46 using Proof = std::vector<DataType>;
101 std::vector<DataType> full_buffer;
125 DataType new_challenge = HashFunction::hash(full_buffer);
129 return new_challenges;
159 auto element_frs = Codec::serialize_to_fields(element);
173 constexpr size_t element_fr_size = Codec::template calc_num_fields<T>();
175 throw_or_abort(
"Transcript: deserialize_from_buffer out of bounds");
178 auto element_frs = std::span{
proof_data }.subspan(
offset, element_fr_size);
179 offset += element_fr_size;
181 auto element = Codec::template deserialize_from_fields<T>(element_frs);
231 const size_t num_challenges = labels.size();
235 for (
const auto& label : labels) {
249 challenges.resize(num_challenges);
252 for (
size_t i = 0; i < num_challenges / 2; i += 1) {
254 challenges[2 * i] = Codec::template convert_challenge<ChallengeType>(challenge_buffer[0]);
255 challenges[(2 * i) + 1] = Codec::template convert_challenge<ChallengeType>(challenge_buffer[1]);
257 if ((num_challenges & 1) == 1) {
259 challenges[num_challenges - 1] = Codec::template convert_challenge<ChallengeType>(challenge_buffer[0]);
279 template <
typename ChallengeType,
size_t N>
283 auto vec = get_challenges<ChallengeType>(labels_span);
285 std::move(vec.begin(), vec.end(), out.begin());
297 template <
typename ChallengeType>
300 BB_ASSERT(num_challenges > 0,
"get_dyadic_powers_of_challenge called with num_challenges=0");
301 ChallengeType challenge = get_challenge<ChallengeType>(label);
304 for (
size_t i = 1; i < num_challenges; i++) {
305 pows[i] = pows[i - 1].sqr();
329 auto elements = Codec::serialize_to_fields(element);
357 auto element_frs = Codec::template serialize_to_fields<T>(element);
373 const size_t element_size = Codec::template calc_num_fields<T>();
375 throw_or_abort(
"Transcript: receive_from_prover out of bounds (proof too short)");
392 auto element = Codec::template deserialize_from_fields<T>(element_frs);
401 template <
typename ChallengeType> ChallengeType
get_challenge(
const std::string& label)
404 auto result = get_challenges<ChallengeType>(label_span);
420 BB_ASSERT_EQ(prover_transcript->num_frs_written, 0UL,
"Expected to be empty");
422 verifier_transcript->num_frs_read =
static_cast<size_t>(verifier_transcript->proof_start);
423 verifier_transcript->proof_start = 0;
424 return verifier_transcript;
428 template <
typename T>
static std::vector<DataType>
serialize(
const T& element)
430 return Codec::serialize_to_fields(element);
435 return Codec::template deserialize_from_fields<T>(frs);
443 info(
"Warning: manifest is not enabled!");
459 constexpr uint32_t
init{ 42 };
460 transcript->send_to_verifier(
"Init",
init);
474 [[maybe_unused]]
auto _ = verifier_transcript->template receive_from_prover<DataType>(
"Init");
475 return verifier_transcript;
484 this->proof_start = start;
485 this->num_frs_written = written;
505template <
typename Builder>
516template <
typename Curve,
bool = Curve::is_stdlib_type>
struct TranscriptFor {
#define BB_ASSERT(expression,...)
#define BB_ASSERT_EQ(actual, expected,...)
Common transcript class for both parties. Stores the data for the current round, as well as the manif...
typename Codec::DataType DataType
static constexpr bool in_circuit
DataType previous_challenge
BaseTranscript(const Proof &proof)
static std::shared_ptr< BaseTranscript > test_prover_init_empty()
For testing: initializes transcript with some arbitrary data so that a challenge can be generated aft...
const Proof & test_get_proof_data() const
T receive_from_prover(const std::string &label)
Reads the next element of type T from the transcript, with a predefined label, only used by verifier.
bool challenge_generation_phase
ChallengeType get_challenge(const std::string &label)
void test_set_proof_parsing_state(std::ptrdiff_t start, size_t written)
Test utility: Set proof parsing state for export after deserialization.
std::vector< DataType > current_round_data
void add_element_frs_to_hash_buffer(const std::string &label, std::span< const DataType > element_frs)
Adds challenge elements to the current_round_buffer and updates the manifest.
Proof & test_get_proof_data()
Test utility: Get mutable reference to proof_data.
void serialize_to_buffer(const T &element, Proof &proof_data)
Serializes object and appends it to proof_data.
static std::shared_ptr< BaseTranscript > test_verifier_init_empty(const std::shared_ptr< BaseTranscript > &transcript)
For testing: initializes transcript based on proof data then receives junk data produced by BaseTrans...
std::vector< ChallengeType > get_dyadic_powers_of_challenge(const std::string &label, size_t num_challenges)
Get a challenge and compute its dyadic powers [δ, δ², δ⁴, ..., δ^(2^(num_challenges-1))].
std::vector< DataType > export_proof()
Return the proof data starting at proof_start.
static T deserialize(std::span< const DataType > frs)
void add_to_hash_buffer(const std::string &label, const T &element)
Adds an element to the transcript.
void send_to_verifier(const std::string &label, const T &element)
Adds a prover message to the transcript, only intended to be used by the prover.
void load_proof(const std::vector< DataType > &proof)
Verifier-specific method. The verifier needs to load a proof or its segment before the verification.
HashFunction_ HashFunction
std::ptrdiff_t proof_start
TranscriptManifest get_manifest() const
std::array< DataType, CHALLENGE_BUFFER_SIZE > get_next_duplex_challenge_buffer()
Compute next challenge c_next = H( Compress(c_prev || round_buffer) )
std::array< ChallengeType, N > get_challenges(const std::array< std::string, N > &labels)
Wrapper around get_challenges to handle array of challenges.
TranscriptManifest manifest
static std::vector< DataType > serialize(const T &element)
std::ptrdiff_t test_get_proof_start() const
Test utility: Get proof_start for validation.
std::vector< DataType > Proof
T deserialize_from_buffer(const Proof &proof_data, size_t &offset) const
Deserializes the frs starting at offset into the typed element and returns that element.
std::vector< ChallengeType > get_challenges(std::span< const std::string > labels)
After all the prover messages have been sent, finalize the round by hashing all the data and then cre...
static constexpr size_t CHALLENGE_BUFFER_SIZE
static std::shared_ptr< BaseTranscript > convert_prover_transcript_to_verifier_transcript(const std::shared_ptr< BaseTranscript > &prover_transcript)
Convert a prover transcript to a verifier transcript.
void add_entry(size_t round, const std::string &element_label, size_t element_size)
void add_challenge(size_t round, const std::string &label)
Add a single challenge label to the manifest for the given round.
stdlib class that evaluates in-circuit poseidon2 hashes, consistent with behavior in crypto::poseidon...
Entry point for Barretenberg command-line interface.
std::atomic< size_t > unique_transcript_index
OriginTag extract_transcript_tag(const TranscriptType &transcript)
Extract origin tag context from a transcript.
BaseTranscript< FrCodec, bb::crypto::Poseidon2< bb::crypto::Poseidon2Bn254ScalarFieldParams > > NativeTranscript
typename TranscriptFor< Curve >::type TranscriptFor_t
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
This file contains part of the logic for the Origin Tag mechanism that tracks the use of in-circuit p...
StdlibCodec for in-circuit (recursive) verification transcript handling.
Helper to get the appropriate Transcript type for a given Curve.
void throw_or_abort(std::string const &err)
1.9.8