w3f_ring_proof/
ring_verifier.rs

1use ark_ec::twisted_edwards::{Affine, TECurveConfig};
2use ark_ec::CurveGroup;
3use ark_ff::PrimeField;
4use w3f_pcs::pcs::{RawVerifierKey, PCS};
5
6use w3f_plonk_common::domain::EvaluatedDomain;
7use w3f_plonk_common::piop::VerifierPiop;
8use w3f_plonk_common::transcript::PlonkTranscript;
9use w3f_plonk_common::verifier::PlonkVerifier;
10
11use crate::piop::params::PiopParams;
12use crate::piop::{FixedColumnsCommitted, PiopVerifier, VerifierKey};
13use crate::{ArkTranscript, RingProof};
14
15pub struct RingVerifier<F, CS, Jubjub, T = ArkTranscript>
16where
17    F: PrimeField,
18    CS: PCS<F>,
19    Jubjub: TECurveConfig<BaseField = F>,
20    T: PlonkTranscript<F, CS>,
21{
22    piop_params: PiopParams<F, Jubjub>,
23    fixed_columns_committed: FixedColumnsCommitted<F, CS::C>,
24    plonk_verifier: PlonkVerifier<F, CS, T>,
25}
26
27impl<F, CS, Jubjub, T> RingVerifier<F, CS, Jubjub, T>
28where
29    F: PrimeField,
30    CS: PCS<F>,
31    Jubjub: TECurveConfig<BaseField = F>,
32    T: PlonkTranscript<F, CS>,
33{
34    pub fn init(
35        verifier_key: VerifierKey<F, CS>,
36        piop_params: PiopParams<F, Jubjub>,
37        empty_transcript: T,
38    ) -> Self {
39        let pcs_vk = verifier_key.pcs_raw_vk.prepare();
40        let plonk_verifier = PlonkVerifier::init(pcs_vk, &verifier_key, empty_transcript);
41        Self {
42            piop_params,
43            fixed_columns_committed: verifier_key.fixed_columns_committed,
44            plonk_verifier,
45        }
46    }
47
48    pub fn verify(&self, proof: RingProof<F, CS>, result: Affine<Jubjub>) -> bool {
49        let (challenges, mut rng) = self.plonk_verifier.restore_challenges(
50            &result,
51            &proof,
52            // '1' accounts for the quotient polynomial that is aggregated together with the columns
53            PiopVerifier::<F, CS::C, Affine<Jubjub>>::N_COLUMNS + 1,
54            PiopVerifier::<F, CS::C, Affine<Jubjub>>::N_CONSTRAINTS,
55        );
56        let seed = self.piop_params.seed;
57        let seed_plus_result = (seed + result).into_affine();
58        let domain_eval = EvaluatedDomain::new(
59            self.piop_params.domain.domain(),
60            challenges.zeta,
61            self.piop_params.domain.hiding,
62        );
63
64        let piop = PiopVerifier::<_, _, Affine<Jubjub>>::init(
65            domain_eval,
66            self.fixed_columns_committed.clone(),
67            proof.column_commitments.clone(),
68            proof.columns_at_zeta.clone(),
69            (seed.x, seed.y),
70            (seed_plus_result.x, seed_plus_result.y),
71        );
72
73        self.plonk_verifier
74            .verify(piop, proof, challenges, &mut rng)
75    }
76
77    pub fn piop_params(&self) -> &PiopParams<F, Jubjub> {
78        &self.piop_params
79    }
80}
w3f_ring_proof/ring_verifier.rs

w3f_ring_proof/
ring_verifier.rs
