Barretenberg: src/barretenberg/vm2/proving_helper.cpp Source File

#include "barretenberg/vm2/proving_helper.hpp"


#include <cstdint>

#include <cstdlib>

#include <memory>

#include <stdexcept>


#include "barretenberg/common/assert.hpp"

#include "barretenberg/common/serialize.hpp"

#include "barretenberg/common/thread.hpp"

#include "barretenberg/numeric/bitop/get_msb.hpp"

#include "barretenberg/vm2/common/constants.hpp"

#include "barretenberg/vm2/constraining/avm_fixed_vk.hpp"

#include "barretenberg/vm2/constraining/check_circuit.hpp"

#include "barretenberg/vm2/constraining/polynomials.hpp"

#include "barretenberg/vm2/constraining/prover.hpp"

#include "barretenberg/vm2/constraining/verifier.hpp"

#include "barretenberg/vm2/tooling/stats.hpp"


namespace bb::avm2 {


// Create AvmVerifier::VerificationKey based on VkData and returns shared pointer.


std::shared_ptr<AvmVerifier::VerificationKey> AvmProvingHelper::create_verification_key(const VkData& vk_data)

{

    using VerificationKey = AvmVerifier::VerificationKey;

    std::vector<fr> vk_as_fields = many_from_buffer<AvmFlavorSettings::FF>(vk_data);


    std::span vk_span(vk_as_fields);


    vinfo("vk fields size: ", vk_as_fields.size());


    std::array<VerificationKey::Commitment, VerificationKey::NUM_PRECOMPUTED_COMMITMENTS> precomputed_cmts;

    for (size_t i = 0; i < VerificationKey::NUM_PRECOMPUTED_COMMITMENTS; i++) {

        // Adds 4 (NUM_FRS_COM) fr elements per commitment. Therefore, index = 4 * i.

        precomputed_cmts[i] = FrCodec::deserialize_from_fields<VerificationKey::Commitment>(

            vk_span.subspan(AvmFlavor::NUM_FRS_COM * i, AvmFlavor::NUM_FRS_COM));

    }


    return std::make_shared<VerificationKey>(precomputed_cmts);

}


AvmProvingHelper::VkData AvmProvingHelper::get_verification_key()

{

    auto verification_key =

        std::make_shared<AvmVerifier::VerificationKey>(constraining::AvmFixedVKCommitments::get_all());


    vinfo("AVM vk hash: ", verification_key->hash());


    auto serialized_vk = to_buffer(verification_key->to_field_elements());


    return serialized_vk;

}


AvmProvingHelper::Proof AvmProvingHelper::prove(tracegen::TraceContainer&& trace)

{

    auto polynomials = AVM_TRACK_TIME_V("proving/prove:compute_polynomials", constraining::compute_polynomials(trace));

    auto proving_key =

        AVM_TRACK_TIME_V("proving/prove:proving_key", constraining::proving_key_from_polynomials(polynomials));


    auto verification_key =

        std::make_shared<AvmVerifier::VerificationKey>(constraining::AvmFixedVKCommitments::get_all());


    auto prover = AVM_TRACK_TIME_V("proving/prove:construct_prover",

                                   AvmProver(proving_key, verification_key, proving_key->commitment_key));


    auto proof = AVM_TRACK_TIME_V("proving/construct_proof", prover.construct_proof());

    auto serialized_vk = to_buffer(verification_key->to_field_elements());


    return proof;

}


bool AvmProvingHelper::check_circuit(tracegen::TraceContainer&& trace)

{

    // The proof is done over the whole circuit (2^21 rows).

    // However, for check-circuit purposes we run only over the trace rows

    // PLUS one extra row to catch any possible errors in the empty remainder

    // of the circuit.

    const size_t num_rows = trace.get_num_rows_without_clk() + 1;

    const bool skippable_enabled = (getenv("AVM_DISABLE_SKIPPABLE") == nullptr);

    vinfo("Running check ",

          skippable_enabled ? "(with skippable)" : "(without skippable)",

          " circuit over ",

          num_rows,

          " rows.");


    // Warning: this destroys the trace.

    auto polynomials = AVM_TRACK_TIME_V("proving/prove:compute_polynomials", constraining::compute_polynomials(trace));

    try {

        AVM_TRACK_TIME("proving/check_circuit",

                       constraining::run_check_circuit(polynomials, num_rows, skippable_enabled));

    } catch (std::runtime_error& e) {

        // FIXME: This exception is never caught because it's thrown in a different thread.

        // Execution never gets here!

        vinfo("Circuit check failed: ", e.what());

    }


    return true;

}


bool AvmProvingHelper::verify(const AvmProvingHelper::Proof& proof, const PublicInputs& pi)

{

    auto vk_data = AVM_TRACK_TIME_V("proving/verify:get_verification_key", get_verification_key());

    auto vk = AVM_TRACK_TIME_V("proving/verify:create_verification_key", create_verification_key(vk_data));

    auto verifier = AVM_TRACK_TIME_V("proving/verify:construct_verifier", AvmVerifier(std::move(vk)));

    return AVM_TRACK_TIME_V("proving/verify_proof", verifier.verify_proof(proof, pi.to_columns()));

}


} // namespace bb::avm2

assert.hpp

avm_fixed_vk.hpp

check_circuit.hpp

bb::NativeVerificationKey_
Base Native verification key class.
Definition flavor.hpp:141

bb::avm2::AvmFlavor::NUM_FRS_COM
static constexpr size_t NUM_FRS_COM
Definition flavor.hpp:98

bb::avm2::AvmProver
Definition prover.hpp:11

bb::avm2::AvmProvingHelper::get_verification_key
VkData get_verification_key()
Definition proving_helper.cpp:42

bb::avm2::AvmProvingHelper::VkData
std::vector< uint8_t > VkData
Definition proving_helper.hpp:15

bb::avm2::AvmProvingHelper::verify
bool verify(const Proof &proof, const PublicInputs &pi)
Definition proving_helper.cpp:100

bb::avm2::AvmProvingHelper::Proof
AvmProver::Proof Proof
Definition proving_helper.hpp:14

bb::avm2::AvmProvingHelper::prove
Proof prove(tracegen::TraceContainer &&trace)
Definition proving_helper.cpp:54

bb::avm2::AvmProvingHelper::check_circuit
bool check_circuit(tracegen::TraceContainer &&trace)
Definition proving_helper.cpp:72

bb::avm2::AvmProvingHelper::create_verification_key
static std::shared_ptr< AvmVerifier::VerificationKey > create_verification_key(const VkData &vk_data)
Definition proving_helper.cpp:23

bb::avm2::AvmVerifier
Definition verifier.hpp:8

bb::avm2::AvmVerifier::VerificationKey
Flavor::VerificationKey VerificationKey
Definition verifier.hpp:13

bb::avm2::constraining::AvmFixedVKCommitments::get_all
static constexpr std::array< Commitment, VerificationKey::NUM_PRECOMPUTED_COMMITMENTS > get_all()
Definition avm_fixed_vk.hpp:18

bb::avm2::tracegen::TraceContainer
Definition trace_container.hpp:24

vinfo
#define vinfo(...)
Definition log.hpp:94

trace
TestTraceContainer trace
Definition data_copy.test.cpp:63

get_msb.hpp

bb::avm2::constraining::compute_polynomials
AvmProver::ProverPolynomials compute_polynomials(tracegen::TraceContainer &trace)
Definition polynomials.cpp:13

bb::avm2::constraining::proving_key_from_polynomials
std::shared_ptr< AvmProver::ProvingKey > proving_key_from_polynomials(AvmProver::ProverPolynomials &polynomials)
Definition polynomials.cpp:108

bb::avm2::constraining::run_check_circuit
void run_check_circuit(AvmFlavor::ProverPolynomials &polys, size_t num_rows, bool skippable_enabled)
Definition check_circuit.cpp:18

bb::avm2
Definition dbs.cpp:19

bb::vk
VerifierCommitmentKey< Curve > vk
Definition ipa.fuzzer.cpp:21

std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13

polynomials.hpp

prover.hpp

proving_helper.hpp

serialize.hpp

to_buffer
std::vector< uint8_t > to_buffer(T const &value)
Definition serialize.hpp:413

stats.hpp

AVM_TRACK_TIME_V
#define AVM_TRACK_TIME_V(key, body)
Definition stats.hpp:18

AVM_TRACK_TIME
#define AVM_TRACK_TIME(key, body)
Definition stats.hpp:16

bb::avm2::PublicInputs
Definition avm_io.hpp:26

bb::avm2::PublicInputs::to_columns
std::vector< std::vector< FF > > to_columns() const
Serialization to columns.
Definition avm_io.cpp:142

thread.hpp

verifier.hpp

constants.hpp