Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
commitment_key.hpp
Go to the documentation of this file.
1// === AUDIT STATUS ===
2// internal: { status: Planned, auditors: [Sergei], commit: }
3// external_1: { status: not started, auditors: [], commit: }
4// external_2: { status: not started, auditors: [], commit: }
5// =====================
6
7#pragma once
8
13#include "barretenberg/common/bb_bench.hpp"
14#include "barretenberg/common/log.hpp"
15#include "barretenberg/common/ref_span.hpp"
16#include "barretenberg/ecc/scalar_multiplication/scalar_multiplication.hpp"
17#include "barretenberg/polynomials/polynomial.hpp"
18#include "barretenberg/srs/factories/crs_factory.hpp"
19#include "barretenberg/srs/global_crs.hpp"
20
21#include <algorithm>
22#include <array>
23#include <cstddef>
24#include <cstdint>
25#include <cstdlib>
26#include <limits>
27#include <memory>
28#include <string_view>
29
30namespace bb {
39template <class Curve> class CommitmentKey {
40
41 using Fr = typename Curve::ScalarField;
42 using Commitment = typename Curve::AffineElement;
43
44 protected:
45 std::shared_ptr<srs::factories::Crs<Curve>> srs;
46
47 public:
48 size_t srs_size;
49
50 CommitmentKey() = default;
51
57 CommitmentKey(const size_t num_points)
58 : srs(srs::get_crs_factory<Curve>()->get_crs(num_points))
59 , srs_size(num_points)
60 {}
66 bool initialized() const { return srs != nullptr; }
67
68 std::span<Commitment> get_monomial_points() const { return srs->get_monomial_points(); }
69 size_t get_monomial_size() const { return srs->get_monomial_size(); }
70
77 Commitment commit(PolynomialSpan<const Fr> polynomial, bool has_duplicates_hint = false) const
78 {
79 BB_BENCH_NAME("CommitmentKey::commit");
80 std::span<const Commitment> point_table = get_monomial_points();
81 size_t consumed_srs = polynomial.start_index + polynomial.size();
82 if (consumed_srs > get_monomial_size()) {
83 throw_or_abort(format("Attempting to commit to a polynomial that needs ",
84 consumed_srs,
85 " points with an SRS of size ",
86 get_monomial_size()));
87 }
88 return scalar_multiplication::pippenger_unsafe<Curve>(polynomial, point_table, has_duplicates_hint);
89 };
100 std::vector<Commitment> batch_commit(RefSpan<Polynomial<Fr>> polynomials,
101 std::span<const uint8_t> has_duplicates_hints = {}) const
102 {
103 BB_BENCH_NAME("CommitmentKey::batch_commit");
104
105 std::vector<PolynomialSpan<Fr>> scalar_spans;
106 scalar_spans.reserve(polynomials.size());
107
108 for (auto& polynomial : polynomials) {
109 const size_t consumed_srs = polynomial.start_index() + polynomial.size();
110 if (consumed_srs > get_monomial_size()) {
111 throw_or_abort(format("Attempting to commit to a polynomial that needs ",
112 consumed_srs,
113 " points with an SRS of size ",
114 get_monomial_size()));
115 }
116 scalar_spans.emplace_back(polynomial.start_index(), polynomial.coeffs());
117 }
118
119 auto results = scalar_multiplication::MSM<Curve>::batch_multi_scalar_mul(
120 get_monomial_points(), scalar_spans, /*handle_edge_cases=*/false, has_duplicates_hints);
121 return std::vector<Commitment>(results.begin(), results.end());
122 };
123
124 // helper builder struct for constructing a batch to commit at once
125 struct CommitBatch {
126 CommitmentKey* key;
127 RefVector<Polynomial<Fr>> wires;
128 std::vector<std::string> labels;
129 std::vector<uint8_t> has_duplicates_hints; // per-poly dedup opt-in (parallel to wires)
130
131 std::vector<Commitment> commit_and_send_to_verifier(auto transcript)
132 {
133 std::vector<Commitment> commitments = key->batch_commit(wires, has_duplicates_hints);
134 for (size_t i = 0; i < commitments.size(); ++i) {
135 transcript->send_to_verifier(labels[i], commitments[i]);
136 }
137 return commitments;
138 }
139
140 void add_to_batch(Polynomial<Fr>& poly, const std::string& label, bool has_duplicates_hint = false)
141 {
142 wires.push_back(poly);
143 labels.push_back(label);
144 has_duplicates_hints.push_back(has_duplicates_hint ? uint8_t{ 1 } : uint8_t{ 0 });
145 }
146 };
147
148 CommitBatch start_batch() { return CommitBatch{ this, {}, {} }; }
149};
150
151} // namespace bb
bb_bench.hpp
BB_BENCH_NAME
#define BB_BENCH_NAME(name)
Definition bb_bench.hpp:264
bb::CommitmentKey
CommitmentKey object over a pairing group 𝔾₁.
Definition commitment_key.hpp:39
bb::CommitmentKey::CommitmentKey
CommitmentKey()=default
bb::CommitmentKey::get_monomial_size
size_t get_monomial_size() const
Definition commitment_key.hpp:69
bb::CommitmentKey::Fr
typename Curve::ScalarField Fr
Definition commitment_key.hpp:41
bb::CommitmentKey::get_monomial_points
std::span< Commitment > get_monomial_points() const
Definition commitment_key.hpp:68
bb::CommitmentKey::Commitment
typename Curve::AffineElement Commitment
Definition commitment_key.hpp:42
bb::CommitmentKey::CommitmentKey
CommitmentKey(const size_t num_points)
Construct a new Kate Commitment Key object from existing SRS.
Definition commitment_key.hpp:57
bb::CommitmentKey::batch_commit
std::vector< Commitment > batch_commit(RefSpan< Polynomial< Fr > > polynomials, std::span< const uint8_t > has_duplicates_hints={}) const
Batch commitment to multiple polynomials.
Definition commitment_key.hpp:100
bb::CommitmentKey::initialized
bool initialized() const
Checks the commitment key is properly initialized.
Definition commitment_key.hpp:66
bb::CommitmentKey::srs
std::shared_ptr< srs::factories::Crs< Curve > > srs
Definition commitment_key.hpp:45
bb::CommitmentKey::start_batch
CommitBatch start_batch()
Definition commitment_key.hpp:148
bb::CommitmentKey::commit
Commitment commit(PolynomialSpan< const Fr > polynomial, bool has_duplicates_hint=false) const
Uses the ProverSRS to create a commitment to p(X)
Definition commitment_key.hpp:77
bb::Polynomial
Structured polynomial class that represents the coefficients 'a' of a_0 + a_1 x .....
Definition polynomial.hpp:75
bb::RefVector
A template class for a reference vector. Behaves as if std::vector<T&> was possible.
Definition ref_vector.hpp:24
bb::curve::Grumpkin::AffineElement
typename Group::affine_element AffineElement
Definition grumpkin.hpp:64
bb::scalar_multiplication::MSM::batch_multi_scalar_mul
static std::vector< AffineElement > batch_multi_scalar_mul(std::span< const AffineElement > points, std::span< PolynomialSpan< ScalarField > > scalars, bool handle_edge_cases=true, std::span< const uint8_t > dedup_hints={}) noexcept
Definition scalar_multiplication.cpp:679
format
std::string format(Args... args)
Definition log.hpp:23
crs_factory.hpp
global_crs.hpp
bb
Entry point for Barretenberg command-line interface.
Definition api.hpp:5
std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13
ref_span.hpp
scalar_multiplication.hpp
bb::CommitmentKey::CommitBatch::labels
std::vector< std::string > labels
Definition commitment_key.hpp:128
bb::CommitmentKey::CommitBatch::add_to_batch
void add_to_batch(Polynomial< Fr > &poly, const std::string &label, bool has_duplicates_hint=false)
Definition commitment_key.hpp:140
bb::CommitmentKey::CommitBatch::has_duplicates_hints
std::vector< uint8_t > has_duplicates_hints
Definition commitment_key.hpp:129
bb::CommitmentKey::CommitBatch::wires
RefVector< Polynomial< Fr > > wires
Definition commitment_key.hpp:127
bb::CommitmentKey::CommitBatch::commit_and_send_to_verifier
std::vector< Commitment > commit_and_send_to_verifier(auto transcript)
Definition commitment_key.hpp:131
bb::PolynomialSpan::size
size_t size() const
Definition polynomial.hpp:36
throw_or_abort
void throw_or_abort(std::string const &err)
Definition throw_or_abort.hpp:6