From 463724a974e7d2365c363c1f09f6343ba2113443 Mon Sep 17 00:00:00 2001 From: adria0 Date: Fri, 18 Oct 2024 12:02:44 +0200 Subject: [PATCH] Remove binding from powerquery --- halo2_backend/src/plonk/lookup/prover.rs | 21 ++----------- halo2_backend/src/plonk/permutation/prover.rs | 14 ++------- halo2_backend/src/plonk/prover.rs | 3 +- halo2_backend/src/plonk/shuffle/prover.rs | 8 +---- halo2_backend/src/plonk/vanishing/prover.rs | 18 +---------- halo2_backend/src/plonk/verifier.rs | 5 ---- halo2_backend/src/plonk/verifier/batch.rs | 30 ------------------- halo2_backend/src/poly/multiopen_test.rs | 3 -- halo2_backend/src/poly/query.rs | 12 ++------ halo2_proofs/tests/frontend_backend_split.rs | 4 +-- 10 files changed, 14 insertions(+), 104 deletions(-) delete mode 100644 halo2_backend/src/plonk/verifier/batch.rs diff --git a/halo2_backend/src/plonk/lookup/prover.rs b/halo2_backend/src/plonk/lookup/prover.rs index 9f25fe9f13..69535a7289 100644 --- a/halo2_backend/src/plonk/lookup/prover.rs +++ b/halo2_backend/src/plonk/lookup/prover.rs @@ -30,21 +30,16 @@ pub(in crate::plonk) struct Permuted { compressed_input_expression: Polynomial, permuted_input_expression: Polynomial, permuted_input_poly: Polynomial, - permuted_input_blind: Blind, compressed_table_expression: Polynomial, permuted_table_expression: Polynomial, permuted_table_poly: Polynomial, - permuted_table_blind: Blind, } #[derive(Debug)] pub(in crate::plonk) struct Committed { pub(in crate::plonk) permuted_input_poly: Polynomial, - permuted_input_blind: Blind, pub(in crate::plonk) permuted_table_poly: Polynomial, - permuted_table_blind: Blind, pub(in crate::plonk) product_poly: Polynomial, - product_blind: Blind, } pub(in crate::plonk) struct Evaluated { @@ -130,15 +125,15 @@ where let poly = pk.vk.domain.lagrange_to_coeff(values.clone()); let blind = Blind(C::Scalar::random(&mut rng)); let commitment = params.commit_lagrange(&engine.msm_backend, values, blind); - (poly, blind, commitment) + (poly, commitment) }; // Commit to permuted input expression - let (permuted_input_poly, permuted_input_blind, permuted_input_commitment_projective) = + let (permuted_input_poly, permuted_input_commitment_projective) = commit_values(&permuted_input_expression); // Commit to permuted table expression - let (permuted_table_poly, permuted_table_blind, permuted_table_commitment_projective) = + let (permuted_table_poly, permuted_table_commitment_projective) = commit_values(&permuted_table_expression); let [permuted_input_commitment, permuted_table_commitment] = { @@ -163,11 +158,9 @@ where compressed_input_expression, permuted_input_expression, permuted_input_poly, - permuted_input_blind, compressed_table_expression, permuted_table_expression, permuted_table_poly, - permuted_table_blind, }) } @@ -313,11 +306,8 @@ impl Permuted { Ok(Committed:: { permuted_input_poly: self.permuted_input_poly, - permuted_input_blind: self.permuted_input_blind, permuted_table_poly: self.permuted_table_poly, - permuted_table_blind: self.permuted_table_blind, product_poly: z, - product_blind, }) } } @@ -368,31 +358,26 @@ impl Evaluated { .chain(Some(ProverQuery { point: *x, poly: &self.constructed.product_poly, - blind: self.constructed.product_blind, })) // Open lookup input commitments at x .chain(Some(ProverQuery { point: *x, poly: &self.constructed.permuted_input_poly, - blind: self.constructed.permuted_input_blind, })) // Open lookup table commitments at x .chain(Some(ProverQuery { point: *x, poly: &self.constructed.permuted_table_poly, - blind: self.constructed.permuted_table_blind, })) // Open lookup input commitments at x_inv .chain(Some(ProverQuery { point: x_inv, poly: &self.constructed.permuted_input_poly, - blind: self.constructed.permuted_input_blind, })) // Open lookup product commitments at x_next .chain(Some(ProverQuery { point: x_next, poly: &self.constructed.product_poly, - blind: self.constructed.product_blind, })) } } diff --git a/halo2_backend/src/plonk/permutation/prover.rs b/halo2_backend/src/plonk/permutation/prover.rs index 486da63b77..a3ae97f765 100644 --- a/halo2_backend/src/plonk/permutation/prover.rs +++ b/halo2_backend/src/plonk/permutation/prover.rs @@ -29,7 +29,6 @@ use halo2_middleware::poly::Rotation; /// It stores a single `Z_P` in [permutation argument specification](https://zcash.github.io/halo2/design/proving-system/permutation.html#argument-specification). pub(crate) struct CommittedSet { pub(crate) permutation_product_poly: Polynomial, - permutation_product_blind: Blind, } /// Set of permutation product polynomials, which have been **committed**. @@ -182,7 +181,6 @@ pub(in crate::plonk) fn permutation_commit< let permutation_product_commitment = params .commit_lagrange(&engine.msm_backend, &z, blind) .to_affine(); - let permutation_product_blind = blind; let permutation_product_poly = domain.lagrange_to_coeff(z); // Hash the permutation product commitment @@ -190,7 +188,6 @@ pub(in crate::plonk) fn permutation_commit< sets.push(CommittedSet { permutation_product_poly, - permutation_product_blind, }); } @@ -202,11 +199,9 @@ impl super::ProvingKey { &self, x: ChallengeX, ) -> impl Iterator> + Clone { - self.polys.iter().map(move |poly| ProverQuery { - point: *x, - poly, - blind: Blind::default(), - }) + self.polys + .iter() + .map(move |poly| ProverQuery { point: *x, poly }) } pub(in crate::plonk) fn evaluate, T: TranscriptWrite>( @@ -290,12 +285,10 @@ impl Evaluated { .chain(Some(ProverQuery { point: *x, poly: &set.permutation_product_poly, - blind: set.permutation_product_blind, })) .chain(Some(ProverQuery { point: x_next, poly: &set.permutation_product_poly, - blind: set.permutation_product_blind, })) })) // Open it at \omega^{last} x for all but the last set. This rotation is only @@ -311,7 +304,6 @@ impl Evaluated { Some(ProverQuery { point: x_last, poly: &set.permutation_product_poly, - blind: set.permutation_product_blind, }) }), ) diff --git a/halo2_backend/src/plonk/prover.rs b/halo2_backend/src/plonk/prover.rs index 3a0d93eea0..08538d81df 100644 --- a/halo2_backend/src/plonk/prover.rs +++ b/halo2_backend/src/plonk/prover.rs @@ -613,7 +613,6 @@ impl< .map(move |&(column, at)| ProverQuery { point: self.pk.vk.domain.rotate_omega(*x, at), poly: &advice.advice_polys[column.index], - blind: advice.advice_blinds[column.index], }), ) // Permutations @@ -633,7 +632,7 @@ impl< .map(|&(column, at)| ProverQuery { point: self.pk.vk.domain.rotate_omega(*x, at), poly: &self.pk.fixed_polys[column.index], - blind: Blind::default(), + // blind: Blind::default(), }), ) // Copy constraints diff --git a/halo2_backend/src/plonk/shuffle/prover.rs b/halo2_backend/src/plonk/shuffle/prover.rs index cc01a65255..b940f164a7 100644 --- a/halo2_backend/src/plonk/shuffle/prover.rs +++ b/halo2_backend/src/plonk/shuffle/prover.rs @@ -29,7 +29,6 @@ struct Compressed { #[derive(Debug)] pub(in crate::plonk) struct Committed { pub(in crate::plonk) product_poly: Polynomial, - product_blind: Blind, } pub(in crate::plonk) struct Evaluated { @@ -198,10 +197,7 @@ where // Hash product commitment transcript.write_point(product_commitment)?; - Ok(Committed:: { - product_poly: z, - product_blind, - }) + Ok(Committed:: { product_poly: z }) } impl Committed { @@ -242,13 +238,11 @@ impl Evaluated { .chain(Some(ProverQuery { point: *x, poly: &self.constructed.product_poly, - blind: self.constructed.product_blind, })) // Open shuffle product commitments at x_next .chain(Some(ProverQuery { point: x_next, poly: &self.constructed.product_poly, - blind: self.constructed.product_blind, })) } } diff --git a/halo2_backend/src/plonk/vanishing/prover.rs b/halo2_backend/src/plonk/vanishing/prover.rs index 96ce797ee4..691a55de61 100644 --- a/halo2_backend/src/plonk/vanishing/prover.rs +++ b/halo2_backend/src/plonk/vanishing/prover.rs @@ -21,18 +21,15 @@ use crate::{ pub(in crate::plonk) struct Committed { random_poly: Polynomial, - random_blind: Blind, } pub(in crate::plonk) struct Constructed { h_pieces: Vec>, - h_blinds: Vec>, committed: Committed, } pub(in crate::plonk) struct Evaluated { h_poly: Polynomial, - h_blind: Blind, committed: Committed, } @@ -90,10 +87,7 @@ impl Argument { .to_affine(); transcript.write_point(c)?; - Ok(Committed { - random_poly, - random_blind, - }) + Ok(Committed { random_poly }) } } @@ -149,7 +143,6 @@ impl Committed { Ok(Constructed { h_pieces, - h_blinds, committed: self, }) } @@ -169,18 +162,11 @@ impl Constructed { .rev() .fold(domain.empty_coeff(), |acc, eval| acc * xn + eval); - let h_blind = self - .h_blinds - .iter() - .rev() - .fold(Blind(C::Scalar::ZERO), |acc, eval| acc * Blind(xn) + *eval); - let random_eval = eval_polynomial(&self.committed.random_poly, *x); transcript.write_scalar(random_eval)?; Ok(Evaluated { h_poly, - h_blind, committed: self.committed, }) } @@ -195,12 +181,10 @@ impl Evaluated { .chain(Some(ProverQuery { point: *x, poly: &self.h_poly, - blind: self.h_blind, })) .chain(Some(ProverQuery { point: *x, poly: &self.committed.random_poly, - blind: self.committed.random_blind, })) } } diff --git a/halo2_backend/src/plonk/verifier.rs b/halo2_backend/src/plonk/verifier.rs index af505e15b1..bfefcab625 100644 --- a/halo2_backend/src/plonk/verifier.rs +++ b/halo2_backend/src/plonk/verifier.rs @@ -18,11 +18,6 @@ use crate::poly::{ }; use crate::transcript::{read_n_scalars, EncodedChallenge, TranscriptRead}; -#[cfg(feature = "batch")] -mod batch; -#[cfg(feature = "batch")] -pub use batch::BatchVerifier; - /// Returns a boolean indicating whether or not the proof is valid. Verifies a single proof (not /// batched). pub fn verify_proof<'params, Scheme, V, E, T, Strategy>( diff --git a/halo2_backend/src/plonk/verifier/batch.rs b/halo2_backend/src/plonk/verifier/batch.rs deleted file mode 100644 index acb59826c8..0000000000 --- a/halo2_backend/src/plonk/verifier/batch.rs +++ /dev/null @@ -1,30 +0,0 @@ -use halo2_middleware::ff::FromUniformBytes; -use halo2curves::CurveAffine; - -#[derive(Debug)] -struct BatchItem { - instances: Vec>>, - proof: Vec, -} - -/// A verifier that checks multiple proofs in a batch. **This requires the -/// `batch` crate feature to be enabled.** -#[derive(Debug, Default)] -pub struct BatchVerifier { - items: Vec>, -} - -impl BatchVerifier -where - C::Scalar: FromUniformBytes<64>, -{ - /// Constructs a new batch verifier. - pub fn new() -> Self { - Self { items: vec![] } - } - - /// Adds a proof to the batch. - pub fn add_proof(&mut self, instances: Vec>>, proof: Vec) { - self.items.push(BatchItem { instances, proof }) - } -} diff --git a/halo2_backend/src/poly/multiopen_test.rs b/halo2_backend/src/poly/multiopen_test.rs index bd34c169d9..a2246ac6f9 100644 --- a/halo2_backend/src/poly/multiopen_test.rs +++ b/halo2_backend/src/poly/multiopen_test.rs @@ -204,17 +204,14 @@ mod test { ProverQuery { point: x.get_scalar(), poly: &ax, - blind, }, ProverQuery { point: x.get_scalar(), poly: &bx, - blind, }, ProverQuery { point: y.get_scalar(), poly: &cx, - blind, }, ] .to_vec(); diff --git a/halo2_backend/src/poly/query.rs b/halo2_backend/src/poly/query.rs index 30be4fbec7..56b5f3e2f8 100644 --- a/halo2_backend/src/poly/query.rs +++ b/halo2_backend/src/poly/query.rs @@ -23,8 +23,6 @@ pub struct ProverQuery<'com, C: CurveAffine> { pub(crate) point: C::Scalar, /// Coefficients of polynomial pub(crate) poly: &'com Polynomial, - /// Blinding factor of polynomial - pub(crate) blind: Blind, } impl<'com, C> ProverQuery<'com, C> @@ -35,9 +33,9 @@ where pub fn new( point: C::Scalar, poly: &'com Polynomial, - blind: Blind, + _blind: Blind, ) -> Self { - ProverQuery { point, poly, blind } + ProverQuery { point, poly } } } @@ -45,7 +43,6 @@ where #[derive(Copy, Clone)] pub struct PolynomialPointer<'com, C: CurveAffine> { pub(crate) poly: &'com Polynomial, - pub(crate) blind: Blind, } impl<'com, C: CurveAffine> PartialEq for PolynomialPointer<'com, C> { @@ -65,10 +62,7 @@ impl<'com, C: CurveAffine> Query for ProverQuery<'com, C> { eval_polynomial(&self.poly[..], self.get_point()) } fn get_commitment(&self) -> Self::Commitment { - PolynomialPointer { - poly: self.poly, - blind: self.blind, - } + PolynomialPointer { poly: self.poly } } } diff --git a/halo2_proofs/tests/frontend_backend_split.rs b/halo2_proofs/tests/frontend_backend_split.rs index 2599a30aeb..cd8004e0b3 100644 --- a/halo2_proofs/tests/frontend_backend_split.rs +++ b/halo2_proofs/tests/frontend_backend_split.rs @@ -545,7 +545,7 @@ fn test_mycircuit_full_legacy() { proof }, - "7b855ed41c161c8aad4dbcec30912c806a1f6d66eb17f9fa2ee8ba20078aedc6", + "78aadfd46b5cc58b90d832ee47e4df57af3dfc28d1457c4ceeb5d0323a72f130", ); } @@ -626,6 +626,6 @@ fn test_mycircuit_full_split() { proof }, - "7b855ed41c161c8aad4dbcec30912c806a1f6d66eb17f9fa2ee8ba20078aedc6", + "78aadfd46b5cc58b90d832ee47e4df57af3dfc28d1457c4ceeb5d0323a72f130", ); }