Barretenberg: src/barretenberg/chonk/chonk.hpp Source File

// === AUDIT STATUS ===

// internal:    { status: not started, auditors: [], date: YYYY-MM-DD }

// external_1:  { status: not started, auditors: [], date: YYYY-MM-DD }

// external_2:  { status: not started, auditors: [], date: YYYY-MM-DD }

// =====================


#pragma once


#include "barretenberg/chonk/chonk_base.hpp"

#include "barretenberg/flavor/mega_zk_recursive_flavor.hpp"

#include "barretenberg/goblin/goblin.hpp"

#include "barretenberg/hypernova/hypernova_decider_prover.hpp"

#include "barretenberg/hypernova/hypernova_decider_verifier.hpp"

#include "barretenberg/hypernova/hypernova_prover.hpp"

#include "barretenberg/hypernova/hypernova_verifier.hpp"

#include "barretenberg/stdlib/honk_verifier/ultra_recursive_verifier.hpp"

#include "barretenberg/stdlib/primitives/databus/databus.hpp"

#include "barretenberg/stdlib/proof/proof.hpp"

#include "barretenberg/stdlib/special_public_inputs/special_public_inputs.hpp"

#include "barretenberg/ultra_honk/ultra_prover.hpp"

#include "barretenberg/ultra_honk/ultra_verifier.hpp"

#ifndef NDEBUG

#include "barretenberg/circuit_checker/circuit_checker.hpp"

#endif

#include <algorithm>


namespace bb {


class Chonk : public IVCBase {

    // CHONK: "Client Honk" - An UltraHonk variant with incremental folding and delayed non-native arithmetic.


  public:

    using Flavor = MegaFlavor;

    using MegaVerificationKey = Flavor::VerificationKey;

    using MegaZKVerificationKey = MegaZKFlavor::VerificationKey;

    using FF = Flavor::FF;

    using Commitment = Flavor::Commitment;

    using ProverPolynomials = Flavor::ProverPolynomials;

    using Point = Flavor::Curve::AffineElement;

    using ProverInstance = ProverInstance_<Flavor>;

    using DeciderZKProvingKey = ProverInstance_<MegaZKFlavor>;

    using VerifierInstance = VerifierInstance_<Flavor>;

    using ClientCircuit = MegaCircuitBuilder; // can only be Mega

    using ECCVMVerificationKey = bb::ECCVMFlavor::VerificationKey;

    using TranslatorVerificationKey = bb::TranslatorFlavor::VerificationKey;

    using MegaProver = UltraProver_<Flavor>;

    using MegaVerifier = UltraVerifier_<Flavor>;

    using Transcript = NativeTranscript;

    // Recursive types

    using RecursiveFlavor = MegaRecursiveFlavor_<bb::MegaCircuitBuilder>;

    using StdlibFF = RecursiveFlavor::FF;

    using RecursiveCommitment = RecursiveFlavor::Commitment;

    using RecursiveVerifierInstance = stdlib::recursion::honk::RecursiveVerifierInstance_<RecursiveFlavor>;

    using RecursiveVerificationKey = RecursiveFlavor::VerificationKey;

    using RecursiveVKAndHash = RecursiveFlavor::VKAndHash;

    using RecursiveTranscript = RecursiveFlavor::Transcript;

    using PairingPoints = stdlib::recursion::PairingPoints<stdlib::bn254<ClientCircuit>>;

    using KernelIO = bb::stdlib::recursion::honk::KernelIO;

    using HidingKernelIO = bb::stdlib::recursion::honk::HidingKernelIO<ClientCircuit>;

    using AppIO = bb::stdlib::recursion::honk::AppIO;

    using StdlibProof = stdlib::Proof<ClientCircuit>;

    using WitnessCommitments = RecursiveFlavor::WitnessCommitments;

    using DataBusDepot = stdlib::DataBusDepot<ClientCircuit>;

    using TableCommitments = std::array<RecursiveFlavor::Commitment, ClientCircuit::NUM_WIRES>;

    // Folding

    using FoldingProver = HypernovaFoldingProver;

    using FoldingVerifier = HypernovaFoldingVerifier<Flavor>;

    using RecursiveFoldingVerifier = HypernovaFoldingVerifier<RecursiveFlavor>;

    using DeciderProver = HypernovaDeciderProver;

    using RecursiveDeciderVerifier = HypernovaDeciderVerifier<RecursiveFlavor>;

    using ProverAccumulator = FoldingProver::Accumulator;

    using VerifierAccumulator = FoldingVerifier::Accumulator;

    using RecursiveVerifierAccumulator = RecursiveFoldingVerifier::Accumulator;


    struct Proof {

        HonkProof mega_proof;

        GoblinProof goblin_proof;


        static constexpr size_t PROOF_LENGTH_WITHOUT_PUB_INPUTS(size_t virtual_log_n = MegaZKFlavor::VIRTUAL_LOG_N)

        {

            return /*mega_proof*/ MegaZKFlavor::PROOF_LENGTH_WITHOUT_PUB_INPUTS(virtual_log_n) +

                   /*merge_proof*/ MERGE_PROOF_SIZE +

                   /*eccvm proof*/ ECCVMFlavor::PROOF_LENGTH_WITHOUT_PUB_INPUTS +

                   /*ipa proof*/ IPA_PROOF_LENGTH +

                   /*translator*/ TranslatorFlavor::PROOF_LENGTH_WITHOUT_PUB_INPUTS;

        }


        static constexpr size_t PROOF_LENGTH(size_t virtual_log_n = MegaZKFlavor::VIRTUAL_LOG_N)

        {

            return PROOF_LENGTH_WITHOUT_PUB_INPUTS(virtual_log_n) +

                   /*public_inputs*/ bb::HidingKernelIO::PUBLIC_INPUTS_SIZE;

        }


        size_t size() const;


        std::vector<FF> to_field_elements() const;


        static Proof from_field_elements(const std::vector<Chonk::FF>& fields);


        // TODO(https://github.com/AztecProtocol/barretenberg/issues/1299): The following msgpack methods are generic

        // and should leverage some kind of shared msgpack utility.

        msgpack::sbuffer to_msgpack_buffer() const;


        uint8_t* to_msgpack_heap_buffer() const;

        static constexpr const char MSGPACK_SCHEMA_NAME[] = "ChonkProof";


        class DeserializationError : public std::runtime_error {

          public:


            DeserializationError(const std::string& msg)

                : std::runtime_error(std::string("Chonk Proof deserialization error: ") + msg)

            {}


        };


        static Proof from_msgpack_buffer(uint8_t const*& buffer);

        static Proof from_msgpack_buffer(const msgpack::sbuffer& buffer);


        void to_file_msgpack(const std::string& filename) const;

        static Proof from_file_msgpack(const std::string& filename);


        MSGPACK_FIELDS(mega_proof, goblin_proof);

        bool operator==(const Proof& other) const = default;

    };


    struct VerificationKey {

        std::shared_ptr<MegaVerificationKey> mega;

        std::shared_ptr<ECCVMVerificationKey> eccvm;

        std::shared_ptr<TranslatorVerificationKey> translator;


        static size_t calc_num_data_types()

        {

            return MegaVerificationKey::calc_num_data_types() + ECCVMVerificationKey::calc_num_data_types() +

                   TranslatorVerificationKey::calc_num_data_types();

        }


        std::vector<bb::fr> to_field_elements() const

        {

            std::vector<bb::fr> elements;


            auto mega_elements = mega->to_field_elements();

            elements.insert(elements.end(), mega_elements.begin(), mega_elements.end());


            auto eccvm_elements = eccvm->to_field_elements();

            elements.insert(elements.end(), eccvm_elements.begin(), eccvm_elements.end());


            auto translator_elements = translator->to_field_elements();

            elements.insert(elements.end(), translator_elements.begin(), translator_elements.end());


            return elements;

        }


        size_t from_field_elements(std::span<const bb::fr> elements)

        {

            size_t read_idx = 0;


            mega = std::make_shared<MegaVerificationKey>();

            size_t mega_read = mega->from_field_elements(elements.subspan(read_idx));

            read_idx += mega_read;


            eccvm = std::make_shared<ECCVMVerificationKey>();

            size_t eccvm_read = eccvm->from_field_elements(elements.subspan(read_idx));

            read_idx += eccvm_read;


            translator = std::make_shared<TranslatorVerificationKey>();

            size_t translator_read = translator->from_field_elements(elements.subspan(read_idx));

            read_idx += translator_read;


            return read_idx;

        }


    };


    // Specifies proof type or equivalently the type of recursive verification to be performed on a given proof


    enum class QUEUE_TYPE : uint8_t {

        OINK,

        HN,

        HN_FINAL, // the final HN verification, used in hiding kernel

        HN_TAIL,  // used in tail to indicate special handling of merge for ZK

        MEGA

    };


    // An entry in the native verification queue


    struct VerifierInputs {

        std::vector<FF> proof; // oink or HN

        std::shared_ptr<MegaVerificationKey> honk_vk;

        QUEUE_TYPE type;

        bool is_kernel = false;

    };


    using VerificationQueue = std::deque<VerifierInputs>;


    // An entry in the stdlib verification queue


    struct StdlibVerifierInputs {

        StdlibProof proof; // oink or HN

        std::shared_ptr<RecursiveVKAndHash> honk_vk_and_hash;

        QUEUE_TYPE type;

        bool is_kernel = false;

    };


    using StdlibVerificationQueue = std::deque<StdlibVerifierInputs>;


  private:

    // Transcript for Chonk prover (shared between Hiding kernel, Merge, ECCVM, and Translator)

    std::shared_ptr<Transcript> transcript = std::make_shared<Transcript>();


    // Transcript to be shared across the folding of K_{i-1} (kernel), A_{i} (app)

    std::shared_ptr<Transcript> prover_accumulation_transcript = std::make_shared<Transcript>();


    size_t num_circuits; // total number of circuits to be accumulated in the IVC

  public:

    size_t num_circuits_accumulated = 0; // number of circuits accumulated so far


    ProverAccumulator prover_accumulator; // current HN prover accumulator instance


    HonkProof decider_proof; // decider proof to be verified in the Hiding kernel


    VerifierAccumulator recursive_verifier_native_accum; // native verifier accumulator used in recursive folding

#ifndef NDEBUG

    VerifierAccumulator native_verifier_accum; //  native verifier accumulator used in prover folding

    FF native_verifier_accum_hash; // hash of the native verifier accumulator when entering recursive verification

#endif


    // Set of tuples {proof, verification_key, type (Oink/HN)} to be recursively verified

    VerificationQueue verification_queue;

    // Set of tuples {stdlib_proof, stdlib_verification_key, type} corresponding to the native verification queue

    StdlibVerificationQueue stdlib_verification_queue;


    // Management of linking databus commitments between circuits in the IVC

    DataBusDepot bus_depot;


    typename MegaFlavor::CommitmentKey bn254_commitment_key;


    Goblin goblin;


    size_t get_num_circuits() const { return num_circuits; }


    // IVCBase interface

    Goblin& get_goblin() override { return goblin; }

    const Goblin& get_goblin() const override { return goblin; }


    Chonk(size_t num_circuits);


    void instantiate_stdlib_verification_queue(ClientCircuit& circuit,

                                               const std::vector<std::shared_ptr<RecursiveVKAndHash>>& input_keys = {});


    [[nodiscard("Pairing points should be accumulated")]] std::

        tuple<std::optional<RecursiveVerifierAccumulator>, std::vector<PairingPoints>, TableCommitments>

        perform_recursive_verification_and_databus_consistency_checks(

            ClientCircuit& circuit,

            const StdlibVerifierInputs& verifier_inputs,

            const std::optional<RecursiveVerifierAccumulator>& input_verifier_accumulator,

            const TableCommitments& T_prev_commitments,

            const std::shared_ptr<RecursiveTranscript>& accumulation_recursive_transcript);


    // Complete the logic of a kernel circuit (e.g. HN/merge recursive verification, databus consistency checks)

    void complete_kernel_circuit_logic(ClientCircuit& circuit);


    void accumulate(ClientCircuit& circuit, const std::shared_ptr<MegaVerificationKey>& precomputed_vk) override;


    Proof prove();


    static void hide_op_queue_accumulation_result(ClientCircuit& circuit);

    static void hide_op_queue_content_in_tail(ClientCircuit& circuit);

    static void hide_op_queue_content_in_hiding(ClientCircuit& circuit);


    static bool verify(const Proof& proof, const VerificationKey& vk);


    VerificationKey get_vk() const;


  private:

#ifndef NDEBUG

    void update_native_verifier_accumulator(const VerifierInputs& queue_entry,

                                            const std::shared_ptr<Transcript>& verifier_transcript);


    void debug_incoming_circuit(ClientCircuit& circuit,

                                const std::shared_ptr<ProverInstance>& prover_instance,

                                const std::shared_ptr<MegaVerificationKey>& precomputed_vk);

#endif


    HonkProof construct_honk_proof_for_hiding_kernel(ClientCircuit& circuit,

                                                     const std::shared_ptr<MegaVerificationKey>& verification_key);


    QUEUE_TYPE get_queue_type() const;

};


// Serialization methods for Chonk::VerificationKey


inline void read(uint8_t const*& it, Chonk::VerificationKey& vk)

{

    using serialize::read;


    size_t num_frs = Chonk::VerificationKey::calc_num_data_types();


    // Read exactly num_frs field elements from the buffer

    std::vector<bb::fr> field_elements(num_frs);

    for (auto& element : field_elements) {

        read(it, element);

    }


    // Then use from_field_elements to populate the verification key

    vk.from_field_elements(field_elements);

}


inline void write(std::vector<uint8_t>& buf, Chonk::VerificationKey const& vk)

{

    using serialize::write;


    // Convert to field elements and write them directly without length prefix

    auto field_elements = vk.to_field_elements();

    for (const auto& element : field_elements) {

        write(buf, element);

    }

}


} // namespace bb

chonk_base.hpp

circuit_checker.hpp

bb::BaseTranscript
Common transcript class for both parties. Stores the data for the current round, as well as the manif...
Definition transcript.hpp:41

bb::Chonk::Proof::DeserializationError
Definition chonk.hpp:147

bb::Chonk::Proof::DeserializationError::DeserializationError
DeserializationError(const std::string &msg)
Definition chonk.hpp:149

bb::Chonk
The IVC scheme used by the aztec client for private function execution.
Definition chonk.hpp:38

bb::Chonk::prover_accumulator
ProverAccumulator prover_accumulator
Definition chonk.hpp:262

bb::Chonk::get_goblin
Goblin & get_goblin() override
Definition chonk.hpp:287

bb::Chonk::instantiate_stdlib_verification_queue
void instantiate_stdlib_verification_queue(ClientCircuit &circuit, const std::vector< std::shared_ptr< RecursiveVKAndHash > > &input_keys={})
Instantiate a stdlib verification queue for use in the kernel completion logic.
Definition chonk.cpp:43

bb::Chonk::construct_honk_proof_for_hiding_kernel
HonkProof construct_honk_proof_for_hiding_kernel(ClientCircuit &circuit, const std::shared_ptr< MegaVerificationKey > &verification_key)
Construct a zero-knowledge proof for the Hiding kernel, which recursively verifies the last folding,...
Definition chonk.cpp:494

bb::Chonk::complete_kernel_circuit_logic
void complete_kernel_circuit_logic(ClientCircuit &circuit)
Append logic to complete a kernel circuit.
Definition chonk.cpp:221

bb::Chonk::perform_recursive_verification_and_databus_consistency_checks
std::tuple< std::optional< RecursiveVerifierAccumulator >, std::vector< PairingPoints >, TableCommitments > perform_recursive_verification_and_databus_consistency_checks(ClientCircuit &circuit, const StdlibVerifierInputs &verifier_inputs, const std::optional< RecursiveVerifierAccumulator > &input_verifier_accumulator, const TableCommitments &T_prev_commitments, const std::shared_ptr< RecursiveTranscript > &accumulation_recursive_transcript)
Populate the provided circuit with constraints for (1) recursive verification of the provided accumul...
Definition chonk.cpp:96

bb::Chonk::native_verifier_accum
VerifierAccumulator native_verifier_accum
Definition chonk.hpp:268

bb::Chonk::update_native_verifier_accumulator
void update_native_verifier_accumulator(const VerifierInputs &queue_entry, const std::shared_ptr< Transcript > &verifier_transcript)
Update native verifier accumulator. Useful for debugging.
Definition chonk.cpp:685

bb::Chonk::prove
Proof prove()
Construct a proof for the IVC, which, if verified, fully establishes its correctness.
Definition chonk.cpp:511

bb::Chonk::hide_op_queue_content_in_hiding
static void hide_op_queue_content_in_hiding(ClientCircuit &circuit)
Adds two random non-ops to the hiding kernel for zero-knowledge.
Definition chonk.cpp:484

bb::Chonk::TableCommitments
std::array< RecursiveFlavor::Commitment, ClientCircuit::NUM_WIRES > TableCommitments
Definition chonk.hpp:73

bb::Chonk::bus_depot
DataBusDepot bus_depot
Definition chonk.hpp:278

bb::Chonk::transcript
std::shared_ptr< Transcript > transcript
Definition chonk.hpp:253

bb::Chonk::num_circuits_accumulated
size_t num_circuits_accumulated
Definition chonk.hpp:260

bb::Chonk::Commitment
Flavor::Commitment Commitment
Definition chonk.hpp:46

bb::Chonk::debug_incoming_circuit
void debug_incoming_circuit(ClientCircuit &circuit, const std::shared_ptr< ProverInstance > &prover_instance, const std::shared_ptr< MegaVerificationKey > &precomputed_vk)
Definition chonk.cpp:727

bb::Chonk::decider_proof
HonkProof decider_proof
Definition chonk.hpp:264

bb::Chonk::Point
Flavor::Curve::AffineElement Point
Definition chonk.hpp:48

bb::Chonk::native_verifier_accum_hash
FF native_verifier_accum_hash
Definition chonk.hpp:269

bb::Chonk::get_num_circuits
size_t get_num_circuits() const
Definition chonk.hpp:284

bb::Chonk::QUEUE_TYPE
QUEUE_TYPE
Definition chonk.hpp:225

bb::Chonk::QUEUE_TYPE::OINK
@ OINK

bb::Chonk::QUEUE_TYPE::HN_TAIL
@ HN_TAIL

bb::Chonk::QUEUE_TYPE::HN_FINAL
@ HN_FINAL

bb::Chonk::QUEUE_TYPE::HN
@ HN

bb::Chonk::QUEUE_TYPE::MEGA
@ MEGA

bb::Chonk::get_queue_type
QUEUE_TYPE get_queue_type() const
Get queue type for the proof of a circuit about to be accumulated based on num circuits accumulated s...
Definition chonk.cpp:326

bb::Chonk::StdlibVerificationQueue
std::deque< StdlibVerifierInputs > StdlibVerificationQueue
Definition chonk.hpp:249

bb::Chonk::hide_op_queue_content_in_tail
static void hide_op_queue_content_in_tail(ClientCircuit &circuit)
Adds three random non-ops to the tail kernel for zero-knowledge.
Definition chonk.cpp:472

bb::Chonk::StdlibFF
RecursiveFlavor::FF StdlibFF
Definition chonk.hpp:60

bb::Chonk::recursive_verifier_native_accum
VerifierAccumulator recursive_verifier_native_accum
Definition chonk.hpp:266

bb::Chonk::hide_op_queue_accumulation_result
static void hide_op_queue_accumulation_result(ClientCircuit &circuit)
Add a hiding op with fully random Px, Py field elements to prevent information leakage in Translator ...
Definition chonk.cpp:460

bb::Chonk::RecursiveCommitment
RecursiveFlavor::Commitment RecursiveCommitment
Definition chonk.hpp:61

bb::Chonk::bn254_commitment_key
MegaFlavor::CommitmentKey bn254_commitment_key
Definition chonk.hpp:280

bb::Chonk::accumulate
void accumulate(ClientCircuit &circuit, const std::shared_ptr< MegaVerificationKey > &precomputed_vk) override
Perform prover work for accumulation (e.g. HN folding, merge proving)
Definition chonk.cpp:361

bb::Chonk::ClientCircuit
MegaCircuitBuilder ClientCircuit
Definition chonk.hpp:52

bb::Chonk::get_vk
VerificationKey get_vk() const
Definition chonk.cpp:674

bb::Chonk::get_goblin
const Goblin & get_goblin() const override
Definition chonk.hpp:288

bb::Chonk::num_circuits
size_t num_circuits
Definition chonk.hpp:258

bb::Chonk::VerificationQueue
std::deque< VerifierInputs > VerificationQueue
Definition chonk.hpp:240

bb::Chonk::verification_queue
VerificationQueue verification_queue
Definition chonk.hpp:273

bb::Chonk::goblin
Goblin goblin
Definition chonk.hpp:282

bb::Chonk::prover_accumulation_transcript
std::shared_ptr< Transcript > prover_accumulation_transcript
Definition chonk.hpp:256

bb::Chonk::verify
static bool verify(const Proof &proof, const VerificationKey &vk)
Definition chonk.cpp:528

bb::Chonk::stdlib_verification_queue
StdlibVerificationQueue stdlib_verification_queue
Definition chonk.hpp:275

bb::CommitmentKey
CommitmentKey object over a pairing group 𝔾₁.
Definition commitment_key.hpp:43

bb::ECCVMFlavor::VerificationKey
The verification key is responsible for storing the commitments to the precomputed (non-witnessk) pol...
Definition eccvm_flavor.hpp:818

bb::ECCVMFlavor::PROOF_LENGTH_WITHOUT_PUB_INPUTS
static constexpr size_t PROOF_LENGTH_WITHOUT_PUB_INPUTS
Definition eccvm_flavor.hpp:123

bb::Goblin
Definition goblin.hpp:23

bb::HidingKernelIO::PUBLIC_INPUTS_SIZE
static constexpr size_t PUBLIC_INPUTS_SIZE
Definition special_public_inputs.hpp:54

bb::HypernovaDeciderProver
Definition hypernova_decider_prover.hpp:15

bb::HypernovaDeciderVerifier
Definition hypernova_decider_verifier.hpp:17

bb::HypernovaFoldingProver
Definition hypernova_prover.hpp:15

bb::HypernovaFoldingProver::Accumulator
MultilinearBatchingProverClaim Accumulator
Definition hypernova_prover.hpp:21

bb::HypernovaFoldingVerifier
Definition hypernova_verifier.hpp:21

bb::HypernovaFoldingVerifier::Accumulator
MultilinearBatchingVerifierClaim< Curve > Accumulator
Definition hypernova_verifier.hpp:29

bb::IVCBase
Base class interface for IVC schemes.
Definition chonk_base.hpp:21

bb::MegaCircuitBuilder_
Definition mega_circuit_builder.hpp:19

bb::MegaFlavor::ProverPolynomials_
A container for the prover polynomials handles.
Definition mega_flavor.hpp:386

bb::MegaFlavor::VerificationKey
The verification key is responsible for storing the commitments to the precomputed (non-witness) poly...
Definition mega_flavor.hpp:467

bb::MegaFlavor::WitnessEntities_
Container for all witness polynomials used/constructed by the prover.
Definition mega_flavor.hpp:262

bb::MegaFlavor
Definition mega_flavor.hpp:33

bb::MegaFlavor::FF
Curve::ScalarField FF
Definition mega_flavor.hpp:37

bb::MegaFlavor::ProverPolynomials
ProverPolynomials_< HasZK > ProverPolynomials
Definition mega_flavor.hpp:454

bb::MegaFlavor::Commitment
Curve::AffineElement Commitment
Definition mega_flavor.hpp:39

bb::MegaRecursiveFlavor_::VerificationKey
The verification key is responsible for storing the commitments to the precomputed (non-witnessk) pol...
Definition mega_recursive_flavor.hpp:108

bb::MegaRecursiveFlavor_
The recursive counterpart to the "native" Mega flavor.
Definition mega_recursive_flavor.hpp:38

bb::MegaRecursiveFlavor_::Transcript
StdlibTranscript< CircuitBuilder > Transcript
Definition mega_recursive_flavor.hpp:48

bb::MegaRecursiveFlavor_::Commitment
typename Curve::Element Commitment
Definition mega_recursive_flavor.hpp:45

bb::MegaRecursiveFlavor_::FF
typename Curve::ScalarField FF
Definition mega_recursive_flavor.hpp:44

bb::MegaRecursiveFlavor_::VKAndHash
VKAndHash_< FF, VerificationKey > VKAndHash
Definition mega_recursive_flavor.hpp:218

bb::MegaRecursiveFlavor_::WitnessCommitments
MegaFlavor::WitnessEntities< Commitment > WitnessCommitments
A container for the witness commitments.
Definition mega_recursive_flavor.hpp:212

bb::MegaZKFlavor::PROOF_LENGTH_WITHOUT_PUB_INPUTS
static constexpr size_t PROOF_LENGTH_WITHOUT_PUB_INPUTS(size_t virtual_log_n=VIRTUAL_LOG_N)
Definition mega_zk_flavor.hpp:64

bb::MegaZKFlavor::VIRTUAL_LOG_N
static constexpr size_t VIRTUAL_LOG_N
Definition mega_zk_flavor.hpp:21

bb::NativeVerificationKey_< PrecomputedEntities< Commitment >, Transcript >::calc_num_data_types
static size_t calc_num_data_types()
Calculate the number of field elements needed for serialization.
Definition flavor.hpp:189

bb::ProverInstance_
A ProverInstance is normally constructed from a finalized circuit and it contains all the information...
Definition prover_instance.hpp:33

bb::TranslatorFlavor::VerificationKey
The verification key is responsible for storing the commitments to the precomputed (non-witnessk) pol...
Definition translator_flavor.hpp:848

bb::TranslatorFlavor::PROOF_LENGTH_WITHOUT_PUB_INPUTS
static constexpr size_t PROOF_LENGTH_WITHOUT_PUB_INPUTS
Definition translator_flavor.hpp:189

bb::UltraProver_
Definition ultra_prover.hpp:20

bb::UltraVerifier_
Definition ultra_verifier.hpp:18

bb::VKAndHash_
Definition flavor.hpp:425

bb::VerifierInstance_
The VerifierInstance encapsulates all the necessary information for a Mega Honk Verifier to verify a ...
Definition verifier_instance.hpp:19

bb::stdlib::DataBusDepot< ClientCircuit >

bb::stdlib::Proof< ClientCircuit >

bb::stdlib::recursion::honk::DefaultIO
Manages the data that is propagated on the public inputs of an application/function circuit.
Definition special_public_inputs.hpp:148

bb::stdlib::recursion::honk::HidingKernelIO
Manages the data that is propagated on the public inputs of a hiding kernel circuit.
Definition special_public_inputs.hpp:261

bb::stdlib::recursion::honk::KernelIO
Manages the data that is propagated on the public inputs of a kernel circuit.
Definition special_public_inputs.hpp:50

bb::stdlib::recursion::honk::RecursiveVerifierInstance_
The stdlib counterpart of VerifierInstance, used in recursive folding verification.
Definition recursive_verifier_instance.hpp:18

buf
uint8_t const  * buf
Definition data_store.hpp:9

buffer
uint8_t buffer[RANDOM_BUFFER_SIZE]
Definition engine.cpp:34

goblin.hpp

VerificationKey
UltraKeccakFlavor::VerificationKey VerificationKey
Definition honk_key_gen.cpp:20

hypernova_decider_prover.hpp

hypernova_decider_verifier.hpp

hypernova_prover.hpp

hypernova_verifier.hpp

mega_zk_recursive_flavor.hpp

bb::stdlib::recursion::honk::AppIO
DefaultIO< MegaCircuitBuilder > AppIO
The data that is propagated on the public inputs of an application/function circuit.
Definition special_public_inputs.hpp:205

bb
Entry point for Barretenberg command-line interface.
Definition api.hpp:5

bb::HonkProof
std::vector< fr > HonkProof
Definition proof.hpp:15

bb::write
void write(std::vector< uint8_t > &buf, Chonk::VerificationKey const &vk)
Definition chonk.hpp:366

bb::read
void read(uint8_t const *&it, Chonk::VerificationKey &vk)
Definition chonk.hpp:350

bb::NativeTranscript
BaseTranscript< FrCodec, bb::crypto::Poseidon2< bb::crypto::Poseidon2Bn254ScalarFieldParams > > NativeTranscript
Definition transcript.hpp:488

bb::MegaCircuitBuilder
MegaCircuitBuilder_< field< Bn254FrParams > > MegaCircuitBuilder
Definition circuit_builders_fwd.hpp:26

bb::vk
VerifierCommitmentKey< Curve > vk
Definition ipa.fuzzer.cpp:21

serialize::read
void read(auto &it, msgpack_concepts::HasMsgPack auto &obj)
Automatically derived read for any object that defines .msgpack() (implicitly defined by MSGPACK_FIEL...
Definition serialize.hpp:504

serialize::write
void write(auto &buf, const msgpack_concepts::HasMsgPack auto &obj)
Automatically derived write for any object that defines .msgpack() (implicitly defined by MSGPACK_FIE...
Definition serialize.hpp:526

std
STL namespace.

std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13

databus.hpp

proof.hpp

special_public_inputs.hpp

bb::Chonk::Proof
A full proof for the IVC scheme containing a Mega proof showing correctness of the Hiding kernel (whi...
Definition chonk.hpp:91

bb::Chonk::Proof::to_file_msgpack
void to_file_msgpack(const std::string &filename) const
Definition chonk.cpp:642

bb::Chonk::Proof::MSGPACK_SCHEMA_NAME
static constexpr const char MSGPACK_SCHEMA_NAME[]
Definition chonk.hpp:145

bb::Chonk::Proof::from_msgpack_buffer
static Proof from_msgpack_buffer(uint8_t const *&buffer)
Definition chonk.cpp:623

bb::Chonk::Proof::operator==
bool operator==(const Proof &other) const =default

bb::Chonk::Proof::MSGPACK_FIELDS
MSGPACK_FIELDS(mega_proof, goblin_proof)

bb::Chonk::Proof::from_file_msgpack
static Proof from_file_msgpack(const std::string &filename)
Definition chonk.cpp:653

bb::Chonk::Proof::mega_proof
HonkProof mega_proof
Definition chonk.hpp:92

bb::Chonk::Proof::size
size_t size() const
Definition chonk.cpp:554

bb::Chonk::Proof::PROOF_LENGTH
static constexpr size_t PROOF_LENGTH(size_t virtual_log_n=MegaZKFlavor::VIRTUAL_LOG_N)
The size of a Chonk proof with backend-added public inputs: HidingKernelIO.
Definition chonk.hpp:116

bb::Chonk::Proof::goblin_proof
GoblinProof goblin_proof
Definition chonk.hpp:93

bb::Chonk::Proof::from_field_elements
static Proof from_field_elements(const std::vector< Chonk::FF > &fields)
Definition chonk.cpp:571

bb::Chonk::Proof::to_field_elements
std::vector< FF > to_field_elements() const
Serialize proof to field elements.
Definition chonk.cpp:559

bb::Chonk::Proof::to_msgpack_heap_buffer
uint8_t * to_msgpack_heap_buffer() const
Very quirky method to convert a msgpack buffer to a "heap" buffer.
Definition chonk.cpp:615

bb::Chonk::Proof::to_msgpack_buffer
msgpack::sbuffer to_msgpack_buffer() const
Definition chonk.cpp:608

bb::Chonk::Proof::PROOF_LENGTH_WITHOUT_PUB_INPUTS
static constexpr size_t PROOF_LENGTH_WITHOUT_PUB_INPUTS(size_t virtual_log_n=MegaZKFlavor::VIRTUAL_LOG_N)
The size of a Chonk proof without backend-added public inputs.
Definition chonk.hpp:101

bb::Chonk::StdlibVerifierInputs
Definition chonk.hpp:243

bb::Chonk::StdlibVerifierInputs::honk_vk_and_hash
std::shared_ptr< RecursiveVKAndHash > honk_vk_and_hash
Definition chonk.hpp:245

bb::Chonk::StdlibVerifierInputs::is_kernel
bool is_kernel
Definition chonk.hpp:247

bb::Chonk::StdlibVerifierInputs::type
QUEUE_TYPE type
Definition chonk.hpp:246

bb::Chonk::StdlibVerifierInputs::proof
StdlibProof proof
Definition chonk.hpp:244

bb::Chonk::VerificationKey
Definition chonk.hpp:164

bb::Chonk::VerificationKey::calc_num_data_types
static size_t calc_num_data_types()
Calculate the number of field elements needed for serialization.
Definition chonk.hpp:173

bb::Chonk::VerificationKey::eccvm
std::shared_ptr< ECCVMVerificationKey > eccvm
Definition chonk.hpp:166

bb::Chonk::VerificationKey::from_field_elements
size_t from_field_elements(std::span< const bb::fr > elements)
Deserialize verification key from field elements.
Definition chonk.hpp:204

bb::Chonk::VerificationKey::translator
std::shared_ptr< TranslatorVerificationKey > translator
Definition chonk.hpp:167

bb::Chonk::VerificationKey::to_field_elements
std::vector< bb::fr > to_field_elements() const
Serialize verification key to field elements.
Definition chonk.hpp:183

bb::Chonk::VerificationKey::mega
std::shared_ptr< MegaVerificationKey > mega
Definition chonk.hpp:165

bb::Chonk::VerifierInputs
Definition chonk.hpp:234

bb::Chonk::VerifierInputs::type
QUEUE_TYPE type
Definition chonk.hpp:237

bb::Chonk::VerifierInputs::honk_vk
std::shared_ptr< MegaVerificationKey > honk_vk
Definition chonk.hpp:236

bb::Chonk::VerifierInputs::is_kernel
bool is_kernel
Definition chonk.hpp:238

bb::Chonk::VerifierInputs::proof
std::vector< FF > proof
Definition chonk.hpp:235

bb::GoblinProof
Definition types.hpp:20

bb::MultilinearBatchingProverClaim
Definition multilinear_batching_claims.hpp:101

bb::MultilinearBatchingVerifierClaim
Definition multilinear_batching_claims.hpp:7

bb::field< Bn254FrParams >

bb::stdlib::recursion::PairingPoints
An object storing two EC points that represent the inputs to a pairing check.
Definition pairing_points.hpp:34

ultra_prover.hpp

ultra_recursive_verifier.hpp

ultra_verifier.hpp