p3_fri

Struct TwoAdicFriPcs

Source 
pub struct TwoAdicFriPcs<Val, Dft, InputMmcs, FriMmcs> { /* private fields */ }
Expand description

A polynomial commitment scheme using FRI to generate opening proofs.

We commit to a polynomial f via its evaluation vectors over a coset gH where |H| >= 2 * deg(f). A value f(z) is opened by using a FRI proof to show that the evaluations of (f(x) - f(z))/(x - z) over gH are low degree.

Implementations§

Source§

impl<Val, Dft, InputMmcs, FriMmcs> TwoAdicFriPcs<Val, Dft, InputMmcs, FriMmcs>

Source

pub const fn new(dft: Dft, mmcs: InputMmcs, fri: FriParameters<FriMmcs>) -> Self

Trait Implementations§

Source§

impl<Val: Debug, Dft: Debug, InputMmcs: Debug, FriMmcs: Debug> Debug for TwoAdicFriPcs<Val, Dft, InputMmcs, FriMmcs>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<Val, Dft, InputMmcs, FriMmcs, Challenge, Challenger> Pcs<Challenge, Challenger> for TwoAdicFriPcs<Val, Dft, InputMmcs, FriMmcs>
where Val: TwoAdicField, Dft: TwoAdicSubgroupDft<Val>, InputMmcs: Mmcs<Val>, FriMmcs: Mmcs<Challenge>, Challenge: ExtensionField<Val>, Challenger: FieldChallenger<Val> + CanObserve<FriMmcs::Commitment> + GrindingChallenger<Witness = Val>,

Source§

fn natural_domain_for_degree(&self, degree: usize) -> Self::Domain

Get the unique subgroup H of size |H| = degree.

§Panics:

This function will panic if degree is not a power of 2 or degree > (1 << Val::TWO_ADICITY).

Source§

fn commit( &self, evaluations: impl IntoIterator<Item = (Self::Domain, RowMajorMatrix<Val>)>, ) -> (Self::Commitment, Self::ProverData)

Commit to a collection of evaluation matrices.

Each element of evaluations contains a coset shift * H and a matrix mat with mat.height() = |H|. Interpreting each column of mat as the evaluations of a polynomial p_i(x) over shift * H, this computes the evaluations of p_i over gK where g is the chosen generator of the multiplicative group of Val and K is the unique subgroup of order |H| << self.fri.log_blowup.

This then outputs a Merkle commitment to these evaluations.

Source§

fn get_evaluations_on_domain<'a>( &self, prover_data: &'a Self::ProverData, idx: usize, domain: Self::Domain, ) -> Self::EvaluationsOnDomain<'a>

Given the evaluations on a domain gH, return the evaluations on a different domain g'K.

Arguments:

  • prover_data: The prover data containing all committed evaluation matrices.
  • idx: The index of the matrix containing the evaluations we want. These evaluations are assumed to be over the coset gH where g = Val::GENERATOR.
  • domain: The domain g'K on which to get evaluations on. Currently, this assumes that g' = g and K is a subgroup of H and panics if this is not the case.
Source§

fn open( &self, commitment_data_with_opening_points: Vec<(&Self::ProverData, Vec<Vec<Challenge>>)>, challenger: &mut Challenger, ) -> (OpenedValues<Challenge>, Self::Proof)

Open a batch of matrices at a collection of points.

Returns the opened values along with a proof.

This function assumes that all matrices correspond to evaluations over the coset gH where g = Val::GENERATOR and H is a subgroup of appropriate size depending on the matrix.

Source§

const ZK: bool = false

Set to true to activate randomization and achieve zero-knowledge.
Source§

type Domain = TwoAdicMultiplicativeCoset<Val>

The class of evaluation domains that this commitment scheme works over.
Source§

type Commitment = <InputMmcs as Mmcs<Val>>::Commitment

The commitment that’s sent to the verifier.
Source§

type ProverData = <InputMmcs as Mmcs<Val>>::ProverData<DenseMatrix<Val>>

Data that the prover stores for committed polynomials, to help the prover with opening.
Source§

type EvaluationsOnDomain<'a> = RowIndexMappedView<BitReversalPerm, DenseMatrix<Val, &'a [Val]>>

Type of the output of get_evaluations_on_domain.
Source§

type Proof = FriProof<Challenge, FriMmcs, Val, Vec<BatchOpening<Val, InputMmcs>>>

The opening argument.
Source§

type Error = FriError<<FriMmcs as Mmcs<Challenge>>::Error, <InputMmcs as Mmcs<Val>>::Error>

The type of a proof verification error.
Source§

fn verify( &self, commitments_with_opening_points: Vec<CommitmentWithOpeningPoints<Challenge, Self::Commitment, Self::Domain>>, proof: &Self::Proof, challenger: &mut Challenger, ) -> Result<(), Self::Error>

Verify that a collection of opened values is correct. Read more
Source§

const TRACE_IDX: usize = _

Index of the trace commitment in the computed opened values.
Source§

const QUOTIENT_IDX: usize = _

Index of the quotient commitments in the computed opened values.
Source§

const PREPROCESSED_TRACE_IDX: usize = _

Index of the preprocessed trace commitment in the computed opened values.
Source§

fn commit_quotient( &self, quotient_domain: Self::Domain, quotient_evaluations: DenseMatrix<<Self::Domain as PolynomialSpace>::Val>, num_chunks: usize, ) -> (Self::Commitment, Self::ProverData)

Commit to the quotient polynomial. We first decompose the quotient polynomial into num_chunks many smaller polynomials each of degree degree / num_chunks. This can have minor performance benefits, but is not strictly necessary in the non zk case. When zk is enabled, this commitment will additionally include some randomization process to hide the inputs. Read more
Source§

fn get_opt_randomization_poly_commitment( &self, _domain: Self::Domain, ) -> Option<(Self::Commitment, Self::ProverData)>

Auto Trait Implementations§

§

impl<Val, Dft, InputMmcs, FriMmcs> Freeze for TwoAdicFriPcs<Val, Dft, InputMmcs, FriMmcs>
where Dft: Freeze, InputMmcs: Freeze, FriMmcs: Freeze,

§

impl<Val, Dft, InputMmcs, FriMmcs> RefUnwindSafe for TwoAdicFriPcs<Val, Dft, InputMmcs, FriMmcs>
where Dft: RefUnwindSafe, InputMmcs: RefUnwindSafe, FriMmcs: RefUnwindSafe, Val: RefUnwindSafe,

§

impl<Val, Dft, InputMmcs, FriMmcs> Send for TwoAdicFriPcs<Val, Dft, InputMmcs, FriMmcs>
where Dft: Send, InputMmcs: Send, FriMmcs: Send, Val: Send,

§

impl<Val, Dft, InputMmcs, FriMmcs> Sync for TwoAdicFriPcs<Val, Dft, InputMmcs, FriMmcs>
where Dft: Sync, InputMmcs: Sync, FriMmcs: Sync, Val: Sync,

§

impl<Val, Dft, InputMmcs, FriMmcs> Unpin for TwoAdicFriPcs<Val, Dft, InputMmcs, FriMmcs>
where Dft: Unpin, InputMmcs: Unpin, FriMmcs: Unpin, Val: Unpin,

§

impl<Val, Dft, InputMmcs, FriMmcs> UnwindSafe for TwoAdicFriPcs<Val, Dft, InputMmcs, FriMmcs>
where Dft: UnwindSafe, InputMmcs: UnwindSafe, FriMmcs: UnwindSafe, Val: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more