zec
/
halo2
mirror of https://github.com/zcash/halo2.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #16 from zcash/minor-renames 

Rename `ConstraintSystem` to `Assignment`, and `MetaCircuit` to `ConstraintSystem`
This commit is contained in:
ebfull 2020-09-13 10:31:47 -06:00 committed by GitHub
parent 626ef64e47 643077b150
commit 153f721c1d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 47 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/plonk.rs
View File

@ -36,7 +36,7 @@ pub struct SRS<C: CurveAffine> {
permutations: Vec<Vec<Polynomial<C::Scalar, LagrangeCoeff>>>,
permutation_polys: Vec<Vec<Polynomial<C::Scalar, Coeff>>>,
permutation_cosets: Vec<Vec<Polynomial<C::Scalar, ExtendedLagrangeCoeff>>>,
meta: MetaCircuit<C::Scalar>,
cs: ConstraintSystem<C::Scalar>,
}
/// This is an object which represents a (Turbo)PLONK proof.
@ -95,7 +95,7 @@ fn test_proving() {
use std::marker::PhantomData;
const K: u32 = 5;
/// This represents an advice wire at a certain row in the MetaCircuit
/// This represents an advice wire at a certain row in the ConstraintSystem
#[derive(Copy, Clone, Debug)]
pub struct Variable(AdviceWire, usize);
@ -132,14 +132,14 @@ fn test_proving() {
a: Option<F>,
}
struct StandardPLONK<'a, F: Field, CS: ConstraintSystem<F> + 'a> {
struct StandardPLONK<'a, F: Field, CS: Assignment<F> + 'a> {
cs: &'a mut CS,
config: PLONKConfig,
current_gate: usize,
_marker: PhantomData<F>,
}
impl<'a, FF: Field, CS: ConstraintSystem<FF>> StandardPLONK<'a, FF, CS> {
impl<'a, FF: Field, CS: Assignment<FF>> StandardPLONK<'a, FF, CS> {
fn new(cs: &'a mut CS, config: PLONKConfig) -> Self {
StandardPLONK {
cs,
@ -150,7 +150,7 @@ fn test_proving() {
}
}
impl<'a, FF: Field, CS: ConstraintSystem<FF>> StandardCS<FF> for StandardPLONK<'a, FF, CS> {
impl<'a, FF: Field, CS: Assignment<FF>> StandardCS<FF> for StandardPLONK<'a, FF, CS> {
fn raw_multiply<F>(&mut self, f: F) -> Result<(Variable, Variable, Variable), Error>
where
F: FnOnce() -> Result<(FF, FF, FF), Error>,
@ -251,7 +251,7 @@ fn test_proving() {
impl<F: Field> Circuit<F> for MyCircuit<F> {
type Config = PLONKConfig;
fn configure(meta: &mut MetaCircuit<F>) -> PLONKConfig {
fn configure(meta: &mut ConstraintSystem<F>) -> PLONKConfig {
let e = meta.advice_wire();
let a = meta.advice_wire();
let b = meta.advice_wire();
@ -300,7 +300,7 @@ fn test_proving() {
fn synthesize(
&self,
cs: &mut impl ConstraintSystem<F>,
cs: &mut impl Assignment<F>,
config: PLONKConfig,
) -> Result<(), Error> {
let mut cs = StandardPLONK::new(cs, config);

20
src/plonk/circuit.rs
View File

@ -16,7 +16,7 @@ pub struct AdviceWire(pub usize);
/// This trait allows a [`Circuit`] to direct some backend to assign a witness
/// for a constraint system.
pub trait ConstraintSystem<F: Field> {
pub trait Assignment<F: Field> {
/// Assign an advice wire value (witness)
fn assign_advice(
&mut self,
@ -53,16 +53,12 @@ pub trait Circuit<F: Field> {
/// The circuit is given an opportunity to describe the exact gate
/// arrangement, wire arrangement, etc.
fn configure(meta: &mut MetaCircuit<F>) -> Self::Config;
fn configure(meta: &mut ConstraintSystem<F>) -> Self::Config;
/// Given the provided `cs`, synthesize the circuit. The concrete type of
/// the caller will be different depending on the context, and they may or
/// may not expect to have a witness present.
fn synthesize(
&self,
cs: &mut impl ConstraintSystem<F>,
config: Self::Config,
) -> Result<(), Error>;
fn synthesize(&self, cs: &mut impl Assignment<F>, config: Self::Config) -> Result<(), Error>;
}
/// Low-degree expression representing an identity that must hold over the committed wires.
@ -152,7 +148,7 @@ pub(crate) struct PointIndex(pub usize);
/// This is a description of the circuit environment, such as the gate, wire and
/// permutation arrangements.
#[derive(Debug, Clone)]
pub struct MetaCircuit<F> {
pub struct ConstraintSystem<F> {
pub(crate) num_fixed_wires: usize,
pub(crate) num_advice_wires: usize,
pub(crate) gates: Vec<Expression<F>>,
@ -172,12 +168,12 @@ pub struct MetaCircuit<F> {
pub(crate) permutations: Vec<Vec<(AdviceWire, usize)>>,
}
impl<F: Field> Default for MetaCircuit<F> {
fn default() -> MetaCircuit<F> {
impl<F: Field> Default for ConstraintSystem<F> {
fn default() -> ConstraintSystem<F> {
let mut rotations = BTreeMap::new();
rotations.insert(Rotation::default(), PointIndex(0));
MetaCircuit {
ConstraintSystem {
num_fixed_wires: 0,
num_advice_wires: 0,
gates: vec![],
@ -189,7 +185,7 @@ impl<F: Field> Default for MetaCircuit<F> {
}
}
impl<F: Field> MetaCircuit<F> {
impl<F: Field> ConstraintSystem<F> {
/// Add a permutation argument for some advice wires
pub fn permutation(&mut self, wires: &[AdviceWire]) -> usize {
let index = self.permutations.len();

16
src/plonk/prover.rs
View File

@ -1,5 +1,5 @@
use super::{
circuit::{AdviceWire, Circuit, ConstraintSystem, FixedWire, MetaCircuit},
circuit::{AdviceWire, Assignment, Circuit, ConstraintSystem, FixedWire},
hash_point, Error, Proof, SRS,
};
use crate::arithmetic::{
@ -30,7 +30,7 @@ impl<C: CurveAffine> Proof<C> {
_marker: std::marker::PhantomData<F>,
}
impl<F: Field> ConstraintSystem<F> for WitnessCollection<F> {
impl<F: Field> Assignment<F> for WitnessCollection<F> {
fn assign_advice(
&mut self,
wire: AdviceWire,
@ -72,7 +72,7 @@ impl<C: CurveAffine> Proof<C> {
}
let domain = &srs.domain;
let mut meta = MetaCircuit::default();
let mut meta = ConstraintSystem::default();
let config = ConcreteCircuit::configure(&mut meta);
let mut witness = WitnessCollection {
@ -140,7 +140,7 @@ impl<C: CurveAffine> Proof<C> {
// Iterate over each permutation
let mut permutation_modified_advice = vec![];
for (wires, permuted_values) in srs.meta.permutations.iter().zip(srs.permutations.iter()) {
for (wires, permuted_values) in srs.cs.permutations.iter().zip(srs.permutations.iter()) {
// Goal is to compute the products of fractions
//
// (p_j(\omega^i) + \delta^j \omega^i \beta + \gamma) /
@ -174,7 +174,7 @@ impl<C: CurveAffine> Proof<C> {
.batch_invert();
for (wires, mut modified_advice) in srs
.meta
.cs
.permutations
.iter()
.zip(permutation_modified_advice.into_iter())
@ -276,7 +276,7 @@ impl<C: CurveAffine> Proof<C> {
}
// z(X) \prod (p(X) + \beta s_i(X) + \gamma) - z(omega^{-1} X) \prod (p(X) + \delta^i \beta X + \gamma)
for (permutation_index, wires) in srs.meta.permutations.iter().enumerate() {
for (permutation_index, wires) in srs.cs.permutations.iter().enumerate() {
h_poly = h_poly * x_2;
let mut left = permutation_product_cosets[permutation_index].clone();
@ -473,7 +473,7 @@ impl<C: CurveAffine> Proof<C> {
}
// Handle permutation arguments, if any exist
if !srs.meta.permutations.is_empty() {
if !srs.cs.permutations.is_empty() {
// Open permutation product commitments at x_3
for ((poly, blind), eval) in permutation_product_polys
.iter()
@ -493,7 +493,7 @@ impl<C: CurveAffine> Proof<C> {
accumulate(current_index, poly, Blind::default(), *eval);
}
let current_index = (*srs.meta.rotations.get(&Rotation(-1)).unwrap()).0;
let current_index = (*srs.cs.rotations.get(&Rotation(-1)).unwrap()).0;
// Open permutation product commitments at \omega^{-1} x_3
for ((poly, blind), eval) in permutation_product_polys
.iter()

22
src/plonk/srs.rs
View File

@ -1,5 +1,5 @@
use super::{
circuit::{AdviceWire, Circuit, ConstraintSystem, FixedWire, MetaCircuit},
circuit::{AdviceWire, Assignment, Circuit, ConstraintSystem, FixedWire},
Error, SRS,
};
use crate::arithmetic::{Curve, CurveAffine, Field};
@ -23,7 +23,7 @@ impl<C: CurveAffine> SRS<C> {
_marker: std::marker::PhantomData<F>,
}
impl<F: Field> ConstraintSystem<F> for Assembly<F> {
impl<F: Field> Assignment<F> for Assembly<F> {
fn assign_advice(
&mut self,
_: AdviceWire,
@ -100,13 +100,13 @@ impl<C: CurveAffine> SRS<C> {
}
}
let mut meta = MetaCircuit::default();
let config = ConcreteCircuit::configure(&mut meta);
let mut cs = ConstraintSystem::default();
let config = ConcreteCircuit::configure(&mut cs);
// Get the largest permutation argument length in terms of the number of
// advice wires involved.
let mut largest_permutation_length = 0;
for permutation in &meta.permutations {
for permutation in &cs.permutations {
largest_permutation_length =
std::cmp::max(permutation.len(), largest_permutation_length);
}
@ -117,7 +117,7 @@ impl<C: CurveAffine> SRS<C> {
// Account for each gate to ensure our quotient polynomial is the
// correct degree and that our extended domain is the right size.
for poly in meta.gates.iter() {
for poly in cs.gates.iter() {
degree = std::cmp::max(degree, poly.degree());
}
@ -150,7 +150,7 @@ impl<C: CurveAffine> SRS<C> {
}
let mut assembly: Assembly<C::Scalar> = Assembly {
fixed: vec![domain.empty_lagrange(); meta.num_fixed_wires],
fixed: vec![domain.empty_lagrange(); cs.num_fixed_wires],
mapping: vec![],
aux: vec![],
sizes: vec![],
@ -159,7 +159,7 @@ impl<C: CurveAffine> SRS<C> {
// Initialize the copy vector to keep track of copy constraints in all
// the permutation arguments.
for permutation in &meta.permutations {
for permutation in &cs.permutations {
let mut wires = vec![];
for i in 0..permutation.len() {
// Computes [(i, 0), (i, 1), ..., (i, n - 1)]
@ -181,7 +181,7 @@ impl<C: CurveAffine> SRS<C> {
let mut permutations = vec![];
let mut permutation_polys = vec![];
let mut permutation_cosets = vec![];
for (permutation_index, permutation) in meta.permutations.iter().enumerate() {
for (permutation_index, permutation) in cs.permutations.iter().enumerate() {
let mut commitments = vec![];
let mut inner_permutations = vec![];
let mut polys = vec![];
@ -225,7 +225,7 @@ impl<C: CurveAffine> SRS<C> {
.map(|poly| domain.lagrange_to_coeff(poly))
.collect();
let fixed_cosets = meta
let fixed_cosets = cs
.fixed_queries
.iter()
.map(|&(wire, at)| {
@ -251,7 +251,7 @@ impl<C: CurveAffine> SRS<C> {
permutations,
permutation_polys,
permutation_cosets,
meta,
cs,
})
}
}

26
src/plonk/verifier.rs
View File

@ -69,7 +69,7 @@ impl<'a, C: CurveAffine> Proof<C> {
// Evaluate the circuit using the custom gates provided
let mut h_eval = C::Scalar::zero();
for poly in srs.meta.gates.iter() {
for poly in srs.cs.gates.iter() {
h_eval *= &x_2;
let evaluation: C::Scalar = poly.evaluate(
@ -102,7 +102,7 @@ impl<'a, C: CurveAffine> Proof<C> {
}
// z(X) \prod (p(X) + \beta s_i(X) + \gamma) - z(omega^{-1} X) \prod (p(X) + \delta^i \beta X + \gamma)
for (permutation_index, wires) in srs.meta.permutations.iter().enumerate() {
for (permutation_index, wires) in srs.cs.permutations.iter().enumerate() {
h_eval *= &x_2;
let mut left = self.permutation_product_evals[permutation_index];
@ -148,8 +148,8 @@ impl<'a, C: CurveAffine> Proof<C> {
// Compress the commitments and expected evaluations at x_3 together
// using the challenge x_4
let mut q_commitments: Vec<Option<C::Projective>> = vec![None; srs.meta.rotations.len()];
let mut q_evals: Vec<_> = vec![C::Scalar::zero(); srs.meta.rotations.len()];
let mut q_commitments: Vec<Option<C::Projective>> = vec![None; srs.cs.rotations.len()];
let mut q_evals: Vec<_> = vec![C::Scalar::zero(); srs.cs.rotations.len()];
{
let mut accumulate = |point_index: usize, new_commitment, eval| {
q_commitments[point_index] = q_commitments[point_index]
@ -163,8 +163,8 @@ impl<'a, C: CurveAffine> Proof<C> {
q_evals[point_index] += &eval;
};
for (query_index, &(wire, ref at)) in srs.meta.advice_queries.iter().enumerate() {
let point_index = (*srs.meta.rotations.get(at).unwrap()).0;
for (query_index, &(wire, ref at)) in srs.cs.advice_queries.iter().enumerate() {
let point_index = (*srs.cs.rotations.get(at).unwrap()).0;
accumulate(
point_index,
self.advice_commitments[wire.0],
@ -172,8 +172,8 @@ impl<'a, C: CurveAffine> Proof<C> {
);
}
for (query_index, &(wire, ref at)) in srs.meta.fixed_queries.iter().enumerate() {
let point_index = (*srs.meta.rotations.get(at).unwrap()).0;
for (query_index, &(wire, ref at)) in srs.cs.fixed_queries.iter().enumerate() {
let point_index = (*srs.cs.rotations.get(at).unwrap()).0;
accumulate(
point_index,
srs.fixed_commitments[wire.0],
@ -181,13 +181,13 @@ impl<'a, C: CurveAffine> Proof<C> {
);
}
let current_index = (*srs.meta.rotations.get(&Rotation::default()).unwrap()).0;
let current_index = (*srs.cs.rotations.get(&Rotation::default()).unwrap()).0;
for (commitment, eval) in self.h_commitments.iter().zip(self.h_evals.iter()) {
accumulate(current_index, *commitment, *eval);
}
// Handle permutation arguments, if any exist
if !srs.meta.permutations.is_empty() {
if !srs.cs.permutations.is_empty() {
// Open permutation product commitments at x_3
for (commitment, eval) in self
.permutation_product_commitments
@ -205,7 +205,7 @@ impl<'a, C: CurveAffine> Proof<C> {
{
accumulate(current_index, *commitment, *eval);
}
let current_index = (*srs.meta.rotations.get(&Rotation(-1)).unwrap()).0;
let current_index = (*srs.cs.rotations.get(&Rotation(-1)).unwrap()).0;
// Open permutation product commitments at \omega^{-1} x_3
for (commitment, eval) in self
.permutation_product_commitments
@ -240,7 +240,7 @@ impl<'a, C: CurveAffine> Proof<C> {
// We can compute the expected f_eval at x_6 using the q_evals provided
// by the prover and from x_5
let mut f_eval = C::Scalar::zero();
for (&row, point_index) in srs.meta.rotations.iter() {
for (&row, point_index) in srs.cs.rotations.iter() {
let mut eval = self.q_evals[point_index.0];
let point = srs.domain.rotate_omega(x_3, row);
@ -257,7 +257,7 @@ impl<'a, C: CurveAffine> Proof<C> {
// Compute the final commitment that has to be opened
let mut f_commitment: C::Projective = self.f_commitment.to_projective();
for (_, &point_index) in srs.meta.rotations.iter() {
for (_, &point_index) in srs.cs.rotations.iter() {
f_commitment *= x_7;
f_commitment = f_commitment + &q_commitments[point_index.0].as_ref().unwrap();
f_eval *= &x_7;