diff --git a/cs/src/cs/witness_placer/graph_description/mod.rs b/cs/src/cs/witness_placer/graph_description/mod.rs index 8208b3e5e..5bae9fede 100644 --- a/cs/src/cs/witness_placer/graph_description/mod.rs +++ b/cs/src/cs/witness_placer/graph_description/mod.rs @@ -3,7 +3,6 @@ mod field; mod integer; use core::hash::Hash; -use std::assert_matches; use std::collections::BTreeMap; use std::collections::BTreeSet; use std::collections::HashMap; @@ -774,7 +773,7 @@ impl WitnessGraphCreator { a @ FieldNodeExpression::OracleValue { .. } => { let mut subexpr = a.clone(); mapper.add_field_subexprs(&mut subexpr); - assert_matches!(subexpr, FieldNodeExpression::SubExpression(..)); + assert!(matches!(subexpr, FieldNodeExpression::SubExpression(..))); } _ => { unreachable!(); @@ -784,10 +783,10 @@ impl WitnessGraphCreator { a @ FixedWidthIntegerNodeExpression::U32OracleValue { .. } => { let mut subexpr = a.clone(); mapper.add_integer_subexprs(&mut subexpr); - assert_matches!( + assert!(matches!( subexpr, FixedWidthIntegerNodeExpression::U32SubExpression(..) - ); + )); } _ => { unreachable!(); @@ -797,10 +796,10 @@ impl WitnessGraphCreator { a @ FixedWidthIntegerNodeExpression::U16OracleValue { .. } => { let mut subexpr = a.clone(); mapper.add_integer_subexprs(&mut subexpr); - assert_matches!( + assert!(matches!( subexpr, FixedWidthIntegerNodeExpression::U16SubExpression(..) - ); + )); } _ => { unreachable!(); @@ -810,7 +809,7 @@ impl WitnessGraphCreator { a @ BoolNodeExpression::OracleValue { .. } => { let mut subexpr = a.clone(); mapper.add_boolean_subexprs(&mut subexpr); - assert_matches!(subexpr, BoolNodeExpression::SubExpression(..)); + assert!(matches!(subexpr, BoolNodeExpression::SubExpression(..))); } _ => { unreachable!(); @@ -829,7 +828,7 @@ impl WitnessGraphCreator { assert_eq!(input_var, input_var_2); let mut subexpr = a.clone(); mapper.add_field_subexprs(&mut subexpr); - assert_matches!(subexpr, FieldNodeExpression::SubExpression(..)); + assert!(matches!(subexpr, FieldNodeExpression::SubExpression(..))); } _ => { unreachable!(); @@ -840,7 +839,7 @@ impl WitnessGraphCreator { assert_eq!(input_var, input_var_2); let mut subexpr = a.clone(); mapper.add_boolean_subexprs(&mut subexpr); - assert_matches!(subexpr, BoolNodeExpression::SubExpression(..)); + assert!(matches!(subexpr, BoolNodeExpression::SubExpression(..))); } _ => { unreachable!(); @@ -851,10 +850,10 @@ impl WitnessGraphCreator { assert_eq!(input_var, input_var_2); let mut subexpr = a.clone(); mapper.add_integer_subexprs(&mut subexpr); - assert_matches!( + assert!(matches!( subexpr, FixedWidthIntegerNodeExpression::U8SubExpression(..) - ); + )); } _ => { unreachable!(); @@ -865,10 +864,10 @@ impl WitnessGraphCreator { assert_eq!(input_var, input_var_2); let mut subexpr = a.clone(); mapper.add_integer_subexprs(&mut subexpr); - assert_matches!( + assert!(matches!( subexpr, FixedWidthIntegerNodeExpression::U16SubExpression(..) - ); + )); } _ => { unreachable!(); diff --git a/cs/src/lib.rs b/cs/src/lib.rs index 708c796b8..c7022785d 100644 --- a/cs/src/lib.rs +++ b/cs/src/lib.rs @@ -5,7 +5,6 @@ #![feature(iter_advance_by)] #![feature(ptr_as_ref_unchecked)] #![feature(option_zip)] -#![feature(assert_matches)] #![feature(allocator_api)] pub mod definitions; diff --git a/cs/src/machine/ops/unrolled/reduced_machine_ops.rs b/cs/src/machine/ops/unrolled/reduced_machine_ops.rs index 55ffac007..2e35eab3e 100644 --- a/cs/src/machine/ops/unrolled/reduced_machine_ops.rs +++ b/cs/src/machine/ops/unrolled/reduced_machine_ops.rs @@ -603,7 +603,7 @@ mod test { 23, ); - serialize_to_file(&compiled, "reduced_machine_preprocessed_layout.json"); + serialize_to_file(&compiled, "unified_reduced_preprocessed_layout.json"); } #[test] @@ -636,6 +636,6 @@ mod test { >(cs) }, ); - serialize_to_file(&ssa_forms, "reduced_machine_preprocessed_ssa.json"); + serialize_to_file(&ssa_forms, "unified_reduced_preprocessed_ssa.json"); } } diff --git a/execution_utils/Cargo.toml b/execution_utils/Cargo.toml index b834dcd30..f45fcbbc4 100644 --- a/execution_utils/Cargo.toml +++ b/execution_utils/Cargo.toml @@ -29,7 +29,7 @@ gpu_prover = { workspace = true, optional = true } [dev-dependencies] bincode = { version = "1.3" } -prover_examples = { path = "../circuit_defs/prover_examples" } +prover_examples = { path = "../circuit_defs/prover_examples", default-features = false } [features] security_80 = ["gpu_prover?/security_80"] diff --git a/execution_utils/src/lib.rs b/execution_utils/src/lib.rs index a43a1b634..2d96636c2 100644 --- a/execution_utils/src/lib.rs +++ b/execution_utils/src/lib.rs @@ -57,6 +57,15 @@ pub const BASE_PROGRAM: &[u8] = include_bytes!("../../examples/hashed_fibonacci/ pub const BASE_PROGRAM_TEXT_SECTION: &[u8] = include_bytes!("../../examples/hashed_fibonacci/app.text"); +pub const RECURSION_UNROLLED_BIN: &[u8] = + include_bytes!("../../tools/verifier/recursion_in_unrolled_layer.bin"); +pub const RECURSION_UNROLLED_TXT: &[u8] = + include_bytes!("../../tools/verifier/recursion_in_unrolled_layer.text"); +pub const RECURSION_UNIFIED_BIN: &[u8] = + include_bytes!("../../tools/verifier/recursion_in_unified_layer.bin"); +pub const RECURSION_UNIFIED_TXT: &[u8] = + include_bytes!("../../tools/verifier/recursion_in_unified_layer.text"); + pub fn get_padded_binary(binary: &[u8]) -> Vec { let mut bytecode = binary .as_chunks::<4>() diff --git a/execution_utils/src/unrolled_gpu.rs b/execution_utils/src/unrolled_gpu.rs index ba125fec7..c980f1b9d 100644 --- a/execution_utils/src/unrolled_gpu.rs +++ b/execution_utils/src/unrolled_gpu.rs @@ -1,4 +1,4 @@ -use crate::get_padded_binary; +use crate::{get_padded_binary, RECURSION_UNROLLED_BIN, RECURSION_UNROLLED_TXT, RECURSION_UNIFIED_BIN, RECURSION_UNIFIED_TXT}; use crate::unrolled::{ compute_setup_for_machine_configuration, flatten_proof_into_responses_for_unrolled_recursion, UnrolledProgramProof, UnrolledProgramSetup, @@ -85,15 +85,6 @@ pub struct UnrolledProver { pub prover: ExecutionProver, } -pub const RECURSION_UNROLLED_BIN: &[u8] = - include_bytes!("../../tools/verifier/recursion_in_unrolled_layer.bin"); -pub const RECURSION_UNROLLED_TXT: &[u8] = - include_bytes!("../../tools/verifier/recursion_in_unrolled_layer.text"); -pub const RECURSION_UNIFIED_BIN: &[u8] = - include_bytes!("../../tools/verifier/recursion_in_unified_layer.bin"); -pub const RECURSION_UNIFIED_TXT: &[u8] = - include_bytes!("../../tools/verifier/recursion_in_unified_layer.text"); - impl UnrolledProver { pub fn new( path_without_bin: &String, diff --git a/full_statement_verifier/src/unified_circuit_statement.rs b/full_statement_verifier/src/unified_circuit_statement.rs index 6005104c0..681284fb5 100644 --- a/full_statement_verifier/src/unified_circuit_statement.rs +++ b/full_statement_verifier/src/unified_circuit_statement.rs @@ -256,9 +256,8 @@ pub unsafe fn verify_unified_circuit_statement( let pow_challenge_high = verifier_common::DefaultNonDeterminismSource::read_word(); let pow_challenge = (pow_challenge_high as u64) << 32 | (pow_challenge_low as u64); - let expected_challenges = ExternalChallenges::draw_from_transcript_seed( + let expected_challenges = ExternalChallenges::draw_from_transcript_seed_with_state_permutation( memory_seed, - NUM_DELEGATION_CHALLENGES > 0, MEMORY_DELEGATION_POW_BITS, pow_challenge, ); @@ -267,12 +266,16 @@ pub unsafe fn verify_unified_circuit_statement( expected_challenges.memory_argument, proof_output_0.memory_challenges ); - if NUM_DELEGATION_CHALLENGES > 0 { - assert_eq!( - expected_challenges.delegation_argument.unwrap_unchecked(), - proof_output_0.delegation_challenges[0] - ); - } + assert_eq!( + expected_challenges.delegation_argument.unwrap_unchecked(), + proof_output_0.delegation_challenges[0] + ); + assert_eq!( + expected_challenges + .machine_state_permutation_argument + .unwrap_unchecked(), + proof_output_0.machine_state_permutation_challenges[0] + ); // conclude that our memory argument is valid let register_contribution = diff --git a/gpu_prover/src/lib.rs b/gpu_prover/src/lib.rs index 096e22dad..e7e1b56b1 100644 --- a/gpu_prover/src/lib.rs +++ b/gpu_prover/src/lib.rs @@ -1,6 +1,5 @@ #![allow(incomplete_features)] #![feature(allocator_api)] -#![feature(assert_matches)] #![feature(btree_cursors)] #![feature(extend_one_unchecked)] #![feature(generic_const_exprs)] diff --git a/gpu_prover/src/prover/memory.rs b/gpu_prover/src/prover/memory.rs index a22dc2e27..1aa3c5fd0 100644 --- a/gpu_prover/src/prover/memory.rs +++ b/gpu_prover/src/prover/memory.rs @@ -20,7 +20,6 @@ use era_cudart::result::CudaResult; use era_cudart::slice::DeviceSlice; use fft::GoodAllocator; use prover::merkle_trees::MerkleTreeCapVarLength; -use std::assert_matches; pub struct MemoryCommitmentJob<'a> { is_finished_event: CudaEvent, @@ -79,11 +78,11 @@ pub(crate) fn commit_memory<'a, A: GoodAllocator>( let mut callbacks = Callbacks::new(); let inits_and_teardowns = if let Some(inits_and_teardowns_transfer) = inits_and_teardowns_transfer { - assert_matches!( + assert!(matches!( circuit_type, CircuitType::Unrolled(UnrolledCircuitType::InitsAndTeardowns) | CircuitType::Unrolled(UnrolledCircuitType::Unified) - ); + )); let InitsAndTeardownsTransfer { data_host: _, data_device, diff --git a/gpu_prover/src/prover/stage_1.rs b/gpu_prover/src/prover/stage_1.rs index fad290af0..c6de88030 100644 --- a/gpu_prover/src/prover/stage_1.rs +++ b/gpu_prover/src/prover/stage_1.rs @@ -39,7 +39,6 @@ use era_cudart::result::CudaResult; use era_cudart::slice::DeviceSlice; use fft::GoodAllocator; use itertools::Itertools; -use std::assert_matches; use std::cmp::{max, min}; use std::sync::Arc; @@ -112,11 +111,11 @@ impl StageOneOutput { let log_domain_size = trace_len.trailing_zeros(); let inits_and_teardowns = if let Some(inits_and_teardowns_transfer) = inits_and_teardowns_transfer { - assert_matches!( + assert!(matches!( circuit_type, CircuitType::Unrolled(UnrolledCircuitType::InitsAndTeardowns) | CircuitType::Unrolled(UnrolledCircuitType::Unified) - ); + )); let InitsAndTeardownsTransfer { data_host: _, data_device, diff --git a/prover/src/definitions/leaf_inclusion_verifier/blake2s_for_everything.rs b/prover/src/definitions/leaf_inclusion_verifier/blake2s_for_everything.rs index 914731843..66f755926 100644 --- a/prover/src/definitions/leaf_inclusion_verifier/blake2s_for_everything.rs +++ b/prover/src/definitions/leaf_inclusion_verifier/blake2s_for_everything.rs @@ -200,8 +200,6 @@ impl LeafInclusionVerifier for Blake2sForEverythingVerifier { equal &= output_hash[i] == cap[i]; } - panic!("Testing purposes only"); - equal } else { // every step we: diff --git a/prover/src/prover_stages/pow_config_worst_constants.rs b/prover/src/prover_stages/pow_config_worst_constants.rs deleted file mode 100644 index df921f73e..000000000 --- a/prover/src/prover_stages/pow_config_worst_constants.rs +++ /dev/null @@ -1,53 +0,0 @@ -const MAX_TRACE_LEN_LOG2: usize = 24usize; -const MAX_FRI_FACTOR_LOG2: usize = 1usize; -const MAX_CHALLENGE_FIELD_SIZE_LOG2: usize = 124usize; -const MAX_NUMBER_OF_COLUMNS: usize = 1224usize; -const MAX_NUM_QUOTIENT_TERMS: usize = 928usize; -const MAX_NUM_OPENINGS_AT_Z: usize = 1225usize; -const MAX_NUM_OPENINGS_AT_Z_OMEGA: usize = 13usize; -const MAX_FRI_FOLDING_FACTOR_LOG2: usize = 4usize; -const POW_BITS_FOR_MEMORY_AND_DELEGATION_FOR_80_SECURITY_BITS: usize = 0usize; -const POW_BITS_FOR_MEMORY_AND_DELEGATION_FOR_100_SECURITY_BITS: usize = 8usize; -const LOOKUP_POW_BITS_FOR_80_SECURITY_BITS: usize = 0usize; -const LOOKUP_POW_BITS_FOR_100_SECURITY_BITS: usize = 5usize; -const QUOTIENT_ALPHA_POW_BITS_FOR_80_SECURITY_BITS: usize = 0usize; -const QUOTIENT_ALPHA_POW_BITS_FOR_100_SECURITY_BITS: usize = 0usize; -const QUOTIENT_Z_POW_BITS_FOR_80_SECURITY_BITS: usize = 0usize; -const QUOTIENT_Z_POW_BITS_FOR_100_SECURITY_BITS: usize = 6usize; -const DEEP_POLY_ALPHA_POW_BITS_FOR_80_SECURITY_BITS: usize = 0usize; -const DEEP_POLY_ALPHA_POW_BITS_FOR_100_SECURITY_BITS: usize = 11usize; -const MAX_FOLDINGS_POW_BITS_FOR_80_SECURITY_BITS: usize = 0usize; -const MAX_FOLDINGS_POW_BITS_FOR_100_SECURITY_BITS: usize = 4usize; -const FRI_QUERIES_POW_BITS_FOR_80_SECURITY_BITS: usize = 28usize; -const FRI_QUERIES_POW_BITS_FOR_100_SECURITY_BITS: usize = 28usize; -const NUM_QUERIES_FOR_80_SECURITY_BITS: usize = 63usize; -const NUM_QUERIES_FOR_100_SECURITY_BITS: usize = 87usize; -impl SizedProofSecurityConfig { - pub const fn worst_case_config() -> Self { - if cfg!(feature = "security_80") { - SizedProofSecurityConfig { - lookup_pow_bits: LOOKUP_POW_BITS_FOR_80_SECURITY_BITS as u32, - quotient_alpha_pow_bits: QUOTIENT_ALPHA_POW_BITS_FOR_80_SECURITY_BITS as u32, - quotient_z_pow_bits: QUOTIENT_Z_POW_BITS_FOR_80_SECURITY_BITS as u32, - deep_poly_alpha_pow_bits: DEEP_POLY_ALPHA_POW_BITS_FOR_80_SECURITY_BITS as u32, - foldings_pow_bits: [MAX_FOLDINGS_POW_BITS_FOR_80_SECURITY_BITS as u32; - NUM_FOLDINGS], - fri_queries_pow_bits: FRI_QUERIES_POW_BITS_FOR_80_SECURITY_BITS as u32, - num_queries: NUM_QUERIES_FOR_80_SECURITY_BITS, - } - } else if cfg!(feature = "security_100") { - SizedProofSecurityConfig { - lookup_pow_bits: LOOKUP_POW_BITS_FOR_100_SECURITY_BITS as u32, - quotient_alpha_pow_bits: QUOTIENT_ALPHA_POW_BITS_FOR_100_SECURITY_BITS as u32, - quotient_z_pow_bits: QUOTIENT_Z_POW_BITS_FOR_100_SECURITY_BITS as u32, - deep_poly_alpha_pow_bits: DEEP_POLY_ALPHA_POW_BITS_FOR_100_SECURITY_BITS as u32, - foldings_pow_bits: [MAX_FOLDINGS_POW_BITS_FOR_100_SECURITY_BITS as u32; - NUM_FOLDINGS], - fri_queries_pow_bits: FRI_QUERIES_POW_BITS_FOR_100_SECURITY_BITS as u32, - num_queries: NUM_QUERIES_FOR_100_SECURITY_BITS, - } - } else { - panic!("No security level selected"); - } - } -} diff --git a/tools/pow_config_generator/airbender.toml b/tools/pow_config_generator/airbender.toml new file mode 100644 index 000000000..6db81585e --- /dev/null +++ b/tools/pow_config_generator/airbender.toml @@ -0,0 +1,102 @@ +# Airbender VM Configuration +# +# Generated with https://github.com/matter-labs/zksync-airbender/tree/dev/tools/pow_config_generator +# Created: 2026-02-24 +# Commit: 9595d1be08a79e97b845600ccd8a0363c571f69c + +# Airbender has a layered proving architecture: +# - Base layer: proves correct execution of the base program. +# - Recursion layers: each layer proves the verifier program that verifies the +# *entire* previous layer. +# +# Airbender supports multiple circuit types, and each circuit type defines its +# own instruction set. For a given layer, all proofs share a common state and +# memory argument. +# +# The set of circuit types may differ across layers: +# - Recursion layers do not need to support the full instruction set. +# - Higher layers typically prioritize fewer circuit types to reduce complexity. +# +# In this configuration we use "worst-case" parameters across all circuit types. +# +# Note: Additional outer layers (using other proving systems) wrap the final +# Airbender layer into a SNARK suitable for L1 verification. + +[zkevm] +name = "Airbender" +protocol_family = "FRI_STARK" +field = "M31^4" +hash_size_bits = 256 + + +[[circuits]] +name = "generalized_circuit" +rho = 0.5 +trace_length = 16777216 + +air_max_degree = 2 +max_combo = 2 + +num_columns = 1224 +num_constraints = 928 +batch_size = 1225 + +grinding_deep = 12 + +opening_points = 2 +power_batching = true + +fri_folding_factors = [16, 16, 16, 8, 8] +fri_early_stop_degree = 128 +grinding_commit_phase = 5 + +grinding_query_phase = 28 +num_queries = 87 + + +[[circuits.lookups]] +name = "generic_lookup" +logup_type = "univariate" + +rows_L = 16777215 +rows_T = 16777215 +num_columns_S = 4 +num_lookups_M = 208 + +grinding_bits_lookup = 5 + + +[[circuits.lookups]] +name = "range_check_16_lookup" +logup_type = "univariate" + +rows_L = 16777215 +rows_T = 65536 +num_columns_S = 1 +num_lookups_M = 34 + +grinding_bits_lookup = 5 + + +[[circuits.lookups]] +name = "range_check_19_lookup" +logup_type = "univariate" + +rows_L = 16777215 +rows_T = 524288 +num_columns_S = 1 +num_lookups_M = 86 + +grinding_bits_lookup = 5 + + +[[circuits.lookups]] +name = "decoder" +logup_type = "univariate" + +rows_L = 16777215 +rows_T = 16777215 +num_columns_S = 10 +num_lookups_M = 1 + +grinding_bits_lookup = 5 diff --git a/tools/pow_config_generator/src/main.rs b/tools/pow_config_generator/src/main.rs index f5685792b..0d50a6da0 100644 --- a/tools/pow_config_generator/src/main.rs +++ b/tools/pow_config_generator/src/main.rs @@ -4,8 +4,11 @@ use std::{ process::{Command, Stdio}, }; -use proc_macro2::TokenStream; -use quote::{ToTokens, TokenStreamExt, quote}; +use quote::quote; + +pub mod pow_computation; +pub mod soundcalc; +use pow_computation::*; fn main() { println!("Running PoW Config Generator"); @@ -59,6 +62,71 @@ fn main() { .max() .unwrap(); + let max_lde_size_log2 = max_trace_len_log2 + max_fri_factor_log2; + + let num_range_16_lookups = *[ + risc_v_cycles_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + reduced_risc_v_machine_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + reduced_risc_v_log_23_machine_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + blake2_with_compression_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + bigint_with_control_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + keccak_special5_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + add_sub_lui_auipc_mop_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + jump_branch_slt_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + load_store_subword_only_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + load_store_word_only_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + mul_div_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + mul_div_unsigned_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + shift_binary_csr_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + inits_and_teardowns_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + unified_reduced_machine_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.range_check_16_lookup_expressions.len(), + ] + .iter() + .max() + .unwrap(); + + let num_range_19_lookups = *[ + risc_v_cycles_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + reduced_risc_v_machine_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + reduced_risc_v_log_23_machine_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + blake2_with_compression_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + bigint_with_control_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + keccak_special5_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + add_sub_lui_auipc_mop_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + jump_branch_slt_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + load_store_subword_only_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + load_store_word_only_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + mul_div_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + mul_div_unsigned_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + shift_binary_csr_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + inits_and_teardowns_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + unified_reduced_machine_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.timestamp_range_check_lookup_expressions.len(), + ] + .iter() + .max() + .unwrap(); + + let num_width_3_lookups = *[ + risc_v_cycles_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + reduced_risc_v_machine_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + reduced_risc_v_log_23_machine_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + blake2_with_compression_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + bigint_with_control_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + keccak_special5_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + add_sub_lui_auipc_mop_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + jump_branch_slt_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + load_store_subword_only_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + load_store_word_only_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + mul_div_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + mul_div_unsigned_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + shift_binary_csr_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + inits_and_teardowns_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + unified_reduced_machine_verifier::concrete::layout_import::VERIFIER_COMPILED_LAYOUT.witness_layout.width_3_lookups.len(), + ] + .iter() + .max() + .unwrap(); + let max_number_of_columns = *[ risc_v_cycles_verifier::concrete::size_constants::NUM_WITNESS_OPENINGS + risc_v_cycles_verifier::concrete::size_constants::NUM_MEMORY_OPENINGS @@ -286,7 +354,7 @@ fn main() { pow_bits_for_deep_z( security_bits, challenge_field_size, - max_trace_len_log2 + max_fri_factor_log2, + max_lde_size_log2, ) }); @@ -297,7 +365,7 @@ fn main() { pow_bits_for_deep_poly_alpha( security_bits, challenge_field_size, - max_trace_len_log2, + max_lde_size_log2, max_num_openings_at_z + max_num_openings_at_z_omega, ) }); @@ -307,7 +375,7 @@ fn main() { pow_bits_for_folding_round( security_bits, challenge_field_size, - max_trace_len_log2, + max_lde_size_log2, max_fri_folding_factors_log2, ) }); @@ -318,6 +386,77 @@ fn main() { let num_queries_for_100 = num_queries_for_security_params(100, pow_bits_for_queries_for_100, max_fri_factor_log2); + generate_pow_config_worst_constants( + max_trace_len_log2, + max_fri_factor_log2, + challenge_field_size, + max_number_of_columns, + max_num_quotient_terms, + max_num_openings_at_z, + max_num_openings_at_z_omega, + max_fri_folding_factors_log2, + pow_bits_for_memory_and_delegation_for_80, + pow_bits_for_memory_and_delegation_for_100, + lookup_pow_bits_for_80, + lookup_pow_bits_for_100, + quotient_alpha_pow_bits_for_80, + quotient_alpha_pow_bits_for_100, + quotient_z_pow_bits_for_80, + quotient_z_pow_bits_for_100, + deep_poly_alpha_pow_bits_for_80, + deep_poly_alpha_pow_bits_for_100, + max_foldings_pow_bits_for_80, + max_foldings_pow_bits_for_100, + pow_bits_for_queries_for_80, + pow_bits_for_queries_for_100, + num_queries_for_80, + num_queries_for_100, + ); + + generate_airbender_toml_file( + max_trace_len_log2, + max_fri_factor_log2, + max_number_of_columns, + max_num_quotient_terms, + max_num_openings_at_z, + deep_poly_alpha_pow_bits_for_100, + max_foldings_pow_bits_for_100, + pow_bits_for_queries_for_100, + num_queries_for_100, + lookup_pow_bits_for_100, + num_width_3_lookups, + num_range_16_lookups, + num_range_19_lookups, + ); +} + +#[allow(clippy::too_many_arguments)] +fn generate_pow_config_worst_constants( + max_trace_len_log2: usize, + max_fri_factor_log2: usize, + challenge_field_size: usize, + max_number_of_columns: usize, + max_num_quotient_terms: usize, + max_num_openings_at_z: usize, + max_num_openings_at_z_omega: usize, + max_fri_folding_factors_log2: usize, + pow_bits_for_memory_and_delegation_for_80: usize, + pow_bits_for_memory_and_delegation_for_100: usize, + lookup_pow_bits_for_80: usize, + lookup_pow_bits_for_100: usize, + quotient_alpha_pow_bits_for_80: usize, + quotient_alpha_pow_bits_for_100: usize, + quotient_z_pow_bits_for_80: usize, + quotient_z_pow_bits_for_100: usize, + deep_poly_alpha_pow_bits_for_80: usize, + deep_poly_alpha_pow_bits_for_100: usize, + max_foldings_pow_bits_for_80: usize, + max_foldings_pow_bits_for_100: usize, + pow_bits_for_queries_for_80: usize, + pow_bits_for_queries_for_100: usize, + num_queries_for_80: usize, + num_queries_for_100: usize, +) { let result_token_stream = quote! { const MAX_TRACE_LEN_LOG2: usize = #max_trace_len_log2; const MAX_FRI_FACTOR_LOG2: usize = #max_fri_factor_log2; @@ -380,14 +519,7 @@ fn main() { let result_string = format_rust_code(&result_token_stream.to_string()) .expect("Failed to format generated Rust code"); - let prover_path = "../../prover/src/prover_stages"; let verifier_common_path = "../../verifier_common/src"; - - std::fs::write( - Path::new(&prover_path).join("pow_config_worst_constants.rs"), - result_string.clone(), - ) - .expect(&format!("Failed to write to {}", prover_path)); std::fs::write( Path::new(&verifier_common_path).join("pow_config_worst_constants.rs"), result_string, @@ -395,139 +527,118 @@ fn main() { .expect(&format!("Failed to write to {}", verifier_common_path)); } -/// PoW before getting challenges for -/// - memory (linearization + gamma) -/// - delegation (linearization + gamma) -/// - state_permutation (linearization + gamma) -fn pow_bits_for_memory_and_delegation( - security_bits: usize, - // These challenges are shared between all circuits in one layer, so we need to use the max number of cycles - max_cycles_log2: usize, - field_size_log2: usize, -) -> usize { - let lookup_pow = pow_bits_for_cq_lookup(security_bits, max_cycles_log2, field_size_log2); - let memory_pow = pow_bits_for_memory_argument(security_bits, max_cycles_log2, field_size_log2); - - if lookup_pow > memory_pow { - lookup_pow - } else { - memory_pow - } -} - -/// PoW before getting challenges for -/// - FRI queries -fn num_queries_for_security_params( - security_bits: usize, - pow_bits: usize, - lde_factor_log2: usize, -) -> usize { - let bits = security_bits - pow_bits; - let init_res = bits.div_ceil(lde_factor_log2); - - // We should add extra 20% of queries - init_res + init_res.div_ceil(5) -} - -fn pow_bits_for_cq_lookup( - security_bits: usize, - domain_size_log2: usize, - field_size_log2: usize, -) -> usize { - let no_pow_security_bits = field_size_log2 - domain_size_log2 - 5; - if security_bits > no_pow_security_bits { - security_bits - no_pow_security_bits - } else { - 0 - } -} - -fn pow_bits_for_memory_argument( - security_bits: usize, - domain_size_log2: usize, - field_size_log2: usize, -) -> usize { - let no_pow_security_bits = field_size_log2 - domain_size_log2 - 2; - if security_bits > no_pow_security_bits { - security_bits - no_pow_security_bits - } else { - 0 - } -} - -// https://eprint.iacr.org/2022/1216.pdf -// We can bound L^+ as 4 -fn pow_bits_for_quotient( - security_bits: usize, - challenge_field_size_log2: usize, - powers_of_alpha: usize, - lde_factor_log2: usize, -) -> usize { - let powers_of_alpha_log2 = powers_of_alpha.next_power_of_two().trailing_zeros() as usize; - let no_pow_security_bits = - challenge_field_size_log2 - powers_of_alpha_log2 - 4 - lde_factor_log2.div_ceil(2); - if security_bits > no_pow_security_bits { - security_bits - no_pow_security_bits - } else { - 0 - } -} - -// https://eprint.iacr.org/2022/1216.pdf -// We can bound L^+ as 4 -fn pow_bits_for_deep_z( - security_bits: usize, - challenge_field_size_log2: usize, - lde_domain_size_log2: usize, -) -> usize { - let no_pow_security_bits = challenge_field_size_log2 - lde_domain_size_log2 - 5; - if security_bits > no_pow_security_bits { - security_bits - no_pow_security_bits - } else { - 0 - } -} - -// https://hackmd.io/@pgaf/HkKs_1ytT -fn pow_bits_for_deep_poly_alpha( - security_bits: usize, - challenge_field_size_log2: usize, - domain_size_log2: usize, - powers_of_alpha: usize, -) -> usize { - let powers_of_alpha_log2 = powers_of_alpha.next_power_of_two().trailing_zeros() as usize; - let no_pow_security_bits = challenge_field_size_log2 - powers_of_alpha_log2 - domain_size_log2; - if security_bits > no_pow_security_bits { - security_bits - no_pow_security_bits - } else { - 0 - } -} - -// https://hackmd.io/@pgaf/HkKs_1ytT -fn pow_bits_for_folding_round( - security_bits: usize, - challenge_field_size_log2: usize, - domain_size_log2: usize, - folding_factor_log2: usize, -) -> usize { - let no_pow_security_bits = challenge_field_size_log2 - folding_factor_log2 - domain_size_log2; - if security_bits > no_pow_security_bits { - security_bits - no_pow_security_bits - } else { - 0 - } -} +#[allow(clippy::too_many_arguments)] +fn generate_airbender_toml_file( + max_trace_len_log2: usize, + max_fri_factor_log2: usize, + max_number_of_columns: usize, + max_num_quotient_terms: usize, + max_num_openings_at_z: usize, + deep_poly_alpha_pow_bits_for_100: usize, + max_foldings_pow_bits_for_100: usize, + pow_bits_for_queries_for_100: usize, + num_queries_for_100: usize, + lookup_pow_bits_for_100: usize, + num_width_3_lookups: usize, + num_range_16_lookups: usize, + num_range_19_lookups: usize, +) { + let folding_props = + prover::definitions::OPTIMAL_FOLDING_PROPERTIES[max_trace_len_log2]; + + let trace_length = 1 << max_trace_len_log2; + + let created_date = Command::new("date") + .args(["+%Y-%m-%d"]) + .output() + .ok() + .filter(|o| o.status.success()) + .map(|o| String::from_utf8_lossy(&o.stdout).trim().to_string()) + .unwrap_or_else(|| "unknown".to_string()); + + let commit_hash = Command::new("git") + .args(["rev-parse", "HEAD"]) + .output() + .ok() + .filter(|o| o.status.success()) + .map(|o| String::from_utf8_lossy(&o.stdout).trim().to_string()) + .unwrap_or_else(|| "unknown".to_string()); + + let toml_params = soundcalc::AirbenderTomlParams { + // Metadata + created_date, + commit_hash, + + // Constants (fixed for the proof system) + rho: (0.5f32).powf(max_fri_factor_log2 as f32) as f64, + air_max_degree: 2, + max_combo: 2, + opening_points: 2, + power_batching: true, + + // Worst-case across verifiers + trace_length, + num_columns: max_number_of_columns, + num_constraints: max_num_quotient_terms, + batch_size: max_num_openings_at_z, + + // FRI schedule (derived from worst-case trace length) + fri_folding_factors: folding_props + .folding_sequence + .iter() + .map(|f| 1usize << f) + .collect(), + fri_early_stop_degree: 1 + << (folding_props.final_monomial_degree_log2 + max_fri_factor_log2), + + // Security parameters (100-bit) + grinding_deep: deep_poly_alpha_pow_bits_for_100, + grinding_commit_phase: max_foldings_pow_bits_for_100, + grinding_query_phase: pow_bits_for_queries_for_100, + num_queries: num_queries_for_100, + + lookups: vec![ + soundcalc::LookupParams { + name: "generic_lookup".to_string(), + logup_type: "univariate".to_string(), + rows_l: trace_length - 1, + rows_t: trace_length - 1, + num_columns_s: 4, // COMMON_TABLE_WIDTH + num_lookups_m: num_width_3_lookups, + grinding_bits_lookup: lookup_pow_bits_for_100, + }, + soundcalc::LookupParams { + name: "range_check_16_lookup".to_string(), + logup_type: "univariate".to_string(), + rows_l: trace_length - 1, + rows_t: 1 << 16, + num_columns_s: 1, + num_lookups_m: num_range_16_lookups, + grinding_bits_lookup: lookup_pow_bits_for_100, + }, + soundcalc::LookupParams { + name: "range_check_19_lookup".to_string(), + logup_type: "univariate".to_string(), + rows_l: trace_length - 1, + rows_t: 1 << 19, // TIMESTAMP_COLUMNS_NUM_BITS + num_columns_s: 1, + num_lookups_m: num_range_19_lookups, + grinding_bits_lookup: lookup_pow_bits_for_100, + }, + soundcalc::LookupParams { + name: "decoder".to_string(), + logup_type: "univariate".to_string(), + rows_l: trace_length - 1, + rows_t: trace_length - 1, + num_columns_s: 10, // EXECUTOR_FAMILY_CIRCUIT_DECODER_TABLE_WIDTH + num_lookups_m: 1, + grinding_bits_lookup: lookup_pow_bits_for_100, + }, + ], + }; -fn pow_bits_for_queries(security_bits: usize, num_queries: usize, lde_factor_log2: usize) -> usize { - // We should add extra 20% of queries - let queries_contribution = 5 * num_queries / 6; - let no_pow_security_bits = queries_contribution * lde_factor_log2; - if security_bits > no_pow_security_bits { - security_bits - no_pow_security_bits - } else { - 0 - } + let toml_string = soundcalc::generate_airbender_toml(&toml_params); + std::fs::write("airbender.toml", toml_string).expect("Failed to write airbender.toml"); } /// Runs rustfmt to format the code. diff --git a/tools/pow_config_generator/src/pow_computation.rs b/tools/pow_config_generator/src/pow_computation.rs new file mode 100644 index 000000000..974c8f01a --- /dev/null +++ b/tools/pow_config_generator/src/pow_computation.rs @@ -0,0 +1,138 @@ +/// PoW before getting challenges for +/// - memory (linearization + gamma) +/// - delegation (linearization + gamma) +/// - state_permutation (linearization + gamma) +pub fn pow_bits_for_memory_and_delegation( + security_bits: usize, + // These challenges are shared between all circuits in one layer, so we need to use the max number of cycles + max_cycles_log2: usize, + field_size_log2: usize, +) -> usize { + let lookup_pow = pow_bits_for_cq_lookup(security_bits, max_cycles_log2, field_size_log2); + let memory_pow = pow_bits_for_memory_argument(security_bits, max_cycles_log2, field_size_log2); + + if lookup_pow > memory_pow { + lookup_pow + } else { + memory_pow + } +} + +/// PoW before getting challenges for +/// - FRI queries +pub fn num_queries_for_security_params( + security_bits: usize, + pow_bits: usize, + lde_factor_log2: usize, +) -> usize { + let bits = security_bits - pow_bits; + let init_res = bits.div_ceil(lde_factor_log2); + + // We should add extra 20% of queries + init_res + init_res.div_ceil(5) +} + +pub fn pow_bits_for_cq_lookup( + security_bits: usize, + domain_size_log2: usize, + field_size_log2: usize, +) -> usize { + let no_pow_security_bits = field_size_log2 - domain_size_log2 - 5; + if security_bits > no_pow_security_bits { + security_bits - no_pow_security_bits + } else { + 0 + } +} + +pub fn pow_bits_for_memory_argument( + security_bits: usize, + domain_size_log2: usize, + field_size_log2: usize, +) -> usize { + let no_pow_security_bits = field_size_log2 - domain_size_log2 - 2; + if security_bits > no_pow_security_bits { + security_bits - no_pow_security_bits + } else { + 0 + } +} + +// https://eprint.iacr.org/2022/1216.pdf +// We can bound L^+ as 4 +pub fn pow_bits_for_quotient( + security_bits: usize, + challenge_field_size_log2: usize, + powers_of_alpha: usize, + lde_factor_log2: usize, +) -> usize { + let powers_of_alpha_log2 = powers_of_alpha.next_power_of_two().trailing_zeros() as usize; + let no_pow_security_bits = + challenge_field_size_log2 - powers_of_alpha_log2 - 4 - lde_factor_log2.div_ceil(2); + if security_bits > no_pow_security_bits { + security_bits - no_pow_security_bits + } else { + 0 + } +} + +// https://eprint.iacr.org/2022/1216.pdf +// We can bound L^+ as 4 +pub fn pow_bits_for_deep_z( + security_bits: usize, + challenge_field_size_log2: usize, + lde_domain_size_log2: usize, +) -> usize { + let no_pow_security_bits = challenge_field_size_log2 - lde_domain_size_log2 - 5; + if security_bits > no_pow_security_bits { + security_bits - no_pow_security_bits + } else { + 0 + } +} + +// https://hackmd.io/@pgaf/HkKs_1ytT +pub fn pow_bits_for_deep_poly_alpha( + security_bits: usize, + challenge_field_size_log2: usize, + domain_size_log2: usize, + powers_of_alpha: usize, +) -> usize { + let powers_of_alpha_log2 = powers_of_alpha.next_power_of_two().trailing_zeros() as usize; + let no_pow_security_bits = challenge_field_size_log2 - powers_of_alpha_log2 - domain_size_log2; + if security_bits > no_pow_security_bits { + security_bits - no_pow_security_bits + } else { + 0 + } +} + +// https://hackmd.io/@pgaf/HkKs_1ytT +pub fn pow_bits_for_folding_round( + security_bits: usize, + challenge_field_size_log2: usize, + domain_size_log2: usize, + folding_factor_log2: usize, +) -> usize { + let no_pow_security_bits = challenge_field_size_log2 - folding_factor_log2 - domain_size_log2; + if security_bits > no_pow_security_bits { + security_bits - no_pow_security_bits + } else { + 0 + } +} + +pub fn pow_bits_for_queries( + security_bits: usize, + num_queries: usize, + lde_factor_log2: usize, +) -> usize { + // We should add extra 20% of queries + let queries_contribution = 5 * num_queries / 6; + let no_pow_security_bits = queries_contribution * lde_factor_log2; + if security_bits > no_pow_security_bits { + security_bits - no_pow_security_bits + } else { + 0 + } +} diff --git a/tools/pow_config_generator/src/soundcalc.rs b/tools/pow_config_generator/src/soundcalc.rs new file mode 100644 index 000000000..ac1bd8a69 --- /dev/null +++ b/tools/pow_config_generator/src/soundcalc.rs @@ -0,0 +1,162 @@ +use std::fmt::Write; + +pub struct LookupParams { + pub name: String, + pub logup_type: String, + pub rows_l: usize, + pub rows_t: usize, + pub num_columns_s: usize, + pub num_lookups_m: usize, + pub grinding_bits_lookup: usize, +} + +pub struct AirbenderTomlParams { + // Metadata + pub created_date: String, + pub commit_hash: String, + + // Circuit parameters + pub trace_length: usize, + pub rho: f64, + pub air_max_degree: usize, + pub max_combo: usize, + pub num_columns: usize, + pub num_constraints: usize, + pub batch_size: usize, + pub opening_points: usize, + pub power_batching: bool, + + // FRI parameters + pub fri_folding_factors: Vec, + pub fri_early_stop_degree: usize, + + // Grinding/PoW bits (100-bit security) + pub grinding_deep: usize, + pub grinding_commit_phase: usize, + pub grinding_query_phase: usize, + pub num_queries: usize, + + // Lookups + pub lookups: Vec, +} + +fn header_comment(created_date: &str, commit_hash: &str) -> String { + format!( + "\ +# Airbender VM Configuration +# +# Generated with https://github.com/matter-labs/zksync-airbender/tree/dev/tools/pow_config_generator +# Created: {created_date} +# Commit: {commit_hash} + +# Airbender has a layered proving architecture: +# - Base layer: proves correct execution of the base program. +# - Recursion layers: each layer proves the verifier program that verifies the +# *entire* previous layer. +# +# Airbender supports multiple circuit types, and each circuit type defines its +# own instruction set. For a given layer, all proofs share a common state and +# memory argument. +# +# The set of circuit types may differ across layers: +# - Recursion layers do not need to support the full instruction set. +# - Higher layers typically prioritize fewer circuit types to reduce complexity. +# +# In this configuration we use \"worst-case\" parameters across all circuit types. +# +# Note: Additional outer layers (using other proving systems) wrap the final +# Airbender layer into a SNARK suitable for L1 verification. +" + ) +} + +pub fn generate_airbender_toml(params: &AirbenderTomlParams) -> String { + let mut out = String::new(); + + writeln!(out, "{}", header_comment(¶ms.created_date, ¶ms.commit_hash)).unwrap(); + + writeln!(out, "[zkevm]").unwrap(); + writeln!(out, "name = \"Airbender\"").unwrap(); + writeln!(out, "protocol_family = \"FRI_STARK\"").unwrap(); + writeln!(out, "field = \"M31^4\"").unwrap(); + writeln!(out, "hash_size_bits = 256").unwrap(); + writeln!(out).unwrap(); + writeln!(out).unwrap(); + + writeln!(out, "[[circuits]]").unwrap(); + writeln!(out, "name = \"generalized_circuit\"").unwrap(); + writeln!(out, "rho = {}", params.rho).unwrap(); + writeln!(out, "trace_length = {}", params.trace_length).unwrap(); + writeln!(out).unwrap(); + writeln!(out, "air_max_degree = {}", params.air_max_degree).unwrap(); + writeln!(out, "max_combo = {}", params.max_combo).unwrap(); + writeln!(out).unwrap(); + writeln!(out, "num_columns = {}", params.num_columns).unwrap(); + writeln!(out, "num_constraints = {}", params.num_constraints).unwrap(); + writeln!(out, "batch_size = {}", params.batch_size).unwrap(); + writeln!(out).unwrap(); + writeln!(out, "grinding_deep = {}", params.grinding_deep).unwrap(); + writeln!(out).unwrap(); + writeln!(out, "opening_points = {}", params.opening_points).unwrap(); + writeln!( + out, + "power_batching = {}", + params.power_batching + ) + .unwrap(); + writeln!(out).unwrap(); + + let factors_str: Vec = params + .fri_folding_factors + .iter() + .map(|f| f.to_string()) + .collect(); + writeln!( + out, + "fri_folding_factors = [{}]", + factors_str.join(", ") + ) + .unwrap(); + writeln!( + out, + "fri_early_stop_degree = {}", + params.fri_early_stop_degree + ) + .unwrap(); + writeln!( + out, + "grinding_commit_phase = {}", + params.grinding_commit_phase + ) + .unwrap(); + writeln!(out).unwrap(); + writeln!( + out, + "grinding_query_phase = {}", + params.grinding_query_phase + ) + .unwrap(); + writeln!(out, "num_queries = {}", params.num_queries).unwrap(); + + for lookup in ¶ms.lookups { + writeln!(out).unwrap(); + writeln!(out).unwrap(); + writeln!(out, "[[circuits.lookups]]").unwrap(); + writeln!(out, "name = \"{}\"", lookup.name).unwrap(); + writeln!(out, "logup_type = \"{}\"", lookup.logup_type).unwrap(); + writeln!(out).unwrap(); + writeln!(out, "rows_L = {}", lookup.rows_l).unwrap(); + writeln!(out, "rows_T = {}", lookup.rows_t).unwrap(); + writeln!(out, "num_columns_S = {}", lookup.num_columns_s).unwrap(); + writeln!(out, "num_lookups_M = {}", lookup.num_lookups_m).unwrap(); + writeln!(out).unwrap(); + writeln!( + out, + "grinding_bits_lookup = {}", + lookup.grinding_bits_lookup + ) + .unwrap(); + } + + out +} diff --git a/tools/verifier/recursion_in_unified_layer.bin b/tools/verifier/recursion_in_unified_layer.bin index a4d5bd386..09f98451b 100755 Binary files a/tools/verifier/recursion_in_unified_layer.bin and b/tools/verifier/recursion_in_unified_layer.bin differ diff --git a/tools/verifier/recursion_in_unified_layer.elf b/tools/verifier/recursion_in_unified_layer.elf index e24a3bd71..3afe94427 100755 Binary files a/tools/verifier/recursion_in_unified_layer.elf and b/tools/verifier/recursion_in_unified_layer.elf differ diff --git a/tools/verifier/recursion_in_unified_layer.text b/tools/verifier/recursion_in_unified_layer.text index 2e205cc9d..5646c28b7 100755 Binary files a/tools/verifier/recursion_in_unified_layer.text and b/tools/verifier/recursion_in_unified_layer.text differ diff --git a/tools/verifier/recursion_in_unified_layer_security_100_bits.bin b/tools/verifier/recursion_in_unified_layer_security_100_bits.bin index ee72fff90..dc55efb20 100755 Binary files a/tools/verifier/recursion_in_unified_layer_security_100_bits.bin and b/tools/verifier/recursion_in_unified_layer_security_100_bits.bin differ diff --git a/tools/verifier/recursion_in_unified_layer_security_100_bits.elf b/tools/verifier/recursion_in_unified_layer_security_100_bits.elf index 4155c874b..f9f0c8033 100755 Binary files a/tools/verifier/recursion_in_unified_layer_security_100_bits.elf and b/tools/verifier/recursion_in_unified_layer_security_100_bits.elf differ diff --git a/tools/verifier/recursion_in_unified_layer_security_100_bits.text b/tools/verifier/recursion_in_unified_layer_security_100_bits.text index c0529e081..00ebe2238 100755 Binary files a/tools/verifier/recursion_in_unified_layer_security_100_bits.text and b/tools/verifier/recursion_in_unified_layer_security_100_bits.text differ diff --git a/tools/verifier/recursion_in_unrolled_layer_security_100_bits.bin b/tools/verifier/recursion_in_unrolled_layer_security_100_bits.bin index 31821101c..f34388bb9 100755 Binary files a/tools/verifier/recursion_in_unrolled_layer_security_100_bits.bin and b/tools/verifier/recursion_in_unrolled_layer_security_100_bits.bin differ diff --git a/tools/verifier/recursion_in_unrolled_layer_security_100_bits.text b/tools/verifier/recursion_in_unrolled_layer_security_100_bits.text index 0d1dd60f7..04a17e2f0 100755 Binary files a/tools/verifier/recursion_in_unrolled_layer_security_100_bits.text and b/tools/verifier/recursion_in_unrolled_layer_security_100_bits.text differ diff --git a/verifier_common/src/pow_config_worst_constants.rs b/verifier_common/src/pow_config_worst_constants.rs index df921f73e..0f45d5bd1 100644 --- a/verifier_common/src/pow_config_worst_constants.rs +++ b/verifier_common/src/pow_config_worst_constants.rs @@ -15,9 +15,9 @@ const QUOTIENT_ALPHA_POW_BITS_FOR_100_SECURITY_BITS: usize = 0usize; const QUOTIENT_Z_POW_BITS_FOR_80_SECURITY_BITS: usize = 0usize; const QUOTIENT_Z_POW_BITS_FOR_100_SECURITY_BITS: usize = 6usize; const DEEP_POLY_ALPHA_POW_BITS_FOR_80_SECURITY_BITS: usize = 0usize; -const DEEP_POLY_ALPHA_POW_BITS_FOR_100_SECURITY_BITS: usize = 11usize; +const DEEP_POLY_ALPHA_POW_BITS_FOR_100_SECURITY_BITS: usize = 12usize; const MAX_FOLDINGS_POW_BITS_FOR_80_SECURITY_BITS: usize = 0usize; -const MAX_FOLDINGS_POW_BITS_FOR_100_SECURITY_BITS: usize = 4usize; +const MAX_FOLDINGS_POW_BITS_FOR_100_SECURITY_BITS: usize = 5usize; const FRI_QUERIES_POW_BITS_FOR_80_SECURITY_BITS: usize = 28usize; const FRI_QUERIES_POW_BITS_FOR_100_SECURITY_BITS: usize = 28usize; const NUM_QUERIES_FOR_80_SECURITY_BITS: usize = 63usize;