Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
proof_structures.hpp
Go to the documentation of this file.
1// === AUDIT STATUS ===
2// internal: { status: not started, auditors: [], date: YYYY-MM-DD }
3// external_1: { status: not started, auditors: [], date: YYYY-MM-DD }
4// external_2: { status: not started, auditors: [], date: YYYY-MM-DD }
5// =====================
6
7#pragma once
8
9#include "barretenberg/eccvm/eccvm_flavor.hpp"
10#include "barretenberg/flavor/flavor_concepts.hpp"
11#include "barretenberg/flavor/mega_flavor.hpp"
12#include "barretenberg/flavor/mega_zk_flavor.hpp"
13#include "barretenberg/flavor/ultra_flavor.hpp"
14#include "barretenberg/flavor/ultra_keccak_flavor.hpp"
15#include "barretenberg/flavor/ultra_keccak_zk_flavor.hpp"
16#include "barretenberg/flavor/ultra_zk_flavor.hpp"
17#include "barretenberg/transcript/transcript.hpp"
18#include "barretenberg/translator_vm/translator_flavor.hpp"
19
20namespace bb {
21
29template <typename Flavor> struct StructuredProof;
30
31// ============================================================================
32// Common base with type definitions and helper methods
33// ============================================================================
34template <typename Flavor> struct StructuredProofHelper {
35 using FF = typename Flavor::FF;
36 using Commitment = typename Flavor::Commitment;
37 using Transcript = typename Flavor::Transcript;
38 using Codec = typename Transcript::Codec;
39 using ProofData = typename Transcript::Proof;
40 static constexpr size_t BATCHED_RELATION_PARTIAL_LENGTH = Flavor::BATCHED_RELATION_PARTIAL_LENGTH;
41 static constexpr size_t NUM_ALL_ENTITIES = Flavor::NUM_ALL_ENTITIES;
42
43 protected:
44 template <typename T> static T deserialize_from_buffer(const ProofData& proof_data, size_t& offset)
45 {
46 constexpr size_t element_size = Codec::template calc_num_fields<T>();
47 BB_ASSERT_LTE(offset + element_size, proof_data.size());
48 auto element_span = std::span{ proof_data }.subspan(offset, element_size);
49 offset += element_size;
50 return Codec::template deserialize_from_fields<T>(element_span);
51 }
52
53 template <typename T> static void serialize_to_buffer(const T& element, ProofData& proof_data)
54 {
55 auto element_fields = Codec::serialize_to_fields(element);
56 proof_data.insert(proof_data.end(), element_fields.begin(), element_fields.end());
57 }
58};
59
60// ============================================================================
61// Ultra proof structure base with common fields and helper methods
62// ============================================================================
63template <typename Flavor> struct UltraStructuredProofBase : StructuredProofHelper<Flavor> {
64 using Base = StructuredProofHelper<Flavor>;
65 using Base::BATCHED_RELATION_PARTIAL_LENGTH;
66 using Base::NUM_ALL_ENTITIES;
67 using typename Base::Commitment;
68 using typename Base::FF;
69 using typename Base::ProofData;
70
71 // Common fields shared between ZK and non-ZK
72 std::vector<FF> public_inputs;
73 Commitment w_l_comm;
74 Commitment w_r_comm;
75 Commitment w_o_comm;
76 Commitment lookup_read_counts_comm;
77 Commitment lookup_read_tags_comm;
78 Commitment w_4_comm;
79 Commitment z_perm_comm;
80 Commitment lookup_inverses_comm;
81 std::vector<bb::Univariate<FF, BATCHED_RELATION_PARTIAL_LENGTH>> sumcheck_univariates;
82 std::array<FF, NUM_ALL_ENTITIES> sumcheck_evaluations;
83 std::vector<Commitment> gemini_fold_comms;
84 std::vector<FF> gemini_fold_evals;
85 Commitment shplonk_q_comm;
86 Commitment kzg_w_comm;
87
88 protected:
89 void clear_vectors()
90 {
91 public_inputs.clear();
92 sumcheck_univariates.clear();
93 gemini_fold_comms.clear();
94 gemini_fold_evals.clear();
95 }
96
97 // Helper: deserialize Ultra witness commitments
98 void deserialize_ultra_witness_comms(const ProofData& proof_data, size_t& offset)
99 {
100 w_l_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
101 w_r_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
102 w_o_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
103 lookup_read_counts_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
104 lookup_read_tags_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
105 w_4_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
106 lookup_inverses_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
107 z_perm_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
108 }
109
110 // Helper: serialize Ultra witness commitments
122
123 // Helper: deserialize sumcheck data
124 void deserialize_sumcheck(const ProofData& proof_data, size_t& offset, size_t log_n)
125 {
126 for (size_t i = 0; i < log_n; ++i) {
127 sumcheck_univariates.push_back(
128 this->template deserialize_from_buffer<bb::Univariate<FF, BATCHED_RELATION_PARTIAL_LENGTH>>(proof_data,
129 offset));
130 }
131 sumcheck_evaluations =
132 this->template deserialize_from_buffer<std::array<FF, NUM_ALL_ENTITIES>>(proof_data, offset);
133 }
134
135 // Helper: serialize sumcheck data
136 void serialize_sumcheck(ProofData& proof_data, size_t log_n) const
137 {
138 for (size_t i = 0; i < log_n; ++i) {
139 Base::serialize_to_buffer(sumcheck_univariates[i], proof_data);
140 }
141 Base::serialize_to_buffer(sumcheck_evaluations, proof_data);
142 }
143
144 // Helper: deserialize Gemini/Shplonk/KZG data
145 void deserialize_pcs(const ProofData& proof_data, size_t& offset, size_t log_n)
146 {
147 for (size_t i = 0; i < log_n - 1; ++i) {
148 gemini_fold_comms.push_back(this->template deserialize_from_buffer<Commitment>(proof_data, offset));
149 }
150 for (size_t i = 0; i < log_n; ++i) {
151 gemini_fold_evals.push_back(this->template deserialize_from_buffer<FF>(proof_data, offset));
152 }
153 shplonk_q_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
154 kzg_w_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
155 }
156
157 // Helper: serialize Gemini/Shplonk/KZG data
158 void serialize_pcs(ProofData& proof_data, size_t log_n) const
159 {
160 for (size_t i = 0; i < log_n - 1; ++i) {
161 Base::serialize_to_buffer(gemini_fold_comms[i], proof_data);
162 }
163 for (size_t i = 0; i < log_n; ++i) {
164 Base::serialize_to_buffer(gemini_fold_evals[i], proof_data);
165 }
166 Base::serialize_to_buffer(shplonk_q_comm, proof_data);
167 Base::serialize_to_buffer(kzg_w_comm, proof_data);
168 }
169
170 public:
171 void deserialize(ProofData& proof_data, size_t num_public_inputs, size_t log_n)
172 {
173 size_t offset = 0;
174 clear_vectors();
175
176 for (size_t i = 0; i < num_public_inputs; ++i) {
177 public_inputs.push_back(this->template deserialize_from_buffer<FF>(proof_data, offset));
178 }
179 deserialize_ultra_witness_comms(proof_data, offset);
180 deserialize_sumcheck(proof_data, offset, log_n);
181 deserialize_pcs(proof_data, offset, log_n);
182 }
183
184 void serialize(ProofData& proof_data, size_t log_n) const
185 {
186 size_t old_size = proof_data.size();
187 proof_data.clear();
188
189 for (const auto& pi : public_inputs) {
190 Base::serialize_to_buffer(pi, proof_data);
191 }
192 serialize_ultra_witness_comms(proof_data);
193 serialize_sumcheck(proof_data, log_n);
194 serialize_pcs(proof_data, log_n);
195
196 BB_ASSERT_EQ(proof_data.size(), old_size);
197 }
198};
199
200// ============================================================================
201// Ultra ZK proof structure - extends Ultra with ZK-specific fields
202// ============================================================================
203template <typename Flavor> struct UltraZKStructuredProofBase : UltraStructuredProofBase<Flavor> {
204 using Base = UltraStructuredProofBase<Flavor>;
205 using typename Base::Commitment;
206 using typename Base::FF;
207 using typename Base::ProofData;
208
209 // ZK-specific fields
210 Commitment hiding_polynomial_commitment;
211 Commitment libra_concatenation_commitment;
212 FF libra_sum;
213 FF libra_claimed_evaluation;
214 Commitment libra_grand_sum_commitment;
215 Commitment libra_quotient_commitment;
216 FF libra_concatenation_eval;
217 FF libra_shifted_grand_sum_eval;
218 FF libra_grand_sum_eval;
219 FF libra_quotient_eval;
220
221 void deserialize(ProofData& proof_data, size_t num_public_inputs, size_t log_n)
222 {
223 size_t offset = 0;
224 this->clear_vectors();
225
226 for (size_t i = 0; i < num_public_inputs; ++i) {
227 this->public_inputs.push_back(this->template deserialize_from_buffer<FF>(proof_data, offset));
228 }
229 hiding_polynomial_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
230 this->deserialize_ultra_witness_comms(proof_data, offset);
231 libra_concatenation_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
232 libra_sum = this->template deserialize_from_buffer<FF>(proof_data, offset);
233
234 // Sumcheck univariates
235 for (size_t i = 0; i < log_n; ++i) {
236 this->sumcheck_univariates.push_back(
237 this->template deserialize_from_buffer<bb::Univariate<FF, Base::BATCHED_RELATION_PARTIAL_LENGTH>>(
238 proof_data, offset));
239 }
240 libra_claimed_evaluation = this->template deserialize_from_buffer<FF>(proof_data, offset);
241 this->sumcheck_evaluations =
242 this->template deserialize_from_buffer<std::array<FF, Base::NUM_ALL_ENTITIES>>(proof_data, offset);
243 libra_grand_sum_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
244 libra_quotient_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
245
246 // Gemini
247 for (size_t i = 0; i < log_n - 1; ++i) {
248 this->gemini_fold_comms.push_back(this->template deserialize_from_buffer<Commitment>(proof_data, offset));
249 }
250 for (size_t i = 0; i < log_n; ++i) {
251 this->gemini_fold_evals.push_back(this->template deserialize_from_buffer<FF>(proof_data, offset));
252 }
253 libra_concatenation_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
254 libra_shifted_grand_sum_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
255 libra_grand_sum_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
256 libra_quotient_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
257 this->shplonk_q_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
258 this->kzg_w_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
259 }
260
261 void serialize(ProofData& proof_data, size_t log_n) const
262 {
263 size_t old_size = proof_data.size();
264 proof_data.clear();
265
266 for (const auto& pi : this->public_inputs) {
267 Base::serialize_to_buffer(pi, proof_data);
268 }
269 Base::serialize_to_buffer(hiding_polynomial_commitment, proof_data);
270 this->serialize_ultra_witness_comms(proof_data);
271 Base::serialize_to_buffer(libra_concatenation_commitment, proof_data);
272 Base::serialize_to_buffer(libra_sum, proof_data);
273
274 // Sumcheck univariates
275 for (size_t i = 0; i < log_n; ++i) {
276 Base::serialize_to_buffer(this->sumcheck_univariates[i], proof_data);
277 }
278 Base::serialize_to_buffer(libra_claimed_evaluation, proof_data);
279 Base::serialize_to_buffer(this->sumcheck_evaluations, proof_data);
280 Base::serialize_to_buffer(libra_grand_sum_commitment, proof_data);
281 Base::serialize_to_buffer(libra_quotient_commitment, proof_data);
282
283 // Gemini
284 for (size_t i = 0; i < log_n - 1; ++i) {
285 Base::serialize_to_buffer(this->gemini_fold_comms[i], proof_data);
286 }
287 for (size_t i = 0; i < log_n; ++i) {
288 Base::serialize_to_buffer(this->gemini_fold_evals[i], proof_data);
289 }
290 Base::serialize_to_buffer(libra_concatenation_eval, proof_data);
291 Base::serialize_to_buffer(libra_shifted_grand_sum_eval, proof_data);
292 Base::serialize_to_buffer(libra_grand_sum_eval, proof_data);
293 Base::serialize_to_buffer(libra_quotient_eval, proof_data);
294 Base::serialize_to_buffer(this->shplonk_q_comm, proof_data);
295 Base::serialize_to_buffer(this->kzg_w_comm, proof_data);
296
297 BB_ASSERT_EQ(proof_data.size(), old_size);
298 }
299};
300
301// ============================================================================
302// Mega proof structure base with common fields and helper methods
303// ============================================================================
304template <typename Flavor> struct MegaStructuredProofBase : StructuredProofHelper<Flavor> {
305 using Base = StructuredProofHelper<Flavor>;
306 using Base::BATCHED_RELATION_PARTIAL_LENGTH;
307 using Base::NUM_ALL_ENTITIES;
308 using typename Base::Commitment;
309 using typename Base::FF;
310 using typename Base::ProofData;
311
312 // Common fields shared between ZK and non-ZK
313 std::vector<FF> public_inputs;
314 Commitment w_l_comm;
315 Commitment w_r_comm;
316 Commitment w_o_comm;
317 Commitment ecc_op_wire_1_comm;
318 Commitment ecc_op_wire_2_comm;
319 Commitment ecc_op_wire_3_comm;
320 Commitment ecc_op_wire_4_comm;
321 Commitment calldata_comm;
322 Commitment calldata_read_counts_comm;
323 Commitment secondary_calldata_comm;
324 Commitment secondary_calldata_read_counts_comm;
325 Commitment return_data_comm;
326 Commitment return_data_read_counts_comm;
327 Commitment lookup_read_counts_comm;
328 Commitment lookup_read_tags_comm;
329 Commitment w_4_comm;
330 Commitment lookup_inverses_comm;
331 Commitment calldata_inverses_comm;
332 Commitment secondary_calldata_inverses_comm;
333 Commitment return_data_inverses_comm;
334 Commitment z_perm_comm;
335 std::vector<bb::Univariate<FF, BATCHED_RELATION_PARTIAL_LENGTH>> sumcheck_univariates;
336 std::array<FF, NUM_ALL_ENTITIES> sumcheck_evaluations;
337 std::vector<Commitment> gemini_fold_comms;
338 std::vector<FF> gemini_fold_evals;
339 Commitment shplonk_q_comm;
340 Commitment kzg_w_comm;
341
342 protected:
343 void clear_vectors()
344 {
345 public_inputs.clear();
346 sumcheck_univariates.clear();
347 gemini_fold_comms.clear();
348 gemini_fold_evals.clear();
349 }
350
351 // Helper: deserialize Mega witness commitments
352 void deserialize_mega_witness_comms(const ProofData& proof_data, size_t& offset)
353 {
354 w_l_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
355 w_r_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
356 w_o_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
357 ecc_op_wire_1_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
358 ecc_op_wire_2_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
359 ecc_op_wire_3_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
360 ecc_op_wire_4_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
361 calldata_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
362 calldata_read_counts_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
363 secondary_calldata_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
364 secondary_calldata_read_counts_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
365 return_data_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
366 return_data_read_counts_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
367 lookup_read_counts_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
368 lookup_read_tags_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
369 w_4_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
370 lookup_inverses_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
371 calldata_inverses_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
372 secondary_calldata_inverses_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
373 return_data_inverses_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
374 z_perm_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
375 }
376
377 // Helper: serialize Mega witness commitments
378 void serialize_mega_witness_comms(ProofData& proof_data) const
379 {
380 Base::serialize_to_buffer(w_l_comm, proof_data);
381 Base::serialize_to_buffer(w_r_comm, proof_data);
382 Base::serialize_to_buffer(w_o_comm, proof_data);
383 Base::serialize_to_buffer(ecc_op_wire_1_comm, proof_data);
384 Base::serialize_to_buffer(ecc_op_wire_2_comm, proof_data);
385 Base::serialize_to_buffer(ecc_op_wire_3_comm, proof_data);
386 Base::serialize_to_buffer(ecc_op_wire_4_comm, proof_data);
387 Base::serialize_to_buffer(calldata_comm, proof_data);
388 Base::serialize_to_buffer(calldata_read_counts_comm, proof_data);
389 Base::serialize_to_buffer(secondary_calldata_comm, proof_data);
390 Base::serialize_to_buffer(secondary_calldata_read_counts_comm, proof_data);
391 Base::serialize_to_buffer(return_data_comm, proof_data);
392 Base::serialize_to_buffer(return_data_read_counts_comm, proof_data);
393 Base::serialize_to_buffer(lookup_read_counts_comm, proof_data);
394 Base::serialize_to_buffer(lookup_read_tags_comm, proof_data);
395 Base::serialize_to_buffer(w_4_comm, proof_data);
396 Base::serialize_to_buffer(lookup_inverses_comm, proof_data);
397 Base::serialize_to_buffer(calldata_inverses_comm, proof_data);
398 Base::serialize_to_buffer(secondary_calldata_inverses_comm, proof_data);
399 Base::serialize_to_buffer(return_data_inverses_comm, proof_data);
400 Base::serialize_to_buffer(z_perm_comm, proof_data);
401 }
402
403 // Helper: deserialize sumcheck data
404 void deserialize_sumcheck(const ProofData& proof_data, size_t& offset, size_t log_n)
405 {
406 for (size_t i = 0; i < log_n; ++i) {
407 sumcheck_univariates.push_back(
408 this->template deserialize_from_buffer<bb::Univariate<FF, BATCHED_RELATION_PARTIAL_LENGTH>>(proof_data,
409 offset));
410 }
411 sumcheck_evaluations =
412 this->template deserialize_from_buffer<std::array<FF, NUM_ALL_ENTITIES>>(proof_data, offset);
413 }
414
415 // Helper: serialize sumcheck data
416 void serialize_sumcheck(ProofData& proof_data, size_t log_n) const
417 {
418 for (size_t i = 0; i < log_n; ++i) {
419 Base::serialize_to_buffer(sumcheck_univariates[i], proof_data);
420 }
421 Base::serialize_to_buffer(sumcheck_evaluations, proof_data);
422 }
423
424 // Helper: deserialize Gemini/Shplonk/KZG data
425 void deserialize_pcs(const ProofData& proof_data, size_t& offset, size_t log_n)
426 {
427 for (size_t i = 0; i < log_n - 1; ++i) {
428 gemini_fold_comms.push_back(this->template deserialize_from_buffer<Commitment>(proof_data, offset));
429 }
430 for (size_t i = 0; i < log_n; ++i) {
431 gemini_fold_evals.push_back(this->template deserialize_from_buffer<FF>(proof_data, offset));
432 }
433 shplonk_q_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
434 kzg_w_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
435 }
436
437 // Helper: serialize Gemini/Shplonk/KZG data
438 void serialize_pcs(ProofData& proof_data, size_t log_n) const
439 {
440 for (size_t i = 0; i < log_n - 1; ++i) {
441 Base::serialize_to_buffer(gemini_fold_comms[i], proof_data);
442 }
443 for (size_t i = 0; i < log_n; ++i) {
444 Base::serialize_to_buffer(gemini_fold_evals[i], proof_data);
445 }
446 Base::serialize_to_buffer(shplonk_q_comm, proof_data);
447 Base::serialize_to_buffer(kzg_w_comm, proof_data);
448 }
449
450 public:
451 void deserialize(ProofData& proof_data, size_t num_public_inputs, size_t log_n)
452 {
453 size_t offset = 0;
454 clear_vectors();
455
456 for (size_t i = 0; i < num_public_inputs; ++i) {
457 public_inputs.push_back(this->template deserialize_from_buffer<FF>(proof_data, offset));
458 }
459 deserialize_mega_witness_comms(proof_data, offset);
460 deserialize_sumcheck(proof_data, offset, log_n);
461 deserialize_pcs(proof_data, offset, log_n);
462 }
463
464 void serialize(ProofData& proof_data, size_t log_n) const
465 {
466 size_t old_size = proof_data.size();
467 proof_data.clear();
468
469 for (const auto& pi : public_inputs) {
470 Base::serialize_to_buffer(pi, proof_data);
471 }
472 serialize_mega_witness_comms(proof_data);
473 serialize_sumcheck(proof_data, log_n);
474 serialize_pcs(proof_data, log_n);
475
476 BB_ASSERT_EQ(proof_data.size(), old_size);
477 }
478};
479
480// ============================================================================
481// Mega ZK proof structure - extends Mega with ZK-specific fields
482// ============================================================================
483template <typename Flavor> struct MegaZKStructuredProofBase : MegaStructuredProofBase<Flavor> {
484 using Base = MegaStructuredProofBase<Flavor>;
485 using typename Base::Commitment;
486 using typename Base::FF;
487 using typename Base::ProofData;
488
489 // ZK-specific fields
490 Commitment hiding_polynomial_commitment;
491 Commitment libra_concatenation_commitment;
492 FF libra_sum;
493 FF libra_claimed_evaluation;
494 Commitment libra_grand_sum_commitment;
495 Commitment libra_quotient_commitment;
496 FF libra_concatenation_eval;
497 FF libra_shifted_grand_sum_eval;
498 FF libra_grand_sum_eval;
499 FF libra_quotient_eval;
500
501 void deserialize(ProofData& proof_data, size_t num_public_inputs, size_t log_n)
502 {
503 size_t offset = 0;
504 this->clear_vectors();
505
506 for (size_t i = 0; i < num_public_inputs; ++i) {
507 this->public_inputs.push_back(this->template deserialize_from_buffer<FF>(proof_data, offset));
508 }
509 if constexpr (flavor_has_gemini_masking<Flavor>()) {
510 hiding_polynomial_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
511 }
512 this->deserialize_mega_witness_comms(proof_data, offset);
513 libra_concatenation_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
514 libra_sum = this->template deserialize_from_buffer<FF>(proof_data, offset);
515
516 // Sumcheck univariates
517 for (size_t i = 0; i < log_n; ++i) {
518 this->sumcheck_univariates.push_back(
519 this->template deserialize_from_buffer<bb::Univariate<FF, Base::BATCHED_RELATION_PARTIAL_LENGTH>>(
520 proof_data, offset));
521 }
522 libra_claimed_evaluation = this->template deserialize_from_buffer<FF>(proof_data, offset);
523 this->sumcheck_evaluations =
524 this->template deserialize_from_buffer<std::array<FF, Base::NUM_ALL_ENTITIES>>(proof_data, offset);
525 libra_grand_sum_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
526 libra_quotient_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
527
528 // Gemini
529 for (size_t i = 0; i < log_n - 1; ++i) {
530 this->gemini_fold_comms.push_back(this->template deserialize_from_buffer<Commitment>(proof_data, offset));
531 }
532 for (size_t i = 0; i < log_n; ++i) {
533 this->gemini_fold_evals.push_back(this->template deserialize_from_buffer<FF>(proof_data, offset));
534 }
535 libra_concatenation_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
536 libra_shifted_grand_sum_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
537 libra_grand_sum_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
538 libra_quotient_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
539 this->shplonk_q_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
540 this->kzg_w_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
541 }
542
543 void serialize(ProofData& proof_data, size_t log_n) const
544 {
545 size_t old_size = proof_data.size();
546 proof_data.clear();
547
548 for (const auto& pi : this->public_inputs) {
549 Base::serialize_to_buffer(pi, proof_data);
550 }
551 if constexpr (flavor_has_gemini_masking<Flavor>()) {
552 Base::serialize_to_buffer(hiding_polynomial_commitment, proof_data);
553 }
554 this->serialize_mega_witness_comms(proof_data);
555 Base::serialize_to_buffer(libra_concatenation_commitment, proof_data);
556 Base::serialize_to_buffer(libra_sum, proof_data);
557
558 // Sumcheck univariates
559 for (size_t i = 0; i < log_n; ++i) {
560 Base::serialize_to_buffer(this->sumcheck_univariates[i], proof_data);
561 }
562 Base::serialize_to_buffer(libra_claimed_evaluation, proof_data);
563 Base::serialize_to_buffer(this->sumcheck_evaluations, proof_data);
564 Base::serialize_to_buffer(libra_grand_sum_commitment, proof_data);
565 Base::serialize_to_buffer(libra_quotient_commitment, proof_data);
566
567 // Gemini
568 for (size_t i = 0; i < log_n - 1; ++i) {
569 Base::serialize_to_buffer(this->gemini_fold_comms[i], proof_data);
570 }
571 for (size_t i = 0; i < log_n; ++i) {
572 Base::serialize_to_buffer(this->gemini_fold_evals[i], proof_data);
573 }
574 Base::serialize_to_buffer(libra_concatenation_eval, proof_data);
575 Base::serialize_to_buffer(libra_shifted_grand_sum_eval, proof_data);
576 Base::serialize_to_buffer(libra_grand_sum_eval, proof_data);
577 Base::serialize_to_buffer(libra_quotient_eval, proof_data);
578 Base::serialize_to_buffer(this->shplonk_q_comm, proof_data);
579 Base::serialize_to_buffer(this->kzg_w_comm, proof_data);
580
581 BB_ASSERT_EQ(proof_data.size(), old_size);
582 }
583};
584
585// ============================================================================
586// Translator proof structure (always ZK, with interleaved claims)
587// ============================================================================
588template <typename Flavor> struct TranslatorStructuredProofBase : StructuredProofHelper<Flavor> {
589 using Base = StructuredProofHelper<Flavor>;
590 using Base::BATCHED_RELATION_PARTIAL_LENGTH;
591 using Base::NUM_ALL_ENTITIES;
592 using typename Base::Commitment;
593 using typename Base::FF;
594 using typename Base::ProofData;
595
596 // Number of wire commitments sent in proof (concatenated + ordered range constraints)
597 static constexpr size_t NUM_BATCH_WITNESS_COMMS = Flavor::NUM_COMMITMENTS_IN_PROOF;
598 // Minicircuit evaluations are sent mid-sumcheck after LOG_MINI_CIRCUIT_SIZE rounds
599 static constexpr size_t LOG_MINI_CIRCUIT_SIZE = Flavor::LOG_MINI_CIRCUIT_SIZE;
600 static constexpr size_t NUM_MINICIRCUIT_EVALUATIONS = Flavor::NUM_MINICIRCUIT_EVALUATIONS;
601 static constexpr size_t NUM_FULL_CIRCUIT_EVALUATIONS = Flavor::NUM_FULL_CIRCUIT_EVALUATIONS;
602
603 // Witness commitments
604 Commitment gemini_masking_poly_comm;
605 std::vector<Commitment> witness_comms; // non-opqueue wires + ordered range constraints
606 Commitment z_perm_comm;
607
608 // Libra (ZK - Translator is always ZK)
609 Commitment libra_concatenation_commitment;
610 FF libra_sum;
611
612 // Sumcheck: univariates are split around interleaved minicircuit evaluations
613 std::vector<bb::Univariate<FF, BATCHED_RELATION_PARTIAL_LENGTH>> sumcheck_univariates;
614 // Minicircuit wire evaluations (sent mid-sumcheck after LOG_MINI_CIRCUIT_SIZE rounds)
615 std::array<FF, NUM_MINICIRCUIT_EVALUATIONS> minicircuit_evaluations;
616 // Full-circuit evaluations (sent after all sumcheck rounds)
617 std::array<FF, NUM_FULL_CIRCUIT_EVALUATIONS> full_circuit_evaluations;
618 FF libra_claimed_evaluation;
619
620 // Post-sumcheck Libra commitments
621 Commitment libra_grand_sum_commitment;
622 Commitment libra_quotient_commitment;
623
624 // Gemini/Shplemini
625 std::vector<Commitment> gemini_fold_comms;
626 std::vector<FF> gemini_fold_evals;
627
628 // Libra evaluations
629 FF libra_concatenation_eval;
630 FF libra_shifted_grand_sum_eval;
631 FF libra_grand_sum_eval;
632 FF libra_quotient_eval;
633
634 // Final PCS
635 Commitment shplonk_q_comm;
636 Commitment kzg_w_comm;
637
638 void deserialize(ProofData& proof_data, size_t /*num_public_inputs*/, size_t log_n)
639 {
640 size_t offset = 0;
641 witness_comms.clear();
642 sumcheck_univariates.clear();
643 gemini_fold_comms.clear();
644 gemini_fold_evals.clear();
645
646 // Witness commitments
647 gemini_masking_poly_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
648 for (size_t i = 0; i < NUM_BATCH_WITNESS_COMMS; ++i) {
649 witness_comms.push_back(this->template deserialize_from_buffer<Commitment>(proof_data, offset));
650 }
651 z_perm_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
652
653 // Libra pre-sumcheck
654 libra_concatenation_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
655 libra_sum = this->template deserialize_from_buffer<FF>(proof_data, offset);
656
657 // Sumcheck univariates (first LOG_MINI_CIRCUIT_SIZE rounds)
658 for (size_t i = 0; i < LOG_MINI_CIRCUIT_SIZE; ++i) {
659 sumcheck_univariates.push_back(
660 this->template deserialize_from_buffer<bb::Univariate<FF, BATCHED_RELATION_PARTIAL_LENGTH>>(proof_data,
661 offset));
662 }
663 // Minicircuit evaluations (interleaved mid-sumcheck)
664 minicircuit_evaluations =
665 this->template deserialize_from_buffer<std::array<FF, NUM_MINICIRCUIT_EVALUATIONS>>(proof_data, offset);
666 // Sumcheck univariates (remaining rounds)
667 for (size_t i = LOG_MINI_CIRCUIT_SIZE; i < log_n; ++i) {
668 sumcheck_univariates.push_back(
669 this->template deserialize_from_buffer<bb::Univariate<FF, BATCHED_RELATION_PARTIAL_LENGTH>>(proof_data,
670 offset));
671 }
672 // Full-circuit evaluations (excludes computable precomputed + concatenated + minicircuit)
673 full_circuit_evaluations =
674 this->template deserialize_from_buffer<std::array<FF, NUM_FULL_CIRCUIT_EVALUATIONS>>(proof_data, offset);
675 libra_claimed_evaluation = this->template deserialize_from_buffer<FF>(proof_data, offset);
676
677 // Libra post-sumcheck commitments
678 libra_grand_sum_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
679 libra_quotient_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
680
681 // Gemini fold commitments and evaluations
682 for (size_t i = 0; i < log_n - 1; ++i) {
683 gemini_fold_comms.push_back(this->template deserialize_from_buffer<Commitment>(proof_data, offset));
684 }
685 for (size_t i = 0; i < log_n; ++i) {
686 gemini_fold_evals.push_back(this->template deserialize_from_buffer<FF>(proof_data, offset));
687 }
688
689 // Libra evaluations
690 libra_concatenation_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
691 libra_shifted_grand_sum_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
692 libra_grand_sum_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
693 libra_quotient_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
694
695 // Final PCS
696 shplonk_q_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
697 kzg_w_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
698 }
699
700 void serialize(ProofData& proof_data, size_t log_n) const
701 {
702 size_t old_size = proof_data.size();
703 proof_data.clear();
704
705 // Witness commitments
706 Base::serialize_to_buffer(gemini_masking_poly_comm, proof_data);
707 for (const auto& comm : witness_comms) {
708 Base::serialize_to_buffer(comm, proof_data);
709 }
710 Base::serialize_to_buffer(z_perm_comm, proof_data);
711
712 // Libra pre-sumcheck
713 Base::serialize_to_buffer(libra_concatenation_commitment, proof_data);
714 Base::serialize_to_buffer(libra_sum, proof_data);
715
716 // Sumcheck univariates (first LOG_MINI_CIRCUIT_SIZE rounds)
717 for (size_t i = 0; i < LOG_MINI_CIRCUIT_SIZE; ++i) {
718 Base::serialize_to_buffer(sumcheck_univariates[i], proof_data);
719 }
720 // Minicircuit evaluations (interleaved mid-sumcheck)
721 Base::serialize_to_buffer(minicircuit_evaluations, proof_data);
722 // Sumcheck univariates (remaining rounds)
723 for (size_t i = LOG_MINI_CIRCUIT_SIZE; i < log_n; ++i) {
724 Base::serialize_to_buffer(sumcheck_univariates[i], proof_data);
725 }
726 // Full-circuit evaluations
727 Base::serialize_to_buffer(full_circuit_evaluations, proof_data);
728 Base::serialize_to_buffer(libra_claimed_evaluation, proof_data);
729
730 // Libra post-sumcheck commitments
731 Base::serialize_to_buffer(libra_grand_sum_commitment, proof_data);
732 Base::serialize_to_buffer(libra_quotient_commitment, proof_data);
733
734 // Gemini fold commitments and evaluations
735 for (size_t i = 0; i < log_n - 1; ++i) {
736 Base::serialize_to_buffer(gemini_fold_comms[i], proof_data);
737 }
738 for (size_t i = 0; i < log_n; ++i) {
739 Base::serialize_to_buffer(gemini_fold_evals[i], proof_data);
740 }
741
742 // Libra evaluations
743 Base::serialize_to_buffer(libra_concatenation_eval, proof_data);
744 Base::serialize_to_buffer(libra_shifted_grand_sum_eval, proof_data);
745 Base::serialize_to_buffer(libra_grand_sum_eval, proof_data);
746 Base::serialize_to_buffer(libra_quotient_eval, proof_data);
747
748 // Final PCS
749 Base::serialize_to_buffer(shplonk_q_comm, proof_data);
750 Base::serialize_to_buffer(kzg_w_comm, proof_data);
751
752 BB_ASSERT_EQ(proof_data.size(), old_size);
753 }
754};
755
756// ============================================================================
757// ECCVM proof structure (always ZK, committed sumcheck, translation sub-protocol)
758// ============================================================================
759template <typename Flavor> struct ECCVMStructuredProofBase : StructuredProofHelper<Flavor> {
760 using Base = StructuredProofHelper<Flavor>;
761 using Base::NUM_ALL_ENTITIES;
762 using typename Base::Commitment;
763 using typename Base::FF;
764 using typename Base::ProofData;
765
766 // Witness commitments (masking_poly + NUM_WIRES wires + lookup_inverses + z_perm)
767 Commitment gemini_masking_poly_comm;
768 std::vector<Commitment> wire_comms;
769 Commitment lookup_inverses_comm;
770 Commitment z_perm_comm;
771
772 // Libra pre-sumcheck
773 Commitment libra_concatenation_commitment;
774 FF libra_sum;
775
776 // Committed sumcheck rounds (each round: commitment + eval_0 + eval_1, interleaved in proof)
777 std::vector<Commitment> sumcheck_round_comms;
778 std::vector<FF> sumcheck_round_eval_0s;
779 std::vector<FF> sumcheck_round_eval_1s;
780
781 // Sumcheck evaluations
782 std::array<FF, NUM_ALL_ENTITIES> sumcheck_evaluations;
783
784 // Libra post-sumcheck
785 FF libra_claimed_evaluation;
786 Commitment libra_grand_sum_commitment;
787 Commitment libra_quotient_commitment;
788
789 // Gemini/Shplemini
790 std::vector<Commitment> gemini_fold_comms;
791 std::vector<FF> gemini_fold_evals;
792
793 // Libra SmallSubgroupIPA evaluations
794 FF libra_concatenation_eval;
795 FF libra_shifted_grand_sum_eval;
796 FF libra_grand_sum_eval;
797 FF libra_quotient_eval;
798
799 // First Shplonk Q (from Shplemini)
800 Commitment shplonk_q_comm;
801
802 // Translation data
803 Commitment translation_masking_comm;
804 FF translation_op_eval;
805 FF translation_Px_eval;
806 FF translation_Py_eval;
807 FF translation_z1_eval;
808 FF translation_z2_eval;
809 FF translation_masking_eval;
810 Commitment translation_grand_sum_commitment;
811 Commitment translation_quotient_commitment;
812 FF translation_concatenation_eval;
813 FF translation_shifted_grand_sum_eval;
814 FF translation_grand_sum_eval;
815 FF translation_quotient_eval;
816
817 // Final Shplonk Q
818 Commitment final_shplonk_q_comm;
819
820 void deserialize(ProofData& proof_data, size_t /*num_public_inputs*/, size_t log_n)
821 {
822 size_t offset = 0;
823 wire_comms.clear();
824 sumcheck_round_comms.clear();
825 sumcheck_round_eval_0s.clear();
826 sumcheck_round_eval_1s.clear();
827 gemini_fold_comms.clear();
828 gemini_fold_evals.clear();
829
830 // Witness commitments
831 gemini_masking_poly_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
832 for (size_t i = 0; i < Flavor::NUM_WIRES; ++i) {
833 wire_comms.push_back(this->template deserialize_from_buffer<Commitment>(proof_data, offset));
834 }
835 lookup_inverses_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
836 z_perm_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
837
838 // Libra pre-sumcheck
839 libra_concatenation_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
840 libra_sum = this->template deserialize_from_buffer<FF>(proof_data, offset);
841
842 // Committed sumcheck rounds (interleaved: comm, eval_0, eval_1 per round)
843 for (size_t i = 0; i < log_n; ++i) {
844 sumcheck_round_comms.push_back(this->template deserialize_from_buffer<Commitment>(proof_data, offset));
845 sumcheck_round_eval_0s.push_back(this->template deserialize_from_buffer<FF>(proof_data, offset));
846 sumcheck_round_eval_1s.push_back(this->template deserialize_from_buffer<FF>(proof_data, offset));
847 }
848
849 // Sumcheck evaluations
850 sumcheck_evaluations =
851 this->template deserialize_from_buffer<std::array<FF, NUM_ALL_ENTITIES>>(proof_data, offset);
852
853 // Libra post-sumcheck
854 libra_claimed_evaluation = this->template deserialize_from_buffer<FF>(proof_data, offset);
855 libra_grand_sum_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
856 libra_quotient_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
857
858 // Gemini fold commitments and evaluations
859 for (size_t i = 0; i < log_n - 1; ++i) {
860 gemini_fold_comms.push_back(this->template deserialize_from_buffer<Commitment>(proof_data, offset));
861 }
862 for (size_t i = 0; i < log_n; ++i) {
863 gemini_fold_evals.push_back(this->template deserialize_from_buffer<FF>(proof_data, offset));
864 }
865
866 // Libra SmallSubgroupIPA evaluations
867 libra_concatenation_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
868 libra_shifted_grand_sum_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
869 libra_grand_sum_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
870 libra_quotient_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
871
872 // First Shplonk Q
873 shplonk_q_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
874
875 // Translation data
876 translation_masking_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
877 translation_op_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
878 translation_Px_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
879 translation_Py_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
880 translation_z1_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
881 translation_z2_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
882 translation_masking_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
883 translation_grand_sum_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
884 translation_quotient_commitment = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
885 translation_concatenation_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
886 translation_shifted_grand_sum_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
887 translation_grand_sum_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
888 translation_quotient_eval = this->template deserialize_from_buffer<FF>(proof_data, offset);
889
890 // Final Shplonk Q
891 final_shplonk_q_comm = this->template deserialize_from_buffer<Commitment>(proof_data, offset);
892 }
893
894 void serialize(ProofData& proof_data, size_t log_n) const
895 {
896 size_t old_size = proof_data.size();
897 proof_data.clear();
898
899 // Witness commitments
900 Base::serialize_to_buffer(gemini_masking_poly_comm, proof_data);
901 for (const auto& comm : wire_comms) {
902 Base::serialize_to_buffer(comm, proof_data);
903 }
904 Base::serialize_to_buffer(lookup_inverses_comm, proof_data);
905 Base::serialize_to_buffer(z_perm_comm, proof_data);
906
907 // Libra pre-sumcheck
908 Base::serialize_to_buffer(libra_concatenation_commitment, proof_data);
909 Base::serialize_to_buffer(libra_sum, proof_data);
910
911 // Committed sumcheck rounds
912 for (size_t i = 0; i < log_n; ++i) {
913 Base::serialize_to_buffer(sumcheck_round_comms[i], proof_data);
914 Base::serialize_to_buffer(sumcheck_round_eval_0s[i], proof_data);
915 Base::serialize_to_buffer(sumcheck_round_eval_1s[i], proof_data);
916 }
917
918 // Sumcheck evaluations
919 Base::serialize_to_buffer(sumcheck_evaluations, proof_data);
920
921 // Libra post-sumcheck
922 Base::serialize_to_buffer(libra_claimed_evaluation, proof_data);
923 Base::serialize_to_buffer(libra_grand_sum_commitment, proof_data);
924 Base::serialize_to_buffer(libra_quotient_commitment, proof_data);
925
926 // Gemini fold commitments and evaluations
927 for (size_t i = 0; i < log_n - 1; ++i) {
928 Base::serialize_to_buffer(gemini_fold_comms[i], proof_data);
929 }
930 for (size_t i = 0; i < log_n; ++i) {
931 Base::serialize_to_buffer(gemini_fold_evals[i], proof_data);
932 }
933
934 // Libra SmallSubgroupIPA evaluations
935 Base::serialize_to_buffer(libra_concatenation_eval, proof_data);
936 Base::serialize_to_buffer(libra_shifted_grand_sum_eval, proof_data);
937 Base::serialize_to_buffer(libra_grand_sum_eval, proof_data);
938 Base::serialize_to_buffer(libra_quotient_eval, proof_data);
939
940 // First Shplonk Q
941 Base::serialize_to_buffer(shplonk_q_comm, proof_data);
942
943 // Translation data
944 Base::serialize_to_buffer(translation_masking_comm, proof_data);
945 Base::serialize_to_buffer(translation_op_eval, proof_data);
946 Base::serialize_to_buffer(translation_Px_eval, proof_data);
947 Base::serialize_to_buffer(translation_Py_eval, proof_data);
948 Base::serialize_to_buffer(translation_z1_eval, proof_data);
949 Base::serialize_to_buffer(translation_z2_eval, proof_data);
950 Base::serialize_to_buffer(translation_masking_eval, proof_data);
951 Base::serialize_to_buffer(translation_grand_sum_commitment, proof_data);
952 Base::serialize_to_buffer(translation_quotient_commitment, proof_data);
953 Base::serialize_to_buffer(translation_concatenation_eval, proof_data);
954 Base::serialize_to_buffer(translation_shifted_grand_sum_eval, proof_data);
955 Base::serialize_to_buffer(translation_grand_sum_eval, proof_data);
956 Base::serialize_to_buffer(translation_quotient_eval, proof_data);
957
958 // Final Shplonk Q
959 Base::serialize_to_buffer(final_shplonk_q_comm, proof_data);
960
961 BB_ASSERT_EQ(proof_data.size(), old_size);
962 }
963};
964
965// ============================================================================
966// Flavor Specializations
967// ============================================================================
968
969// Ultra flavors (non-ZK)
970template <> struct StructuredProof<UltraFlavor> : UltraStructuredProofBase<UltraFlavor> {};
971template <> struct StructuredProof<UltraKeccakFlavor> : UltraStructuredProofBase<UltraKeccakFlavor> {};
972
973// Ultra ZK flavors
974template <> struct StructuredProof<UltraZKFlavor> : UltraZKStructuredProofBase<UltraZKFlavor> {};
975template <> struct StructuredProof<UltraKeccakZKFlavor> : UltraZKStructuredProofBase<UltraKeccakZKFlavor> {};
976
977// Mega flavors
978template <> struct StructuredProof<MegaFlavor> : MegaStructuredProofBase<MegaFlavor> {};
979template <> struct StructuredProof<MegaZKFlavor> : MegaZKStructuredProofBase<MegaZKFlavor> {};
980
981// Translator flavor
982template <> struct StructuredProof<TranslatorFlavor> : TranslatorStructuredProofBase<TranslatorFlavor> {};
983
984// ECCVM flavor
985template <> struct StructuredProof<ECCVMFlavor> : ECCVMStructuredProofBase<ECCVMFlavor> {};
986
987} // namespace bb
BB_ASSERT_EQ
#define BB_ASSERT_EQ(actual, expected,...)
Definition assert.hpp:83
BB_ASSERT_LTE
#define BB_ASSERT_LTE(left, right,...)
Definition assert.hpp:158
bb::BaseTranscript::Proof
std::vector< DataType > Proof
Definition transcript.hpp:46
bb::ECCVMFlavor::FF
typename Curve::ScalarField FF
Definition eccvm_flavor.hpp:43
bb::ECCVMFlavor::NUM_ALL_ENTITIES
static constexpr size_t NUM_ALL_ENTITIES
Definition eccvm_flavor.hpp:79
bb::ECCVMFlavor::Commitment
typename G1::affine_element Commitment
Definition eccvm_flavor.hpp:47
bb::ECCVMFlavor::NUM_WIRES
static constexpr size_t NUM_WIRES
Definition eccvm_flavor.hpp:70
bb::ECCVMFlavor::BATCHED_RELATION_PARTIAL_LENGTH
static constexpr size_t BATCHED_RELATION_PARTIAL_LENGTH
Definition eccvm_flavor.hpp:141
bb::ECCVMFlavor::Transcript
BaseTranscript< Codec, HashFunction > Transcript
Definition eccvm_flavor.hpp:53
bb::Univariate
A univariate polynomial represented by its values on {0, 1,..., domain_end - 1}.
Definition univariate.hpp:32
eccvm_flavor.hpp
offset
ssize_t offset
Definition engine.cpp:62
flavor_concepts.hpp
mega_flavor.hpp
mega_zk_flavor.hpp
bb
Entry point for Barretenberg command-line interface.
Definition api.hpp:5
std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13
bb::ECCVMStructuredProofBase::gemini_fold_comms
std::vector< Commitment > gemini_fold_comms
Definition proof_structures.hpp:790
bb::ECCVMStructuredProofBase::Commitment
typename Flavor::Commitment Commitment
Definition proof_structures.hpp:36
bb::ECCVMStructuredProofBase::wire_comms
std::vector< Commitment > wire_comms
Definition proof_structures.hpp:768
bb::ECCVMStructuredProofBase::deserialize
void deserialize(ProofData &proof_data, size_t, size_t log_n)
Definition proof_structures.hpp:820
bb::ECCVMStructuredProofBase::sumcheck_round_eval_1s
std::vector< FF > sumcheck_round_eval_1s
Definition proof_structures.hpp:779
bb::ECCVMStructuredProofBase::sumcheck_round_comms
std::vector< Commitment > sumcheck_round_comms
Definition proof_structures.hpp:777
bb::ECCVMStructuredProofBase::sumcheck_evaluations
std::array< FF, NUM_ALL_ENTITIES > sumcheck_evaluations
Definition proof_structures.hpp:782
bb::ECCVMStructuredProofBase::ProofData
typename Transcript::Proof ProofData
Definition proof_structures.hpp:39
bb::ECCVMStructuredProofBase::serialize
void serialize(ProofData &proof_data, size_t log_n) const
Definition proof_structures.hpp:894
bb::ECCVMStructuredProofBase::sumcheck_round_eval_0s
std::vector< FF > sumcheck_round_eval_0s
Definition proof_structures.hpp:778
bb::MegaStructuredProofBase::deserialize_mega_witness_comms
void deserialize_mega_witness_comms(const ProofData &proof_data, size_t &offset)
Definition proof_structures.hpp:352
bb::MegaStructuredProofBase::Commitment
typename Flavor::Commitment Commitment
Definition proof_structures.hpp:36
bb::MegaStructuredProofBase::deserialize_pcs
void deserialize_pcs(const ProofData &proof_data, size_t &offset, size_t log_n)
Definition proof_structures.hpp:425
bb::MegaStructuredProofBase::gemini_fold_comms
std::vector< Commitment > gemini_fold_comms
Definition proof_structures.hpp:337
bb::MegaStructuredProofBase::serialize
void serialize(ProofData &proof_data, size_t log_n) const
Definition proof_structures.hpp:464
bb::MegaStructuredProofBase::serialize_mega_witness_comms
void serialize_mega_witness_comms(ProofData &proof_data) const
Definition proof_structures.hpp:378
bb::MegaStructuredProofBase::serialize_sumcheck
void serialize_sumcheck(ProofData &proof_data, size_t log_n) const
Definition proof_structures.hpp:416
bb::MegaStructuredProofBase::serialize_pcs
void serialize_pcs(ProofData &proof_data, size_t log_n) const
Definition proof_structures.hpp:438
bb::MegaStructuredProofBase::sumcheck_evaluations
std::array< FF, NUM_ALL_ENTITIES > sumcheck_evaluations
Definition proof_structures.hpp:336
bb::MegaStructuredProofBase::deserialize
void deserialize(ProofData &proof_data, size_t num_public_inputs, size_t log_n)
Definition proof_structures.hpp:451
bb::MegaStructuredProofBase::deserialize_sumcheck
void deserialize_sumcheck(const ProofData &proof_data, size_t &offset, size_t log_n)
Definition proof_structures.hpp:404
bb::MegaStructuredProofBase::sumcheck_univariates
std::vector< bb::Univariate< FF, BATCHED_RELATION_PARTIAL_LENGTH > > sumcheck_univariates
Definition proof_structures.hpp:335
bb::MegaStructuredProofBase::ProofData
typename Transcript::Proof ProofData
Definition proof_structures.hpp:39
bb::MegaZKStructuredProofBase::deserialize
void deserialize(ProofData &proof_data, size_t num_public_inputs, size_t log_n)
Definition proof_structures.hpp:501
bb::MegaZKStructuredProofBase::Commitment
typename Flavor::Commitment Commitment
Definition proof_structures.hpp:36
bb::MegaZKStructuredProofBase::ProofData
typename Transcript::Proof ProofData
Definition proof_structures.hpp:39
bb::MegaZKStructuredProofBase::serialize
void serialize(ProofData &proof_data, size_t log_n) const
Definition proof_structures.hpp:543
bb::StructuredProofHelper::serialize_to_buffer
static void serialize_to_buffer(const T &element, ProofData &proof_data)
Definition proof_structures.hpp:53
bb::StructuredProofHelper::NUM_ALL_ENTITIES
static constexpr size_t NUM_ALL_ENTITIES
Definition proof_structures.hpp:41
bb::StructuredProofHelper::deserialize_from_buffer
static T deserialize_from_buffer(const ProofData &proof_data, size_t &offset)
Definition proof_structures.hpp:44
bb::StructuredProofHelper::Commitment
typename Flavor::Commitment Commitment
Definition proof_structures.hpp:36
bb::StructuredProofHelper::BATCHED_RELATION_PARTIAL_LENGTH
static constexpr size_t BATCHED_RELATION_PARTIAL_LENGTH
Definition proof_structures.hpp:40
bb::StructuredProofHelper::Codec
typename Transcript::Codec Codec
Definition proof_structures.hpp:38
bb::StructuredProofHelper::ProofData
typename Transcript::Proof ProofData
Definition proof_structures.hpp:39
bb::StructuredProofHelper::Transcript
typename Flavor::Transcript Transcript
Definition proof_structures.hpp:37
bb::StructuredProof
Test utility for deserializing/serializing proof data into typed structures.
Definition proof_structures.hpp:29
bb::TranslatorStructuredProofBase::deserialize
void deserialize(ProofData &proof_data, size_t, size_t log_n)
Definition proof_structures.hpp:638
bb::TranslatorStructuredProofBase::serialize
void serialize(ProofData &proof_data, size_t log_n) const
Definition proof_structures.hpp:700
bb::TranslatorStructuredProofBase::Commitment
typename Flavor::Commitment Commitment
Definition proof_structures.hpp:36
bb::TranslatorStructuredProofBase::full_circuit_evaluations
std::array< FF, NUM_FULL_CIRCUIT_EVALUATIONS > full_circuit_evaluations
Definition proof_structures.hpp:617
bb::TranslatorStructuredProofBase::minicircuit_evaluations
std::array< FF, NUM_MINICIRCUIT_EVALUATIONS > minicircuit_evaluations
Definition proof_structures.hpp:615
bb::TranslatorStructuredProofBase::gemini_fold_comms
std::vector< Commitment > gemini_fold_comms
Definition proof_structures.hpp:625
bb::TranslatorStructuredProofBase::witness_comms
std::vector< Commitment > witness_comms
Definition proof_structures.hpp:605
bb::TranslatorStructuredProofBase::ProofData
typename Transcript::Proof ProofData
Definition proof_structures.hpp:39
bb::TranslatorStructuredProofBase::sumcheck_univariates
std::vector< bb::Univariate< FF, BATCHED_RELATION_PARTIAL_LENGTH > > sumcheck_univariates
Definition proof_structures.hpp:613
bb::UltraStructuredProofBase::serialize
void serialize(ProofData &proof_data, size_t log_n) const
Definition proof_structures.hpp:184
bb::UltraStructuredProofBase::gemini_fold_comms
std::vector< Commitment > gemini_fold_comms
Definition proof_structures.hpp:83
bb::UltraStructuredProofBase::deserialize_ultra_witness_comms
void deserialize_ultra_witness_comms(const ProofData &proof_data, size_t &offset)
Definition proof_structures.hpp:98
bb::UltraStructuredProofBase::sumcheck_evaluations
std::array< FF, NUM_ALL_ENTITIES > sumcheck_evaluations
Definition proof_structures.hpp:82
bb::UltraStructuredProofBase::Commitment
typename Flavor::Commitment Commitment
Definition proof_structures.hpp:36
bb::UltraStructuredProofBase::deserialize_sumcheck
void deserialize_sumcheck(const ProofData &proof_data, size_t &offset, size_t log_n)
Definition proof_structures.hpp:124
bb::UltraStructuredProofBase::serialize_ultra_witness_comms
void serialize_ultra_witness_comms(ProofData &proof_data) const
Definition proof_structures.hpp:111
bb::UltraStructuredProofBase::deserialize
void deserialize(ProofData &proof_data, size_t num_public_inputs, size_t log_n)
Definition proof_structures.hpp:171
bb::UltraStructuredProofBase::sumcheck_univariates
std::vector< bb::Univariate< FF, BATCHED_RELATION_PARTIAL_LENGTH > > sumcheck_univariates
Definition proof_structures.hpp:81
bb::UltraStructuredProofBase::serialize_pcs
void serialize_pcs(ProofData &proof_data, size_t log_n) const
Definition proof_structures.hpp:158
bb::UltraStructuredProofBase::deserialize_pcs
void deserialize_pcs(const ProofData &proof_data, size_t &offset, size_t log_n)
Definition proof_structures.hpp:145
bb::UltraStructuredProofBase::serialize_sumcheck
void serialize_sumcheck(ProofData &proof_data, size_t log_n) const
Definition proof_structures.hpp:136
bb::UltraStructuredProofBase::ProofData
typename Transcript::Proof ProofData
Definition proof_structures.hpp:39
bb::UltraZKStructuredProofBase::serialize
void serialize(ProofData &proof_data, size_t log_n) const
Definition proof_structures.hpp:261
bb::UltraZKStructuredProofBase::Commitment
typename Flavor::Commitment Commitment
Definition proof_structures.hpp:36
bb::UltraZKStructuredProofBase::deserialize
void deserialize(ProofData &proof_data, size_t num_public_inputs, size_t log_n)
Definition proof_structures.hpp:221
bb::UltraZKStructuredProofBase::ProofData
typename Transcript::Proof ProofData
Definition proof_structures.hpp:39
translator_flavor.hpp
ultra_flavor.hpp
ultra_keccak_flavor.hpp
ultra_keccak_zk_flavor.hpp
ultra_zk_flavor.hpp