zec
/
halo2
mirror of https://github.com/zcash/halo2.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix incorrect indexing into advice_cosets during proving.

This commit is contained in:
Sean Bowe 2020-09-06 14:10:25 -06:00
parent e37d0c946b
commit eff149e734
No known key found for this signature in database
GPG Key ID: 95684257D8F8B031
2 changed files with 27 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/plonk.rs
View File

@ -107,6 +107,8 @@ fn test_proving() {
a: AdviceWire,
b: AdviceWire,
c: AdviceWire,
d: AdviceWire,
e: AdviceWire,
sa: FixedWire,
sb: FixedWire,
@ -160,9 +162,15 @@ fn test_proving() {
value = Some(f()?);
Ok(value.ok_or(Error::SynthesisError)?.0)
})?;
self.cs.assign_advice(self.config.d, index, || {
Ok(value.ok_or(Error::SynthesisError)?.0.square().square())
})?;
self.cs.assign_advice(self.config.b, index, || {
Ok(value.ok_or(Error::SynthesisError)?.1)
})?;
self.cs.assign_advice(self.config.e, index, || {
Ok(value.ok_or(Error::SynthesisError)?.1.square().square())
})?;
self.cs.assign_advice(self.config.c, index, || {
Ok(value.ok_or(Error::SynthesisError)?.2)
})?;
@ -192,9 +200,15 @@ fn test_proving() {
value = Some(f()?);
Ok(value.ok_or(Error::SynthesisError)?.0)
})?;
self.cs.assign_advice(self.config.d, index, || {
Ok(value.ok_or(Error::SynthesisError)?.0.square().square())
})?;
self.cs.assign_advice(self.config.b, index, || {
Ok(value.ok_or(Error::SynthesisError)?.1)
})?;
self.cs.assign_advice(self.config.e, index, || {
Ok(value.ok_or(Error::SynthesisError)?.1.square().square())
})?;
self.cs.assign_advice(self.config.c, index, || {
Ok(value.ok_or(Error::SynthesisError)?.2)
})?;
@ -236,19 +250,25 @@ fn test_proving() {
type Config = PLONKConfig;
fn configure(meta: &mut MetaCircuit<F>) -> PLONKConfig {
let e = meta.advice_wire();
let a = meta.advice_wire();
let b = meta.advice_wire();
let sf = meta.fixed_wire();
let c = meta.advice_wire();
let d = meta.advice_wire();
let perm = meta.permutation(&[a, b, c]);
let sm = meta.fixed_wire();
let sa = meta.fixed_wire();
let sb = meta.fixed_wire();
let sc = meta.fixed_wire();
let sm = meta.fixed_wire();
meta.create_gate(|meta| {
let d = meta.query_advice(d, 1);
let a = meta.query_advice(a, 0);
let sf = meta.query_fixed(sf, 0);
let e = meta.query_advice(e, -1);
let b = meta.query_advice(b, 0);
let c = meta.query_advice(c, 0);
@ -257,13 +277,15 @@ fn test_proving() {
let sc = meta.query_fixed(sc, 0);
let sm = meta.query_fixed(sm, 0);
a.clone() * sa + b.clone() * sb + a * b * sm + (c * sc * (-F::one()))
a.clone() * sa + b.clone() * sb + a * b * sm + (c * sc * (-F::one())) + sf * (d * e)
});
PLONKConfig {
a,
b,
c,
d,
e,
sa,
sb,
sc,

6
src/plonk/prover.rs
View File

@ -319,7 +319,7 @@ impl<C: CurveAffine> Proof<C> {
}
// z(X) \prod (p(X) + \beta s_i(X) + \gamma) - z(omega^{-1} X) \prod (p(X) + \delta^i \beta X + \gamma)
for (permutation_index, wires) in srs.meta.permutations.iter().enumerate() {
for (permutation_index, wires) in srs.meta.permutation_queries.iter().enumerate() {
parallelize(&mut h_poly, |a, _| {
for a in a.iter_mut() {
*a *= &x_2;
@ -329,7 +329,7 @@ impl<C: CurveAffine> Proof<C> {
let mut left = permutation_product_cosets[permutation_index].clone();
for (advice, permutation) in wires
.iter()
.map(|&wire_index| &advice_cosets[wire_index.0])
.map(|&wire| &advice_cosets[wire])
.zip(srs.permutation_cosets[permutation_index].iter())
{
parallelize(&mut left, |left, start| {
@ -346,7 +346,7 @@ impl<C: CurveAffine> Proof<C> {
let mut right = permutation_product_cosets_inv[permutation_index].clone();
let mut current_delta = x_0 * &C::Scalar::ZETA;
let step = domain.get_extended_omega();
for advice in wires.iter().map(|&wire_index| &advice_cosets[wire_index.0]) {
for advice in wires.iter().map(|&wire| &advice_cosets[wire]) {
parallelize(&mut right, move |right, start| {
let mut beta_term = current_delta * &step.pow_vartime(&[start as u64, 0, 0, 0]);
for (right, advice) in right.iter_mut().zip(advice[start..].iter()) {