diff --git a/crates/proof-of-sql/src/sql/proof/final_round_builder.rs b/crates/proof-of-sql/src/sql/proof/final_round_builder.rs index 1ce16dbd6..676145a5f 100644 --- a/crates/proof-of-sql/src/sql/proof/final_round_builder.rs +++ b/crates/proof-of-sql/src/sql/proof/final_round_builder.rs @@ -12,6 +12,8 @@ pub struct FinalRoundBuilder<'a, S: Scalar> { num_sumcheck_variables: usize, bit_distributions: Vec, commitment_descriptor: Vec>, + first_round_commitment_descriptor: Vec>, + consumed_first_round_commitment_descriptors: usize, pcs_proof_mles: Vec + 'a>>, sumcheck_subpolynomials: Vec>, /// The challenges used in creation of the constraints in the proof. @@ -25,11 +27,17 @@ pub struct FinalRoundBuilder<'a, S: Scalar> { } impl<'a, S: Scalar> FinalRoundBuilder<'a, S> { - pub fn new(num_sumcheck_variables: usize, post_result_challenges: Vec) -> Self { + pub fn new( + num_sumcheck_variables: usize, + post_result_challenges: Vec, + first_round_commitment_descriptor: Vec>, + ) -> Self { Self { num_sumcheck_variables, bit_distributions: Vec::new(), commitment_descriptor: Vec::new(), + first_round_commitment_descriptor, + consumed_first_round_commitment_descriptors: 0, pcs_proof_mles: Vec::new(), sumcheck_subpolynomials: Vec::new(), post_result_challenges, @@ -44,6 +52,12 @@ impl<'a, S: Scalar> FinalRoundBuilder<'a, S> { self.sumcheck_subpolynomials.len() } + pub fn consume_first_round_mle(&mut self) -> CommittableColumn<'a> { + let index = self.consumed_first_round_commitment_descriptors; + self.consumed_first_round_commitment_descriptors += 1; + self.first_round_commitment_descriptor[index].clone() + } + pub fn pcs_proof_mles(&self) -> &[Box + 'a>] { &self.pcs_proof_mles } diff --git a/crates/proof-of-sql/src/sql/proof/final_round_builder_test.rs b/crates/proof-of-sql/src/sql/proof/final_round_builder_test.rs index b1e8b9d2e..469d60bf2 100644 --- a/crates/proof-of-sql/src/sql/proof/final_round_builder_test.rs +++ b/crates/proof-of-sql/src/sql/proof/final_round_builder_test.rs @@ -17,7 +17,7 @@ use curve25519_dalek::RistrettoPoint; fn we_can_compute_commitments_for_intermediate_mles_using_a_zero_offset() { let mle1 = [1, 2]; let mle2 = [10i64, 20]; - let mut builder = FinalRoundBuilder::::new(1, Vec::new()); + let mut builder = FinalRoundBuilder::::new(1, Vec::new(), Vec::new()); builder.produce_anchored_mle(&mle1); builder.produce_intermediate_mle(&mle2[..]); let offset_generators = 0_usize; @@ -36,7 +36,7 @@ fn we_can_compute_commitments_for_intermediate_mles_using_a_zero_offset() { fn we_can_compute_commitments_for_intermediate_mles_using_a_non_zero_offset() { let mle1 = [1, 2]; let mle2 = [10i64, 20]; - let mut builder = FinalRoundBuilder::::new(1, Vec::new()); + let mut builder = FinalRoundBuilder::::new(1, Vec::new(), Vec::new()); builder.produce_anchored_mle(&mle1); builder.produce_intermediate_mle(&mle2[..]); let offset_generators = 123_usize; @@ -55,7 +55,7 @@ fn we_can_compute_commitments_for_intermediate_mles_using_a_non_zero_offset() { fn we_can_evaluate_pcs_proof_mles() { let mle1 = [1, 2]; let mle2 = [10i64, 20]; - let mut builder = FinalRoundBuilder::new(1, Vec::new()); + let mut builder = FinalRoundBuilder::new(1, Vec::new(), Vec::new()); builder.produce_anchored_mle(&mle1); builder.produce_intermediate_mle(&mle2[..]); let evaluation_vec = [ @@ -112,6 +112,7 @@ fn we_can_consume_post_result_challenges_in_proof_builder() { Curve25519Scalar::from(456), Curve25519Scalar::from(789), ], + Vec::new(), ); assert_eq!( Curve25519Scalar::from(789), @@ -126,3 +127,23 @@ fn we_can_consume_post_result_challenges_in_proof_builder() { builder.consume_post_result_challenge() ); } + +#[test] +fn we_can_consume_first_round_committable_columns() { + let mut builder: FinalRoundBuilder = FinalRoundBuilder::new( + 2, + Vec::new(), + vec![ + CommittableColumn::TinyInt(&[2_i8, 3, 4]), + CommittableColumn::BigInt(&[5_i64, 6, 7]), + ], + ); + assert_eq!( + CommittableColumn::TinyInt(&[2_i8, 3, 4]), + builder.consume_first_round_mle() + ); + assert_eq!( + CommittableColumn::BigInt(&[5_i64, 6, 7]), + builder.consume_first_round_mle() + ); +} diff --git a/crates/proof-of-sql/src/sql/proof/first_round_builder.rs b/crates/proof-of-sql/src/sql/proof/first_round_builder.rs index 9742098bc..c50ac9c3e 100644 --- a/crates/proof-of-sql/src/sql/proof/first_round_builder.rs +++ b/crates/proof-of-sql/src/sql/proof/first_round_builder.rs @@ -1,6 +1,13 @@ -use alloc::vec::Vec; +use crate::base::{ + commitment::{Commitment, CommittableColumn, VecCommitmentExt}, + polynomial::MultilinearExtension, + scalar::Scalar, +}; +use alloc::{boxed::Box, vec::Vec}; /// Track the result created by a query -pub struct FirstRoundBuilder { +pub struct FirstRoundBuilder<'a, S> { + commitment_descriptor: Vec>, + pcs_proof_mles: Vec + 'a>>, /// The number of challenges used in the proof. /// Specifically, these are the challenges that the verifier sends to /// the prover after the prover sends the result, but before the prover @@ -10,20 +17,26 @@ pub struct FirstRoundBuilder { one_evaluation_lengths: Vec, } -impl Default for FirstRoundBuilder { +impl<'a, S: Scalar> Default for FirstRoundBuilder<'a, S> { fn default() -> Self { Self::new() } } -impl FirstRoundBuilder { +impl<'a, S: Scalar> FirstRoundBuilder<'a, S> { pub fn new() -> Self { Self { + commitment_descriptor: Vec::new(), + pcs_proof_mles: Vec::new(), num_post_result_challenges: 0, one_evaluation_lengths: Vec::new(), } } + pub fn commitment_descriptor(&self) -> &[CommittableColumn<'a>] { + &self.commitment_descriptor + } + /// Get the one evaluation lengths used in the proof. pub(crate) fn one_evaluation_lengths(&self) -> &[usize] { &self.one_evaluation_lengths @@ -34,6 +47,58 @@ impl FirstRoundBuilder { self.one_evaluation_lengths.push(length); } + /// Produce an anchored MLE that we can reference in sumcheck. + /// + /// An anchored MLE is an MLE where the verifier has access to the commitment. + pub fn produce_anchored_mle(&mut self, data: impl MultilinearExtension + 'a) { + self.pcs_proof_mles.push(Box::new(data)); + } + + /// Produce an MLE for a intermediate computed column that we can reference in sumcheck. + /// + /// Because the verifier doesn't have access to the MLE's commitment, we will need to + /// commit to the MLE before we form the sumcheck polynomial. + pub fn produce_intermediate_mle( + &mut self, + data: impl MultilinearExtension + Into> + Copy + 'a, + ) { + self.commitment_descriptor.push(data.into()); + self.produce_anchored_mle(data); + } + + /// Compute commitments of all the interemdiate MLEs used in sumcheck + #[tracing::instrument( + name = "FinalRoundBuilder::commit_intermediate_mles", + level = "debug", + skip_all + )] + pub fn commit_intermediate_mles( + &self, + offset_generators: usize, + setup: &C::PublicSetup<'_>, + ) -> Vec { + Vec::from_commitable_columns_with_offset( + &self.commitment_descriptor, + offset_generators, + setup, + ) + } + + /// Given the evaluation vector, compute evaluations of all the MLEs used in sumcheck except + /// for those that correspond to result columns sent to the verifier. + #[tracing::instrument( + name = "FinalRoundBuilder::evaluate_pcs_proof_mles", + level = "debug", + skip_all + )] + pub fn evaluate_pcs_proof_mles(&self, evaluation_vec: &[S]) -> Vec { + let mut res = Vec::with_capacity(self.pcs_proof_mles.len()); + for evaluator in &self.pcs_proof_mles { + res.push(evaluator.inner_product(evaluation_vec)); + } + res + } + /// The number of challenges used in the proof. /// Specifically, these are the challenges that the verifier sends to /// the prover after the prover sends the result, but before the prover diff --git a/crates/proof-of-sql/src/sql/proof/first_round_builder_test.rs b/crates/proof-of-sql/src/sql/proof/first_round_builder_test.rs new file mode 100644 index 000000000..bac639a79 --- /dev/null +++ b/crates/proof-of-sql/src/sql/proof/first_round_builder_test.rs @@ -0,0 +1,73 @@ +use super::FirstRoundBuilder; +use crate::base::{ + commitment::{Commitment, CommittableColumn}, + scalar::Curve25519Scalar, +}; +use curve25519_dalek::RistrettoPoint; + +#[test] +fn we_can_compute_commitments_for_intermediate_mles_using_a_zero_offset() { + let mle1 = [1, 2]; + let mle2 = [10i64, 20]; + let mut builder = FirstRoundBuilder::::new(); + builder.produce_anchored_mle(&mle1); + builder.produce_intermediate_mle(&mle2[..]); + let offset_generators = 0_usize; + let commitments: Vec = builder.commit_intermediate_mles(offset_generators, &()); + assert_eq!( + commitments, + [RistrettoPoint::compute_commitments( + &[CommittableColumn::from(&mle2[..])], + offset_generators, + &() + )[0]] + ); +} + +#[test] +fn we_can_compute_commitments_for_intermediate_mles_using_a_non_zero_offset() { + let mle1 = [1, 2]; + let mle2 = [10i64, 20]; + let mut builder = FirstRoundBuilder::::new(); + builder.produce_anchored_mle(&mle1); + builder.produce_intermediate_mle(&mle2[..]); + let offset_generators = 123_usize; + let commitments: Vec = builder.commit_intermediate_mles(offset_generators, &()); + assert_eq!( + commitments, + [RistrettoPoint::compute_commitments( + &[CommittableColumn::from(&mle2[..])], + offset_generators, + &() + )[0]] + ); +} + +#[test] +fn we_can_evaluate_pcs_proof_mles() { + let mle1 = [1, 2]; + let mle2 = [10i64, 20]; + let mut builder = FirstRoundBuilder::::new(); + builder.produce_anchored_mle(&mle1); + builder.produce_intermediate_mle(&mle2[..]); + let evaluation_vec = [ + Curve25519Scalar::from(100u64), + Curve25519Scalar::from(10u64), + ]; + let evals = builder.evaluate_pcs_proof_mles(&evaluation_vec); + let expected_evals = [ + Curve25519Scalar::from(120u64), + Curve25519Scalar::from(1200u64), + ]; + assert_eq!(evals, expected_evals); +} + +#[test] +fn we_can_add_post_result_challenges() { + let mut builder = FirstRoundBuilder::::new(); + assert_eq!(builder.num_post_result_challenges(), 0); + builder.request_post_result_challenges(1); + assert_eq!(builder.num_post_result_challenges(), 1); + builder.request_post_result_challenges(2); + assert_eq!(builder.num_post_result_challenges(), 3); +} diff --git a/crates/proof-of-sql/src/sql/proof/mod.rs b/crates/proof-of-sql/src/sql/proof/mod.rs index f31e456ee..6e2e64af8 100644 --- a/crates/proof-of-sql/src/sql/proof/mod.rs +++ b/crates/proof-of-sql/src/sql/proof/mod.rs @@ -68,6 +68,8 @@ pub(crate) use result_element_serialization::{ mod first_round_builder; pub(crate) use first_round_builder::FirstRoundBuilder; +#[cfg(all(test, feature = "blitzar"))] +mod first_round_builder_test; #[cfg(all(test, feature = "arrow"))] mod provable_query_result_test; diff --git a/crates/proof-of-sql/src/sql/proof/proof_plan.rs b/crates/proof-of-sql/src/sql/proof/proof_plan.rs index f033b3451..993973245 100644 --- a/crates/proof-of-sql/src/sql/proof/proof_plan.rs +++ b/crates/proof-of-sql/src/sql/proof/proof_plan.rs @@ -39,7 +39,7 @@ pub trait ProverEvaluate { /// Evaluate the query, modify `FirstRoundBuilder` and return the result. fn first_round_evaluate<'a, S: Scalar>( &self, - builder: &mut FirstRoundBuilder, + builder: &mut FirstRoundBuilder<'a, S>, alloc: &'a Bump, table_map: &IndexMap>, ) -> Table<'a, S>; diff --git a/crates/proof-of-sql/src/sql/proof/query_proof.rs b/crates/proof-of-sql/src/sql/proof/query_proof.rs index 69532f9b2..907bb2481 100644 --- a/crates/proof-of-sql/src/sql/proof/query_proof.rs +++ b/crates/proof-of-sql/src/sql/proof/query_proof.rs @@ -56,8 +56,10 @@ pub(super) struct QueryProof { pub bit_distributions: Vec, /// One evaluation lengths pub one_evaluation_lengths: Vec, - /// Commitments - pub commitments: Vec, + /// First Round Commitments + pub first_round_commitments: Vec, + /// Final Round Commitments + pub final_round_commitments: Vec, /// Sumcheck Proof pub sumcheck_proof: SumcheckProof, /// MLEs used in sumcheck except for the result columns @@ -95,7 +97,7 @@ impl QueryProof { .collect(); // Prover First Round: Evaluate the query && get the right number of post result challenges - let mut first_round_builder = FirstRoundBuilder::new(); + let mut first_round_builder = FirstRoundBuilder::::new(); let query_result = expr.first_round_evaluate(&mut first_round_builder, &alloc, &table_map); let owned_table_result = OwnedTable::from(&query_result); let provable_result = query_result.into(); @@ -111,6 +113,11 @@ impl QueryProof { let num_sumcheck_variables = cmp::max(log2_up(range_length), 1); assert!(num_sumcheck_variables > 0); + // commit to any intermediate MLEs + let first_round_commitments = + first_round_builder.commit_intermediate_mles(min_row_num, setup); + let first_round_mles = first_round_builder.commitment_descriptor(); + // construct a transcript for the proof let mut transcript: Keccak256Transcript = make_transcript( expr, @@ -118,6 +125,7 @@ impl QueryProof { range_length, min_row_num, one_evaluation_lengths, + &first_round_commitments, ); // These are the challenges that will be consumed by the proof @@ -130,34 +138,40 @@ impl QueryProof { .take(first_round_builder.num_post_result_challenges()) .collect(); - let mut builder = FinalRoundBuilder::new(num_sumcheck_variables, post_result_challenges); + let mut final_round_builder = FinalRoundBuilder::new( + num_sumcheck_variables, + post_result_challenges, + first_round_mles.to_vec(), + ); for col_ref in total_col_refs { - builder.produce_anchored_mle(accessor.get_column(col_ref)); + final_round_builder.produce_anchored_mle(accessor.get_column(col_ref)); } - expr.final_round_evaluate(&mut builder, &alloc, &table_map); + expr.final_round_evaluate(&mut final_round_builder, &alloc, &table_map); - let num_sumcheck_variables = builder.num_sumcheck_variables(); + let num_sumcheck_variables = final_round_builder.num_sumcheck_variables(); // commit to any intermediate MLEs - let commitments = builder.commit_intermediate_mles(min_row_num, setup); + let final_round_commitments = + final_round_builder.commit_intermediate_mles(min_row_num, setup); // add the commitments, bit distributions and one evaluation lengths to the proof extend_transcript_with_commitments( &mut transcript, - &commitments, - builder.bit_distributions(), + &final_round_commitments, + final_round_builder.bit_distributions(), ); // construct the sumcheck polynomial - let num_random_scalars = num_sumcheck_variables + builder.num_sumcheck_subpolynomials(); + let num_random_scalars = + num_sumcheck_variables + final_round_builder.num_sumcheck_subpolynomials(); let random_scalars: Vec<_> = core::iter::repeat_with(|| transcript.scalar_challenge_as_be()) .take(num_random_scalars) .collect(); let state = make_sumcheck_prover_state( - builder.sumcheck_subpolynomials(), + final_round_builder.sumcheck_subpolynomials(), num_sumcheck_variables, &SumcheckRandomScalars::new(&random_scalars, range_length, num_sumcheck_variables), ); @@ -169,7 +183,7 @@ impl QueryProof { // evaluate the MLEs used in sumcheck except for the result columns let mut evaluation_vec = vec![Zero::zero(); range_length]; compute_evaluation_vector(&mut evaluation_vec, &evaluation_point); - let pcs_proof_evaluations = builder.evaluate_pcs_proof_mles(&evaluation_vec); + let pcs_proof_evaluations = final_round_builder.evaluate_pcs_proof_mles(&evaluation_vec); // commit to the MLE evaluations transcript.extend_canonical_serialize_as_le(&pcs_proof_evaluations); @@ -181,9 +195,15 @@ impl QueryProof { .take(pcs_proof_evaluations.len()) .collect(); - assert_eq!(random_scalars.len(), builder.pcs_proof_mles().len()); + assert_eq!( + random_scalars.len(), + final_round_builder.pcs_proof_mles().len() + ); let mut folded_mle = vec![Zero::zero(); range_length]; - for (multiplier, evaluator) in random_scalars.iter().zip(builder.pcs_proof_mles().iter()) { + for (multiplier, evaluator) in random_scalars + .iter() + .zip(final_round_builder.pcs_proof_mles().iter()) + { evaluator.mul_add(&mut folded_mle, multiplier); } @@ -197,9 +217,10 @@ impl QueryProof { ); let proof = Self { - bit_distributions: builder.bit_distributions().to_vec(), + bit_distributions: final_round_builder.bit_distributions().to_vec(), one_evaluation_lengths: one_evaluation_lengths.to_vec(), - commitments, + first_round_commitments, + final_round_commitments, sumcheck_proof, pcs_proof_evaluations, evaluation_proof, @@ -253,6 +274,7 @@ impl QueryProof { self.range_length, min_row_num, &self.one_evaluation_lengths, + &self.first_round_commitments, ); // These are the challenges that will be consumed by the proof @@ -268,7 +290,7 @@ impl QueryProof { // add the commitments and bit disctibutions to the proof extend_transcript_with_commitments( &mut transcript, - &self.commitments, + &self.final_round_commitments, &self.bit_distributions, ); @@ -336,7 +358,8 @@ impl QueryProof { let pcs_proof_commitments: Vec<_> = column_references .iter() .map(|col| accessor.get_commitment(*col)) - .chain(self.commitments.iter().cloned()) + .chain(self.first_round_commitments.iter().cloned()) + .chain(self.final_round_commitments.iter().cloned()) .collect(); let evaluation_accessor: IndexMap<_, _> = column_references .into_iter() @@ -389,7 +412,7 @@ impl QueryProof { } fn validate_sizes(&self, counts: &ProofCounts) -> bool { - self.commitments.len() == counts.intermediate_mles + self.final_round_commitments.len() == counts.intermediate_mles && self.pcs_proof_evaluations.len() == counts.intermediate_mles + counts.anchored_mles } } @@ -408,15 +431,18 @@ impl QueryProof { /// * `min_row_num` - The minimum row number in the index range of the tables referenced by the query. /// * `one_evaluation_lengths` - The lengths of the one evaluations. /// +/// * `first_round_commitments` - A slice of commitments produced before post-result challenges that are part of the proof. +/// /// # Returns /// /// A transcript initialized with the provided data. -fn make_transcript( +fn make_transcript( expr: &(impl ProofPlan + Serialize), - result: &OwnedTable, + result: &OwnedTable, range_length: usize, min_row_num: usize, one_evaluation_lengths: &[usize], + first_round_commitments: &[C], ) -> T { let mut transcript = T::new(); extend_transcript_with_owned_table(&mut transcript, result); @@ -424,6 +450,9 @@ fn make_transcript( transcript.extend_serialize_as_le(&range_length); transcript.extend_serialize_as_le(&min_row_num); transcript.extend_serialize_as_le(one_evaluation_lengths); + for commitment in first_round_commitments { + commitment.append_to_transcript(&mut transcript); + } transcript } @@ -479,10 +508,10 @@ fn extend_transcript_with_owned_table( /// * `bit_distributions` - The bit distributions to add to the transcript. fn extend_transcript_with_commitments( transcript: &mut impl Transcript, - commitments: &[C], + final_round_commitments: &[C], bit_distributions: &[BitDistribution], ) { - for commitment in commitments { + for commitment in final_round_commitments { commitment.append_to_transcript(transcript); } transcript.extend_serialize_as_le(bit_distributions); diff --git a/crates/proof-of-sql/src/sql/proof/query_proof_test.rs b/crates/proof-of-sql/src/sql/proof/query_proof_test.rs index 4cbe7f667..de4e31a96 100644 --- a/crates/proof-of-sql/src/sql/proof/query_proof_test.rs +++ b/crates/proof-of-sql/src/sql/proof/query_proof_test.rs @@ -44,7 +44,7 @@ impl Default for TrivialTestProofPlan { impl ProverEvaluate for TrivialTestProofPlan { fn first_round_evaluate<'a, S: Scalar>( &self, - builder: &mut FirstRoundBuilder, + builder: &mut FirstRoundBuilder<'a, S>, alloc: &'a Bump, _table_map: &IndexMap>, ) -> Table<'a, S> { @@ -224,7 +224,7 @@ impl Default for SquareTestProofPlan { impl ProverEvaluate for SquareTestProofPlan { fn first_round_evaluate<'a, S: Scalar>( &self, - builder: &mut FirstRoundBuilder, + builder: &mut FirstRoundBuilder<'a, S>, alloc: &'a Bump, _table_map: &IndexMap>, ) -> Table<'a, S> { @@ -408,7 +408,7 @@ impl Default for DoubleSquareTestProofPlan { impl ProverEvaluate for DoubleSquareTestProofPlan { fn first_round_evaluate<'a, S: Scalar>( &self, - builder: &mut FirstRoundBuilder, + builder: &mut FirstRoundBuilder<'a, S>, alloc: &'a Bump, _table_map: &IndexMap>, ) -> Table<'a, S> { @@ -570,7 +570,8 @@ fn verify_fails_if_an_intermediate_commitment_doesnt_match() { (), ); let (mut proof, result) = QueryProof::::new(&expr, &accessor, &()); - proof.commitments[0] = proof.commitments[0] * Curve25519Scalar::from(2u64); + proof.final_round_commitments[0] = + proof.final_round_commitments[0] * Curve25519Scalar::from(2u64); assert!(proof.verify(&expr, &accessor, result, &()).is_err()); } @@ -622,7 +623,7 @@ struct ChallengeTestProofPlan {} impl ProverEvaluate for ChallengeTestProofPlan { fn first_round_evaluate<'a, S: Scalar>( &self, - builder: &mut FirstRoundBuilder, + builder: &mut FirstRoundBuilder<'a, S>, alloc: &'a Bump, _table_map: &IndexMap>, ) -> Table<'a, S> { diff --git a/crates/proof-of-sql/src/sql/proof/verifiable_query_result_test.rs b/crates/proof-of-sql/src/sql/proof/verifiable_query_result_test.rs index 044c85874..03c518461 100644 --- a/crates/proof-of-sql/src/sql/proof/verifiable_query_result_test.rs +++ b/crates/proof-of-sql/src/sql/proof/verifiable_query_result_test.rs @@ -28,7 +28,7 @@ pub(super) struct EmptyTestQueryExpr { impl ProverEvaluate for EmptyTestQueryExpr { fn first_round_evaluate<'a, S: Scalar>( &self, - builder: &mut FirstRoundBuilder, + builder: &mut FirstRoundBuilder<'a, S>, alloc: &'a Bump, _table_map: &IndexMap>, ) -> Table<'a, S> { diff --git a/crates/proof-of-sql/src/sql/proof/verifiable_query_result_test_utility.rs b/crates/proof-of-sql/src/sql/proof/verifiable_query_result_test_utility.rs index b2c5c0758..7cc0113da 100644 --- a/crates/proof-of-sql/src/sql/proof/verifiable_query_result_test_utility.rs +++ b/crates/proof-of-sql/src/sql/proof/verifiable_query_result_test_utility.rs @@ -59,9 +59,9 @@ pub fn exercise_verification( &(), )[0]; - for i in 0..proof.commitments.len() { + for i in 0..proof.final_round_commitments.len() { let mut res_p = res.clone(); - res_p.proof.as_mut().unwrap().commitments[i] = commit_p; + res_p.proof.as_mut().unwrap().final_round_commitments[i] = commit_p; assert!(res_p.verify(expr, accessor, &()).is_err()); } @@ -71,7 +71,10 @@ pub fn exercise_verification( // the inner product proof isn't dependent on the generators since it simply sends the input // vector; hence, changing the offset would have no effect. if accessor.get_length(table_ref) > 1 - || proof.commitments.iter().any(|&c| c != Identity::identity()) + || proof + .final_round_commitments + .iter() + .any(|&c| c != Identity::identity()) { let offset_generators = accessor.get_offset(table_ref); let mut fake_accessor = accessor.clone(); diff --git a/crates/proof-of-sql/src/sql/proof_exprs/sign_expr_test.rs b/crates/proof-of-sql/src/sql/proof_exprs/sign_expr_test.rs index 99badc6b5..c87f2cda5 100644 --- a/crates/proof-of-sql/src/sql/proof_exprs/sign_expr_test.rs +++ b/crates/proof-of-sql/src/sql/proof_exprs/sign_expr_test.rs @@ -15,7 +15,7 @@ fn prover_evaluation_generates_the_bit_distribution_of_a_constant_column() { let dist = BitDistribution::new::(&data); let alloc = Bump::new(); let data: Vec = data.into_iter().map(Curve25519Scalar::from).collect(); - let mut builder = FinalRoundBuilder::new(2, Vec::new()); + let mut builder = FinalRoundBuilder::new(2, Vec::new(), Vec::new()); let sign = prover_evaluate_sign(&mut builder, &alloc, &data, false); assert_eq!(sign, [false; 3]); assert_eq!(builder.bit_distributions(), [dist]); @@ -27,7 +27,7 @@ fn prover_evaluation_generates_the_bit_distribution_of_a_negative_constant_colum let dist = BitDistribution::new::(&data); let alloc = Bump::new(); let data: Vec = data.into_iter().map(Curve25519Scalar::from).collect(); - let mut builder = FinalRoundBuilder::new(2, Vec::new()); + let mut builder = FinalRoundBuilder::new(2, Vec::new(), Vec::new()); let sign = prover_evaluate_sign(&mut builder, &alloc, &data, false); assert_eq!(sign, [true; 3]); assert_eq!(builder.bit_distributions(), [dist]); diff --git a/crates/proof-of-sql/src/sql/proof_plans/demo_mock_plan.rs b/crates/proof-of-sql/src/sql/proof_plans/demo_mock_plan.rs index 52c3e9421..5f3d0a15a 100644 --- a/crates/proof-of-sql/src/sql/proof_plans/demo_mock_plan.rs +++ b/crates/proof-of-sql/src/sql/proof_plans/demo_mock_plan.rs @@ -60,7 +60,7 @@ impl ProofPlan for DemoMockPlan { impl ProverEvaluate for DemoMockPlan { fn first_round_evaluate<'a, S: Scalar>( &self, - _builder: &mut FirstRoundBuilder, + _builder: &mut FirstRoundBuilder<'a, S>, _alloc: &'a Bump, table_map: &IndexMap>, ) -> Table<'a, S> { diff --git a/crates/proof-of-sql/src/sql/proof_plans/empty_exec.rs b/crates/proof-of-sql/src/sql/proof_plans/empty_exec.rs index 3c6fba360..042480b9e 100644 --- a/crates/proof-of-sql/src/sql/proof_plans/empty_exec.rs +++ b/crates/proof-of-sql/src/sql/proof_plans/empty_exec.rs @@ -71,7 +71,7 @@ impl ProverEvaluate for EmptyExec { #[tracing::instrument(name = "EmptyExec::first_round_evaluate", level = "debug", skip_all)] fn first_round_evaluate<'a, S: Scalar>( &self, - _builder: &mut FirstRoundBuilder, + _builder: &mut FirstRoundBuilder<'a, S>, _alloc: &'a Bump, _table_map: &IndexMap>, ) -> Table<'a, S> { diff --git a/crates/proof-of-sql/src/sql/proof_plans/filter_exec.rs b/crates/proof-of-sql/src/sql/proof_plans/filter_exec.rs index 3c8e79ce8..f55563bf0 100644 --- a/crates/proof-of-sql/src/sql/proof_plans/filter_exec.rs +++ b/crates/proof-of-sql/src/sql/proof_plans/filter_exec.rs @@ -154,7 +154,7 @@ impl ProverEvaluate for FilterExec { #[tracing::instrument(name = "FilterExec::first_round_evaluate", level = "debug", skip_all)] fn first_round_evaluate<'a, S: Scalar>( &self, - builder: &mut FirstRoundBuilder, + builder: &mut FirstRoundBuilder<'a, S>, alloc: &'a Bump, table_map: &IndexMap>, ) -> Table<'a, S> { diff --git a/crates/proof-of-sql/src/sql/proof_plans/filter_exec_test_dishonest_prover.rs b/crates/proof-of-sql/src/sql/proof_plans/filter_exec_test_dishonest_prover.rs index 4c9de16a3..519b94ac0 100644 --- a/crates/proof-of-sql/src/sql/proof_plans/filter_exec_test_dishonest_prover.rs +++ b/crates/proof-of-sql/src/sql/proof_plans/filter_exec_test_dishonest_prover.rs @@ -36,7 +36,7 @@ impl ProverEvaluate for DishonestFilterExec { )] fn first_round_evaluate<'a, S: Scalar>( &self, - builder: &mut FirstRoundBuilder, + builder: &mut FirstRoundBuilder<'a, S>, alloc: &'a Bump, table_map: &IndexMap>, ) -> Table<'a, S> { diff --git a/crates/proof-of-sql/src/sql/proof_plans/group_by_exec.rs b/crates/proof-of-sql/src/sql/proof_plans/group_by_exec.rs index aa096fed6..379437485 100644 --- a/crates/proof-of-sql/src/sql/proof_plans/group_by_exec.rs +++ b/crates/proof-of-sql/src/sql/proof_plans/group_by_exec.rs @@ -211,7 +211,7 @@ impl ProverEvaluate for GroupByExec { #[tracing::instrument(name = "GroupByExec::first_round_evaluate", level = "debug", skip_all)] fn first_round_evaluate<'a, S: Scalar>( &self, - builder: &mut FirstRoundBuilder, + builder: &mut FirstRoundBuilder<'a, S>, alloc: &'a Bump, table_map: &IndexMap>, ) -> Table<'a, S> { diff --git a/crates/proof-of-sql/src/sql/proof_plans/projection_exec.rs b/crates/proof-of-sql/src/sql/proof_plans/projection_exec.rs index 1ff274281..445d03e27 100644 --- a/crates/proof-of-sql/src/sql/proof_plans/projection_exec.rs +++ b/crates/proof-of-sql/src/sql/proof_plans/projection_exec.rs @@ -100,7 +100,7 @@ impl ProverEvaluate for ProjectionExec { )] fn first_round_evaluate<'a, S: Scalar>( &self, - _builder: &mut FirstRoundBuilder, + _builder: &mut FirstRoundBuilder<'a, S>, alloc: &'a Bump, table_map: &IndexMap>, ) -> Table<'a, S> { diff --git a/crates/proof-of-sql/src/sql/proof_plans/slice_exec.rs b/crates/proof-of-sql/src/sql/proof_plans/slice_exec.rs index 17df1ad64..6a4b9dc11 100644 --- a/crates/proof-of-sql/src/sql/proof_plans/slice_exec.rs +++ b/crates/proof-of-sql/src/sql/proof_plans/slice_exec.rs @@ -122,7 +122,7 @@ impl ProverEvaluate for SliceExec { #[tracing::instrument(name = "SliceExec::first_round_evaluate", level = "debug", skip_all)] fn first_round_evaluate<'a, S: Scalar>( &self, - builder: &mut FirstRoundBuilder, + builder: &mut FirstRoundBuilder<'a, S>, alloc: &'a Bump, table_map: &IndexMap>, ) -> Table<'a, S> { diff --git a/crates/proof-of-sql/src/sql/proof_plans/table_exec.rs b/crates/proof-of-sql/src/sql/proof_plans/table_exec.rs index dc90fdf88..372ea2943 100644 --- a/crates/proof-of-sql/src/sql/proof_plans/table_exec.rs +++ b/crates/proof-of-sql/src/sql/proof_plans/table_exec.rs @@ -80,7 +80,7 @@ impl ProverEvaluate for TableExec { #[tracing::instrument(name = "TableExec::first_round_evaluate", level = "debug", skip_all)] fn first_round_evaluate<'a, S: Scalar>( &self, - _builder: &mut FirstRoundBuilder, + _builder: &mut FirstRoundBuilder<'a, S>, _alloc: &'a Bump, table_map: &IndexMap>, ) -> Table<'a, S> { diff --git a/crates/proof-of-sql/src/sql/proof_plans/union_exec.rs b/crates/proof-of-sql/src/sql/proof_plans/union_exec.rs index c16431c7a..023607e94 100644 --- a/crates/proof-of-sql/src/sql/proof_plans/union_exec.rs +++ b/crates/proof-of-sql/src/sql/proof_plans/union_exec.rs @@ -120,7 +120,7 @@ impl ProverEvaluate for UnionExec { #[tracing::instrument(name = "UnionExec::first_round_evaluate", level = "debug", skip_all)] fn first_round_evaluate<'a, S: Scalar>( &self, - builder: &mut FirstRoundBuilder, + builder: &mut FirstRoundBuilder<'a, S>, alloc: &'a Bump, table_map: &IndexMap>, ) -> Table<'a, S> {