Skip to content

Commit

Permalink
implement HyperNova's DeciderEth circuit (#132)
Browse files Browse the repository at this point in the history
The HyperNova's DeciderEthCircuit follows a similar logic as Nova's one
described in
https://privacy-scaling-explorations.github.io/sonobe-docs/design/nova-decider-onchain.html
but adapted to HyperNova checks and values.
  • Loading branch information
arnaucube authored Aug 6, 2024
1 parent ecaecd4 commit f6a70fe
Show file tree
Hide file tree
Showing 8 changed files with 719 additions and 38 deletions.
1 change: 1 addition & 0 deletions folding-schemes/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ serde_json = "1.0.85"
serde = "1.0.203"
acvm = { git = "https://github.com/noir-lang/noir", rev="2b4853e", default-features = false }
arkworks_backend = { git = "https://github.com/dmpierre/arkworks_backend", branch="feat/sonobe-integration" }
log = "0.4"

# tmp import for espresso's sumcheck
espresso_subroutines = {git="https://github.com/EspressoSystems/hyperplonk", package="subroutines"}
Expand Down
35 changes: 35 additions & 0 deletions folding-schemes/src/folding/circuits/cyclefold.rs
Original file line number Diff line number Diff line change
Expand Up @@ -215,6 +215,41 @@ where
}
}

/// In-circuit representation of the Witness associated to the CommittedInstance, but with
/// non-native representation, since it is used to represent the CycleFold witness. This struct is
/// used in the Decider circuit.
#[derive(Debug, Clone)]
pub struct CycleFoldWitnessVar<C: CurveGroup> {
pub E: Vec<NonNativeUintVar<CF2<C>>>,
pub rE: NonNativeUintVar<CF2<C>>,
pub W: Vec<NonNativeUintVar<CF2<C>>>,
pub rW: NonNativeUintVar<CF2<C>>,
}

impl<C> AllocVar<CycleFoldWitness<C>, CF2<C>> for CycleFoldWitnessVar<C>
where
C: CurveGroup,
<C as ark_ec::CurveGroup>::BaseField: PrimeField,
{
fn new_variable<T: Borrow<CycleFoldWitness<C>>>(
cs: impl Into<Namespace<CF2<C>>>,
f: impl FnOnce() -> Result<T, SynthesisError>,
mode: AllocationMode,
) -> Result<Self, SynthesisError> {
f().and_then(|val| {
let cs = cs.into();

let E = Vec::new_variable(cs.clone(), || Ok(val.borrow().E.clone()), mode)?;
let rE = NonNativeUintVar::new_variable(cs.clone(), || Ok(val.borrow().rE), mode)?;

let W = Vec::new_variable(cs.clone(), || Ok(val.borrow().W.clone()), mode)?;
let rW = NonNativeUintVar::new_variable(cs.clone(), || Ok(val.borrow().rW), mode)?;

Ok(Self { E, rE, W, rW })
})
}
}

/// This is the gadget used in the AugmentedFCircuit to verify the CycleFold instances folding,
/// which checks the correct RLC of u,x,cmE,cmW (hence the name containing 'Full', since it checks
/// all the RLC values, not only the native ones). It assumes that ci2.cmE=0, ci2.u=1.
Expand Down
2 changes: 1 addition & 1 deletion folding-schemes/src/folding/circuits/nonnative/affine.rs
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ impl<C: CurveGroup> ToConstraintFieldGadget<C::ScalarField> for NonNativeAffineV

/// The out-circuit counterpart of `NonNativeAffineVar::to_constraint_field`
#[allow(clippy::type_complexity)]
fn nonnative_affine_to_field_elements<C: CurveGroup>(
pub(crate) fn nonnative_affine_to_field_elements<C: CurveGroup>(
p: C,
) -> (Vec<C::ScalarField>, Vec<C::ScalarField>) {
let affine = p.into_affine();
Expand Down
Loading

0 comments on commit f6a70fe

Please sign in to comment.