Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
eccvm_transcript.test.cpp
Go to the documentation of this file.
1#include "barretenberg/commitment_schemes/ipa/ipa.hpp"
2#include "barretenberg/ecc/curves/bn254/g1.hpp"
3#include "barretenberg/eccvm/eccvm_flavor.hpp"
4#include "barretenberg/eccvm/eccvm_prover.hpp"
5#include "barretenberg/eccvm/eccvm_test_utils.hpp"
6#include "barretenberg/eccvm/eccvm_verifier.hpp"
7#include "barretenberg/flavor/flavor.hpp"
8#include "barretenberg/numeric/bitop/get_msb.hpp"
9#include "barretenberg/polynomials/univariate.hpp"
10#include "barretenberg/srs/global_crs.hpp"
11#include "barretenberg/transcript/transcript.hpp"
12#include <gtest/gtest.h>
13
14using namespace bb;
15using eccvm_test_utils::add_hiding_op_for_test;
16
17class ECCVMTranscriptTests : public ::testing::Test {
18 public:
19 void SetUp() override { srs::init_file_crs_factory(srs::bb_crs_path()); };
20 using FF = grumpkin::fr;
21 using Flavor = ECCVMFlavor;
22 using Transcript = Flavor::Transcript;
23 using PCS = IPA<Flavor::Curve, CONST_ECCVM_LOG_N>;
35 TranscriptManifest construct_eccvm_honk_manifest()
36 {
37 TranscriptManifest manifest_expected;
38 // Size of types is number of bb::frs needed to represent the type
39 size_t frs_per_Fq = FrCodec::calc_num_fields<FF>();
40 size_t frs_per_Fr = FrCodec::calc_num_fields<Flavor::BF>();
41 size_t frs_per_G = FrCodec::calc_num_fields<typename Flavor::Commitment>();
42 size_t frs_per_evals = (Flavor::NUM_ALL_ENTITIES)*frs_per_Fq;
43
44 size_t round = 0;
45 manifest_expected.add_entry(round, "vk_hash", frs_per_Fr);
46 manifest_expected.add_entry(round, "Gemini:masking_poly_comm", frs_per_G);
47 manifest_expected.add_entry(round, "TRANSCRIPT_ADD", frs_per_G);
48 manifest_expected.add_entry(round, "TRANSCRIPT_EQ", frs_per_G);
49 manifest_expected.add_entry(round, "TRANSCRIPT_MSM_TRANSITION", frs_per_G);
50 manifest_expected.add_entry(round, "TRANSCRIPT_PX", frs_per_G);
51 manifest_expected.add_entry(round, "TRANSCRIPT_PY", frs_per_G);
52 manifest_expected.add_entry(round, "TRANSCRIPT_Z1", frs_per_G);
53 manifest_expected.add_entry(round, "TRANSCRIPT_Z2", frs_per_G);
54 manifest_expected.add_entry(round, "TRANSCRIPT_Z1ZERO", frs_per_G);
55 manifest_expected.add_entry(round, "TRANSCRIPT_Z2ZERO", frs_per_G);
56 manifest_expected.add_entry(round, "TRANSCRIPT_OP", frs_per_G);
57 manifest_expected.add_entry(round, "TRANSCRIPT_MSM_X", frs_per_G);
58 manifest_expected.add_entry(round, "TRANSCRIPT_MSM_Y", frs_per_G);
59 manifest_expected.add_entry(round, "PRECOMPUTE_POINT_TRANSITION", frs_per_G);
60 manifest_expected.add_entry(round, "PRECOMPUTE_S1LO", frs_per_G);
61 manifest_expected.add_entry(round, "PRECOMPUTE_S2HI", frs_per_G);
62 manifest_expected.add_entry(round, "PRECOMPUTE_S2LO", frs_per_G);
63 manifest_expected.add_entry(round, "PRECOMPUTE_S3HI", frs_per_G);
64 manifest_expected.add_entry(round, "PRECOMPUTE_S3LO", frs_per_G);
65 manifest_expected.add_entry(round, "PRECOMPUTE_S4HI", frs_per_G);
66 manifest_expected.add_entry(round, "PRECOMPUTE_S4LO", frs_per_G);
67 manifest_expected.add_entry(round, "PRECOMPUTE_SKEW", frs_per_G);
68 manifest_expected.add_entry(round, "MSM_SIZE_OF_MSM", frs_per_G);
69 manifest_expected.add_entry(round, "MSM_ADD2", frs_per_G);
70 manifest_expected.add_entry(round, "MSM_ADD3", frs_per_G);
71 manifest_expected.add_entry(round, "MSM_ADD4", frs_per_G);
72 manifest_expected.add_entry(round, "MSM_X1", frs_per_G);
73 manifest_expected.add_entry(round, "MSM_Y1", frs_per_G);
74 manifest_expected.add_entry(round, "MSM_X2", frs_per_G);
75 manifest_expected.add_entry(round, "MSM_Y2", frs_per_G);
76 manifest_expected.add_entry(round, "MSM_X3", frs_per_G);
77 manifest_expected.add_entry(round, "MSM_Y3", frs_per_G);
78 manifest_expected.add_entry(round, "MSM_X4", frs_per_G);
79 manifest_expected.add_entry(round, "MSM_Y4", frs_per_G);
80 manifest_expected.add_entry(round, "MSM_COLLISION_X1", frs_per_G);
81 manifest_expected.add_entry(round, "MSM_COLLISION_X2", frs_per_G);
82 manifest_expected.add_entry(round, "MSM_COLLISION_X3", frs_per_G);
83 manifest_expected.add_entry(round, "MSM_COLLISION_X4", frs_per_G);
84 manifest_expected.add_entry(round, "MSM_LAMBDA1", frs_per_G);
85 manifest_expected.add_entry(round, "MSM_LAMBDA2", frs_per_G);
86 manifest_expected.add_entry(round, "MSM_LAMBDA3", frs_per_G);
87 manifest_expected.add_entry(round, "MSM_LAMBDA4", frs_per_G);
88 manifest_expected.add_entry(round, "MSM_SLICE1", frs_per_G);
89 manifest_expected.add_entry(round, "MSM_SLICE2", frs_per_G);
90 manifest_expected.add_entry(round, "MSM_SLICE3", frs_per_G);
91 manifest_expected.add_entry(round, "MSM_SLICE4", frs_per_G);
92 manifest_expected.add_entry(round, "TRANSCRIPT_RESET_ACCUMULATOR", frs_per_G);
93 manifest_expected.add_entry(round, "LOOKUP_READ_COUNTS_0", frs_per_G);
94 manifest_expected.add_entry(round, "LOOKUP_READ_COUNTS_1", frs_per_G);
95 manifest_expected.add_entry(round, "TRANSCRIPT_BASE_INFINITY", frs_per_G);
96 manifest_expected.add_entry(round, "TRANSCRIPT_BASE_X_INVERSE", frs_per_G);
97 manifest_expected.add_entry(round, "TRANSCRIPT_BASE_Y_INVERSE", frs_per_G);
98 manifest_expected.add_entry(round, "TRANSCRIPT_ADD_X_EQUAL", frs_per_G);
99 manifest_expected.add_entry(round, "TRANSCRIPT_ADD_Y_EQUAL", frs_per_G);
100 manifest_expected.add_entry(round, "TRANSCRIPT_ADD_LAMBDA", frs_per_G);
101 manifest_expected.add_entry(round, "TRANSCRIPT_MSM_INTERMEDIATE_X", frs_per_G);
102 manifest_expected.add_entry(round, "TRANSCRIPT_MSM_INTERMEDIATE_Y", frs_per_G);
103 manifest_expected.add_entry(round, "TRANSCRIPT_MSM_INFINITY", frs_per_G);
104 manifest_expected.add_entry(round, "TRANSCRIPT_MSM_X_INVERSE", frs_per_G);
105 manifest_expected.add_entry(round, "TRANSCRIPT_MSM_COUNT_ZERO_AT_TRANSITION", frs_per_G);
106 manifest_expected.add_entry(round, "TRANSCRIPT_MSM_COUNT_AT_TRANSITION_INVERSE", frs_per_G);
107 manifest_expected.add_entry(round, "TRANSCRIPT_MUL", frs_per_G);
108 manifest_expected.add_entry(round, "TRANSCRIPT_MSM_COUNT", frs_per_G);
109 manifest_expected.add_entry(round, "PRECOMPUTE_SCALAR_SUM", frs_per_G);
110 manifest_expected.add_entry(round, "PRECOMPUTE_S1HI", frs_per_G);
111 manifest_expected.add_entry(round, "PRECOMPUTE_DX", frs_per_G);
112 manifest_expected.add_entry(round, "PRECOMPUTE_DY", frs_per_G);
113 manifest_expected.add_entry(round, "PRECOMPUTE_TX", frs_per_G);
114 manifest_expected.add_entry(round, "PRECOMPUTE_TY", frs_per_G);
115 manifest_expected.add_entry(round, "MSM_TRANSITION", frs_per_G);
116 manifest_expected.add_entry(round, "MSM_ADD", frs_per_G);
117 manifest_expected.add_entry(round, "MSM_DOUBLE", frs_per_G);
118 manifest_expected.add_entry(round, "MSM_SKEW", frs_per_G);
119 manifest_expected.add_entry(round, "MSM_ACCUMULATOR_X", frs_per_G);
120 manifest_expected.add_entry(round, "MSM_ACCUMULATOR_Y", frs_per_G);
121 manifest_expected.add_entry(round, "MSM_COUNT", frs_per_G);
122 manifest_expected.add_entry(round, "MSM_ROUND", frs_per_G);
123 manifest_expected.add_entry(round, "MSM_ADD1", frs_per_G);
124 manifest_expected.add_entry(round, "MSM_PC", frs_per_G);
125 manifest_expected.add_entry(round, "PRECOMPUTE_PC", frs_per_G);
126 manifest_expected.add_entry(round, "TRANSCRIPT_PC", frs_per_G);
127 manifest_expected.add_entry(round, "PRECOMPUTE_ROUND", frs_per_G);
128 manifest_expected.add_entry(round, "PRECOMPUTE_SELECT", frs_per_G);
129 manifest_expected.add_entry(round, "TRANSCRIPT_ACCUMULATOR_NOT_EMPTY", frs_per_G);
130 manifest_expected.add_entry(round, "TRANSCRIPT_ACCUMULATOR_X", frs_per_G);
131 manifest_expected.add_entry(round, "TRANSCRIPT_ACCUMULATOR_Y", frs_per_G);
132 manifest_expected.add_challenge(round, std::array{ "beta", "gamma" });
133
134 round++;
135 manifest_expected.add_entry(round, "LOOKUP_INVERSES", frs_per_G);
136 manifest_expected.add_entry(round, "Z_PERM", frs_per_G);
137 manifest_expected.add_challenge(round, "Sumcheck:alpha");
138
139 for (size_t i = 0; i < CONST_ECCVM_LOG_N; i++) {
140 std::string label = "Sumcheck:gate_challenge_" + std::to_string(i);
141 manifest_expected.add_challenge(round, label);
142 }
143 round++;
144
145 manifest_expected.add_entry(round, "Libra:concatenation_commitment", frs_per_G);
146 manifest_expected.add_entry(round, "Libra:Sum", frs_per_Fq);
147 // get the challenge for the ZK Sumcheck claim
148 manifest_expected.add_challenge(round, "Libra:Challenge");
149
150 for (size_t i = 0; i < CONST_ECCVM_LOG_N; ++i) {
151 round++;
152 std::string idx = std::to_string(i);
153 manifest_expected.add_entry(round, "Sumcheck:univariate_comm_" + idx, frs_per_G);
154 manifest_expected.add_entry(round, "Sumcheck:univariate_" + idx + "_eval_0", frs_per_Fq);
155 manifest_expected.add_entry(round, "Sumcheck:univariate_" + idx + "_eval_1", frs_per_Fq);
156 std::string label = "Sumcheck:u_" + idx;
157 manifest_expected.add_challenge(round, label);
158 }
159
160 round++;
161
162 manifest_expected.add_entry(round, "Sumcheck:evaluations", frs_per_evals);
163 manifest_expected.add_entry(round, "Libra:claimed_evaluation", frs_per_Fq);
164 manifest_expected.add_entry(round, "Libra:grand_sum_commitment", frs_per_G);
165 manifest_expected.add_entry(round, "Libra:quotient_commitment", frs_per_G);
166
167 manifest_expected.add_challenge(round, "rho");
168
169 round++;
170 for (size_t i = 1; i < CONST_ECCVM_LOG_N; ++i) {
171 std::string idx = std::to_string(i);
172 manifest_expected.add_entry(round, "Gemini:FOLD_" + idx, frs_per_G);
173 }
174 manifest_expected.add_challenge(round, "Gemini:r");
175 round++;
176 for (size_t i = 1; i <= CONST_ECCVM_LOG_N; ++i) {
177 std::string idx = std::to_string(i);
178 manifest_expected.add_entry(round, "Gemini:a_" + idx, frs_per_Fq);
179 }
180 manifest_expected.add_entry(round, "Libra:concatenation_eval", frs_per_Fq);
181 manifest_expected.add_entry(round, "Libra:shifted_grand_sum_eval", frs_per_Fq);
182 manifest_expected.add_entry(round, "Libra:grand_sum_eval", frs_per_Fq);
183 manifest_expected.add_entry(round, "Libra:quotient_eval", frs_per_Fq);
184 manifest_expected.add_challenge(round, "Shplonk:nu");
185 round++;
186 manifest_expected.add_entry(round, "Shplonk:Q", frs_per_G);
187 manifest_expected.add_challenge(round, "Shplonk:z");
188
189 round++;
190 manifest_expected.add_entry(round, "Translation:concatenated_masking_term_commitment", frs_per_G);
191 manifest_expected.add_challenge(round, "Translation:evaluation_challenge_x");
192
193 round++;
194 manifest_expected.add_entry(round, "Translation:op", frs_per_Fq);
195 manifest_expected.add_entry(round, "Translation:Px", frs_per_Fq);
196 manifest_expected.add_entry(round, "Translation:Py", frs_per_Fq);
197 manifest_expected.add_entry(round, "Translation:z1", frs_per_Fq);
198 manifest_expected.add_entry(round, "Translation:z2", frs_per_Fq);
199 manifest_expected.add_challenge(round, "Translation:batching_challenge_v");
200
201 round++;
202 manifest_expected.add_entry(round, "Translation:masking_term_eval", frs_per_Fq);
203 manifest_expected.add_entry(round, "Translation:grand_sum_commitment", frs_per_G);
204 manifest_expected.add_entry(round, "Translation:quotient_commitment", frs_per_G);
205 manifest_expected.add_challenge(round, "Translation:small_ipa_evaluation_challenge");
206
207 round++;
208 manifest_expected.add_entry(round, "Translation:concatenation_eval", frs_per_Fq);
209 manifest_expected.add_entry(round, "Translation:grand_sum_shift_eval", frs_per_Fq);
210 manifest_expected.add_entry(round, "Translation:grand_sum_eval", frs_per_Fq);
211 manifest_expected.add_entry(round, "Translation:quotient_eval", frs_per_Fq);
212 manifest_expected.add_challenge(round, "Shplonk:nu");
213
214 round++;
215 manifest_expected.add_entry(round, "Shplonk:Q", frs_per_G);
216 manifest_expected.add_challenge(round, "Shplonk:z");
217
218 return manifest_expected;
219 }
220
221 TranscriptManifest construct_eccvm_ipa_manifest()
222 {
223 TranscriptManifest manifest_expected;
224 // Size of types is number of bb::frs needed to represent the type
225 size_t frs_per_Fq = FrCodec::calc_num_fields<FF>();
226 size_t frs_per_G = FrCodec::calc_num_fields<Flavor::Commitment>();
227 size_t round = 0;
228
229 manifest_expected.add_entry(round, "IPA:commitment", frs_per_G);
230 manifest_expected.add_entry(round, "IPA:challenge", frs_per_Fq);
231 manifest_expected.add_entry(round, "IPA:evaluation", frs_per_Fq);
232 manifest_expected.add_challenge(round, "IPA:generator_challenge");
233
234 for (size_t i = 0; i < CONST_ECCVM_LOG_N; ++i) {
235 round++;
236 std::string idx = std::to_string(CONST_ECCVM_LOG_N - i - 1);
237 manifest_expected.add_entry(round, "IPA:L_" + idx, frs_per_G);
238 manifest_expected.add_entry(round, "IPA:R_" + idx, frs_per_G);
239 std::string label = "IPA:round_challenge_" + idx;
240 manifest_expected.add_challenge(round, label);
241 }
242
243 round++;
244 manifest_expected.add_entry(round, "IPA:G_0", frs_per_G);
245 manifest_expected.add_entry(round, "IPA:a_0", frs_per_Fq);
246 return manifest_expected;
247 }
248
249 ECCVMCircuitBuilder generate_trace(numeric::RNG* engine = nullptr)
250 {
251 std::shared_ptr<ECCOpQueue> op_queue = std::make_shared<ECCOpQueue>();
252 using G1 = typename Flavor::CycleGroup;
253 using Fr = typename G1::Fr;
254
255 auto generators = G1::derive_generators("test generators", 3);
256
257 typename G1::element a = generators[0];
258 typename G1::element b = generators[1];
259 typename G1::element c = generators[2];
260 Fr x = Fr::random_element(engine);
261 Fr y = Fr::random_element(engine);
262
263 op_queue->add_accumulate(a);
264 op_queue->mul_accumulate(a, x);
265 op_queue->mul_accumulate(b, x);
266 op_queue->mul_accumulate(b, y);
267 op_queue->add_accumulate(a);
268 op_queue->mul_accumulate(b, x);
269 op_queue->eq_and_reset();
270 op_queue->add_accumulate(c);
271 op_queue->mul_accumulate(a, x);
272 op_queue->mul_accumulate(b, x);
273 op_queue->eq_and_reset();
274 op_queue->mul_accumulate(a, x);
275 op_queue->mul_accumulate(b, x);
276 op_queue->mul_accumulate(c, x);
277 op_queue->merge();
278 add_hiding_op_for_test(op_queue);
279
280 ECCVMCircuitBuilder builder{ op_queue };
281 return builder;
282 }
283};
284
285numeric::RNG& engine = numeric::get_debug_randomness();
286
291TEST_F(ECCVMTranscriptTests, ProverManifestConsistency)
292{
293 // Construct a simple circuit
294 auto builder = this->generate_trace(&engine);
295
296 // Automatically generate a transcript manifest by constructing a proof
297 std::shared_ptr<Transcript> prover_transcript = std::make_shared<Transcript>();
298 ECCVMProver prover(builder, prover_transcript);
299 prover.transcript->enable_manifest();
300 auto [proof, opening_claim] = prover.construct_proof();
301
302 // Compute IPA proof with manifest enabled
303 auto ipa_transcript = std::make_shared<Transcript>();
304 ipa_transcript->enable_manifest();
305 PCS::compute_opening_proof(prover.key->commitment_key, opening_claim, ipa_transcript);
306
307 // Check that the prover generated manifest agrees with the manifest hard coded in this suite
308 auto manifest_expected = this->construct_eccvm_honk_manifest();
309 auto prover_manifest = prover.transcript->get_manifest();
310
311 // Note: a manifest can be printed using manifest.print()
312 ASSERT_GT(manifest_expected.size(), 0);
313 for (size_t round = 0; round < manifest_expected.size(); ++round) {
314 ASSERT_EQ(prover_manifest[round], manifest_expected[round]) << "Prover manifest discrepency in round " << round;
315 }
316
317 auto ipa_manifest_expected = this->construct_eccvm_ipa_manifest();
318 auto prover_ipa_manifest = ipa_transcript->get_manifest();
319
320 // Note: a manifest can be printed using manifest.print()
321 ASSERT_GT(ipa_manifest_expected.size(), 0);
322 for (size_t round = 0; round < ipa_manifest_expected.size(); ++round) {
323 ASSERT_EQ(prover_ipa_manifest[round], ipa_manifest_expected[round])
324 << "IPA prover manifest discrepency in round " << round;
325 }
326}
327
333TEST_F(ECCVMTranscriptTests, VerifierManifestConsistency)
334{
335 // Construct a simple circuit
336 auto builder = this->generate_trace(&engine);
337
338 // Automatically generate a transcript manifest in the prover by constructing a proof
339 std::shared_ptr<Transcript> prover_transcript = std::make_shared<Transcript>();
340 ECCVMProver prover(builder, prover_transcript);
341 prover_transcript->enable_manifest();
342 auto [proof, opening_claim] = prover.construct_proof();
343
344 // Compute IPA proof with manifest enabled
345 auto prover_ipa_transcript = std::make_shared<Transcript>();
346 prover_ipa_transcript->enable_manifest();
347 PCS::compute_opening_proof(prover.key->commitment_key, opening_claim, prover_ipa_transcript);
348
349 // Automatically generate a transcript manifest in the verifier by verifying a proof
350 std::shared_ptr<Transcript> verifier_transcript = std::make_shared<Transcript>();
351 verifier_transcript->enable_manifest();
352 ECCVMVerifier verifier(verifier_transcript, proof);
353 auto verification_result = verifier.reduce_to_ipa_opening();
354
355 // Verify IPA with manifest enabled
356 auto verifier_ipa_transcript = std::make_shared<Transcript>(prover_ipa_transcript->export_proof());
357 verifier_ipa_transcript->enable_manifest();
358 auto ipa_vk = VerifierCommitmentKey<curve::Grumpkin>{ ECCVMFlavor::ECCVM_FIXED_SIZE };
359 IPA<curve::Grumpkin>::reduce_verify(ipa_vk, verification_result.ipa_claim, verifier_ipa_transcript);
360
361 // Check consistency between the manifests generated by the prover and verifier
362 auto prover_manifest = prover.transcript->get_manifest();
363 auto verifier_manifest = verifier.get_transcript()->get_manifest();
364
365 // Note: a manifest can be printed using manifest.print()
366 // The last challenge generated by the ECCVM Prover is the translation univariate batching challenge and, on the
367 // verifier side, is only generated in the translator verifier hence the ECCVM prover's manifest will have one extra
368 // challenge
369 ASSERT_GT(prover_manifest.size(), 0);
370 for (size_t round = 0; round < prover_manifest.size() - 1; ++round) {
371 ASSERT_EQ(prover_manifest[round], verifier_manifest[round])
372 << "Prover/Verifier manifest discrepency in round " << round;
373 }
374
375 // Check consistency of IPA transcripts
376 auto prover_ipa_manifest = prover_ipa_transcript->get_manifest();
377 auto verifier_ipa_manifest = verifier_ipa_transcript->get_manifest();
378 ASSERT_GT(prover_ipa_manifest.size(), 0);
379 for (size_t round = 0; round < prover_ipa_manifest.size(); ++round) {
380 ASSERT_EQ(prover_ipa_manifest[round], verifier_ipa_manifest[round])
381 << "Prover/Verifier IPA manifest discrepency in round " << round;
382 }
383}
384
390TEST_F(ECCVMTranscriptTests, ChallengeGenerationTest)
391{
392 // initialized with random value sent to verifier
393 auto transcript = Flavor::Transcript::test_prover_init_empty();
394 // test a bunch of challenges
395 std::vector<std::string> challenge_labels{ "a", "b", "c", "d", "e", "f" };
396 auto challenges = transcript->template get_challenges<FF>(challenge_labels);
397 // check they are not 0
398 for (size_t i = 0; i < challenges.size(); ++i) {
399 ASSERT_NE(challenges[i], 0) << "Challenge " << i << " is 0";
400 }
401 constexpr uint32_t random_val{ 17 }; // arbitrary
402 transcript->send_to_verifier("random val", random_val);
403 // test more challenges
404 challenge_labels = { "a", "b", "c" };
405 challenges = transcript->template get_challenges<FF>(challenge_labels);
406
407 ASSERT_NE(challenges[0], 0) << "Challenge a is 0";
408 ASSERT_NE(challenges[1], 0) << "Challenge b is 0";
409 ASSERT_NE(challenges[2], 0) << "Challenge c is 0";
410}
ECCVMTranscriptTests::generate_trace
ECCVMCircuitBuilder generate_trace(numeric::RNG *engine=nullptr)
Definition eccvm_transcript.test.cpp:249
ECCVMTranscriptTests::construct_eccvm_honk_manifest
TranscriptManifest construct_eccvm_honk_manifest()
Construct a manifest for a ECCVM Honk proof.
Definition eccvm_transcript.test.cpp:35
ECCVMTranscriptTests::construct_eccvm_ipa_manifest
TranscriptManifest construct_eccvm_ipa_manifest()
Definition eccvm_transcript.test.cpp:221
bb::BaseTranscript
Common transcript class for both parties. Stores the data for the current round, as well as the manif...
Definition transcript.hpp:41
bb::ECCVMFlavor::ECCVM_FIXED_SIZE
static constexpr size_t ECCVM_FIXED_SIZE
Definition eccvm_flavor.hpp:66
bb::ECCVMFlavor::NUM_ALL_ENTITIES
static constexpr size_t NUM_ALL_ENTITIES
Definition eccvm_flavor.hpp:77
bb::ECCVMFlavor::Transcript
BaseTranscript< Codec, HashFunction > Transcript
Definition eccvm_flavor.hpp:53
bb::ECCVMProver::transcript
std::shared_ptr< Transcript > transcript
Definition eccvm_prover.hpp:55
bb::ECCVMProver::construct_proof
std::pair< Proof, OpeningClaim > construct_proof()
Definition eccvm_prover.cpp:207
bb::ECCVMProver::key
std::shared_ptr< ProvingKey > key
Definition eccvm_prover.hpp:73
bb::ECCVMVerifier_
Unified ECCVM verifier class for both native and recursive verification.
Definition eccvm_verifier.hpp:19
bb::ECCVMVerifier_::get_transcript
std::shared_ptr< Transcript > get_transcript() const
Definition eccvm_verifier.hpp:92
bb::ECCVMVerifier_::reduce_to_ipa_opening
ReductionResult reduce_to_ipa_opening()
Reduce the ECCVM proof to an IPA opening claim.
Definition eccvm_verifier.cpp:21
bb::IPA
IPA (inner product argument) commitment scheme class.
Definition ipa.hpp:86
bb::TranscriptManifest::add_entry
void add_entry(size_t round, const std::string &element_label, size_t element_size)
Definition transcript_manifest.hpp:78
bb::TranscriptManifest::add_challenge
void add_challenge(size_t round, const std::string &label)
Add a single challenge label to the manifest for the given round.
Definition transcript_manifest.hpp:45
bb::VerifierCommitmentKey
Representation of the Grumpkin Verifier Commitment Key inside a bn254 circuit.
Definition verifier_commitment_key.hpp:16
builder
AluTraceBuilder builder
Definition alu.test.cpp:124
a
FF a
Definition field_gt.test.cpp:52
b
FF b
Definition field_gt.test.cpp:53
eccvm_flavor.hpp
eccvm_prover.hpp
eccvm_test_utils.hpp
engine
numeric::RNG & engine
Definition eccvm_transcript.test.cpp:285
eccvm_verifier.hpp
flavor.hpp
Base class templates shared across Honk flavors.
get_msb.hpp
global_crs.hpp
bb::eccvm_test_utils::add_hiding_op_for_test
void add_hiding_op_for_test(const std::shared_ptr< ECCOpQueue > &op_queue)
Set a hiding op on the op_queue for testing.
Definition eccvm_test_utils.hpp:70
bb::numeric::get_debug_randomness
RNG & get_debug_randomness(bool reset, std::uint_fast64_t seed)
Definition engine.cpp:217
bb::srs::bb_crs_path
std::filesystem::path bb_crs_path()
Definition global_crs.cpp:14
bb::srs::init_file_crs_factory
void init_file_crs_factory(const std::filesystem::path &path)
Definition global_crs.hpp:14
bb
Entry point for Barretenberg command-line interface.
Definition api.hpp:5
bb::TEST_F
TEST_F(IPATest, ChallengesAreZero)
Definition ipa.test.cpp:155
std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13
std::to_string
std::string to_string(bb::avm2::ValueTag tag)
Definition tagged_value.cpp:402
G1
Curve::AffineElement G1
Definition pippenger.bench.cpp:21
bb::field< Bn254FrParams >::random_element
static field random_element(numeric::RNG *engine=nullptr) noexcept
Definition field_impl.hpp:783