Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
batched_honk_translator.test.cpp
Go to the documentation of this file.
1
14#include "batched_honk_translator_prover.hpp"
15#include "batched_honk_translator_verifier.hpp"
16
17#include "barretenberg/commitment_schemes/commitment_key.hpp"
18#include "barretenberg/goblin/mock_circuits.hpp"
19#include "barretenberg/honk/proof_length.hpp"
20#include "barretenberg/srs/global_crs.hpp"
21#include "barretenberg/stdlib_circuit_builders/mock_circuits.hpp"
22#include "barretenberg/transcript/transcript_manifest.hpp"
23#include "barretenberg/translator_vm/translator_circuit_builder.hpp"
24#include "barretenberg/translator_vm/translator_prover.hpp"
25
26#include <gtest/gtest.h>
27
28using namespace bb;
29
30class BatchedHonkTranslatorTests : public ::testing::Test {
31 public:
32 using FF = TranslatorFlavor::FF;
33 using Fq = TranslatorFlavor::BF; // BN254 base field (= Grumpkin scalar field)
34 using G1 = TranslatorFlavor::Commitment;
35 using Transcript = NativeTranscript;
36
37 static void SetUpTestSuite() { bb::srs::init_file_crs_factory(bb::srs::bb_crs_path()); }
38
39 // -------------------------------------------------------------------------
40 // Translator helpers (adapted from translator.test.cpp)
41 // -------------------------------------------------------------------------
42
43 static void add_random_ops(std::shared_ptr<ECCOpQueue>& op_queue, size_t count)
44 {
45 for (size_t i = 0; i < count; i++) {
46 op_queue->random_op_ultra_only();
47 }
48 }
49
50 static void add_mixed_ops(std::shared_ptr<ECCOpQueue>& op_queue, size_t count = 100)
51 {
52 auto P1 = G1::random_element();
53 auto P2 = G1::random_element();
54 auto z = FF::random_element();
55 for (size_t i = 0; i < count; i++) {
56 op_queue->add_accumulate(P1);
57 op_queue->mul_accumulate(P2, z);
58 }
59 op_queue->eq_and_reset();
60 }
61
66 static std::shared_ptr<TranslatorProvingKey> build_translator_key(const Fq& batching_challenge_v,
67 const Fq& evaluation_input_x,
68 size_t circuit_size_param = 500)
69 {
70 auto op_queue = std::make_shared<ECCOpQueue>();
71 // Construct zk_columns
72 op_queue->construct_zk_columns();
73 // Table with correct final structure for translator
74 add_mixed_ops(op_queue, circuit_size_param / 2);
75 add_random_ops(op_queue, TranslatorCircuitBuilder::NUM_RANDOM_OPS_END);
76 // Merge with fixed append
77 op_queue->merge_fixed_append(op_queue->get_append_offset());
78
79 TranslatorCircuitBuilder circuit(batching_challenge_v, evaluation_input_x, op_queue);
80 return std::make_shared<TranslatorProvingKey>(circuit);
81 }
82
87 static Fq get_accumulated_result(const std::shared_ptr<TranslatorProvingKey>& key)
88 {
89 const size_t RESULT_ROW = TranslatorFlavor::RESULT_ROW;
90 auto& polys = key->proving_key->polynomials;
91 return Fq(uint256_t(polys.accumulators_binary_limbs_0[RESULT_ROW]) +
92 (uint256_t(polys.accumulators_binary_limbs_1[RESULT_ROW]) << 68) +
93 (uint256_t(polys.accumulators_binary_limbs_2[RESULT_ROW]) << 136) +
94 (uint256_t(polys.accumulators_binary_limbs_3[RESULT_ROW]) << 204));
95 }
96
118 static TranscriptManifest build_expected_batched_manifest(const size_t num_mega_zk_pub_inputs)
119 {
120 using MZK = MegaZKFlavor;
121 using Trans = TranslatorFlavor;
122
123 constexpr size_t G = FrCodec::calc_num_fields<MZK::Commitment>(); // 4
124 constexpr size_t Fr = 1;
125 constexpr size_t JOINT_LOG_N = Trans::CONST_TRANSLATOR_LOG_N; // 17
126 constexpr size_t LOG_MINI = Trans::LOG_MINI_CIRCUIT_SIZE; // 13
127
128 TranscriptManifest m;
129 size_t round = 0;
130
131 // ── Round 0: MegaZK Oink ──────────────────────────────────────────────────
132 m.add_entry(round, "vk_hash", Fr);
133 for (size_t i = 0; i < num_mega_zk_pub_inputs; ++i) {
134 m.add_entry(round, "public_input_" + std::to_string(i), Fr);
135 }
136 m.add_entry(round, "W_L", G);
137 m.add_entry(round, "W_R", G);
138 m.add_entry(round, "W_O", G);
139 for (size_t i = 1; i <= 4; ++i) {
140 m.add_entry(round, "ECC_OP_WIRE_" + std::to_string(i), G);
141 }
142 // DataBus entities:
143 for (const auto& label : { "CALLDATA",
144 "CALLDATA_READ_COUNTS",
145 "SECONDARY_CALLDATA",
146 "SECONDARY_CALLDATA_READ_COUNTS",
147 "RETURN_DATA",
148 "RETURN_DATA_READ_COUNTS" }) {
149 m.add_entry(round, label, G);
150 }
151 m.add_challenge(round, "eta");
152 round++;
153
154 // ── Round 1: MegaZK lookup counts/tags/W_4 ───────────────────────────────
155 m.add_entry(round, "LOOKUP_READ_COUNTS", G);
156 m.add_entry(round, "LOOKUP_READ_TAGS", G);
157 m.add_entry(round, "W_4", G);
158 m.add_challenge(round, std::array<std::string, 2>{ "beta", "gamma" });
159 round++;
160
161 // ── Round 2: MegaZK logderiv inverses + Z_PERM + translator Oink ─────────
162 m.add_entry(round, "LOOKUP_INVERSES", G);
163 m.add_entry(round, "CALLDATA_INVERSES", G);
164 m.add_entry(round, "SECONDARY_CALLDATA_INVERSES", G);
165 m.add_entry(round, "RETURN_DATA_INVERSES", G);
166 m.add_entry(round, "Z_PERM", G);
167 // Translator Oink: vk_hash, masking commitment, 10 wire commitments
168 m.add_entry(round, "vk_hash", Fr);
169 m.add_entry(round, "Gemini:masking_poly_comm", G);
170 for (size_t i = 0; i < 4; ++i) {
171 m.add_entry(round, "CONCATENATED_RANGE_CONSTRAINTS_" + std::to_string(i), G);
172 }
173 m.add_entry(round, "CONCATENATED_NON_RANGE", G);
174 for (size_t i = 0; i < 5; ++i) {
175 m.add_entry(round, "ORDERED_RANGE_CONSTRAINTS_" + std::to_string(i), G);
176 }
177 m.add_challenge(round, std::array<std::string, 2>{ "beta", "gamma" });
178 round++;
179
180 // ── Round 3: translator Z_PERM, then joint alpha + gate challenges ────────
181 m.add_entry(round, "Z_PERM", G);
182 m.add_challenge(round, "Sumcheck:alpha");
183 m.add_challenge(round, "Sumcheck:gate_challenge");
184 round++;
185
186 // ── Round 4: Libra masking commitment + Sum ───────────────────────────────
187 m.add_entry(round, "Libra:concatenation_commitment", G);
188 m.add_entry(round, "Libra:Sum", Fr);
189 m.add_challenge(round, "Libra:Challenge");
190 round++;
191
192 // ── Rounds 5..4+JOINT_LOG_N: joint sumcheck ──────────────────────────────
193 for (size_t i = 0; i < JOINT_LOG_N; ++i) {
194 // Translator mini-circuit evaluations are sent after round LOG_MINI_CIRCUIT_SIZE-1
195 // and appear before univariate_{LOG_MINI} in the manifest.
196 if (i == LOG_MINI) {
197 m.add_entry(round, "Sumcheck:minicircuit_evaluations", Trans::NUM_MINICIRCUIT_EVALUATIONS);
198 }
199 m.add_entry(round, "Sumcheck:univariate_comm_" + std::to_string(i), G);
200 m.add_entry(round, "Sumcheck:univariate_" + std::to_string(i) + "_eval_0", Fr);
201 m.add_entry(round, "Sumcheck:univariate_" + std::to_string(i) + "_eval_1", Fr);
202 m.add_challenge(round, "Sumcheck:u_" + std::to_string(i));
203 round++;
204 }
205
206 // ── Post-sumcheck evaluations ─────────────────────────────────────────────
207 // MegaZK evaluations are sent after all sumcheck rounds (real + virtual).
208 m.add_entry(round, "Sumcheck:evaluations", MZK::NUM_ALL_ENTITIES);
209 m.add_entry(round, "Sumcheck:evaluations_translator", Trans::NUM_FULL_CIRCUIT_EVALUATIONS);
210 m.add_entry(round, "Libra:claimed_evaluation", Fr);
211 m.add_entry(round, "Libra:grand_sum_commitment", G);
212 m.add_entry(round, "Libra:quotient_commitment", G);
213 m.add_challenge(round, "rho");
214 round++;
215
216 // ── Gemini fold commitments ───────────────────────────────────────────────
217 for (size_t i = 1; i < JOINT_LOG_N; ++i) {
218 m.add_entry(round, "Gemini:FOLD_" + std::to_string(i), G);
219 }
220 m.add_challenge(round, "Gemini:r");
221 round++;
222
223 // ── Gemini evaluations + Libra evals ─────────────────────────────────────
224 for (size_t i = 1; i <= JOINT_LOG_N; ++i) {
225 m.add_entry(round, "Gemini:a_" + std::to_string(i), Fr);
226 }
227 m.add_entry(round, "Libra:concatenation_eval", Fr);
228 m.add_entry(round, "Libra:shifted_grand_sum_eval", Fr);
229 m.add_entry(round, "Libra:grand_sum_eval", Fr);
230 m.add_entry(round, "Libra:quotient_eval", Fr);
231 m.add_challenge(round, "Shplonk:nu");
232 round++;
233
234 // ── Shplonk:Q ────────────────────────────────────────────────────────────
235 m.add_entry(round, "Shplonk:Q", G);
236 m.add_challenge(round, "Shplonk:z");
237 round++;
238
239 // ── KZG opening ──────────────────────────────────────────────────────────
240 m.add_entry(round, "KZG:W", G);
241
242 return m;
243 }
244
249 static std::array<TranslatorFlavor::Commitment, TranslatorFlavor::NUM_OP_QUEUE_WIRES> commit_op_queue_wires(
250 const std::shared_ptr<TranslatorProvingKey>& key)
251 {
252 auto& ck = key->proving_key->commitment_key;
253 auto& polys = key->proving_key->polynomials;
254 return {
255 ck.commit(polys.op), ck.commit(polys.x_lo_y_hi), ck.commit(polys.x_hi_z_1), ck.commit(polys.y_lo_z_2)
256 };
257 }
258};
259
260// =============================================================================
261// BatchedHonkTranslatorTests::ProveAndVerify
262// =============================================================================
263TEST_F(BatchedHonkTranslatorTests, ProveAndVerify)
264{
265 using MegaZKFlavor = MegaZKFlavor;
266 using MegaZKProverInst = ProverInstance_<MegaZKFlavor>;
267 using MegaZKVK = MegaZKFlavor::VerificationKey;
268 using MegaZKVKAndHash = MegaZKFlavor::VKAndHash;
269
270 // -------------------------------------------------------------------------
271 // 1. Translator inputs (random translation challenges — no ECCVM needed).
272 // -------------------------------------------------------------------------
273 const Fq batching_challenge_v = Fq::random_element();
274 const Fq evaluation_input_x = Fq::random_element();
275
276 auto translator_key = build_translator_key(batching_challenge_v, evaluation_input_x);
277
278 // Initialise the translator commitment key (normally done by TranslatorProver ctor).
279 {
280 auto tmp = std::make_shared<Transcript>();
281 TranslatorProver init_prover(translator_key, tmp); // side-effect: initialises commitment_key
282 }
283 const Fq accumulated_result = get_accumulated_result(translator_key);
284 const auto op_queue_wire_commitments = commit_op_queue_wires(translator_key);
285
286 // -------------------------------------------------------------------------
287 // 2. Hiding kernel inputs: pad to JOINT_LOG_N = 17 so hiding_log_n == JOINT_LOG_N.
288 // -------------------------------------------------------------------------
289 MegaCircuitBuilder mega_zk_circuit;
290 GoblinMockCircuits::construct_simple_circuit(mega_zk_circuit);
291 // Pad so that hiding_log_n == JOINT_LOG_N. We aim for JOINT_LOG_N-1 as the arithmetic
292 // target because MegaCircuitBuilder's execution-trace overhead grows the dyadic size by one.
293 static constexpr size_t JOINT_LOG_N = BatchedHonkTranslatorProver::JOINT_LOG_N;
294 MockCircuits::construct_arithmetic_circuit(mega_zk_circuit, JOINT_LOG_N - 1, /*include_public_inputs=*/false);
295
296 auto mega_zk_inst = std::make_shared<MegaZKProverInst>(mega_zk_circuit);
297 auto mega_zk_vk = std::make_shared<MegaZKVK>(mega_zk_inst->get_precomputed());
298 auto mega_zk_vk_and_hash = std::make_shared<MegaZKVKAndHash>(mega_zk_vk);
299
300 // -------------------------------------------------------------------------
301 // 3. Prove.
302 // -------------------------------------------------------------------------
303 auto prover_transcript = std::make_shared<Transcript>();
304 BatchedHonkTranslatorProver prover(mega_zk_inst, mega_zk_vk, prover_transcript);
305
306 auto mega_zk_proof = prover.prove_mega_zk_oink();
307 auto joint_proof = prover.prove(translator_key);
308
309 // -------------------------------------------------------------------------
310 // 4. Verify.
311 // -------------------------------------------------------------------------
312 auto verifier_transcript = std::make_shared<Transcript>();
313 BatchedHonkTranslatorVerifier verifier(mega_zk_vk_and_hash, verifier_transcript);
314 verifier.verify_mega_zk_oink(mega_zk_proof);
315 auto result = verifier.verify(
316 joint_proof, evaluation_input_x, batching_challenge_v, accumulated_result, op_queue_wire_commitments);
317
318 EXPECT_TRUE(result.reduction_succeeded);
319 EXPECT_TRUE(result.pairing_points.check());
320}
321
322// =============================================================================
323// BatchedHonkTranslatorTests::VerifierManifestConsistency
324// Checks that the prover and verifier Fiat-Shamir transcripts produce the same
325// manifest (same sequence of send/receive/challenge entries), which pins the
326// joint proof structure and detects any prover/verifier protocol divergence.
327// =============================================================================
328TEST_F(BatchedHonkTranslatorTests, VerifierManifestConsistency)
329{
330 using MegaZKProverInst = ProverInstance_<MegaZKFlavor>;
331 using MegaZKVK = MegaZKFlavor::VerificationKey;
332 using MegaZKVKAndHash = MegaZKFlavor::VKAndHash;
333
334 const Fq batching_challenge_v = Fq::random_element();
335 const Fq evaluation_input_x = Fq::random_element();
336
337 auto translator_key = build_translator_key(batching_challenge_v, evaluation_input_x);
338 {
339 auto tmp = std::make_shared<Transcript>();
340 TranslatorProver init_prover(translator_key, tmp);
341 }
342 const Fq accumulated_result = get_accumulated_result(translator_key);
343 const auto op_queue_wire_commitments = commit_op_queue_wires(translator_key);
344
345 MegaCircuitBuilder mega_zk_circuit;
346 GoblinMockCircuits::construct_simple_circuit(mega_zk_circuit);
347
348 auto mega_zk_inst = std::make_shared<MegaZKProverInst>(mega_zk_circuit);
349 auto mega_zk_vk = std::make_shared<MegaZKVK>(mega_zk_inst->get_precomputed());
350 auto mega_zk_vk_and_hash = std::make_shared<MegaZKVKAndHash>(mega_zk_vk);
351
352 // Prove with manifest tracking enabled.
353 auto prover_transcript = std::make_shared<Transcript>();
354 prover_transcript->enable_manifest();
355 BatchedHonkTranslatorProver prover(mega_zk_inst, mega_zk_vk, prover_transcript);
356 auto mega_zk_proof = prover.prove_mega_zk_oink();
357 auto joint_proof = prover.prove(translator_key);
358
359 // Verify with manifest tracking enabled.
360 auto verifier_transcript = std::make_shared<Transcript>();
361 verifier_transcript->enable_manifest();
362 BatchedHonkTranslatorVerifier verifier(mega_zk_vk_and_hash, verifier_transcript);
363 verifier.verify_mega_zk_oink(mega_zk_proof);
364 [[maybe_unused]] auto _ = verifier.verify(
365 joint_proof, evaluation_input_x, batching_challenge_v, accumulated_result, op_queue_wire_commitments);
366
367 auto prover_manifest = prover_transcript->get_manifest();
368 auto verifier_manifest = verifier_transcript->get_manifest();
369
370 ASSERT_GT(prover_manifest.size(), 0);
371 for (size_t round = 0; round < prover_manifest.size(); ++round) {
372 ASSERT_EQ(prover_manifest[round], verifier_manifest[round])
373 << "Prover/verifier manifest discrepancy in round " << round;
374 }
375}
376
377// =============================================================================
378// BatchedHonkTranslatorTests::ProverManifestConsistency
379// Pins the joint transcript structure by comparing the prover manifest against
380// a hard-coded expected manifest built from flavor constants. Detects any
381// structural change in the Fiat-Shamir transcript ordering.
382// =============================================================================
383TEST_F(BatchedHonkTranslatorTests, ProverManifestConsistency)
384{
385 using MegaZKProverInst = ProverInstance_<MegaZKFlavor>;
386 using MegaZKVK = MegaZKFlavor::VerificationKey;
387
388 const Fq batching_challenge_v = Fq::random_element();
389 const Fq evaluation_input_x = Fq::random_element();
390
391 auto translator_key = build_translator_key(batching_challenge_v, evaluation_input_x);
392 {
393 auto tmp = std::make_shared<Transcript>();
394 TranslatorProver init_prover(translator_key, tmp);
395 }
396
397 MegaCircuitBuilder mega_zk_circuit;
398 GoblinMockCircuits::construct_simple_circuit(mega_zk_circuit);
399 auto mega_zk_inst = std::make_shared<MegaZKProverInst>(mega_zk_circuit);
400 auto mega_zk_vk = std::make_shared<MegaZKVK>(mega_zk_inst->get_precomputed());
401
402 const size_t num_mega_zk_pub_inputs = mega_zk_inst->num_public_inputs();
403
404 // Prove with manifest tracking enabled.
405 auto prover_transcript = std::make_shared<Transcript>();
406 prover_transcript->enable_manifest();
407 BatchedHonkTranslatorProver prover(mega_zk_inst, mega_zk_vk, prover_transcript);
408 [[maybe_unused]] auto _ = prover.prove_mega_zk_oink();
409 [[maybe_unused]] auto __ = prover.prove(translator_key);
410
411 auto prover_manifest = prover_transcript->get_manifest();
412 auto expected_manifest = build_expected_batched_manifest(num_mega_zk_pub_inputs);
413
414 ASSERT_EQ(prover_manifest.size(), expected_manifest.size()) << "Manifest round count mismatch";
415 for (size_t round = 0; round < expected_manifest.size(); ++round) {
416 ASSERT_EQ(prover_manifest[round], expected_manifest[round]) << "Manifest discrepancy in round " << round;
417 }
418}
419
420// =============================================================================
421// BatchedHonkTranslatorTests::ProveAndVerifySmallHiding
422// Tests the variable circuit size path: hiding_log_n < JOINT_LOG_N.
423// =============================================================================
424TEST_F(BatchedHonkTranslatorTests, ProveAndVerifySmallHiding)
425{
426 using MegaZKFlavor = MegaZKFlavor;
427 using MegaZKProverInst = ProverInstance_<MegaZKFlavor>;
428 using MegaZKVK = MegaZKFlavor::VerificationKey;
429 using MegaZKVKAndHash = MegaZKFlavor::VKAndHash;
430
431 const Fq batching_challenge_v = Fq::random_element();
432 const Fq evaluation_input_x = Fq::random_element();
433
434 auto translator_key = build_translator_key(batching_challenge_v, evaluation_input_x);
435 {
436 auto tmp = std::make_shared<Transcript>();
437 TranslatorProver init_prover(translator_key, tmp);
438 }
439 const Fq accumulated_result = get_accumulated_result(translator_key);
440 const auto op_queue_wire_commitments = commit_op_queue_wires(translator_key);
441
442 // Use a small hiding circuit — NOT padded to JOINT_LOG_N.
443 // hiding_log_n will be well below 17, exercising the variable-size code paths.
444 MegaCircuitBuilder mega_zk_circuit;
445 GoblinMockCircuits::construct_simple_circuit(mega_zk_circuit);
446
447 auto mega_zk_inst = std::make_shared<MegaZKProverInst>(mega_zk_circuit);
448 auto mega_zk_vk = std::make_shared<MegaZKVK>(mega_zk_inst->get_precomputed());
449 auto mega_zk_vk_and_hash = std::make_shared<MegaZKVKAndHash>(mega_zk_vk);
450
451 auto prover_transcript = std::make_shared<Transcript>();
452 BatchedHonkTranslatorProver prover(mega_zk_inst, mega_zk_vk, prover_transcript);
453 auto mega_zk_proof = prover.prove_mega_zk_oink();
454 auto joint_proof = prover.prove(translator_key);
455
456 auto verifier_transcript = std::make_shared<Transcript>();
457 BatchedHonkTranslatorVerifier verifier(mega_zk_vk_and_hash, verifier_transcript);
458 verifier.verify_mega_zk_oink(mega_zk_proof);
459 auto result = verifier.verify(
460 joint_proof, evaluation_input_x, batching_challenge_v, accumulated_result, op_queue_wire_commitments);
461
462 EXPECT_TRUE(result.reduction_succeeded);
463 EXPECT_TRUE(result.pairing_points.check());
464}
TEST_F
TEST_F(BatchedHonkTranslatorTests, ProveAndVerify)
Definition batched_honk_translator.test.cpp:263
batched_honk_translator_prover.hpp
batched_honk_translator_verifier.hpp
BatchedHonkTranslatorTests::commit_op_queue_wires
static std::array< TranslatorFlavor::Commitment, TranslatorFlavor::NUM_OP_QUEUE_WIRES > commit_op_queue_wires(const std::shared_ptr< TranslatorProvingKey > &key)
Commit to the four op-queue wire polynomials.
Definition batched_honk_translator.test.cpp:249
BatchedHonkTranslatorTests::add_mixed_ops
static void add_mixed_ops(std::shared_ptr< ECCOpQueue > &op_queue, size_t count=100)
Definition batched_honk_translator.test.cpp:50
BatchedHonkTranslatorTests::get_accumulated_result
static Fq get_accumulated_result(const std::shared_ptr< TranslatorProvingKey > &key)
Read accumulated_result from the translator witness polynomials.
Definition batched_honk_translator.test.cpp:87
BatchedHonkTranslatorTests::build_translator_key
static std::shared_ptr< TranslatorProvingKey > build_translator_key(const Fq &batching_challenge_v, const Fq &evaluation_input_x, size_t circuit_size_param=500)
Build a translator circuit on a fresh op queue with random challenges.
Definition batched_honk_translator.test.cpp:66
BatchedHonkTranslatorTests::add_random_ops
static void add_random_ops(std::shared_ptr< ECCOpQueue > &op_queue, size_t count)
Definition batched_honk_translator.test.cpp:43
BatchedHonkTranslatorTests::build_expected_batched_manifest
static TranscriptManifest build_expected_batched_manifest(const size_t num_mega_zk_pub_inputs)
Build the expected transcript manifest for a BatchedHonkTranslator proof.
Definition batched_honk_translator.test.cpp:118
bb::BaseTranscript
Common transcript class for both parties. Stores the data for the current round, as well as the manif...
Definition transcript.hpp:41
bb::BatchedHonkTranslatorProver
Prover for the batched MegaZK circuit + translator sumcheck and PCS.
Definition batched_honk_translator_prover.hpp:29
bb::BatchedHonkTranslatorProver::prove
HonkProof prove(std::shared_ptr< TranslatorProvingKey > translator_proving_key)
Definition batched_honk_translator_prover.cpp:307
bb::BatchedHonkTranslatorVerifier_
Verifier for the batched MegaZK circuit + translator sumcheck and PCS.
Definition batched_honk_translator_verifier.hpp:32
bb::BatchedHonkTranslatorVerifier_::verify
ReductionResult verify(const Proof &joint_proof, const TransBF &evaluation_input_x, const TransBF &batching_challenge_v, const TransBF &accumulated_result, const std::array< Commitment, TranslatorFlavor::NUM_OP_QUEUE_WIRES > &op_queue_wire_commitments)
Phase 2: Verify translator Oink + joint sumcheck + joint PCS.
Definition batched_honk_translator_verifier.cpp:296
bb::BatchedHonkTranslatorVerifier_::verify_mega_zk_oink
OinkResult verify_mega_zk_oink(const Proof &mega_zk_proof)
Phase 1: Verify the MegaZK Oink phase on the shared transcript.
Definition batched_honk_translator_verifier.cpp:34
bb::GoblinMockCircuits::construct_simple_circuit
static void construct_simple_circuit(MegaBuilder &builder)
Generate a simple test circuit with some ECC op gates and conventional arithmetic gates.
Definition mock_circuits.hpp:131
bb::MegaCircuitBuilder_
Definition mega_circuit_builder.hpp:19
bb::MegaZKFlavor
Child class of MegaFlavor that runs with ZK Sumcheck.
Definition mega_zk_flavor.hpp:22
bb::MegaZKFlavor::VKAndHash
MegaFlavor::VKAndHash VKAndHash
Definition mega_zk_flavor.hpp:55
bb::MockCircuits::construct_arithmetic_circuit
static void construct_arithmetic_circuit(Builder &builder, const size_t target_log2_dyadic_size=4, bool include_public_inputs=true)
Populate a builder with a specified number of arithmetic gates; includes a PI.
Definition mock_circuits.hpp:133
bb::NativeVerificationKey_
Base Native verification key class.
Definition flavor.hpp:135
bb::ProverInstance_
Contains all the information required by a Honk prover to create a proof, constructed from a finalize...
Definition prover_instance.hpp:26
bb::TranscriptManifest::add_entry
void add_entry(size_t round, const std::string &element_label, size_t element_size)
Definition transcript_manifest.hpp:78
bb::TranscriptManifest::add_challenge
void add_challenge(size_t round, const std::string &label)
Add a single challenge label to the manifest for the given round.
Definition transcript_manifest.hpp:45
bb::TranslatorCircuitBuilder
TranslatorCircuitBuilder creates a circuit that evaluates the correctness of the evaluation of EccOpQ...
Definition translator_circuit_builder.hpp:69
bb::TranslatorFlavor::FF
Curve::ScalarField FF
Definition translator_flavor.hpp:43
bb::TranslatorFlavor::Commitment
Curve::AffineElement Commitment
Definition translator_flavor.hpp:40
bb::TranslatorFlavor::RESULT_ROW
static constexpr size_t RESULT_ROW
Definition translator_flavor.hpp:96
bb::numeric::uint256_t
Definition uint256.hpp:32
commitment_key.hpp
G
#define G(r, i, a, b, c, d)
Definition blake2s.cpp:116
global_crs.hpp
mock_circuits.hpp
key
FF key
Definition indexed_memory_tree.test.cpp:19
bb::srs::bb_crs_path
std::filesystem::path bb_crs_path()
Definition global_crs.cpp:14
bb::srs::init_file_crs_factory
void init_file_crs_factory(const std::filesystem::path &path)
Definition global_crs.hpp:14
bb
Entry point for Barretenberg command-line interface.
Definition api.hpp:5
bb::NativeTranscript
BaseTranscript< FrCodec, bb::crypto::Poseidon2< bb::crypto::Poseidon2Bn254ScalarFieldParams > > NativeTranscript
Definition transcript.hpp:502
bb::ck
CommitmentKey< Curve > ck
Definition ipa.fuzzer.cpp:20
std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13
std::to_string
std::string to_string(bb::avm2::ValueTag tag)
Definition tagged_value.cpp:402
Fr
Curve::ScalarField Fr
Definition pippenger.bench.cpp:21
proof_length.hpp
mock_circuits.hpp
bb::field< Bn254FrParams >::random_element
static field random_element(numeric::RNG *engine=nullptr) noexcept
Definition field_impl.hpp:772
transcript_manifest.hpp
translator_circuit_builder.hpp
translator_prover.hpp