Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
civc_recursion_constraints.cpp
Go to the documentation of this file.
1// === AUDIT STATUS ===
2// internal: { status: not started, auditors: [], date: YYYY-MM-DD }
3// external_1: { status: not started, auditors: [], date: YYYY-MM-DD }
4// external_2: { status: not started, auditors: [], date: YYYY-MM-DD }
5// =====================
6#include "barretenberg/dsl/acir_format/mock_verifier_inputs.hpp"
7#include "barretenberg/dsl/acir_format/recursion_constraint.hpp"
8#include "barretenberg/stdlib/client_ivc_verifier/client_ivc_recursive_verifier.hpp"
9#include "barretenberg/stdlib/primitives/bigfield/bigfield.hpp"
10#include "proof_surgeon.hpp"
11
12namespace acir_format {
13
14using namespace bb;
15
16using Builder = bb::UltraCircuitBuilder; // Builder is always Ultra
17using field_ct = stdlib::field_t<Builder>;
18
19template <typename Builder>
20using HonkRecursionConstraintOutput = bb::stdlib::recursion::honk::UltraRecursiveVerifierOutput<Builder>;
21
22using namespace bb;
23
36void create_dummy_vkey_and_proof(Builder& builder,
37 size_t proof_size,
38 size_t public_inputs_size,
39 const std::vector<field_ct>& key_fields,
40 const std::vector<field_ct>& proof_fields)
41{
42 using ClientIVCRecursiveVerifier = stdlib::recursion::honk::ClientIVCRecursiveVerifier;
43 using IO = stdlib::recursion::honk::HidingKernelIO<Builder>;
44
45 BB_ASSERT_EQ(proof_size, ClientIVCRecursiveVerifier::StdlibProof::PROOF_LENGTH_WITHOUT_PUB_INPUTS());
46
47 size_t num_inner_public_inputs = public_inputs_size - IO::PUBLIC_INPUTS_SIZE;
48 uint32_t pub_inputs_offset = MegaZKFlavor::has_zero_row ? 1 : 0;
49
50 // Generate mock honk vk
51 // Note: log_circuit_size = VIRTUAL_LOG_N
52 auto honk_vk = create_mock_honk_vk<MegaZKFlavor, IO>(
53 1 << MegaZKFlavor::VIRTUAL_LOG_N, pub_inputs_offset, num_inner_public_inputs);
54
55 // Set honk vk in builder
56 size_t offset = 0;
57 for (auto& vk_element : honk_vk->to_field_elements()) {
58 builder.set_variable(key_fields[offset].witness_index, vk_element);
59 offset++;
60 }
61
62 // Generate dummy CIVC proof
63 bb::HonkProof civc_proof = create_mock_civc_proof<Builder>(num_inner_public_inputs);
64
65 // Set CIVC proof in builder
66 offset = 0;
67 for (auto& proof_element : civc_proof) {
68 builder.set_variable(proof_fields[offset].witness_index, proof_element);
69 offset++;
70 }
71
72 BB_ASSERT_EQ(offset, proof_size + public_inputs_size);
73}
74
84[[nodiscard("IPA claim and Pairing points should be accumulated")]] HonkRecursionConstraintOutput<Builder>
85create_civc_recursion_constraints(Builder& builder,
86 const RecursionConstraint& input,
87 bool has_valid_witness_assignments)
88{
89 using ClientIVCRecursiveVerifier = stdlib::recursion::honk::ClientIVCRecursiveVerifier;
90 using RecursiveVKAndHash = ClientIVCRecursiveVerifier::RecursiveVKAndHash;
91 using VerificationKey = ClientIVCRecursiveVerifier::RecursiveVK;
92 using IO = stdlib::recursion::honk::HidingKernelIO<Builder>;
93
94 BB_ASSERT_EQ(input.proof_type, PROOF_TYPE::CIVC);
95
96 // Reconstruct proof indices from proof and public inputs
97 std::vector<uint32_t> proof_indices =
98 ProofSurgeon<uint32_t>::create_indices_for_reconstructed_proof(input.proof, input.public_inputs);
99
100 // Construct field elements from witness indices
101 std::vector<field_ct> key_fields = RecursionConstraint::fields_from_witnesses(builder, input.key);
102 std::vector<field_ct> proof_fields = RecursionConstraint::fields_from_witnesses(builder, proof_indices);
103 field_ct vk_hash = field_ct::from_witness_index(&builder, input.key_hash);
104
105 if (!has_valid_witness_assignments) {
106 size_t total_pub_inputs_size = input.public_inputs.size() + IO::PUBLIC_INPUTS_SIZE;
107 size_t proof_size_without_pub_inputs = input.proof.size() - IO::PUBLIC_INPUTS_SIZE;
108
109 create_dummy_vkey_and_proof(
110 builder, proof_size_without_pub_inputs, total_pub_inputs_size, key_fields, proof_fields);
111 }
112
113 // Recursively verify CIVC proof
114 auto mega_vk = std::make_shared<VerificationKey>(builder, key_fields);
115 auto mega_vk_and_hash = std::make_shared<RecursiveVKAndHash>(mega_vk, vk_hash);
116 ClientIVCRecursiveVerifier::StdlibProof stdlib_proof(proof_fields);
117
118 ClientIVCRecursiveVerifier verifier(&builder, mega_vk_and_hash);
119 ClientIVCRecursiveVerifier::Output verification_output = verifier.verify(stdlib_proof);
120
121 // Construct output
122 HonkRecursionConstraintOutput<Builder> output;
123 output.points_accumulator = verification_output.points_accumulator;
124 output.ipa_claim = verification_output.opening_claim;
125 output.ipa_proof = verification_output.ipa_proof;
126
127 return output;
128}
129
130} // namespace acir_format
BB_ASSERT_EQ
#define BB_ASSERT_EQ(actual, expected,...)
Definition assert.hpp:59
acir_format::ProofSurgeon::create_indices_for_reconstructed_proof
static std::vector< uint32_t > create_indices_for_reconstructed_proof(const std::vector< uint32_t > &proof_in, const std::vector< uint32_t > &public_inputs)
Reconstruct a bberg style proof from a acir style proof + public inputs.
Definition proof_surgeon.hpp:34
bb::UltraCircuitBuilder_
Definition ultra_circuit_builder.hpp:42
bb::stdlib::field_t< Builder >
bb::stdlib::field_t< Builder >::from_witness_index
static field_t from_witness_index(Builder *ctx, uint32_t witness_index)
Definition field.cpp:59
bb::stdlib::recursion::honk::ClientIVCRecursiveVerifier::verify
Output verify(const StdlibProof &)
Creates a circuit that executes the ClientIvc verification algorithm.
Definition client_ivc_recursive_verifier.cpp:17
bb::stdlib::recursion::honk::HidingKernelIO
Manages the data that is propagated on the public inputs of a hiding kernel circuit.
Definition special_public_inputs.hpp:244
client_ivc_recursive_verifier.hpp
builder
AluTraceBuilder builder
Definition alu.test.cpp:123
offset
ssize_t offset
Definition engine.cpp:36
VerificationKey
UltraKeccakFlavor::VerificationKey VerificationKey
Definition honk_key_gen.cpp:19
mock_verifier_inputs.hpp
acir_format
Definition acir_format.cpp:34
acir_format::create_civc_recursion_constraints
HonkRecursionConstraintOutput< Builder > create_civc_recursion_constraints(Builder &builder, const RecursionConstraint &input, bool has_valid_witness_assignments)
Add constraints associated with recursive verification of an CIVC proof.
Definition civc_recursion_constraints.cpp:85
acir_format::CIVC
@ CIVC
Definition recursion_constraint.hpp:19
acir_format::create_dummy_vkey_and_proof
void create_dummy_vkey_and_proof(Builder &builder, size_t proof_size, size_t public_inputs_size, const std::vector< field_ct > &key_fields, const std::vector< field_ct > &proof_fields)
Creates a dummy vkey and proof object.
Definition civc_recursion_constraints.cpp:36
bb
Entry point for Barretenberg command-line interface.
Definition acir_format_getters.cpp:6
bb::HonkProof
std::vector< fr > HonkProof
Definition proof.hpp:15
bb::UltraCircuitBuilder
UltraCircuitBuilder_< UltraExecutionTraceBlocks > UltraCircuitBuilder
Definition circuit_builders_fwd.hpp:24
std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13
proof_surgeon.hpp
recursion_constraint.hpp
acir_format::RecursionConstraint
RecursionConstraint struct contains information required to recursively verify a proof!
Definition recursion_constraint.hpp:57
acir_format::RecursionConstraint::key
std::vector< uint32_t > key
Definition recursion_constraint.hpp:58
acir_format::RecursionConstraint::proof_type
uint32_t proof_type
Definition recursion_constraint.hpp:62
acir_format::RecursionConstraint::key_hash
uint32_t key_hash
Definition recursion_constraint.hpp:61
acir_format::RecursionConstraint::fields_from_witnesses
static std::vector< bb::stdlib::field_t< Builder > > fields_from_witnesses(Builder &builder, const std::vector< uint32_t > &witness_indices)
Definition recursion_constraint.hpp:67
acir_format::RecursionConstraint::public_inputs
std::vector< uint32_t > public_inputs
Definition recursion_constraint.hpp:60
acir_format::RecursionConstraint::proof
std::vector< uint32_t > proof
Definition recursion_constraint.hpp:59