pub struct KeccakVmAir {
pub execution_bridge: ExecutionBridge,
pub memory_bridge: MemoryBridge,
pub bitwise_lookup_bus: BitwiseOperationLookupBus,
pub ptr_max_bits: usize,
/* private fields */
}
Fields§
§execution_bridge: ExecutionBridge
§memory_bridge: MemoryBridge
§bitwise_lookup_bus: BitwiseOperationLookupBus
Bus to send 8-bit XOR requests to.
ptr_max_bits: usize
Maximum number of bits allowed for an address pointer
Implementations§
Source§impl KeccakVmAir
impl KeccakVmAir
Sourcepub fn new(
execution_bridge: ExecutionBridge,
memory_bridge: MemoryBridge,
bitwise_lookup_bus: BitwiseOperationLookupBus,
ptr_max_bits: usize,
offset: usize,
) -> Self
pub fn new( execution_bridge: ExecutionBridge, memory_bridge: MemoryBridge, bitwise_lookup_bus: BitwiseOperationLookupBus, ptr_max_bits: usize, offset: usize, ) -> Self
Constructs a new KeccakVmAir
.
Source§impl KeccakVmAir
impl KeccakVmAir
Sourcepub fn eval_keccak_f<AB: AirBuilder>(&self, builder: &mut AB)
pub fn eval_keccak_f<AB: AirBuilder>(&self, builder: &mut AB)
Evaluate the keccak-f permutation constraints.
WARNING: The keccak-f AIR columns must be the first columns in the main AIR.
Sourcepub fn constrain_consistency_across_rounds<AB: AirBuilder>(
&self,
builder: &mut AB,
local: &KeccakVmCols<AB::Var>,
next: &KeccakVmCols<AB::Var>,
)
pub fn constrain_consistency_across_rounds<AB: AirBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, next: &KeccakVmCols<AB::Var>, )
Many columns are expected to be the same between rounds and only change per-block.
pub fn constrain_block_transition<AB: AirBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, next: &KeccakVmCols<AB::Var>, start_write_timestamp: AB::Expr, )
Sourcepub fn constrain_padding<AB: AirBuilder>(
&self,
builder: &mut AB,
local: &KeccakVmCols<AB::Var>,
next: &KeccakVmCols<AB::Var>,
)
pub fn constrain_padding<AB: AirBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, next: &KeccakVmCols<AB::Var>, )
Keccak follows the 10*1 padding rule. See Section 5.1 of https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf Note this is the ONLY difference between Keccak and SHA-3
Constrains padding constraints and length between rounds and
between blocks. Padding logic is tied to constraints on is_new_start
.
Sourcepub fn constrain_absorb<AB: InteractionBuilder>(
&self,
builder: &mut AB,
local: &KeccakVmCols<AB::Var>,
next: &KeccakVmCols<AB::Var>,
)
pub fn constrain_absorb<AB: InteractionBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, next: &KeccakVmCols<AB::Var>, )
Constrain state transition between keccak-f permutations is valid absorb of input bytes.
The end-state in last round is given by a_prime_prime_prime()
in u16
limbs.
The pre-state is given by preimage
also in u16
limbs.
The input block_bytes
will be given as bytes.
We will XOR block_bytes
with a_prime_prime_prime()
and constrain to be next.preimage
.
This will be done using 8-bit XOR lookup in a separate AIR via interactions.
This will require decomposing u16
into bytes.
Note that the XOR lookup automatically range checks its inputs to be bytes.
We use the following trick to keep u16
limbs and avoid changing
the keccak-f
AIR itself:
if we already have a 16-bit limb x
and we also provide a 8-bit limb
hi = x >> 8
, assuming x
and hi
have been range checked,
we can use the expression lo = x - hi * 256
for the low byte.
If lo
is range checked to 8
-bits, this constrains a valid byte
decomposition of x
into hi, lo
.
This means in terms of trace cells, it is equivalent to provide
x, hi
versus hi, lo
.
Sourcepub fn eval_instruction<AB: InteractionBuilder>(
&self,
builder: &mut AB,
local: &KeccakVmCols<AB::Var>,
register_aux: &[MemoryReadAuxCols<AB::Var, RV32_REGISTER_NUM_LIMBS>; 3],
) -> AB::Expr
pub fn eval_instruction<AB: InteractionBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, register_aux: &[MemoryReadAuxCols<AB::Var, RV32_REGISTER_NUM_LIMBS>; 3], ) -> AB::Expr
Receive the instruction itself on program bus. Send+receive on execution bus.
Then does memory read in addr space 1 to get dst, src, len
from memory.
Adds range check interactions for the most significant limbs of the register values using BitwiseOperationLookupBus.
Returns start_read_timestamp
which is only relevant when local.instruction.is_enabled
.
Note that start_read_timestamp
is a linear expression.
Sourcepub fn constrain_input_read<AB: InteractionBuilder>(
&self,
builder: &mut AB,
local: &KeccakVmCols<AB::Var>,
start_read_timestamp: AB::Expr,
mem_aux: &[MemoryReadAuxCols<AB::Var, KECCAK_WORD_SIZE>; 34],
) -> AB::Expr
pub fn constrain_input_read<AB: InteractionBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, start_read_timestamp: AB::Expr, mem_aux: &[MemoryReadAuxCols<AB::Var, KECCAK_WORD_SIZE>; 34], ) -> AB::Expr
Constrain reading the input as block_bytes
from memory.
Reads input based on is_padding_byte
.
Constrains timestamp transitions between blocks if input crosses blocks.
Expects start_read_timestamp
to be a linear expression.
Returns the start_write_timestamp
which is the timestamp to start from
for writing digest to memory.
pub fn constrain_output_write<AB: InteractionBuilder>( &self, builder: &mut AB, local: &KeccakVmCols<AB::Var>, start_write_timestamp: AB::Expr, mem_aux: &[MemoryWriteAuxCols<AB::Var, KECCAK_WORD_SIZE>; 8], )
Sourcepub fn timestamp_change<T: AbstractField>(len: impl Into<T>) -> T
pub fn timestamp_change<T: AbstractField>(len: impl Into<T>) -> T
Amount to advance timestamp by after execution of one opcode instruction.
This is an upper bound dependant on the length len
operand, which is unbounded.
Trait Implementations§
Source§impl<AB: InteractionBuilder> Air<AB> for KeccakVmAir
impl<AB: InteractionBuilder> Air<AB> for KeccakVmAir
Source§impl<F> BaseAir<F> for KeccakVmAir
impl<F> BaseAir<F> for KeccakVmAir
fn preprocessed_trace(&self) -> Option<DenseMatrix<F>>
Source§impl<F> BaseAirWithPublicValues<F> for KeccakVmAir
impl<F> BaseAirWithPublicValues<F> for KeccakVmAir
fn num_public_values(&self) -> usize
Source§impl Clone for KeccakVmAir
impl Clone for KeccakVmAir
Source§fn clone(&self) -> KeccakVmAir
fn clone(&self) -> KeccakVmAir
1.0.0 · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moreSource§impl Debug for KeccakVmAir
impl Debug for KeccakVmAir
Source§impl<F> PartitionedBaseAir<F> for KeccakVmAir
impl<F> PartitionedBaseAir<F> for KeccakVmAir
Source§fn cached_main_widths(&self) -> Vec<usize>
fn cached_main_widths(&self) -> Vec<usize>
Source§fn common_main_width(&self) -> usize
fn common_main_width(&self) -> usize
impl Copy for KeccakVmAir
Auto Trait Implementations§
impl Freeze for KeccakVmAir
impl RefUnwindSafe for KeccakVmAir
impl Send for KeccakVmAir
impl Sync for KeccakVmAir
impl Unpin for KeccakVmAir
impl UnwindSafe for KeccakVmAir
Blanket Implementations§
Source§impl<SC, T> AnyRap<SC> for Twhere
SC: StarkGenericConfig,
T: Rap<SymbolicRapBuilder<<<<SC as StarkGenericConfig>::Pcs as Pcs<<SC as StarkGenericConfig>::Challenge, <SC as StarkGenericConfig>::Challenger>>::Domain as PolynomialSpace>::Val>> + for<'a> Rap<ProverConstraintFolder<'a, SC>> + for<'a> Rap<DebugConstraintBuilder<'a, SC>> + BaseAirWithPublicValues<<<<SC as StarkGenericConfig>::Pcs as Pcs<<SC as StarkGenericConfig>::Challenge, <SC as StarkGenericConfig>::Challenger>>::Domain as PolynomialSpace>::Val> + PartitionedBaseAir<<<<SC as StarkGenericConfig>::Pcs as Pcs<<SC as StarkGenericConfig>::Challenge, <SC as StarkGenericConfig>::Challenger>>::Domain as PolynomialSpace>::Val> + Send + Sync + 'static,
impl<SC, T> AnyRap<SC> for Twhere
SC: StarkGenericConfig,
T: Rap<SymbolicRapBuilder<<<<SC as StarkGenericConfig>::Pcs as Pcs<<SC as StarkGenericConfig>::Challenge, <SC as StarkGenericConfig>::Challenger>>::Domain as PolynomialSpace>::Val>> + for<'a> Rap<ProverConstraintFolder<'a, SC>> + for<'a> Rap<DebugConstraintBuilder<'a, SC>> + BaseAirWithPublicValues<<<<SC as StarkGenericConfig>::Pcs as Pcs<<SC as StarkGenericConfig>::Challenge, <SC as StarkGenericConfig>::Challenger>>::Domain as PolynomialSpace>::Val> + PartitionedBaseAir<<<<SC as StarkGenericConfig>::Pcs as Pcs<<SC as StarkGenericConfig>::Challenge, <SC as StarkGenericConfig>::Challenger>>::Domain as PolynomialSpace>::Val> + Send + Sync + 'static,
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
Source§unsafe fn clone_to_uninit(&self, dst: *mut T)
unsafe fn clone_to_uninit(&self, dst: *mut T)
clone_to_uninit
)Source§impl<T> Downcast for Twhere
T: Any,
impl<T> Downcast for Twhere
T: Any,
Source§fn into_any(self: Box<T>) -> Box<dyn Any>
fn into_any(self: Box<T>) -> Box<dyn Any>
Box<dyn Trait>
(where Trait: Downcast
) to Box<dyn Any>
. Box<dyn Any>
can
then be further downcast
into Box<ConcreteType>
where ConcreteType
implements Trait
.Source§fn into_any_rc(self: Rc<T>) -> Rc<dyn Any>
fn into_any_rc(self: Rc<T>) -> Rc<dyn Any>
Rc<Trait>
(where Trait: Downcast
) to Rc<Any>
. Rc<Any>
can then be
further downcast
into Rc<ConcreteType>
where ConcreteType
implements Trait
.Source§fn as_any(&self) -> &(dyn Any + 'static)
fn as_any(&self) -> &(dyn Any + 'static)
&Trait
(where Trait: Downcast
) to &Any
. This is needed since Rust cannot
generate &Any
’s vtable from &Trait
’s.Source§fn as_any_mut(&mut self) -> &mut (dyn Any + 'static)
fn as_any_mut(&mut self) -> &mut (dyn Any + 'static)
&mut Trait
(where Trait: Downcast
) to &Any
. This is needed since Rust cannot
generate &mut Any
’s vtable from &mut Trait
’s.Source§impl<T> DowncastSync for T
impl<T> DowncastSync for T
Source§impl<T> FmtForward for T
impl<T> FmtForward for T
Source§fn fmt_binary(self) -> FmtBinary<Self>where
Self: Binary,
fn fmt_binary(self) -> FmtBinary<Self>where
Self: Binary,
self
to use its Binary
implementation when Debug
-formatted.Source§fn fmt_display(self) -> FmtDisplay<Self>where
Self: Display,
fn fmt_display(self) -> FmtDisplay<Self>where
Self: Display,
self
to use its Display
implementation when
Debug
-formatted.Source§fn fmt_lower_exp(self) -> FmtLowerExp<Self>where
Self: LowerExp,
fn fmt_lower_exp(self) -> FmtLowerExp<Self>where
Self: LowerExp,
self
to use its LowerExp
implementation when
Debug
-formatted.Source§fn fmt_lower_hex(self) -> FmtLowerHex<Self>where
Self: LowerHex,
fn fmt_lower_hex(self) -> FmtLowerHex<Self>where
Self: LowerHex,
self
to use its LowerHex
implementation when
Debug
-formatted.Source§fn fmt_octal(self) -> FmtOctal<Self>where
Self: Octal,
fn fmt_octal(self) -> FmtOctal<Self>where
Self: Octal,
self
to use its Octal
implementation when Debug
-formatted.Source§fn fmt_pointer(self) -> FmtPointer<Self>where
Self: Pointer,
fn fmt_pointer(self) -> FmtPointer<Self>where
Self: Pointer,
self
to use its Pointer
implementation when
Debug
-formatted.Source§fn fmt_upper_exp(self) -> FmtUpperExp<Self>where
Self: UpperExp,
fn fmt_upper_exp(self) -> FmtUpperExp<Self>where
Self: UpperExp,
self
to use its UpperExp
implementation when
Debug
-formatted.Source§fn fmt_upper_hex(self) -> FmtUpperHex<Self>where
Self: UpperHex,
fn fmt_upper_hex(self) -> FmtUpperHex<Self>where
Self: UpperHex,
self
to use its UpperHex
implementation when
Debug
-formatted.Source§impl<T> Instrument for T
impl<T> Instrument for T
Source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moreSource§impl<T> Pipe for Twhere
T: ?Sized,
impl<T> Pipe for Twhere
T: ?Sized,
Source§fn pipe<R>(self, func: impl FnOnce(Self) -> R) -> Rwhere
Self: Sized,
fn pipe<R>(self, func: impl FnOnce(Self) -> R) -> Rwhere
Self: Sized,
Source§fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> Rwhere
R: 'a,
fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> Rwhere
R: 'a,
self
and passes that borrow into the pipe function. Read moreSource§fn pipe_ref_mut<'a, R>(&'a mut self, func: impl FnOnce(&'a mut Self) -> R) -> Rwhere
R: 'a,
fn pipe_ref_mut<'a, R>(&'a mut self, func: impl FnOnce(&'a mut Self) -> R) -> Rwhere
R: 'a,
self
and passes that borrow into the pipe function. Read moreSource§fn pipe_borrow<'a, B, R>(&'a self, func: impl FnOnce(&'a B) -> R) -> R
fn pipe_borrow<'a, B, R>(&'a self, func: impl FnOnce(&'a B) -> R) -> R
Source§fn pipe_borrow_mut<'a, B, R>(
&'a mut self,
func: impl FnOnce(&'a mut B) -> R,
) -> R
fn pipe_borrow_mut<'a, B, R>( &'a mut self, func: impl FnOnce(&'a mut B) -> R, ) -> R
Source§fn pipe_as_ref<'a, U, R>(&'a self, func: impl FnOnce(&'a U) -> R) -> R
fn pipe_as_ref<'a, U, R>(&'a self, func: impl FnOnce(&'a U) -> R) -> R
self
, then passes self.as_ref()
into the pipe function.Source§fn pipe_as_mut<'a, U, R>(&'a mut self, func: impl FnOnce(&'a mut U) -> R) -> R
fn pipe_as_mut<'a, U, R>(&'a mut self, func: impl FnOnce(&'a mut U) -> R) -> R
self
, then passes self.as_mut()
into the pipe
function.Source§fn pipe_deref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R
fn pipe_deref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R
self
, then passes self.deref()
into the pipe function.Source§impl<T> Pointable for T
impl<T> Pointable for T
Source§impl<AB, A> Rap<AB> for Awhere
A: Air<AB>,
AB: InteractionBuilder + PermutationAirBuilderWithExposedValues + InteractionPhaseAirBuilder,
impl<AB, A> Rap<AB> for Awhere
A: Air<AB>,
AB: InteractionBuilder + PermutationAirBuilderWithExposedValues + InteractionPhaseAirBuilder,
Source§impl<T> Tap for T
impl<T> Tap for T
Source§fn tap_borrow<B>(self, func: impl FnOnce(&B)) -> Self
fn tap_borrow<B>(self, func: impl FnOnce(&B)) -> Self
Borrow<B>
of a value. Read moreSource§fn tap_borrow_mut<B>(self, func: impl FnOnce(&mut B)) -> Self
fn tap_borrow_mut<B>(self, func: impl FnOnce(&mut B)) -> Self
BorrowMut<B>
of a value. Read moreSource§fn tap_ref<R>(self, func: impl FnOnce(&R)) -> Self
fn tap_ref<R>(self, func: impl FnOnce(&R)) -> Self
AsRef<R>
view of a value. Read moreSource§fn tap_ref_mut<R>(self, func: impl FnOnce(&mut R)) -> Self
fn tap_ref_mut<R>(self, func: impl FnOnce(&mut R)) -> Self
AsMut<R>
view of a value. Read moreSource§fn tap_deref<T>(self, func: impl FnOnce(&T)) -> Self
fn tap_deref<T>(self, func: impl FnOnce(&T)) -> Self
Deref::Target
of a value. Read moreSource§fn tap_deref_mut<T>(self, func: impl FnOnce(&mut T)) -> Self
fn tap_deref_mut<T>(self, func: impl FnOnce(&mut T)) -> Self
Deref::Target
of a value. Read moreSource§fn tap_dbg(self, func: impl FnOnce(&Self)) -> Self
fn tap_dbg(self, func: impl FnOnce(&Self)) -> Self
.tap()
only in debug builds, and is erased in release builds.Source§fn tap_mut_dbg(self, func: impl FnOnce(&mut Self)) -> Self
fn tap_mut_dbg(self, func: impl FnOnce(&mut Self)) -> Self
.tap_mut()
only in debug builds, and is erased in release
builds.Source§fn tap_borrow_dbg<B>(self, func: impl FnOnce(&B)) -> Self
fn tap_borrow_dbg<B>(self, func: impl FnOnce(&B)) -> Self
.tap_borrow()
only in debug builds, and is erased in release
builds.Source§fn tap_borrow_mut_dbg<B>(self, func: impl FnOnce(&mut B)) -> Self
fn tap_borrow_mut_dbg<B>(self, func: impl FnOnce(&mut B)) -> Self
.tap_borrow_mut()
only in debug builds, and is erased in release
builds.Source§fn tap_ref_dbg<R>(self, func: impl FnOnce(&R)) -> Self
fn tap_ref_dbg<R>(self, func: impl FnOnce(&R)) -> Self
.tap_ref()
only in debug builds, and is erased in release
builds.Source§fn tap_ref_mut_dbg<R>(self, func: impl FnOnce(&mut R)) -> Self
fn tap_ref_mut_dbg<R>(self, func: impl FnOnce(&mut R)) -> Self
.tap_ref_mut()
only in debug builds, and is erased in release
builds.Source§fn tap_deref_dbg<T>(self, func: impl FnOnce(&T)) -> Self
fn tap_deref_dbg<T>(self, func: impl FnOnce(&T)) -> Self
.tap_deref()
only in debug builds, and is erased in release
builds.