chore: SmallSubgroupIPA tests (#11106)

This PR is a follow-up to AztecProtocol/aztec-packages#10773
AztecProtocol · Jan 11, 2025 · 6e7f5e3 · 6e7f5e3
1 parent 530d7c2
commit 6e7f5e3
Show file tree

Hide file tree

Showing 7 changed files with 628 additions and 106 deletions.
diff --git a/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp b/cpp/src/barretenberg/commitment_schemes/commitment_key.test.hpp
@@ -14,44 +14,54 @@ namespace bb {
 constexpr size_t COMMITMENT_TEST_NUM_BN254_POINTS = 4096;
 constexpr size_t COMMITMENT_TEST_NUM_GRUMPKIN_POINTS = 1 << CONST_ECCVM_LOG_N;
 
-template <class CK> inline std::shared_ptr<CK> CreateCommitmentKey();
+template <class CK> inline std::shared_ptr<CK> create_commitment_key(const size_t num_points = 0);
 
-template <> inline std::shared_ptr<CommitmentKey<curve::BN254>> CreateCommitmentKey<CommitmentKey<curve::BN254>>()
+template <>
+inline std::shared_ptr<CommitmentKey<curve::BN254>> create_commitment_key<CommitmentKey<curve::BN254>>(
+    const size_t num_points)
 {
     srs::init_crs_factory(bb::srs::get_ignition_crs_path());
+    if (num_points != 0) {
+        return std::make_shared<CommitmentKey<curve::BN254>>(num_points);
+    };
     return std::make_shared<CommitmentKey<curve::BN254>>(COMMITMENT_TEST_NUM_BN254_POINTS);
 }
 // For IPA
-template <> inline std::shared_ptr<CommitmentKey<curve::Grumpkin>> CreateCommitmentKey<CommitmentKey<curve::Grumpkin>>()
+template <>
+inline std::shared_ptr<CommitmentKey<curve::Grumpkin>> create_commitment_key<CommitmentKey<curve::Grumpkin>>(
+    const size_t num_points)
 {
     srs::init_grumpkin_crs_factory(bb::srs::get_grumpkin_crs_path());
+    if (num_points != 0) {
+        return std::make_shared<CommitmentKey<curve::Grumpkin>>(num_points);
+    }
     return std::make_shared<CommitmentKey<curve::Grumpkin>>(COMMITMENT_TEST_NUM_GRUMPKIN_POINTS);
 }
 
-template <typename CK> inline std::shared_ptr<CK> CreateCommitmentKey()
+template <typename CK> inline std::shared_ptr<CK> create_commitment_key(size_t num_points)
 // requires std::default_initializable<CK>
 {
-    return std::make_shared<CK>();
+    return std::make_shared<CK>(num_points);
 }
 
-template <class VK> inline std::shared_ptr<VK> CreateVerifierCommitmentKey();
+template <class VK> inline std::shared_ptr<VK> create_verifier_commitment_key();
 
 template <>
-inline std::shared_ptr<VerifierCommitmentKey<curve::BN254>> CreateVerifierCommitmentKey<
+inline std::shared_ptr<VerifierCommitmentKey<curve::BN254>> create_verifier_commitment_key<
     VerifierCommitmentKey<curve::BN254>>()
 {
     return std::make_shared<VerifierCommitmentKey<curve::BN254>>();
 }
 // For IPA
 template <>
-inline std::shared_ptr<VerifierCommitmentKey<curve::Grumpkin>> CreateVerifierCommitmentKey<
+inline std::shared_ptr<VerifierCommitmentKey<curve::Grumpkin>> create_verifier_commitment_key<
     VerifierCommitmentKey<curve::Grumpkin>>()
 {
     auto crs_factory = std::make_shared<srs::factories::FileCrsFactory<curve::Grumpkin>>(
         bb::srs::get_grumpkin_crs_path(), COMMITMENT_TEST_NUM_GRUMPKIN_POINTS);
     return std::make_shared<VerifierCommitmentKey<curve::Grumpkin>>(COMMITMENT_TEST_NUM_GRUMPKIN_POINTS, crs_factory);
 }
-template <typename VK> inline std::shared_ptr<VK> CreateVerifierCommitmentKey()
+template <typename VK> inline std::shared_ptr<VK> create_verifier_commitment_key()
 // requires std::default_initializable<VK>
 {
     return std::make_shared<VK>();
@@ -149,10 +159,10 @@ template <typename Curve> class CommitmentTest : public ::testing::Test {
     {
         // Avoid reallocating static objects if called in subclasses of FooTest.
         if (commitment_key == nullptr) {
-            commitment_key = CreateCommitmentKey<CK>();
+            commitment_key = create_commitment_key<CK>();
         }
         if (verification_key == nullptr) {
-            verification_key = CreateVerifierCommitmentKey<VK>();
+            verification_key = create_verifier_commitment_key<VK>();
         }
     }
 

diff --git a/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp b/cpp/src/barretenberg/commitment_schemes/gemini/gemini_impl.hpp
@@ -124,6 +124,15 @@ std::vector<typename GeminiProver_<Curve>::Claim> GeminiProver_<Curve>::prove(
     }
     const Fr r_challenge = transcript->template get_challenge<Fr>("Gemini:r");
 
+    const bool gemini_challenge_in_small_subgroup = (has_zk) && (r_challenge.pow(Curve::SUBGROUP_SIZE) == Fr(1));
+
+    // If Gemini evaluation challenge lands in the multiplicative subgroup used by SmallSubgroupIPA protocol, the
+    // evaluations of prover polynomials at this challenge would leak witness data.
+    // TODO(https://github.com/AztecProtocol/barretenberg/issues/1194). Handle edge cases in PCS
+    if (gemini_challenge_in_small_subgroup) {
+        throw_or_abort("Gemini evaluation challenge is in the SmallSubgroup.");
+    }
+
     std::vector<Claim> claims =
         compute_fold_polynomial_evaluations(log_n, std::move(fold_polynomials), r_challenge, std::move(batched_group));