sp1-recursion-circuit 6.0.0

Recursion circuit for SP1 proof aggregation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111

use itertools::Itertools;
use sp1_derive::AlignedBorrow;
use sp1_hypercube::air::{PROOF_NONCE_NUM_WORDS, PV_DIGEST_NUM_WORDS};
use sp1_primitives::SP1Field;
use sp1_recursion_compiler::ir::{Builder, Felt};
use sp1_recursion_executor::{RecursionPublicValues, DIGEST_SIZE, NUM_PV_ELMS_TO_HASH};

use crate::{hash::Poseidon2SP1FieldHasherVariable, CircuitConfig};

#[derive(Debug, Clone, Copy, Default, AlignedBorrow)]
#[repr(C)]
pub struct RootPublicValues<T> {
    pub(crate) inner: RecursionPublicValues<T>,
}

/// Verifies the digest of a recursive public values struct.
pub(crate) fn assert_recursion_public_values_valid<C, H>(
    builder: &mut Builder<C>,
    public_values: &RecursionPublicValues<Felt<SP1Field>>,
) where
    C: CircuitConfig,
    H: Poseidon2SP1FieldHasherVariable<C>,
{
    let digest = recursion_public_values_digest::<C, H>(builder, public_values);
    for (value, expected) in public_values.digest.iter().copied().zip_eq(digest) {
        builder.assert_felt_eq(value, expected);
    }
}

/// Verifies the digest of a recursive public values struct.
pub(crate) fn recursion_public_values_digest<C, H>(
    builder: &mut Builder<C>,
    public_values: &RecursionPublicValues<Felt<SP1Field>>,
) -> [Felt<SP1Field>; DIGEST_SIZE]
where
    C: CircuitConfig,
    H: Poseidon2SP1FieldHasherVariable<C>,
{
    let pv_slice = public_values.as_array();
    H::poseidon2_hash(builder, &pv_slice[..NUM_PV_ELMS_TO_HASH])
}

/// Assert that the digest of the root public values is correct.
pub(crate) fn assert_root_public_values_valid<C, H>(
    builder: &mut Builder<C>,
    public_values: &RootPublicValues<Felt<SP1Field>>,
) where
    C: CircuitConfig,
    H: Poseidon2SP1FieldHasherVariable<C>,
{
    let expected_digest = root_public_values_digest::<C, H>(builder, &public_values.inner);
    for (value, expected) in public_values.inner.digest.iter().copied().zip_eq(expected_digest) {
        builder.assert_felt_eq(value, expected);
    }
}

/// Compute the digest of the root public values.
pub(crate) fn root_public_values_digest<C, H>(
    builder: &mut Builder<C>,
    public_values: &RecursionPublicValues<Felt<SP1Field>>,
) -> [Felt<SP1Field>; DIGEST_SIZE]
where
    C: CircuitConfig,
    H: Poseidon2SP1FieldHasherVariable<C>,
{
    let input = public_values
        .sp1_vk_digest
        .into_iter()
        .chain(public_values.committed_value_digest.into_iter().flat_map(|word| word.into_iter()))
        .chain(std::iter::once(public_values.exit_code))
        .chain(public_values.vk_root)
        .chain(public_values.proof_nonce)
        .collect::<Vec<_>>();
    H::poseidon2_hash(builder, &input)
}

impl<T> RootPublicValues<T> {
    pub const fn new(inner: RecursionPublicValues<T>) -> Self {
        Self { inner }
    }

    #[inline]
    pub const fn sp1_vk_digest(&self) -> &[T; DIGEST_SIZE] {
        &self.inner.sp1_vk_digest
    }

    #[inline]
    pub const fn committed_value_digest(&self) -> &[[T; 4]; PV_DIGEST_NUM_WORDS] {
        &self.inner.committed_value_digest
    }

    #[inline]
    pub const fn digest(&self) -> &[T; DIGEST_SIZE] {
        &self.inner.digest
    }

    #[inline]
    pub const fn exit_code(&self) -> &T {
        &self.inner.exit_code
    }

    #[inline]
    pub const fn vk_root(&self) -> &[T; DIGEST_SIZE] {
        &self.inner.vk_root
    }

    #[inline]
    pub const fn proof_nonce(&self) -> &[T; PROOF_NONCE_NUM_WORDS] {
        &self.inner.proof_nonce
    }
}