- Generated by
1.9.8
|
Barretenberg
The ZK-SNARK library at the core of Aztec
|
straus_lookup_table computes a lookup table of size 1 << table_bits More...
#include <straus_lookup_table.hpp>
Public Types | |
| using | field_t = stdlib::field_t< Builder > |
| using | Curve = typename Builder::EmbeddedCurve |
| using | Group = typename Curve::Group |
| using | Element = typename Curve::Element |
| using | AffineElement = typename Curve::AffineElement |
Public Member Functions | |
| straus_lookup_table ()=default | |
| straus_lookup_table (Builder *context, const cycle_group< Builder > &base_point, const cycle_group< Builder > &offset_generator, size_t table_bits, std::optional< std::span< AffineElement > > hints=std::nullopt) | |
| Construct a new straus lookup table::straus lookup table object. | |
| cycle_group< Builder > | read (const field_t &index) |
Given an _index witness, return straus_lookup_table[index] | |
Static Public Member Functions | |
| static std::vector< Element > | compute_straus_lookup_table_hints (const Element &base_point, const Element &offset_generator, size_t table_bits) |
| Compute the output points generated when computing the Straus lookup table. | |
Public Attributes | |
| size_t | _table_bits |
| Builder * | _context |
| std::vector< cycle_group< Builder > > | point_table |
| size_t | rom_id = 0 |
| OriginTag | tag {} |
straus_lookup_table computes a lookup table of size 1 << table_bits
for an input base_point [P] and offset_generator point [G], where N = 1 << table_bits, the following is computed:
{ [G] + 0.[P], [G] + 1.[P], ..., [G] + (N - 1).[P] }
The point [G] is used to ensure that we do not have to handle the point at infinity associated with 0.[P].
For an HONEST Prover, the probability of [G] and [P] colliding is equivalent to solving the dlog problem. This allows us to partially ignore the incomplete addition formula edge-cases for short Weierstrass curves.
When adding group elements in batch_mul, we can constrain+assert the x-coordinates of the operand points do not match. An honest prover will never trigger the case where x-coordinates match due to the above. Validating x-coordinates do not match is much cheaper than evaluating the full complete addition formulae for short Weierstrass curves.
Definition at line 44 of file straus_lookup_table.hpp.
| using bb::stdlib::straus_lookup_table< Builder >::AffineElement = typename Curve::AffineElement |
Definition at line 50 of file straus_lookup_table.hpp.
| using bb::stdlib::straus_lookup_table< Builder >::Curve = typename Builder::EmbeddedCurve |
Definition at line 47 of file straus_lookup_table.hpp.
| using bb::stdlib::straus_lookup_table< Builder >::Element = typename Curve::Element |
Definition at line 49 of file straus_lookup_table.hpp.
| using bb::stdlib::straus_lookup_table< Builder >::field_t = stdlib::field_t<Builder> |
Definition at line 46 of file straus_lookup_table.hpp.
| using bb::stdlib::straus_lookup_table< Builder >::Group = typename Curve::Group |
Definition at line 48 of file straus_lookup_table.hpp.
|
default |
| bb::stdlib::straus_lookup_table< Builder >::straus_lookup_table | ( | Builder * | context, |
| const cycle_group< Builder > & | base_point, | ||
| const cycle_group< Builder > & | offset_generator, | ||
| size_t | table_bits, | ||
| std::optional< std::span< AffineElement > > | hints = std::nullopt |
||
| ) |
Construct a new straus lookup table::straus lookup table object.
Constructs a table_bits lookup table.
If Builder is not ULTRA, table_bits = 1 If Builder is ULTRA, ROM table is used as lookup table
| Builder |
| context | |
| base_point | |
| offset_generator | |
| table_bits |
Definition at line 57 of file straus_lookup_table.cpp.
|
static |
Compute the output points generated when computing the Straus lookup table.
When performing an MSM, we first compute all the witness values as Element types (with a Z-coordinate), and then we batch-convert the points into affine representation AffineElement This avoids the need to compute a modular inversion for every group operation, which dramatically cuts witness generation times
| Builder |
| base_point | |
| offset_generator | |
| table_bits |
Definition at line 28 of file straus_lookup_table.cpp.
| cycle_group< Builder > bb::stdlib::straus_lookup_table< Builder >::read | ( | const field_t & | _index | ) |
Given an _index witness, return straus_lookup_table[index]
| Builder |
| _index |
Definition at line 146 of file straus_lookup_table.cpp.
| Builder* bb::stdlib::straus_lookup_table< Builder >::_context |
Definition at line 64 of file straus_lookup_table.hpp.
| size_t bb::stdlib::straus_lookup_table< Builder >::_table_bits |
Definition at line 63 of file straus_lookup_table.hpp.
| std::vector<cycle_group<Builder> > bb::stdlib::straus_lookup_table< Builder >::point_table |
Definition at line 65 of file straus_lookup_table.hpp.
| size_t bb::stdlib::straus_lookup_table< Builder >::rom_id = 0 |
Definition at line 66 of file straus_lookup_table.hpp.
| OriginTag bb::stdlib::straus_lookup_table< Builder >::tag {} |
Definition at line 67 of file straus_lookup_table.hpp.
1.9.8