Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
eccvm_recursive_verifier.test.cpp
Go to the documentation of this file.
1#include "barretenberg/circuit_checker/circuit_checker.hpp"
2#include "barretenberg/commitment_schemes/ipa/ipa.hpp"
3#include "barretenberg/dsl/acir_format/gate_count_constants.hpp"
4#include "barretenberg/eccvm/eccvm_prover.hpp"
5#include "barretenberg/eccvm/eccvm_verifier.hpp"
6#include "barretenberg/flavor/test_utils/proof_structures.hpp"
7#include "barretenberg/stdlib/honk_verifier/ultra_verification_keys_comparator.hpp"
8#include "barretenberg/ultra_honk/ultra_prover.hpp"
9#include "barretenberg/ultra_honk/ultra_verifier.hpp"
10
11#include <gtest/gtest.h>
12
13namespace {
14auto& engine = bb::numeric::get_debug_randomness();
15}
16namespace bb {
17class ECCVMRecursiveTests : public ::testing::Test {
18 public:
19 using RecursiveFlavor = ECCVMRecursiveFlavor;
20 using InnerFlavor = RecursiveFlavor::NativeFlavor;
21 using InnerBuilder = InnerFlavor::CircuitBuilder;
22 using InnerProver = ECCVMProver;
23 using InnerVerifier = ECCVMVerifier;
24 using InnerG1 = InnerFlavor::Commitment;
25 using InnerFF = InnerFlavor::FF;
26 using InnerBF = InnerFlavor::BF;
27 using InnerPK = InnerFlavor::ProvingKey;
28 using InnerVK = InnerFlavor::VerificationKey;
29
30 using Transcript = InnerFlavor::Transcript;
31 using StdlibTranscript = RecursiveFlavor::Transcript;
32
33 using RecursiveVerifier = ECCVMRecursiveVerifier;
34
35 using OuterBuilder = RecursiveFlavor::CircuitBuilder;
36 using OuterFlavor = std::conditional_t<IsMegaBuilder<OuterBuilder>, MegaFlavor, UltraFlavor>;
37 using OuterProver = UltraProver_<OuterFlavor>;
38 using OuterVerifier = UltraVerifier_<OuterFlavor, bb::DefaultIO>;
39 using OuterProverInstance = ProverInstance_<OuterFlavor>;
40
41 using PCS = IPA<ECCVMFlavor::Curve, CONST_ECCVM_LOG_N>;
42 static void SetUpTestSuite() { bb::srs::init_file_crs_factory(bb::srs::bb_crs_path()); }
43
50 static InnerBuilder generate_circuit(numeric::RNG* engine = nullptr, const size_t num_iterations = 1)
51 {
52 using Curve = curve::BN254;
53 using G1 = Curve::Element;
54 using Fr = Curve::ScalarField;
55 using Fq = curve::Grumpkin::ScalarField;
56
57 std::shared_ptr<ECCOpQueue> op_queue = std::make_shared<ECCOpQueue>();
58 G1 a = G1::random_element(engine);
59 G1 b = G1::random_element(engine);
60 G1 c = G1::random_element(engine);
61 Fr x = Fr::random_element(engine);
62 Fr y = Fr::random_element(engine);
63 for (size_t idx = 0; idx < num_iterations; idx++) {
64 op_queue->add_accumulate(a);
65 op_queue->mul_accumulate(a, x);
66 op_queue->mul_accumulate(b, x);
67 op_queue->mul_accumulate(b, y);
68 op_queue->add_accumulate(a);
69 op_queue->mul_accumulate(b, x);
70 op_queue->eq_and_reset();
71 op_queue->add_accumulate(c);
72 op_queue->mul_accumulate(a, x);
73 op_queue->mul_accumulate(b, x);
74 op_queue->eq_and_reset();
75 op_queue->mul_accumulate(a, x);
76 op_queue->mul_accumulate(b, x);
77 op_queue->mul_accumulate(c, x);
78 op_queue->merge();
79 }
80 // Set hiding op for ECCVM ZK (required before ECCVMCircuitBuilder construction)
81 op_queue->append_hiding_op(Fq::random_element(engine), Fq::random_element(engine));
82 InnerBuilder builder{ op_queue };
83 return builder;
84 }
85
86 static void test_recursive_verification()
87 {
88 InnerBuilder builder = generate_circuit(&engine);
89 std::shared_ptr<Transcript> prover_transcript = std::make_shared<Transcript>();
90 InnerProver prover(builder, prover_transcript);
91 auto [proof, opening_claim] = prover.construct_proof();
92
93 // Compute IPA proof
94 auto ipa_transcript = std::make_shared<Transcript>();
95 PCS::compute_opening_proof(prover.key->commitment_key, opening_claim, ipa_transcript);
96 HonkProof ipa_proof = ipa_transcript->export_proof();
97
98 auto verification_key = std::make_shared<InnerFlavor::VerificationKey>();
99
100 info("ECCVM Recursive Verifier");
101 OuterBuilder outer_circuit;
102 auto stdlib_proof = stdlib::Proof<OuterBuilder>(outer_circuit, proof);
103 std::shared_ptr<StdlibTranscript> stdlib_verifier_transcript = std::make_shared<StdlibTranscript>();
104 RecursiveVerifier verifier{ stdlib_verifier_transcript, stdlib_proof };
105 verifier.get_transcript()->enable_manifest();
106 [[maybe_unused]] auto recursive_result = verifier.reduce_to_ipa_opening();
107 stdlib::recursion::honk::DefaultIO<OuterBuilder>::add_default(outer_circuit);
108
109 info("Recursive Verifier: num gates = ", outer_circuit.get_num_finalized_gates_inefficient());
110
111 // Check for a failure flag in the recursive verifier circuit
112 EXPECT_EQ(outer_circuit.failed(), false) << outer_circuit.err();
113
114 bool result = CircuitChecker::check(outer_circuit);
115 EXPECT_TRUE(result);
116
117 std::shared_ptr<Transcript> verifier_transcript = std::make_shared<Transcript>();
118 InnerVerifier native_verifier(verifier_transcript, proof);
119 verifier_transcript->enable_manifest();
120 auto native_result = native_verifier.reduce_to_ipa_opening();
121
122 // Verify IPA
123 auto ipa_verify_transcript = std::make_shared<Transcript>();
124 ipa_verify_transcript->load_proof(ipa_proof);
125 auto ipa_vk = VerifierCommitmentKey<curve::Grumpkin>{ ECCVMFlavor::ECCVM_FIXED_SIZE };
126 bool ipa_verified = IPA<curve::Grumpkin>::reduce_verify(ipa_vk, native_result.ipa_claim, ipa_verify_transcript);
127 EXPECT_TRUE(ipa_verified && native_result.reduction_succeeded);
128 auto recursive_manifest = verifier.get_transcript()->get_manifest();
129 auto native_manifest = native_verifier.get_transcript()->get_manifest();
130
131 ASSERT_GT(recursive_manifest.size(), 0);
132 for (size_t i = 0; i < recursive_manifest.size(); ++i) {
133 EXPECT_EQ(recursive_manifest[i], native_manifest[i])
134 << "Recursive Verifier/Verifier manifest discrepency in round " << i;
135 }
136
137 // Ensure verification key commitments are the same
138 for (auto [vk_poly, native_vk_poly] :
139 zip_view(verifier.get_verification_key()->get_all(), verification_key->get_all())) {
140 EXPECT_EQ(vk_poly.get_value(), native_vk_poly);
141 }
142
143 // Construct a full proof from the recursive verifier circuit
144 {
145 auto prover_instance = std::make_shared<OuterProverInstance>(outer_circuit);
146 auto verification_key = std::make_shared<OuterFlavor::VerificationKey>(prover_instance->get_precomputed());
147 auto vk_and_hash = std::make_shared<OuterFlavor::VKAndHash>(verification_key);
148 OuterProver prover(prover_instance, verification_key);
149 OuterVerifier verifier(vk_and_hash);
150 auto proof = prover.construct_proof();
151 bool verified = verifier.verify_proof(proof).result;
152
153 ASSERT_TRUE(verified);
154 }
155
156 // Check that the size of the recursive verifier is consistent with historical expectation
157 ASSERT_EQ(outer_circuit.get_num_finalized_gates(), acir_format::ECCVM_RECURSIVE_VERIFIER_GATE_COUNT)
158 << "Ultra-arithmetized ECCVM Recursive verifier gate count changed! Update this value if you are sure this "
159 "is expected.";
160 }
161
162 static void test_recursive_verification_failure()
163 {
164 InnerBuilder builder = generate_circuit(&engine);
165 builder.op_queue->add_erroneous_equality_op_for_testing();
166 builder.op_queue->merge();
167 std::shared_ptr<Transcript> prover_transcript = std::make_shared<Transcript>();
168 InnerProver prover(builder, prover_transcript);
169 auto [proof, opening_claim] = prover.construct_proof();
170
171 // Compute IPA proof
172 auto ipa_transcript = std::make_shared<Transcript>();
173 PCS::compute_opening_proof(prover.key->commitment_key, opening_claim, ipa_transcript);
174 HonkProof ipa_proof = ipa_transcript->export_proof();
175
176 auto verification_key = std::make_shared<InnerFlavor::VerificationKey>();
177
178 OuterBuilder outer_circuit;
179 auto stdlib_proof = stdlib::Proof<OuterBuilder>(outer_circuit, proof);
180
181 std::shared_ptr<StdlibTranscript> stdlib_verifier_transcript = std::make_shared<StdlibTranscript>();
182 RecursiveVerifier verifier{ stdlib_verifier_transcript, stdlib_proof };
183 [[maybe_unused]] auto output = verifier.reduce_to_ipa_opening();
184 stdlib::recursion::honk::DefaultIO<OuterBuilder>::add_default(outer_circuit);
185 info("Recursive Verifier: estimated num finalized gates = ",
186 outer_circuit.get_num_finalized_gates_inefficient());
187
188 // Check for a failure flag in the recursive verifier circuit
189 EXPECT_FALSE(CircuitChecker::check(outer_circuit));
190 }
191
197 static void test_structured_proof_round_trip()
198 {
199 InnerBuilder builder = generate_circuit(&engine);
200 std::shared_ptr<Transcript> prover_transcript = std::make_shared<Transcript>();
201 InnerProver prover(builder, prover_transcript);
202 auto [proof, opening_claim] = prover.construct_proof();
203
204 ASSERT_EQ(proof.size(), InnerFlavor::PROOF_LENGTH);
205
206 StructuredProof<InnerFlavor> structured_proof;
207 auto proof_data = prover.transcript->test_get_proof_data();
208 structured_proof.deserialize(proof_data, /*num_public_inputs=*/0, CONST_ECCVM_LOG_N);
209 structured_proof.serialize(proof_data, CONST_ECCVM_LOG_N);
210
211 auto original_data = prover.transcript->test_get_proof_data();
212 ASSERT_EQ(proof_data.size(), original_data.size());
213 EXPECT_EQ(proof_data, original_data);
214 }
215
216 enum class TamperType {
217 MODIFY_SUMCHECK_UNIVARIATE, // Tests committed sumcheck first-round sum constraint (circuit FAIL)
218 MODIFY_SUMCHECK_EVAL, // Tests Gemini consistency constraint (circuit FAIL)
219 MODIFY_IPA_CLAIM, // Tests IPA opening (circuit PASS, IPA FAIL)
220 MODIFY_TRANSLATION_EVAL, // Tests translation masking consistency constraint (circuit FAIL)
221 MODIFY_LIBRA_EVAL, // Tests Libra SmallSubgroupIPA consistency constraint (circuit FAIL)
222 END
223 };
224
225 static void tamper_eccvm_proof(InnerProver& prover,
226 typename InnerFlavor::Transcript::Proof& proof,
227 TamperType tamper_type)
228 {
229 using FF = InnerFF;
230 static constexpr size_t FIRST_WITNESS_INDEX = InnerFlavor::NUM_PRECOMPUTED_ENTITIES;
231
232 StructuredProof<InnerFlavor> structured_proof;
233 structured_proof.deserialize(
234 prover.transcript->test_get_proof_data(), /*num_public_inputs=*/0, CONST_ECCVM_LOG_N);
235
236 switch (tamper_type) {
237 case TamperType::MODIFY_SUMCHECK_UNIVARIATE:
238 // Committed sumcheck: break the first-round sum by modifying eval_0 without compensating eval_1.
239 // Preserving the sum would only break IPA opening (external), not any in-circuit constraint.
240 structured_proof.sumcheck_round_eval_0s[0] += FF::random_element();
241 break;
242 case TamperType::MODIFY_SUMCHECK_EVAL:
243 structured_proof.sumcheck_evaluations[FIRST_WITNESS_INDEX] = FF::random_element();
244 break;
245 case TamperType::MODIFY_IPA_CLAIM:
246 // Modify the final Shplonk Q commitment — bypasses circuit constraints but corrupts IPA opening claim.
247 structured_proof.final_shplonk_q_comm = structured_proof.final_shplonk_q_comm * FF(2);
248 break;
249 case TamperType::MODIFY_TRANSLATION_EVAL:
250 structured_proof.translation_op_eval = FF::random_element();
251 break;
252 case TamperType::MODIFY_LIBRA_EVAL:
253 structured_proof.libra_quotient_eval = FF::random_element();
254 break;
255 case TamperType::END:
256 break;
257 }
258
259 structured_proof.serialize(prover.transcript->test_get_proof_data(), CONST_ECCVM_LOG_N);
260 prover.transcript->test_set_proof_parsing_state(0, InnerFlavor::PROOF_LENGTH);
261 proof = prover.export_proof();
262 }
263
264 static void test_recursive_verification_fails()
265 {
266 for (size_t idx = 0; idx < static_cast<size_t>(TamperType::END); idx++) {
267 TamperType tamper_type = static_cast<TamperType>(idx);
268
269 InnerBuilder builder = generate_circuit(&engine);
270 std::shared_ptr<Transcript> prover_transcript = std::make_shared<Transcript>();
271 InnerProver prover(builder, prover_transcript);
272 auto [proof, opening_claim] = prover.construct_proof();
273
274 // Compute IPA proof from the genuine opening claim (needed for MODIFY_IPA_CLAIM case)
275 auto ipa_transcript = std::make_shared<Transcript>();
276 PCS::compute_opening_proof(prover.key->commitment_key, opening_claim, ipa_transcript);
277 HonkProof ipa_proof = ipa_transcript->export_proof();
278
279 // Tamper with the proof
280 tamper_eccvm_proof(prover, proof, tamper_type);
281
282 OuterBuilder outer_circuit;
283 auto stdlib_proof = stdlib::Proof<OuterBuilder>(outer_circuit, proof);
284 std::shared_ptr<StdlibTranscript> stdlib_verifier_transcript = std::make_shared<StdlibTranscript>();
285 RecursiveVerifier verifier{ stdlib_verifier_transcript, stdlib_proof };
286 auto recursive_result = verifier.reduce_to_ipa_opening();
287 stdlib::recursion::honk::DefaultIO<OuterBuilder>::add_default(outer_circuit);
288
289 if (tamper_type == TamperType::MODIFY_IPA_CLAIM) {
290 // Modifying the final Shplonk Q bypasses circuit constraints but causes IPA failure
291 EXPECT_TRUE(CircuitChecker::check(outer_circuit));
292
293 // Verify IPA fails with the tampered opening claim
294 VerifierCommitmentKey<InnerFlavor::Curve> native_pcs_vk(1UL << CONST_ECCVM_LOG_N);
295 VerifierCommitmentKey<stdlib::grumpkin<OuterBuilder>> stdlib_pcs_vkey(
296 &outer_circuit, 1UL << CONST_ECCVM_LOG_N, native_pcs_vk);
297 auto stdlib_ipa_proof = stdlib::Proof<OuterBuilder>(outer_circuit, ipa_proof);
298 auto ipa_verify_transcript = std::make_shared<StdlibTranscript>(stdlib_ipa_proof);
299 EXPECT_FALSE(IPA<RecursiveFlavor::Curve>::full_verify_recursive(
300 stdlib_pcs_vkey, recursive_result.ipa_claim, ipa_verify_transcript));
301 } else {
302 // All other tamper types should cause a circuit constraint violation
303 EXPECT_FALSE(CircuitChecker::check(outer_circuit)) << "Expected circuit failure for TamperType " << idx;
304 }
305 }
306 }
307
308 static void test_independent_vk_hash()
309 {
310
311 // Retrieves the trace blocks (each consisting of a specific gate) from the recursive verifier circuit
312 auto get_blocks = [](size_t inner_size)
313 -> std::tuple<OuterBuilder::ExecutionTrace, std::shared_ptr<OuterFlavor::VerificationKey>> {
314 auto inner_circuit = generate_circuit(&engine, inner_size);
315 std::shared_ptr<Transcript> prover_transcript = std::make_shared<Transcript>();
316 InnerProver inner_prover(inner_circuit, prover_transcript);
317
318 auto [proof, opening_claim] = inner_prover.construct_proof();
319
320 // Compute IPA proof
321 auto ipa_transcript = std::make_shared<Transcript>();
322 PCS::compute_opening_proof(inner_prover.key->commitment_key, opening_claim, ipa_transcript);
323 HonkProof ipa_proof = ipa_transcript->export_proof();
324
325 // Create a recursive verification circuit for the proof of the inner circuit
326 OuterBuilder outer_circuit;
327 auto stdlib_proof = stdlib::Proof<OuterBuilder>(outer_circuit, proof);
328
329 std::shared_ptr<StdlibTranscript> stdlib_verifier_transcript = std::make_shared<StdlibTranscript>();
330 RecursiveVerifier verifier{ stdlib_verifier_transcript, stdlib_proof };
331
332 [[maybe_unused]] auto recursive_opening_claim = verifier.reduce_to_ipa_opening();
333 stdlib::recursion::honk::DefaultIO<OuterBuilder>::add_default(outer_circuit);
334
335 auto outer_proving_key = std::make_shared<OuterProverInstance>(outer_circuit);
336 auto outer_verification_key =
337 std::make_shared<OuterFlavor::VerificationKey>(outer_proving_key->get_precomputed());
338
339 return { outer_circuit.blocks, outer_verification_key };
340 };
341
342 auto [blocks_20, verification_key_20] = get_blocks(20);
343 auto [blocks_40, verification_key_40] = get_blocks(40);
344
345 compare_ultra_blocks_and_verification_keys<OuterFlavor>({ blocks_20, blocks_40 },
346 { verification_key_20, verification_key_40 });
347 };
348};
349
354
355TEST_F(ECCVMRecursiveTests, SingleRecursiveVerificationFailure)
356{
357 ECCVMRecursiveTests::test_recursive_verification_failure();
358};
359
364
369
374} // namespace bb
FF
bb::field< bb::Bn254FrParams > FF
Definition field.cpp:24
circuit_checker.hpp
bb::BaseTranscript
Common transcript class for both parties. Stores the data for the current round, as well as the manif...
Definition transcript.hpp:41
bb::CircuitBuilderBase::err
const std::string & err() const
Definition circuit_builder_base_impl.hpp:162
bb::ECCVMFlavor::ProvingKey
The proving key is responsible for storing the polynomials used by the prover.
Definition eccvm_flavor.hpp:778
bb::ECCVMFlavor::ECCVM_FIXED_SIZE
static constexpr size_t ECCVM_FIXED_SIZE
Definition eccvm_flavor.hpp:66
bb::ECCVMFlavor::FF
typename Curve::ScalarField FF
Definition eccvm_flavor.hpp:43
bb::ECCVMFlavor::CircuitBuilder
ECCVMCircuitBuilder CircuitBuilder
Definition eccvm_flavor.hpp:39
bb::ECCVMFlavor::Commitment
typename G1::affine_element Commitment
Definition eccvm_flavor.hpp:47
bb::ECCVMFlavor::BF
typename Curve::BaseField BF
Definition eccvm_flavor.hpp:44
bb::ECCVMFlavor::PROOF_LENGTH
static constexpr size_t PROOF_LENGTH
Definition eccvm_flavor.hpp:126
bb::ECCVMFlavor::NUM_PRECOMPUTED_ENTITIES
static constexpr size_t NUM_PRECOMPUTED_ENTITIES
Definition eccvm_flavor.hpp:80
bb::ECCVMFlavor::VerificationKey
FixedVKAndHash_< PrecomputedEntities< Commitment >, BF, ECCVMHardcodedVKAndHash > VerificationKey
The verification key stores commitments to the precomputed polynomials used by the verifier.
Definition eccvm_flavor.hpp:800
bb::ECCVMFlavor::Transcript
BaseTranscript< Codec, HashFunction > Transcript
Definition eccvm_flavor.hpp:53
bb::ECCVMProver::transcript
std::shared_ptr< Transcript > transcript
Definition eccvm_prover.hpp:55
bb::ECCVMProver::construct_proof
std::pair< Proof, OpeningClaim > construct_proof()
Definition eccvm_prover.cpp:207
bb::ECCVMProver::key
std::shared_ptr< ProvingKey > key
Definition eccvm_prover.hpp:73
bb::ECCVMRecursiveFlavor::Transcript
StdlibTranscript< CircuitBuilder > Transcript
Definition eccvm_recursive_flavor.hpp:89
bb::ECCVMRecursiveTests::tamper_eccvm_proof
static void tamper_eccvm_proof(InnerProver &prover, typename InnerFlavor::Transcript::Proof &proof, TamperType tamper_type)
Definition eccvm_recursive_verifier.test.cpp:225
bb::ECCVMRecursiveTests::generate_circuit
static InnerBuilder generate_circuit(numeric::RNG *engine=nullptr, const size_t num_iterations=1)
Adds operations in BN254 to the op_queue and then constructs and ECCVM circuit from the op_queue.
Definition eccvm_recursive_verifier.test.cpp:50
bb::ECCVMRecursiveTests::test_structured_proof_round_trip
static void test_structured_proof_round_trip()
Verify that StructuredProof<ECCVMFlavor> can round-trip serialize/deserialize a proof.
Definition eccvm_recursive_verifier.test.cpp:197
bb::ECCVMRecursiveTests::OuterFlavor
std::conditional_t< IsMegaBuilder< OuterBuilder >, MegaFlavor, UltraFlavor > OuterFlavor
Definition eccvm_recursive_verifier.test.cpp:36
bb::ECCVMVerifier_
Unified ECCVM verifier class for both native and recursive verification.
Definition eccvm_verifier.hpp:19
bb::ECCVMVerifier_::get_transcript
std::shared_ptr< Transcript > get_transcript() const
Definition eccvm_verifier.hpp:92
bb::ECCVMVerifier_::reduce_to_ipa_opening
ReductionResult reduce_to_ipa_opening()
Reduce the ECCVM proof to an IPA opening claim.
Definition eccvm_verifier.cpp:21
bb::FixedVKAndHash_
Simple verification key class for fixed-size circuits (ECCVM, Translator, AVM).
Definition flavor.hpp:101
bb::IPA
IPA (inner product argument) commitment scheme class.
Definition ipa.hpp:86
bb::ProverInstance_
Contains all the information required by a Honk prover to create a proof, constructed from a finalize...
Definition prover_instance.hpp:26
bb::TranslatorCircuitChecker::check
static bool check(const Builder &circuit)
Check the witness satisifies the circuit.
Definition translator_circuit_checker.cpp:20
bb::UltraCircuitBuilder_
Definition ultra_circuit_builder.hpp:40
bb::UltraCircuitBuilder_::get_num_finalized_gates
size_t get_num_finalized_gates() const override
Get the number of gates in a finalized circuit.
Definition ultra_circuit_builder.hpp:365
bb::UltraCircuitBuilder_::blocks
ExecutionTrace blocks
Definition ultra_circuit_builder.hpp:198
bb::UltraCircuitBuilder_::ExecutionTrace
ExecutionTrace_ ExecutionTrace
Definition ultra_circuit_builder.hpp:42
bb::UltraCircuitBuilder_::get_num_finalized_gates_inefficient
size_t get_num_finalized_gates_inefficient(bool ensure_nonzero=true) const
Get the number of gates in the finalized version of the circuit.
Definition ultra_circuit_builder.hpp:379
bb::UltraProver_
Definition ultra_prover.hpp:18
bb::UltraProver_::construct_proof
Proof construct_proof()
Definition ultra_prover.cpp:61
bb::UltraVerifier_
Definition ultra_verifier.hpp:79
bb::UltraVerifier_::verify_proof
Output verify_proof(const Proof &proof)
Perform ultra verification.
Definition ultra_verifier.cpp:232
bb::VerifierCommitmentKey
Representation of the Grumpkin Verifier Commitment Key inside a bn254 circuit.
Definition verifier_commitment_key.hpp:16
bb::curve::Grumpkin::Element
typename Group::element Element
Definition grumpkin.hpp:64
bb::stdlib::Proof
A simple wrapper around a vector of stdlib field elements representing a proof.
Definition proof.hpp:19
bb::stdlib::recursion::honk::DefaultIO::add_default
static void add_default(Builder &builder)
Add default public inputs when they are not present.
Definition special_public_inputs.hpp:200
zip_view
Definition zip_view.hpp:166
info
#define info(...)
Definition log.hpp:93
builder
AluTraceBuilder builder
Definition alu.test.cpp:124
a
FF a
Definition field_gt.test.cpp:52
b
FF b
Definition field_gt.test.cpp:53
eccvm_prover.hpp
engine
numeric::RNG & engine
Definition eccvm_transcript.test.cpp:285
eccvm_verifier.hpp
gate_count_constants.hpp
acir_format::ECCVM_RECURSIVE_VERIFIER_GATE_COUNT
constexpr size_t ECCVM_RECURSIVE_VERIFIER_GATE_COUNT
Definition gate_count_constants.hpp:150
bb::numeric::get_debug_randomness
RNG & get_debug_randomness(bool reset, std::uint_fast64_t seed)
Definition engine.cpp:217
bb::srs::bb_crs_path
std::filesystem::path bb_crs_path()
Definition global_crs.cpp:14
bb::srs::init_file_crs_factory
void init_file_crs_factory(const std::filesystem::path &path)
Definition global_crs.hpp:14
bb
Entry point for Barretenberg command-line interface.
Definition api.hpp:5
bb::HonkProof
std::vector< fr > HonkProof
Definition proof.hpp:15
bb::ECCVMRecursiveVerifier
ECCVMVerifier_< ECCVMRecursiveFlavor > ECCVMRecursiveVerifier
Definition eccvm_verifier.hpp:126
bb::TEST_F
TEST_F(IPATest, ChallengesAreZero)
Definition ipa.test.cpp:155
bb::ECCVMVerifier
ECCVMVerifier_< ECCVMFlavor > ECCVMVerifier
Definition eccvm_verifier.hpp:125
std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13
G1
Curve::AffineElement G1
Definition pippenger.bench.cpp:21
proof_structures.hpp
bb::StructuredProof
Test utility for deserializing/serializing proof data into typed structures.
Definition proof_structures.hpp:28
bb::field< Bn254FrParams >::random_element
static field random_element(numeric::RNG *engine=nullptr) noexcept
Definition field_impl.hpp:783
ultra_prover.hpp
ultra_verification_keys_comparator.hpp
ultra_verifier.hpp