1. 引言
前序博客为:
- Plonky = Plonk + Halo + Rescue
针对的代码库为:
- https://github.com/mir-protocol/plonky
Plonky代码库src/curve中支持了以下curves:【src/field中定义了相应的base和scalar field参数。】
- 1)arkworks-rs的bls12-377 curve
- 2)Halo论文早期的Tweedledee和Tweedledum cycle curves,详细可参见 Halo中的elliptic curve cycle
- 3)ZCash halo2方案最终采用的Pallas和Vesta cycle curves,详细可参见 The Pasta Curves for Halo 2 and Beyond
其中: 1)src/curve/curve_adds.rs:定义了Projective和Affine坐标系下的2 point加法运算,最终加法结果以Projective坐标系表示。 2)src/curve/curve_summations.rs:定义了Affine坐标系下的多point加法运算 以及 多point batch inverse运算,最终结果以Projective坐标系表示。 3)src/curve/curve_multiplication.rs:scalar与Projective point点乘运算。 4)src/curve/curve_msm.rs:Plonky中的proving time主要由multi-scalar multiplication占据,Plonky中的multi-scalar multiplication实现采用 Yao算法 的一种变种。其性能要优于Pippinger算法,特别是对于包含variable-base MSM的IPA reduction场景。 5)src/curve/curve.rs:定义了Curve和HaloCurve trait。为Projective point和Affine point实现了基本的“等于、负数、double”等运算。
Plonky中支持的gate前缀为:
//! For reference, here is our gate prefix tree:
//!
//! ```text
//! 101001 PublicInputGate
//! 101000 CurveAddGate
//! 10111* CurveDblGate
//! 11**** CurveEndoGate
//! 1000** Base4SumGate
//! 101010 BufferGate
//! 10110* ConstantGate
//! 1001** ArithmeticGate
//! 00**** RescueStepAGate
//! 01**** RescueStepBGate
//! ```
//!
//! The `*`s above represent constants which are not used in the gate prefix, and are thus available
//! for gate configuration.
Plonky中定义的参数为:
b(crate) const NUM_WIRES: usize = 9;
pub(crate) const NUM_ROUTED_WIRES: usize = 6;
pub(crate) const NUM_ADVICE_WIRES: usize = NUM_WIRES - NUM_ROUTED_WIRES;
pub(crate) const NUM_CONSTANTS: usize = 6;
pub(crate) const GRID_WIDTH: usize = 65;
// This is currently dominated by Base4SumGate. It has degree-4n constraints, and its prefix is 4
// bits long, so its filtered constraints are degree-8n. Dividing by Z_H makes t degree-7n.
pub(crate) const QUOTIENT_POLYNOMIAL_DEGREE_MULTIPLIER: usize = 7;
Public Input Gate的PREFIX为:
const PREFIX: &'static [bool] = &[true, false, true, false, false, true];
