Merge

manojkgorle · Dec 8, 2024 · 4218c6e · 4218c6e
2 parents a6272ae + 75085f0
commit 4218c6e
Show file tree

Hide file tree

Showing 9 changed files with 236 additions and 28 deletions.
diff --git a/src/fields/mod.rs b/src/fields/mod.rs
@@ -22,6 +22,7 @@ impl Field {
                 "Field does not have nth root of unity where n > 2^32 or not power of two."
             );
             let mut root = FieldElement::new(1753635133440165772, self);
+
             let mut order = 1 << 32;
 
             while order != n {

diff --git a/src/fri/mod.rs b/src/fri/mod.rs
@@ -7,9 +7,9 @@ use crate::univariate_polynomial::*;
 
 //@todo pass difference quotient polynomial as a parameter too if using random secret initials
 //challenges = [alpha, beta], given by fiat shamir
-
 //@todo this has to be inside prover/main?, check once
 //boundary_q includes boundary constraints for all tables together, similarly for others
+
 pub fn combination_polynomial(
     boundary_q: Vec<Polynomial>,
     transition_q: Vec<Polynomial>,
@@ -25,7 +25,9 @@ pub fn combination_polynomial(
         FieldElement::zero(field),
         FieldElement::one(field),
     ]);
-    let degree = height;
+    let degree = height-1;
+    //@todo what should be degree here since processor and instruction table can have different heights
+    //@todo we can also pass a single vector of all quotient 
 
     for i in 0..boundary_q.clone().len() {
         let d = degree - boundary_q[i].clone().degree();
@@ -200,7 +202,7 @@ pub fn decommit_fri_layers(
 /// sends
 pub fn decommit_on_query(
     idx: usize,
-    blow_up_factor: usize,
+    blow_up_factor: usize,//expansion_f
     f_eval: Vec<&[FieldElement]>, //this contains basecodewords zipped, and extension codewords zipped
     f_merkle: Vec<&MerkleTree>, //this contains MerkleTree of base codewords zipped, and extension codewords zipped
     fri_layers: &[Vec<FieldElement>],

diff --git a/src/stark/mod.rs b/src/stark/mod.rs
@@ -1,6 +1,20 @@
 #![allow(unused_variables)]
+use io::IOTable;
+use memory::MemoryTable;
+use processor::ProcessorTable;
+use instruction::InstructionTable;
+
+use crate::merkle::*;
+use crate::channel::*;
+use crate::fri::*;
+use crate::fields::Field;
 use crate::fields::FieldElement;
+use crate::tables::*;
+use crate::univariate_polynomial::*;
+
 
+//@todo boundary, transition and terminal constraints: in all tables: should we be adding them? does that ensure they are individually zero if the sum is zero? check once
+//@todo Tipa, Tmpa, Tiea, Toea, Tpea, Tppai, Tppam, Tea, Tea' -> have to write equality amongst them, not written in terminal constraints 
 pub struct Stark<'a> {
     pub running_time: i32,
     pub memory_length: usize,
@@ -12,11 +26,110 @@ pub struct Stark<'a> {
     num_collinearity_checks: u32,
 }
 
+// prove:
+// prove parameter - matrices, inputs
+// matrices -> processor, memory, instruction, i, o -> in this order
+pub fn prove(matrices: Vec<Vec<Vec<FieldElement>>>, inputs: Vec<FieldElement>, field: Field, offset: FieldElement, expansion_f: usize){
+    let generator = field.generator().pow((1<<32)-1);
+    let order = 1<<32;
+
+    let mut processor_table  = ProcessorTable::new(field, matrices[0].clone().len() as u128, generator, order, matrices[0].clone());
+    let mut memory_table = MemoryTable::new(field, matrices[1].len() as u128, generator, order, matrices[1].clone());
+    let mut instruction_table = InstructionTable::new(field, matrices[2].len() as u128, generator, order, matrices[2].clone());
+    let mut input_table = IOTable::new(field, matrices[3].len() as u128, generator, order, matrices[3].clone());
+    let mut output_table = IOTable::new(field, matrices[4].len() as u128, generator, order, matrices[4].clone());
+
+    processor_table.pad();
+    memory_table.pad();
+    instruction_table.pad();
+    input_table.pad();
+    output_table.pad();
+
+    let processor_interpol_columns = processor_table.table.clone().interpolate_columns(vec![0,1,2,3,4,5,6]);
+    let memory_interpol_columns = memory_table.table.clone().interpolate_columns(vec![0,1,2]);
+    let instruction_interpol_columns = instruction_table.table.clone().interpolate_columns(vec![0,1,2]);
+
+    let initial_length = instruction_table.table.clone().height;
+    //all codewords are evaluated on this expanded domain that has length expanded_length
+    let expanded_length = initial_length*(expansion_f as u128);
+
+    let domain = FriDomain::new(offset, derive_omicron(generator, order, expanded_length), expanded_length);
+
+    let mut basecodewords: Vec<Vec<FieldElement>> = Vec::new();
+
+    // basecodewords vector order:
+    // processor: clk, ip, ci, ni, mp, mv, inv
+    // memory: clk, mp, mv
+    // instruction: ip, ci, ni
+    // input and output tables are public, we dont commit to those, we only check their termnal extensions after extending
+
+    for i in 0..processor_interpol_columns.clone().len(){
+        basecodewords.push(domain.evaluate(processor_interpol_columns[i].clone()));
+    }
+
+    for i in 0..memory_interpol_columns.clone().len(){
+        basecodewords.push(domain.evaluate(memory_interpol_columns[i].clone()));
+    }
+
+    for i in 0..instruction_interpol_columns.clone().len(){
+        basecodewords.push(domain.evaluate(instruction_interpol_columns[i].clone()));
+    }
+
+    //we are zipping all the base codewords (for each index in order) using concatenation
+    //@todo to_bytes function of field element is not working properly? check once
+
+    let mut basecodeword: Vec<Vec<u8>> = Vec::new();
+
+    // for i in 0..expanded_length as usize{
+    //     let mut x: Vec<Vec<u8>> = vec![];
+    //     for j in 0..basecodewords.len(){
+    //         x.push(basecodewords[j][i].to_bytes().iter().map(y:));
+    //     }
+    // }
+
+    //@todo could not find a function in channel for fiat shamir, ie sending data as string and then getting random element
+    //@todo make extend columns function return Terminal value , eg. Tipa, for every table and store it, use it to compare
+
+}
+
+// commit this codeword in merkle tree -> send to verifier, and use the merkle root in fiat shamir
+// get 11 challenges array from fiat shamir
+// use extend column function on tables -> extends the base columns to extension columns
+// interpolate extension columns of all matrices
+// evaluate these polynomials on expanded evaluation domains to give extension codewords
+// zip/concatenate the extension codewords to give one extension codeword
+// commit this codeword in merkle tree -> send to verifier, and use the merkle root in fiat shamir
+// get 2 challenges array from fiat shamir
+// use generate AIR -> generate zerofier -> generate quotient: on all tables
+// form combination polynomial from quotient polynomials and challenges array
+// evaluate combination polynomials on expanded evaluation domains to get combination codeword
+// perform fri :D, send commitments of fri functions (written in fri module) 
+// lessgooo
+
+//@todo IMP - we have interpolated columns of processor table already for commitment and fiat shamir, no need to do it again in AIR
+
+// verifier
+// verifier knows - 
+// constraints (therefore AIR)
+// zerofiers (instruction zerofiers //@todo discuss once)
+// combination polynomial equation
+// challenges of extension columns
+// challenges of composition polynomial
+// 
+// prover sends to verifier - 
+// height (whose correctness is indirectly verified through fri and degree bound)
+// base codewords merkle root, extension codewords merkle root
+// for each query (index) of verifier, prover sends respective evaluation and merkle authentication path of evaluation
+// written in fri decommit_on_query
+//
+//verifier will perform IOTable computations like extension of columns, will then send those values to prover via channel
+
+
 impl Stark<'_> {}
 
 #[cfg(test)]
 mod stark_test {
-    use crate::fields::Field;
+    use crate::fields::{Field, FieldElement};
     use crate::vm::VirtualMachine;
     #[test]
     fn test_proving() {
@@ -29,4 +142,14 @@ mod stark_test {
             vm.simulate(&program, "".to_string());
         assert_eq!(running_time as usize, processor_matrix.len());
     }
+    #[test]
+    fn helper_tests() {
+        let x = FieldElement::new(318, Field::new(421));
+        println!("{}", x);
+        let y = x.to_bytes();
+        for i in 0..y.len(){
+            print!("{}, ", y[i]);
+        }
+    }
 }
+
diff --git a/src/tables/instruction.rs b/src/tables/instruction.rs
@@ -83,15 +83,26 @@ impl InstructionTable {
         }
     }
 
-    pub fn extend_column(&mut self, rand_field_elem: u128, challenges: Vec<FieldElement>) {
-        let mut ppa = FieldElement::new(rand_field_elem, self.table.field);
-        //take randFieldElement = 1 when not implementing random secret diff constraint
-        let pea = FieldElement::zero(self.table.field);
+    pub fn extend_column(&mut self, rand_field_elem: u128, challenges: Vec<FieldElement>) ->Vec<FieldElement>{
+        let mut terminal:Vec<FieldElement>=Vec::new();
+        let mut ppa = self.table.matrix[0 as usize][Indices::Address as usize]
+        * challenges[ChallengeIndices::A as usize]
+        + self.table.matrix[0 as usize][Indices::CurrentInstruction as usize]
+        * challenges[ChallengeIndices::B as usize]
+        + self.table.matrix[0 as usize][Indices::NextInstruction as usize]
+        * challenges[ChallengeIndices::C as usize]
+        - challenges[ChallengeIndices::Alpha as usize];
+
+        let pea = self.table.matrix[0 as usize][Indices::Address as usize]
+            * challenges[ChallengeIndices::A as usize]
+        + self.table.matrix[0 as usize][Indices::CurrentInstruction as usize]
+            * challenges[ChallengeIndices::B as usize]
+        + self.table.matrix[0 as usize][Indices::NextInstruction as usize]
+            * challenges[ChallengeIndices::C as usize];
 
         self.table.matrix[0_usize][Indices::PermutationArg as usize] = ppa;
         self.table.matrix[0_usize][Indices::EvaluationArg as usize] = pea;
-        //@todo set initial value of first row of ppa and pea
-
+
         for i in 0..self.table.length - 1 {
             let weighted_sum = self.table.matrix[(i + 1) as usize][Indices::Address as usize]
                 * challenges[ChallengeIndices::A as usize]
@@ -110,7 +121,11 @@ impl InstructionTable {
                 self.table.matrix[(i + 1) as usize][Indices::EvaluationArg as usize] =
                     pea * challenges[ChallengeIndices::Eta as usize] + weighted_sum;
             }
+
         }
+        terminal.push(ppa);
+        terminal.push(pea);
+        terminal
     }
 
     pub fn generate_air(&self, challenges: Vec<FieldElement>,tppa:FieldElement,tpea:FieldElement) -> Vec<Polynomial> {
@@ -144,8 +159,9 @@ impl InstructionTable {
         let one = Polynomial::new_from_coefficients(vec![FieldElement::one(self.table.field)]);
         let mut air = vec![];
 
-        //Boundary constraint: ip=0
-        //@todo ppa and pea initial value from extended fn, see once
+        //Boundary constraint: 
+        //ip=0
+        //@todo ci  ni, ppa, pea ka bhi boundary constraint dalna hai?
 
         let boundaryair = ip.clone() + ppa.clone()
             - Polynomial::new_from_coefficients(vec![FieldElement::one(self.table.field)])

diff --git a/src/tables/io.rs b/src/tables/io.rs
@@ -38,7 +38,7 @@ impl IOTable {
 
     pub fn pad(&mut self) {}
 
-    pub fn extend_column_ea(&mut self, rand_field_elem: u128, challenge: FieldElement) {
+    pub fn extend_column_ea(&mut self, rand_field_elem: u128, challenge: FieldElement)->Vec<FieldElement> {
         let mut ea = FieldElement::new(rand_field_elem, self.table.field); // take rand_field_elem as zero if no random secret implementation
         self.table.matrix[0][1] = ea;
         for i in 0..self.table.length - 1 {
@@ -47,7 +47,12 @@ impl IOTable {
             self.table.matrix[(i + 1) as usize][1] = ea;
             //Tea = IOTable.matrix[length-1][1]
         }
+        let mut terminal: Vec<FieldElement>=Vec::new();
+        terminal.push(ea);
+        terminal
+
     }
+
 }
 
 #[cfg(test)]

diff --git a/src/tables/memory.rs b/src/tables/memory.rs
@@ -4,7 +4,7 @@ use super::{derive_omicron, roundup_npow2};
 use crate::fields::{Field, FieldElement};
 use crate::univariate_polynomial::interpolate_lagrange_polynomials;
 use crate::univariate_polynomial::Polynomial;
-pub struct Memory {
+pub struct MemoryTable {
     pub table: Table,
 }
 
@@ -37,7 +37,7 @@ pub enum ChallengeIndices {
     Eta,
 }
 
-impl Memory {
+impl MemoryTable {
     pub fn new(
         field: Field,
         length: u128,
@@ -105,7 +105,8 @@ impl Memory {
     }
 
     //the matrix taken here is padded
-    pub fn extend_column_ppa(&mut self, rand_field_elem: u128, challenges: Vec<FieldElement>) {
+    pub fn extend_column_ppa(&mut self, rand_field_elem: u128, challenges: Vec<FieldElement>)->Vec<FieldElement> {
+        let mut terminal:Vec<FieldElement>= Vec::new();
         let mut ppa = FieldElement::new(rand_field_elem, self.table.field);
         self.table.matrix[0][Indices::PermutationArg as usize] = ppa;
         for i in 0..self.table.length - 1 {
@@ -118,7 +119,18 @@ impl Memory {
                 - challenges[ChallengeIndices::Beta as usize];
             ppa *= weighted_sum;
             self.table.matrix[(i + 1) as usize][Indices::PermutationArg as usize] = ppa;
+
         }
+        let mut tppa=ppa*(self.table.matrix[self.table.length as usize][Indices::Cycle as usize]
+            * challenges[ChallengeIndices::D as usize]
+            + self.table.matrix[self.table.length as usize][Indices::MemoryPointer as usize]
+                * challenges[ChallengeIndices::E as usize]
+            + self.table.matrix[self.table.length as usize][Indices::MemoryValue as usize]
+                * challenges[ChallengeIndices::F as usize]
+            - challenges[ChallengeIndices::Beta as usize]);
+            let mut Tppa:Vec<FieldElement>=Vec::new();
+            Tppa.push(tppa);
+            Tppa
     }
 
     //this is after padding and extension
@@ -239,7 +251,7 @@ impl Memory {
 #[cfg(test)]
 mod test_memory_table {
     #![allow(unused_variables)]
-    use super::Memory;
+    use super::MemoryTable;
     use crate::fields::{Field, FieldElement};
     use crate::tables::memory::{ChallengeIndices, Indices};
     use crate::tables::Table;
@@ -256,7 +268,7 @@ mod test_memory_table {
         let (processor_matrix, memory_matrix, instruction_matrix, input_matrix, output_matrix) =
             vm.simulate(&program, "a".to_string());
         let mlen = memory_matrix.len();
-        let mut memory_table = Memory::new(
+        let mut memory_table = MemoryTable::new(
             field,
             memory_matrix.len() as u128,
             generator,
@@ -283,7 +295,7 @@ mod test_memory_table {
         let generator = field.generator();
         let order = 1 << 32;
         let zero = FieldElement::zero(field);
-        let mut mem = Memory::new(
+        let mut mem = MemoryTable::new(
             field,
             memory_matrix.len() as u128,
             generator,
@@ -334,4 +346,6 @@ mod test_memory_table {
     //         println!("{}:{}", ppa.0, i+1);
     //     }
     // }
+
+
 }