Rename UPA to PLONKish.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>

book/src/SUMMARY.md

@@ -3,7 +3,7 @@
 [halo2](README.md)
 - [Concepts](concepts.md)
   - [Proof systems](concepts/proofs.md)
-  - [UltraPLONK Arithmetization](concepts/arithmetization.md)
+  - [PLONKish Arithmetization](concepts/arithmetization.md)
   - [Chips](concepts/chips.md)
   - [Gadgets](concepts/gadgets.md)
 - [User Documentation](user.md)
@@ -32,6 +32,5 @@
   - [Polynomials](background/polynomials.md)
   - [Cryptographic groups](background/groups.md)
   - [Elliptic curves](background/curves.md)
-  - [UltraPLONK arithmetisation](background/upa.md)
   - [Polynomial commitment using inner product argument](background/pc-ipa.md)
   - [Recursion](background/recursion.md)

book/src/background/plonkish.md

@@ -1,4 +1,4 @@
-# [WIP] UltraPLONK arithmetisation
+# [WIP] PLONKish arithmetization
 
 We call the field over which the circuit is defined $\mathbb{F} = \mathbb{F}_p$.
 
@@ -14,7 +14,7 @@ every row (i.e. at every element in the multiplicative subgroup).
 e.g.
 
 ```text
-a * sa + b * sb + a * b * sm + c * sc + PI = 0 
+a * sa + b * sb + a * b * sm + c * sc + PI = 0
 ```
 
 ## Columns
@@ -51,7 +51,7 @@ Check the constraints:
 
 2. Running product is well-constructed. For each row, we check that this holds:
    $$Z(\omega^i) \cdot{(C(\omega^i) + \beta S_k(\omega^i) + \gamma)} - Z(\omega^{i-1}) \cdot{(C(\omega^i) + \delta^k \beta \omega^i + \gamma)} = 0$$
-   Rearranging gives 
+   Rearranging gives
    $$Z(\omega^i) = Z(\omega^{i-1}) \frac{C(\omega^i) + \beta\delta^k \omega^i + \gamma}{C(\omega^i) + \beta S_k(\omega^i) + \gamma},$$
    which is how we defined the grand product polynomial in the first place.
 
@@ -61,7 +61,7 @@ Reference: [Generic Lookups with PLONK (DRAFT)](/LTPc5f-3S0qNF6MtwD-Tdg?view)
 ### Vanishing argument
 We want to check that the expressions defined by the gate constraints, permutation
 constraints and loookup constraints evaluate to zero at all elements in the multiplicative
-subgroup. To do this, the prover collapses all the expressions into one polynomial 
+subgroup. To do this, the prover collapses all the expressions into one polynomial
 $$H(X) = \sum_{i=0}^e y^i E_i(X),$$
 where $e$ is the number of expressions and $y$ is a random challenge used to keep the
 constraints linearly independent. The prover then divides this by the vanishing polynomial

book/src/concepts/arithmetization.md

@@ -1,16 +1,13 @@
-# UltraPLONK Arithmetization
+# PLONKish Arithmetization
 
 The arithmetization used by Halo 2 comes from [PLONK](https://eprint.iacr.org/2019/953), or
 more precisely its extension UltraPLONK that supports custom gates and lookup arguments. We'll
-call it ***UPA*** (***UltraPLONK arithmetization***).
+call it [***PLONKish***](https://twitter.com/feministPLT/status/1413815927704014850).
 
-> The term UPA and some of the other terms we use to describe it are not used in the PLONK
-> paper.
-
-***UPA circuits*** are defined in terms of a rectangular matrix of values. We refer to
+***PLONKish circuits*** are defined in terms of a rectangular matrix of values. We refer to
 ***rows***, ***columns***, and ***cells*** of this matrix with the conventional meanings.
 
-A UPA circuit depends on a ***configuration***:
+A PLONKish circuit depends on a ***configuration***:
 
 * A finite field $\mathbb{F}$, where cell values (for a given statement and witness) will be
   elements of $\mathbb{F}$.
@@ -33,7 +30,7 @@ A UPA circuit depends on a ***configuration***:
 * A sequence of ***lookup arguments*** defined over tuples of ***input expressions***
   (which are multivariate polynomials as above) and ***table columns***.
 
-A UPA circuit also defines:
+A PLONKish circuit also defines:
 
 * The number of rows $n$ in the matrix. $n$ must correspond to the size of a multiplicative
   subgroup of $\mathbb{F}^\times$; typically a power of two.