therealyingtong
|
0bdcbb6c67
|
Introduce Wire enum for use in permutations
|
2020-09-19 12:39:04 -06:00 |
|
therealyingtong
|
a257308ba2
|
Add aux wires to ConstraintSystem
|
2020-09-19 12:39:04 -06:00 |
|
therealyingtong
|
0caf1d2087
|
Provide aux_commitments to verifier and aux_lagrange_polys to prover
|
2020-09-19 12:39:04 -06:00 |
|
therealyingtong
|
76c49a4df3
|
Minor refactor
|
2020-09-19 23:44:00 +08:00 |
|
therealyingtong
|
33261ec1a0
|
Recover from OpeningProof::create() failure in PLONK prover
|
2020-09-19 23:19:30 +08:00 |
|
therealyingtong
|
69a612fb59
|
Increment blinding factor instead of choosing new random blinding factor
|
2020-09-19 23:04:17 +08:00 |
|
therealyingtong
|
a6f5d0ad5e
|
Remove fork from OpeningProof prover; add loop in PLONK prover to try different f_blind values
|
2020-09-19 16:57:32 +08:00 |
ying tong
|
208be28113
|
Merge pull request #20 from zcash/small-multiexp
Small multiexp
|
2020-09-17 13:00:51 +08:00 |
|
therealyingtong
|
ced73c2bf7
|
Minor fixes
|
2020-09-17 05:14:01 +08:00 |
Sean Bowe
|
52a85380bc
|
Rename f_eval to msm_eval.
|
2020-09-16 13:15:10 -06:00 |
|
therealyingtong
|
a63602df2a
|
Inline bit-shifting
|
2020-09-16 08:56:45 +08:00 |
|
Sean Bowe
|
68de5db8c6
|
Mitigate unnecessary scaling operations in commitment verifier.
|
2020-09-15 17:42:02 -06:00 |
|
Sean Bowe
|
a886663e05
|
Incorporate MSM/Guard into PLONK verifier API and arithmetic.
|
2020-09-15 17:32:39 -06:00 |
|
therealyingtong
|
d70c8cc0d7
|
Add benchmarks for shared double-and-add
|
2020-09-16 00:44:56 +08:00 |
|
therealyingtong
|
f2fc068db0
|
Implement small_multiexp() in arithmetic.rs
|
2020-09-15 19:15:35 +08:00 |
|
Sean Bowe
|
643077b150
|
Rename `ConstraintSystem` to `Assignment`, and `MetaCircuit` to `ConstraintSystem`.
|
2020-09-13 10:30:02 -06:00 |
|
Sean Bowe
|
5ec820f8fd
|
Fix warning in test.
|
2020-09-13 10:23:04 -06:00 |
|
Sean Bowe
|
fd350a28a0
|
Minor adjustments to tests and documentation
|
2020-09-13 10:18:31 -06:00 |
|
Sean Bowe
|
221e9029f7
|
Minor adjustments to MSM and Guard APIs.
|
2020-09-13 10:14:32 -06:00 |
|
therealyingtong
|
19ee27e51a
|
Fix bug in compute_g()
|
2020-09-13 23:10:37 +08:00 |
|
therealyingtong
|
1eb2a36086
|
Return MSM from PLONK verifier
|
2020-09-13 23:10:06 +08:00 |
|
therealyingtong
|
c264208a03
|
Rename params.msm() to params.empty_msm()
|
2020-09-13 23:07:05 +08:00 |
|
therealyingtong
|
417174898e
|
Update documentation
|
2020-09-13 12:32:33 +08:00 |
|
therealyingtong
|
229747e118
|
Add compute_g() method on Guard and test use_g()
|
2020-09-13 12:32:32 +08:00 |
|
therealyingtong
|
1a52d8f6b8
|
Add MSM to PLONK verifier signature
|
2020-09-13 12:32:32 +08:00 |
|
therealyingtong
|
ed8130b7bf
|
Introduce Accumulator struct and return it in use_g()
|
2020-09-13 12:32:32 +08:00 |
|
therealyingtong
|
0633086ac1
|
Make MSM and Guard derive Clone
|
2020-09-13 12:32:24 +08:00 |
|
therealyingtong
|
14d1f41e08
|
Address review comments
|
2020-09-13 03:03:36 +08:00 |
|
therealyingtong
|
5f1cd6ced2
|
Only return Guard from OpeningProof.verify()
|
2020-09-13 00:50:35 +08:00 |
|
therealyingtong
|
d41fcf842b
|
Modify MSM and Guard structs and methods
|
2020-09-11 18:57:22 +08:00 |
|
therealyingtong
|
7255e085a4
|
Add more fields and methods functions to MSM struct
|
2020-09-10 20:23:08 +08:00 |
|
therealyingtong
|
5724706a09
|
Add MSM and Guard structs in polycommit scheme
|
2020-09-10 18:51:41 +08:00 |
|
Sean Bowe
|
549232234f
|
Finish comment on Proof::verify.
|
2020-09-07 16:34:40 -06:00 |
|
Sean Bowe
|
4572e809d1
|
cargo fmt
|
2020-09-07 13:09:25 -06:00 |
|
Sean Bowe
|
116659c1ba
|
Refactor module tree.
|
2020-09-07 13:07:51 -06:00 |
|
ebfull
|
7250ac8252
|
Merge pull request #4 from zcash/permutation
Permutation
|
2020-09-07 12:24:31 -06:00 |
|
Sean Bowe
|
21f02a73c2
|
Don't mutate the witness during permutation argument. Also, adds parallelism and reduces state/multiplications.
|
2020-09-07 09:43:02 -06:00 |
|
Sean Bowe
|
b65e75921b
|
Remove stale comment
|
2020-09-06 14:21:28 -06:00 |
|
Sean Bowe
|
190242a4e9
|
Remove redundant permutation_queries vector.
|
2020-09-06 14:18:05 -06:00 |
|
Sean Bowe
|
eff149e734
|
Fix incorrect indexing into advice_cosets during proving.
|
2020-09-06 14:10:25 -06:00 |
|
Sean Bowe
|
e37d0c946b
|
Add parallelism in various locations in the prover.
|
2020-09-06 13:40:06 -06:00 |
|
Sean Bowe
|
3157fdd7d0
|
Batch inversions during domain setup.
|
2020-09-06 12:44:36 -06:00 |
|
Sean Bowe
|
ff8f9eb20e
|
Reduce number of inversions by batch inverting when possible.
|
2020-09-06 12:29:34 -06:00 |
|
Sean Bowe
|
624eb6a421
|
Remove unnecessary computation of permutation length in prover.
|
2020-09-06 11:33:09 -06:00 |
|
therealyingtong
|
503939db05
|
Minor cleanups
|
2020-09-06 06:34:29 +08:00 |
|
Sean Bowe
|
965362c1f5
|
Don't precompute deltaomega; inline its computation.
|
2020-09-05 14:44:13 -06:00 |
|
Sean Bowe
|
937861c0b8
|
Add implementation of daira's algorithm for copy constraint enforcement.
|
2020-09-05 12:56:45 -06:00 |
|
Sean Bowe
|
d7132404ba
|
Index into q_evals consistently between prover and verifier.
|
2020-09-05 12:08:56 -06:00 |
|
Sean Bowe
|
869aba389a
|
Cleanups
|
2020-09-05 11:40:25 -06:00 |
|
Sean Bowe
|
da9c24bcfa
|
Obtain permutation product polynomial correctly.
|
2020-09-05 10:52:40 -06:00 |
|
Sean Bowe
|
114653f366
|
Fix indexing for permutation argument.
|
2020-09-04 14:45:05 -06:00 |
|
Sean Bowe
|
a128d5d9b3
|
Undo unnecessarily complicated negation thing.
|
2020-09-04 14:25:16 -06:00 |
|
therealyingtong
|
c7c5cf4db6
|
Rename tmp variables
|
2020-09-04 20:31:37 +08:00 |
|
ying tong
|
10a4b4252c
|
Fix current_delta initialisation in verifier
|
2020-09-04 19:05:08 +08:00 |
|
Sean Bowe
|
06a4cfe13b
|
Use extended omega for coset in prover.
|
2020-09-04 04:49:59 -06:00 |
|
Sean Bowe
|
0651359cb8
|
[WIP] Finish prover
|
2020-09-03 17:21:44 -06:00 |
|
Sean Bowe
|
6b9ea1dbeb
|
Precompute deltaomega vector.
|
2020-09-03 14:31:57 -06:00 |
|
Sean Bowe
|
36d37002fe
|
Remove unneeded exponentiation of x_3
|
2020-09-03 14:28:22 -06:00 |
|
Sean Bowe
|
335b629724
|
Avoid redundant wire queries by searching for an existing query.
|
2020-09-03 14:26:00 -06:00 |
|
Sean Bowe
|
4a88d52457
|
Use the correct permutation values from the SRS.
|
2020-09-03 14:21:13 -06:00 |
|
Sean Bowe
|
d601533bd7
|
Commit to permutation product polynomial in the prover.
|
2020-09-03 10:58:48 -06:00 |
|
therealyingtong
|
441dcf0ecc
|
Compute permutation_evals in prover
|
2020-09-03 12:29:38 +08:00 |
|
therealyingtong
|
1bc90c4fec
|
Remove advice_shifted_evals from prover
|
2020-09-03 12:25:55 +08:00 |
|
Sean Bowe
|
160dabe9c5
|
Cleanups for verifier of permutation argument
|
2020-09-02 13:15:40 -06:00 |
|
therealyingtong
|
c44a020de7
|
Permutation checks in verifier
|
2020-09-03 00:45:03 +08:00 |
|
therealyingtong
|
bdd48f6037
|
Add advice_shifted_evals to Proof struct
|
2020-09-02 23:19:06 +08:00 |
|
therealyingtong
|
2472ec3291
|
WIP permutation checks in verifier
|
2020-09-02 23:19:06 +08:00 |
|
therealyingtong
|
0bf73c5d08
|
Minor fixes to srs.rs
|
2020-09-02 23:18:43 +08:00 |
Dimitris Apostolou
|
c0444f8c31
|
Fix typos
|
2020-09-01 20:45:20 +03:00 |
|
Sean Bowe
|
a2fca8a02d
|
Add comments to clarify implementation of permutation argument in SRS generator.
|
2020-08-31 10:18:55 -06:00 |
|
Sean Bowe
|
c427795bf5
|
Reverse endianness of delta constants
|
2020-08-31 10:10:05 -06:00 |
|
Sean Bowe
|
dc5df10832
|
Update structured reference string and API for permutation argument.
|
2020-08-31 10:01:09 -06:00 |
|
therealyingtong
|
85fd924b15
|
WIP implement copy() on Variables
|
2020-08-31 21:51:49 +08:00 |
|
therealyingtong
|
4f8570db95
|
Add DELTA generator of t-order multiplicative subgroup to Fp, Fq
|
2020-08-29 13:51:42 +08:00 |
|
Sean Bowe
|
b453b845b8
|
Clean up prover implementation
|
2020-08-27 14:03:43 -06:00 |
|
Sean Bowe
|
154568c387
|
Clean up verification implementation
|
2020-08-27 13:52:55 -06:00 |
|
Sean Bowe
|
35c4bd4dd9
|
Improve naming of offsets/indexes and mappings.
|
2020-08-27 13:27:24 -06:00 |
|
Sean Bowe
|
378c56b952
|
Sample of abstraction for writing PLONK circuits
|
2020-08-27 11:43:08 -06:00 |
|
Sean Bowe
|
9852913a32
|
Add some comments and documentation.
|
2020-08-27 10:46:54 -06:00 |
|
Sean Bowe
|
1b6c0e9a8b
|
Remove _x suffix from variable names
|
2020-08-27 10:25:36 -06:00 |
|
Sean Bowe
|
9099e9d9ba
|
Properly invert when computing expected opening.
|
2020-08-27 10:16:42 -06:00 |
|
Sean Bowe
|
ad106f1119
|
(WIP) broken implementation of generalized PLONK
|
2020-08-27 10:10:55 -06:00 |
|
Sean Bowe
|
6051814c4b
|
Split coset step up so that we can query wires at multiple spots.
|
2020-08-24 13:50:52 -06:00 |
|
Sean Bowe
|
24b7e6cc7c
|
Run SRS synthesis on an empty circuit in test.
|
2020-08-24 08:36:41 -06:00 |
|
Sean Bowe
|
36f9e87056
|
Implementation of gate/query API
|
2020-08-24 08:28:42 -06:00 |
|
Sean Bowe
|
c20f3fdf1a
|
Give fixed and advice wires separate types
|
2020-08-23 13:26:04 -06:00 |
|
Sean Bowe
|
7edffe0197
|
Allow commitments to generic advice wire polynomials
|
2020-08-22 16:10:27 -06:00 |
|
Sean Bowe
|
c16141be9a
|
Introduce `Variable` type
|
2020-08-22 15:15:39 -06:00 |
|
Sean Bowe
|
9dfc6ac379
|
Add first pieces of the API.
|
2020-08-22 15:09:47 -06:00 |
|
Sean Bowe
|
dd1ad9f114
|
Initial commit
|
2020-08-22 14:15:39 -06:00 |