From 8b653b2c2e8b125f9fec67eecc7511c2f57ab3af Mon Sep 17 00:00:00 2001 From: hratoanina Date: Sat, 29 Jun 2024 21:54:52 -0400 Subject: [PATCH] Add STARK batching --- Cargo.lock | 292 +++---- Cargo.toml | 8 +- evm_arithmetization/src/all_stark.rs | 27 + .../src/fixed_recursive_verifier.rs | 26 +- .../src/keccak_sponge/keccak_sponge_stark.rs | 1 + evm_arithmetization/src/prover.rs | 798 +++++++++++++++++- evm_arithmetization/src/verifier.rs | 14 +- 7 files changed, 985 insertions(+), 181 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 4c1f122b0..7d7b3912a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -97,9 +97,9 @@ dependencies = [ [[package]] name = "alloy-core" -version = "0.7.6" +version = "0.7.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5af3faff14c12c8b11037e0a093dd157c3702becb8435577a2408534d0758315" +checksum = "529fc6310dc1126c8de51c376cbc59c79c7f662bd742be7dc67055d5421a81b4" dependencies = [ "alloy-primitives", "alloy-rlp", @@ -152,9 +152,9 @@ dependencies = [ [[package]] name = "alloy-primitives" -version = "0.7.6" +version = "0.7.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f783611babedbbe90db3478c120fb5f5daacceffc210b39adc0af4fe0da70bad" +checksum = "ccb3ead547f4532bc8af961649942f0b9c16ee9226e26caa3f38420651cc0bf4" dependencies = [ "alloy-rlp", "bytes", @@ -223,7 +223,7 @@ checksum = "d83524c1f6162fcb5b0decf775498a125066c86dda6066ed609531b0e912f85a" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -310,23 +310,23 @@ dependencies = [ [[package]] name = "alloy-sol-macro" -version = "0.7.6" +version = "0.7.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4bad41a7c19498e3f6079f7744656328699f8ea3e783bdd10d85788cd439f572" +checksum = "2b40397ddcdcc266f59f959770f601ce1280e699a91fc1862f29cef91707cd09" dependencies = [ "alloy-sol-macro-expander", "alloy-sol-macro-input", "proc-macro-error", "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] name = "alloy-sol-macro-expander" -version = "0.7.6" +version = "0.7.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd9899da7d011b4fe4c406a524ed3e3f963797dbc93b45479d60341d3a27b252" +checksum = "867a5469d61480fea08c7333ffeca52d5b621f5ca2e44f271b117ec1fc9a0525" dependencies = [ "alloy-sol-macro-input", "const-hex", @@ -335,31 +335,31 @@ dependencies = [ "proc-macro-error", "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", "syn-solidity", "tiny-keccak", ] [[package]] name = "alloy-sol-macro-input" -version = "0.7.6" +version = "0.7.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d32d595768fdc61331a132b6f65db41afae41b9b97d36c21eb1b955c422a7e60" +checksum = "2e482dc33a32b6fadbc0f599adea520bd3aaa585c141a80b404d0a3e3fa72528" dependencies = [ "const-hex", "dunce", "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", "syn-solidity", ] [[package]] name = "alloy-sol-types" -version = "0.7.6" +version = "0.7.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a49042c6d3b66a9fe6b2b5a8bf0d39fc2ae1ee0310a2a26ffedd79fb097878dd" +checksum = "a91ca40fa20793ae9c3841b83e74569d1cc9af29a2f5237314fd3452d51e38c7" dependencies = [ "alloy-primitives", "alloy-sol-macro", @@ -399,9 +399,9 @@ dependencies = [ [[package]] name = "amq-protocol" -version = "7.2.0" +version = "7.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f051d4d77904272e9be7e292607378dc9900d15b8d314bfd3ed4b82fdd84f125" +checksum = "0f0234884b3641db74d22ccc20fc2594db5f23d7d41ade5c93d7ee33d200960c" dependencies = [ "amq-protocol-tcp", "amq-protocol-types", @@ -413,9 +413,9 @@ dependencies = [ [[package]] name = "amq-protocol-tcp" -version = "7.2.0" +version = "7.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e3d51dd36e67d757c9ba80a7b2a2a2a69254c1dbe4d8c631824ec7f5b69f60e" +checksum = "265dca43d9dbb3d5bbb0b3ef1b0cd9044ce3aa5d697d5b66cde974d1f6063f09" dependencies = [ "amq-protocol-uri", "tcp-stream", @@ -424,9 +424,9 @@ dependencies = [ [[package]] name = "amq-protocol-types" -version = "7.2.0" +version = "7.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0acdd47054ced8b9bc89ee0dbb42ccc8028de48d8658b24de4c255a226c9bfec" +checksum = "c7412353b58923fa012feb9a64ccc0c811747babee2e5a2fd63eb102dc8054c3" dependencies = [ "cookie-factory", "nom", @@ -436,9 +436,9 @@ dependencies = [ [[package]] name = "amq-protocol-uri" -version = "7.2.0" +version = "7.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f17881b7575dab3e71403f28a3e50b71f0d1bd026829abca3c48664522ce0df0" +checksum = "2be91352c805d5704784e079117d5291fd5bf2569add53c914ebce6d1a795d33" dependencies = [ "amq-protocol-types", "percent-encoding", @@ -678,7 +678,7 @@ checksum = "7378575ff571966e99a744addeff0bff98b8ada0dedf1956d59e634db95eaac1" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", "synstructure", ] @@ -690,7 +690,7 @@ checksum = "7b18050c2cd6fe86c3a76584ef5e0baf286d038cda203eb6223df2cc413565f7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -834,7 +834,7 @@ checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -845,13 +845,13 @@ checksum = "8b75356056920673b02621b35afd0f7dda9306d03c79a30f5c56c44cf256e3de" [[package]] name = "async-trait" -version = "0.1.80" +version = "0.1.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c6fa2087f2753a7da8cc1c0dbfcf89579dd57458e36769de5ac750b4671737ca" +checksum = "6e0c28dcc82d7c8ead5cb13beb15405b57b8546e93215673ff8ca0349a028107" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -877,7 +877,7 @@ checksum = "3c87f3f15e7794432337fc718554eaa4dc8f04c9677a950ffe366f20a162ae42" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -1034,7 +1034,7 @@ dependencies = [ "regex", "rustc-hash", "shlex", - "syn 2.0.68", + "syn 2.0.70", "which", ] @@ -1210,9 +1210,9 @@ dependencies = [ [[package]] name = "cc" -version = "1.0.104" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "74b6a57f98764a267ff415d50a25e6e166f3831a5071af4995296ea97d210490" +checksum = "eaff6f8ce506b9773fa786672d63fc7a191ffea1be33f72bbd4aeacefca9ffc8" dependencies = [ "jobserver", "libc", @@ -1244,7 +1244,7 @@ dependencies = [ "iana-time-zone", "num-traits", "serde", - "windows-targets 0.52.5", + "windows-targets 0.52.6", ] [[package]] @@ -1297,9 +1297,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.8" +version = "4.5.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "84b3edb18336f4df585bc9aa31dd99c036dfa5dc5e9a2939a722a188f3a8970d" +checksum = "64acc1846d54c1fe936a78dc189c34e28d3f5afc348403f28ecf53660b9b8462" dependencies = [ "clap_builder", "clap_derive", @@ -1307,9 +1307,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.8" +version = "4.5.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1c09dd5ada6c6c78075d6fd0da3f90d8080651e2d6cc8eb2f1aaa4034ced708" +checksum = "6fb8393d67ba2e7bfaf28a23458e4e2b543cc73a99595511eb207fdb8aede942" dependencies = [ "anstream", "anstyle", @@ -1326,7 +1326,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -1599,9 +1599,9 @@ dependencies = [ [[package]] name = "darling" -version = "0.20.9" +version = "0.20.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "83b2eb4d90d12bdda5ed17de686c2acb4c57914f8f921b8da7e112b5a36f3fe1" +checksum = "6f63b86c8a8826a49b8c21f08a2d07338eec8d900540f8630dc76284be802989" dependencies = [ "darling_core", "darling_macro", @@ -1609,27 +1609,27 @@ dependencies = [ [[package]] name = "darling_core" -version = "0.20.9" +version = "0.20.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "622687fe0bac72a04e5599029151f5796111b90f1baaa9b544d807a5e31cd120" +checksum = "95133861a8032aaea082871032f5815eb9e98cef03fa916ab4500513994df9e5" dependencies = [ "fnv", "ident_case", "proc-macro2", "quote", "strsim", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] name = "darling_macro" -version = "0.20.9" +version = "0.20.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "733cabb43482b1a1b53eee8583c2b9e8684d592215ea83efd305dd31bc2f0178" +checksum = "d336a2a514f6ccccaa3e09b02d41d35330c07ddf03a62165fcec10bb561c7806" dependencies = [ "darling_core", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -1680,13 +1680,13 @@ dependencies = [ [[package]] name = "der_derive" -version = "0.7.2" +version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5fe87ce4529967e0ba1dcf8450bab64d97dfd5010a6256187ffe2e43e6f0e049" +checksum = "8034092389675178f570469e6c3b0465d3d30b4505c294a6550db47f3c17ad18" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -1720,7 +1720,7 @@ dependencies = [ "proc-macro2", "quote", "rustc_version 0.4.0", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -1761,7 +1761,7 @@ checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -1836,7 +1836,7 @@ dependencies = [ "heck 0.4.1", "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -1847,7 +1847,7 @@ checksum = "6fd000fd6988e73bbe993ea3db9b1aa64906ab88766d654973924340c8cddb42" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -1992,7 +1992,7 @@ dependencies = [ "pest", "pest_derive", "plonky2", - "plonky2_maybe_rayon 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", + "plonky2_maybe_rayon", "plonky2_util", "rand", "rand_chacha", @@ -2218,7 +2218,7 @@ checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -2466,9 +2466,9 @@ checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" [[package]] name = "hyper" -version = "1.4.0" +version = "1.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4fe55fb7a772d59a5ff1dfbff4fe0258d19b89fec4b233e75d35d5d2316badc" +checksum = "50dfd22e0e76d0f662d429a5f80fcaf3855009297eab6a0a9f8543834744ba05" dependencies = [ "bytes", "futures-channel", @@ -2888,7 +2888,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e310b3a6b5907f99202fcdb4960ff45b93735d7c7d96b760fcff8db2dc0e103d" dependencies = [ "cfg-if", - "windows-targets 0.52.5", + "windows-targets 0.52.6", ] [[package]] @@ -2914,7 +2914,7 @@ checksum = "f8dccda732e04fa3baf2e17cf835bfe2601c7c2edafd64417c627dabae3a8cda" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -3187,7 +3187,7 @@ checksum = "681030a937600a36906c185595136d26abfebb4aa9c65701cefcaf8578bb982b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -3216,9 +3216,9 @@ checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" [[package]] name = "oorandom" -version = "11.1.3" +version = "11.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0ab1bc2a289d34bd04a330323ac98a1b4bc82c9d9fcb1e66b63caa84da26b575" +checksum = "b410bbe7e14ab526a0e86877eb47c6996a2bd7746f027ba551028c925390e4e9" [[package]] name = "openssl" @@ -3243,7 +3243,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -3346,7 +3346,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "af25dcb10b7c0ce99abee8694e2e79e4787d7f778b9339dc5a50ba6fc45e5cc9" dependencies = [ "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -3401,7 +3401,7 @@ dependencies = [ "libc", "redox_syscall", "smallvec", - "windows-targets 0.52.5", + "windows-targets 0.52.6", ] [[package]] @@ -3466,7 +3466,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -3497,7 +3497,7 @@ checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -3584,7 +3584,6 @@ checksum = "d231b230927b5e4ad203db57bbcbee2802f6bce620b1e4a9024a07d94e2907ec" [[package]] name = "plonky2" version = "0.2.2" -source = "git+https://github.com/0xPolygonZero/plonky2.git?rev=dc77c77f2b06500e16ad4d7f1c2b057903602eed#dc77c77f2b06500e16ad4d7f1c2b057903602eed" dependencies = [ "ahash", "anyhow", @@ -3595,7 +3594,7 @@ dependencies = [ "log", "num", "plonky2_field", - "plonky2_maybe_rayon 0.2.0 (git+https://github.com/0xPolygonZero/plonky2.git?rev=dc77c77f2b06500e16ad4d7f1c2b057903602eed)", + "plonky2_maybe_rayon", "plonky2_util", "rand", "rand_chacha", @@ -3608,7 +3607,6 @@ dependencies = [ [[package]] name = "plonky2_field" version = "0.2.2" -source = "git+https://github.com/0xPolygonZero/plonky2.git?rev=dc77c77f2b06500e16ad4d7f1c2b057903602eed#dc77c77f2b06500e16ad4d7f1c2b057903602eed" dependencies = [ "anyhow", "itertools 0.11.0", @@ -3623,16 +3621,6 @@ dependencies = [ [[package]] name = "plonky2_maybe_rayon" version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "92ff44a90aaca13e10e7ddf8fab815ba1b404c3f7c3ca82aaf11c46beabaa923" -dependencies = [ - "rayon", -] - -[[package]] -name = "plonky2_maybe_rayon" -version = "0.2.0" -source = "git+https://github.com/0xPolygonZero/plonky2.git?rev=dc77c77f2b06500e16ad4d7f1c2b057903602eed#dc77c77f2b06500e16ad4d7f1c2b057903602eed" dependencies = [ "rayon", ] @@ -3640,7 +3628,6 @@ dependencies = [ [[package]] name = "plonky2_util" version = "0.2.0" -source = "git+https://github.com/0xPolygonZero/plonky2.git?rev=dc77c77f2b06500e16ad4d7f1c2b057903602eed#dc77c77f2b06500e16ad4d7f1c2b057903602eed" [[package]] name = "plotters" @@ -3742,7 +3729,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5f12335488a2f3b0a83b14edad48dca9879ce89b2edd10e80237e4e852dd645e" dependencies = [ "proc-macro2", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -4239,9 +4226,9 @@ dependencies = [ [[package]] name = "rustls" -version = "0.23.10" +version = "0.23.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05cff451f60db80f490f3c182b77c35260baace73209e9cdbbe526bfe3a4d402" +checksum = "4828ea528154ae444e5a642dbb7d5623354030dc9822b83fd9bb79683c7399d0" dependencies = [ "aws-lc-rs", "log", @@ -4267,9 +4254,9 @@ dependencies = [ [[package]] name = "rustls-native-certs" -version = "0.7.0" +version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f1fb85efa936c42c6d5fc28d2629bb51e4b2f4b8a5211e297d599cc5a093792" +checksum = "a88d6d420651b496bdd98684116959239430022a115c1240e6c3993be0b15fba" dependencies = [ "openssl-probe", "rustls-pemfile", @@ -4296,9 +4283,9 @@ checksum = "976295e77ce332211c0d24d92c0e83e50f5c5f046d11082cea19f3df13a3562d" [[package]] name = "rustls-webpki" -version = "0.102.4" +version = "0.102.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ff448f7e92e913c4b7d4c6d8e4540a1724b319b4152b8aef6d4cf8339712b33e" +checksum = "f9a6fccd794a42c2c105b513a2f62bc3fd8f3ba57a4593677ceb0bd035164d78" dependencies = [ "aws-lc-rs", "ring", @@ -4440,9 +4427,9 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.203" +version = "1.0.204" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7253ab4de971e72fb7be983802300c30b5a7f0c2e56fab8abfc6a214307c0094" +checksum = "bc76f558e0cbb2a839d37354c575f1dc3fdc6546b5be373ba43d95f231bf7c12" dependencies = [ "serde_derive", ] @@ -4458,13 +4445,13 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.203" +version = "1.0.204" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba" +checksum = "e0cd7e117be63d3c3678776753929474f3b04a43a080c744d6b0ae2a8c28e222" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -4511,9 +4498,9 @@ dependencies = [ [[package]] name = "serde_with" -version = "3.8.2" +version = "3.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "079f3a42cd87588d924ed95b533f8d30a483388c4e400ab736a7058e34f16169" +checksum = "e73139bc5ec2d45e6c5fd85be5a46949c1c39a4c18e56915f5eb4c12f975e377" dependencies = [ "base64", "chrono", @@ -4529,14 +4516,14 @@ dependencies = [ [[package]] name = "serde_with_macros" -version = "3.8.2" +version = "3.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bc03aad67c1d26b7de277d51c86892e7d9a0110a2fe44bf6b26cc569fba302d6" +checksum = "b80d3d6b56b64335c0180e5ffde23b3c5e08c14c585b51a15bd0e95393f46703" dependencies = [ "darling", "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -4679,7 +4666,6 @@ checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" [[package]] name = "starky" version = "0.4.0" -source = "git+https://github.com/0xPolygonZero/plonky2.git?rev=dc77c77f2b06500e16ad4d7f1c2b057903602eed#dc77c77f2b06500e16ad4d7f1c2b057903602eed" dependencies = [ "ahash", "anyhow", @@ -4688,7 +4674,7 @@ dependencies = [ "log", "num-bigint", "plonky2", - "plonky2_maybe_rayon 0.2.0 (git+https://github.com/0xPolygonZero/plonky2.git?rev=dc77c77f2b06500e16ad4d7f1c2b057903602eed)", + "plonky2_maybe_rayon", "plonky2_util", ] @@ -4723,7 +4709,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -4745,9 +4731,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.68" +version = "2.0.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "901fa70d88b9d6c98022e23b4136f9f3e54e4662c3bc1bd1d84a42a9a0f0c1e9" +checksum = "2f0209b68b3613b093e0ec905354eccaedcfe83b8cb37cbdeae64026c3064c16" dependencies = [ "proc-macro2", "quote", @@ -4756,14 +4742,14 @@ dependencies = [ [[package]] name = "syn-solidity" -version = "0.7.6" +version = "0.7.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d71e19bca02c807c9faa67b5a47673ff231b6e7449b251695188522f1dc44b2" +checksum = "c837dc8852cb7074e46b444afb81783140dab12c58867b49fb3898fbafedf7ea" dependencies = [ "paste", "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -4786,7 +4772,7 @@ checksum = "c8af7666ab7b6390ab78131fb5b0fce11d6b7a6951602017c35fa82800708971" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -4845,7 +4831,7 @@ checksum = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -4919,9 +4905,9 @@ dependencies = [ [[package]] name = "tinyvec" -version = "1.6.1" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c55115c6fbe2d2bef26eb09ad74bde02d8255476fc0c7b515ef09fbb35742d82" +checksum = "445e881f4f6d382d5f27c034e25eb92edd7c784ceab92a0937db7f2e9471b938" dependencies = [ "tinyvec_macros", ] @@ -4970,7 +4956,7 @@ checksum = "5f5ae998a069d4b5aba8ee9dad856af7d520c3699e6159b185c2acd48155d39a" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -5031,7 +5017,7 @@ dependencies = [ "serde", "serde_spanned", "toml_datetime", - "toml_edit 0.22.14", + "toml_edit 0.22.15", ] [[package]] @@ -5056,9 +5042,9 @@ dependencies = [ [[package]] name = "toml_edit" -version = "0.22.14" +version = "0.22.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f21c7aaf97f1bd9ca9d4f9e73b0a6c74bd5afef56f2bc931943a6e1c37e04e38" +checksum = "d59a3a72298453f564e2b111fa896f8d07fabb36f51f06d7e875fc5e0b5a3ef1" dependencies = [ "indexmap 2.2.6", "serde", @@ -5137,7 +5123,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -5187,9 +5173,9 @@ checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b" [[package]] name = "trybuild" -version = "1.0.96" +version = "1.0.97" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33a5f13f11071020bb12de7a16b925d2d58636175c20c11dc5f96cb64bb6c9b3" +checksum = "5b1e5645f2ee8025c2f1d75e1138f2dd034d74e6ba54620f3c569ba2a2a1ea06" dependencies = [ "glob", "serde", @@ -5285,9 +5271,9 @@ checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" [[package]] name = "uuid" -version = "1.9.1" +version = "1.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5de17fd2f7da591098415cff336e12965a28061ddace43b59cb3c430179c9439" +checksum = "81dfa00651efa65069b0b6b651f4aaa31ba9e3c3ce0137aaad053604ee7e0314" dependencies = [ "getrandom", "rand", @@ -5388,7 +5374,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", "wasm-bindgen-shared", ] @@ -5422,7 +5408,7 @@ checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -5502,7 +5488,7 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9" dependencies = [ - "windows-targets 0.52.5", + "windows-targets 0.52.6", ] [[package]] @@ -5520,7 +5506,7 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" dependencies = [ - "windows-targets 0.52.5", + "windows-targets 0.52.6", ] [[package]] @@ -5540,18 +5526,18 @@ dependencies = [ [[package]] name = "windows-targets" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6f0713a46559409d202e70e28227288446bf7841d3211583a4b53e3f6d96e7eb" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" dependencies = [ - "windows_aarch64_gnullvm 0.52.5", - "windows_aarch64_msvc 0.52.5", - "windows_i686_gnu 0.52.5", + "windows_aarch64_gnullvm 0.52.6", + "windows_aarch64_msvc 0.52.6", + "windows_i686_gnu 0.52.6", "windows_i686_gnullvm", - "windows_i686_msvc 0.52.5", - "windows_x86_64_gnu 0.52.5", - "windows_x86_64_gnullvm 0.52.5", - "windows_x86_64_msvc 0.52.5", + "windows_i686_msvc 0.52.6", + "windows_x86_64_gnu 0.52.6", + "windows_x86_64_gnullvm 0.52.6", + "windows_x86_64_msvc 0.52.6", ] [[package]] @@ -5562,9 +5548,9 @@ checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" [[package]] name = "windows_aarch64_gnullvm" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7088eed71e8b8dda258ecc8bac5fb1153c5cffaf2578fc8ff5d61e23578d3263" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" [[package]] name = "windows_aarch64_msvc" @@ -5574,9 +5560,9 @@ checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" [[package]] name = "windows_aarch64_msvc" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9985fd1504e250c615ca5f281c3f7a6da76213ebd5ccc9561496568a2752afb6" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" [[package]] name = "windows_i686_gnu" @@ -5586,15 +5572,15 @@ checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" [[package]] name = "windows_i686_gnu" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "88ba073cf16d5372720ec942a8ccbf61626074c6d4dd2e745299726ce8b89670" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" [[package]] name = "windows_i686_gnullvm" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87f4261229030a858f36b459e748ae97545d6f1ec60e5e0d6a3d32e0dc232ee9" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" [[package]] name = "windows_i686_msvc" @@ -5604,9 +5590,9 @@ checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" [[package]] name = "windows_i686_msvc" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db3c2bf3d13d5b658be73463284eaf12830ac9a26a90c717b7f771dfe97487bf" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" [[package]] name = "windows_x86_64_gnu" @@ -5616,9 +5602,9 @@ checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" [[package]] name = "windows_x86_64_gnu" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e4246f76bdeff09eb48875a0fd3e2af6aada79d409d33011886d3e1581517d9" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" [[package]] name = "windows_x86_64_gnullvm" @@ -5628,9 +5614,9 @@ checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" [[package]] name = "windows_x86_64_gnullvm" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "852298e482cd67c356ddd9570386e2862b5673c85bd5f88df9ab6802b334c596" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" [[package]] name = "windows_x86_64_msvc" @@ -5640,9 +5626,9 @@ checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" [[package]] name = "windows_x86_64_msvc" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" [[package]] name = "winnow" @@ -5761,7 +5747,7 @@ checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -5781,7 +5767,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", ] [[package]] @@ -5790,6 +5776,6 @@ version = "0.1.0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.68", + "syn 2.0.70", "trybuild", ] diff --git a/Cargo.toml b/Cargo.toml index ad5b36493..0b6bb77cf 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -113,10 +113,10 @@ rpc = { path = "zero_bin/rpc" } zero_bin_common = { path = "zero_bin/common" } # plonky2-related dependencies -plonky2 = { git = "https://github.com/0xPolygonZero/plonky2.git", rev = "dc77c77f2b06500e16ad4d7f1c2b057903602eed" } -plonky2_maybe_rayon = "0.2.0" -plonky2_util = { git = "https://github.com/0xPolygonZero/plonky2.git", rev = "dc77c77f2b06500e16ad4d7f1c2b057903602eed" } -starky = { git = "https://github.com/0xPolygonZero/plonky2.git", rev = "dc77c77f2b06500e16ad4d7f1c2b057903602eed" } +plonky2 = { path = "../plonky2/plonky2"} +plonky2_maybe_rayon = { path = "../plonky2/maybe_rayon"} +plonky2_util = { path = "../plonky2/util"} +starky = { path = "../plonky2/starky"} # proc macro related dependencies proc-macro2 = "1.0" diff --git a/evm_arithmetization/src/all_stark.rs b/evm_arithmetization/src/all_stark.rs index c3b5733c1..97a2ad910 100644 --- a/evm_arithmetization/src/all_stark.rs +++ b/evm_arithmetization/src/all_stark.rs @@ -120,6 +120,33 @@ impl Table { Self::MemAfter, ] } + + /// Returns all STARK table indices in descending order of their padded + /// trace degrees. + pub(crate) const fn all_sorted() -> [Self; NUM_TABLES] { + [ + Self::Memory, + Self::MemBefore, + Self::MemAfter, + Self::Cpu, + Self::Arithmetic, + Self::BytePacking, + Self::Keccak, + Self::Logic, + Self::KeccakSponge, + ] + } + + /// Returns the ordered position of the tables. This is the inverse of + /// `all_sorted()`. + pub(crate) const fn table_to_sorted_index() -> [usize; NUM_TABLES] { + [4, 5, 3, 6, 8, 7, 0, 1, 2] + } + + /// Returns all STARK padded trace degrees in descending order. + pub(crate) const fn all_degree_logs() -> [usize; NUM_TABLES] { + [23, 22, 22, 20, 19, 19, 19, 17, 14] + } } /// Returns all the `CrossTableLookups` used for proving the EVM. diff --git a/evm_arithmetization/src/fixed_recursive_verifier.rs b/evm_arithmetization/src/fixed_recursive_verifier.rs index 9d39646dd..b60ec50e9 100644 --- a/evm_arithmetization/src/fixed_recursive_verifier.rs +++ b/evm_arithmetization/src/fixed_recursive_verifier.rs @@ -755,26 +755,28 @@ where // Extra sums to add to the looked last value. // Only necessary for the Memory values. - let mut extra_looking_sums = - vec![vec![builder.zero(); stark_config.num_challenges]; NUM_TABLES]; + let mut extra_looking_sums = HashMap::new(); // Memory - extra_looking_sums[*Table::Memory] = (0..stark_config.num_challenges) - .map(|c| { - get_memory_extra_looking_sum_circuit( - &mut builder, - &public_values, - ctl_challenges.challenges[c], - ) - }) - .collect_vec(); + extra_looking_sums.insert( + Table::Memory as usize, + (0..stark_config.num_challenges) + .map(|c| { + get_memory_extra_looking_sum_circuit( + &mut builder, + &public_values, + ctl_challenges.challenges[c], + ) + }) + .collect_vec(), + ); // Verify the CTL checks. verify_cross_table_lookups_circuit::( &mut builder, all_cross_table_lookups(), pis.map(|p| p.ctl_zs_first), - Some(&extra_looking_sums), + &extra_looking_sums, stark_config, ); diff --git a/evm_arithmetization/src/keccak_sponge/keccak_sponge_stark.rs b/evm_arithmetization/src/keccak_sponge/keccak_sponge_stark.rs index 73418c40f..056016830 100644 --- a/evm_arithmetization/src/keccak_sponge/keccak_sponge_stark.rs +++ b/evm_arithmetization/src/keccak_sponge/keccak_sponge_stark.rs @@ -4,6 +4,7 @@ use core::marker::PhantomData; use core::mem::size_of; use itertools::Itertools; +use num::integer::div_ceil; use plonky2::field::extension::{Extendable, FieldExtension}; use plonky2::field::packed::PackedField; use plonky2::field::polynomial::PolynomialValues; diff --git a/evm_arithmetization/src/prover.rs b/evm_arithmetization/src/prover.rs index 6ab08896f..1bc618a35 100644 --- a/evm_arithmetization/src/prover.rs +++ b/evm_arithmetization/src/prover.rs @@ -1,34 +1,51 @@ +use std::iter::once; use std::sync::atomic::{AtomicBool, Ordering}; use std::sync::Arc; -use anyhow::{anyhow, Result}; +use anyhow::{anyhow, ensure, Result}; use itertools::Itertools; use once_cell::sync::Lazy; +use plonky2::batch_fri::oracle::BatchFriOracle; use plonky2::field::extension::Extendable; use plonky2::field::goldilocks_field::GoldilocksField; -use plonky2::field::polynomial::PolynomialValues; +use plonky2::field::packable::Packable; +use plonky2::field::packed::PackedField; +use plonky2::field::polynomial::{PolynomialCoeffs, PolynomialValues}; use plonky2::field::types::Field; use plonky2::fri::oracle::PolynomialBatch; +use plonky2::fri::reduction_strategies::FriReductionStrategy; +use plonky2::fri::structure::FriInstanceInfo; +use plonky2::fri::FriConfig; use plonky2::hash::hash_types::RichField; use plonky2::hash::merkle_tree::MerkleCap; use plonky2::iop::challenger::Challenger; use plonky2::plonk::config::{GenericConfig, GenericHashOut}; +use plonky2::plonk::proof::ProofWithPublicInputs; use plonky2::timed; use plonky2::util::timing::TimingTree; use serde::{Deserialize, Serialize}; use starky::config::StarkConfig; -use starky::cross_table_lookup::{get_ctl_data, CtlData}; -use starky::lookup::GrandProductChallengeSet; -use starky::proof::{MultiProof, StarkProofWithMetadata}; -use starky::prover::prove_with_commitment; +use starky::cross_table_lookup::{get_ctl_auxiliary_polys, get_ctl_data, CtlData}; +use starky::lookup::{lookup_helper_columns, GrandProductChallengeSet}; +use starky::proof::{ + MultiProof, StarkOpeningSet, StarkProof, StarkProofWithMetadata, StarkProofWithPublicInputs, +}; +use starky::prover::{compute_quotient_polys, prove_with_commitment}; use starky::stark::Stark; -use crate::all_stark::{AllStark, Table, NUM_TABLES}; +use crate::all_stark::{all_cross_table_lookups, AllStark, Table, NUM_TABLES}; +use crate::arithmetic::arithmetic_stark::ArithmeticStark; +use crate::byte_packing::byte_packing_stark::BytePackingStark; +use crate::cpu::cpu_stark::CpuStark; use crate::cpu::kernel::aggregator::KERNEL; use crate::cpu::kernel::interpreter::{set_registers_and_run, ExtraSegmentData, Interpreter}; use crate::generation::state::{GenerationState, State}; use crate::generation::{generate_traces, GenerationInputs}; use crate::get_challenges::observe_public_values; +use crate::keccak::keccak_stark::KeccakStark; +use crate::keccak_sponge::keccak_sponge_stark::KeccakSpongeStark; +use crate::logic::LogicStark; +use crate::memory::memory_stark::MemoryStark; use crate::memory::segments::Segment; use crate::proof::{AllProof, MemCap, PublicValues, RegistersData}; use crate::witness::memory::{MemoryAddress, MemoryState}; @@ -66,6 +83,22 @@ impl GenerationSegmentData { } } +pub(crate) fn zkevm_fast_config() -> StarkConfig { + StarkConfig { + security_bits: 100, + num_challenges: 2, + fri_config: FriConfig { + rate_bits: 1, + cap_height: 4, + proof_of_work_bits: 16, + // This strategy allows us to hit all intermediary STARK leaves while going through the + // batched Field Merkle Trees. + reduction_strategy: FriReductionStrategy::Fixed(vec![3, 2, 2, 1, 2, 3, 4, 4, 2]), + num_query_rounds: 84, + }, + } +} + /// Generate traces, then create all STARK proofs. pub fn prove( all_stark: &AllStark, @@ -249,6 +282,757 @@ type ProofWithMemCaps = ( MerkleCap, ); +/// Compute all STARK proofs. STARK-batching version. +pub(crate) fn prove_with_traces_batch( + all_stark: &AllStark, + config: &StarkConfig, + trace_poly_values: [Vec>; NUM_TABLES], + public_values: PublicValues, + timing: &mut TimingTree, + abort_signal: Option>, +) -> Result> +where + F: RichField + Extendable, + P: PackedField, + C: GenericConfig, +{ + let rate_bits = config.fri_config.rate_bits; + let cap_height = config.fri_config.cap_height; + + let trace_poly_values_sorted: [_; NUM_TABLES] = Table::all_sorted() + .iter() + .map(|&table| trace_poly_values[*table].clone()) + .collect::>() + .try_into() + .unwrap(); + + // We compute the Field Merkle Tree of all STARK traces. + let trace_polys_values_sorted_flat = trace_poly_values_sorted + .clone() + .into_iter() + .flatten() + .collect(); + let trace_commitment = timed!( + timing, + "compute trace commitments", + BatchFriOracle::::from_values( + trace_polys_values_sorted_flat, + rate_bits, + false, + cap_height, + timing, + &[None; NUM_TABLES], + ) + ); + + let mut challenger = Challenger::::new(); + challenger.observe_cap(&trace_commitment.batch_merkle_tree.cap); + + observe_public_values::(&mut challenger, &public_values) + .map_err(|_| anyhow::Error::msg("Invalid conversion of public values."))?; + + // For each STARK, compute its cross-table lookup Z polynomials and get the + // associated `CtlData`. + let (ctl_challenges, ctl_data_per_table) = timed!( + timing, + "compute CTL data", + get_ctl_data::( + config, + &trace_poly_values, + &all_stark.cross_table_lookups, + &mut challenger, + all_stark.arithmetic_stark.constraint_degree() + ) + ); + + check_abort_signal(abort_signal)?; + let lookup_challenges = ctl_challenges + .challenges + .iter() + .map(|ch| ch.beta) + .collect::>(); + + let auxiliary_columns = all_auxiliary_columns::( + all_stark, + config, + &trace_poly_values, + &ctl_data_per_table, + &ctl_challenges, + ); + + // We compute the Field Merkle Tree of all auxiliary columns. + let auxiliary_columns_sorted: Vec<_> = Table::all_sorted() + .iter() + .map(|&table| auxiliary_columns[*table].clone()) + .collect(); + let auxiliary_columns_sorted_flat = auxiliary_columns_sorted + .clone() + .into_iter() + .flatten() + .collect(); + let auxiliary_commitment = timed!( + timing, + "compute auxiliary commitments", + BatchFriOracle::::from_values( + auxiliary_columns_sorted_flat, + rate_bits, + false, + cap_height, + timing, + &[None; NUM_TABLES], + ) + ); + challenger.observe_cap(&auxiliary_commitment.batch_merkle_tree.cap); + + // Quotient polynomials. + let alphas = challenger.get_n_challenges(config.num_challenges); + let quotient_polys = all_quotient_polys::( + all_stark, + &trace_commitment, + &auxiliary_commitment, + &auxiliary_columns, + None, + &ctl_data_per_table, + alphas.clone(), + config, + ); + + // We compute the Field Merkle Tree of all quotient polynomials. + let quotient_polys_sorted: Vec<_> = Table::all_sorted() + .iter() + .map(|&table| quotient_polys[*table].clone()) + .collect(); + let quotient_polys_sorted_flat = quotient_polys_sorted + .clone() + .into_iter() + .flatten() + .collect(); + let quotient_commitment = timed!( + timing, + "compute quotient commitments", + BatchFriOracle::::from_coeffs( + quotient_polys_sorted_flat, + rate_bits, + false, + cap_height, + timing, + &[None; NUM_TABLES], + ) + ); + challenger.observe_cap("ient_commitment.batch_merkle_tree.cap); + + let zeta = challenger.get_extension_challenge::(); + + // To avoid leaking witness data, we want to ensure that our opening locations, + // `zeta` and `g * zeta`, are not in our subgroup `H`. It suffices to check + // `zeta` only, since `(g * zeta)^n = zeta^n`, where `n` is the order of + // `g`. + let degree_bits = trace_commitment.degree_bits[0]; + let g = F::primitive_root_of_unity(degree_bits); + ensure!( + zeta.exp_power_of_2(degree_bits) != F::Extension::ONE, + "Opening point is in the subgroup." + ); + + let mut all_fri_instances = all_fri_instance_info( + all_stark, + &trace_commitment, + &auxiliary_commitment, + &ctl_data_per_table, + alphas, + zeta, + config, + ); + + // Get the FRI openings and observe them. + // Compute all openings: evaluate all committed polynomials at `zeta` and, when + // necessary, at `g * zeta`. + // TODO: Need batched openings. + let openings = StarkOpeningSet { + local_values: Vec::new(), + next_values: Vec::new(), + auxiliary_polys: None, + auxiliary_polys_next: None, + ctl_zs_first: None, + quotient_polys: None, + }; + + challenger.observe_openings(&openings.to_fri_openings()); + + let initial_merkle_trees = [ + &trace_commitment, + &auxiliary_commitment, + "ient_commitment, + ]; + + let opening_proof = BatchFriOracle::prove_openings( + &Table::all_degree_logs(), + &all_fri_instances, + &initial_merkle_trees, + &mut challenger, + &config.fri_params(degree_bits), + timing, + ); + + // This is an expensive check, hence is only run when `debug_assertions` are + // enabled. + #[cfg(debug_assertions)] + { + use hashbrown::HashMap; + use starky::cross_table_lookup::debug_utils::check_ctls; + + use crate::verifier::debug_utils::get_memory_extra_looking_values; + + let mut extra_values = HashMap::new(); + extra_values.insert( + *Table::Memory, + get_memory_extra_looking_values(&public_values), + ); + check_ctls( + &trace_poly_values_sorted, + &all_stark.cross_table_lookups, + &extra_values, + ); + } + + let stark_proof = StarkProof { + trace_cap: trace_commitment.batch_merkle_tree.cap.clone(), + auxiliary_polys_cap: Some(auxiliary_commitment.batch_merkle_tree.cap), + quotient_polys_cap: Some(quotient_commitment.batch_merkle_tree.cap), + openings, + opening_proof, + }; + + Ok(StarkProofWithPublicInputs { + proof: stark_proof, + public_inputs: vec![], + }) +} + +/// Generates all auxiliary columns. +fn all_auxiliary_columns( + all_stark: &AllStark, + config: &StarkConfig, + trace_poly_values: &[Vec>; NUM_TABLES], + ctl_data_per_table: &[CtlData; NUM_TABLES], + ctl_challenges: &GrandProductChallengeSet, +) -> Vec>> +where + F: RichField + Extendable, + C: GenericConfig, +{ + let mut res = Vec::new(); + + // Arithmetic. + res.push(auxiliary_columns_single_stark::< + F, + C, + ArithmeticStark, + D, + >( + all_stark.arithmetic_stark, + config, + &trace_poly_values[*Table::Arithmetic], + &ctl_data_per_table[*Table::Arithmetic], + ctl_challenges, + )); + + // BytePacking. + res.push(auxiliary_columns_single_stark::< + F, + C, + BytePackingStark, + D, + >( + all_stark.byte_packing_stark, + config, + &trace_poly_values[*Table::BytePacking], + &ctl_data_per_table[*Table::BytePacking], + ctl_challenges, + )); + + // Cpu. + res.push(auxiliary_columns_single_stark::, D>( + all_stark.cpu_stark, + config, + &trace_poly_values[*Table::Cpu], + &ctl_data_per_table[*Table::Cpu], + ctl_challenges, + )); + + // Keccak. + res.push( + auxiliary_columns_single_stark::, D>( + all_stark.keccak_stark, + config, + &trace_poly_values[*Table::Keccak], + &ctl_data_per_table[*Table::Keccak], + ctl_challenges, + ), + ); + + // KeccakSponge. + res.push(auxiliary_columns_single_stark::< + F, + C, + KeccakSpongeStark, + D, + >( + all_stark.keccak_sponge_stark, + config, + &trace_poly_values[*Table::KeccakSponge], + &ctl_data_per_table[*Table::KeccakSponge], + ctl_challenges, + )); + + // Logic. + res.push(auxiliary_columns_single_stark::, D>( + all_stark.logic_stark, + config, + &trace_poly_values[*Table::Logic], + &ctl_data_per_table[*Table::Logic], + ctl_challenges, + )); + + // Memory. + res.push( + auxiliary_columns_single_stark::, D>( + all_stark.memory_stark, + config, + &trace_poly_values[*Table::Memory], + &ctl_data_per_table[*Table::Memory], + ctl_challenges, + ), + ); + + res +} + +fn auxiliary_columns_single_stark( + stark: S, + config: &StarkConfig, + trace_poly_values: &[PolynomialValues], + ctl_data: &CtlData, + ctl_challenges: &GrandProductChallengeSet, +) -> Vec> +where + F: RichField + Extendable, + C: GenericConfig, + S: Stark, +{ + let rate_bits = config.fri_config.rate_bits; + let constraint_degree = stark.constraint_degree(); + assert!( + constraint_degree <= (1 << rate_bits) + 1, + "The degree of the Stark constraints must be <= blowup_factor + 1" + ); + + let lookup_challenges: Vec<_> = ctl_challenges.challenges.iter().map(|ch| ch.beta).collect(); + // Add lookup columns. + let lookups = stark.lookups(); + let mut res = { + let mut columns = Vec::new(); + for lookup in &lookups { + for &challenge in lookup_challenges.iter() { + columns.extend(lookup_helper_columns( + lookup, + trace_poly_values, + challenge, + constraint_degree, + )); + } + } + columns + }; + let num_lookup_columns = res.len(); + + // Add CTL columns. + if let Some(p) = get_ctl_auxiliary_polys(Some(ctl_data)) { + res.extend(p); + } + + debug_assert!( + (stark.uses_lookups() || stark.requires_ctls()) || get_ctl_auxiliary_polys(Some(ctl_data)).is_none(), + "There should be auxiliary polynomials if and only if we have either lookups or require cross-table lookups." + ); + + res +} + +/// Generates all quotient polynomials. +fn all_quotient_polys( + all_stark: &AllStark, + trace_commitment: &BatchFriOracle, + auxiliary_commitment: &BatchFriOracle, + all_auxiliary_columns: &Vec>>, + lookup_challenges: Option<&Vec>, + ctl_data_per_table: &[CtlData; NUM_TABLES], + alphas: Vec, + config: &StarkConfig, +) -> Vec>> +where + F: RichField + Extendable, + P: PackedField, + C: GenericConfig, +{ + let mut res = Vec::new(); + + // This method assumes that all STARKs have distinct degrees. + // TODO: Relax this. + assert!(Table::all_degree_logs() + .windows(2) + .all(|pair| { pair[0] > pair[1] })); + + // Arithmetic. + { + let trace_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::Arithmetic]][0] + .len(); + let get_trace_packed = |index, step| { + trace_commitment.get_lde_values_packed::

(0, index, step, 0, trace_leave_len) + }; + let aux_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::Arithmetic]][0] + .len(); + let get_aux_packed = |index, step| { + auxiliary_commitment.get_lde_values_packed(0, index, step, 0, aux_leave_len) + }; + let num_lookup_columns = all_auxiliary_columns[*Table::Arithmetic].len(); + res.push( + compute_quotient_polys::, D>( + &all_stark.arithmetic_stark, + &get_trace_packed, + &get_aux_packed, + lookup_challenges, + Some(&ctl_data_per_table[*Table::Arithmetic]), + &vec![], + alphas.clone(), + Table::all_degree_logs()[Table::table_to_sorted_index()[*Table::Arithmetic]], + num_lookup_columns, + config, + ) + .expect("Couldn't compute quotient polys."), + ); + } + + // Bytepacking. + { + let trace_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::BytePacking]][0] + .len(); + let get_trace_packed = |index, step| { + trace_commitment.get_lde_values_packed::

(0, index, step, 0, trace_leave_len) + }; + let aux_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::BytePacking]][0] + .len(); + let get_aux_packed = |index, step| { + auxiliary_commitment.get_lde_values_packed(0, index, step, 0, aux_leave_len) + }; + let num_lookup_columns = all_auxiliary_columns[*Table::BytePacking].len(); + res.push( + compute_quotient_polys::, D>( + &all_stark.byte_packing_stark, + &get_trace_packed, + &get_aux_packed, + lookup_challenges, + Some(&ctl_data_per_table[*Table::BytePacking]), + &vec![], + alphas.clone(), + Table::all_degree_logs()[Table::table_to_sorted_index()[*Table::BytePacking]], + num_lookup_columns, + config, + ) + .expect("Couldn't compute quotient polys."), + ); + } + + // Cpu. + { + let trace_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::Cpu]][0] + .len(); + let get_trace_packed = |index, step| { + trace_commitment.get_lde_values_packed::

(0, index, step, 0, trace_leave_len) + }; + let aux_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::Cpu]][0] + .len(); + let get_aux_packed = |index, step| { + auxiliary_commitment.get_lde_values_packed(0, index, step, 0, aux_leave_len) + }; + let num_lookup_columns = all_auxiliary_columns[*Table::Cpu].len(); + res.push( + compute_quotient_polys::, D>( + &all_stark.cpu_stark, + &get_trace_packed, + &get_aux_packed, + lookup_challenges, + Some(&ctl_data_per_table[*Table::Cpu]), + &vec![], + alphas.clone(), + Table::all_degree_logs()[Table::table_to_sorted_index()[*Table::Cpu]], + num_lookup_columns, + config, + ) + .expect("Couldn't compute quotient polys."), + ); + } + + // Keccak. + { + let trace_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::Keccak]][0] + .len(); + let get_trace_packed = |index, step| { + trace_commitment.get_lde_values_packed::

(0, index, step, 0, trace_leave_len) + }; + let aux_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::Keccak]][0] + .len(); + let get_aux_packed = |index, step| { + auxiliary_commitment.get_lde_values_packed(0, index, step, 0, aux_leave_len) + }; + let num_lookup_columns = all_auxiliary_columns[*Table::Keccak].len(); + res.push( + compute_quotient_polys::, D>( + &all_stark.keccak_stark, + &get_trace_packed, + &get_aux_packed, + lookup_challenges, + Some(&ctl_data_per_table[*Table::Keccak]), + &vec![], + alphas.clone(), + Table::all_degree_logs()[Table::table_to_sorted_index()[*Table::Keccak]], + num_lookup_columns, + config, + ) + .expect("Couldn't compute quotient polys."), + ); + } + + // KeccakSponge. + { + let trace_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::KeccakSponge]][0] + .len(); + let get_trace_packed = |index, step| { + trace_commitment.get_lde_values_packed::

(0, index, step, 0, trace_leave_len) + }; + let aux_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::KeccakSponge]][0] + .len(); + let get_aux_packed = |index, step| { + auxiliary_commitment.get_lde_values_packed(0, index, step, 0, aux_leave_len) + }; + let num_lookup_columns = all_auxiliary_columns[*Table::KeccakSponge].len(); + res.push( + compute_quotient_polys::, D>( + &all_stark.keccak_sponge_stark, + &get_trace_packed, + &get_aux_packed, + lookup_challenges, + Some(&ctl_data_per_table[*Table::KeccakSponge]), + &vec![], + alphas.clone(), + Table::all_degree_logs()[Table::table_to_sorted_index()[*Table::KeccakSponge]], + num_lookup_columns, + config, + ) + .expect("Couldn't compute quotient polys."), + ); + } + + // Logic. + { + let trace_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::Logic]][0] + .len(); + let get_trace_packed = |index, step| { + trace_commitment.get_lde_values_packed::

(0, index, step, 0, trace_leave_len) + }; + let aux_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::Logic]][0] + .len(); + let get_aux_packed = |index, step| { + auxiliary_commitment.get_lde_values_packed(0, index, step, 0, aux_leave_len) + }; + let num_lookup_columns = all_auxiliary_columns[*Table::Logic].len(); + res.push( + compute_quotient_polys::, D>( + &all_stark.logic_stark, + &get_trace_packed, + &get_aux_packed, + lookup_challenges, + Some(&ctl_data_per_table[*Table::Logic]), + &vec![], + alphas.clone(), + Table::all_degree_logs()[Table::table_to_sorted_index()[*Table::Logic]], + num_lookup_columns, + config, + ) + .expect("Couldn't compute quotient polys."), + ); + } + + // Memory. + { + let trace_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::Memory]][0] + .len(); + let get_trace_packed = |index, step| { + trace_commitment.get_lde_values_packed::

(0, index, step, 0, trace_leave_len) + }; + let aux_leave_len = trace_commitment.batch_merkle_tree.leaves + [Table::table_to_sorted_index()[*Table::Memory]][0] + .len(); + let get_aux_packed = |index, step| { + auxiliary_commitment.get_lde_values_packed(0, index, step, 0, aux_leave_len) + }; + let num_lookup_columns = all_auxiliary_columns[*Table::Memory].len(); + res.push( + compute_quotient_polys::, D>( + &all_stark.memory_stark, + &get_trace_packed, + &get_aux_packed, + lookup_challenges, + Some(&ctl_data_per_table[*Table::Memory]), + &vec![], + alphas.clone(), + Table::all_degree_logs()[Table::table_to_sorted_index()[*Table::Memory]], + num_lookup_columns, + config, + ) + .expect("Couldn't compute quotient polys."), + ); + } + + res +} + +/// Generates all FRI instances. They are sorted by decreasing degree. +fn all_fri_instance_info( + all_stark: &AllStark, + trace_commitment: &BatchFriOracle, + auxiliary_commitment: &BatchFriOracle, + ctl_data_per_table: &[CtlData; NUM_TABLES], + alphas: Vec, + zeta: F::Extension, + config: &StarkConfig, + // ctl_data_per_table: &[CtlData; NUM_TABLES], + // ctl_challenges: &GrandProductChallengeSet, +) -> Vec> +where + F: RichField + Extendable, + C: GenericConfig, +{ + let degree_bits = Table::all_degree_logs(); + let mut res = Vec::new(); + + // Arithmetic. + { + let g = F::primitive_root_of_unity( + degree_bits[Table::table_to_sorted_index()[*Table::Arithmetic]], + ); + let num_ctl_helper_polys = ctl_data_per_table[*Table::Arithmetic].num_ctl_helper_polys(); + res.push(all_stark.arithmetic_stark.fri_instance( + zeta, + g, + num_ctl_helper_polys.iter().sum(), + num_ctl_helper_polys, + config, + )); + } + + // BytePacking. + { + let g = F::primitive_root_of_unity( + degree_bits[Table::table_to_sorted_index()[*Table::BytePacking]], + ); + let num_ctl_helper_polys = ctl_data_per_table[*Table::BytePacking].num_ctl_helper_polys(); + res.push(all_stark.byte_packing_stark.fri_instance( + zeta, + g, + num_ctl_helper_polys.iter().sum(), + num_ctl_helper_polys, + config, + )); + } + + // Cpu. + { + let g = + F::primitive_root_of_unity(degree_bits[Table::table_to_sorted_index()[*Table::Cpu]]); + let num_ctl_helper_polys = ctl_data_per_table[*Table::Cpu].num_ctl_helper_polys(); + res.push(all_stark.cpu_stark.fri_instance( + zeta, + g, + num_ctl_helper_polys.iter().sum(), + num_ctl_helper_polys, + config, + )); + } + + // Keccak. + { + let g = + F::primitive_root_of_unity(degree_bits[Table::table_to_sorted_index()[*Table::Keccak]]); + let num_ctl_helper_polys = ctl_data_per_table[*Table::Keccak].num_ctl_helper_polys(); + res.push(all_stark.keccak_stark.fri_instance( + zeta, + g, + num_ctl_helper_polys.iter().sum(), + num_ctl_helper_polys, + config, + )); + } + + // KeccakSponge. + { + let g = F::primitive_root_of_unity( + degree_bits[Table::table_to_sorted_index()[*Table::KeccakSponge]], + ); + let num_ctl_helper_polys = ctl_data_per_table[*Table::KeccakSponge].num_ctl_helper_polys(); + res.push(all_stark.keccak_sponge_stark.fri_instance( + zeta, + g, + num_ctl_helper_polys.iter().sum(), + num_ctl_helper_polys, + config, + )); + } + + // Logic. + { + let g = + F::primitive_root_of_unity(degree_bits[Table::table_to_sorted_index()[*Table::Logic]]); + let num_ctl_helper_polys = ctl_data_per_table[*Table::Logic].num_ctl_helper_polys(); + res.push(all_stark.logic_stark.fri_instance( + zeta, + g, + num_ctl_helper_polys.iter().sum(), + num_ctl_helper_polys, + config, + )); + } + + // Memory. + { + let g = + F::primitive_root_of_unity(degree_bits[Table::table_to_sorted_index()[*Table::Memory]]); + let num_ctl_helper_polys = ctl_data_per_table[*Table::Memory].num_ctl_helper_polys(); + res.push(all_stark.memory_stark.fri_instance( + zeta, + g, + num_ctl_helper_polys.iter().sum(), + num_ctl_helper_polys, + config, + )); + } + + res +} + /// Generates a proof for each STARK. /// At this stage, we have computed the trace polynomials commitments for the /// various STARKs, and we have the cross-table lookup data for each table, diff --git a/evm_arithmetization/src/verifier.rs b/evm_arithmetization/src/verifier.rs index 8a2277037..1c07d2606 100644 --- a/evm_arithmetization/src/verifier.rs +++ b/evm_arithmetization/src/verifier.rs @@ -1,5 +1,6 @@ use anyhow::{ensure, Result}; use ethereum_types::{BigEndianHash, U256}; +use hashbrown::HashMap; use itertools::Itertools; use plonky2::field::extension::Extendable; use plonky2::field::polynomial::PolynomialValues; @@ -237,12 +238,15 @@ fn verify_proof, C: GenericConfig, const // Extra sums to add to the looked last value. // Only necessary for the Memory values. - let mut extra_looking_sums = vec![vec![F::ZERO; config.num_challenges]; NUM_TABLES]; + let mut extra_looking_sums = HashMap::new(); // Memory - extra_looking_sums[Table::Memory as usize] = (0..config.num_challenges) - .map(|i| get_memory_extra_looking_sum(&public_values, ctl_challenges.challenges[i])) - .collect_vec(); + extra_looking_sums.insert( + Table::Memory as usize, + (0..config.num_challenges) + .map(|i| get_memory_extra_looking_sum(&public_values, ctl_challenges.challenges[i])) + .collect_vec(), + ); verify_cross_table_lookups::( cross_table_lookups, @@ -250,7 +254,7 @@ fn verify_proof, C: GenericConfig, const .multi_proof .stark_proofs .map(|p| p.proof.openings.ctl_zs_first.unwrap()), - Some(&extra_looking_sums), + &extra_looking_sums, config, ) }