arrabbiata/lib.rs
1use curve::PlonkSpongeConstants;
2use mina_poseidon::constants::SpongeConstants;
3use strum::EnumCount as _;
4
5pub mod challenge;
6pub mod cli;
7pub mod column;
8pub mod constraint;
9pub mod curve;
10
11/// The final decider, i.e. the SNARK used on the accumulation scheme.
12pub mod decider;
13
14pub mod interpreter;
15pub mod logup;
16pub mod poseidon_3_60_0_5_5_fp;
17pub mod poseidon_3_60_0_5_5_fq;
18pub mod setup;
19pub mod witness;
20
21/// The maximum degree of the polynomial that can be represented by the
22/// polynomial-time function the library supports.
23pub const MAX_DEGREE: usize = 5;
24
25/// The minimum SRS size required to use Nova, in base 2.
26pub const MIN_SRS_LOG2_SIZE: usize = 8;
27
28/// The maximum number of columns that can be used in the circuit.
29pub const NUMBER_OF_COLUMNS: usize = 15;
30
31/// The number of rows the verifier circuit requires.
32// FIXME:
33// We will increase the verifier circuit size step by step, while we are finishing
34// the implementation.
35// 1. We start by absorbing all the accumulators of each column. Adding one at
36// the end for now as the Poseidon circuit writes on the next row. This would be
37// changing in the near future as we're polishing the circuit.
38// Absorbing + executing the permutation takes
39// (PlonkSpongeConstants::PERM_ROUNDS_FULL / 5 + 1) rows.
40pub const VERIFIER_CIRCUIT_SIZE: usize =
41 (PlonkSpongeConstants::PERM_ROUNDS_FULL / 5 + 1) * NUMBER_OF_COLUMNS + 1;
42
43/// The maximum number of bits the fields can be.
44/// It is critical as we have some assumptions for the gadgets describing the
45/// verifier circuit.
46pub const MAXIMUM_FIELD_SIZE_IN_BITS: u64 = 255;
47
48/// Define the number of values we must absorb when computating the hash to the
49/// public IO.
50///
51/// FIXME:
52/// For now, it is the number of columns as we are only absorbing the
53/// accumulators, which consists of 2 native field elements. However, it doesn't
54/// make the protocol sound. We must absorb, in addition to that the index,
55/// the application inputs/outputs.
56/// It is left for the future as at this time, we're still sketching the
57/// verifier circuit.
58pub const NUMBER_OF_VALUES_TO_ABSORB_PUBLIC_IO: usize = NUMBER_OF_COLUMNS * 2;
59
60/// The number of gadgets supported by the program
61pub const NUMBER_OF_GADGETS: usize =
62 column::Gadget::COUNT + (PlonkSpongeConstants::PERM_ROUNDS_FULL / 5);
63
64/// The arity of the multivariate polynomials describing the constraints.
65/// We consider, erroneously, that a public input can be considered as a
66/// column and fit an entire polynomial. This is subject to change, as most
67/// values considered as public inputs at the moment are fixed for the
68/// relation. We also suppose that the private inputs on the next row can be
69/// used, hence the multiplication by two.
70///
71/// It is going to be used to convert into the representation used in [mvpoly].
72pub const MV_POLYNOMIAL_ARITY: usize = NUMBER_OF_COLUMNS * 2;