barretenberg-doxygen/3f0fad0de81d472cf71c03df11cf01ed6e7e09e0/ultra__prover_8hpp_source.html

#pragma once

#include "barretenberg/commitment_schemes/zeromorph/zeromorph.hpp"

#include "barretenberg/flavor/goblin_ultra.hpp"

#include "barretenberg/flavor/ultra.hpp"

#include "barretenberg/plonk/proof_system/types/proof.hpp"

#include "barretenberg/relations/relation_parameters.hpp"

#include "barretenberg/sumcheck/instance/prover_instance.hpp"

#include "barretenberg/sumcheck/sumcheck_output.hpp"

#include "barretenberg/transcript/transcript.hpp"


namespace proof_system::honk {


template <UltraFlavor Flavor> class UltraProver_ {

    using FF = typename Flavor::FF;

    using Commitment = typename Flavor::Commitment;

    using CommitmentKey = typename Flavor::CommitmentKey;

    using Polynomial = typename Flavor::Polynomial;

    using ProverPolynomials = typename Flavor::ProverPolynomials;

    using CommitmentLabels = typename Flavor::CommitmentLabels;

    using Curve = typename Flavor::Curve;

    using Instance = ProverInstance_<Flavor>;

    using Transcript = typename Flavor::Transcript;


  public:

    explicit UltraProver_(const std::shared_ptr<Instance>&,

                          const std::shared_ptr<CommitmentKey>&,

                          const std::shared_ptr<Transcript>& transcript = std::make_shared<Transcript>());


    BBERG_PROFILE void execute_preamble_round();

    BBERG_PROFILE void execute_wire_commitments_round();

    BBERG_PROFILE void execute_sorted_list_accumulator_round();

    BBERG_PROFILE void execute_log_derivative_inverse_round();

    BBERG_PROFILE void execute_grand_product_computation_round();

    BBERG_PROFILE void execute_relation_check_rounds();

    BBERG_PROFILE void execute_zeromorph_rounds();


    plonk::proof& export_proof();

    plonk::proof& construct_proof();


    std::shared_ptr<Instance> instance;


    std::shared_ptr<Transcript> transcript;


    proof_system::RelationParameters<FF> relation_parameters;


    CommitmentLabels commitment_labels;


    Polynomial quotient_W;


    sumcheck::SumcheckOutput<Flavor> sumcheck_output;


    std::shared_ptr<CommitmentKey> commitment_key;


    using ZeroMorph = pcs::zeromorph::ZeroMorphProver_<Curve>;


  private:

    plonk::proof proof;

};


extern template class UltraProver_<honk::flavor::Ultra>;

extern template class UltraProver_<honk::flavor::GoblinUltra>;


using UltraProver = UltraProver_<honk::flavor::Ultra>;

using GoblinUltraProver = UltraProver_<honk::flavor::GoblinUltra>;


} // namespace proof_system::honk

barretenberg::Polynomial
Definition: polynomial.hpp:12

curve::BN254
Definition: bn254.hpp:10

proof_system::honk::BaseTranscript
Common transcript class for both parties. Stores the data for the current round, as well as the manif...
Definition: transcript.hpp:62

proof_system::honk::ProverInstance_
An Instance is normally constructed from a finalized circuit and it's role is to compute all the poly...
Definition: prover_instance.hpp:20

proof_system::honk::UltraProver_
Definition: ultra_prover.hpp:13

proof_system::honk::UltraProver_::execute_wire_commitments_round
BBERG_PROFILE void execute_wire_commitments_round()
Commit to the wire polynomials (part of the witness), with the exception of the fourth wire,...
Definition: ultra_prover.cpp:50

proof_system::honk::UltraProver_::execute_zeromorph_rounds
BBERG_PROFILE void execute_zeromorph_rounds()
Execute the ZeroMorph protocol to prove the multilinear evaluations produced by Sumcheck.
Definition: ultra_prover.cpp:162

proof_system::honk::UltraProver_::execute_sorted_list_accumulator_round
BBERG_PROFILE void execute_sorted_list_accumulator_round()
Compute sorted witness-table accumulator and commit to the resulting polynomials.
Definition: ultra_prover.cpp:93

proof_system::honk::UltraProver_::execute_relation_check_rounds
BBERG_PROFILE void execute_relation_check_rounds()
Run Sumcheck resulting in u = (u_1,...,u_d) challenges and all evaluations at u being calculated.
Definition: ultra_prover.cpp:148

proof_system::honk::UltraProver_::execute_grand_product_computation_round
BBERG_PROFILE void execute_grand_product_computation_round()
Compute permutation and lookup grand product polynomials and their commitments.
Definition: ultra_prover.cpp:132

proof_system::honk::UltraProver_::execute_preamble_round
BBERG_PROFILE void execute_preamble_round()
Add circuit size, public input size, and public inputs to transcript.
Definition: ultra_prover.cpp:29

proof_system::honk::UltraProver_::execute_log_derivative_inverse_round
BBERG_PROFILE void execute_log_derivative_inverse_round()
Compute log derivative inverse polynomial and its commitment, if required.
Definition: ultra_prover.cpp:113

proof_system::honk::flavor::GoblinTranslator::CommitmentLabels
A container for commitment labels.
Definition: goblin_translator.hpp:1022

proof_system::honk::flavor::GoblinTranslator::ProverPolynomials
A container for the prover polynomials handles.
Definition: goblin_translator.hpp:955

proof_system::honk::pcs::CommitmentKey
CommitmentKey object over a pairing group 𝔾₁.
Definition: commitment_key.hpp:35

proof_system::honk::pcs::zeromorph::ZeroMorphProver_
Prover for ZeroMorph multilinear PCS.
Definition: zeromorph.hpp:33

proof_system::honk
Defines particular circuit builder types expected to be used for circuit construction in stdlib and c...
Definition: claim.hpp:6

barretenberg::field< Bn254FrParams >

proof_system::RelationParameters
Container for parameters used by the grand product (permutation, lookup) Honk relations.
Definition: relation_parameters.hpp:12

proof_system::honk::sumcheck::SumcheckOutput
Contains the multi-linear evaluations of the polynomials at the challenge point 'u'....
Definition: sumcheck_output.hpp:13

proof_system::plonk::proof
Definition: proof.hpp:11