Barretenberg: src/barretenberg/dsl/acir_format/hypernova_recursion_constraint.cpp Source File

// === AUDIT STATUS ===

// internal:    { status: Planned, auditors: [], commit: }

// external_1:  { status: not started, auditors: [], commit: }

// external_2:  { status: not started, auditors: [], commit: }

// =====================

#include "hypernova_recursion_constraint.hpp"

#include "barretenberg/common/assert.hpp"

#include "barretenberg/common/throw_or_abort.hpp"

#include "barretenberg/dsl/acir_format/mock_verifier_inputs.hpp"

#include "barretenberg/flavor/flavor.hpp"

#include "barretenberg/flavor/ultra_recursive_flavor.hpp"

#include "barretenberg/flavor/ultra_rollup_recursive_flavor.hpp"

#include "barretenberg/stdlib/primitives/bigfield/constants.hpp"

#include "barretenberg/stdlib/primitives/curves/bn254.hpp"

#include "barretenberg/stdlib/primitives/pairing_points.hpp"

#include "barretenberg/ultra_honk/ultra_verifier.hpp"

#include "recursion_constraint.hpp"


namespace acir_format {


using namespace bb;


std::shared_ptr<Chonk> create_mock_chonk_from_constraints(const std::vector<RecursionConstraint>& constraints)

{

    auto ivc = std::make_shared<Chonk>(constraints.size());


    uint32_t oink_type = static_cast<uint32_t>(PROOF_TYPE::OINK);

    uint32_t hn_type = static_cast<uint32_t>(PROOF_TYPE::HN);

    uint32_t hn_final_type = static_cast<uint32_t>(PROOF_TYPE::HN_FINAL);

    uint32_t hn_tail_type = static_cast<uint32_t>(PROOF_TYPE::HN_TAIL);


    // There is a fixed set of valid combinations of IVC recursion constraints for Aztec kernel circuits:


    // Case: INIT kernel; single Oink recursive verification of an app

    if (constraints.size() == 1 && constraints[0].proof_type == oink_type) {

        mock_chonk_accumulation(ivc, Chonk::QUEUE_TYPE::OINK, /*is_kernel=*/false);

        return ivc;

    }


    // Case: RESET kernel; single HN recursive verification of a kernel

    if (constraints.size() == 1 && constraints[0].proof_type == hn_type) {

        mock_chonk_accumulation(ivc, Chonk::QUEUE_TYPE::HN, /*is_kernel=*/true);

        return ivc;

    }


    // Case: TAIL kernel; single HN recursive verification of a kernel

    if (constraints.size() == 1 && constraints[0].proof_type == hn_tail_type) {

        mock_chonk_accumulation(ivc, Chonk::QUEUE_TYPE::HN_TAIL, /*is_kernel=*/true);

        return ivc;

    }

    if (constraints.size() == 2) {

        BB_ASSERT_EQ(constraints[0].proof_type, hn_type);

        BB_ASSERT_EQ(constraints[1].proof_type, hn_type);

        mock_chonk_accumulation(ivc, Chonk::QUEUE_TYPE::HN, /*is_kernel=*/true);

        mock_chonk_accumulation(ivc, Chonk::QUEUE_TYPE::HN, /*is_kernel=*/false);

        return ivc;

    }


    // Case: HIDING kernel; single HN_FINAL recursive verification of a kernel

    if (constraints.size() == 1 && constraints[0].proof_type == hn_final_type) {

        mock_chonk_accumulation(ivc, Chonk::QUEUE_TYPE::HN_FINAL, /*is_kernel=*/true);

        return ivc;

    }


    throw_or_abort("Invalid set of IVC recursion constraints!");

    return ivc;

}


Chonk::VerifierInputs create_mock_verification_queue_entry(const Chonk::QUEUE_TYPE verification_type,

                                                           const bool is_kernel)

{

    using IvcType = Chonk;

    using FF = IvcType::FF;

    using MegaVerificationKey = IvcType::MegaVerificationKey;

    using Flavor = IvcType::Flavor;


    size_t dyadic_size = 1 << Flavor::VIRTUAL_LOG_N;         // maybe doesnt need to be correct

    size_t pub_inputs_offset = Flavor::has_zero_row ? 1 : 0; // always 1


    // Construct a mock Oink or HN proof and a mock MegaHonk verification key

    std::vector<FF> proof;

    std::shared_ptr<MegaVerificationKey> verification_key;


    if (is_kernel) {

        using KernelIO = stdlib::recursion::honk::KernelIO;

        BB_ASSERT_EQ(verification_type == Chonk::QUEUE_TYPE::HN || verification_type == Chonk::QUEUE_TYPE::HN_TAIL ||

                         verification_type == Chonk::QUEUE_TYPE::HN_FINAL,

                     true);


        // kernel circuits are always folded, thus the proof always includes the nova fold proof

        bool include_fold = true;

        proof = create_mock_hyper_nova_proof<Flavor, KernelIO>(include_fold);


        verification_key = create_mock_honk_vk<Flavor, KernelIO>(dyadic_size, pub_inputs_offset);

    } else {

        using AppIO = stdlib::recursion::honk::AppIO;

        BB_ASSERT_EQ(verification_type == Chonk::QUEUE_TYPE::OINK || verification_type == Chonk::QUEUE_TYPE::HN, true);


        // The first app is not folded thus the proof does not include the nova fold proof

        bool include_fold = !(verification_type == Chonk::QUEUE_TYPE::OINK);

        proof = create_mock_hyper_nova_proof<Flavor, AppIO>(include_fold);


        verification_key = create_mock_honk_vk<Flavor, AppIO>(dyadic_size, pub_inputs_offset);

    }


    return Chonk::VerifierInputs{ proof, verification_key, verification_type, is_kernel };

}


void mock_chonk_accumulation(const std::shared_ptr<Chonk>& ivc, Chonk::QUEUE_TYPE type, const bool is_kernel)

{

    using FF = Chonk::FF;

    using Commitment = Chonk::Commitment;


    // Initialize verifier accumulator with proper structure

    ivc->recursive_verifier_native_accum.challenge = std::vector<FF>(Chonk::Flavor::VIRTUAL_LOG_N, FF::zero());

    ivc->recursive_verifier_native_accum.non_shifted_evaluation = FF::zero();

    ivc->recursive_verifier_native_accum.shifted_evaluation = FF::zero();

    ivc->recursive_verifier_native_accum.non_shifted_commitment = Commitment::one();

    ivc->recursive_verifier_native_accum.shifted_commitment = Commitment::one();


    Chonk::VerifierInputs entry = acir_format::create_mock_verification_queue_entry(type, is_kernel);

    ivc->verification_queue.emplace_back(entry);

    ivc->goblin.merge_verification_queue.emplace_back(acir_format::create_mock_merge_proof());

    if (type == Chonk::QUEUE_TYPE::HN_FINAL) {

        ivc->decider_proof = acir_format::create_mock_pcs_proof<Chonk::Flavor>();

    }

    ivc->num_circuits_accumulated++;

}


void populate_dummy_vk_in_constraint(MegaCircuitBuilder& builder,

                                     const std::shared_ptr<MegaFlavor::VerificationKey>& mock_verification_key,

                                     const std::vector<uint32_t>& key_witness_indices)

{

    using FF = Chonk::FF;


    // Convert the VerificationKey to fields

    std::vector<FF> mock_vk_fields = mock_verification_key->to_field_elements();

    BB_ASSERT_EQ(mock_vk_fields.size(), key_witness_indices.size());


    // Add the fields to the witness and set the key witness indices accordingly

    for (auto [witness_idx, value] : zip_view(key_witness_indices, mock_vk_fields)) {

        builder.set_variable(witness_idx, value);

    }

}


} // namespace acir_format

assert.hpp

BB_ASSERT_EQ
#define BB_ASSERT_EQ(actual, expected,...)
Definition assert.hpp:93

bb::Chonk
The IVC scheme used by the aztec client for private function execution.
Definition chonk.hpp:38

bb::Chonk::FF
Flavor::FF FF
Definition chonk.hpp:45

bb::Chonk::Commitment
Flavor::Commitment Commitment
Definition chonk.hpp:46

bb::Chonk::QUEUE_TYPE
QUEUE_TYPE
Proof type determining recursive verification logic in kernel circuits.
Definition chonk.hpp:105

bb::ECCVMFlavor
Definition eccvm_flavor.hpp:35

bb::MegaCircuitBuilder_
Definition mega_circuit_builder.hpp:19

bb::MegaFlavor::VIRTUAL_LOG_N
static constexpr size_t VIRTUAL_LOG_N
Definition mega_flavor.hpp:51

bb::stdlib::recursion::honk::DefaultIO
Manages the data that is propagated on the public inputs of an application/function circuit.
Definition special_public_inputs.hpp:159

bb::stdlib::recursion::honk::KernelIO
Manages the data that is propagated on the public inputs of a kernel circuit.
Definition special_public_inputs.hpp:61

zip_view
Definition zip_view.hpp:166

GetEnvVarMutationOptions::type
@ type

builder
AluTraceBuilder builder
Definition alu.test.cpp:124

flavor.hpp
Base class templates for structures that contain data parameterized by the fundamental polynomials of...

hypernova_recursion_constraint.hpp

mock_verifier_inputs.hpp

acir_format
Definition acir_format.cpp:30

acir_format::HN_FINAL
@ HN_FINAL
Definition recursion_constraint.hpp:33

acir_format::HN_TAIL
@ HN_TAIL
Definition recursion_constraint.hpp:33

acir_format::OINK
@ OINK
Definition recursion_constraint.hpp:33

acir_format::HN
@ HN
Definition recursion_constraint.hpp:33

acir_format::populate_dummy_vk_in_constraint
void populate_dummy_vk_in_constraint(MegaCircuitBuilder &builder, const std::shared_ptr< MegaFlavor::VerificationKey > &mock_verification_key, const std::vector< uint32_t > &key_witness_indices)
Populate VK witness fields from a recursion constraint from a provided VerificationKey.
Definition hypernova_recursion_constraint.cpp:166

acir_format::create_mock_merge_proof
Goblin::MergeProof create_mock_merge_proof()
Create a mock merge proof which has the correct structure but is not necessarily valid.
Definition mock_verifier_inputs.cpp:279

acir_format::create_mock_chonk_from_constraints
std::shared_ptr< Chonk > create_mock_chonk_from_constraints(const std::vector< RecursionConstraint > &constraints)
Create an IVC object with mocked state corresponding to a set of IVC recursion constraints.
Definition hypernova_recursion_constraint.cpp:38

acir_format::create_mock_verification_queue_entry
Chonk::VerifierInputs create_mock_verification_queue_entry(const Chonk::QUEUE_TYPE verification_type, const bool is_kernel)
Create a mock verification queue entry with proof and VK that have the correct structure but are not ...
Definition hypernova_recursion_constraint.cpp:89

acir_format::mock_chonk_accumulation
void mock_chonk_accumulation(const std::shared_ptr< Chonk > &ivc, Chonk::QUEUE_TYPE type, const bool is_kernel)
Populate an IVC instance with data that mimics the state after a single IVC accumulation.
Definition hypernova_recursion_constraint.cpp:138

bb::stdlib::recursion::honk::AppIO
DefaultIO< MegaCircuitBuilder > AppIO
The data that is propagated on the public inputs of an application/function circuit.
Definition special_public_inputs.hpp:216

bb
Entry point for Barretenberg command-line interface.
Definition api.hpp:5

std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13

value
FF value
Definition public_data_tree.test.cpp:97

recursion_constraint.hpp

constants.hpp

bn254.hpp

pairing_points.hpp

bb::Chonk::VerifierInputs
Definition chonk.hpp:108

bb::field< bb::Bn254FrParams >

bb::field< bb::Bn254FrParams >::zero
static constexpr field zero()
Definition field_declarations.hpp:242

throw_or_abort.hpp

throw_or_abort
void throw_or_abort(std::string const &err)
Definition throw_or_abort.hpp:6

ultra_recursive_flavor.hpp

ultra_rollup_recursive_flavor.hpp

ultra_verifier.hpp