#include <goblin.hpp>

Inheritance diagram for bb::Goblin:

Classes
struct	VerificationKey

Public Types
using	MegaBuilder = MegaCircuitBuilder

using	Fr = bb::fr

using	Transcript = NativeTranscript

using	OpQueue = ECCOpQueue

using	ECCVMBuilder = ECCVMFlavor::CircuitBuilder

using	ECCVMProvingKey = ECCVMFlavor::ProvingKey

using	TranslatorBuilder = TranslatorCircuitBuilder

using	MergeProof = MergeProver::MergeProof

using	BatchMergeProof = BatchMergeProver::MergeProof

using	ECCVMVerificationKey = ECCVMFlavor::VerificationKey

using	TranslatorVerificationKey = TranslatorFlavor::VerificationKey

using	MergeRecursiveVerifier = stdlib::recursion::goblin::MergeRecursiveVerifier< MegaBuilder >

using	BatchMergeRecursiveVerifier = stdlib::recursion::goblin::BatchMergeRecursiveVerifier< MegaBuilder >

using	PairingPoints = MergeRecursiveVerifier::PairingPoints

using	TableCommitments = MergeVerifier::TableCommitments

using	RecursiveTableCommitments = MergeRecursiveVerifier::TableCommitments

using	BatchRecursiveTableCommitments = BatchMergeRecursiveVerifier::TableCommitments

using	MergeCommitments = MergeVerifier::InputCommitments

using	RecursiveMergeCommitments = MergeRecursiveVerifier::InputCommitments

using	RecursiveCommitment = MergeRecursiveVerifier::Commitment

using	RecursiveTranscript = MegaStdlibTranscript

using	TranslatorInputData = TranslatorInputData_< fq >

using	IPA_PCS = IPA< ECCVMFlavor::Curve, CONST_ECCVM_LOG_N >

Public Member Functions
	Goblin (const std::shared_ptr< Transcript > &transcript=std::make_shared< Transcript >())

MergeProof	prove_merge (const std::shared_ptr< Transcript > &transcript=std::make_shared< Transcript >()) const
	Construct a single-step merge proof for the most recently merged subtable.

void	prove_eccvm ()
	Construct an ECCVM proof and IPA opening proof.

void	prove_translator ()
	Construct a translator proof.

GoblinProof	prove ()
	Constuct a full Goblin proof (ECCVM, Translator, merge)

std::pair< PairingPoints, RecursiveTableCommitments >	recursively_verify_merge (MegaBuilder &builder, const RecursiveMergeCommitments &merge_commitments, const std::shared_ptr< RecursiveTranscript > &transcript)
	Recursively verify the most recent single-step merge proof.

void	prove_batch_merge ()
	Construct a batched merge proof for all subtables accumulated during the IVC.

std::pair< PairingPoints, BatchRecursiveTableCommitments >	recursively_verify_batch_merge (MegaBuilder &builder, const BatchMergeRecursiveVerifier::FF &hash) const
	Recursively verify the batched merge proof inside the hiding kernel.

Public Attributes
std::shared_ptr< OpQueue >	op_queue = std::make_shared<OpQueue>()

GoblinProof	goblin_proof

fq	translation_batching_challenge_v

fq	evaluation_challenge_x

std::shared_ptr< Transcript >	transcript

BatchMergeProof	batch_merge_proof

Protected Attributes
bool	avm_mode = false

Private Types
using	Commitment = MegaFlavor::Commitment

using	FF = MegaFlavor::FF

Detailed Description

Definition at line 24 of file goblin.hpp.

Member Typedef Documentation

◆ BatchMergeProof

using bb::Goblin::BatchMergeProof = BatchMergeProver::MergeProof

Definition at line 43 of file goblin.hpp.

◆ BatchMergeRecursiveVerifier

using bb::Goblin::BatchMergeRecursiveVerifier = stdlib::recursion::goblin::BatchMergeRecursiveVerifier<MegaBuilder>

Definition at line 47 of file goblin.hpp.

◆ BatchRecursiveTableCommitments

using bb::Goblin::BatchRecursiveTableCommitments = BatchMergeRecursiveVerifier::TableCommitments

Definition at line 51 of file goblin.hpp.

◆ Commitment

using bb::Goblin::Commitment = MegaFlavor::Commitment

private

Definition at line 25 of file goblin.hpp.

◆ ECCVMBuilder

using bb::Goblin::ECCVMBuilder = ECCVMFlavor::CircuitBuilder

Definition at line 39 of file goblin.hpp.

◆ ECCVMProvingKey

using bb::Goblin::ECCVMProvingKey = ECCVMFlavor::ProvingKey

Definition at line 40 of file goblin.hpp.

◆ ECCVMVerificationKey

using bb::Goblin::ECCVMVerificationKey = ECCVMFlavor::VerificationKey

Definition at line 44 of file goblin.hpp.

◆ FF

using bb::Goblin::FF = MegaFlavor::FF

private

Definition at line 26 of file goblin.hpp.

◆ Fr

using bb::Goblin::Fr = bb::fr

Definition at line 36 of file goblin.hpp.

◆ IPA_PCS

using bb::Goblin::IPA_PCS = IPA<ECCVMFlavor::Curve, CONST_ECCVM_LOG_N>

Definition at line 57 of file goblin.hpp.

◆ MegaBuilder

using bb::Goblin::MegaBuilder = MegaCircuitBuilder

Definition at line 35 of file goblin.hpp.

◆ MergeCommitments

using bb::Goblin::MergeCommitments = MergeVerifier::InputCommitments

Definition at line 52 of file goblin.hpp.

◆ MergeProof

using bb::Goblin::MergeProof = MergeProver::MergeProof

Definition at line 42 of file goblin.hpp.

◆ MergeRecursiveVerifier

using bb::Goblin::MergeRecursiveVerifier = stdlib::recursion::goblin::MergeRecursiveVerifier<MegaBuilder>

Definition at line 46 of file goblin.hpp.

◆ OpQueue

using bb::Goblin::OpQueue = ECCOpQueue

Definition at line 38 of file goblin.hpp.

◆ PairingPoints

using bb::Goblin::PairingPoints = MergeRecursiveVerifier::PairingPoints

Definition at line 48 of file goblin.hpp.

◆ RecursiveCommitment

using bb::Goblin::RecursiveCommitment = MergeRecursiveVerifier::Commitment

Definition at line 54 of file goblin.hpp.

◆ RecursiveMergeCommitments

using bb::Goblin::RecursiveMergeCommitments = MergeRecursiveVerifier::InputCommitments

Definition at line 53 of file goblin.hpp.

◆ RecursiveTableCommitments

using bb::Goblin::RecursiveTableCommitments = MergeRecursiveVerifier::TableCommitments

Definition at line 50 of file goblin.hpp.

◆ RecursiveTranscript

using bb::Goblin::RecursiveTranscript = MegaStdlibTranscript

Definition at line 55 of file goblin.hpp.

◆ TableCommitments

using bb::Goblin::TableCommitments = MergeVerifier::TableCommitments

Definition at line 49 of file goblin.hpp.

◆ Transcript

using bb::Goblin::Transcript = NativeTranscript

Definition at line 37 of file goblin.hpp.

◆ TranslatorBuilder

using bb::Goblin::TranslatorBuilder = TranslatorCircuitBuilder

Definition at line 41 of file goblin.hpp.

◆ TranslatorInputData

using bb::Goblin::TranslatorInputData = TranslatorInputData_<fq>

Definition at line 56 of file goblin.hpp.

◆ TranslatorVerificationKey

using bb::Goblin::TranslatorVerificationKey = TranslatorFlavor::VerificationKey

Definition at line 45 of file goblin.hpp.

Constructor & Destructor Documentation

◆ Goblin()

bb::Goblin::Goblin ( const std::shared_ptr< Transcript > & transcript = std::make_shared<Transcript>() )

Definition at line 24 of file goblin.cpp.

Member Function Documentation

◆ prove()

GoblinProof bb::Goblin::prove ( )

Constuct a full Goblin proof (ECCVM, Translator, merge)

Returns: Proof

Definition at line 69 of file goblin.cpp.

◆ prove_batch_merge()

void bb::Goblin::prove_batch_merge ( )

Construct a batched merge proof for all subtables accumulated during the IVC.

Generate proof of the batch merge.

Proves in a single shot that the full merged table is the correct concatenation of all per-circuit subtables. Run once at the end of the IVC.

During Chonk, we accumulate all the ecc ops into subtables. After having accumulated the tail circuit, we generate a proof of the batch merge: we take the tables T_1, .., T_N (where T_N is the table of ecc ops coming from the tail circuit) and we generate a proof that T_zk || T_1 || .. || T_N = T, where T_zk is a table generated on the fly by the prover to make the merged table T zero-knowledge. The consistency between the commitments sent by the prover in the batch merge and the ones generated during Chonk accumulation is enforced via a hash check: each kernel updates a running hash using the commitments to the ecc op tables of the circuits it folds. The final hash is passed to the batch merge verifier, which uses it to enforce the consistency between the data sent by the prover and the one used during accumulation.

Definition at line 98 of file goblin.cpp.

◆ prove_eccvm()

void bb::Goblin::prove_eccvm ( )

Construct an ECCVM proof and IPA opening proof.

Also computes the translation polynomial evaluation challenges (batching_challenge_v, evaluation_challenge_x) which are passed to the Translator.

Definition at line 35 of file goblin.cpp.

◆ prove_merge()

Goblin::MergeProof bb::Goblin::prove_merge ( const std::shared_ptr< Transcript > & transcript = std::make_shared<Transcript>() ) const

Construct a single-step merge proof for the most recently merged subtable.

In the Chonk flow this is invoked only for the final fixed-location append of the hiding kernel subtable; multi-subtable merges are handled by prove_batch_merge().

Definition at line 28 of file goblin.cpp.

◆ prove_translator()

void bb::Goblin::prove_translator ( )

Construct a translator proof.

Definition at line 60 of file goblin.cpp.

◆ recursively_verify_batch_merge()

std::pair< Goblin::PairingPoints, Goblin::BatchRecursiveTableCommitments > bb::Goblin::recursively_verify_batch_merge	(	MegaBuilder &	builder,
		const BatchMergeRecursiveVerifier::FF &	hash
	)		const

Recursively verify the batched merge proof inside the hiding kernel.

Recursively verify the batch merge proof.

hash is the running ECC-op hash chained over all per-circuit subtable commitments observed during accumulation; the in-circuit verifier checks the proof's column commitments against it.

Parameters

builder
hash	Hash computed by the kernels during Chonk accumulation

The hash commits to the data used during accumulation and is used by the batch merge verifier to enforce consistency between the data sent by the prover and the one used during accumulation.

Returns: std::pair<Goblin::PairingPoints, Goblin::BatchRecursiveTableCommitments>

Definition at line 115 of file goblin.cpp.

◆ recursively_verify_merge()

std::pair< PairingPoints, RecursiveTableCommitments > bb::Goblin::recursively_verify_merge	(	MegaBuilder &	builder,
		const RecursiveMergeCommitments &	merge_commitments,
		const std::shared_ptr< RecursiveTranscript > &	transcript
	)

Recursively verify the most recent single-step merge proof.

In Chonk this is invoked once per IVC, recursively verifying the hiding kernel's fixed-location append against the prior aggregate table.

Parameters

builder	The circuit in which the recursive verification will be performed.
inputs_commitments	The commitments used by the Merge verifier (subtable + prior aggregate)
transcript	The transcript to be passed to the MergeRecursiveVerifier.

Returns: Pair of PairingPoints and commitments to the merged tables as read from the proof by the Merge verifier

Member Data Documentation

◆ avm_mode

bool bb::Goblin::avm_mode = false

protected

Definition at line 32 of file goblin.hpp.

◆ batch_merge_proof

BatchMergeProof bb::Goblin::batch_merge_proof

Definition at line 67 of file goblin.hpp.

◆ evaluation_challenge_x

fq bb::Goblin::evaluation_challenge_x

Definition at line 64 of file goblin.hpp.

◆ goblin_proof

GoblinProof bb::Goblin::goblin_proof

Definition at line 61 of file goblin.hpp.

◆ op_queue

std::shared_ptr<OpQueue> bb::Goblin::op_queue = std::make_shared<OpQueue>()

Definition at line 59 of file goblin.hpp.

◆ transcript

std::shared_ptr<Transcript> bb::Goblin::transcript

Definition at line 65 of file goblin.hpp.

◆ translation_batching_challenge_v

fq bb::Goblin::translation_batching_challenge_v

Definition at line 63 of file goblin.hpp.

The documentation for this class was generated from the following files:

src/barretenberg/goblin/goblin.hpp
src/barretenberg/goblin/goblin.cpp

Classes

Public Types

Public Member Functions

Public Attributes

Protected Attributes

Private Types