Struct arrabbiata::witness::Program

source · 
pub struct Program<Fp: PrimeField, Fq: PrimeField, E1: ArrabbiataCurve<ScalarField = Fp, BaseField = Fq>>where
    E1::BaseField: PrimeField,
    <<E1 as CommitmentCurve>::Params as CurveConfig>::BaseField: PrimeField,{
    pub accumulated_committed_state: Vec<PolyComm<E1>>,
    pub previous_committed_state: Vec<PolyComm<E1>>,
    pub accumulated_program_state: Vec<Vec<E1::ScalarField>>,
    pub accumulated_challenges: Challenges<BigInt>,
    pub previous_challenges: Challenges<BigInt>,
}
Expand description

A running program that the (folding) interpreter has access to.

Fields§

§accumulated_committed_state: Vec<PolyComm<E1>>

Commitments to the accumulated program state.

In Nova language, this is the commitment to the witness accumulator.

§previous_committed_state: Vec<PolyComm<E1>>

Commitments to the previous program states.

In Nova language, this is the commitment to the previous witness.

§accumulated_program_state: Vec<Vec<E1::ScalarField>>

Accumulated witness for the program state.

In Nova language, this is the accumulated witness W.

The size of the outer vector must be equal to the number of columns in the circuit. The size of the inner vector must be equal to the number of rows in the circuit.

§accumulated_challenges: Challenges<BigInt>

List of the accumulated challenges over time.

§previous_challenges: Challenges<BigInt>

Challenges during the last computation. This field is useful to keep track of the challenges that must be verified in circuit.

Implementations§

source§

impl<Fp: PrimeField, Fq: PrimeField, E1: ArrabbiataCurve<ScalarField = Fp, BaseField = Fq>> Program<Fp, Fq, E1>where E1::BaseField: PrimeField, <<E1 as CommitmentCurve>::Params as CurveConfig>::BaseField: PrimeField,

source

pub fn new(srs_size: usize, blinder: E1) -> Self

source

pub fn commit_state( &mut self, srs: &SRS<E1>, domain: EvaluationDomains<E1::ScalarField>, witness: &[Vec<BigInt>] )

Commit to the program state and updating the environment with the result.

This method is supposed to be called after a new iteration of the program has been executed.

source

pub fn absorb_state(&mut self, digest: BigInt) -> Vec<BigInt>

Absorb the last committed program state in the correct sponge.

For a description of the messages to be given to the sponge, including the expected instantiation, refer to the section “Message Passing” in crate::interpreter.

source

pub fn coin_challenge(&self, sponge_state: Vec<BigInt>) -> (BigInt, Vec<BigInt>)

Simulate an interaction with the verifier by requesting to coin a challenge from the current prover sponge state.

This method supposes that all the messages have been sent to the verifier previously, and the attribute [self.prover_sponge_state] has been updated accordingly by absorbing all the messages correctly.

The side-effect of this method will be to run a permutation on the sponge state after coining the challenge. There is an hypothesis on the sponge state that the inner permutation has been correctly executed if the absorbtion rate had been reached at the last absorbtion.

The challenge will be added to the [self.challenges] attribute at the position given by the challenge chal.

Internally, the method is implemented by simply loading the prover sponge state, and squeezing a challenge from it, relying on the implementation of the sponge. Usually, the challenge would be the first N bits of the first element, but it is left as an implementation detail of the sponge given by the curve.

source

pub fn accumulate_program_state( &mut self, chal: BigInt, witness: &[Vec<BigInt>] )

Accumulate the program state (or in other words, the witness), by adding the last computed program state into the program state accumulator.

This method is supposed to be called after the program state has been committed (by calling [self.commit_state]) and absorbed (by calling [self.absorb_state]). The “relation randomiser” must also have been coined and saved in the environment before, by calling [self.coin_challenge].

The program state is accumulated into a different accumulator, depending on the curve currently being used.

This is part of the work the prover of the accumulation/folding scheme.

This must translate the following equation:

acc_(p, n + 1) = acc_(p, n) * chal w
              OR
acc_(q, n + 1) = acc_(q, n) * chal w

where acc and w are vectors of the same size.

source

pub fn accumulate_committed_state(&mut self, chal: BigInt)

Accumulate the committed state by adding the last committed state into the committed state accumulator.

The commitments are accumulated into a different accumulator, depending on the curve currently being used.

This is part of the work the prover of the accumulation/folding scheme.

This must translate the following equation:

C_(p, n + 1) = C_(p, n) + chal * comm
              OR
C_(q, n + 1) = C_(q, n) + chal * comm

Note that the committed program state is encoded in crate::NUMBER_OF_COLUMNS values, therefore we must iterate over all the columns to accumulate the committed state.

Auto Trait Implementations§

§

impl<Fp, Fq, E1> RefUnwindSafe for Program<Fp, Fq, E1>where E1: RefUnwindSafe, Fp: RefUnwindSafe,

§

impl<Fp, Fq, E1> Send for Program<Fp, Fq, E1>

§

impl<Fp, Fq, E1> Sync for Program<Fp, Fq, E1>

§

impl<Fp, Fq, E1> Unpin for Program<Fp, Fq, E1>where E1: Unpin, Fp: Unpin,

§

impl<Fp, Fq, E1> UnwindSafe for Program<Fp, Fq, E1>where E1: UnwindSafe, Fp: UnwindSafe,

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for Twhere U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> Pointable for T

§

const ALIGN: usize = mem::align_of::<T>()

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
source§

impl<T> Same<T> for T

§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for Twhere V: MultiLane<T>,

§

fn vzip(self) -> V