diff --git a/benches/sumcheck.rs b/benches/sumcheck.rs index 312757bc..696aa776 100644 --- a/benches/sumcheck.rs +++ b/benches/sumcheck.rs @@ -1,8 +1,8 @@ -use criterion::{BenchmarkId, Criterion, criterion_group, criterion_main}; +use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion}; use p3_baby_bear::{BabyBear, Poseidon2BabyBear}; -use p3_challenger::{DuplexChallenger, FieldChallenger, GrindingChallenger}; +use p3_challenger::{DuplexChallenger, FieldChallenger, UniformGrindingChallenger}; use p3_field::extension::BinomialExtensionField; -use rand::{Rng, SeedableRng, rngs::SmallRng}; +use rand::{rngs::SmallRng, Rng, SeedableRng}; use whir_p3::{ fiat_shamir::{domain_separator::DomainSeparator, prover::ProverState}, poly::{evals::EvaluationsList, multilinear::MultilinearPoint}, @@ -38,7 +38,7 @@ fn generate_statement( num_constraints: usize, ) -> Statement where - C: FieldChallenger + GrindingChallenger, + C: FieldChallenger + UniformGrindingChallenger, { let mut statement = Statement::initialize(num_vars); for _ in 0..num_constraints { diff --git a/src/fiat_shamir/domain_separator.rs b/src/fiat_shamir/domain_separator.rs index 33b54ced..0793b8cb 100644 --- a/src/fiat_shamir/domain_separator.rs +++ b/src/fiat_shamir/domain_separator.rs @@ -1,6 +1,6 @@ use std::marker::PhantomData; -use p3_challenger::{FieldChallenger, GrindingChallenger}; +use p3_challenger::{FieldChallenger, GrindingChallenger, UniformGrindingChallenger}; use p3_field::{ExtensionField, Field, TwoAdicField}; use crate::{ @@ -104,7 +104,7 @@ where challenger: Challenger, ) -> ProverState where - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { ProverState::new(self, challenger) } @@ -117,7 +117,7 @@ where challenger: Challenger, ) -> VerifierState where - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { VerifierState::new(self, proof_data, challenger) } @@ -133,7 +133,7 @@ where &mut self, params: &WhirConfig, ) where - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { // TODO: Add params self.observe(DIGEST_ELEMS, Observe::MerkleDigest); @@ -147,7 +147,7 @@ where &mut self, params: &WhirConfig, ) where - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, EF: TwoAdicField, F: TwoAdicField, { diff --git a/src/fiat_shamir/prover.rs b/src/fiat_shamir/prover.rs index 8b0b492a..a6ba9863 100644 --- a/src/fiat_shamir/prover.rs +++ b/src/fiat_shamir/prover.rs @@ -1,6 +1,6 @@ use std::fmt::Debug; -use p3_challenger::{FieldChallenger, GrindingChallenger}; +use p3_challenger::{FieldChallenger, GrindingChallenger, UniformGrindingChallenger}; use p3_field::{ExtensionField, Field}; use super::domain_separator::DomainSeparator; @@ -16,7 +16,7 @@ use crate::fiat_shamir::ChallengeSampler; pub struct ProverState where F: Field, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { /// Cryptographic challenger used to sample challenges and observe data. challenger: Challenger, @@ -33,7 +33,9 @@ impl ProverState where EF: ExtensionField, F: Field, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + + GrindingChallenger + + UniformGrindingChallenger, { /// Create a new prover state with a given domain separator and challenger. /// @@ -133,7 +135,8 @@ where /// # Returns /// A uniformly random value with `bits` bits. pub fn sample_bits(&mut self, bits: usize) -> usize { - self.challenger.sample_bits(bits) + //self.challenger.sample_bits(bits) + self.challenger.sample_uniform_bits(bits) } /// Perform PoW grinding and append the witness to the transcript. @@ -147,7 +150,7 @@ where } // Perform grinding and obtain a witness element in the base field. - let witness = self.challenger.grind(bits); + let witness = self.challenger.grind_uniform_may_panic(bits); // Append the witness to the proof data. self.proof_data.push(witness); @@ -158,7 +161,7 @@ impl ChallengeSampler for ProverState where EF: ExtensionField, F: Field, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { fn sample(&mut self) -> EF { self.sample() diff --git a/src/fiat_shamir/verifier.rs b/src/fiat_shamir/verifier.rs index 5536dbc3..c1f74c9d 100644 --- a/src/fiat_shamir/verifier.rs +++ b/src/fiat_shamir/verifier.rs @@ -1,8 +1,8 @@ -use p3_challenger::{FieldChallenger, GrindingChallenger}; +use p3_challenger::{FieldChallenger, UniformGrindingChallenger}; use p3_field::{ExtensionField, Field}; use super::domain_separator::DomainSeparator; -use crate::fiat_shamir::{ChallengeSampler, errors::FiatShamirError}; +use crate::fiat_shamir::{errors::FiatShamirError, ChallengeSampler}; /// State held by the verifier in a Fiat-Shamir protocol. /// @@ -12,7 +12,7 @@ use crate::fiat_shamir::{ChallengeSampler, errors::FiatShamirError}; pub struct VerifierState where F: Field, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { /// Cryptographic challenger used for sampling challenges and observing proof data. challenger: Challenger, @@ -29,7 +29,7 @@ where impl VerifierState where - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, EF: ExtensionField, F: Field, { @@ -186,7 +186,8 @@ where /// # Returns /// A uniformly random value with `bits` bits. pub fn sample_bits(&mut self, bits: usize) -> usize { - self.challenger.sample_bits(bits) + //self.challenger.sample_bits(bits) + self.challenger.sample_uniform_bits_may_panic(bits) } /// Verify PoW grinding witness correctness. @@ -213,7 +214,10 @@ where self.index += 1; // Verify the witness using the challenger. - if self.challenger.check_witness(bits, witness) { + if self + .challenger + .check_witness_uniform_may_panic(bits, witness) + { Ok(()) } else { Err(FiatShamirError::InvalidGrindingWitness) @@ -225,7 +229,7 @@ impl ChallengeSampler for VerifierState, F: Field, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { fn sample(&mut self) -> EF { self.sample() diff --git a/src/sumcheck/sumcheck_single.rs b/src/sumcheck/sumcheck_single.rs index 11705bae..dd1e65b8 100644 --- a/src/sumcheck/sumcheck_single.rs +++ b/src/sumcheck/sumcheck_single.rs @@ -1,4 +1,4 @@ -use p3_challenger::{FieldChallenger, GrindingChallenger}; +use p3_challenger::{FieldChallenger, GrindingChallenger, UniformGrindingChallenger}; use p3_field::{ExtensionField, Field, TwoAdicField}; use p3_interpolation::interpolate_subgroup; use p3_maybe_rayon::prelude::*; @@ -43,7 +43,9 @@ fn initial_round>( pow_bits: usize, ) -> (EF, EvaluationsList) where - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + + GrindingChallenger + + UniformGrindingChallenger, { // Compute the quadratic sumcheck polynomial for the current variable. let sumcheck_poly = compute_sumcheck_polynomial(evals, weights, *sum); @@ -89,7 +91,7 @@ fn round>( pow_bits: usize, ) -> EF where - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { // Compute the quadratic sumcheck polynomial for the current variable. let sumcheck_poly = compute_sumcheck_polynomial(evals, weights, *sum); @@ -270,7 +272,7 @@ where where F: TwoAdicField, EF: TwoAdicField, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { assert_ne!(folding_factor, 0); let mut res = Vec::with_capacity(folding_factor); @@ -319,7 +321,7 @@ where where F: TwoAdicField, EF: TwoAdicField, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { assert_ne!(folding_factor, 0); let mut res = Vec::with_capacity(folding_factor); @@ -522,7 +524,7 @@ where where F: TwoAdicField, EF: TwoAdicField, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { // Standard round-by-round folding // Proceed with one-variable-per-round folding for remaining variables. diff --git a/src/sumcheck/tests.rs b/src/sumcheck/tests.rs index a2a6e957..1b9a34f8 100644 --- a/src/sumcheck/tests.rs +++ b/src/sumcheck/tests.rs @@ -1,12 +1,12 @@ use p3_baby_bear::{BabyBear, Poseidon2BabyBear}; -use p3_challenger::{DuplexChallenger, FieldChallenger, GrindingChallenger}; +use p3_challenger::{DuplexChallenger, FieldChallenger, UniformGrindingChallenger}; use p3_field::{ - ExtensionField, Field, PrimeCharacteristicRing, TwoAdicField, extension::BinomialExtensionField, + extension::BinomialExtensionField, ExtensionField, Field, PrimeCharacteristicRing, TwoAdicField, }; use p3_interpolation::interpolate_subgroup; use p3_symmetric::{PaddingFreeSponge, TruncatedPermutation}; use proptest::prelude::*; -use rand::{Rng, SeedableRng, rngs::SmallRng}; +use rand::{rngs::SmallRng, Rng, SeedableRng}; use super::sumcheck_single::SumcheckSingle; use crate::{ @@ -85,7 +85,7 @@ fn make_initial_statement( poly: &EvaluationsList, ) -> Statement where - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { // Initialize the statement to hold the evaluation constraints. let mut statement = Statement::initialize(num_vars); @@ -136,7 +136,7 @@ fn make_inter_statement( sumcheck: &mut SumcheckSingle, ) -> (Statement, EF) where - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { // Determine how many variables are left in the current sumcheck polynomial. let num_vars = sumcheck.num_variables(); @@ -203,7 +203,7 @@ fn read_statement( num_points: usize, ) -> Statement where - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { // Create a new statement that will hold all reconstructed constraints. let mut statement = Statement::initialize(num_vars); diff --git a/src/whir/committer/reader.rs b/src/whir/committer/reader.rs index ca8262ba..ec3b6c42 100644 --- a/src/whir/committer/reader.rs +++ b/src/whir/committer/reader.rs @@ -1,6 +1,6 @@ use std::{fmt::Debug, ops::Deref}; -use p3_challenger::{FieldChallenger, GrindingChallenger}; +use p3_challenger::{FieldChallenger, UniformGrindingChallenger}; use p3_field::{ExtensionField, Field, TwoAdicField}; use p3_symmetric::Hash; @@ -66,7 +66,7 @@ where where F: TwoAdicField, EF: ExtensionField + TwoAdicField, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { // Read the Merkle root hash committed by the prover. let root = verifier_state @@ -134,7 +134,7 @@ impl<'a, EF, F, H, C, Challenger> CommitmentReader<'a, EF, F, H, C, Challenger> where F: TwoAdicField, EF: ExtensionField + TwoAdicField, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { /// Create a new commitment reader from a WHIR configuration. /// diff --git a/src/whir/committer/writer.rs b/src/whir/committer/writer.rs index 5294ddbb..aeea6097 100644 --- a/src/whir/committer/writer.rs +++ b/src/whir/committer/writer.rs @@ -1,9 +1,9 @@ use std::{ops::Deref, sync::Arc}; -use p3_challenger::{FieldChallenger, GrindingChallenger}; +use p3_challenger::{FieldChallenger, UniformGrindingChallenger}; use p3_commit::Mmcs; use p3_field::{ExtensionField, Field, TwoAdicField}; -use p3_matrix::{Matrix, dense::RowMajorMatrix}; +use p3_matrix::{dense::RowMajorMatrix, Matrix}; use p3_merkle_tree::MerkleTreeMmcs; use p3_symmetric::{CryptographicHasher, PseudoCompressionFunction}; use serde::{Deserialize, Serialize}; @@ -37,7 +37,7 @@ impl<'a, EF, F, H, C, Challenger> CommitmentWriter<'a, EF, F, H, C, Challenger> where F: TwoAdicField, EF: ExtensionField + TwoAdicField, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { /// Create a new writer that borrows the WHIR protocol configuration. pub const fn new(params: &'a WhirConfig) -> Self { diff --git a/src/whir/parameters.rs b/src/whir/parameters.rs index a85d7038..d70df510 100644 --- a/src/whir/parameters.rs +++ b/src/whir/parameters.rs @@ -1,9 +1,9 @@ use std::{f64::consts::LOG2_10, marker::PhantomData}; -use p3_challenger::{FieldChallenger, GrindingChallenger}; +use p3_challenger::{FieldChallenger, UniformGrindingChallenger}; use p3_field::{ExtensionField, Field, TwoAdicField}; -use crate::parameters::{FoldingFactor, ProtocolParameters, errors::SecurityAssumption}; +use crate::parameters::{errors::SecurityAssumption, FoldingFactor, ProtocolParameters}; #[derive(Debug, Clone)] pub struct RoundConfig { @@ -65,7 +65,7 @@ impl WhirConfig where F: TwoAdicField, EF: ExtensionField + TwoAdicField, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { #[allow(clippy::too_many_lines)] pub fn new(num_variables: usize, whir_parameters: ProtocolParameters) -> Self { diff --git a/src/whir/prover/mod.rs b/src/whir/prover/mod.rs index 44daeeeb..6e2775b3 100644 --- a/src/whir/prover/mod.rs +++ b/src/whir/prover/mod.rs @@ -1,6 +1,6 @@ use std::ops::Deref; -use p3_challenger::{FieldChallenger, GrindingChallenger}; +use p3_challenger::{FieldChallenger, UniformGrindingChallenger}; use p3_commit::{ExtensionMmcs, Mmcs}; use p3_field::{ExtensionField, Field, TwoAdicField}; use p3_interpolation::interpolate_subgroup; @@ -54,7 +54,7 @@ impl Prover<'_, EF, F, H, C, Challenger> where F: TwoAdicField + Ord, EF: ExtensionField + TwoAdicField, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { /// Validates that the total number of variables expected by the prover configuration /// matches the number implied by the folding schedule and the final rounds. diff --git a/src/whir/prover/round_state/state.rs b/src/whir/prover/round_state/state.rs index 211718e9..db4f8b40 100644 --- a/src/whir/prover/round_state/state.rs +++ b/src/whir/prover/round_state/state.rs @@ -4,7 +4,7 @@ use std::sync::Arc; -use p3_challenger::{FieldChallenger, GrindingChallenger}; +use p3_challenger::{FieldChallenger, UniformGrindingChallenger}; use p3_field::{ExtensionField, TwoAdicField}; use p3_matrix::dense::DenseMatrix; use p3_merkle_tree::MerkleTree; @@ -153,7 +153,7 @@ where witness: Witness, DIGEST_ELEMS>, ) -> Result where - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, MyChallenger: Clone, C: Clone, { diff --git a/src/whir/utils.rs b/src/whir/utils.rs index 5b2d01c9..7a6904a4 100644 --- a/src/whir/utils.rs +++ b/src/whir/utils.rs @@ -1,10 +1,10 @@ -use p3_challenger::{FieldChallenger, GrindingChallenger}; +use p3_challenger::{FieldChallenger, UniformGrindingChallenger}; use p3_field::{ExtensionField, Field}; use p3_util::log2_strict_usize; use tracing::instrument; use crate::{ - fiat_shamir::{ChallengeSampler, errors::FiatShamirError, prover::ProverState}, + fiat_shamir::{errors::FiatShamirError, prover::ProverState, ChallengeSampler}, poly::multilinear::MultilinearPoint, }; @@ -185,7 +185,7 @@ pub fn sample_ood_points, E, Challenger>( ) -> (Vec, Vec) where E: Fn(&MultilinearPoint) -> EF, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { let mut ood_points = EF::zero_vec(num_samples); let mut ood_answers = Vec::with_capacity(num_samples); diff --git a/src/whir/verifier/mod.rs b/src/whir/verifier/mod.rs index 59d68ce2..aeb7b730 100644 --- a/src/whir/verifier/mod.rs +++ b/src/whir/verifier/mod.rs @@ -1,7 +1,7 @@ use std::{fmt::Debug, ops::Deref}; use errors::VerifierError; -use p3_challenger::{FieldChallenger, GrindingChallenger}; +use p3_challenger::{FieldChallenger, UniformGrindingChallenger}; use p3_commit::{BatchOpeningRef, ExtensionMmcs, Mmcs}; use p3_field::{ExtensionField, Field, TwoAdicField}; use p3_interpolation::interpolate_subgroup; @@ -44,7 +44,7 @@ impl<'a, EF, F, H, C, Challenger> Verifier<'a, EF, F, H, C, Challenger> where F: TwoAdicField, EF: ExtensionField + TwoAdicField, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { pub const fn new(params: &'a WhirConfig) -> Self { Self(params) diff --git a/src/whir/verifier/sumcheck.rs b/src/whir/verifier/sumcheck.rs index c594c352..e68bb1c5 100644 --- a/src/whir/verifier/sumcheck.rs +++ b/src/whir/verifier/sumcheck.rs @@ -1,4 +1,4 @@ -use p3_challenger::{FieldChallenger, GrindingChallenger}; +use p3_challenger::{FieldChallenger, UniformGrindingChallenger}; use p3_field::{ExtensionField, TwoAdicField}; use p3_interpolation::interpolate_subgroup; use p3_matrix::dense::RowMajorMatrix; @@ -47,7 +47,7 @@ pub(crate) fn verify_sumcheck_rounds( where F: TwoAdicField, EF: ExtensionField + TwoAdicField, - Challenger: FieldChallenger + GrindingChallenger, + Challenger: FieldChallenger + UniformGrindingChallenger, { // Calculate how many `(poly, rand)` pairs to expect based on skip mode // @@ -144,9 +144,9 @@ where mod tests { use p3_baby_bear::{BabyBear, Poseidon2BabyBear}; use p3_challenger::DuplexChallenger; - use p3_field::{PrimeCharacteristicRing, extension::BinomialExtensionField}; + use p3_field::{extension::BinomialExtensionField, PrimeCharacteristicRing}; use p3_symmetric::{PaddingFreeSponge, TruncatedPermutation}; - use rand::{SeedableRng, rngs::SmallRng}; + use rand::{rngs::SmallRng, SeedableRng}; use super::*; use crate::{ @@ -154,7 +154,7 @@ mod tests { domain_separator::{DomainSeparator, SumcheckParams}, pattern::{Observe, Sample}, }, - parameters::{FoldingFactor, ProtocolParameters, errors::SecurityAssumption}, + parameters::{errors::SecurityAssumption, FoldingFactor, ProtocolParameters}, poly::coeffs::CoefficientList, sumcheck::sumcheck_single::SumcheckSingle, whir::{constraints::statement::Statement, parameters::WhirConfig},