Barretenberg: src/barretenberg/ultra_honk/ultra_prover.hpp Source File

// === AUDIT STATUS ===

// internal:    { status: Completed, auditors: [Sergei], commit: }

// external_1:  { status: not started, auditors: [], commit: }

// external_2:  { status: not started, auditors: [], commit: }

// =====================


#pragma once

#include "barretenberg/commitment_schemes/small_subgroup_ipa/small_subgroup_ipa.hpp"

#include "barretenberg/flavor/mega_flavor.hpp"

#include "barretenberg/flavor/ultra_flavor.hpp"

#include "barretenberg/honk/proof_system/types/proof.hpp"

#include "barretenberg/sumcheck/sumcheck_output.hpp"

#include "barretenberg/transcript/transcript.hpp"

#include "barretenberg/ultra_honk/prover_instance.hpp"


namespace bb {


template <typename Flavor_> class UltraProver_ {

  public:

    using Flavor = Flavor_;

    using FF = typename Flavor::FF;

    using CommitmentKey = typename Flavor::CommitmentKey;

    using Curve = typename Flavor::Curve;

    using PCS = typename Flavor::PCS;

    using ProverInstance = ProverInstance_<Flavor>;

    using SmallSubgroupIPA = SmallSubgroupIPAProver<Flavor>;

    using HonkVK = typename Flavor::VerificationKey;

    using Transcript = typename Flavor::Transcript;

    using Proof = typename Transcript::Proof;

    using ZKData = ZKSumcheckData<Flavor>;


    explicit UltraProver_(std::shared_ptr<ProverInstance>,

                          const std::shared_ptr<HonkVK>&,

                          const std::shared_ptr<Transcript>& transcript = std::make_shared<Transcript>());


    Proof export_proof();

    Proof construct_proof();


    size_t num_public_inputs() const { return prover_instance->num_public_inputs(); }

    size_t log_dyadic_size() const { return prover_instance->log_dyadic_size(); }

    const std::shared_ptr<Transcript>& get_transcript() const { return transcript; }


  private:

    std::shared_ptr<ProverInstance> prover_instance;

    std::shared_ptr<Transcript> transcript;

    std::shared_ptr<HonkVK> honk_vk;

    SumcheckOutput<Flavor> sumcheck_output;

    ZKData zk_sumcheck_data;

    CommitmentKey commitment_key;


    size_t virtual_log_n; // Set during gate challenge generation, reused by sumcheck and PCS


    BB_PROFILE void execute_sumcheck_iop();

    BB_PROFILE void execute_pcs();

    BB_PROFILE void generate_gate_challenges();

};


using UltraProver = UltraProver_<UltraFlavor>;

using UltraZKProver = UltraProver_<UltraZKFlavor>;

using UltraKeccakProver = UltraProver_<UltraKeccakFlavor>;

#ifdef STARKNET_GARAGA_FLAVORS

using UltraStarknetProver = UltraProver_<UltraStarknetFlavor>;

using UltraStarknetZKProver = UltraProver_<UltraStarknetZKFlavor>;

#endif

using UltraKeccakZKProver = UltraProver_<UltraKeccakZKFlavor>;

using MegaProver = UltraProver_<MegaFlavor>;

using MegaZKProver = UltraProver_<MegaZKFlavor>;


} // namespace bb

bb::BaseTranscript::Proof
std::vector< DataType > Proof
Definition transcript.hpp:46

bb::ECCVMFlavor::FF
typename Curve::ScalarField FF
Definition eccvm_flavor.hpp:43

bb::ECCVMFlavor::Curve
curve::Grumpkin Curve
Definition eccvm_flavor.hpp:41

bb::ECCVMFlavor::CommitmentKey
bb::CommitmentKey< Curve > CommitmentKey
Definition eccvm_flavor.hpp:48

bb::ECCVMFlavor::VerificationKey
FixedVKAndHash_< PrecomputedEntities< Commitment >, BF, ECCVMHardcodedVKAndHash > VerificationKey
The verification key stores commitments to the precomputed polynomials used by the verifier.
Definition eccvm_flavor.hpp:800

bb::ECCVMFlavor::Transcript
BaseTranscript< Codec, HashFunction > Transcript
Definition eccvm_flavor.hpp:53

bb::ProverInstance_
Contains all the information required by a Honk prover to create a proof, constructed from a finalize...
Definition prover_instance.hpp:26

bb::SmallSubgroupIPAProver
A Curve-agnostic ZK protocol to prove inner products of small vectors.
Definition small_subgroup_ipa.hpp:69

bb::UltraProver_
Definition ultra_prover.hpp:18

bb::UltraProver_::Flavor
Flavor_ Flavor
Definition ultra_prover.hpp:20

bb::UltraProver_::num_public_inputs
size_t num_public_inputs() const
Definition ultra_prover.hpp:39

bb::UltraProver_::commitment_key
CommitmentKey commitment_key
Definition ultra_prover.hpp:49

bb::UltraProver_::honk_vk
std::shared_ptr< HonkVK > honk_vk
Definition ultra_prover.hpp:46

bb::UltraProver_::generate_gate_challenges
BB_PROFILE void generate_gate_challenges()
Definition ultra_prover.cpp:52

bb::UltraProver_::execute_pcs
BB_PROFILE void execute_pcs()
Reduce the sumcheck multivariate evaluations to a single univariate opening claim via Shplemini,...
Definition ultra_prover.cpp:123

bb::UltraProver_::sumcheck_output
SumcheckOutput< Flavor > sumcheck_output
Definition ultra_prover.hpp:47

bb::UltraProver_::PCS
typename Flavor::PCS PCS
Definition ultra_prover.hpp:24

bb::UltraProver_::transcript
std::shared_ptr< Transcript > transcript
Definition ultra_prover.hpp:45

bb::UltraProver_::get_transcript
const std::shared_ptr< Transcript > & get_transcript() const
Definition ultra_prover.hpp:41

bb::UltraProver_::virtual_log_n
size_t virtual_log_n
Definition ultra_prover.hpp:51

bb::UltraProver_::Proof
typename Transcript::Proof Proof
Definition ultra_prover.hpp:29

bb::UltraProver_::prover_instance
std::shared_ptr< ProverInstance > prover_instance
Definition ultra_prover.hpp:44

bb::UltraProver_::execute_sumcheck_iop
BB_PROFILE void execute_sumcheck_iop()
Run Sumcheck to establish that ∑_i pow(\vec{β*})f_i(ω) = 0, producing sumcheck round challenges u = (...
Definition ultra_prover.cpp:97

bb::UltraProver_::CommitmentKey
typename Flavor::CommitmentKey CommitmentKey
Definition ultra_prover.hpp:22

bb::UltraProver_::FF
typename Flavor::FF FF
Definition ultra_prover.hpp:21

bb::UltraProver_::Transcript
typename Flavor::Transcript Transcript
Definition ultra_prover.hpp:28

bb::UltraProver_::zk_sumcheck_data
ZKData zk_sumcheck_data
Definition ultra_prover.hpp:48

bb::UltraProver_::Curve
typename Flavor::Curve Curve
Definition ultra_prover.hpp:23

bb::UltraProver_::log_dyadic_size
size_t log_dyadic_size() const
Definition ultra_prover.hpp:40

bb::UltraProver_::export_proof
Proof export_proof()
Export the complete proof, including IPA proof for rollup circuits.
Definition ultra_prover.cpp:39

bb::UltraProver_::construct_proof
Proof construct_proof()
Definition ultra_prover.cpp:61

bb::UltraProver_::HonkVK
typename Flavor::VerificationKey HonkVK
Definition ultra_prover.hpp:27

BB_PROFILE
#define BB_PROFILE
Definition compiler_hints.hpp:14

proof.hpp

mega_flavor.hpp

bb
Entry point for Barretenberg command-line interface.
Definition api.hpp:5

std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13

prover_instance.hpp

small_subgroup_ipa.hpp

bb::SumcheckOutput
Contains the evaluations of multilinear polynomials  at the challenge point . These are computed by S...
Definition sumcheck_output.hpp:22

bb::ZKSumcheckData
This structure is created to contain various polynomials and constants required by ZK Sumcheck.
Definition zk_sumcheck_data.hpp:22

sumcheck_output.hpp

transcript.hpp

ultra_flavor.hpp