bb::ZKSumcheckData< Flavor > Struct Template Reference

This structure is created to contain various polynomials and constants required by ZK Sumcheck. More...

#include <zk_sumcheck_data.hpp>

Public Types
using	Curve = typename Flavor::Curve
using	FF = typename Curve::ScalarField
using	ClaimedLibraEvaluations = std::vector< FF >

Public Member Functions
	ZKSumcheckData ()=default
	ZKSumcheckData (const size_t multivariate_d, std::shared_ptr< typename Flavor::Transcript > transcript=nullptr, const typename Flavor::CommitmentKey &commitment_key=typename Flavor::CommitmentKey())
	ZKSumcheckData (const size_t multivariate_d, const size_t univariate_length)
	For test purposes: Constructs a sumcheck instance from the polynomial \( g + \sum_{i=0}^d g_i(X_i)\), where \( g_i \) is a random univariate of a given length and \( g\) is a random constant term.
void	create_interpolation_domain ()
	Create a interpolation domain object and initialize the evaluation domain in the case of BN254 scalar field.
void	compute_concatenated_libra_polynomial ()
	Compute concatenated libra polynomial in lagrange basis, transform to monomial, add masking term Z_H(m_0.
void	update_zk_sumcheck_data (const FF &round_challenge, const size_t round_idx)
	Upon receiving the challenge \(u_i\), the prover updates Libra data. If \( i < d-1\).

Static Public Member Functions
static std::vector< Polynomial< FF > >	generate_libra_univariates (const size_t number_of_polynomials, const size_t univariate_length)
	Given number of univariate polynomials and the number of their evaluations meant to be hidden, this method produces a vector of univariate polynomials of length Flavor::BATCHED_RELATION_PARTIAL_LENGTH with independent uniformly random coefficients.
static FF	compute_libra_total_sum (const std::vector< Polynomial< FF > > &libra_univariates, FF &scaling_factor, const FF &constant_term)
	Compute the sum of the randomly sampled multivariate polynomial \( G = \sum_{i=0}^{n-1} g_i(X_i) \) over the Boolean hypercube.
static void	setup_auxiliary_data (auto &libra_univariates, FF &libra_scaling_factor, const FF &libra_challenge, FF &libra_running_sum)
	Set up Libra book-keeping table that simplifies the computation of Libra Round Univariates.

Public Attributes
FF	constant_term
EvaluationDomain< FF >	bn_evaluation_domain = EvaluationDomain<FF>()
std::array< FF, SUBGROUP_SIZE >	interpolation_domain
Polynomial< FF >	libra_concatenated_lagrange_form
Polynomial< FF >	libra_concatenated_monomial_form
std::vector< Polynomial< FF > >	libra_univariates {}
size_t	log_circuit_size { 0 }
FF	libra_scaling_factor { 1 }
FF	libra_challenge
FF	libra_total_sum
FF	libra_running_sum
ClaimedLibraEvaluations	libra_evaluations
size_t	univariate_length

Static Public Attributes
static constexpr size_t	SUBGROUP_SIZE = Curve::SUBGROUP_SIZE
static constexpr FF	subgroup_generator = Curve::subgroup_generator
static constexpr size_t	LIBRA_UNIVARIATES_LENGTH = Curve::LIBRA_UNIVARIATES_LENGTH
static constexpr FF	one_half = FF(1) / FF(2)

Detailed Description

template<typename Flavor>
struct bb::ZKSumcheckData< Flavor >

This structure is created to contain various polynomials and constants required by ZK Sumcheck.

Definition at line 22 of file zk_sumcheck_data.hpp.

Member Typedef Documentation

ClaimedLibraEvaluations

template<typename Flavor >

using bb::ZKSumcheckData< Flavor >::ClaimedLibraEvaluations = std::vector<FF>

Definition at line 36 of file zk_sumcheck_data.hpp.

Curve

template<typename Flavor >

using bb::ZKSumcheckData< Flavor >::Curve = typename Flavor::Curve

Definition at line 23 of file zk_sumcheck_data.hpp.

FF

template<typename Flavor >

using bb::ZKSumcheckData< Flavor >::FF = typename Curve::ScalarField

Definition at line 24 of file zk_sumcheck_data.hpp.

Constructor & Destructor Documentation

ZKSumcheckData() [1/3]

template<typename Flavor >

bb::ZKSumcheckData< Flavor >::ZKSumcheckData ( )

default

ZKSumcheckData() [2/3]

template<typename Flavor >

bb::ZKSumcheckData< Flavor >::ZKSumcheckData ( const size_t  multivariate_d, std::shared_ptr< typename Flavor::Transcript >  transcript = nullptr, const typename Flavor::CommitmentKey &  commitment_key = typename Flavor::CommitmentKey()  )

inline

Definition at line 59 of file zk_sumcheck_data.hpp.

ZKSumcheckData() [3/3]

template<typename Flavor >

bb::ZKSumcheckData< Flavor >::ZKSumcheckData ( const size_t  multivariate_d, const size_t  univariate_length  )

inline

For test purposes: Constructs a sumcheck instance from the polynomial \( g + \sum_{i=0}^d g_i(X_i)\), where \( g_i \) is a random univariate of a given length and \( g\) is a random constant term.

To test Shplemini with commitments to Sumcheck Round Univariates, we need to create valid Sumcheck Round Univariates. Fortunately, the functionality of ZKSumcheckData could be re-used for this purpose.

Parameters

multivariate_d
univariate_length

Definition at line 105 of file zk_sumcheck_data.hpp.

Member Function Documentation

compute_concatenated_libra_polynomial()

template<typename Flavor >

void bb::ZKSumcheckData< Flavor >::compute_concatenated_libra_polynomial ( )

inline

Compute concatenated libra polynomial in lagrange basis, transform to monomial, add masking term Z_H(m_0.

• m_1

Definition at line 209 of file zk_sumcheck_data.hpp.

compute_libra_total_sum()

template<typename Flavor >

static FF bb::ZKSumcheckData< Flavor >::compute_libra_total_sum ( const std::vector< Polynomial< FF > > &  libra_univariates, FF &  scaling_factor, const FF &  constant_term  )

inlinestatic

Compute the sum of the randomly sampled multivariate polynomial \( G = \sum_{i=0}^{n-1} g_i(X_i) \) over the Boolean hypercube.

Parameters

libra_univariates
scaling_factor

Returns

FF

Definition at line 143 of file zk_sumcheck_data.hpp.

create_interpolation_domain()

template<typename Flavor >

void bb::ZKSumcheckData< Flavor >::create_interpolation_domain ( )

inline

Create a interpolation domain object and initialize the evaluation domain in the case of BN254 scalar field.

Definition at line 190 of file zk_sumcheck_data.hpp.

generate_libra_univariates()

template<typename Flavor >

static std::vector< Polynomial< FF > > bb::ZKSumcheckData< Flavor >::generate_libra_univariates ( const size_t  number_of_polynomials, const size_t  univariate_length  )

inlinestatic

Given number of univariate polynomials and the number of their evaluations meant to be hidden, this method produces a vector of univariate polynomials of length Flavor::BATCHED_RELATION_PARTIAL_LENGTH with independent uniformly random coefficients.

Definition at line 124 of file zk_sumcheck_data.hpp.

setup_auxiliary_data()

template<typename Flavor >

static void bb::ZKSumcheckData< Flavor >::setup_auxiliary_data ( auto &  libra_univariates, FF &  libra_scaling_factor, const FF &  libra_challenge, FF &  libra_running_sum  )

inlinestatic

Set up Libra book-keeping table that simplifies the computation of Libra Round Univariates.

The array of Libra univariates is getting scaled

\begin{align}\texttt{libra_univariates} \gets \texttt{libra_univariates}\cdot \rho \cdot 2^{d-1}\end{align}

We also initialize

\begin{align} \texttt{libra_running_sum} \gets \texttt{libra_total_sum} - \texttt{libra_univariates}_{0,0} - \texttt{libra_univariates}_{0,1} \end{align}

.

Parameters

libra_table
libra_round_factor
libra_challenge

Definition at line 171 of file zk_sumcheck_data.hpp.

update_zk_sumcheck_data()

template<typename Flavor >

void bb::ZKSumcheckData< Flavor >::update_zk_sumcheck_data ( const FF &  round_challenge, const size_t  round_idx  )

inline

Upon receiving the challenge \(u_i\), the prover updates Libra data. If \( i < d-1\).

• update the table of Libra univariates by multiplying every term by \(1/2\).
• computes the value \(2^{d-i - 2} \cdot \texttt{libra_challenge} \cdot g_0(u_0)\) applying evaluate method to the first univariate in the table \(\texttt{libra_univariates}\)
• places the value \( g_0(u_0)\) to the vector \( \texttt{libra_evaluations}\)
• update the running sum

  \begin{align} \texttt{libra_running_sum} \gets 2^{d-i-2} \cdot \texttt{libra_challenge} \cdot g_0(u_0) + 2^{-1} \cdot \left( \texttt{libra_running_sum} - (\texttt{libra_univariates}_{i+1}(0) + \texttt{libra_univariates}_{i+1}(1)) \right) \end{align}

  If \( i = d-1\)
• compute the value \( g_{d-1}(u_{d-1})\) applying evaluate method to the last univariate in the table \(\texttt{libra_univariates}\) and dividing the result by \( \texttt{libra_challenge} \).
• update the table of Libra univariates by multiplying every term by \(\texttt{libra_challenge}^{-1}\).

  Todo:

  Refactor once the Libra univariates are extracted from the Proving Key. Then the prover does not need to update the first round_idx - 1 univariates and could release the memory. Also, use batch_invert / reduce the number of divisions by 2.

  Parameters

  libra_univariates
  round_challenge
  round_idx
  libra_running_sum
  libra_evaluations

Definition at line 275 of file zk_sumcheck_data.hpp.

Member Data Documentation

bn_evaluation_domain

template<typename Flavor >

EvaluationDomain<FF> bb::ZKSumcheckData< Flavor >::bn_evaluation_domain = EvaluationDomain<FF>()

Definition at line 40 of file zk_sumcheck_data.hpp.

constant_term

template<typename Flavor >

FF bb::ZKSumcheckData< Flavor >::constant_term

Definition at line 38 of file zk_sumcheck_data.hpp.

interpolation_domain

template<typename Flavor >

std::array<FF, SUBGROUP_SIZE> bb::ZKSumcheckData< Flavor >::interpolation_domain

Definition at line 41 of file zk_sumcheck_data.hpp.

libra_challenge

template<typename Flavor >

FF bb::ZKSumcheckData< Flavor >::libra_challenge

Definition at line 49 of file zk_sumcheck_data.hpp.

libra_concatenated_lagrange_form

template<typename Flavor >

Polynomial<FF> bb::ZKSumcheckData< Flavor >::libra_concatenated_lagrange_form

Definition at line 43 of file zk_sumcheck_data.hpp.

libra_concatenated_monomial_form

template<typename Flavor >

Polynomial<FF> bb::ZKSumcheckData< Flavor >::libra_concatenated_monomial_form

Definition at line 44 of file zk_sumcheck_data.hpp.

libra_evaluations

template<typename Flavor >

ClaimedLibraEvaluations bb::ZKSumcheckData< Flavor >::libra_evaluations

Definition at line 52 of file zk_sumcheck_data.hpp.

libra_running_sum

template<typename Flavor >

FF bb::ZKSumcheckData< Flavor >::libra_running_sum

Definition at line 51 of file zk_sumcheck_data.hpp.

libra_scaling_factor

template<typename Flavor >

FF bb::ZKSumcheckData< Flavor >::libra_scaling_factor { 1 }

Definition at line 48 of file zk_sumcheck_data.hpp.

libra_total_sum

template<typename Flavor >

FF bb::ZKSumcheckData< Flavor >::libra_total_sum

Definition at line 50 of file zk_sumcheck_data.hpp.

libra_univariates

template<typename Flavor >

std::vector<Polynomial<FF> > bb::ZKSumcheckData< Flavor >::libra_univariates {}

Definition at line 46 of file zk_sumcheck_data.hpp.

LIBRA_UNIVARIATES_LENGTH

template<typename Flavor >

constexpr size_t bb::ZKSumcheckData< Flavor >::LIBRA_UNIVARIATES_LENGTH = Curve::LIBRA_UNIVARIATES_LENGTH

staticconstexpr

Definition at line 31 of file zk_sumcheck_data.hpp.

log_circuit_size

template<typename Flavor >

size_t bb::ZKSumcheckData< Flavor >::log_circuit_size { 0 }

Definition at line 47 of file zk_sumcheck_data.hpp.

one_half

template<typename Flavor >

constexpr FF bb::ZKSumcheckData< Flavor >::one_half = FF(1) / FF(2)

staticconstexpr

Definition at line 33 of file zk_sumcheck_data.hpp.

subgroup_generator

template<typename Flavor >

constexpr FF bb::ZKSumcheckData< Flavor >::subgroup_generator = Curve::subgroup_generator

staticconstexpr

Definition at line 28 of file zk_sumcheck_data.hpp.

SUBGROUP_SIZE

template<typename Flavor >

constexpr size_t bb::ZKSumcheckData< Flavor >::SUBGROUP_SIZE = Curve::SUBGROUP_SIZE

staticconstexpr

Definition at line 26 of file zk_sumcheck_data.hpp.

univariate_length

template<typename Flavor >

size_t bb::ZKSumcheckData< Flavor >::univariate_length

Definition at line 54 of file zk_sumcheck_data.hpp.

---

The documentation for this struct was generated from the following file:

• src/barretenberg/sumcheck/zk_sumcheck_data.hpp