Function verify 

pub fn verify<F: FieldBytes>(
    constraints: &ConstraintSet<F>,
    proof: &Proof<F>,
) -> Result<bool, Error>

Verify a proof of constraint satisfaction.

The verifier does not need the witness; it works entirely from the Proof (which contains Merkle-opened wire values) and the public ConstraintSet.

Protocol

1. Flatten copy constraints to polynomial form.
2. Replay the transcript and run the sumcheck verifier.
3. Verify all Merkle openings against the committed root.
4. Re-evaluate constraints from the opened wire values.
5. Check the sumcheck final evaluation matches.

Returns true if the proof is valid.

Errors

Returns an error if any verification step encounters a structural problem (wrong round count, etc.).

Examples

use field_cat::F101;
use plonkish_cat::{Constraint, ConstraintSet, Expression, Wire};
use proof_cat::{Witness, prove, verify};

// Constraint: w1 - w0 * w0 = 0  (squaring).
let expr = Expression::Wire(Wire::new(1))
    - Expression::Wire(Wire::new(0)) * Expression::Wire(Wire::new(0));
let cs = ConstraintSet::empty()
    .with_constraint(Constraint::new(expr));

// Witness: 7^2 = 49.
let proof = prove(
    &cs,
    &Witness::new(vec![F101::new(7), F101::new(49)]),
)?;

// Verification succeeds.
assert!(verify(&cs, &proof)?);