1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
//! proof-cat: PLONKish bridge to sumcheck proving.
//!
//! Given a [`ConstraintSet`](plonkish_cat::ConstraintSet) (the output of
//! `plonkish_cat::compile`) and a satisfying [`Witness`](prove::Witness),
//! this crate produces a cryptographic [`Proof`](prove::Proof) that the
//! witness is valid, without the verifier needing to know the witness.
//!
//! # Architecture
//!
//! ```text
//! plonkish_cat::compile(graph, path) -> ConstraintSet<F>
//! |
//! proof_cat::prove(constraints, witness)
//! |
//! Proof<F>
//! |
//! proof_cat::verify(constraints, proof)
//! |
//! Ok(true)
//! ```
//!
//! Internally the proof uses the **sumcheck protocol** over
//! multilinear polynomials, with a **Merkle tree** commitment to
//! the witness. The sumcheck protocol, Merkle commitment,
//! multilinear polynomial type, and Fiat-Shamir transcript all
//! live in [`proof_cat_core`] so they can be shared with
//! STARK-flavored downstreams.
//!
//! # Modules
//!
//! - [`prove`] -- End-to-end proof generation and verification.
//! - [`error`] -- The hand-rolled [`Error`] enum.
//!
//! Field types live in [`field_cat`]. Sumcheck, multilinear
//! polynomial, Merkle tree, and transcript primitives live in
//! [`proof_cat_core`].
pub use Error;
pub use ;