From e4e9d03ba63b4c747c6e895b0d1e71c869723cca Mon Sep 17 00:00:00 2001 From: Shahar Papini <43779613+spapinistarkware@users.noreply.github.com> Date: Thu, 11 Jul 2024 18:50:14 +0300 Subject: [PATCH] Separate verify (#721) --- crates/prover/benches/poseidon.rs | 4 +- crates/prover/src/core/prover/mod.rs | 39 ++++++++++++++----- crates/prover/src/examples/fibonacci/mod.rs | 18 +++++---- crates/prover/src/examples/poseidon/mod.rs | 6 +-- .../prover/src/examples/wide_fibonacci/mod.rs | 6 +-- .../src/examples/wide_fibonacci/simd.rs | 6 +-- 6 files changed, 51 insertions(+), 28 deletions(-) diff --git a/crates/prover/benches/poseidon.rs b/crates/prover/benches/poseidon.rs index 7f219663..7802682a 100644 --- a/crates/prover/benches/poseidon.rs +++ b/crates/prover/benches/poseidon.rs @@ -3,7 +3,7 @@ use stwo_prover::core::backend::simd::SimdBackend; use stwo_prover::core::channel::{Blake2sChannel, Channel}; use stwo_prover::core::fields::m31::BaseField; use stwo_prover::core::fields::IntoSlice; -use stwo_prover::core::prover::prove; +use stwo_prover::core::prover::commit_and_prove; use stwo_prover::core::vcs::blake2_hash::Blake2sHasher; use stwo_prover::core::vcs::hasher::Hasher; use stwo_prover::examples::poseidon::{gen_trace, PoseidonAir, PoseidonComponent}; @@ -20,7 +20,7 @@ pub fn simd_poseidon(c: &mut Criterion) { let trace = gen_trace(component.log_column_size()); let channel = &mut Blake2sChannel::new(Blake2sHasher::hash(BaseField::into_slice(&[]))); let air = PoseidonAir { component }; - prove::(&air, channel, trace).unwrap() + commit_and_prove::(&air, channel, trace).unwrap() }); }); } diff --git a/crates/prover/src/core/prover/mod.rs b/crates/prover/src/core/prover/mod.rs index 7cd5a358..fbe10570 100644 --- a/crates/prover/src/core/prover/mod.rs +++ b/crates/prover/src/core/prover/mod.rs @@ -76,6 +76,8 @@ pub fn evaluate_and_commit_on_trace>( let interaction_elements = air.interaction_elements(channel); let interaction_trace = air.interact(&trace, &interaction_elements); + // TODO(spapini): Make this symmetric with verify, once the TraceGenerator traits support + // retrieveing the column log sizes. if !interaction_trace.is_empty() { let span = span!(Level::INFO, "Interaction trace interpolation").entered(); let interaction_trace_polys = interaction_trace @@ -89,7 +91,7 @@ pub fn evaluate_and_commit_on_trace>( Ok((commitment_scheme, interaction_elements)) } -pub fn generate_proof>( +pub fn prove>( air: &impl AirProver, channel: &mut Channel, interaction_elements: &InteractionElements, @@ -148,7 +150,7 @@ pub fn generate_proof>( }) } -pub fn prove>( +pub fn commit_and_prove>( air: &impl AirTraceGenerator, channel: &mut Channel, trace: ColumnVec>, @@ -192,7 +194,7 @@ pub fn prove>( .collect_vec(), ); - generate_proof( + prove( &air, channel, &interaction_elements, @@ -201,13 +203,16 @@ pub fn prove>( ) } -pub fn verify( +pub fn commit_and_verify( proof: StarkProof, air: &(impl Air + AirTraceVerifier), channel: &mut Channel, ) -> Result<(), VerificationError> { // Read trace commitment. let mut commitment_scheme = CommitmentSchemeVerifier::new(); + + // TODO(spapini): Retrieve column_log_sizes from AirTraceVerifier, and remove the dependency on + // Air. let column_log_sizes = air.column_log_sizes(); commitment_scheme.commit( proof.commitments[BASE_TRACE], @@ -234,6 +239,22 @@ pub fn verify( .map(|v| SecureField::from(*v)) .collect_vec(), ); + verify( + air, + channel, + &interaction_elements, + &mut commitment_scheme, + proof, + ) +} + +pub fn verify( + air: &impl Air, + channel: &mut Blake2sChannel, + interaction_elements: &InteractionElements, + commitment_scheme: &mut CommitmentSchemeVerifier, + proof: StarkProof, +) -> Result<(), VerificationError> { let random_coeff = channel.draw_felt(); // Read composition polynomial commitment. @@ -263,7 +284,7 @@ pub fn verify( oods_point, &trace_oods_values, random_coeff, - &interaction_elements, + interaction_elements, &proof.lookup_values, ) { @@ -367,7 +388,7 @@ mod tests { CanonicCoset, CircleDomain, CircleEvaluation, MAX_CIRCLE_DOMAIN_LOG_SIZE, }; use crate::core::poly::BitReversedOrder; - use crate::core::prover::{prove, ProvingError}; + use crate::core::prover::{commit_and_prove, ProvingError}; use crate::core::test_utils::test_channel; use crate::core::{ColumnVec, InteractionElements, LookupValues}; use crate::qm31; @@ -517,7 +538,7 @@ mod tests { let values = vec![BaseField::zero(); 1 << LOG_DOMAIN_SIZE]; let trace = vec![CpuCircleEvaluation::new(domain, values)]; - let proof_error = prove(&air, &mut test_channel(), trace).unwrap_err(); + let proof_error = commit_and_prove(&air, &mut test_channel(), trace).unwrap_err(); assert!(matches!( proof_error, ProvingError::MaxTraceDegreeExceeded { @@ -544,7 +565,7 @@ mod tests { let values = vec![BaseField::zero(); 1 << LOG_DOMAIN_SIZE]; let trace = vec![CpuCircleEvaluation::new(domain, values)]; - let proof_error = prove(&air, &mut test_channel(), trace).unwrap_err(); + let proof_error = commit_and_prove(&air, &mut test_channel(), trace).unwrap_err(); assert!(matches!( proof_error, ProvingError::MaxCompositionDegreeExceeded { @@ -566,7 +587,7 @@ mod tests { let values = vec![BaseField::zero(); 1 << LOG_DOMAIN_SIZE]; let trace = vec![CpuCircleEvaluation::new(domain, values)]; - let proof = prove(&air, &mut test_channel(), trace).unwrap_err(); + let proof = commit_and_prove(&air, &mut test_channel(), trace).unwrap_err(); assert!(matches!(proof, ProvingError::ConstraintsNotSatisfied)); } } diff --git a/crates/prover/src/examples/fibonacci/mod.rs b/crates/prover/src/examples/fibonacci/mod.rs index a9474e9d..c3d7aec0 100644 --- a/crates/prover/src/examples/fibonacci/mod.rs +++ b/crates/prover/src/examples/fibonacci/mod.rs @@ -10,7 +10,9 @@ use crate::core::fields::m31::BaseField; use crate::core::fields::{FieldExpOps, IntoSlice}; use crate::core::poly::circle::{CanonicCoset, CircleEvaluation}; use crate::core::poly::BitReversedOrder; -use crate::core::prover::{prove, verify, ProvingError, StarkProof, VerificationError}; +use crate::core::prover::{ + commit_and_prove, commit_and_verify, ProvingError, StarkProof, VerificationError, +}; use crate::core::vcs::blake2_hash::Blake2sHasher; use crate::core::vcs::hasher::Hasher; @@ -55,7 +57,7 @@ impl Fibonacci { .air .component .claim]))); - prove(&self.air, channel, vec![trace]) + commit_and_prove(&self.air, channel, vec![trace]) } pub fn verify(&self, proof: StarkProof) -> Result<(), VerificationError> { @@ -63,7 +65,7 @@ impl Fibonacci { .air .component .claim]))); - verify(proof, &self.air, channel) + commit_and_verify(proof, &self.air, channel) } } @@ -98,13 +100,13 @@ impl MultiFibonacci { let channel = &mut Blake2sChannel::new(Blake2sHasher::hash(BaseField::into_slice(&self.claims))); let trace = self.get_trace(); - prove(&self.air, channel, trace) + commit_and_prove(&self.air, channel, trace) } pub fn verify(&self, proof: StarkProof) -> Result<(), VerificationError> { let channel = &mut Blake2sChannel::new(Blake2sHasher::hash(BaseField::into_slice(&self.claims))); - verify(proof, &self.air, channel) + commit_and_verify(proof, &self.air, channel) } } @@ -128,7 +130,7 @@ mod tests { use crate::core::fields::IntoSlice; use crate::core::pcs::TreeVec; use crate::core::poly::circle::CanonicCoset; - use crate::core::prover::{prove, verify, VerificationError, BASE_TRACE}; + use crate::core::prover::{commit_and_prove, commit_and_verify, VerificationError, BASE_TRACE}; use crate::core::queries::Queries; use crate::core::utils::bit_reverse; use crate::core::vcs::blake2_hash::Blake2sHasher; @@ -252,12 +254,12 @@ mod tests { let trace = fib_trace_generator.write_trace(); let channel = &mut Blake2sChannel::new(Blake2sHasher::hash(BaseField::into_slice(&[CLAIM]))); - let proof = prove(&fib_trace_generator, channel, trace).unwrap(); + let proof = commit_and_prove(&fib_trace_generator, channel, trace).unwrap(); let channel = &mut Blake2sChannel::new(Blake2sHasher::hash(BaseField::into_slice(&[CLAIM]))); let fib_air = Fibonacci::new(FIB_LOG_SIZE, CLAIM).air; - verify(proof, &fib_air, channel).unwrap(); + commit_and_verify(proof, &fib_air, channel).unwrap(); } #[test] diff --git a/crates/prover/src/examples/poseidon/mod.rs b/crates/prover/src/examples/poseidon/mod.rs index 38da4e4f..354581df 100644 --- a/crates/prover/src/examples/poseidon/mod.rs +++ b/crates/prover/src/examples/poseidon/mod.rs @@ -501,7 +501,7 @@ mod tests { use crate::core::channel::{Blake2sChannel, Channel}; use crate::core::fields::m31::BaseField; use crate::core::fields::IntoSlice; - use crate::core::prover::{prove, verify}; + use crate::core::prover::{commit_and_prove, commit_and_verify}; use crate::core::vcs::blake2_hash::Blake2sHasher; use crate::core::vcs::hasher::Hasher; use crate::examples::poseidon::{ @@ -568,9 +568,9 @@ mod tests { let channel = &mut Blake2sChannel::new(Blake2sHasher::hash(BaseField::into_slice(&[]))); let air = PoseidonAir { component }; - let proof = prove::(&air, channel, trace).unwrap(); + let proof = commit_and_prove::(&air, channel, trace).unwrap(); let channel = &mut Blake2sChannel::new(Blake2sHasher::hash(BaseField::into_slice(&[]))); - verify(proof, &air, channel).unwrap(); + commit_and_verify(proof, &air, channel).unwrap(); } } diff --git a/crates/prover/src/examples/wide_fibonacci/mod.rs b/crates/prover/src/examples/wide_fibonacci/mod.rs index cc23d7c1..b28e0376 100644 --- a/crates/prover/src/examples/wide_fibonacci/mod.rs +++ b/crates/prover/src/examples/wide_fibonacci/mod.rs @@ -22,7 +22,7 @@ mod tests { use crate::core::fields::IntoSlice; use crate::core::pcs::TreeVec; use crate::core::poly::circle::CanonicCoset; - use crate::core::prover::{prove, verify}; + use crate::core::prover::{commit_and_prove, commit_and_verify}; use crate::core::utils::{ bit_reverse, circle_domain_order_to_coset_order, shifted_secure_combination, }; @@ -235,10 +235,10 @@ mod tests { let air = WideFibAir { component }; let prover_channel = &mut Blake2sChannel::new(Blake2sHasher::hash(BaseField::into_slice(&[]))); - let proof = prove::(&air, prover_channel, trace).unwrap(); + let proof = commit_and_prove::(&air, prover_channel, trace).unwrap(); let verifier_channel = &mut Blake2sChannel::new(Blake2sHasher::hash(BaseField::into_slice(&[]))); - verify(proof, &air, verifier_channel).unwrap(); + commit_and_verify(proof, &air, verifier_channel).unwrap(); } } diff --git a/crates/prover/src/examples/wide_fibonacci/simd.rs b/crates/prover/src/examples/wide_fibonacci/simd.rs index e4faf11a..e168dd91 100644 --- a/crates/prover/src/examples/wide_fibonacci/simd.rs +++ b/crates/prover/src/examples/wide_fibonacci/simd.rs @@ -261,7 +261,7 @@ mod tests { use crate::core::channel::{Blake2sChannel, Channel}; use crate::core::fields::m31::BaseField; use crate::core::fields::IntoSlice; - use crate::core::prover::{prove, verify}; + use crate::core::prover::{commit_and_prove, commit_and_verify}; use crate::core::vcs::blake2_hash::Blake2sHasher; use crate::core::vcs::hasher::Hasher; use crate::examples::wide_fibonacci::component::LOG_N_COLUMNS; @@ -285,9 +285,9 @@ mod tests { span.exit(); let channel = &mut Blake2sChannel::new(Blake2sHasher::hash(BaseField::into_slice(&[]))); let air = SimdWideFibAir { component }; - let proof = prove::(&air, channel, trace).unwrap(); + let proof = commit_and_prove::(&air, channel, trace).unwrap(); let channel = &mut Blake2sChannel::new(Blake2sHasher::hash(BaseField::into_slice(&[]))); - verify(proof, &air, channel).unwrap(); + commit_and_verify(proof, &air, channel).unwrap(); } }