wip: bundle proof

Signed-off-by: noelwei <[email protected]>

prover/src/aggregator/prover.rs

@@ -175,7 +175,7 @@ impl Prover {
             .batch_proofs
             .clone()
             .into_iter()
-            .map(BatchProof::to_snark)
+            .map(|proof|proof.into())
             .collect::<Vec<_>>();
 
         let layer5_snark = self.prover_impl.load_or_gen_recursion_snark(
@@ -197,7 +197,7 @@ impl Prover {
 
         self.check_bundle_vk();
 
-        let bundle_proof = BundleProof::new(layer6_evm_proof.proof);
+        let bundle_proof : BundleProof = layer6_evm_proof.proof.into();
         if let Some(output_dir) = output_dir {
             bundle_proof.dump(output_dir, "recursion")?;
         }

prover/src/aggregator/verifier.rs

@@ -6,6 +6,7 @@ use crate::{
     proof::BundleProof,
     BatchProof,
 };
+use snark_verifier_sdk::Snark;
 use aggregator::CompressionCircuit;
 use halo2_proofs::{
     halo2curves::bn256::{Bn256, G1Affine},
@@ -49,8 +50,8 @@ impl Verifier {
         }
     }
 
-    pub fn verify_batch_proof(&self, batch_proof: BatchProof) -> bool {
-        self.inner.verify_snark(batch_proof.to_snark())
+    pub fn verify_batch_proof(&self, snark: impl Into<Snark>) -> bool {
+        self.inner.verify_snark(snark.into())
     }
 
     pub fn verify_bundle_proof(&self, bundle_proof: BundleProof) -> bool {

prover/src/proof/batch.rs

@@ -16,6 +16,19 @@ pub struct BatchProof {
     pub batch_header: BatchHeader,
 }
 
+impl From<BatchProof> for Snark {
+    fn from(value: BatchProof) -> Self {
+        let instances = value.proof.instances();
+        let protocol = serde_json::from_slice::<Protocol<G1Affine>>(&value.protocol).unwrap();
+
+        Self {
+            protocol,
+            proof: value.proof.proof,
+            instances,
+        }        
+    }
+}
+
 impl BatchProof {
     pub fn new(
         snark: Snark,
@@ -43,17 +56,6 @@ impl BatchProof {
 
         dump_as_json(dir, &filename, &self)
     }
-
-    pub fn to_snark(self) -> Snark {
-        let instances = self.proof.instances();
-        let protocol = serde_json::from_slice::<Protocol<G1Affine>>(&self.protocol).unwrap();
-
-        Snark {
-            protocol,
-            proof: self.proof.proof,
-            instances,
-        }
-    }
 }
 
 fn dump_filename(name: &str) -> String {

prover/src/proof/bundle.rs

@@ -1,35 +1,65 @@
-use super::{dump_as_json, dump_data, dump_vk};
+use super::{dump_as_json, dump_data, dump_vk, serialize_instance};
 use crate::{utils::short_git_version, Proof};
 use anyhow::Result;
 use serde_derive::{Deserialize, Serialize};
 
 // 3 limbs per field element, 4 field elements
 const ACC_LEN: usize = 12;
 
-// - chain id
+// - Accmulator (4*LIMBS)
+// - PREPROCESS_DIGEST, ROUND
 // - (hi, lo) finalised state root
 // - (hi, lo) finalised batch hash
 // - (hi, lo) pending state root
-// - (hi, lo) pending withdraw root
 // - (hi, lo) pending batch hash
-const PI_LEN: usize = 11;
+// - chain id
+// - (hi, lo) pending withdraw root
+// - bundle count
+
+const PI_LEN: usize = 13;
 
 const ACC_BYTES: usize = ACC_LEN * 32;
 const PI_BYTES: usize = PI_LEN * 32;
 
 #[derive(Clone, Debug, Deserialize, Serialize)]
 pub struct BundleProof {
     #[serde(flatten)]
-    raw: Proof,
+    on_chain_proof: Proof,
 }
 
-impl BundleProof {
-    pub fn new(proof: Proof) -> Self {
-        Self { raw: proof }
+impl From<Proof> for BundleProof {
+    fn from(proof: Proof) -> Self {
+        let instances = proof.instances();
+        assert_eq!(instances.len(), 1);
+        assert_eq!(instances[0].len(), ACC_LEN + PI_LEN);
+
+        let vk = proof.vk;
+        let git_version = proof.git_version;
+
+        // "onchain proof" = accumulator + proof
+        let proof = serialize_instance(&instances[0][..ACC_LEN])
+            .into_iter()
+            .chain(proof.proof)
+            .collect();
+
+        // "onchain instances" = pi_data
+        let instances = serialize_instance(&instances[0][ACC_LEN..]);
+
+        Self {
+            on_chain_proof: Proof {
+                proof,
+                instances,
+                vk,
+                git_version,
+            },
+        }
     }
+}
+
+impl BundleProof {
 
     /// Returns the calldata given to YUL verifier.
-    /// Format: Accumulator(12x32bytes) || PI(11x32bytes) || Proof
+    /// Format: Accumulator(12x32bytes) || PI(13x32bytes) || Proof
     pub fn calldata(self) -> Vec<u8> {
         let proof = self.proof_to_verify();
 
@@ -43,10 +73,10 @@ impl BundleProof {
     pub fn dump(&self, dir: &str, name: &str) -> Result<()> {
         let filename = format!("bundle_{name}");
 
-        dump_data(dir, &format!("pi_{filename}.data"), &self.raw.instances);
-        dump_data(dir, &format!("proof_{filename}.data"), &self.raw.proof);
+        dump_data(dir, &format!("pi_{filename}.data"), &self.on_chain_proof.instances);
+        dump_data(dir, &format!("proof_{filename}.data"), &self.on_chain_proof.proof);
 
-        dump_vk(dir, &filename, &self.raw.vk);
+        dump_vk(dir, &filename, &self.on_chain_proof.vk);
 
         dump_as_json(dir, &filename, &self)
     }
@@ -55,17 +85,17 @@ impl BundleProof {
     // where "accumulators" are instance instead of proof, not like "onchain proof".
     pub fn proof_to_verify(self) -> Proof {
         // raw.proof is accumulator + proof
-        assert!(self.raw.proof.len() > ACC_BYTES);
+        assert!(self.on_chain_proof.proof.len() > ACC_BYTES);
         // raw.instances is PI
-        assert_eq!(self.raw.instances.len(), PI_BYTES);
+        assert_eq!(self.on_chain_proof.instances.len(), PI_BYTES);
 
         // instances = raw_proof[..12] (acc) + raw_instances (pi_data)
         // proof = raw_proof[12..]
-        let mut instances = self.raw.proof;
+        let mut instances = self.on_chain_proof.proof;
         let proof = instances.split_off(ACC_BYTES);
-        instances.extend(self.raw.instances);
+        instances.extend(self.on_chain_proof.instances);
 
-        let vk = self.raw.vk;
+        let vk = self.on_chain_proof.vk;
         let git_version = Some(short_git_version());
 
         Proof {