proof-cat-core 0.1.0

Field-agnostic proof-system primitives (sumcheck, multilinear, Fiat-Shamir, Merkle) shared by proof-cat and stark-cat
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63

# proof-cat-core

Field-agnostic proof-system primitives, factored out of [proof-cat](https://github.com/MavenRain/proof-cat) so that both [PLONKish](https://github.com/MavenRain/plonkish-cat) and STARK-flavored downstreams can share them without inheriting either constraint vocabulary.

## What's in here

| Module | Purpose |
|---|---|
| [`transcript`] | Functional Fiat-Shamir transcript over SHA-256 |
| [`commit::merkle`] | Hash-based vector commitment with leaf-index domain separation |
| [`poly`] | `MultilinearPoly<F>` evaluation tables on `{0,1}^n` with partial evaluation |
| [`sumcheck`] | Sumcheck prover and verifier for multilinear polynomial sums |
| [`error`] | The shared [`Error`] enum |

## What's NOT in here

- The `Field` and `FieldBytes` traits or any concrete prime field.  Those live in [field-cat](https://github.com/MavenRain/field-cat).
- The PLONKish constraint system (`ConstraintSet`, `Expression`, `Wire`).  Those live in [plonkish-cat](https://github.com/MavenRain/plonkish-cat).
- The bridge from PLONKish constraints to sumcheck.  That stays in [proof-cat](https://github.com/MavenRain/proof-cat) as its sole remaining responsibility.

## Why a separate crate

Each of `transcript`, `commit::merkle`, `poly`, and `sumcheck` is independent of any particular constraint system.  Lifting them out lets a STARK frontend (AIR + FRI + sumcheck, in a future `stark-cat`) consume them directly, without taking a transitive dependency on `plonkish-cat`'s `ConstraintSet` / `Expression` / `Wire` vocabulary.

## Quick start

```rust
use field_cat::F101;
use proof_cat_core::{MultilinearPoly, SumcheckClaim, Transcript, sumcheck_prove};

let poly = MultilinearPoly::from_evals(vec![
    F101::new(1), F101::new(2), F101::new(3), F101::new(4),
])?;
let claim = SumcheckClaim::new(poly, F101::new(10));

let (_proof, _challenges, _transcript) =
    sumcheck_prove(&claim, Transcript::new(b"example"))?;
# Ok::<(), proof_cat_core::Error>(())
```

## Building

```bash
cargo build
cargo test
RUSTFLAGS="-D warnings" cargo clippy
cargo doc --no-deps --open
```

## Conventions

See [`CLAUDE.md`](CLAUDE.md): functional, type-driven, hand-rolled `Error` enum, no `unwrap`, no `as` casts, no `mut`, no `dyn`, no `loop`/`for`, no path dependencies.

## License

Licensed under either of:

- Apache License, Version 2.0 ([LICENSE-APACHE](LICENSE-APACHE) or <https://www.apache.org/licenses/LICENSE-2.0>)
- MIT license ([LICENSE-MIT](LICENSE-MIT) or <https://opensource.org/licenses/MIT>)

at your option.

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.