feat: SVM support for GrandProduct

a16z · Aug 29, 2024 · 5f8baed · 5f8baed
1 parent f859c11
commit 5f8baed
Show file tree

Hide file tree

Showing 32 changed files with 700 additions and 250 deletions.
diff --git a/jolt-core/Cargo.toml b/jolt-core/Cargo.toml
@@ -20,7 +20,7 @@ license-file = "LICENSE"
 keywords = ["SNARK", "cryptography", "proofs"]
 
 [dependencies]
-jolt-types = { path = "../jolt-types" }
+jolt-types = { path = "../jolt-types", default-features = true }
 ark-bn254 = "0.4.0"
 ark-ec = { version = "0.4.2", default-features = false }
 ark-ff = { version = "0.4.2", default-features = false }

diff --git a/jolt-core/src/jolt/subtable/srl.rs b/jolt-core/src/jolt/subtable/srl.rs
@@ -1,6 +1,6 @@
 use ark_std::log2;
-use std::cmp::min;
 use jolt_types::field::JoltField;
+use std::cmp::min;
 use std::marker::PhantomData;
 
 use super::LassoSubtable;

diff --git a/jolt-core/src/jolt/vm/instruction_lookups.rs b/jolt-core/src/jolt/vm/instruction_lookups.rs
@@ -1,3 +1,4 @@
+use super::JoltTraceStep;
 use crate::jolt::instruction::{JoltInstructionSet, SubtableIndices};
 use crate::jolt::subtable::JoltSubtableSet;
 use crate::lasso::memory_checking::MultisetHashes;
@@ -10,13 +11,13 @@ use crate::{
         eq_poly::EqPolynomial,
         identity_poly::IdentityPolynomial,
         structured_poly::{StructuredCommitment, StructuredOpeningProof},
-        unipoly::{CompressedUniPoly, UniPoly},
     },
-    subprotocols::sumcheck::SumcheckInstanceProof,
 };
 use ark_serialize::{CanonicalDeserialize, CanonicalSerialize};
 use itertools::{interleave, Itertools};
 use jolt_types::field::JoltField;
+use jolt_types::poly::unipoly::{CompressedUniPoly, UniPoly};
+use jolt_types::subprotocols::sumcheck::SumcheckInstanceProof;
 use jolt_types::utils::mul_0_1_optimized;
 use jolt_types::utils::{
     errors::ProofVerifyError,
@@ -28,8 +29,6 @@ use rayon::prelude::*;
 use std::marker::PhantomData;
 use tracing::trace_span;
 
-use super::JoltTraceStep;
-
 /// All polynomials associated with Jolt instruction lookups.
 pub struct InstructionPolynomials<F, C>
 where

diff --git a/jolt-core/src/jolt/vm/read_write_memory.rs b/jolt-core/src/jolt/vm/read_write_memory.rs
@@ -12,6 +12,7 @@ use std::sync::{Arc, Mutex};
 use super::JoltTraceStep;
 use super::{timestamp_range_check::TimestampValidityProof, JoltCommitments, JoltPolynomials};
 use crate::poly::commitment::commitment_scheme::{BatchType, CommitShape, CommitmentScheme};
+use crate::subprotocols::sumcheck::SumcheckProve;
 use crate::{
     lasso::memory_checking::{
         MemoryCheckingProof, MemoryCheckingProver, MemoryCheckingVerifier, MultisetHashes,
@@ -21,14 +22,14 @@ use crate::{
         dense_mlpoly::DensePolynomial, eq_poly::EqPolynomial, identity_poly::IdentityPolynomial,
         structured_poly::StructuredOpeningProof,
     },
-    subprotocols::sumcheck::SumcheckInstanceProof,
 };
 use ark_serialize::{CanonicalDeserialize, CanonicalSerialize};
 use common::constants::{
     memory_address_to_witness_index, BYTES_PER_INSTRUCTION, MEMORY_OPS_PER_INSTRUCTION,
     RAM_OPS_PER_INSTRUCTION, RAM_START_ADDRESS, REGISTER_COUNT, REG_OPS_PER_INSTRUCTION,
 };
 use common::rv_trace::{JoltDevice, MemoryLayout, MemoryOp};
+use jolt_types::subprotocols::sumcheck::SumcheckInstanceProof;
 use jolt_types::utils::transcript::AppendToTranscript;
 use jolt_types::utils::{
     errors::ProofVerifyError, math::Math, mul_0_optimized, transcript::ProofTranscript,

diff --git a/jolt-core/src/lasso/surge.rs b/jolt-core/src/lasso/surge.rs
@@ -4,6 +4,7 @@ use jolt_types::field::JoltField;
 use rayon::iter::{IntoParallelIterator, IntoParallelRefIterator, ParallelIterator};
 use std::marker::{PhantomData, Sync};
 
+use crate::subprotocols::sumcheck::SumcheckProve;
 use crate::{
     jolt::instruction::JoltInstruction,
     lasso::memory_checking::{MemoryCheckingProof, MemoryCheckingProver, MemoryCheckingVerifier},
@@ -14,8 +15,8 @@ use crate::{
         identity_poly::IdentityPolynomial,
         structured_poly::{StructuredCommitment, StructuredOpeningProof},
     },
-    subprotocols::sumcheck::SumcheckInstanceProof,
 };
+use jolt_types::subprotocols::sumcheck::SumcheckInstanceProof;
 use jolt_types::utils::{
     errors::ProofVerifyError, math::Math, mul_0_1_optimized, transcript::ProofTranscript,
 };

diff --git a/jolt-core/src/poly/commitment/hyperkzg.rs b/jolt-core/src/poly/commitment/hyperkzg.rs
@@ -15,7 +15,7 @@ use crate::poly::commitment::commitment_scheme::CommitShape;
 use crate::utils::thread::unsafe_allocate_zero_vec;
 use crate::{
     msm::VariableBaseMSM,
-    poly::{commitment::kzg::SRS, dense_mlpoly::DensePolynomial, unipoly::UniPoly},
+    poly::{commitment::kzg::SRS, dense_mlpoly::DensePolynomial},
 };
 use ark_ec::{pairing::Pairing, AffineRepr, CurveGroup};
 use ark_serialize::{CanonicalDeserialize, CanonicalSerialize};
@@ -36,6 +36,7 @@ use std::{marker::PhantomData, sync::Arc};
 use tracing::trace_span;
 
 pub use jolt_types::poly::commitment::hyperkzg::{HyperKZGProof, HyperKZGVerifierKey};
+use jolt_types::poly::unipoly::UniPoly;
 
 pub struct HyperKZGSRS<P: Pairing>(Arc<SRS<P>>);
 

diff --git a/jolt-core/src/poly/commitment/kzg.rs b/jolt-core/src/poly/commitment/kzg.rs
@@ -1,10 +1,10 @@
 use crate::msm::VariableBaseMSM;
-use crate::poly::unipoly::UniPoly;
 use ark_ec::scalar_mul::fixed_base::FixedBase;
 use ark_ec::{pairing::Pairing, AffineRepr, CurveGroup};
 use ark_ff::PrimeField;
 use ark_std::{One, UniformRand, Zero};
 use jolt_types::field::JoltField;
+use jolt_types::poly::unipoly::UniPoly;
 use jolt_types::utils::errors::ProofVerifyError;
 use rand_core::{CryptoRng, RngCore};
 use std::marker::PhantomData;

diff --git a/jolt-core/src/poly/commitment/zeromorph.rs b/jolt-core/src/poly/commitment/zeromorph.rs
@@ -4,7 +4,7 @@
 use std::{iter, marker::PhantomData};
 
 use crate::msm::VariableBaseMSM;
-use crate::poly::{dense_mlpoly::DensePolynomial, unipoly::UniPoly};
+use crate::poly::dense_mlpoly::DensePolynomial;
 use crate::utils::thread::unsafe_allocate_zero_vec;
 use ark_ec::{pairing::Pairing, AffineRepr, CurveGroup};
 use ark_ff::{batch_inversion, Field};
@@ -22,12 +22,12 @@ use rand_core::{CryptoRng, RngCore};
 use std::sync::Arc;
 use tracing::trace_span;
 
-use rayon::prelude::*;
-
 use super::{
     commitment_scheme::{BatchType, CommitShape, CommitmentScheme},
     kzg::{KZGProverKey, KZGVerifierKey, UnivariateKZG, SRS},
 };
+use jolt_types::poly::unipoly::UniPoly;
+use rayon::prelude::*;
 
 pub struct ZeromorphSRS<P: Pairing>(Arc<SRS<P>>);
 

diff --git a/jolt-core/src/poly/mod.rs b/jolt-core/src/poly/mod.rs
@@ -3,4 +3,3 @@ pub mod dense_mlpoly;
 pub mod eq_poly;
 pub mod identity_poly;
 pub mod structured_poly;
-pub mod unipoly;
diff --git a/jolt-core/src/r1cs/spartan.rs b/jolt-core/src/r1cs/spartan.rs
@@ -14,13 +14,11 @@ use jolt_types::utils::transcript::ProofTranscript;
 
 use thiserror::Error;
 
-use crate::{
-    poly::{dense_mlpoly::DensePolynomial, eq_poly::EqPolynomial},
-    subprotocols::sumcheck::SumcheckInstanceProof,
-};
-
 use super::builder::CombinedUniformBuilder;
 use super::ops::ConstraintInput;
+use crate::poly::{dense_mlpoly::DensePolynomial, eq_poly::EqPolynomial};
+use crate::subprotocols::sumcheck::SumcheckProve;
+use jolt_types::subprotocols::sumcheck::SumcheckInstanceProof;
 
 #[derive(Clone, Debug, Eq, PartialEq, Error)]
 pub enum SpartanError {

diff --git a/jolt-core/src/subprotocols/grand_product.rs b/jolt-core/src/subprotocols/grand_product.rs
@@ -1,38 +1,19 @@
 use super::grand_product_quarks::QuarkGrandProductProof;
-use super::sumcheck::{BatchedCubicSumcheck, SumcheckInstanceProof};
+use super::sumcheck::BatchedCubicSumcheck;
 use crate::poly::commitment::commitment_scheme::CommitmentScheme;
+use crate::poly::dense_mlpoly::DensePolynomial;
 use crate::poly::eq_poly::EqPolynomial;
-use crate::poly::{dense_mlpoly::DensePolynomial, unipoly::UniPoly};
 use crate::utils::thread::drop_in_background_thread;
 use ark_ff::Zero;
 use ark_serialize::*;
 use itertools::Itertools;
 use jolt_types::field::{JoltField, OptimizedMul};
+use jolt_types::poly::unipoly::UniPoly;
+use jolt_types::subprotocols::grand_product::BatchedGrandProductLayerProof;
 use jolt_types::utils::math::Math;
 use jolt_types::utils::transcript::ProofTranscript;
 use rayon::prelude::*;
 
-#[derive(CanonicalSerialize, CanonicalDeserialize)]
-pub struct BatchedGrandProductLayerProof<F: JoltField> {
-    pub proof: SumcheckInstanceProof<F>,
-    pub left_claims: Vec<F>,
-    pub right_claims: Vec<F>,
-}
-
-impl<F: JoltField> BatchedGrandProductLayerProof<F> {
-    pub fn verify(
-        &self,
-        claim: F,
-        num_rounds: usize,
-        degree_bound: usize,
-        transcript: &mut ProofTranscript,
-    ) -> (F, Vec<F>) {
-        self.proof
-            .verify(claim, num_rounds, degree_bound, transcript)
-            .unwrap()
-    }
-}
-
 #[derive(CanonicalSerialize, CanonicalDeserialize)]
 pub struct BatchedGrandProductProof<C: CommitmentScheme> {
     pub layers: Vec<BatchedGrandProductLayerProof<C::Field>>,

diff --git a/jolt-core/src/subprotocols/grand_product_quarks.rs b/jolt-core/src/subprotocols/grand_product_quarks.rs
@@ -2,14 +2,15 @@ use super::grand_product::{
     BatchedDenseGrandProductLayer, BatchedGrandProduct, BatchedGrandProductLayer,
     BatchedGrandProductProof,
 };
-use super::sumcheck::SumcheckInstanceProof;
 use crate::poly::commitment::commitment_scheme::{BatchType, CommitmentScheme};
 use crate::poly::dense_mlpoly::DensePolynomial;
 use crate::poly::eq_poly::EqPolynomial;
+use crate::subprotocols::sumcheck::SumcheckProve;
 use ark_serialize::*;
 use ark_std::{One, Zero};
 use itertools::Itertools;
 use jolt_types::field::JoltField;
+use jolt_types::subprotocols::sumcheck::SumcheckInstanceProof;
 use jolt_types::utils::math::Math;
 use jolt_types::utils::transcript::{AppendToTranscript, ProofTranscript};
 use rayon::prelude::*;