openvm_keccak256_circuit::air

Struct KeccakVmAir

Source
pub struct KeccakVmAir {
    pub execution_bridge: ExecutionBridge,
    pub memory_bridge: MemoryBridge,
    pub bitwise_lookup_bus: BitwiseOperationLookupBus,
    pub ptr_max_bits: usize,
    /* private fields */
}

Fields§

§execution_bridge: ExecutionBridge§memory_bridge: MemoryBridge§bitwise_lookup_bus: BitwiseOperationLookupBus

Bus to send 8-bit XOR requests to.

§ptr_max_bits: usize

Maximum number of bits allowed for an address pointer

Implementations§

Source§

impl KeccakVmAir

Source

pub fn new( execution_bridge: ExecutionBridge, memory_bridge: MemoryBridge, bitwise_lookup_bus: BitwiseOperationLookupBus, ptr_max_bits: usize, offset: usize, ) -> Self

Constructs a new KeccakVmAir.

Source§

impl KeccakVmAir

Source

pub fn eval_keccak_f<AB: AirBuilder>(&self, builder: &mut AB)

Evaluate the keccak-f permutation constraints.

WARNING: The keccak-f AIR columns must be the first columns in the main AIR.

Source

pub fn constrain_consistency_across_rounds<AB: AirBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, next: &KeccakVmCols<AB::Var>, )

Many columns are expected to be the same between rounds and only change per-block.

Source

pub fn constrain_block_transition<AB: AirBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, next: &KeccakVmCols<AB::Var>, start_write_timestamp: AB::Expr, )

Source

pub fn constrain_padding<AB: AirBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, next: &KeccakVmCols<AB::Var>, )

Keccak follows the 10*1 padding rule. See Section 5.1 of https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf Note this is the ONLY difference between Keccak and SHA-3

Constrains padding constraints and length between rounds and between blocks. Padding logic is tied to constraints on is_new_start.

Source

pub fn constrain_absorb<AB: InteractionBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, next: &KeccakVmCols<AB::Var>, )

Constrain state transition between keccak-f permutations is valid absorb of input bytes. The end-state in last round is given by a_prime_prime_prime() in u16 limbs. The pre-state is given by preimage also in u16 limbs. The input block_bytes will be given as bytes.

We will XOR block_bytes with a_prime_prime_prime() and constrain to be next.preimage. This will be done using 8-bit XOR lookup in a separate AIR via interactions. This will require decomposing u16 into bytes. Note that the XOR lookup automatically range checks its inputs to be bytes.

We use the following trick to keep u16 limbs and avoid changing the keccak-f AIR itself: if we already have a 16-bit limb x and we also provide a 8-bit limb hi = x >> 8, assuming x and hi have been range checked, we can use the expression lo = x - hi * 256 for the low byte. If lo is range checked to 8-bits, this constrains a valid byte decomposition of x into hi, lo. This means in terms of trace cells, it is equivalent to provide x, hi versus hi, lo.

Source

pub fn eval_instruction<AB: InteractionBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, register_aux: &[MemoryReadAuxCols<AB::Var, RV32_REGISTER_NUM_LIMBS>; 3], ) -> AB::Expr

Receive the instruction itself on program bus. Send+receive on execution bus. Then does memory read in addr space 1 to get dst, src, len from memory.

Adds range check interactions for the most significant limbs of the register values using BitwiseOperationLookupBus.

Returns start_read_timestamp which is only relevant when local.instruction.is_enabled. Note that start_read_timestamp is a linear expression.

Source

pub fn constrain_input_read<AB: InteractionBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, start_read_timestamp: AB::Expr, mem_aux: &[MemoryReadAuxCols<AB::Var, KECCAK_WORD_SIZE>; 34], ) -> AB::Expr

Constrain reading the input as block_bytes from memory. Reads input based on is_padding_byte. Constrains timestamp transitions between blocks if input crosses blocks.

Expects start_read_timestamp to be a linear expression. Returns the start_write_timestamp which is the timestamp to start from for writing digest to memory.

Source

pub fn constrain_output_write<AB: InteractionBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, start_write_timestamp: AB::Expr, mem_aux: &[MemoryWriteAuxCols<AB::Var, KECCAK_WORD_SIZE>; 8], )

Source

pub fn timestamp_change<T: AbstractField>(len: impl Into<T>) -> T

Amount to advance timestamp by after execution of one opcode instruction. This is an upper bound dependant on the length len operand, which is unbounded.

Trait Implementations§

Source§

impl<AB: InteractionBuilder> Air<AB> for KeccakVmAir

Source§

fn eval(&self, builder: &mut AB)

Source§

impl<F> BaseAir<F> for KeccakVmAir

Source§

fn width(&self) -> usize

The number of columns (a.k.a. registers) in this AIR.
Source§

fn preprocessed_trace(&self) -> Option<DenseMatrix<F>>

Source§

impl<F> BaseAirWithPublicValues<F> for KeccakVmAir

Source§

impl Clone for KeccakVmAir

Source§

fn clone(&self) -> KeccakVmAir

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for KeccakVmAir

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<F> PartitionedBaseAir<F> for KeccakVmAir

Source§

fn cached_main_widths(&self) -> Vec<usize>

By default, an AIR has no cached main trace.
Source§

fn common_main_width(&self) -> usize

By default, an AIR has only one private main trace.
Source§

impl Copy for KeccakVmAir

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<SC, T> AnyRap<SC> for T

Source§

fn as_any(&self) -> &(dyn Any + 'static)

Source§

fn name(&self) -> String

Name for display purposes
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
Source§

impl<T> Conv for T

Source§

fn conv<T>(self) -> T
where Self: Into<T>,

Converts self into T using Into<T>. Read more
Source§

impl<T> Downcast for T
where T: Any,

Source§

fn into_any(self: Box<T>) -> Box<dyn Any>

Convert Box<dyn Trait> (where Trait: Downcast) to Box<dyn Any>. Box<dyn Any> can then be further downcast into Box<ConcreteType> where ConcreteType implements Trait.
Source§

fn into_any_rc(self: Rc<T>) -> Rc<dyn Any>

Convert Rc<Trait> (where Trait: Downcast) to Rc<Any>. Rc<Any> can then be further downcast into Rc<ConcreteType> where ConcreteType implements Trait.
Source§

fn as_any(&self) -> &(dyn Any + 'static)

Convert &Trait (where Trait: Downcast) to &Any. This is needed since Rust cannot generate &Any’s vtable from &Trait’s.
Source§

fn as_any_mut(&mut self) -> &mut (dyn Any + 'static)

Convert &mut Trait (where Trait: Downcast) to &Any. This is needed since Rust cannot generate &mut Any’s vtable from &mut Trait’s.
Source§

impl<T> DowncastSync for T
where T: Any + Send + Sync,

Source§

fn into_any_arc(self: Arc<T>) -> Arc<dyn Any + Send + Sync>

Convert Arc<Trait> (where Trait: Downcast) to Arc<Any>. Arc<Any> can then be further downcast into Arc<ConcreteType> where ConcreteType implements Trait.
Source§

impl<T> FmtForward for T

Source§

fn fmt_binary(self) -> FmtBinary<Self>
where Self: Binary,

Causes self to use its Binary implementation when Debug-formatted.
Source§

fn fmt_display(self) -> FmtDisplay<Self>
where Self: Display,

Causes self to use its Display implementation when Debug-formatted.
Source§

fn fmt_lower_exp(self) -> FmtLowerExp<Self>
where Self: LowerExp,

Causes self to use its LowerExp implementation when Debug-formatted.
Source§

fn fmt_lower_hex(self) -> FmtLowerHex<Self>
where Self: LowerHex,

Causes self to use its LowerHex implementation when Debug-formatted.
Source§

fn fmt_octal(self) -> FmtOctal<Self>
where Self: Octal,

Causes self to use its Octal implementation when Debug-formatted.
Source§

fn fmt_pointer(self) -> FmtPointer<Self>
where Self: Pointer,

Causes self to use its Pointer implementation when Debug-formatted.
Source§

fn fmt_upper_exp(self) -> FmtUpperExp<Self>
where Self: UpperExp,

Causes self to use its UpperExp implementation when Debug-formatted.
Source§

fn fmt_upper_hex(self) -> FmtUpperHex<Self>
where Self: UpperHex,

Causes self to use its UpperHex implementation when Debug-formatted.
Source§

fn fmt_list(self) -> FmtList<Self>
where &'a Self: for<'a> IntoIterator,

Formats each item in a sequence. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pipe for T
where T: ?Sized,

Source§

fn pipe<R>(self, func: impl FnOnce(Self) -> R) -> R
where Self: Sized,

Pipes by value. This is generally the method you want to use. Read more
Source§

fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> R
where R: 'a,

Borrows self and passes that borrow into the pipe function. Read more
Source§

fn pipe_ref_mut<'a, R>(&'a mut self, func: impl FnOnce(&'a mut Self) -> R) -> R
where R: 'a,

Mutably borrows self and passes that borrow into the pipe function. Read more
Source§

fn pipe_borrow<'a, B, R>(&'a self, func: impl FnOnce(&'a B) -> R) -> R
where Self: Borrow<B>, B: 'a + ?Sized, R: 'a,

Borrows self, then passes self.borrow() into the pipe function. Read more
Source§

fn pipe_borrow_mut<'a, B, R>( &'a mut self, func: impl FnOnce(&'a mut B) -> R, ) -> R
where Self: BorrowMut<B>, B: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.borrow_mut() into the pipe function. Read more
Source§

fn pipe_as_ref<'a, U, R>(&'a self, func: impl FnOnce(&'a U) -> R) -> R
where Self: AsRef<U>, U: 'a + ?Sized, R: 'a,

Borrows self, then passes self.as_ref() into the pipe function.
Source§

fn pipe_as_mut<'a, U, R>(&'a mut self, func: impl FnOnce(&'a mut U) -> R) -> R
where Self: AsMut<U>, U: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.as_mut() into the pipe function.
Source§

fn pipe_deref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R
where Self: Deref<Target = T>, T: 'a + ?Sized, R: 'a,

Borrows self, then passes self.deref() into the pipe function.
Source§

fn pipe_deref_mut<'a, T, R>( &'a mut self, func: impl FnOnce(&'a mut T) -> R, ) -> R
where Self: DerefMut<Target = T> + Deref, T: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.deref_mut() into the pipe function.
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize = _

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<AB, A> Rap<AB> for A
where A: Air<AB>, AB: InteractionBuilder + PermutationAirBuilderWithExposedValues + InteractionPhaseAirBuilder,

Source§

fn eval(&self, builder: &mut AB)

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> Tap for T

Source§

fn tap(self, func: impl FnOnce(&Self)) -> Self

Immutable access to a value. Read more
Source§

fn tap_mut(self, func: impl FnOnce(&mut Self)) -> Self

Mutable access to a value. Read more
Source§

fn tap_borrow<B>(self, func: impl FnOnce(&B)) -> Self
where Self: Borrow<B>, B: ?Sized,

Immutable access to the Borrow<B> of a value. Read more
Source§

fn tap_borrow_mut<B>(self, func: impl FnOnce(&mut B)) -> Self
where Self: BorrowMut<B>, B: ?Sized,

Mutable access to the BorrowMut<B> of a value. Read more
Source§

fn tap_ref<R>(self, func: impl FnOnce(&R)) -> Self
where Self: AsRef<R>, R: ?Sized,

Immutable access to the AsRef<R> view of a value. Read more
Source§

fn tap_ref_mut<R>(self, func: impl FnOnce(&mut R)) -> Self
where Self: AsMut<R>, R: ?Sized,

Mutable access to the AsMut<R> view of a value. Read more
Source§

fn tap_deref<T>(self, func: impl FnOnce(&T)) -> Self
where Self: Deref<Target = T>, T: ?Sized,

Immutable access to the Deref::Target of a value. Read more
Source§

fn tap_deref_mut<T>(self, func: impl FnOnce(&mut T)) -> Self
where Self: DerefMut<Target = T> + Deref, T: ?Sized,

Mutable access to the Deref::Target of a value. Read more
Source§

fn tap_dbg(self, func: impl FnOnce(&Self)) -> Self

Calls .tap() only in debug builds, and is erased in release builds.
Source§

fn tap_mut_dbg(self, func: impl FnOnce(&mut Self)) -> Self

Calls .tap_mut() only in debug builds, and is erased in release builds.
Source§

fn tap_borrow_dbg<B>(self, func: impl FnOnce(&B)) -> Self
where Self: Borrow<B>, B: ?Sized,

Calls .tap_borrow() only in debug builds, and is erased in release builds.
Source§

fn tap_borrow_mut_dbg<B>(self, func: impl FnOnce(&mut B)) -> Self
where Self: BorrowMut<B>, B: ?Sized,

Calls .tap_borrow_mut() only in debug builds, and is erased in release builds.
Source§

fn tap_ref_dbg<R>(self, func: impl FnOnce(&R)) -> Self
where Self: AsRef<R>, R: ?Sized,

Calls .tap_ref() only in debug builds, and is erased in release builds.
Source§

fn tap_ref_mut_dbg<R>(self, func: impl FnOnce(&mut R)) -> Self
where Self: AsMut<R>, R: ?Sized,

Calls .tap_ref_mut() only in debug builds, and is erased in release builds.
Source§

fn tap_deref_dbg<T>(self, func: impl FnOnce(&T)) -> Self
where Self: Deref<Target = T>, T: ?Sized,

Calls .tap_deref() only in debug builds, and is erased in release builds.
Source§

fn tap_deref_mut_dbg<T>(self, func: impl FnOnce(&mut T)) -> Self
where Self: DerefMut<Target = T> + Deref, T: ?Sized,

Calls .tap_deref_mut() only in debug builds, and is erased in release builds.
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> TryConv for T

Source§

fn try_conv<T>(self) -> Result<T, Self::Error>
where Self: TryInto<T>,

Attempts to convert self into T using TryInto<T>. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more