Merge pull request #16 from NilFoundation/13-step-list-gas-consumptio…

…n-update Step list gas consumption update and batching updates
NilFoundation · Oct 27, 2022 · 576ccca · 576ccca
2 parents efb693c + 9aff06f
commit 576ccca
Show file tree

Hide file tree

Showing 25 changed files with 330 additions and 562 deletions.
diff --git a/contracts/commitments/test/public_api_lpc_verification.sol b/contracts/commitments/test/public_api_lpc_verification.sol
@@ -18,61 +18,32 @@
 pragma solidity >=0.8.4;
 
 import "../../types.sol";
-import "../lpc_verifier.sol";
 import "../batched_lpc_verifier.sol";
 import "../../cryptography/transcript.sol";
 import "../../placeholder/proof_map_parser.sol";
 
 contract TestLpcVerifier {
     bool m_result;
 
-    // TODO: optimize - do not copy params from storage to memory
-    function verify(
-        bytes calldata raw_proof,
-        bytes calldata init_transcript_blob,
-        // 0) modulus
-        // 1) r
-        // 2) max_degree
-        // 3) lambda
-        // 4) D_omegas_size
-        //  [..., D_omegas_i, ...]
-        // 5 + D_omegas_size) q_size
-        //  [..., q_i, ...]
-        uint256[] calldata init_params,
-        uint256[] calldata evaluation_points
-    ) public {
-        types.transcript_data memory tr_state;
-        transcript.init_transcript(tr_state, init_transcript_blob);
-        types.fri_params_type memory fri_params;
-        uint256 idx = 0;
-        fri_params.modulus = init_params[idx++];
-        fri_params.r = init_params[idx++];
-        fri_params.max_degree = init_params[idx++];
-        fri_params.lambda = init_params[idx++];
-        fri_params.D_omegas = new uint256[](init_params[idx++]);
-        for (uint256 i = 0; i < fri_params.D_omegas.length; i++) {
-            fri_params.D_omegas[i] = init_params[idx++];
-        }
-        fri_params.q = new uint256[](init_params[idx++]);
-        for (uint256 i = 0; i < fri_params.q.length; i++) {
-            fri_params.q[i] = init_params[idx++];
+    function allocate_all(types.fri_params_type memory fri_params, uint256 max_step, uint256 max_batch) internal view{
+        uint256 max_coset = 1 << (fri_params.max_step - 1);
+
+        fri_params.s_indices = new uint256[2][](max_coset);
+        fri_params.s = new uint256[2][](max_coset);
+        fri_params.correct_order_idx = new uint256[2][](max_coset);
+
+        fri_params.ys[0] = new uint256[2][][](max_batch);
+        fri_params.ys[1] = new uint256[2][][](max_batch);
+        fri_params.ys[2] = new uint256[2][][](max_batch);
+
+        for(uint256 i = 0; i < fri_params.max_batch;){
+            fri_params.ys[0][i] = new uint256[2][](max_coset);
+            fri_params.ys[1][i] = new uint256[2][](max_coset);
+            fri_params.ys[2][i] = new uint256[2][](max_coset);
+            unchecked{i++;}
         }
-        require(
-            raw_proof.length == lpc_verifier.skip_proof_be(raw_proof, 0),
-            "lpc proof length is not correct!"
-        );
-        require(
-            raw_proof.length == lpc_verifier.skip_proof_be_check(raw_proof, 0),
-            "lpc proof length is not correct!"
-        );
-        bool status = lpc_verifier.parse_verify_proof_be(
-            raw_proof,
-            0,
-            evaluation_points,
-            tr_state,
-            fri_params
-        );
-        require(status, "lpc proof verification failed!");
+
+        fri_params.b = new bytes(0x40 * max_batch * max_coset);
     }
 
     function batched_verify(
@@ -97,7 +68,7 @@ contract TestLpcVerifier {
         fri_params.modulus = init_params[idx++];
         fri_params.r = init_params[idx++];
         fri_params.max_degree = init_params[idx++];
-        fri_params.leaf_size = init_params[idx++];
+        fri_params.max_batch = fri_params.leaf_size = init_params[idx++];
         fri_params.lambda = init_params[idx++];
         fri_params.D_omegas = new uint256[](init_params[idx++]);
         for (uint256 i = 0; i < fri_params.D_omegas.length; i++) {
@@ -107,17 +78,23 @@ contract TestLpcVerifier {
         for (uint256 i = 0; i < fri_params.q.length; i++) {
             fri_params.q[i] = init_params[idx++];
         }
+
         fri_params.step_list = new uint256[](init_params[idx++]);
         uint256 sum = 0;
+        fri_params.max_step = 0;
         for (uint256 i = 0; i < fri_params.step_list.length; i++) {
             fri_params.step_list[i] = init_params[idx++];
+            if(fri_params.step_list[i] > fri_params.max_step) fri_params.max_step = fri_params.step_list[i]; 
             sum += fri_params.step_list[i];
         }
+
         fri_params.const1_2 = init_params[idx++];
 
         require(sum == fri_params.r, "Sum of fri_params.step_list and fri_params.r are different");
         placeholder_proof_map_parser.init(fri_params, fri_params.leaf_size);
 
+        allocate_all(fri_params, fri_params.max_step, fri_params.max_batch);
+
         require(
             raw_proof.length ==
                 batched_lpc_verifier.skip_proof_be(raw_proof, 0),

diff --git a/contracts/components/mina_base_split_gen.sol b/contracts/components/mina_base_split_gen.sol
@@ -45,9 +45,22 @@ import "./mina_base/mina_base_gate18.sol";
 library mina_base_split_gen {
     // TODO: specify constants
     uint256 constant WITNESSES_N = 15;
+    uint256 constant SELECTOR_N = 1;
+    uint256 constant PUBLIC_INPUT_N = 1;
     uint256 constant GATES_N = 23;
     uint256 constant CONSTANTS_N = 1;
 
+
+    uint256 constant PERMUTATION_COLUMNS = 7;
+    uint256 constant WITNESS_COLUMNS = 15;
+    uint256 constant PUBLIC_INPUT_COLUMNS = 1;
+    uint256 constant CONSTANT_COLUMNS = 1;
+    uint256 constant SELECTOR_COLUMNS = 30;
+    uint256 constant LOOKUP_TABLE_SIZE = 0;
+
+    uint256 constant ID_PERMUTATION_COLUMNS = 17; // WITNESS_COLUMNS +  PUBLIC_INPUT_COLUMNS + CONSTANT_COLUMNTS
+    uint256 constant PERMUTATION_PERMUTATION_COLUMNS = 17; // WITNESS_COLUMNS +  PUBLIC_INPUT_COLUMNS + CONSTANT_COLUMNS
+
     // TODO: columns_rotations could be hard-coded
     function evaluate_gates_be(
         bytes calldata blob,
@@ -68,15 +81,25 @@ library mina_base_split_gen {
         gate_params.selector_evaluations = new uint256[](GATES_N);
         gate_params.offset = batched_lpc_verifier.skip_to_z(blob,  gate_params.eval_proof_selector_offset);
         for (uint256 i = 0; i < GATES_N; i++) {
-            gate_params.selector_evaluations[i] = basic_marshalling.get_i_j_uint256_from_vector_of_vectors(blob, gate_params.offset, i, 0);
+            gate_params.selector_evaluations[i] = basic_marshalling.get_i_j_uint256_from_vector_of_vectors(
+                blob, 
+                gate_params.offset, 
+                i + ID_PERMUTATION_COLUMNS + PERMUTATION_PERMUTATION_COLUMNS + CONSTANT_COLUMNS, 
+                0
+            );
         }
 
         gate_params.constant_evaluations = new uint256[][](CONSTANTS_N);
         gate_params.offset = batched_lpc_verifier.skip_to_z(blob,  gate_params.eval_proof_constant_offset);
         for (uint256 i = 0; i < CONSTANTS_N; i++) {
             gate_params.constant_evaluations[i] = new uint256[](columns_rotations[i].length);
             for (uint256 j = 0; j < columns_rotations[i].length; j++) {
-                gate_params.constant_evaluations[i][j] = basic_marshalling.get_i_j_uint256_from_vector_of_vectors(blob, gate_params.offset, i, j);
+                gate_params.constant_evaluations[i][j] = basic_marshalling.get_i_j_uint256_from_vector_of_vectors(
+                    blob, 
+                    gate_params.offset, 
+                    i + ID_PERMUTATION_COLUMNS + PERMUTATION_PERMUTATION_COLUMNS, 
+                    j
+                );
             }
         }
 

diff --git a/contracts/components/mina_scalar_split_gen.sol b/contracts/components/mina_scalar_split_gen.sol
@@ -50,6 +50,17 @@ library mina_split_gen {
     uint256 constant GATES_N = 23;
     uint256 constant CONSTANTS_N = 1;
 
+
+    uint256 constant PERMUTATION_COLUMNS = 7;
+    uint256 constant WITNESS_COLUMNS = 15;
+    uint256 constant PUBLIC_INPUT_COLUMNS = 1;
+    uint256 constant CONSTANT_COLUMNS = 1;
+    uint256 constant SELECTOR_COLUMNS = 30;
+    uint256 constant LOOKUP_TABLE_SIZE = 0;
+
+    uint256 constant ID_PERMUTATION_COLUMNS = 17; // WITNESS_COLUMNS +  PUBLIC_INPUT_COLUMNS + CONSTANT_COLUMNTS
+    uint256 constant PERMUTATION_PERMUTATION_COLUMNS = 17; // WITNESS_COLUMNS +  PUBLIC_INPUT_COLUMNS + CONSTANT_COLUMNS
+
     // TODO: columns_rotations could be hard-coded
     function evaluate_gates_be(
         bytes calldata blob,
@@ -70,15 +81,25 @@ library mina_split_gen {
         gate_params.selector_evaluations = new uint256[](GATES_N);
         gate_params.offset = batched_lpc_verifier.skip_to_z(blob,  gate_params.eval_proof_selector_offset);
         for (uint256 i = 0; i < GATES_N; i++) {
-            gate_params.selector_evaluations[i] = basic_marshalling.get_i_j_uint256_from_vector_of_vectors(blob, gate_params.offset, i, 0);
+            gate_params.selector_evaluations[i] = basic_marshalling.get_i_j_uint256_from_vector_of_vectors(
+                blob, 
+                gate_params.offset, 
+                i + ID_PERMUTATION_COLUMNS + PERMUTATION_PERMUTATION_COLUMNS + CONSTANT_COLUMNS, 
+                0
+            );
         }
 
         gate_params.constant_evaluations = new uint256[][](CONSTANTS_N);
         gate_params.offset = batched_lpc_verifier.skip_to_z(blob,  gate_params.eval_proof_constant_offset);
         for (uint256 i = 0; i < CONSTANTS_N; i++) {
             gate_params.constant_evaluations[i] = new uint256[](columns_rotations[i].length);
             for (uint256 j = 0; j < columns_rotations[i].length; j++) {
-                gate_params.constant_evaluations[i][j] = basic_marshalling.get_i_j_uint256_from_vector_of_vectors(blob, gate_params.offset, i, j);
+                gate_params.constant_evaluations[i][j] = basic_marshalling.get_i_j_uint256_from_vector_of_vectors(
+                    blob, 
+                    gate_params.offset, 
+                    i + ID_PERMUTATION_COLUMNS + PERMUTATION_PERMUTATION_COLUMNS, 
+                    j
+                );
             }
         }
 

diff --git a/contracts/placeholder/init_vars.sol b/contracts/placeholder/init_vars.sol
@@ -21,6 +21,7 @@ pragma solidity >=0.8.4;
 import "../types.sol";
 import "../cryptography/transcript.sol";
 import "./proof_map_parser.sol";
+import "../logging.sol";
 
 library init_vars {
     struct vars_t {
@@ -33,6 +34,7 @@ library init_vars {
 
     function init(bytes calldata blob, uint256[] calldata init_params,
                        int256[][] calldata columns_rotations, vars_t memory vars) internal view {
+
         (vars.proof_map, vars.proof_size) = placeholder_proof_map_parser.parse_be(blob, 0);
         require(vars.proof_size == blob.length, "Proof length was detected incorrectly!");
         transcript.init_transcript(vars.tr_state, hex"");