ -258,7 +267,7 @@ namespace nil {
quotient_evaluation[i] = commitment_scheme_quotient_type::proof_eval(
evaluation_points_quotient, T_commitments[i], T_splitted[i], transcript, fri_params);
proof.eval_proof.quotient.push_back(quotient_evaluation[i]);
}
}

return proof;
}
Expand Down
16 changes: 0 additions & 16 deletions test/systems/plonk/circuits.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,15 +66,8 @@ namespace nil {

plonk_permutation permutation;

std::vector<math::polynomial<typename FieldType::value_type>> S_id;
std::vector<math::polynomial<typename FieldType::value_type>> S_sigma;

typename policy_type::variable_assignment_type table;

// construct q_last, q_blind
math::polynomial<typename FieldType::value_type> q_last;
math::polynomial<typename FieldType::value_type> q_blind;

std::vector<plonk_gate<FieldType>> gates;

circuit_description() {
Expand All @@ -87,15 +80,6 @@ namespace nil {
}

void init() {
S_id = redshift_public_preprocessor<FieldType, ParamsType, 1>::identity_polynomials(
permutation_size, table_rows, omega, delta, domain);
S_sigma = redshift_public_preprocessor<FieldType, ParamsType, 1>::permutation_polynomials(
permutation_size, table_rows, omega, delta, permutation, domain);

q_last = redshift_public_preprocessor<FieldType, ParamsType, 1>::selector_last(
table_rows, usable_rows, domain);
q_blind = redshift_public_preprocessor<FieldType, ParamsType, 1>::selector_blind(
table_rows, usable_rows, domain);
}
};

Expand Down
Loading

0 comments on commit 3a823d3

Please sign in to comment.