package tezos-plonk

  1. Overview
  2. Docs
Legend:
Library
Module
Module type
Parameter
Class
Class type
type prover_common_pp
val prover_common_pp_t : prover_common_pp Repr.t
type prover_circuit_pp
val prover_circuit_pp_t : prover_circuit_pp Repr.t
type prover_public_parameters = {
  1. common_pp : prover_common_pp;
  2. circuits_map : prover_circuit_pp SMap.t;
  3. transcript : PP.transcript;
}
include Plonk.Main_protocol.S with type prover_public_parameters := prover_public_parameters
exception Rest_not_null of string

Raised by the prover when the provided inputs are not a satisfying assignment of the circuit.

exception Entry_not_in_table of string

Raised by the prover when the provided inputs are not a satisfying assignment of the circuit when using Plookup.

Prime field used by aPlonk

type scalar = Scalar.t
val scalar_t : scalar Repr.t
val scalar_encoding : scalar Data_encoding.t
type circuit_map = (Plonk.Circuit.t * int) Plonk.SMap.t

Before proving and verifying, circuits go through a pre-processing step called setup. The setup takes as input a circuit_map, which associates an identifier to a circuit and the number of statements that can be proved with that circuit. This produces a set of public_parameters which are bound to the circuits and can be reused.

val prover_public_parameters_t : prover_public_parameters Repr.t
type verifier_public_parameters

Set of public_parameters needed by the verifier. It's size is constant w.r.t. the size of the circuits.

val verifier_public_parameters_t : verifier_public_parameters Repr.t
val verifier_public_parameters_encoding : verifier_public_parameters Data_encoding.t
type proof

Succinct proof for a collection of statements.

val proof_t : proof Repr.t
val proof_encoding : proof Data_encoding.t
type circuit_prover_input = {
  1. public : scalar array;
  2. witness : scalar array;
}

Prover inputs for one statement. Witness is the assignment of all wires of the circuit.

type prover_inputs = circuit_prover_input list Plonk.SMap.t

Map where each circuit identifier is bound to a list of circuit_prover_input for a list of statements.

type circuit_verifier_input

The verifier input for one circuit and several statements

type verifier_inputs = circuit_verifier_input Plonk.SMap.t

Map where each circuit identifier is bound to the verifier inputs for this circuit.

val to_verifier_inputs : prover_inputs -> verifier_inputs

Conversion from prover_inputs to verifier_inputs.

setup ~zero_knowledge circuit_map ~srs pre-processes the circuit_map producing the public parameters. The SRSs of ZCash and Filecoin can be loaded from file using the Bls12_381_polynomial library. Activating zero_knowledge adds an overhead in proving time.

val update_prover_public_parameters : Stdlib.Bytes.t -> prover_public_parameters -> prover_public_parameters

Enrich the prover_public_parameters with extra application data to prevent replay attacks. The same data must be used for updating the prover and verifier public parameters.

val update_verifier_public_parameters : Stdlib.Bytes.t -> verifier_public_parameters -> verifier_public_parameters

Enrich the verifier_public_parameters with extra application data to prevent replay attacks. The same data must be used for updating the prover and verifier public parameters.

prove public_parameters ~inputs produces a proof for the collection of statements implied by inputs and the circuits used for generating public_parameters.

  • raises Rest_not_null
  • raises Entry_not_in_table
val verify : verifier_public_parameters -> inputs:verifier_inputs -> proof -> bool

verify public_parameters ~inputs proof checks the validity of the proof with regards to public_parameters and inputs.

module Internal_for_tests : sig ... end
type worker_inputs
val worker_inputs_t : worker_inputs Repr.t
val split_inputs_map : nb_workers:int -> circuit_prover_input list SMap.t -> worker_inputs SMap.t list
type commit_to_wires_reply = PP.PC.Commitment.t
val commit_to_wires_reply_t : commit_to_wires_reply Repr.t
type wires_info
type commit_to_wires_remember = {
  1. f_wires_map : PP.Evaluations.polynomial SMap.t;
  2. wires_map : wires_info list SMap.t;
  3. inputs_map : circuit_prover_input list SMap.t;
  4. shifts_map : (int * int) SMap.t;
  5. srs : PP.prover_public_parameters;
  6. f_wires_map_list_map : PP.Evaluations.polynomial SMap.t list SMap.t;
  7. wires_prover_aux : PP.PC.Commitment.prover_aux;
}
val worker_commit_to_wires : ?zero_knowledge:bool -> (prover_common_pp * prover_circuit_pp SMap.t) -> worker_inputs SMap.t -> commit_to_wires_reply * commit_to_wires_remember
type commit_to_plook_reply = {
  1. batched_witness_map : PP.Evaluations.t SMap.t;
  2. cmt_plookup : PP.PC.Commitment.t;
  3. f_plook_map : PP.PC.Polynomial.Polynomial.t SMap.t;
  4. plook_prover_aux : PP.PC.Commitment.prover_aux;
}
val commit_to_plook_reply_t : commit_to_plook_reply Repr.t
type commit_to_plook_remember = {
  1. f_wires_map_list_map : PP.Evaluations.polynomial SMap.t list SMap.t;
  2. f_plook_map_list_map : PP.Evaluations.polynomial SMap.t list SMap.t;
  3. beta_plookup : scalar;
  4. gamma_plookup : scalar;
}
val batch_evaluated_ids : alpha:scalar -> PP.Evaluations.t SMap.t -> string list -> PP.Evaluations.t
val worker_build_identities : shifts_map:(int * int) SMap.t -> (prover_common_pp * prover_circuit_pp SMap.t) -> f_wires_map_list_map:PP.Evaluations.polynomial SMap.t list SMap.t -> f_plook_map_list_map:PP.Evaluations.polynomial SMap.t list SMap.t -> inputs_map:circuit_prover_input list SMap.t -> beta_plookup:scalar -> gamma_plookup:scalar -> PP.prover_identities
val kzg_eval_at_x : PP.transcript -> (PP.PC.secret * PP.PC.Commitment.prover_aux) list -> scalar -> bool -> PP.PC.answer list