Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Ligero PCS #125

Closed
wants to merge 132 commits into from
Closed

Add Ligero PCS #125

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
132 commits
Select commit Hold shift + click to select a range
a4c6e2b
Stub out the PolynomialCommitment trait for Ligero
mmagician Jun 27, 2023
8f6becd
implementing matrix functionality, not tested
Antonio95 Jun 27, 2023
aa94494
further matrix functionality, commit function started
Antonio95 Jun 27, 2023
d0f00b1
testing commit signing
Antonio95 Jun 27, 2023
848933b
first part of commit function compiling
Antonio95 Jun 27, 2023
543c8e1
requested PR changes implemented
Antonio95 Jun 28, 2023
a39289d
added to_field function one-liner and tests for all existing matrix f…
Antonio95 Jun 28, 2023
d82c4e3
changed matrix-related functions from F:PrimeField to F:Field
Antonio95 Jun 28, 2023
c20d28d
Add params and generics to the Ligero constructor
mmagician Jun 28, 2023
008151b
Create a custom and default constructors for Ligero PCS struct
mmagician Jun 28, 2023
ffea25d
Merge pull request #2 from mmagician/pcs-constructor
mmagician Jun 28, 2023
91184aa
in the middle of commit function, not compiling
Antonio95 Jun 28, 2023
2941c8a
merged with ligero (constructor added)
Antonio95 Jun 28, 2023
4ef9adb
added reed-solomon encoding and a test for the fft interface
Antonio95 Jun 28, 2023
b008983
continued commit method, left placeholders for Merkle-tree parts; NOT…
Antonio95 Jun 28, 2023
c13cf28
changed reed-solomon code to receive fft_domain from caller; continue…
Antonio95 Jun 28, 2023
dd7e28f
make a Commitment struct with MT root & transcipt
mmagician Jun 28, 2023
bb3b6bb
stub out the Commitment verify method (well-formedness check)
mmagician Jun 28, 2023
1d6c30b
Ligero with a sponge for Fiat-Shamir Commitment well-formed check
mmagician Jun 28, 2023
129cbfb
use jf_primitives for IOPTranscript for FS transform
mmagician Jun 28, 2023
7183c1e
deleted settings.json file
Antonio95 Jun 29, 2023
903eaaf
Merge pull request #1 from Antonio95/commit
mmagician Jun 29, 2023
5d349b6
Merge branch 'ligero' into commitment-with-transcript
mmagician Jun 29, 2023
edae282
Merge pull request #4 from mmagician/commitment-with-transcript
mmagician Jun 29, 2023
fe63bc2
remove merge artifacts
mmagician Jun 29, 2023
d58c366
Fix getting the indices from the transcript
mmagician Jun 29, 2023
aa913ef
path verification with the random index retrieved from the transcript
mmagician Jun 29, 2023
243be3d
verify the random linear combinations in the F-S commitment check
mmagician Jun 29, 2023
4c7631d
hashing columns - WIP
mmagician Jun 29, 2023
348c88e
well_formedness_check completed, not tested
Antonio95 Jun 29, 2023
0b7ee4a
change trait bounds on C::Leaf
mmagician Jun 29, 2023
5a309e2
temp remove hash params
mmagician Jun 29, 2023
89286fe
create the MT Config params using the setup function
mmagician Jun 29, 2023
0775b24
commit finished up to leaf parameters
Antonio95 Jun 29, 2023
74c7c54
one remaining compilation error in commit: construction of the tree
Antonio95 Jun 29, 2023
092a22a
commit function compiling
Antonio95 Jun 29, 2023
64ff2d3
(self) PR review
mmagician Jun 30, 2023
958d9cc
bring back lints
mmagician Jun 30, 2023
0febe90
Merge pull request #5 from HungryCatsStudio/fix-commit
Antonio95 Jun 30, 2023
f8bed31
fmt tests
mmagician Jun 30, 2023
1b00e25
use the utils function for getting the indices, since its shared by both
mmagician Jun 30, 2023
a2addcc
write first construction tests for LigeroPCS
mmagician Jun 30, 2023
d48145f
rename hash_array -> hash_column
mmagician Jun 30, 2023
dde6fb2
remove stale code and unused imports
mmagician Jun 30, 2023
16ed2be
Merge pull request #6 from HungryCatsStudio/ligero-tests
Antonio95 Jun 30, 2023
7e0b9b2
Place params under VerifierKey
mmagician Jun 30, 2023
48e5598
Place params under CommitterKey
mmagician Jun 30, 2023
2108414
check and check_well_formedness finished and refactored
Antonio95 Jun 30, 2023
5bdee22
open implemented
Antonio95 Jun 30, 2023
90e3e53
Merge pull request #7 from HungryCatsStudio/params-trait-bounds
Antonio95 Jun 30, 2023
9987c05
just merged with the refactored generics and tests; not compiling
Antonio95 Jun 30, 2023
f896801
compiling
Antonio95 Jun 30, 2023
1d8acb9
Merge pull request #8 from HungryCatsStudio/open_and_check
mmagician Jun 30, 2023
d1a6b6c
changed access to params
Antonio95 Jun 30, 2023
f2d52b5
Merge pull request #9 from HungryCatsStudio/open_and_check2
mmagician Jun 30, 2023
614d586
test: if matrix is square, panics
mmagician Jun 30, 2023
5dcad7b
fix the indexing: should no longer panic on index out of bounds
mmagician Jun 30, 2023
500a67b
Merge pull request #10 from HungryCatsStudio/fix-matrix-from-flat
Antonio95 Jun 30, 2023
48df32f
compiling
Antonio95 Jun 30, 2023
0dfed86
added data_structures.rs
Antonio95 Jun 30, 2023
e8acdf6
Merge pull request #11 from HungryCatsStudio/refactor_prover
mmagician Jun 30, 2023
983f7e8
Call the commit function - currently failing
mmagician Jun 30, 2023
7e01340
comments on const generics are not part of doc
mmagician Jun 30, 2023
3da40e1
Use FFTs to compute Reed-Solomon encoding of the vectors
mmagician Jul 1, 2023
00a1557
Expand the FFT interface test, and add Reed-Solomon
mmagician Jul 1, 2023
aa19604
Setup should check that rho_inv is >=1
mmagician Jul 1, 2023
d1c7b62
Test that there is a large enough FFT domain on our field
mmagician Jul 1, 2023
3614b6c
fmt and remove unused imports
mmagician Jul 1, 2023
da676d3
Apply suggestions from (self) code review
mmagician Jul 1, 2023
62071b3
Swap the test field for one with large FFT domain
mmagician Jul 1, 2023
dce829c
Merge pull request #12 from HungryCatsStudio/functionality-testing
Antonio95 Jul 3, 2023
43d7fbb
Pad the leaves with zeros to create MT
mmagician Jul 3, 2023
136a639
test MT creation and proof verification
mmagician Jul 3, 2023
af8b464
Merge pull request #14 from HungryCatsStudio/mt-construction-fix
Antonio95 Jul 3, 2023
b8ca9c8
Test open & check methods
mmagician Jul 3, 2023
a6db789
test well formedness and verifier's check
mmagician Jul 3, 2023
9c91d72
bug fix: length of r should be m, not t
mmagician Jul 3, 2023
27320ec
Fix the Path checking: index into paths by loop index, not q_i
mmagician Jul 3, 2023
16ecc28
fix the transcript consistency between prover and verifier
mmagician Jul 3, 2023
d8d7132
refactor `check_linear_combinations` to take proof, m & root, not comm
mmagician Jul 3, 2023
26c0103
Merge pull request #15 from HungryCatsStudio/test-open-and-check
Antonio95 Jul 3, 2023
99fa3a7
reed solomon function and test working
Antonio95 Jul 3, 2023
e74a522
changed test bound
Antonio95 Jul 3, 2023
e31deb4
.vscode/* deleted and added to gitignore
Antonio95 Jul 3, 2023
0bd313a
Update .gitignore
mmagician Jul 3, 2023
6e9c2dd
Merge pull request #16 from HungryCatsStudio/reed-solomon
mmagician Jul 3, 2023
f510f54
adapted to new RS, now leaf index check failing
Antonio95 Jul 4, 2023
ff3b27b
non-randomised test working
Antonio95 Jul 4, 2023
7b36322
randomised test also working
Antonio95 Jul 4, 2023
4b1647f
matrix dimension computation fixed; formatted
Antonio95 Jul 4, 2023
8adde17
Merge pull request #18 from HungryCatsStudio/functionality_new_rs
Antonio95 Jul 6, 2023
660cd1d
commit now runs over all polynomials
Antonio95 Jul 6, 2023
3c5d056
changed proof type to array of former proofs (matching open())
Antonio95 Jul 6, 2023
817f566
compiling with new multi-polynomial functionality, old tests passing
Antonio95 Jul 7, 2023
f5f2f56
new tests for new multi-polynomial functionality passing
Antonio95 Jul 7, 2023
990782d
cleaned up unnecessary variables
Antonio95 Jul 7, 2023
5f9dbf3
addressed minor requested changes to the PR
Antonio95 Jul 7, 2023
5f4774d
pin dependencies to original upstreams, not forks
mmagician Jul 13, 2023
2bc0620
Merge pull request #20 from HungryCatsStudio/pin-deps
Antonio95 Jul 14, 2023
9df98d2
added expected panic messages to tests, formatted/clipped only ligero…
Antonio95 Jul 14, 2023
ba00e0a
formatted utils.rs
Antonio95 Jul 14, 2023
2c5d814
Merge pull request #19 from HungryCatsStudio/several_polynomials
mmagician Jul 14, 2023
4105abe
change the git dependency to rely on our own fork
mmagician Sep 11, 2023
1af21e5
add back newline to gitignore
mmagician Sep 11, 2023
ef6be5d
Well-formedness checks refactor (#24)
mmagician Sep 25, 2023
1e3afee
Change encoding function (#25)
mmagician Sep 25, 2023
01a0f94
Change the signature of `calculate_t`
autquis Sep 26, 2023
c61ec6d
Rebase to `ligero` and fixing callers of `calculate_t`
autquis Sep 26, 2023
498613d
Delete extra TODO
autquis Sep 26, 2023
d5b7e6f
Add sanity check for `t`
autquis Sep 26, 2023
e1e5a1f
Use `is_normal` instead of manual check
autquis Sep 26, 2023
bce0670
Delete `map_error` since it was unnecessary
autquis Sep 26, 2023
7abaffb
Add test for `calculate_t`
autquis Sep 26, 2023
7360276
Merge pull request #23 from HungryCatsStudio/what-t
mmagician Sep 26, 2023
61d58fe
Cleanup (#26)
mmagician Sep 26, 2023
356ecd8
Implementation of `setup` and `trim` + Update tests + Clean up (#28)
autquis Sep 28, 2023
d450683
Add Breakdown and Ligero to `README.md` (#27)
autquis Sep 28, 2023
2b72639
code and comments cleanup (#30)
mmagician Sep 29, 2023
845989d
Bring in remaining tests from the test suite (#29)
mmagician Sep 29, 2023
332fde5
Fix `todo()`; Move `Ligero` implementation to data_structures; minor …
mmagician Sep 29, 2023
9e40efb
Copy from `jellyfish` and patch dependency (#32)
autquis Sep 29, 2023
6ce243b
Merge branch 'master' into ligero
mmagician Sep 29, 2023
840ee52
no-std compat (#33)
mmagician Sep 29, 2023
6e2c946
Merge branch 'master' into ligero
mmagician Sep 29, 2023
46a6a85
post merge fmt
mmagician Sep 29, 2023
a46ea25
place all PhantomData in one struct
mmagician Sep 29, 2023
61f3c64
remove Debug bounds
mmagician Oct 4, 2023
44d2004
PreparedCommitment = Commitment
mmagician Oct 4, 2023
780f525
define an error string once, reuse in setup and trim
mmagician Oct 4, 2023
46a28c8
Merge branch 'master' into ligero
mmagician Oct 4, 2023
8d15d4e
LigeroPCRandomness left temporarily unimplemented
mmagician Oct 4, 2023
6f3c663
`empty` is unimplemented, so let's explicitly insert `()`
mmagician Oct 4, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 6 additions & 2 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ ark-serialize = { version = "^0.4.0", default-features = false, features = [ "de
ark-ff = { version = "^0.4.0", default-features = false }
ark-ec = { version = "^0.4.0", default-features = false }
ark-poly = {version = "^0.4.0", default-features = false }
ark-crypto-primitives = {version = "^0.4.0", default-features = false, features = ["sponge"] }
ark-crypto-primitives = { version = "^0.4.0", default-features = false, features = ["sponge","merkle_tree" ] }
ark-std = { version = "^0.4.0", default-features = false }

ark-relations = { version = "^0.4.0", default-features = false, optional = true }
Expand All @@ -25,6 +25,7 @@ hashbrown = { version = "0.13", default-features = false, optional = true }
digest = "0.10"
derivative = { version = "2", features = [ "use_core" ] }
rayon = { version = "1", optional = true }
merlin = { version = "3.0.0", default-features = false }

[dev-dependencies]
ark-ed-on-bls12-381 = { version = "^0.4.0", default-features = false }
Expand Down Expand Up @@ -52,6 +53,9 @@ r1cs = [ "ark-relations", "ark-r1cs-std", "hashbrown", "ark-crypto-primitives/r1
print-trace = [ "ark-std/print-trace" ]
parallel = [ "std", "ark-ff/parallel", "ark-ec/parallel", "ark-poly/parallel", "ark-std/parallel", "rayon" ]

[target.'cfg(target_arch = "aarch64")'.dependencies]
num-traits = { version = "0.2", default-features = false, features = ["libm"] }

[patch.crates-io]
ark-ff = { git = "https://github.com/arkworks-rs/algebra/" }
ark-ec = { git = "https://github.com/arkworks-rs/algebra/" }
Expand All @@ -60,4 +64,4 @@ ark-crypto-primitives = { git = "https://github.com/arkworks-rs/crypto-primitive
ark-r1cs-std = { git = "https://github.com/arkworks-rs/r1cs-std/" }

ark-bls12-377 = { git = "https://github.com/arkworks-rs/curves/" }
ark-bls12-381 = { git = "https://github.com/arkworks-rs/curves/" }
ark-bls12-381 = { git = "https://github.com/arkworks-rs/curves/" }
5 changes: 5 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -181,6 +181,7 @@ Unless you explicitly state otherwise, any contribution that you submit to this
[aurora-light]: https://ia.cr/2019/601
[pcd-acc]: https://ia.cr/2020/499
[pst]: https://ia.cr/2011/587
[ligero]: https://ia.cr/2022/1608

## Reference papers

Expand Down Expand Up @@ -208,6 +209,10 @@ TCC 2020
Charalampos Papamanthou, Elaine Shi, Roberto Tamassia
TCC 2013

[Ligero: Lightweight Sublinear Arguments Without a Trusted Setup][ligero]
Scott Ames, Carmit Hazay, Yuval Ishai, Muthuramakrishnan Venkitasubramaniam
CCS 2017

## Acknowledgements

This work was supported by: an Engineering and Physical Sciences Research Council grant; a Google Faculty Award; the RISELab at UC Berkeley; and donations from the Ethereum Foundation and the Interchain Foundation.
14 changes: 14 additions & 0 deletions src/error.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,17 @@ pub enum Error {
/// Index of the offending polynomial.
label: String,
},

/// This means a failure in verifying the commitment or the opening.
InvalidCommitment,

/// For PCS which rely on Fiat-Shamir to be rendered non-interactive,
/// these are errors that result from incorrect transcript manipulation.
TranscriptError,

/// This means the required soundness error bound is inherently impossible.
/// E.g., the field is not big enough.
InvalidParameters(String),
}

impl core::fmt::Display for Error {
Expand Down Expand Up @@ -179,6 +190,9 @@ impl core::fmt::Display for Error {
support up to degree ({:?})", label, poly_degree, supported_degree
),
Error::IncorrectInputLength(err) => write!(f, "{}", err),
Error::InvalidCommitment => write!(f, "Failed to verify the commitment"),
Error::TranscriptError => write!(f, "Incorrect transcript manipulation"),
Error::InvalidParameters(err) => write!(f, "{}", err),
}
}
}
Expand Down
5 changes: 5 additions & 0 deletions src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,11 @@ pub use marlin::marlin_pst13_pc;
/// [bdfg]: https://eprint.iacr.org/2020/081.pdf
pub mod streaming_kzg;

/// Scheme based on the Ligero construction in [[Ligero]][ligero].
///
/// [ligero]: https://eprint.iacr.org/2022/1608
pub mod ligero;

/// `QuerySet` is the set of queries that are to be made to a set of labeled polynomials/equations
/// `p` that have previously been committed to. Each element of a `QuerySet` is a pair of
/// `(label, (point_label, point))`, where `label` is the label of a polynomial in `p`,
Expand Down
Loading
Loading