Functions
batchVerify
function batchVerify(
struct IPlonkVerifier.VerifyingKey[] verifyingKeys,
uint256[][] publicInputs,
struct IPlonkVerifier.PlonkProof[] proofs,
bytes[] extraTranscriptInitMsgs
) external returns (bool)
Batch verify multiple TurboPlonk proofs.
Parameters
| Name | Type | Description |
|---|---|---|
verifyingKeys | struct IPlonkVerifier.VerifyingKey[] | An array of verifier keys |
publicInputs | uint256[][] | A two-dimensional array of public inputs. |
proofs | struct IPlonkVerifier.PlonkProof[] | An array of Plonk proofs |
extraTranscriptInitMsgs | bytes[] | An array of bytes from |
| transcript initialization messages |
_validateProof
function _validateProof(
struct IPlonkVerifier.PlonkProof proof
) internal
Validate all group points and scalar fields. Revert if any are invalid.
Parameters
| Name | Type | Description |
|---|---|---|
proof | struct IPlonkVerifier.PlonkProof | A Plonk proof |
_preparePcsInfo
function _preparePcsInfo(
) internal returns (struct PlonkVerifier.PcsInfo res)
_computeChallenges
function _computeChallenges(
) internal returns (struct PlonkVerifier.Challenges res)
_computeLinPolyConstantTerm
function _computeLinPolyConstantTerm(
) internal returns (uint256 res)
Compute the constant term of the linearization polynomial.
r_plonk = PI - L1(x) * alpha^2 - alpha * \prod_i=1..m-1 (w_i + beta * sigma_i + gamma) * (w_m + gamma) * z(xw)
where m is the number of wire types.
_prepareOpeningProof
function _prepareOpeningProof(
struct IPlonkVerifier.VerifyingKey verifyingKey,
struct PolynomialEval.EvalData evalData,
struct IPlonkVerifier.PlonkProof proof,
struct PlonkVerifier.Challenges chal,
uint256[] commScalars,
struct BN254.G1Point[] commBases
) internal returns (uint256 eval)
Compute components in [E]1 and [F]1 used for PolyComm opening verification equivalent of JF's https://github.com/EspressoSystems/jellyfish/blob/main/plonk/src/proof_system/verifier.rs#L154-L170 caller allocates the memory fr commScalars and commBases requires Arrays of size 30.
Parameters
| Name | Type | Description |
|---|---|---|
verifyingKey | struct IPlonkVerifier.VerifyingKey | A verifier key |
evalData | struct PolynomialEval.EvalData | A polynomial evaluation |
proof | struct IPlonkVerifier.PlonkProof | A Plonk proof |
chal | struct PlonkVerifier.Challenges | A set of challenges |
commScalars | uint256[] | Common scalars |
commBases | struct BN254.G1Point[] | Common bases |
_preparePolyCommitments
function _preparePolyCommitments(
) internal
Similar to aggregate_poly_commitments() in Jellyfish, but we are not aggregating multiple,
but rather preparing for [F]1 from a single proof.
The caller allocates the memory fr commScalars and commBases.
Requires Arrays of size 30.
_prepareEvaluations
function _prepareEvaluations(
uint256 linPolyConstant,
struct IPlonkVerifier.PlonkProof proof,
uint256[] commScalars
) internal returns (uint256 eval)
aggregate_evaluations() in Jellyfish, but since we are not aggregating multiple, but rather preparing [E]1 from a single proof.
caller allocates the memory fr commScalars
requires Arrays of size 30.
Parameters
| Name | Type | Description |
|---|---|---|
linPolyConstant | uint256 | A linear polynomial constant |
proof | struct IPlonkVerifier.PlonkProof | A Plonk proof |
commScalars | uint256[] | An array of common scalars |
The returned value is the scalar in [E]1 described in Sec 8.4, step 11 of https://eprint.iacr.org/2019/953.pdf |
_batchVerifyOpeningProofs
function _batchVerifyOpeningProofs(
struct PlonkVerifier.PcsInfo[] pcsInfos
) internal returns (bool)
Batchly verify multiple PCS opening proofs.
open_key has been assembled from BN254.P1(), BN254.P2() and contract variable _betaH
Returns true if the entire batch verifiies and false otherwise.
Parameters
| Name | Type | Description |
|---|---|---|
pcsInfos | struct PlonkVerifier.PcsInfo[] | An array of PcsInfo |
_linearizationScalarsAndBases
function _linearizationScalarsAndBases(
struct IPlonkVerifier.VerifyingKey verifyingKey,
struct PlonkVerifier.Challenges challenge,
struct PolynomialEval.EvalData evalData,
struct IPlonkVerifier.PlonkProof proof,
struct BN254.G1Point[] bases,
uint256[] scalars
) internal
Compute the linearization of the scalars and bases. The caller allocates the memory from commScalars and commBases. Requires arrays of size 30.
Parameters
| Name | Type | Description |
|---|---|---|
verifyingKey | struct IPlonkVerifier.VerifyingKey | The verifying key |
challenge | struct PlonkVerifier.Challenges | A set of challenges |
evalData | struct PolynomialEval.EvalData | Polynomial evaluation data |
proof | struct IPlonkVerifier.PlonkProof | A Plonk proof |
bases | struct BN254.G1Point[] | An array of BN254 G1 points |
scalars | uint256[] | An array of scalars |