Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
ecc_op_queue.hpp
Go to the documentation of this file.
1// === AUDIT STATUS ===
2// internal: { status: Complete, auditors: [Raju], commit: }
3// external_1: { status: not started, auditors: [], commit: }
4// external_2: { status: not started, auditors: [], commit: }
5// =====================
6
7#pragma once
8
9#include "barretenberg/common/bb_bench.hpp"
10#include "barretenberg/ecc/curves/bn254/bn254.hpp"
11#include "barretenberg/eccvm/eccvm_builder_types.hpp"
12#include "barretenberg/op_queue/ecc_ops_table.hpp"
13#include "barretenberg/op_queue/eccvm_row_tracker.hpp"
14#include "barretenberg/polynomials/polynomial.hpp"
15namespace bb {
16
38class ECCOpQueue {
39 using Curve = curve::BN254;
40 using Point = Curve::AffineElement;
41 using Fr = Curve::ScalarField;
42 using Fq = Curve::BaseField; // Grumpkin's scalar field
43 static constexpr size_t ULTRA_TABLE_WIDTH = UltraEccOpsTable::TABLE_WIDTH;
44 Point point_at_infinity = Curve::Group::affine_point_at_infinity;
45
46 // The operations written to the queue are also performed natively; the result is stored in accumulator
47 Point accumulator = point_at_infinity;
48
49 EccvmOpsTable eccvm_ops_table; // table of ops in the ECCVM format
50 UltraEccOpsTable ultra_ops_table; // table of ops in the Ultra-arithmetization format
51
52 // Storage for the reconstructed eccvm ops table in contiguous memory. (Intended to be constructed once and for
53 // all prior to ECCVM construction to avoid repeated traversal of the per-subtable storage.)
54 std::vector<ECCVMOperation> eccvm_ops_reconstructed;
55
56 // Storage for the reconstructed ultra ops tables in contiguous memory. (Intended to be constructed once and for
57 // all prior to Translator circuit construction to avoid repeated traversal of the per-subtable storage.)
58 std::vector<UltraOp> ultra_ops_zk_reconstructed; // Chonk table
59 std::vector<UltraOp> ultra_ops_no_zk_reconstructed; // AVM table
60
61 // Tracks number of muls and size of eccvm in real time as the op queue is updated
62 EccvmRowTracker eccvm_row_tracker;
63
64 public:
65 static const size_t OP_QUEUE_SIZE = 1 << CONST_OP_QUEUE_LOG_SIZE;
69 ECCOpQueue() { initialize_new_subtable(); }
70
80
81 size_t num_subtables() const { return eccvm_ops_table.num_subtables(); }
82
83 size_t get_current_subtable_size() const { return ultra_ops_table.get_current_subtable_size(); }
84
91 size_t get_append_offset() const
92 {
93 constexpr size_t reserved_op_slots = UltraEccOpsTable::APPEND_TRACE_OFFSET / UltraEccOpsTable::NUM_ROWS_PER_OP;
94 constexpr size_t zk_op_slots = UltraEccOpsTable::ZK_ULTRA_OPS / UltraEccOpsTable::NUM_ROWS_PER_OP;
95 return OP_QUEUE_SIZE - get_current_subtable_size() - reserved_op_slots - zk_op_slots;
96 }
97
98 void merge()
99 {
100 eccvm_ops_table.merge();
101 ultra_ops_table.merge();
102 }
103
104 void merge_fixed_append(size_t ultra_fixed_offset)
105 {
106 eccvm_ops_table.merge();
107 ultra_ops_table.merge_with_fixed_append_offset(ultra_fixed_offset);
108 }
109
110 std::array<Polynomial<Fr>, ULTRA_TABLE_WIDTH> construct_zk_columns()
111 {
112 auto [column_polynomials, hiding_op] = ultra_ops_table.construct_zk_columns();
113 this->hiding_op_for_eccvm = hiding_op;
114 this->has_hiding_op = true;
115
116 return column_polynomials;
117 }
118
123
124 // Construct column polynomials for the full aggregate ultra ops table
125 std::array<Polynomial<Fr>, ULTRA_TABLE_WIDTH> construct_ultra_ops_table_columns(
126 const bool include_zk_ops = true) const
127 {
128 return ultra_ops_table.construct_table_columns(include_zk_ops);
129 }
130
131 // Construct column polynomials for the aggregate table up to and including the tail subtable.
136
137 // Construct column polynomials for the most recently merged subtable
142
143 // Reconstruct the full table of eccvm ops in contiguous memory from the independent subtables
144 void construct_full_eccvm_ops_table() { eccvm_ops_reconstructed = eccvm_ops_table.get_reconstructed(); }
145
146 // Reconstruct the ZK-prefixed full table of ultra ops in contiguous memory from the independent subtables.
151
152 // Reconstruct the non-ZK full table of ultra ops in contiguous memory from the independent subtables.
157
158 // Excludes the optional ZK prefix; see UltraEccOpsTable::num_ultra_rows
159 size_t get_ultra_ops_table_num_rows() const { return ultra_ops_table.num_ultra_rows(); }
160 size_t get_ultra_ops_count() const { return ultra_ops_table.num_ops(); } // actual operation count without padding
161 // Excludes the optional ZK prefix, same as get_ultra_ops_table_num_rows.
162 size_t get_ultra_ops_table_num_rows_up_to_tail() const { return ultra_ops_table.ultra_table_size_up_to_tail(); }
163
164 // Get the full table of ECCVM ops in contiguous memory; construct it if it has not been constructed already.
165 // The hiding op is always prepended at index 0.
166 std::vector<ECCVMOperation>& get_eccvm_ops()
167 {
168 if (eccvm_ops_reconstructed.empty()) {
169 construct_full_eccvm_ops_table();
170 // Prepend the hiding op at index 0 (required for ZK)
171 if (!has_hiding_op) {
172 throw_or_abort("Hiding op must be set before calling get_eccvm_ops()");
173 }
174 eccvm_ops_reconstructed.insert(eccvm_ops_reconstructed.begin(), hiding_op_for_eccvm);
175 }
176 return eccvm_ops_reconstructed;
177 }
178
186
194
198 size_t get_num_msm_rows() const { return eccvm_row_tracker.get_num_msm_rows(); }
199
204 size_t get_num_rows() const { return eccvm_row_tracker.get_num_rows(); }
205
209 uint32_t get_number_of_muls() const { return eccvm_row_tracker.get_number_of_muls(); }
210
215 void set_eccvm_ops_for_fuzzing(std::vector<ECCVMOperation>& eccvm_ops_in)
216 {
217 eccvm_ops_reconstructed = eccvm_ops_in;
218 }
219
225 void add_erroneous_equality_op_for_testing()
226 {
227 EccOpCode op_code{ .eq = true, .reset = true };
228 append_eccvm_op(ECCVMOperation{ .op_code = op_code, .base_point = Point::random_element() });
229 }
230
236 void empty_row_for_testing()
237 {
238 append_eccvm_op(ECCVMOperation{ .base_point = point_at_infinity });
239 accumulator.self_set_infinity();
240 }
241
242 Point get_accumulator() { return accumulator; }
243
249 UltraOp add_accumulate(const Point& to_add)
250 {
251 // Update the accumulator natively
252 accumulator = accumulator + to_add;
253 EccOpCode op_code{ .add = true };
254 // Store the eccvm operation
255 append_eccvm_op(ECCVMOperation{ .op_code = op_code, .base_point = to_add });
256
257 // Construct and store the operation in the ultra op format
258 return construct_and_populate_ultra_ops(op_code, to_add);
259 }
260
266 UltraOp mul_accumulate(const Point& to_mul, const Fr& scalar)
267 {
268 BB_BENCH_NAME("ECCOpQueue::mul_accumulate");
269 // Update the accumulator natively
270 accumulator = accumulator + to_mul * scalar;
271 EccOpCode op_code{ .mul = true };
272
273 // Construct and store the operation in the ultra op format
274 UltraOp ultra_op = construct_and_populate_ultra_ops(op_code, to_mul, scalar);
275
276 // Store the eccvm operation
277 append_eccvm_op(ECCVMOperation{
278 .op_code = op_code,
279 .base_point = to_mul,
280 .z1 = ultra_op.z_1,
281 .z2 = ultra_op.z_2,
282 .mul_scalar_full = scalar,
283 });
284
285 return ultra_op;
286 }
287
294 UltraOp no_op_ultra_only()
295 {
296 UltraOp no_op{};
297 ultra_ops_table.push(no_op);
298 return no_op;
299 }
300
308 UltraOp random_op_ultra_only()
309 {
310 UltraOp random_op{ .op_code = EccOpCode{ .is_random_op = true,
311 .random_value_1 = Fr::random_element(),
312 .random_value_2 = Fr::random_element() },
313 .x_lo = Fr::random_element(),
314 .x_hi = Fr::random_element(),
315 .y_lo = Fr::random_element(),
316 .y_hi = Fr::random_element(),
317 .z_1 = Fr::random_element(),
318 .z_2 = Fr::random_element(),
319 .return_is_infinity = false };
320 ultra_ops_table.push(random_op);
321 return random_op;
322 }
323
329 UltraOp eq_and_reset()
330 {
331 auto expected = accumulator;
332 accumulator.self_set_infinity();
333 EccOpCode op_code{ .eq = true, .reset = true };
334 // Store eccvm operation
335 append_eccvm_op(ECCVMOperation{ .op_code = op_code, .base_point = expected });
336
337 // Construct and store the operation in the ultra op format
338 return construct_and_populate_ultra_ops(op_code, expected);
339 }
340
367 UltraOp append_hiding_op(const Fq& Px, const Fq& Py)
368 {
369 auto [ultra_op, eccvm_op] = UltraEccOpsTable::make_hiding_op_pair(Px, Py);
370
371 hiding_op_for_eccvm = eccvm_op;
372 has_hiding_op = true;
373 ultra_ops_table.push(ultra_op);
374
375 // Do NOT update the accumulator - the hiding op doesn't perform any actual EC computation
376 return ultra_op;
377 }
378
379 private:
380 // === Hiding Op State ===
381 // The hiding op exists in both the ECCVM and Ultra tables (same Px, Py values, opcode q_eq=q_reset=1) so the
382 // translation check holds. It is set by exactly one of two entry points, depending on the proving flow:
383 // - Chonk: UltraEccOpsTable::construct_zk_columns() builds the full ZK prefix (1 no-op + 3 random + 1 hiding)
384 // at the front of the reconstructed Ultra table; the hiding op lands at index 4.
385 // - Goblin AVM: append_hiding_op() pushes the Ultra side into the current subtable directly, with no surrounding
386 // prefix.
387 // In both cases the ECCVM side is stored here and prepended to the reconstructed ECCVM table at index 0 by
388 // get_eccvm_ops(), placing it at row 1 (lagrange_second) where the on-curve and eq constraints are gated off
389 // so that non-curve (x, y) values are accepted.
390 ECCVMOperation hiding_op_for_eccvm;
391 bool has_hiding_op = false;
392
410 UltraOp construct_and_populate_ultra_ops(EccOpCode op_code, const Point& point, const Fr& scalar = Fr::zero())
411 {
412 UltraOp ultra_op;
413 ultra_op.op_code = op_code;
414
415 // Decompose point coordinates (Fq) into hi-lo chunks (Fr)
416 const size_t CHUNK_SIZE = 2 * stdlib::NUM_LIMB_BITS_IN_FIELD_SIMULATION;
417 uint256_t x_256(point.x);
418 uint256_t y_256(point.y);
419 ultra_op.return_is_infinity = point.is_point_at_infinity();
420 // if we have a point at infinity, set x/y to zero
421 // in the biggroup_goblin class we use `assert_equal` statements to validate
422 // the original in-circuit coordinate values are also zero
423 if (point.is_point_at_infinity()) {
424 x_256 = 0;
425 y_256 = 0;
426 }
427 ultra_op.x_lo = Fr(x_256.slice(0, CHUNK_SIZE));
428 ultra_op.x_hi = Fr(x_256.slice(CHUNK_SIZE, CHUNK_SIZE * 2));
429 ultra_op.y_lo = Fr(y_256.slice(0, CHUNK_SIZE));
430 ultra_op.y_hi = Fr(y_256.slice(CHUNK_SIZE, CHUNK_SIZE * 2));
431
432 // Split scalar into 128 bit endomorphism scalars
433 Fr z_1 = 0;
434 Fr z_2 = 0;
435 auto converted = scalar.from_montgomery_form();
436 uint256_t converted_u256(scalar);
437 // if our scalar is small, don't split.
438 if (converted_u256.get_msb() < 128) {
439 ultra_op.z_1 = scalar;
440 ultra_op.z_2 = 0;
441 } else {
442 Fr::split_into_endomorphism_scalars(converted, z_1, z_2);
443 ultra_op.z_1 = z_1.to_montgomery_form();
444 ultra_op.z_2 = z_2.to_montgomery_form();
445 }
446
447 ultra_ops_table.push(ultra_op);
448
449 return ultra_op;
450 }
451};
452
453} // namespace bb
bb_bench.hpp
BB_BENCH_NAME
#define BB_BENCH_NAME(name)
Definition bb_bench.hpp:264
bb::ECCOpQueue
Manages ECC operations for the Goblin proving system.
Definition ecc_op_queue.hpp:38
bb::ECCOpQueue::Fr
Curve::ScalarField Fr
Definition ecc_op_queue.hpp:41
bb::ECCOpQueue::Point
Curve::AffineElement Point
Definition ecc_op_queue.hpp:40
bb::ECCOpQueue::construct_table_columns_up_to_tail
std::array< Polynomial< Fr >, ULTRA_TABLE_WIDTH > construct_table_columns_up_to_tail() const
Definition ecc_op_queue.hpp:132
bb::ECCOpQueue::get_ultra_ops_table_num_rows_up_to_tail
size_t get_ultra_ops_table_num_rows_up_to_tail() const
Definition ecc_op_queue.hpp:162
bb::ECCOpQueue::get_append_offset
size_t get_append_offset() const
Compute the fixed append offset for the final APPEND merge.
Definition ecc_op_queue.hpp:91
bb::ECCOpQueue::get_num_rows
size_t get_num_rows() const
Get the number of rows for the current ECCVM circuit.
Definition ecc_op_queue.hpp:204
bb::ECCOpQueue::eccvm_ops_table
EccvmOpsTable eccvm_ops_table
Definition ecc_op_queue.hpp:49
bb::ECCOpQueue::eccvm_ops_reconstructed
std::vector< ECCVMOperation > eccvm_ops_reconstructed
Definition ecc_op_queue.hpp:54
bb::ECCOpQueue::construct_ultra_ops_table_columns
std::array< Polynomial< Fr >, ULTRA_TABLE_WIDTH > construct_ultra_ops_table_columns(const bool include_zk_ops=true) const
Definition ecc_op_queue.hpp:125
bb::ECCOpQueue::construct_full_eccvm_ops_table
void construct_full_eccvm_ops_table()
Definition ecc_op_queue.hpp:144
bb::ECCOpQueue::add_accumulate
UltraOp add_accumulate(const Point &to_add)
Write point addition op to queue and natively perform addition.
Definition ecc_op_queue.hpp:249
bb::ECCOpQueue::initialize_new_subtable
void initialize_new_subtable()
Initialize a new subtable for eccvm and ultra ops with the given merge settings.
Definition ecc_op_queue.hpp:75
bb::ECCOpQueue::get_accumulator
Point get_accumulator()
Definition ecc_op_queue.hpp:242
bb::ECCOpQueue::get_ultra_ops_table_num_rows
size_t get_ultra_ops_table_num_rows() const
Definition ecc_op_queue.hpp:159
bb::ECCOpQueue::ultra_ops_zk_reconstructed
std::vector< UltraOp > ultra_ops_zk_reconstructed
Definition ecc_op_queue.hpp:58
bb::ECCOpQueue::append_hiding_op
UltraOp append_hiding_op(const Fq &Px, const Fq &Py)
Add a hiding op with random Px, Py values to both ECCVM and Ultra ops tables.
Definition ecc_op_queue.hpp:367
bb::ECCOpQueue::get_no_zk_reconstructed_ultra_ops
std::vector< UltraOp > & get_no_zk_reconstructed_ultra_ops()
Definition ecc_op_queue.hpp:179
bb::ECCOpQueue::hiding_op_for_eccvm
ECCVMOperation hiding_op_for_eccvm
Definition ecc_op_queue.hpp:390
bb::ECCOpQueue::ultra_ops_table
UltraEccOpsTable ultra_ops_table
Definition ecc_op_queue.hpp:50
bb::ECCOpQueue::append_eccvm_op
void append_eccvm_op(const ECCVMOperation &op)
Append an eccvm operation to the eccvm ops table; update the eccvm row tracker.
Definition ecc_op_queue.hpp:397
bb::ECCOpQueue::get_number_of_muls
uint32_t get_number_of_muls() const
Get number of muls for the current ECCVM circuit.
Definition ecc_op_queue.hpp:209
bb::ECCOpQueue::get_eccvm_ops
std::vector< ECCVMOperation > & get_eccvm_ops()
Definition ecc_op_queue.hpp:166
bb::ECCOpQueue::get_num_msm_rows
size_t get_num_msm_rows() const
Get the number of rows in the 'msm' column section, for all msms in the circuit.
Definition ecc_op_queue.hpp:198
bb::ECCOpQueue::construct_current_ultra_ops_subtable_columns
std::array< Polynomial< Fr >, ULTRA_TABLE_WIDTH > construct_current_ultra_ops_subtable_columns() const
Definition ecc_op_queue.hpp:138
bb::ECCOpQueue::ultra_ops_no_zk_reconstructed
std::vector< UltraOp > ultra_ops_no_zk_reconstructed
Definition ecc_op_queue.hpp:59
bb::ECCOpQueue::construct_and_populate_ultra_ops
UltraOp construct_and_populate_ultra_ops(EccOpCode op_code, const Point &point, const Fr &scalar=Fr::zero())
Given an ecc operation and its inputs, decompose into ultra format and populate ultra_ops.
Definition ecc_op_queue.hpp:410
bb::ECCOpQueue::get_zk_reconstructed_ultra_ops
std::vector< UltraOp > & get_zk_reconstructed_ultra_ops()
Definition ecc_op_queue.hpp:187
bb::ECCOpQueue::mul_accumulate
UltraOp mul_accumulate(const Point &to_mul, const Fr &scalar)
Write multiply and add op to queue and natively perform operation.
Definition ecc_op_queue.hpp:266
bb::ECCOpQueue::random_op_ultra_only
UltraOp random_op_ultra_only()
Writes randomness to the ultra ops table but adds no eccvm operations.
Definition ecc_op_queue.hpp:308
bb::ECCOpQueue::construct_no_zk_reconstructed_ultra_ops_table
void construct_no_zk_reconstructed_ultra_ops_table()
Definition ecc_op_queue.hpp:153
bb::ECCOpQueue::num_subtables
size_t num_subtables() const
Definition ecc_op_queue.hpp:81
bb::ECCOpQueue::construct_subtable_columns
std::vector< std::array< Polynomial< Fr >, ULTRA_TABLE_WIDTH > > construct_subtable_columns() const
Definition ecc_op_queue.hpp:119
bb::ECCOpQueue::construct_zk_columns
std::array< Polynomial< Fr >, ULTRA_TABLE_WIDTH > construct_zk_columns()
Definition ecc_op_queue.hpp:110
bb::ECCOpQueue::no_op_ultra_only
UltraOp no_op_ultra_only()
Writes a no-op to the ultra ops table but adds no eccvm operations.
Definition ecc_op_queue.hpp:294
bb::ECCOpQueue::OP_QUEUE_SIZE
static const size_t OP_QUEUE_SIZE
Definition ecc_op_queue.hpp:65
bb::ECCOpQueue::eq_and_reset
UltraOp eq_and_reset()
Write equality op using internal accumulator point.
Definition ecc_op_queue.hpp:329
bb::ECCOpQueue::get_current_subtable_size
size_t get_current_subtable_size() const
Definition ecc_op_queue.hpp:83
bb::ECCOpQueue::empty_row_for_testing
void empty_row_for_testing()
Write empty row to queue.
Definition ecc_op_queue.hpp:236
bb::ECCOpQueue::ECCOpQueue
ECCOpQueue()
Instantiate an initial ECC op subtable.
Definition ecc_op_queue.hpp:69
bb::ECCOpQueue::set_eccvm_ops_for_fuzzing
void set_eccvm_ops_for_fuzzing(std::vector< ECCVMOperation > &eccvm_ops_in)
A fuzzing only method for setting eccvm ops directly.
Definition ecc_op_queue.hpp:215
bb::ECCOpQueue::construct_zk_reconstructed_ultra_ops_table
void construct_zk_reconstructed_ultra_ops_table()
Definition ecc_op_queue.hpp:147
bb::ECCOpQueue::merge_fixed_append
void merge_fixed_append(size_t ultra_fixed_offset)
Definition ecc_op_queue.hpp:104
bb::ECCOpQueue::eccvm_row_tracker
EccvmRowTracker eccvm_row_tracker
Definition ecc_op_queue.hpp:62
bb::ECCOpQueue::get_ultra_ops_count
size_t get_ultra_ops_count() const
Definition ecc_op_queue.hpp:160
bb::ECCOpQueue::add_erroneous_equality_op_for_testing
void add_erroneous_equality_op_for_testing()
A testing only method that adds an erroneous equality op to the eccvm ops.
Definition ecc_op_queue.hpp:225
bb::ECCOpQueue::ULTRA_TABLE_WIDTH
static constexpr size_t ULTRA_TABLE_WIDTH
Definition ecc_op_queue.hpp:43
bb::EccOpsTable::create_new_subtable
void create_new_subtable(size_t size_hint=0)
Definition ecc_ops_table.hpp:140
bb::EccOpsTable::num_subtables
size_t num_subtables() const
Definition ecc_ops_table.hpp:133
bb::EccOpsTable::get_reconstructed
std::vector< OpFormat > get_reconstructed() const
Definition ecc_ops_table.hpp:168
bb::EccOpsTable::push
void push(const OpFormat &op)
Definition ecc_ops_table.hpp:138
bb::EccvmRowTracker
Class for tracking the number of rows in the ECCVM circuit and the number of muls performed as the op...
Definition eccvm_row_tracker.hpp:19
bb::EccvmRowTracker::get_num_rows
size_t get_num_rows() const
Get the number of rows for the current ECCVM circuit.
Definition eccvm_row_tracker.hpp:74
bb::EccvmRowTracker::get_num_msm_rows
size_t get_num_msm_rows() const
Get the number of rows in the 'msm' column section, for all msms in the circuit.
Definition eccvm_row_tracker.hpp:60
bb::EccvmRowTracker::get_number_of_muls
uint32_t get_number_of_muls() const
Definition eccvm_row_tracker.hpp:29
bb::EccvmRowTracker::update_cached_msms
void update_cached_msms(const ECCVMOperation &op)
Update cached_active_msm_count or update other row counts and reset cached_active_msm_count.
Definition eccvm_row_tracker.hpp:96
bb::UltraEccOpsTable
Stores a table of elliptic curve operations represented in the Ultra format.
Definition ecc_ops_table.hpp:210
bb::UltraEccOpsTable::construct_zk_columns
std::pair< ColumnPolynomials, ECCVMOperation > construct_zk_columns()
Definition ecc_ops_table.hpp:388
bb::UltraEccOpsTable::get_current_subtable_size
size_t get_current_subtable_size() const
Definition ecc_ops_table.hpp:332
bb::UltraEccOpsTable::ultra_table_size_up_to_tail
size_t ultra_table_size_up_to_tail() const
Definition ecc_ops_table.hpp:293
bb::UltraEccOpsTable::construct_subtable_columns
std::vector< ColumnPolynomials > construct_subtable_columns() const
Definition ecc_ops_table.hpp:435
bb::UltraEccOpsTable::push
void push(const UltraOp &op)
Definition ecc_ops_table.hpp:307
bb::UltraEccOpsTable::num_ultra_rows
size_t num_ultra_rows() const
Definition ecc_ops_table.hpp:283
bb::UltraEccOpsTable::construct_current_ultra_ops_subtable_columns
ColumnPolynomials construct_current_ultra_ops_subtable_columns() const
Definition ecc_ops_table.hpp:474
bb::UltraEccOpsTable::APPEND_TRACE_OFFSET
static constexpr size_t APPEND_TRACE_OFFSET
Definition ecc_ops_table.hpp:221
bb::UltraEccOpsTable::construct_table_columns_up_to_tail
ColumnPolynomials construct_table_columns_up_to_tail() const
Definition ecc_ops_table.hpp:459
bb::UltraEccOpsTable::NUM_ROWS_PER_OP
static constexpr size_t NUM_ROWS_PER_OP
Definition ecc_ops_table.hpp:213
bb::UltraEccOpsTable::create_new_subtable
void create_new_subtable(size_t size_hint=0)
Definition ecc_ops_table.hpp:306
bb::UltraEccOpsTable::make_hiding_op_pair
static std::pair< UltraOp, ECCVMOperation > make_hiding_op_pair(const curve::BN254::BaseField &Px, const curve::BN254::BaseField &Py)
Build a hiding op as paired Ultra and ECCVM operations from raw Fq coordinates.
Definition ecc_ops_table.hpp:232
bb::UltraEccOpsTable::get_no_zk_reconstructed_ultra_ops
std::vector< UltraOp > get_no_zk_reconstructed_ultra_ops() const
Definition ecc_ops_table.hpp:334
bb::UltraEccOpsTable::TABLE_WIDTH
static constexpr size_t TABLE_WIDTH
Definition ecc_ops_table.hpp:212
bb::UltraEccOpsTable::construct_table_columns
ColumnPolynomials construct_table_columns(const bool include_zk_ops=true) const
Definition ecc_ops_table.hpp:450
bb::UltraEccOpsTable::ZK_ULTRA_OPS
static constexpr size_t ZK_ULTRA_OPS
Definition ecc_ops_table.hpp:214
bb::UltraEccOpsTable::merge_with_fixed_append_offset
void merge_with_fixed_append_offset(size_t offset)
Definition ecc_ops_table.hpp:315
bb::UltraEccOpsTable::get_zk_reconstructed_ultra_ops
std::vector< UltraOp > get_zk_reconstructed_ultra_ops() const
Definition ecc_ops_table.hpp:339
bb::curve::BN254::BaseField
bb::fq BaseField
Definition bn254.hpp:19
bb::curve::BN254::AffineElement
typename Group::affine_element AffineElement
Definition bn254.hpp:22
bb::curve::BN254::ScalarField
bb::fr ScalarField
Definition bn254.hpp:18
bb::numeric::uint256_t
Definition uint256.hpp:32
bb::numeric::uint256_t::slice
constexpr uint256_t slice(uint64_t start, uint64_t end) const
Definition uint256_impl.hpp:336
bb::numeric::uint256_t::get_msb
constexpr uint64_t get_msb() const
Definition uint256_impl.hpp:376
ecc_ops_table.hpp
eccvm_builder_types.hpp
eccvm_row_tracker.hpp
bb
Entry point for Barretenberg command-line interface.
Definition api.hpp:5
std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13
bb::ECCVMOperation::base_point
AffineElement base_point
Definition ecc_ops_table.hpp:102
bb::EccOpCode
Defines the opcodes for ECC operations used in both the Ultra and ECCVM formats. There are three opco...
Definition ecc_ops_table.hpp:37
bb::UltraOp::return_is_infinity
bool return_is_infinity
Definition ecc_ops_table.hpp:76
bb::UltraOp::op_code
EccOpCode op_code
Definition ecc_ops_table.hpp:69
bb::field::to_montgomery_form
BB_INLINE constexpr field to_montgomery_form() const noexcept
Definition field_impl.hpp:285
bb::field< Bn254FrParams >::split_into_endomorphism_scalars
static void split_into_endomorphism_scalars(const field &k, field &k1, field &k2)
Full-width endomorphism decomposition: k ≡ k1 - k2·λ (mod r). Modifies the field elements k1 and k2.
Definition field_declarations.hpp:472
bb::field< Bn254FrParams >::random_element
static field random_element(numeric::RNG *engine=nullptr) noexcept
Definition field_impl.hpp:777
bb::field::from_montgomery_form
BB_INLINE constexpr field from_montgomery_form() const noexcept
Definition field_impl.hpp:292
bb::field< Bn254FrParams >::zero
static constexpr field zero()
Definition field_declarations.hpp:277
throw_or_abort
void throw_or_abort(std::string const &err)
Definition throw_or_abort.hpp:6