Enable batch verification (#21)

* Enable batch verification In this commit k and n are removed from CS parameters * Solving some issues with features * Address review comments * Resolve issue with CI Having issues with libfontconfig1 in linux and getrandom in wasm32
input-output-hk · Dec 27, 2024 · 6c92cc3 · 6c92cc3
1 parent 1e2a10a
commit 6c92cc3
Show file tree

Hide file tree

Showing 34 changed files with 480 additions and 429 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -17,15 +17,18 @@ jobs:
         os: [ubuntu-latest, windows-latest, macOS-latest]
         include:
           - feature_set: basic
-            features: batch,dev-graph,gadget-traces
+            features: dev-graph,gadget-traces
           - feature_set: all
-            features: batch,dev-graph,gadget-traces,test-dev-graph,thread-safe-region,sanity-checks,circuit-params
+            features: dev-graph,gadget-traces,test-dev-graph,thread-safe-region,sanity-checks,circuit-params
 
     steps:
       - uses: actions/checkout@v3
       - uses: actions-rs/toolchain@v1
         with:
           override: false
+      - name: Install libfontconfig1-dev
+        if: runner.os == 'Linux'
+        run: sudo apt-get install -y libfontconfig1-dev
       - name: Run tests
         uses: actions-rs/cargo@v1
         with:
@@ -42,6 +45,7 @@ jobs:
           - wasm32-wasi
 
     steps:
+      - run: sudo apt-get install -y libfontconfig1-dev
       - uses: actions/checkout@v3
       - uses: actions-rs/toolchain@v1
         with:
@@ -52,13 +56,14 @@ jobs:
         uses: actions-rs/cargo@v1
         with:
           command: build
-          args: --no-default-features --features batch,dev-graph,gadget-traces --target ${{ matrix.target }}
+          args: --no-default-features --features dev-graph,gadget-traces --target ${{ matrix.target }}
 
   bitrot:
     name: Bitrot check
     runs-on: ubuntu-latest
 
     steps:
+      - run: sudo apt-get install -y libfontconfig1-dev
       - uses: actions/checkout@v3
       - uses: actions-rs/toolchain@v1
         with:
@@ -75,6 +80,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
+      - run: sudo apt-get install -y libfontconfig1-dev
       - uses: actions/checkout@v3
       - uses: actions-rs/toolchain@v1
         with:
@@ -97,6 +103,7 @@ jobs:
     timeout-minutes: 30
     runs-on: ubuntu-latest
     steps:
+      - run: sudo apt-get install -y libfontconfig1-dev
       - uses: actions/checkout@v3
       - uses: actions-rs/toolchain@v1
         with:

diff --git a/.github/workflows/lints-beta.yml b/.github/workflows/lints-beta.yml
@@ -12,6 +12,7 @@ jobs:
     continue-on-error: true
 
     steps:
+      - run: sudo apt-get install -y libfontconfig1-dev
       - uses: actions/checkout@v3
       - uses: actions-rs/toolchain@v1
         with:

diff --git a/.github/workflows/lints-stable.yml b/.github/workflows/lints-stable.yml
@@ -10,6 +10,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
+      - run: sudo apt-get install -y libfontconfig1-dev
       - uses: actions/checkout@v3
       - uses: actions-rs/toolchain@v1
         with:

diff --git a/Cargo.toml b/Cargo.toml
@@ -64,14 +64,13 @@ assert_matches = "1.5"
 criterion = "0.3"
 gumdrop = "0.8"
 proptest = "1"
-rand_core = { version = "0.6", default-features = false, features = ["getrandom"] }
 serde_json = "1"
 
-[target.'cfg(all(target_arch = "wasm32", target_os = "unknown"))'.dev-dependencies]
+[target.'cfg(all(target_arch = "wasm32", target_os = "unknown"))'.dependencies]
 getrandom = { version = "0.2", features = ["js"] }
 
 [features]
-default = ["batch", "bits"]
+default = ["bits"]
 dev-graph = ["plotters", "tabbycat"]
 test-dev-graph = [
     "dev-graph",
@@ -83,7 +82,6 @@ bits = ["halo2curves/bits"]
 gadget-traces = ["backtrace"]
 thread-safe-region = []
 sanity-checks = []
-batch = ["rand_core/getrandom"]
 circuit-params = []
 cost-estimator = ["serde", "serde_derive"]
 derive_serde = ["halo2curves/derive_serde"]

diff --git a/benches/plonk.rs b/benches/plonk.rs
@@ -11,15 +11,14 @@ use rand_core::OsRng;
 use std::marker::PhantomData;
 
 use criterion::{BenchmarkId, Criterion};
+use halo2_proofs::poly::commitment::Guard;
+use halo2_proofs::poly::kzg::params::ParamsVerifierKZG;
 use halo2_proofs::poly::kzg::{params::ParamsKZG, KZGCommitmentScheme};
 use halo2_proofs::transcript::{CircuitTranscript, Transcript};
 use halo2_proofs::utils::rational::Rational;
+use halo2curves::bn256::Bn256;
 
 fn criterion_benchmark(c: &mut Criterion) {
-    /// This represents an advice column at a certain row in the ConstraintSystem
-    #[derive(Copy, Clone, Debug)]
-    pub struct Variable(Column<Advice>, usize);
-
     #[derive(Clone)]
     struct PlonkConfig {
         a: Column<Advice>,
@@ -257,13 +256,13 @@ fn criterion_benchmark(c: &mut Criterion) {
         ParamsKZG<bn256::Bn256>,
         ProvingKey<bn256::Fr, KZGCommitmentScheme<bn256::Bn256>>,
     ) {
-        let params: ParamsKZG<bn256::Bn256> = ParamsKZG::new(k);
+        let params: ParamsKZG<Bn256> = ParamsKZG::unsafe_setup(k, OsRng);
         let empty_circuit: MyCircuit<bn256::Fr> = MyCircuit {
             a: Value::unknown(),
             k,
         };
         let vk = keygen_vk(&params, &empty_circuit).expect("keygen_vk should not fail");
-        let pk = keygen_pk(&params, vk, &empty_circuit).expect("keygen_pk should not fail");
+        let pk = keygen_pk(vk, &empty_circuit).expect("keygen_pk should not fail");
         (params, pk)
     }
 
@@ -294,20 +293,19 @@ fn criterion_benchmark(c: &mut Criterion) {
     }
 
     fn verifier(
-        params: &ParamsKZG<bn256::Bn256>,
+        params: &ParamsVerifierKZG<bn256::Bn256>,
         vk: &VerifyingKey<bn256::Fr, KZGCommitmentScheme<bn256::Bn256>>,
         proof: &[u8],
     ) {
         let mut transcript = CircuitTranscript::init_from_bytes(proof);
-        assert!(
-            verify_proof::<bn256::Fr, KZGCommitmentScheme<bn256::Bn256>, _>(
-                params,
-                vk,
-                &[&[]],
-                &mut transcript
-            )
-            .is_ok()
-        );
+        assert!(prepare::<bn256::Fr, KZGCommitmentScheme<bn256::Bn256>, _>(
+            vk,
+            &[&[]],
+            &mut transcript
+        )
+        .unwrap()
+        .verify(params)
+        .is_ok());
     }
 
     let k_range = 8..=16;
@@ -345,7 +343,7 @@ fn criterion_benchmark(c: &mut Criterion) {
             BenchmarkId::from_parameter(k),
             &(&params, pk.get_vk(), &proof[..]),
             |b, &(params, vk, proof)| {
-                b.iter(|| verifier(params, vk, proof));
+                b.iter(|| verifier(&params.verifier_params(), vk, proof));
             },
         );
     }

diff --git a/examples/circuit-layout.rs b/examples/circuit-layout.rs
@@ -1,17 +1,14 @@
 use ff::Field;
+use halo2_proofs::utils::rational::Rational;
 use halo2_proofs::{
     circuit::{Cell, Layouter, Region, SimpleFloorPlanner, Value},
-    plonk::{Advice, Assigned, Circuit, Column, ConstraintSystem, Error, Fixed, TableColumn},
+    plonk::{Advice, Circuit, Column, ConstraintSystem, Error, Fixed, TableColumn},
     poly::Rotation,
 };
 use halo2curves::pasta::Fp;
 use rand_core::OsRng;
 use std::marker::PhantomData;
 
-/// This represents an advice column at a certain row in the ConstraintSystem
-#[derive(Copy, Clone, Debug)]
-pub struct Variable(Column<Advice>, usize);
-
 #[derive(Clone)]
 struct PlonkConfig {
     a: Column<Advice>,
@@ -30,10 +27,10 @@ struct PlonkConfig {
 trait StandardCs<FF: Field> {
     fn raw_multiply<F>(&self, region: &mut Region<FF>, f: F) -> Result<(Cell, Cell, Cell), Error>
     where
-        F: FnMut() -> Value<(Assigned<FF>, Assigned<FF>, Assigned<FF>)>;
+        F: FnMut() -> Value<(Rational<FF>, Rational<FF>, Rational<FF>)>;
     fn raw_add<F>(&self, region: &mut Region<FF>, f: F) -> Result<(Cell, Cell, Cell), Error>
     where
-        F: FnMut() -> Value<(Assigned<FF>, Assigned<FF>, Assigned<FF>)>;
+        F: FnMut() -> Value<(Rational<FF>, Rational<FF>, Rational<FF>)>;
     fn copy(&self, region: &mut Region<FF>, a: Cell, b: Cell) -> Result<(), Error>;
     fn lookup_table(&self, layouter: &mut impl Layouter<FF>, values: &[FF]) -> Result<(), Error>;
 }
@@ -64,7 +61,7 @@ impl<FF: Field> StandardCs<FF> for StandardPlonk<FF> {
         mut f: F,
     ) -> Result<(Cell, Cell, Cell), Error>
     where
-        F: FnMut() -> Value<(Assigned<FF>, Assigned<FF>, Assigned<FF>)>,
+        F: FnMut() -> Value<(Rational<FF>, Rational<FF>, Rational<FF>)>,
     {
         let mut value = None;
         let lhs = region.assign_advice(
@@ -101,7 +98,7 @@ impl<FF: Field> StandardCs<FF> for StandardPlonk<FF> {
     }
     fn raw_add<F>(&self, region: &mut Region<FF>, mut f: F) -> Result<(Cell, Cell, Cell), Error>
     where
-        F: FnMut() -> Value<(Assigned<FF>, Assigned<FF>, Assigned<FF>)>,
+        F: FnMut() -> Value<(Rational<FF>, Rational<FF>, Rational<FF>)>,
     {
         let mut value = None;
         let lhs = region.assign_advice(
@@ -247,7 +244,7 @@ impl<F: Field> Circuit<F> for MyCircuit<F> {
             layouter.assign_region(
                 || format!("region_{i}"),
                 |mut region| {
-                    let a: Value<Assigned<_>> = self.a.into();
+                    let a: Value<Rational<_>> = self.a.into();
                     let mut a_squared = Value::unknown();
                     let (a0, _, c0) = cs.raw_multiply(&mut region, || {
                         a_squared = a.square();

diff --git a/examples/serialization.rs b/examples/serialization.rs
@@ -5,12 +5,13 @@ use std::{
 };
 
 use ff::Field;
+use halo2_proofs::poly::commitment::Guard;
 use halo2_proofs::transcript::{CircuitTranscript, Transcript};
 use halo2_proofs::{
     circuit::{Layouter, SimpleFloorPlanner, Value},
     plonk::{
-        create_proof, keygen_pk, keygen_vk, verify_proof, Advice, Circuit, Column,
-        ConstraintSystem, Error, Fixed, Instance, ProvingKey,
+        create_proof, keygen_pk, keygen_vk, prepare, Advice, Circuit, Column, ConstraintSystem,
+        Error, Fixed, Instance, ProvingKey,
     },
     poly::{
         kzg::{params::ParamsKZG, KZGCommitmentScheme},
@@ -126,10 +127,10 @@ impl Circuit<Fr> for StandardPlonk {
 fn main() {
     let k = 4;
     let circuit = StandardPlonk(Fr::random(OsRng));
-    let params = ParamsKZG::<Bn256>::setup(k, OsRng);
+    let params = ParamsKZG::<Bn256>::unsafe_setup(k, OsRng);
     let vk = keygen_vk::<_, KZGCommitmentScheme<Bn256>, _>(&params, &circuit)
         .expect("vk should not fail");
-    let pk = keygen_pk(&params, vk, &circuit).expect("pk should not fail");
+    let pk = keygen_pk(vk, &circuit).expect("pk should not fail");
 
     let f = File::create("serialization-test.pk").unwrap();
     let mut writer = BufWriter::new(f);
@@ -166,11 +167,12 @@ fn main() {
 
     let mut transcript = CircuitTranscript::<State>::init_from_bytes(&proof[..]);
 
-    assert!(verify_proof::<Fr, KZGCommitmentScheme<Bn256>, _>(
-        &params,
+    assert!(prepare::<Fr, KZGCommitmentScheme<Bn256>, _>(
         pk.get_vk(),
         &[instances],
         &mut transcript,
     )
+    .unwrap()
+    .verify(&params.verifier_params())
     .is_ok());
 }
diff --git a/examples/vector-ops-unblinded.rs b/examples/vector-ops-unblinded.rs
@@ -5,6 +5,7 @@ use blake2b_simd::State;
 use std::marker::PhantomData;
 
 use ff::{FromUniformBytes, WithSmallOrderMulGroup};
+use halo2_proofs::poly::commitment::Guard;
 use halo2_proofs::poly::kzg::{params::ParamsKZG, KZGCommitmentScheme};
 use halo2_proofs::transcript::{CircuitTranscript, Hashable, Sampleable, Transcript};
 use halo2_proofs::{
@@ -477,9 +478,9 @@ where
         + Hashable<State>
         + Ord,
 {
-    let params = ParamsKZG::<E>::new(k);
+    let params: ParamsKZG<E> = ParamsKZG::unsafe_setup(k, OsRng);
     let vk = keygen_vk(&params, &circuit).unwrap();
-    let pk = keygen_pk(&params, vk, &circuit).unwrap();
+    let pk = keygen_pk(vk, &circuit).unwrap();
 
     let proof = {
         let mut transcript = CircuitTranscript::<State>::init();
@@ -500,12 +501,9 @@ where
     let accepted = {
         let mut transcript = CircuitTranscript::<State>::init_from_bytes(&proof[..]);
 
-        verify_proof::<E::Fr, KZGCommitmentScheme<E>, _>(
-            &params,
-            pk.get_vk(),
-            &[&[&instances]],
-            &mut transcript,
-        )
+        prepare::<E::Fr, KZGCommitmentScheme<E>, _>(pk.get_vk(), &[&[&instances]], &mut transcript)
+            .unwrap()
+            .verify(&params.verifier_params())
     };
 
     assert_eq!(accepted.is_ok(), expected);

diff --git a/rust-toolchain b/rust-toolchain
@@ -1 +1 @@
-1.76.0
+1.77.0
diff --git a/src/dev/cost_model.rs b/src/dev/cost_model.rs
@@ -268,7 +268,7 @@ fn run_mock_prover_with_fallback<F: Ord + Field + FromUniformBytes<64>, C: Circu
     circuit: &C,
     instances: Vec<Vec<F>>,
 ) -> MockProver<F> {
-    (5..25)
+    (1..25)
         .find_map(|k| {
             panic::catch_unwind(AssertUnwindSafe(|| {
                 MockProver::run(k, circuit, instances.clone()).unwrap()

diff --git a/src/dev/graph.rs b/src/dev/graph.rs
@@ -1,11 +1,12 @@
 use ff::Field;
 use tabbycat::{AttrList, Edge, GraphBuilder, GraphType, Identity, StmtList};
 
+use crate::utils::rational::Rational;
 use crate::{
     circuit::Value,
     plonk::{
-        Advice, Any, Assigned, Assignment, Challenge, Circuit, Column, ConstraintSystem, Error,
-        Fixed, FloorPlanner, Instance, Selector,
+        Advice, Any, Assignment, Challenge, Circuit, Column, ConstraintSystem, Error, Fixed,
+        FloorPlanner, Instance, Selector,
     },
 };
 
@@ -123,7 +124,7 @@ impl<F: Field> Assignment<F> for Graph {
     ) -> Result<(), Error>
     where
         V: FnOnce() -> Value<VR>,
-        VR: Into<Assigned<F>>,
+        VR: Into<Rational<F>>,
         A: FnOnce() -> AR,
         AR: Into<String>,
     {
@@ -140,7 +141,7 @@ impl<F: Field> Assignment<F> for Graph {
     ) -> Result<(), Error>
     where
         V: FnOnce() -> Value<VR>,
-        VR: Into<Assigned<F>>,
+        VR: Into<Rational<F>>,
         A: FnOnce() -> AR,
         AR: Into<String>,
     {
@@ -163,7 +164,7 @@ impl<F: Field> Assignment<F> for Graph {
         &mut self,
         _: Column<Fixed>,
         _: usize,
-        _: Value<Assigned<F>>,
+        _: Value<Rational<F>>,
     ) -> Result<(), Error> {
         Ok(())
     }

diff --git a/src/dev/graph/layout.rs b/src/dev/graph/layout.rs
@@ -106,7 +106,7 @@ impl CircuitLayout {
             cs.constants.clone(),
         )
         .unwrap();
-        let (cs, selector_polys) = cs.compress_selectors(layout.selectors);
+        let (cs, selector_polys) = cs.directly_convert_selectors_to_fixed(layout.selectors.clone());
         let non_selector_fixed_columns = cs.num_fixed_columns - selector_polys.len();
 
         // Figure out what order to render the columns in.
@@ -115,7 +115,7 @@ impl CircuitLayout {
         let column_index = |cs: &ConstraintSystem<F>, column: RegionColumn| {
             let column: Column<Any> = match column {
                 RegionColumn::Column(col) => col,
-                RegionColumn::Selector(selector) => cs.selector_map[selector.0].into(),
+                RegionColumn::Selector(_) => panic!("We shouldn't have selectors by now"),
             };
             column.index()
                 + match column.column_type() {