Barretenberg: src/barretenberg/client_ivc/client_ivc.hpp Source File

// === AUDIT STATUS ===

// internal:    { status: not started, auditors: [], date: YYYY-MM-DD }

// external_1:  { status: not started, auditors: [], date: YYYY-MM-DD }

// external_2:  { status: not started, auditors: [], date: YYYY-MM-DD }

// =====================


#pragma once


#include "barretenberg/flavor/mega_zk_recursive_flavor.hpp"

#include "barretenberg/goblin/goblin.hpp"

#include "barretenberg/honk/execution_trace/execution_trace_usage_tracker.hpp"

#include "barretenberg/protogalaxy/protogalaxy_prover.hpp"

#include "barretenberg/protogalaxy/protogalaxy_verifier.hpp"

#include "barretenberg/stdlib/honk_verifier/decider_recursive_verifier.hpp"

#include "barretenberg/stdlib/honk_verifier/oink_recursive_verifier.hpp"

#include "barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.hpp"

#include "barretenberg/stdlib/primitives/databus/databus.hpp"

#include "barretenberg/stdlib/proof/proof.hpp"

#include "barretenberg/stdlib/protogalaxy_verifier/protogalaxy_recursive_verifier.hpp"

#include "barretenberg/stdlib/special_public_inputs/special_public_inputs.hpp"

#include "barretenberg/ultra_honk/decider_keys.hpp"

#include "barretenberg/ultra_honk/decider_prover.hpp"

#include "barretenberg/ultra_honk/decider_verifier.hpp"

#include "barretenberg/ultra_honk/ultra_prover.hpp"

#include "barretenberg/ultra_honk/ultra_verifier.hpp"

#include <algorithm>


namespace bb {


class ClientIVC {


  public:

    using Flavor = MegaFlavor;

    using MegaVerificationKey = Flavor::VerificationKey;

    using MegaZKVerificationKey = MegaZKFlavor::VerificationKey;

    using FF = Flavor::FF;

    using Point = Flavor::Curve::AffineElement;

    using FoldProof = std::vector<FF>;

    using DeciderProvingKey = DeciderProvingKey_<Flavor>;

    using DeciderZKProvingKey = DeciderProvingKey_<MegaZKFlavor>;

    using DeciderVerificationKey = DeciderVerificationKey_<Flavor>;

    using ClientCircuit = MegaCircuitBuilder; // can only be Mega

    using DeciderProver = DeciderProver_<Flavor>;

    using DeciderVerifier = DeciderVerifier_<Flavor>;

    using DeciderProvingKeys = DeciderProvingKeys_<Flavor>;

    using FoldingProver = ProtogalaxyProver_<Flavor>;

    using DeciderVerificationKeys = DeciderVerificationKeys_<Flavor>;

    using FoldingVerifier = ProtogalaxyVerifier_<DeciderVerificationKeys>;

    using ECCVMVerificationKey = bb::ECCVMFlavor::VerificationKey;

    using TranslatorVerificationKey = bb::TranslatorFlavor::VerificationKey;

    using MegaProver = UltraProver_<Flavor>;

    using MegaVerifier = UltraVerifier_<Flavor>;

    using Transcript = NativeTranscript;


    using RecursiveFlavor = MegaRecursiveFlavor_<bb::MegaCircuitBuilder>;

    using RecursiveDeciderVerificationKeys =

        bb::stdlib::recursion::honk::RecursiveDeciderVerificationKeys_<RecursiveFlavor, 2>;

    using RecursiveDeciderVerificationKey = RecursiveDeciderVerificationKeys::DeciderVK;

    using RecursiveVerificationKey = RecursiveFlavor::VerificationKey;

    using RecursiveVKAndHash = RecursiveFlavor::VKAndHash;

    using FoldingRecursiveVerifier =

        bb::stdlib::recursion::honk::ProtogalaxyRecursiveVerifier_<RecursiveDeciderVerificationKeys>;

    using OinkRecursiveVerifier = stdlib::recursion::honk::OinkRecursiveVerifier_<RecursiveFlavor>;

    using DeciderRecursiveVerifier = stdlib::recursion::honk::DeciderRecursiveVerifier_<RecursiveFlavor>;

    using RecursiveTranscript = RecursiveFlavor::Transcript;


    using DataBusDepot = stdlib::DataBusDepot<ClientCircuit>;

    using PairingPoints = stdlib::recursion::PairingPoints<ClientCircuit>;

    using PublicPairingPoints = stdlib::PublicInputComponent<PairingPoints>;

    using KernelIO = bb::stdlib::recursion::honk::KernelIO;

    using HidingKernelIO = bb::stdlib::recursion::honk::HidingKernelIO<ClientCircuit>;

    using AppIO = bb::stdlib::recursion::honk::AppIO;

    using StdlibProof = stdlib::Proof<ClientCircuit>;

    using StdlibFF = RecursiveFlavor::FF;

    using WitnessCommitments = RecursiveFlavor::WitnessCommitments;


    // Merge commitments

    using TableCommitments = std::array<RecursiveFlavor::Commitment, ClientCircuit::NUM_WIRES>;


    struct Proof {

        HonkProof mega_proof;

        GoblinProof goblin_proof;


        static constexpr size_t PROOF_LENGTH_WITHOUT_PUB_INPUTS(size_t virtual_log_n = MegaZKFlavor::VIRTUAL_LOG_N)

        {

            return /*mega_proof*/ MegaZKFlavor::PROOF_LENGTH_WITHOUT_PUB_INPUTS(virtual_log_n) +

                   /*merge_proof*/ MERGE_PROOF_SIZE +

                   /*eccvm pre-ipa proof*/ (ECCVMFlavor::PROOF_LENGTH_WITHOUT_PUB_INPUTS - IPA_PROOF_LENGTH) +

                   /*eccvm ipa proof*/ IPA_PROOF_LENGTH +

                   /*translator*/ TranslatorFlavor::PROOF_LENGTH_WITHOUT_PUB_INPUTS;

        }


        static constexpr size_t PROOF_LENGTH(size_t virtual_log_n = MegaZKFlavor::VIRTUAL_LOG_N)

        {

            return PROOF_LENGTH_WITHOUT_PUB_INPUTS(virtual_log_n) +

                   /*public_inputs*/ bb::HidingKernelIO::PUBLIC_INPUTS_SIZE;

        }


        size_t size() const;


        std::vector<FF> to_field_elements() const;


        // TODO(https://github.com/AztecProtocol/barretenberg/issues/1299): The following msgpack methods are generic

        // and should leverage some kind of shared msgpack utility.

        msgpack::sbuffer to_msgpack_buffer() const;


        uint8_t* to_msgpack_heap_buffer() const;

        static constexpr const char* MSGPACK_SCHEMA_NAME = "ClientIVCProof";


        class DeserializationError : public std::runtime_error {

          public:


            DeserializationError(const std::string& msg)

                : std::runtime_error(std::string("Client IVC Proof deserialization error: ") + msg)

            {}


        };


        static Proof from_msgpack_buffer(uint8_t const*& buffer);

        static Proof from_msgpack_buffer(const msgpack::sbuffer& buffer);


        void to_file_msgpack(const std::string& filename) const;

        static Proof from_file_msgpack(const std::string& filename);


        MSGPACK_FIELDS(mega_proof, goblin_proof);

        bool operator==(const Proof& other) const = default;

    };


    struct VerificationKey {

        std::shared_ptr<MegaVerificationKey> mega;

        std::shared_ptr<ECCVMVerificationKey> eccvm;

        std::shared_ptr<TranslatorVerificationKey> translator;


        MSGPACK_FIELDS(mega, eccvm, translator);

    };


    // Specifies proof type or equivalently the type of recursive verification to be performed on a given proof


    enum class QUEUE_TYPE {

        OINK,

        PG,

        PG_FINAL, // the final PG verification, used in hiding kernel

        PG_TAIL,  // used in tail to indicate special handling of merge for ZK

        MEGA

    };


    // An entry in the native verification queue


    struct VerifierInputs {

        std::vector<FF> proof; // oink or PG

        std::shared_ptr<MegaVerificationKey> honk_vk;

        QUEUE_TYPE type;

        bool is_kernel = false;

    };


    using VerificationQueue = std::deque<VerifierInputs>;


    // An entry in the stdlib verification queue


    struct StdlibVerifierInputs {

        StdlibProof proof; // oink or PG

        std::shared_ptr<RecursiveVKAndHash> honk_vk_and_hash;

        QUEUE_TYPE type;

        bool is_kernel = false;

    };


    using StdlibVerificationQueue = std::deque<StdlibVerifierInputs>;


    // Utility for tracking the max size of each block across the full IVC

    ExecutionTraceUsageTracker trace_usage_tracker;


  private:

    using ProverFoldOutput = FoldingResult<Flavor>;


    // Transcript for CIVC prover (shared between Hiding circuit, Merge, ECCVM, and Translator)

    std::shared_ptr<Transcript> transcript = std::make_shared<Transcript>();


    // Transcript to be shared across the folding of K_{i-1} (kernel), A_{i,1} (app), .., A_{i, n}

    std::shared_ptr<Transcript> prover_accumulation_transcript = std::make_shared<Transcript>();


    size_t num_circuits; // total number of circuits to be accumulated in the IVC

  public:

    size_t num_circuits_accumulated = 0; // number of circuits accumulated so far


    ProverFoldOutput fold_output; // prover accumulator and fold proof

    HonkProof decider_proof;      // decider proof to be verified in the hiding circuit


    std::shared_ptr<DeciderVerificationKey>

        recursive_verifier_native_accum; // native verifier accumulator used in recursive folding

    std::shared_ptr<DeciderVerificationKey>

        native_verifier_accum;                    //  native verifier accumulator used in prover folding

    std::shared_ptr<MegaVerificationKey> honk_vk; // honk vk to be completed and folded into the accumulator


    // Set of tuples {proof, verification_key, type (Oink/PG)} to be recursively verified

    VerificationQueue verification_queue;

    // Set of tuples {stdlib_proof, stdlib_verification_key, type} corresponding to the native verification queue

    StdlibVerificationQueue stdlib_verification_queue;


    // Management of linking databus commitments between circuits in the IVC

    DataBusDepot bus_depot;


    // Settings related to the use of fixed block sizes for each gate in the execution trace

    TraceSettings trace_settings;


    typename MegaFlavor::CommitmentKey bn254_commitment_key;


    Goblin goblin;


    size_t get_num_circuits() const { return num_circuits; }


    ClientIVC(size_t num_circuits, TraceSettings trace_settings = {});


    void instantiate_stdlib_verification_queue(ClientCircuit& circuit,

                                               const std::vector<std::shared_ptr<RecursiveVKAndHash>>& input_keys = {});


    [[nodiscard("Pairing points should be accumulated")]] std::

        tuple<std::shared_ptr<RecursiveDeciderVerificationKey>, PairingPoints, TableCommitments>

        perform_recursive_verification_and_databus_consistency_checks(

            ClientCircuit& circuit,

            const StdlibVerifierInputs& verifier_inputs,

            const std::shared_ptr<RecursiveDeciderVerificationKey>& input_verifier_accumulator,

            const TableCommitments& T_prev_commitments,

            const std::shared_ptr<RecursiveTranscript>& accumulation_recursive_transcript);


    // Complete the logic of a kernel circuit (e.g. PG/merge recursive verification, databus consistency checks)

    void complete_kernel_circuit_logic(ClientCircuit& circuit);


    void accumulate(ClientCircuit& circuit, const std::shared_ptr<MegaVerificationKey>& precomputed_vk);


    Proof prove();


    static void hide_op_queue_accumulation_result(ClientCircuit& circuit);

    HonkProof construct_mega_proof_for_hiding_kernel(ClientCircuit& circuit);


    static bool verify(const Proof& proof, const VerificationKey& vk);


    bool verify(const Proof& proof) const;


    bool prove_and_verify();


    HonkProof construct_decider_proof(const std::shared_ptr<Transcript>& transcript);


    VerificationKey get_vk() const;


  private:

    void update_native_verifier_accumulator(const VerifierInputs& queue_entry,

                                            const std::shared_ptr<Transcript>& verifier_transcript);


    HonkProof construct_oink_proof(const std::shared_ptr<DeciderProvingKey>& proving_key,

                                   const std::shared_ptr<MegaVerificationKey>& honk_vk,

                                   const std::shared_ptr<Transcript>& transcript);


    HonkProof construct_pg_proof(const std::shared_ptr<DeciderProvingKey>& proving_key,

                                 const std::shared_ptr<MegaVerificationKey>& honk_vk,

                                 const std::shared_ptr<Transcript>& transcript,

                                 bool is_kernel);


    QUEUE_TYPE get_queue_type() const;


    static std::shared_ptr<RecursiveDeciderVerificationKey> perform_oink_recursive_verification(

        ClientCircuit& circuit,

        const std::shared_ptr<RecursiveDeciderVerificationKey>& verifier_instance,

        const std::shared_ptr<RecursiveTranscript>& transcript,

        const StdlibProof& proof);


    static std::shared_ptr<RecursiveDeciderVerificationKey> perform_pg_recursive_verification(

        ClientCircuit& circuit,

        const std::shared_ptr<RecursiveDeciderVerificationKey>& verifier_accumulator,

        const std::shared_ptr<RecursiveDeciderVerificationKey>& verifier_instance,

        const std::shared_ptr<RecursiveTranscript>& transcript,

        const StdlibProof& proof,

        std::optional<StdlibFF>& prev_accum_hash,

        bool is_kernel);

};


} // namespace bb

bb::BaseTranscript
Common transcript class for both parties. Stores the data for the current round, as well as the manif...
Definition transcript.hpp:154

bb::ClientIVC::Proof::DeserializationError
Definition client_ivc.hpp:150

bb::ClientIVC::Proof::DeserializationError::DeserializationError
DeserializationError(const std::string &msg)
Definition client_ivc.hpp:152

bb::ClientIVC
The IVC scheme used by the aztec client for private function execution.
Definition client_ivc.hpp:39

bb::ClientIVC::prove
Proof prove()
Construct a proof for the IVC, which, if verified, fully establishes its correctness.
Definition client_ivc.cpp:560

bb::ClientIVC::hide_op_queue_accumulation_result
static void hide_op_queue_accumulation_result(ClientCircuit &circuit)
Add a random operation to the op queue to hide its content in Translator computation.
Definition client_ivc.cpp:528

bb::ClientIVC::bn254_commitment_key
MegaFlavor::CommitmentKey bn254_commitment_key
Definition client_ivc.hpp:238

bb::ClientIVC::construct_oink_proof
HonkProof construct_oink_proof(const std::shared_ptr< DeciderProvingKey > &proving_key, const std::shared_ptr< MegaVerificationKey > &honk_vk, const std::shared_ptr< Transcript > &transcript)
Definition client_ivc.cpp:365

bb::ClientIVC::trace_settings
TraceSettings trace_settings
Definition client_ivc.hpp:236

bb::ClientIVC::VerificationQueue
std::deque< VerifierInputs > VerificationQueue
Definition client_ivc.hpp:191

bb::ClientIVC::prover_accumulation_transcript
std::shared_ptr< Transcript > prover_accumulation_transcript
Definition client_ivc.hpp:212

bb::ClientIVC::trace_usage_tracker
ExecutionTraceUsageTracker trace_usage_tracker
Definition client_ivc.hpp:203

bb::ClientIVC::StdlibVerificationQueue
std::deque< StdlibVerifierInputs > StdlibVerificationQueue
Definition client_ivc.hpp:200

bb::ClientIVC::construct_decider_proof
HonkProof construct_decider_proof(const std::shared_ptr< Transcript > &transcript)
Internal method for constructing a decider proof.
Definition client_ivc.cpp:615

bb::ClientIVC::recursive_verifier_native_accum
std::shared_ptr< DeciderVerificationKey > recursive_verifier_native_accum
Definition client_ivc.hpp:222

bb::ClientIVC::goblin
Goblin goblin
Definition client_ivc.hpp:240

bb::ClientIVC::prove_and_verify
bool prove_and_verify()
Construct and verify a proof for the IVC.
Definition client_ivc.cpp:630

bb::ClientIVC::get_queue_type
QUEUE_TYPE get_queue_type() const
Get queue type for the proof of a circuit about to be accumulated based on num circuits accumulated s...
Definition client_ivc.cpp:412

bb::ClientIVC::get_vk
VerificationKey get_vk() const
Definition client_ivc.cpp:734

bb::ClientIVC::num_circuits
size_t num_circuits
Definition client_ivc.hpp:214

bb::ClientIVC::accumulate
void accumulate(ClientCircuit &circuit, const std::shared_ptr< MegaVerificationKey > &precomputed_vk)
Perform prover work for accumulation (e.g. PG folding, merge proving)
Definition client_ivc.cpp:447

bb::ClientIVC::complete_kernel_circuit_logic
void complete_kernel_circuit_logic(ClientCircuit &circuit)
Append logic to complete a kernel circuit.
Definition client_ivc.cpp:284

bb::ClientIVC::Point
Flavor::Curve::AffineElement Point
Definition client_ivc.hpp:46

bb::ClientIVC::construct_pg_proof
HonkProof construct_pg_proof(const std::shared_ptr< DeciderProvingKey > &proving_key, const std::shared_ptr< MegaVerificationKey > &honk_vk, const std::shared_ptr< Transcript > &transcript, bool is_kernel)
Definition client_ivc.cpp:385

bb::ClientIVC::get_num_circuits
size_t get_num_circuits() const
Definition client_ivc.hpp:242

bb::ClientIVC::num_circuits_accumulated
size_t num_circuits_accumulated
Definition client_ivc.hpp:216

bb::ClientIVC::update_native_verifier_accumulator
void update_native_verifier_accumulator(const VerifierInputs &queue_entry, const std::shared_ptr< Transcript > &verifier_transcript)
Runs either Oink or PG native verifier to update the native verifier accumulator.
Definition client_ivc.cpp:739

bb::ClientIVC::perform_pg_recursive_verification
static std::shared_ptr< RecursiveDeciderVerificationKey > perform_pg_recursive_verification(ClientCircuit &circuit, const std::shared_ptr< RecursiveDeciderVerificationKey > &verifier_accumulator, const std::shared_ptr< RecursiveDeciderVerificationKey > &verifier_instance, const std::shared_ptr< RecursiveTranscript > &transcript, const StdlibProof &proof, std::optional< StdlibFF > &prev_accum_hash, bool is_kernel)
Definition client_ivc.cpp:93

bb::ClientIVC::StdlibProof
stdlib::Proof< ClientCircuit > StdlibProof
Definition client_ivc.hpp:82

bb::ClientIVC::perform_oink_recursive_verification
static std::shared_ptr< RecursiveDeciderVerificationKey > perform_oink_recursive_verification(ClientCircuit &circuit, const std::shared_ptr< RecursiveDeciderVerificationKey > &verifier_instance, const std::shared_ptr< RecursiveTranscript > &transcript, const StdlibProof &proof)
Definition client_ivc.cpp:76

bb::ClientIVC::verification_queue
VerificationQueue verification_queue
Definition client_ivc.hpp:228

bb::ClientIVC::FoldProof
std::vector< FF > FoldProof
Definition client_ivc.hpp:47

bb::ClientIVC::QUEUE_TYPE
QUEUE_TYPE
Definition client_ivc.hpp:176

bb::ClientIVC::QUEUE_TYPE::OINK
@ OINK

bb::ClientIVC::QUEUE_TYPE::PG_FINAL
@ PG_FINAL

bb::ClientIVC::QUEUE_TYPE::PG
@ PG

bb::ClientIVC::QUEUE_TYPE::PG_TAIL
@ PG_TAIL

bb::ClientIVC::QUEUE_TYPE::MEGA
@ MEGA

bb::ClientIVC::perform_recursive_verification_and_databus_consistency_checks
std::tuple< std::shared_ptr< RecursiveDeciderVerificationKey >, PairingPoints, TableCommitments > perform_recursive_verification_and_databus_consistency_checks(ClientCircuit &circuit, const StdlibVerifierInputs &verifier_inputs, const std::shared_ptr< RecursiveDeciderVerificationKey > &input_verifier_accumulator, const TableCommitments &T_prev_commitments, const std::shared_ptr< RecursiveTranscript > &accumulation_recursive_transcript)
Populate the provided circuit with constraints for (1) recursive verification of the provided accumul...
Definition client_ivc.cpp:139

bb::ClientIVC::stdlib_verification_queue
StdlibVerificationQueue stdlib_verification_queue
Definition client_ivc.hpp:230

bb::ClientIVC::ClientCircuit
MegaCircuitBuilder ClientCircuit
Definition client_ivc.hpp:51

bb::ClientIVC::decider_proof
HonkProof decider_proof
Definition client_ivc.hpp:219

bb::ClientIVC::fold_output
ProverFoldOutput fold_output
Definition client_ivc.hpp:218

bb::ClientIVC::TableCommitments
std::array< RecursiveFlavor::Commitment, ClientCircuit::NUM_WIRES > TableCommitments
Definition client_ivc.hpp:87

bb::ClientIVC::native_verifier_accum
std::shared_ptr< DeciderVerificationKey > native_verifier_accum
Definition client_ivc.hpp:224

bb::ClientIVC::transcript
std::shared_ptr< Transcript > transcript
Definition client_ivc.hpp:209

bb::ClientIVC::verify
static bool verify(const Proof &proof, const VerificationKey &vk)
Definition client_ivc.cpp:578

bb::ClientIVC::instantiate_stdlib_verification_queue
void instantiate_stdlib_verification_queue(ClientCircuit &circuit, const std::vector< std::shared_ptr< RecursiveVKAndHash > > &input_keys={})
Instantiate a stdlib verification queue for use in the kernel completion logic.
Definition client_ivc.cpp:44

bb::ClientIVC::construct_mega_proof_for_hiding_kernel
HonkProof construct_mega_proof_for_hiding_kernel(ClientCircuit &circuit)
Construct a zero-knowledge proof for the hiding circuit, which recursively verifies the last folding,...
Definition client_ivc.cpp:542

bb::ClientIVC::StdlibFF
RecursiveFlavor::FF StdlibFF
Definition client_ivc.hpp:83

bb::ClientIVC::honk_vk
std::shared_ptr< MegaVerificationKey > honk_vk
Definition client_ivc.hpp:225

bb::ClientIVC::bus_depot
DataBusDepot bus_depot
Definition client_ivc.hpp:233

bb::ClientIVC::PairingPoints
stdlib::recursion::PairingPoints< ClientCircuit > PairingPoints
Definition client_ivc.hpp:77

bb::CommitmentKey
CommitmentKey object over a pairing group 𝔾₁.
Definition commitment_key.hpp:40

bb::DeciderProver_
Definition decider_prover.hpp:22

bb::DeciderProvingKey_
A DeciderProvingKey is normally constructed from a finalized circuit and it contains all the informat...
Definition decider_proving_key.hpp:36

bb::DeciderVerificationKey_
The DeciderVerificationKey encapsulates all the necessary information for a Mega Honk Verifier to ver...
Definition decider_verification_key.hpp:20

bb::DeciderVerifier_
Definition decider_verifier.hpp:17

bb::ECCVMFlavor::VerificationKey
The verification key is responsible for storing the commitments to the precomputed (non-witnessk) pol...
Definition eccvm_flavor.hpp:790

bb::ECCVMFlavor::PROOF_LENGTH_WITHOUT_PUB_INPUTS
static constexpr size_t PROOF_LENGTH_WITHOUT_PUB_INPUTS
Definition eccvm_flavor.hpp:116

bb::Goblin
Definition goblin.hpp:24

bb::HidingKernelIO::PUBLIC_INPUTS_SIZE
static constexpr size_t PUBLIC_INPUTS_SIZE
Definition special_public_inputs.hpp:54

bb::MegaCircuitBuilder_
Definition mega_circuit_builder.hpp:17

bb::MegaFlavor::VerificationKey
The verification key is responsible for storing the commitments to the precomputed (non-witness) poly...
Definition mega_flavor.hpp:440

bb::MegaFlavor::WitnessEntities
Container for all witness polynomials used/constructed by the prover.
Definition mega_flavor.hpp:252

bb::MegaFlavor
Definition mega_flavor.hpp:33

bb::MegaFlavor::FF
Curve::ScalarField FF
Definition mega_flavor.hpp:37

bb::MegaFlavor::VIRTUAL_LOG_N
static constexpr size_t VIRTUAL_LOG_N
Definition mega_flavor.hpp:49

bb::MegaRecursiveFlavor_::VerificationKey
The verification key is responsible for storing the commitments to the precomputed (non-witnessk) pol...
Definition mega_recursive_flavor.hpp:113

bb::MegaRecursiveFlavor_
The recursive counterpart to the "native" Mega flavor.
Definition mega_recursive_flavor.hpp:39

bb::MegaRecursiveFlavor_::Transcript
bb::BaseTranscript< bb::stdlib::recursion::honk::StdlibTranscriptParams< CircuitBuilder > > Transcript
Definition mega_recursive_flavor.hpp:49

bb::MegaRecursiveFlavor_::FF
typename Curve::ScalarField FF
Definition mega_recursive_flavor.hpp:45

bb::MegaRecursiveFlavor_::VKAndHash
VKAndHash_< FF, VerificationKey > VKAndHash
Definition mega_recursive_flavor.hpp:204

bb::MegaRecursiveFlavor_::WitnessCommitments
MegaFlavor::WitnessEntities< Commitment > WitnessCommitments
A container for the witness commitments.
Definition mega_recursive_flavor.hpp:198

bb::MegaZKFlavor::PROOF_LENGTH_WITHOUT_PUB_INPUTS
static constexpr size_t PROOF_LENGTH_WITHOUT_PUB_INPUTS(size_t virtual_log_n=MegaFlavor::VIRTUAL_LOG_N)
Definition mega_zk_flavor.hpp:27

bb::ProtogalaxyProver_
Definition protogalaxy_prover.hpp:17

bb::ProtogalaxyVerifier_
Definition protogalaxy_verifier.hpp:15

bb::PublicInputComponent
A wrapper class for deserializing objects from the public inputs of a circuit.
Definition public_input_component.hpp:40

bb::TranslatorFlavor::VerificationKey
The verification key is responsible for storing the commitments to the precomputed (non-witnessk) pol...
Definition translator_flavor.hpp:754

bb::TranslatorFlavor::PROOF_LENGTH_WITHOUT_PUB_INPUTS
static constexpr size_t PROOF_LENGTH_WITHOUT_PUB_INPUTS
Definition translator_flavor.hpp:178

bb::UltraProver_
Definition ultra_prover.hpp:19

bb::UltraVerifier_
Definition ultra_verifier.hpp:19

bb::VKAndHash_
Definition flavor.hpp:324

bb::stdlib::DataBusDepot< ClientCircuit >

bb::stdlib::Proof< ClientCircuit >

bb::stdlib::recursion::honk::DeciderRecursiveVerifier_
Definition decider_recursive_verifier.hpp:17

bb::stdlib::recursion::honk::DefaultIO
Manages the data that is propagated on the public inputs of an application/function circuit.
Definition special_public_inputs.hpp:142

bb::stdlib::recursion::honk::HidingKernelIO
Manages the data that is propagated on the public inputs of a hiding kernel circuit.
Definition special_public_inputs.hpp:244

bb::stdlib::recursion::honk::KernelIO
Manages the data that is propagated on the public inputs of a kernel circuit.
Definition special_public_inputs.hpp:50

bb::stdlib::recursion::honk::OinkRecursiveVerifier_
Definition oink_recursive_verifier.hpp:13

bb::stdlib::recursion::honk::ProtogalaxyRecursiveVerifier_
Definition protogalaxy_recursive_verifier.hpp:18

bb::stdlib::recursion::honk::RecursiveDeciderVerificationKey_
The stdlib counterpart of DeciderVerificationKey, used in recursive folding verification.
Definition recursive_decider_verification_key.hpp:18

decider_keys.hpp

decider_prover.hpp

decider_recursive_verifier.hpp

decider_verifier.hpp

buffer
uint8_t buffer[RANDOM_BUFFER_SIZE]
Definition engine.cpp:34

execution_trace_usage_tracker.hpp

goblin.hpp

VerificationKey
UltraKeccakFlavor::VerificationKey VerificationKey
Definition honk_key_gen.cpp:19

mega_zk_recursive_flavor.hpp

bb::stdlib::recursion::honk::AppIO
DefaultIO< MegaCircuitBuilder > AppIO
The data that is propagated on the public inputs of an application/function circuit.
Definition special_public_inputs.hpp:191

bb
Entry point for Barretenberg command-line interface.
Definition acir_format_getters.cpp:6

bb::HonkProof
std::vector< fr > HonkProof
Definition proof.hpp:15

bb::MegaCircuitBuilder
MegaCircuitBuilder_< field< Bn254FrParams > > MegaCircuitBuilder
Definition circuit_builders_fwd.hpp:26

bb::NativeTranscript
BaseTranscript< NativeTranscriptParams > NativeTranscript
Definition transcript.hpp:755

bb::vk
VerifierCommitmentKey< Curve > vk
Definition ipa.fuzzer.cpp:21

std
STL namespace.

std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13

oink_recursive_verifier.hpp

databus.hpp

protogalaxy_prover.hpp

protogalaxy_recursive_verifier.hpp

protogalaxy_verifier.hpp

proof.hpp

special_public_inputs.hpp

bb::ClientIVC::Proof
A full proof for the IVC scheme containing a Mega proof showing correctness of the hiding circuit (wh...
Definition client_ivc.hpp:96

bb::ClientIVC::Proof::MSGPACK_SCHEMA_NAME
static constexpr const char * MSGPACK_SCHEMA_NAME
Definition client_ivc.hpp:148

bb::ClientIVC::Proof::to_file_msgpack
void to_file_msgpack(const std::string &filename) const
Definition client_ivc.cpp:702

bb::ClientIVC::Proof::from_msgpack_buffer
static Proof from_msgpack_buffer(uint8_t const *&buffer)
Definition client_ivc.cpp:683

bb::ClientIVC::Proof::to_field_elements
std::vector< FF > to_field_elements() const
Serialize proof to field elements.
Definition client_ivc.cpp:654

bb::ClientIVC::Proof::to_msgpack_heap_buffer
uint8_t * to_msgpack_heap_buffer() const
Very quirky method to convert a msgpack buffer to a "heap" buffer.
Definition client_ivc.cpp:675

bb::ClientIVC::Proof::PROOF_LENGTH
static constexpr size_t PROOF_LENGTH(size_t virtual_log_n=MegaZKFlavor::VIRTUAL_LOG_N)
The size of a ClientIVC proof with backend-added public inputs: HidingKernelIO.
Definition client_ivc.hpp:121

bb::ClientIVC::Proof::PROOF_LENGTH_WITHOUT_PUB_INPUTS
static constexpr size_t PROOF_LENGTH_WITHOUT_PUB_INPUTS(size_t virtual_log_n=MegaZKFlavor::VIRTUAL_LOG_N)
The size of a ClientIVC proof without backend-added public inputs.
Definition client_ivc.hpp:106

bb::ClientIVC::Proof::size
size_t size() const
Definition client_ivc.cpp:649

bb::ClientIVC::Proof::mega_proof
HonkProof mega_proof
Definition client_ivc.hpp:97

bb::ClientIVC::Proof::from_file_msgpack
static Proof from_file_msgpack(const std::string &filename)
Definition client_ivc.cpp:713

bb::ClientIVC::Proof::to_msgpack_buffer
msgpack::sbuffer to_msgpack_buffer() const
Definition client_ivc.cpp:668

bb::ClientIVC::Proof::goblin_proof
GoblinProof goblin_proof
Definition client_ivc.hpp:98

bb::ClientIVC::Proof::operator==
bool operator==(const Proof &other) const =default

bb::ClientIVC::Proof::MSGPACK_FIELDS
MSGPACK_FIELDS(mega_proof, goblin_proof)

bb::ClientIVC::StdlibVerifierInputs
Definition client_ivc.hpp:194

bb::ClientIVC::StdlibVerifierInputs::is_kernel
bool is_kernel
Definition client_ivc.hpp:198

bb::ClientIVC::StdlibVerifierInputs::honk_vk_and_hash
std::shared_ptr< RecursiveVKAndHash > honk_vk_and_hash
Definition client_ivc.hpp:196

bb::ClientIVC::StdlibVerifierInputs::proof
StdlibProof proof
Definition client_ivc.hpp:195

bb::ClientIVC::StdlibVerifierInputs::type
QUEUE_TYPE type
Definition client_ivc.hpp:197

bb::ClientIVC::VerificationKey
Definition client_ivc.hpp:167

bb::ClientIVC::VerificationKey::eccvm
std::shared_ptr< ECCVMVerificationKey > eccvm
Definition client_ivc.hpp:169

bb::ClientIVC::VerificationKey::MSGPACK_FIELDS
MSGPACK_FIELDS(mega, eccvm, translator)

bb::ClientIVC::VerificationKey::mega
std::shared_ptr< MegaVerificationKey > mega
Definition client_ivc.hpp:168

bb::ClientIVC::VerificationKey::translator
std::shared_ptr< TranslatorVerificationKey > translator
Definition client_ivc.hpp:170

bb::ClientIVC::VerifierInputs
Definition client_ivc.hpp:185

bb::ClientIVC::VerifierInputs::honk_vk
std::shared_ptr< MegaVerificationKey > honk_vk
Definition client_ivc.hpp:187

bb::ClientIVC::VerifierInputs::is_kernel
bool is_kernel
Definition client_ivc.hpp:189

bb::ClientIVC::VerifierInputs::type
QUEUE_TYPE type
Definition client_ivc.hpp:188

bb::ClientIVC::VerifierInputs::proof
std::vector< FF > proof
Definition client_ivc.hpp:186

bb::DeciderProvingKeys_
Definition decider_keys.hpp:14

bb::DeciderVerificationKeys_
Definition decider_keys.hpp:108

bb::ExecutionTraceUsageTracker
Tracks the cumulative usage of the execution trace across a series of circuits.
Definition execution_trace_usage_tracker.hpp:22

bb::FoldingResult
The result of running the Protogalaxy prover containing a new accumulator as well as the proof data t...
Definition folding_result.hpp:16

bb::GoblinProof
Definition types.hpp:19

bb::TraceSettings
Definition mega_execution_trace.hpp:55

bb::field< Bn254FrParams >

bb::stdlib::recursion::PairingPoints
An object storing two EC points that represent the inputs to a pairing check.
Definition pairing_points.hpp:24

bb::stdlib::recursion::honk::RecursiveDeciderVerificationKeys_
Definition recursive_decider_verification_keys.hpp:14

bb::stdlib::recursion::honk::RecursiveDeciderVerificationKeys_::DeciderVK
RecursiveDeciderVerificationKey_< Flavor > DeciderVK
Definition recursive_decider_verification_keys.hpp:19

ultra_prover.hpp

ultra_recursive_verifier.hpp

ultra_verifier.hpp