Barretenberg: src/barretenberg/boomerang_value_detection/graph_description_goblin.test.cpp Source File

#include "barretenberg/boomerang_value_detection/graph.hpp"

#include "barretenberg/circuit_checker/circuit_checker.hpp"

#include "barretenberg/common/test.hpp"


#include "barretenberg/goblin/goblin.hpp"

#include "barretenberg/goblin/goblin_verifier.hpp"

#include "barretenberg/goblin/merge_prover.hpp"

#include "barretenberg/goblin/mock_circuits.hpp"

#include "barretenberg/srs/global_crs.hpp"

#include "barretenberg/stdlib/honk_verifier/ultra_verification_keys_comparator.hpp"

#include "barretenberg/ultra_honk/ultra_prover.hpp"

#include "barretenberg/ultra_honk/ultra_verifier.hpp"


namespace bb::stdlib::recursion::honk {


class BoomerangGoblinRecursiveVerifierTests : public testing::Test {

  public:

    using Builder = UltraCircuitBuilder;

    using ECCVMVK = Goblin::ECCVMVerificationKey;

    using TranslatorVK = Goblin::TranslatorVerificationKey;


    using OuterFlavor = UltraFlavor;

    using OuterProver = UltraProver_<OuterFlavor>;

    using OuterVerifier = UltraRollupVerifier;

    using OuterProverInstance = ProverInstance_<OuterFlavor>;


    using Commitment = MergeVerifier::Commitment;

    using MergeCommitments = MergeVerifier::InputCommitments;

    using RecursiveCommitment = GoblinRecursiveVerifier::MergeVerifier::Commitment;

    using RecursiveMergeCommitments = GoblinRecursiveVerifier::MergeVerifier::InputCommitments;


    static void SetUpTestSuite() { bb::srs::init_file_crs_factory(bb::srs::bb_crs_path()); }


    struct ProverOutput {

        GoblinProof proof;

        Goblin::VerificationKey verifier_input;

        MergeCommitments merge_commitments;

    };


    static ProverOutput create_goblin_prover_output()

    {

        Goblin goblin;

        GoblinMockCircuits::construct_and_merge_mock_circuits(goblin, 5);

        goblin.op_queue->construct_zk_columns();


        // Merge the ecc ops from the newly constructed circuit

        auto goblin_proof = goblin.prove();

        // Subtable values and commitments - needed for (Recursive)MergeVerifier

        MergeCommitments merge_commitments;

        auto t_current = goblin.op_queue->construct_current_ultra_ops_subtable_columns();

        auto T_prev = goblin.op_queue->construct_table_columns_up_to_tail();

        CommitmentKey<curve::BN254> pcs_commitment_key(goblin.op_queue->get_ultra_ops_table_num_rows() +

                                                       UltraEccOpsTable::ZK_ULTRA_OPS);

        for (size_t idx = 0; idx < MegaFlavor::NUM_WIRES; idx++) {

            merge_commitments.t_commitments[idx] = pcs_commitment_key.commit(t_current[idx]);

            merge_commitments.T_prev_commitments[idx] = pcs_commitment_key.commit(T_prev[idx]);

        }


        // Output is a goblin proof plus ECCVM/Translator verification keys

        return { goblin_proof, { std::make_shared<ECCVMVK>(), std::make_shared<TranslatorVK>() }, merge_commitments };

    }


};


TEST_F(BoomerangGoblinRecursiveVerifierTests, graph_description_basic)

{

    auto [proof, verifier_input, merge_commitments] = create_goblin_prover_output();


    Builder builder;


    // Merge commitments

    RecursiveMergeCommitments recursive_merge_commitments;

    for (size_t idx = 0; idx < MegaFlavor::NUM_WIRES; idx++) {

        recursive_merge_commitments.t_commitments[idx] =

            RecursiveCommitment::from_witness(&builder, merge_commitments.t_commitments[idx]);

        recursive_merge_commitments.T_prev_commitments[idx] =

            RecursiveCommitment::from_witness(&builder, merge_commitments.T_prev_commitments[idx]);

        recursive_merge_commitments.t_commitments[idx].unset_free_witness_tag();

        recursive_merge_commitments.T_prev_commitments[idx].unset_free_witness_tag();

    }


    auto transcript = std::make_shared<GoblinRecursiveVerifier::Transcript>();

    GoblinStdlibProof stdlib_proof(builder, proof);

    GoblinRecursiveVerifier verifier{ transcript, stdlib_proof, recursive_merge_commitments };

    GoblinRecursiveVerifier::ReductionResult output = verifier.reduce_to_pairing_check_and_ipa_opening();


    // Aggregate merge + translator pairing points

    output.translator_pairing_points.aggregate(output.merge_pairing_points);


    stdlib::recursion::honk::RollupIO inputs;

    inputs.pairing_inputs = output.translator_pairing_points;

    inputs.ipa_claim = output.ipa_claim;

    inputs.set_public();


    builder.ipa_proof = output.ipa_proof.get_value();


    // Use the already aggregated pairing points (merge + translator)

    auto translator_pairing_points = output.translator_pairing_points;


    // The pairing points are public outputs from the recursive verifier that will be verified externally via a pairing

    // check. While they are computed within the circuit (via batch_mul for P0 and negation for P1), their output

    // coordinates may not appear in multiple constraint gates. Calling fix_witness() adds explicit constraints on these

    // values. Without these constraints, the StaticAnalyzer detects 20 variables (the coordinate limbs) that appear in

    // only one gate. This ensures the pairing point coordinates are properly constrained within the circuit itself,

    // rather than relying solely on them being public outputs.

    translator_pairing_points.fix_witness();


    // Construct and verify a proof for the Goblin Recursive Verifier circuit

    {

        auto prover_instance = std::make_shared<OuterProverInstance>(builder);

        auto verification_key =

            std::make_shared<typename OuterFlavor::VerificationKey>(prover_instance->get_precomputed());

        auto vk_and_hash = std::make_shared<typename OuterFlavor::VKAndHash>(verification_key);

        OuterProver prover(prover_instance, verification_key);

        OuterVerifier verifier(vk_and_hash);

        auto proof = prover.construct_proof();

        bool verified = verifier.verify_proof(proof).result;


        ASSERT_TRUE(verified);

    }


    info("Recursive Verifier: num gates = ", builder.num_gates());

    auto graph = cdg::StaticAnalyzer(builder, false);

    auto variables_in_one_gate = graph.get_variables_in_one_gate();

    EXPECT_EQ(variables_in_one_gate.size(), 0);

}


} // namespace bb::stdlib::recursion::honk


circuit_checker.hpp

bb::CommitmentKey
CommitmentKey object over a pairing group 𝔾₁.
Definition commitment_key.hpp:35

bb::CommitmentKey::commit
Commitment commit(PolynomialSpan< const Fr > polynomial) const
Uses the ProverSRS to create a commitment to p(X)
Definition commitment_key.hpp:73

bb::ECCVMCircuitBuilder
Definition eccvm_circuit_builder.hpp:24

bb::FixedVKAndHash_
Simple verification key class for fixed-size circuits (ECCVM, Translator, AVM).
Definition flavor.hpp:101

bb::Goblin
Definition goblin.hpp:24

bb::Goblin::TranslatorVerificationKey
TranslatorFlavor::VerificationKey TranslatorVerificationKey
Definition goblin.hpp:45

bb::Goblin::prove
GoblinProof prove()
Constuct a full Goblin proof (ECCVM, Translator, merge)
Definition goblin.cpp:69

bb::Goblin::op_queue
std::shared_ptr< OpQueue > op_queue
Definition goblin.hpp:59

bb::Goblin::ECCVMVerificationKey
ECCVMFlavor::VerificationKey ECCVMVerificationKey
Definition goblin.hpp:44

bb::GoblinMockCircuits::construct_and_merge_mock_circuits
static void construct_and_merge_mock_circuits(Goblin &goblin, const size_t num_circuits=3)
Definition mock_circuits.hpp:159

bb::GoblinVerifier_
Unified Goblin verifier for both native and recursive verification.
Definition goblin_verifier.hpp:33

bb::MegaFlavor::NUM_WIRES
static constexpr size_t NUM_WIRES
Definition mega_flavor.hpp:62

bb::MergeVerifier_::Commitment
typename Curve::AffineElement Commitment
Definition merge_verifier.hpp:28

bb::ProverInstance_
Contains all the information required by a Honk prover to create a proof, constructed from a finalize...
Definition prover_instance.hpp:26

bb::UltraCircuitBuilder_
Definition ultra_circuit_builder.hpp:40

bb::UltraEccOpsTable::ZK_ULTRA_OPS
static constexpr size_t ZK_ULTRA_OPS
Definition ecc_ops_table.hpp:214

bb::UltraFlavor
Definition ultra_flavor.hpp:32

bb::UltraProver_
Definition ultra_prover.hpp:18

bb::UltraVerifier_
Definition ultra_verifier.hpp:79

bb::stdlib::recursion::honk::BoomerangGoblinRecursiveVerifierTests
Definition graph_description_goblin.test.cpp:15

bb::stdlib::recursion::honk::BoomerangGoblinRecursiveVerifierTests::SetUpTestSuite
static void SetUpTestSuite()
Definition graph_description_goblin.test.cpp:31

bb::stdlib::recursion::honk::BoomerangGoblinRecursiveVerifierTests::RecursiveCommitment
GoblinRecursiveVerifier::MergeVerifier::Commitment RecursiveCommitment
Definition graph_description_goblin.test.cpp:28

bb::stdlib::recursion::honk::BoomerangGoblinRecursiveVerifierTests::Commitment
MergeVerifier::Commitment Commitment
Definition graph_description_goblin.test.cpp:26

bb::stdlib::recursion::honk::BoomerangGoblinRecursiveVerifierTests::create_goblin_prover_output
static ProverOutput create_goblin_prover_output()
Create a goblin proof and the VM verification keys needed by the goblin recursive verifier.
Definition graph_description_goblin.test.cpp:44

bb::stdlib::recursion::honk::BoomerangGoblinRecursiveVerifierTests::RecursiveMergeCommitments
GoblinRecursiveVerifier::MergeVerifier::InputCommitments RecursiveMergeCommitments
Definition graph_description_goblin.test.cpp:29

bb::stdlib::recursion::honk::RollupIO
The data that is propagated on the public inputs of a rollup circuit.
Definition special_public_inputs.hpp:357

info
#define info(...)
Definition log.hpp:93

builder
AluTraceBuilder builder
Definition alu.test.cpp:124

global_crs.hpp

mock_circuits.hpp

goblin.hpp

goblin_verifier.hpp

graph.hpp

inputs
AvmProvingInputs inputs
Definition hinting_dbs.test.cpp:45

merge_prover.hpp

bb::srs::bb_crs_path
std::filesystem::path bb_crs_path()
Definition global_crs.cpp:14

bb::srs::init_file_crs_factory
void init_file_crs_factory(const std::filesystem::path &path)
Definition global_crs.hpp:14

bb::stdlib::recursion::honk
Definition graph_description_goblin.test.cpp:14

bb::stdlib::recursion::honk::TEST_F
TEST_F(BoomerangGoblinRecursiveVerifierTests, graph_description_basic)
Construct and check a goblin recursive verification circuit.
Definition graph_description_goblin.test.cpp:72

bb::UltraRollupVerifier
UltraVerifier_< UltraFlavor, RollupIO > UltraRollupVerifier
Definition ultra_verifier.hpp:234

bb::UltraCircuitBuilder
UltraCircuitBuilder_< UltraExecutionTraceBlocks > UltraCircuitBuilder
Definition circuit_builders_fwd.hpp:18

cdg::StaticAnalyzer
UltraStaticAnalyzer StaticAnalyzer
Definition graph.hpp:190

std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13

bb::Goblin::VerificationKey
Definition goblin.hpp:69

bb::GoblinProof
Definition types.hpp:20

bb::GoblinStdlibProof
Definition types.hpp:36

bb::GoblinVerifier_::ReductionResult
Result of Goblin verification with mode-specific semantics.
Definition goblin_verifier.hpp:55

bb::GoblinVerifier_::ReductionResult::translator_pairing_points
PairingPoints translator_pairing_points
Definition goblin_verifier.hpp:61

bb::GoblinVerifier_::ReductionResult::ipa_claim
IPAClaim ipa_claim
Definition goblin_verifier.hpp:62

bb::GoblinVerifier_::ReductionResult::ipa_proof
IPAProof ipa_proof
Definition goblin_verifier.hpp:63

bb::GoblinVerifier_::ReductionResult::merge_pairing_points
PairingPoints merge_pairing_points
Definition goblin_verifier.hpp:60

bb::MergeVerifier_::InputCommitments
Definition merge_verifier.hpp:53

bb::MergeVerifier_::InputCommitments::T_prev_commitments
TableCommitments T_prev_commitments
Definition merge_verifier.hpp:55

bb::MergeVerifier_::InputCommitments::t_commitments
TableCommitments t_commitments
Definition merge_verifier.hpp:54

bb::stdlib::recursion::honk::BoomerangGoblinRecursiveVerifierTests::ProverOutput
Definition graph_description_goblin.test.cpp:33

bb::stdlib::recursion::honk::BoomerangGoblinRecursiveVerifierTests::ProverOutput::proof
GoblinProof proof
Definition graph_description_goblin.test.cpp:34

bb::stdlib::recursion::honk::BoomerangGoblinRecursiveVerifierTests::ProverOutput::merge_commitments
MergeCommitments merge_commitments
Definition graph_description_goblin.test.cpp:36

bb::stdlib::recursion::honk::BoomerangGoblinRecursiveVerifierTests::ProverOutput::verifier_input
Goblin::VerificationKey verifier_input
Definition graph_description_goblin.test.cpp:35

test.hpp

ultra_prover.hpp

ultra_verification_keys_comparator.hpp

ultra_verifier.hpp