Struct snarkvm_marlin::ahp::ahp::AHPForR1CS

pub struct AHPForR1CS<F: Field, MM: MarlinMode> { /* private fields */ }

The algebraic holographic proof defined in CHMMVW19. Currently, this AHP only supports inputs of size one less than a power of 2 (i.e., of the form 2^n - 1).

Implementations

impl<F: PrimeField, MM: MarlinMode> AHPForR1CS<F, MM>

pub const INDEXER_POLYNOMIALS: [&'static str; 6]

The labels for the polynomials output by the AHP indexer.

pub const INDEXER_POLYNOMIALS_WITH_VANISHING: [&'static str; 8]

The labels for the polynomials output and vanishing polynomials by the AHP indexer.

pub const LC_WITH_ZERO_EVAL: [&'static str; 2]

The linear combinations that are statically known to evaluate to zero.

pub const PROVER_POLYNOMIALS_WITHOUT_ZK: [&'static str; 8]

The labels for the polynomials output by the AHP prover.

pub const PROVER_POLYNOMIALS_WITH_ZK: [&'static str; 9]

The labels for the polynomials output by the AHP prover.

pub fn num_formatted_public_inputs_is_admissible(num_inputs: usize) -> bool

Check that the (formatted) public input is of the form 2^n for some integer n.

pub fn formatted_public_input_is_admissible(input: &[F]) -> bool

Check that the (formatted) public input is of the form 2^n for some integer n.

pub fn max_degree(
    num_constraints: usize,
    num_variables: usize,
    num_non_zero: usize
) -> Result<usize, AHPError>

The maximum degree of polynomials produced by the indexer and prover of this protocol. The number of the variables must include the “one” variable. That is, it must be with respect to the number of formatted public inputs.

pub fn get_degree_bounds(info: &CircuitInfo<F>) -> [usize; 2]

Get all the strict degree bounds enforced in the AHP.

pub fn construct_linear_combinations<E: EvaluationsProvider<F>>(
    public_input: &[F],
    evals: &E,
    state: &VerifierState<F, MM>
) -> Result<Vec<LinearCombination<F>>, AHPError>

Construct the linear combinations that are checked by the AHP. Public input should be unformatted.

impl<F: PrimeField, MM: MarlinMode> AHPForR1CS<F, MM>

pub fn index<C: ConstraintSynthesizer<F>>(
    c: &C
) -> Result<Circuit<F, MM>, AHPError>

Generate the index for this constraint system.

impl<F: PrimeField, MM: MarlinMode> AHPForR1CS<F, MM>

pub fn prover_init<'a, C: ConstraintSynthesizer<F>>(
    index: &'a Circuit<F, MM>,
    circuit: &C
) -> Result<ProverState<'a, F, MM>, AHPError>

Initialize the AHP prover.

pub fn prover_first_round<'a, R: RngCore>(
    state: ProverState<'a, F, MM>,
    rng: &mut R
) -> Result<(ProverMessage<F>, ProverFirstOracles<F>, ProverState<'a, F, MM>), AHPError>

Output the first round message and the next state.

pub fn prover_num_first_round_oracles() -> usize

Output the number of oracles sent by the prover in the first round.

pub fn prover_first_round_degree_bounds(
    _info: &CircuitInfo<F>
) -> impl Iterator<Item = Option<usize>>

Output the degree bounds of oracles in the first round.

pub fn prover_second_round<'a, R: RngCore>(
    verifier_message: &VerifierFirstMessage<F>,
    state: ProverState<'a, F, MM>,
    _r: &mut R
) -> (ProverMessage<F>, ProverSecondOracles<F>, ProverState<'a, F, MM>)

Output the second round message and the next state.

pub fn prover_num_second_round_oracles() -> usize

Output the number of oracles sent by the prover in the second round.

pub fn prover_second_round_degree_bounds(
    info: &CircuitInfo<F>
) -> impl Iterator<Item = Option<usize>>

Output the degree bounds of oracles in the second round.

pub fn prover_third_round<'a, R: RngCore>(
    verifier_message: &VerifierSecondMessage<F>,
    prover_state: ProverState<'a, F, MM>,
    _r: &mut R
) -> Result<(ProverMessage<F>, ProverThirdOracles<F>), AHPError>

Output the third round message and the next state.

pub fn prover_num_third_round_oracles() -> usize

Output the number of oracles sent by the prover in the third round.

pub fn prover_third_round_degree_bounds(
    info: &CircuitInfo<F>
) -> impl Iterator<Item = Option<usize>>

Output the degree bounds of oracles in the third round.

impl<TargetField: PrimeField, MM: MarlinMode> AHPForR1CS<TargetField, MM>

pub fn verifier_first_round<BaseField: PrimeField, R: FiatShamirRng<TargetField, BaseField>>(
    index_info: CircuitInfo<TargetField>,
    fs_rng: &mut R
) -> Result<(VerifierFirstMessage<TargetField>, VerifierState<TargetField, MM>), AHPError>

Output the first message and next round state.

pub fn verifier_second_round<BaseField: PrimeField, R: FiatShamirRng<TargetField, BaseField>>(
    state: VerifierState<TargetField, MM>,
    fs_rng: &mut R
) -> Result<(VerifierSecondMessage<TargetField>, VerifierState<TargetField, MM>), AHPError>

Output the second message and next round state.

pub fn verifier_third_round<BaseField: PrimeField, R: FiatShamirRng<TargetField, BaseField>>(
    state: VerifierState<TargetField, MM>,
    fs_rng: &mut R
) -> Result<VerifierState<TargetField, MM>, AHPError>

Output the third message and next round state.

pub fn verifier_query_set<'a, 'b, R: RngCore>(
    state: VerifierState<TargetField, MM>,
    _: &'a mut R
) -> (QuerySet<'b, TargetField>, VerifierState<TargetField, MM>)

Output the query state and next round state.