Add ParamsVerifierKZG
#318
Conversation
davidnevadoc
force-pushed
the
nev@refactor-pcs-params
branch
from
f533336
to
af68bf3
Compare
davidnevadoc
force-pushed
the
nev@refactor-pcs-params
branch
2 times, most recently
from
1d67d87
to
d9958e2
Compare
| pub trait ParamsVerifier<'params, C: CurveAffine>: Params<'params, C> {} | ||
| pub trait ParamsVerifier<'params, C: CurveAffine>: Params<C> { | ||
| /// Multiscalar multiplication engine | ||
| type MSM: MSM<C> + 'params; |
There was a problem hiding this comment.
I wonder why the verifier needs an MSM engine 🤔
I guess this is the verifier that commits?
There was a problem hiding this comment.
This is not obvious at all. I believe this is inherited from the original only-IPA design. At that point, it made sense to provide the MSM engine together with the CRS for IPA. When KZG was introduced, this was left here because KZG also uses an MSM, not for the final verification like IPA, but for the accumulation of partial verifications.
| @@ -190,7 +178,7 @@ pub trait Verifier<'params, Scheme: CommitmentScheme> { | |||
| const QUERY_INSTANCE: bool; | |||
|
|
|||
| /// Creates new verifier instance | |||
| fn new(params: &'params Scheme::ParamsVerifier) -> Self; | |||
| fn new() -> Self; | |||
There was a problem hiding this comment.
I would like to understand this change better.
There was a problem hiding this comment.
This is part of a series of changes that remove the parameters from the traits and structs it was not used in.
The motivation originally was to try to get rid of the 'params lifetime where possible. This led me to realize that the parameters where being passed around but not used in many places: MSM and Verifier are the principal examples.
I should remark that, somewhat counter-intuitively, Verifier never verifies (and hence doesn't need the parameters). It just makes partial verifications and accumulations.
In short, it changes nothing from a functionality standpoint, it's just an attempt to make things a bit cleaner.
| fn get_g(&self) -> &[C]; | ||
|
|
||
| /// Returns verification parameters. | ||
| fn verifier_params(&'params self) -> &'params Self::ParamsVerifier; |
There was a problem hiding this comment.
How do we transform ParamsProver to ParamsVerifier now?
There was a problem hiding this comment.
The new signature is :
fn verifier_params(&self) -> Self::ParamsVerifier
Since the new ParamsVerifier is just s_g2, no issue creating it from scratch.
| 1 << self.k | ||
| } | ||
|
|
||
| fn commit_lagrange( |
There was a problem hiding this comment.
👀
Is there any way where we could have a clean separation between KZG prover and verifier, and then on top of that build an object that can verify large commitments and commit small vectors?
There was a problem hiding this comment.
I think there is and it is very desirable!
The question is if we want to refactor that here, or work on a new version of the backend altogether.
| pub fn into_verifier_params(self) -> ParamsVerifierKZG<E> { | ||
| ParamsVerifierKZG { | ||
| k: self.k, | ||
| g_lagrange: self.g_lagrange, |
There was a problem hiding this comment.
What's the length of this vector? Where does ParamsVerifierKZG become small?
|
I've addressed the comments and updated the PR description with the changes. Can you give this another pass, pls? @ed255 |
davidnevadoc
force-pushed
the
nev@refactor-pcs-params
branch
from
c6d7f71
to
0e196a5
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #318 +/- ##
==========================================
- Coverage 80.98% 80.86% -0.13%
==========================================
Files 80 80
Lines 16532 16567 +35
==========================================
+ Hits 13389 13397 +8
- Misses 3143 3170 +27 ☔ View full report in Codecov by Sentry. |
davidnevadoc
force-pushed
the
nev@refactor-pcs-params
branch
2 times, most recently
from
b16baab
to
61f55e6
Compare
Remove params use from `verify_proof`. It only uses the generator of G1, and this is fixed in the curve. refactor: rm params from GWC, SHPLONK Verifiers The verifier just takes care of partial verification, the pairing is not checked until the last phase. As a result, params are not needed at that stage. refactor: rm params from IPA Verifier refactor: rm params from Verifier::new() refactor: rm KZGParams from DualMSM, GuardKZG ParamsVerifierKZG are now in the structs that implmentent VerifierStrategy: SingleStrategy and AccumulatorStrategy. ParamsVerifierKZG is no longer reference with explicit lifetime. This struct should be small, only the s_g2 point, so this is fine. refactor: rm get_g from Params refactor: add ParamsVerifierKZG refactor: move downsize to ParamsProver refactor: move empty_msm to ParamsVerifier refactor: remove 'params from Params/ProverParams refactor: fix TODOs & leftover refactor: verfier_params -> into_verfier_params
chore: remove leftovers fix: remove needless From impl chore: remove leftover TODO chore: remove unused import fix:compress_selector with new verifier_params
This is a small refactor around the PCS parameters, proposed as an alternative to this PR : #301
Changes
Add new struct:
ParamsVerifierKZG.This struct only contains
s_g2and the domain sizek. Since it does not contain the SRS the verifier that uses these params is not able to commit to the public inputs. Commitment to the public inputs is currently disabled for both kzg-based versions of the verifier gwc and shplonk).In case the verifier wants to commit to the PI it should use the original
ParamsKZG, which remain unchanged.Attempt at cleaning up.
Methods that were exclusive for the verifier or the prover have been moved from
ParamstoParamsVerifierandParamsProverrespectively.Some structs and traits no longer contain the parameters and as a result, no longer need the explicit
'paramslifetime.Closes #280