From 1ce345aa14a33ca483e58d1f8326fb4073353930 Mon Sep 17 00:00:00 2001 From: Tom Wambsgans Date: Tue, 9 Jun 2026 10:19:50 +0200 Subject: [PATCH 1/5] remove dead code --- crates/rec_aggregation/src/compilation.rs | 10 -- .../zkdsl_implem/fiat_shamir.py | 17 --- .../rec_aggregation/zkdsl_implem/hashing.py | 100 ------------------ .../rec_aggregation/zkdsl_implem/recursion.py | 2 - crates/rec_aggregation/zkdsl_implem/utils.py | 46 -------- .../zkdsl_implem/xmss_aggregate.py | 9 -- 6 files changed, 184 deletions(-) diff --git a/crates/rec_aggregation/src/compilation.rs b/crates/rec_aggregation/src/compilation.rs index 33e90746e..997402d48 100644 --- a/crates/rec_aggregation/src/compilation.rs +++ b/crates/rec_aggregation/src/compilation.rs @@ -274,7 +274,6 @@ fn build_replacements(log_inner_bytecode: usize, bytecode_zero_eval: F) -> BTree let mut one_buses_data_offsets = vec![]; let mut one_buses_new_cols = vec![]; let mut num_cols_air = vec![]; - let mut air_degrees = vec![]; let mut n_air_columns = vec![]; let mut n_air_shift_columns = vec![]; let mut n_air_constraints = vec![]; @@ -334,7 +333,6 @@ fn build_replacements(log_inner_bytecode: usize, bytecode_zero_eval: F) -> BTree )); num_cols_air.push(table.n_columns().to_string()); - air_degrees.push(table.degree_air().to_string()); n_air_columns.push(table.n_columns().to_string()); n_air_shift_columns.push(table.n_shift_columns().to_string()); n_air_constraints.push(table.n_constraints().to_string()); @@ -387,10 +385,6 @@ fn build_replacements(log_inner_bytecode: usize, bytecode_zero_eval: F) -> BTree "AIR_ALPHA_OFFSETS_PLACEHOLDER".to_string(), format!("[{}]", air_alpha_offsets.join(", ")), ); - replacements.insert( - "AIR_DEGREES_PLACEHOLDER".to_string(), - format!("[{}]", air_degrees.join(", ")), - ); replacements.insert( "MAX_AIR_FULL_DEGREE_PLACEHOLDER".to_string(), (ALL_TABLES.iter().map(|t| t.degree_air()).max().unwrap() + 1).to_string(), @@ -411,10 +405,6 @@ fn build_replacements(log_inner_bytecode: usize, bytecode_zero_eval: F) -> BTree "N_INSTRUCTION_COLUMNS_PLACEHOLDER".to_string(), N_INSTRUCTION_COLUMNS.to_string(), ); - replacements.insert( - "N_COMMITTED_EXEC_COLUMNS_PLACEHOLDER".to_string(), - N_RUNTIME_COLUMNS.to_string(), - ); replacements.insert( "TOTAL_WHIR_STATEMENTS_PLACEHOLDER".to_string(), total_whir_statements().to_string(), diff --git a/crates/rec_aggregation/zkdsl_implem/fiat_shamir.py b/crates/rec_aggregation/zkdsl_implem/fiat_shamir.py index d23955294..5f8bd298d 100644 --- a/crates/rec_aggregation/zkdsl_implem/fiat_shamir.py +++ b/crates/rec_aggregation/zkdsl_implem/fiat_shamir.py @@ -147,17 +147,6 @@ def fs_sample_many_ef(fs, n): return new_fs, sampled -@inline -def fs_hint(fs, n): - # Hint = read `n` cells from the transcript without absorbing them. Just advance the - # transcript pointer; the sponge state is unchanged. - new_fs = Array(17) - copy_8(new_fs, fs) - copy_8(new_fs + 8, fs + 8) - new_fs[16] = fs[16] + n - return new_fs, fs[16] - - def fs_receive_chunks(fs, n_chunks: Const): # Read n_chunks * 8 cells from the transcript and absorb them. Returns the new fs # and a pointer to the just-consumed transcript region. @@ -190,12 +179,6 @@ def fs_receive_ef(fs, n: Const): return new_fs, ef_ptr -def fs_print_state(fs_state): - for i in unroll(0, 17): - print(i, fs_state[i]) - return - - @inline def fs_sample_queries(fs, n_samples): # Sample `n_samples` query bit-strings. Each chunk yields 8 base field elements that diff --git a/crates/rec_aggregation/zkdsl_implem/hashing.py b/crates/rec_aggregation/zkdsl_implem/hashing.py index dffc45faa..f547997b1 100644 --- a/crates/rec_aggregation/zkdsl_implem/hashing.py +++ b/crates/rec_aggregation/zkdsl_implem/hashing.py @@ -17,41 +17,6 @@ PREAMBLE_MEMORY_LEN = PREAMBLE_MEMORY_END - PUBLIC_INPUT_LEN -def batch_hash_slice_rtl_with_iv(num_queries, all_data_to_hash, all_resulting_hashes, num_chunks): - if num_chunks == DIM * 2: - batch_hash_slice_rtl_const(num_queries, all_data_to_hash, all_resulting_hashes, DIM * 2) - return - if num_chunks == 16: - batch_hash_slice_rtl_const(num_queries, all_data_to_hash, all_resulting_hashes, 16) - return - if num_chunks == 8: - batch_hash_slice_rtl_const(num_queries, all_data_to_hash, all_resulting_hashes, 8) - return - if num_chunks == 20: - batch_hash_slice_rtl_const(num_queries, all_data_to_hash, all_resulting_hashes, 20) - return - if num_chunks == 1: - batch_hash_slice_rtl_const(num_queries, all_data_to_hash, all_resulting_hashes, 1) - return - if num_chunks == 4: - batch_hash_slice_rtl_const(num_queries, all_data_to_hash, all_resulting_hashes, 4) - return - if num_chunks == 5: - batch_hash_slice_rtl_const(num_queries, all_data_to_hash, all_resulting_hashes, 5) - return - print(num_chunks) - assert False, "batch_hash_slice called with unsupported len" - - -def batch_hash_slice_rtl_const(num_queries, all_data_to_hash, all_resulting_hashes, num_chunks: Const): - iv = build_iv(num_chunks * DIGEST_LEN) - for i in range(0, num_queries): - data = all_data_to_hash[i] - res = slice_hash_rtl(data, num_chunks, iv) - all_resulting_hashes[i] = res - return - - # IV for the sponge: [slice length in field elements, 0, 0, ..., 0] @inline def build_iv(length): @@ -282,68 +247,3 @@ def whir_do_1_merkle_level(b, state_in, path_chunk, state_out): else: poseidon16_compress_half(path_chunk, state_in, state_out) return - - -def merkle_verif_batch(merkle_paths, leaves_digests, leave_positions, root, height, num_queries): - match_range( - height, - range(10, 26), - lambda h: merkle_verif_batch_const( - num_queries, - merkle_paths, - leaves_digests, - leave_positions, - root, - h, - ), - ) - return - - -def merkle_verif_batch_const(n_paths, merkle_paths, leaves_digests, leave_positions, root, height: Const): - # n_paths: F - # leaves_digests: pointer to a slice of n_paths pointers, each pointing to 1 chunk of 8 field elements - # leave_positions: pointer to a slice of n_paths field elements (each < 2^height) - # root: pointer to 1 chunk of 8 field elements - # height: F - - for i in range(0, n_paths): - merkle_verify( - leaves_digests[i], - merkle_paths + (i * height) * DIGEST_LEN, - leave_positions[i], - root, - height, - ) - - return - - -def merkle_verify(leaf_digest, merkle_path, leaf_position_bits, root, height: Const): - states = Array(height * DIGEST_LEN) - - # First merkle round - match leaf_position_bits[0]: - case 0: - poseidon16_compress_half(leaf_digest, merkle_path, states) - case 1: - poseidon16_compress_half(merkle_path, leaf_digest, states) - - # Remaining merkle rounds - for j in unroll(1, height): - # Warning: this works only if leaf_position_bits[i] is known to be boolean: - match leaf_position_bits[j]: - case 0: - poseidon16_compress_half( - states + (j - 1) * DIGEST_LEN, - merkle_path + j * DIGEST_LEN, - states + j * DIGEST_LEN, - ) - case 1: - poseidon16_compress_half( - merkle_path + j * DIGEST_LEN, - states + (j - 1) * DIGEST_LEN, - states + j * DIGEST_LEN, - ) - copy_8(states + (height - 1) * DIGEST_LEN, root) - return diff --git a/crates/rec_aggregation/zkdsl_implem/recursion.py b/crates/rec_aggregation/zkdsl_implem/recursion.py index adec39c24..53b241413 100644 --- a/crates/rec_aggregation/zkdsl_implem/recursion.py +++ b/crates/rec_aggregation/zkdsl_implem/recursion.py @@ -28,14 +28,12 @@ MAX_NUM_COLS_AIR = MAX_NUM_COLS_AIR_PLACEHOLDER # max(NUM_COLS_AIR[t] for t in 0..N_TABLES) ONE_BUSES_ALL_COLS = ONE_BUSES_ALL_COLS_PLACEHOLDER # [[col, ...], _; N_TABLES] — sorted union of cols across all Multiplicity::One buses per table -AIR_DEGREES = AIR_DEGREES_PLACEHOLDER # [_; N_TABLES] MAX_AIR_FULL_DEGREE = MAX_AIR_FULL_DEGREE_PLACEHOLDER N_AIR_COLUMNS = N_AIR_COLUMNS_PLACEHOLDER # [_; N_TABLES] N_AIR_SHIFT_COLUMNS = N_AIR_SHIFT_COLUMNS_PLACEHOLDER # [_; N_TABLES] — by convention, shift column j of table t is column j AIR_ALPHA_OFFSETS = AIR_ALPHA_OFFSETS_PLACEHOLDER # [_; N_TABLES], # AIR_ALPHA_OFFSETS[t] = sum(N_AIR_CONSTRAINTS[k] for k in range(t)) N_INSTRUCTION_COLUMNS = N_INSTRUCTION_COLUMNS_PLACEHOLDER -N_COMMITTED_EXEC_COLUMNS = N_COMMITTED_EXEC_COLUMNS_PLACEHOLDER LOG_GUEST_BYTECODE_LEN = LOG_GUEST_BYTECODE_LEN_PLACEHOLDER EXEC_COL_PC = COL_PC_PLACEHOLDER diff --git a/crates/rec_aggregation/zkdsl_implem/utils.py b/crates/rec_aggregation/zkdsl_implem/utils.py index bab5a9cd0..49d94c13b 100644 --- a/crates/rec_aggregation/zkdsl_implem/utils.py +++ b/crates/rec_aggregation/zkdsl_implem/utils.py @@ -401,15 +401,6 @@ def copy_6(a, b): return -@inline -def set_to_7_zeros(a): - zero_ptr = ZERO_VEC_PTR - dot_product_ee(a, ONE_EF_PTR, zero_ptr) - a[5] = 0 - a[6] = 0 - return - - @inline def set_to_8_zeros(a): zero_ptr = ZERO_VEC_PTR @@ -418,25 +409,6 @@ def set_to_8_zeros(a): return -@inline -def set_to_16_zeros(a): - zero_ptr = ZERO_VEC_PTR - dot_product_ee(a, ONE_EF_PTR, zero_ptr) - dot_product_ee(a + 5, ONE_EF_PTR, zero_ptr) - dot_product_ee(a + 10, ONE_EF_PTR, zero_ptr) - a[15] = 0 - return - - -@inline -def copy_16(a, b): - dot_product_ee(a, ONE_EF_PTR, b) - dot_product_ee(a + 5, ONE_EF_PTR, b + 5) - dot_product_ee(a + 10, ONE_EF_PTR, b + 10) - a[15] = b[15] - return - - @inline def copy_8(a, b): dot_product_ee(a, ONE_EF_PTR, b) @@ -467,24 +439,6 @@ def set_to_one(a): return -def print_ef(a): - for i in unroll(0, DIM): - print(a[i]) - return - - -def print_vec(a): - for i in unroll(0, DIGEST_LEN): - print(a[i]) - return - - -@inline -def read_memory(ptr): - mem = 0 - return mem[ptr] - - @inline def univariate_polynomial_eval(coeffs, point, degree): powers = powers_const(point, degree + 1) diff --git a/crates/rec_aggregation/zkdsl_implem/xmss_aggregate.py b/crates/rec_aggregation/zkdsl_implem/xmss_aggregate.py index 4e03d0dfc..d13d66e50 100644 --- a/crates/rec_aggregation/zkdsl_implem/xmss_aggregate.py +++ b/crates/rec_aggregation/zkdsl_implem/xmss_aggregate.py @@ -11,7 +11,6 @@ PUBLIC_PARAM_LEN_FE = PUBLIC_PARAM_LEN_FE_PLACEHOLDER XMSS_DIGEST_LEN = XMSS_DIGEST_LEN_PLACEHOLDER PUB_KEY_SIZE = XMSS_DIGEST_LEN + PUBLIC_PARAM_LEN_FE -PP_IN_LEFT = DIGEST_LEN - XMSS_DIGEST_LEN WOTS_SIG_SIZE = RANDOMNESS_LEN + V * XMSS_DIGEST_LEN # wots_public_key pair stride: each pair occupies 10 cells `[leading_0 | tip_a(4) | tip_b(4) | trailing_0]`. In order to be able to use copy_5 on both sides. WOTS_PK_PAIR_STRIDE = 2 + 2 * XMSS_DIGEST_LEN @@ -193,14 +192,6 @@ def wots_pk_hash(wots_public_key, public_param): ) -@inline -def set_buf_prefix_right(buf, public_param): - # Writes [pp(4)] to buf[0..4] — the RIGHT-input prefix. - for k in unroll(0, PP_IN_LEFT): - buf[k] = public_param[k] - return - - @inline def do_4_merkle_levels(b, state_in, state_out, public_param, merkle_tweaks_chunk): b0 = b % 2 From cf70a6f3a4812ce974ba87aa3a2cf45067400211 Mon Sep 17 00:00:00 2001 From: Tom Wambsgans Date: Tue, 9 Jun 2026 10:47:44 +0200 Subject: [PATCH 2/5] naming --- crates/rec_aggregation/src/compilation.rs | 8 +- .../rec_aggregation/zkdsl_implem/hashing.py | 6 +- crates/rec_aggregation/zkdsl_implem/main.py | 2 +- .../rec_aggregation/zkdsl_implem/recursion.py | 82 ++++++++--------- crates/rec_aggregation/zkdsl_implem/utils.py | 2 +- crates/rec_aggregation/zkdsl_implem/whir.py | 88 +++++++++---------- .../zkdsl_implem/xmss_aggregate.py | 12 +-- 7 files changed, 100 insertions(+), 100 deletions(-) diff --git a/crates/rec_aggregation/src/compilation.rs b/crates/rec_aggregation/src/compilation.rs index 997402d48..fa8d96bb1 100644 --- a/crates/rec_aggregation/src/compilation.rs +++ b/crates/rec_aggregation/src/compilation.rs @@ -522,7 +522,7 @@ where let mut ctx = AirCodegenCtx::new(); let mut res = format!( - "def evaluate_air_constraints_table_{}({}, air_alpha_powers, logup_alphas_eq_poly):\n", + "def evaluate_air_constraints_table_{}({}, air_alpha_powers, logup_beta_eq_poly):\n", table.table().index(), AIR_INNER_VALUES_VAR ); @@ -542,14 +542,14 @@ where res += &format!("\n copy_5({}, buff + DIM * {})", data_str, i); } let domainsep_str = eval_air_constraint(*bus_domainsep, None, &mut ctx, &mut res); - // bus_res = sum(buff[i] * logup_alphas_eq_poly[i]) + disc * logup_alphas_eq_poly.last() + // bus_res = sum(buff[i] * logup_beta_eq_poly[i]) + disc * logup_beta_eq_poly.last() res += "\n bus_res_init = Array(DIM)"; res += &format!( - "\n dot_product_ee(buff, logup_alphas_eq_poly, bus_res_init, {})", + "\n dot_product_ee(buff, logup_beta_eq_poly, bus_res_init, {})", bus_real_data.len() ); res += &format!( - "\n bus_res: Mut = add_extension_ret(mul_extension_ret({}, logup_alphas_eq_poly + {} * DIM), bus_res_init)", + "\n bus_res: Mut = add_extension_ret(mul_extension_ret({}, logup_beta_eq_poly + {} * DIM), bus_res_init)", domainsep_str, (1 << LOG_MAX_BUS_WIDTH) - 1 ); diff --git a/crates/rec_aggregation/zkdsl_implem/hashing.py b/crates/rec_aggregation/zkdsl_implem/hashing.py index f547997b1..d34d07023 100644 --- a/crates/rec_aggregation/zkdsl_implem/hashing.py +++ b/crates/rec_aggregation/zkdsl_implem/hashing.py @@ -4,7 +4,7 @@ DIGEST_LEN = 8 # memory layout: [public_input (PUBLIC_INPUT_LEN)] [preamble_memory (PREAMBLE_MEMORY_LEN)] [runtime ...] -# `preamble_memory` is a region that is filled by the guest program, with usefull constants [0000...][1000...]... +# `preamble_memory` is a region that is filled by the guest program, with useful constants [0000...][1000...]... PUBLIC_INPUT_LEN = DIGEST_LEN PARTIAL_UNROLL_BATCH = 64 ZERO_VEC_PTR = PUBLIC_INPUT_LEN @@ -94,7 +94,7 @@ def slice_hash_continue(running, data, num_chunks): @inline -def euclidian_div_runtime(a, b): +def euclidean_div_runtime(a, b): # Returns (q, r) with q = floor(a / b) and r = a mod b. # Requires: # 1 <= b < 2^14 @@ -131,7 +131,7 @@ def slice_hash_runtime(data, num_chunks): poseidon16_permute_half(iv, data, states) n_iters = num_chunks - 2 - n_chunks_outer, remainder = euclidian_div_runtime(n_iters, PARTIAL_UNROLL_BATCH) + n_chunks_outer, remainder = euclidean_div_runtime(n_iters, PARTIAL_UNROLL_BATCH) carry = Array((n_chunks_outer + 1) * 2) carry[0] = states carry[1] = data + DIGEST_LEN diff --git a/crates/rec_aggregation/zkdsl_implem/main.py b/crates/rec_aggregation/zkdsl_implem/main.py index f4b0f72b3..8225a30b4 100644 --- a/crates/rec_aggregation/zkdsl_implem/main.py +++ b/crates/rec_aggregation/zkdsl_implem/main.py @@ -190,7 +190,7 @@ def main(): running_hash: Mut = build_iv(n_sub * PUB_KEY_SIZE) n_first = n_sub - 1 - n_chunks, remainder = euclidian_div_runtime(n_first, PARTIAL_UNROLL_BATCH) + n_chunks, remainder = euclidean_div_runtime(n_first, PARTIAL_UNROLL_BATCH) pubkey_idx: Mut = 0 inner_carry = Array((n_chunks + 1) * 3) inner_carry[0] = counter diff --git a/crates/rec_aggregation/zkdsl_implem/recursion.py b/crates/rec_aggregation/zkdsl_implem/recursion.py index 53b241413..3fe975a6e 100644 --- a/crates/rec_aggregation/zkdsl_implem/recursion.py +++ b/crates/rec_aggregation/zkdsl_implem/recursion.py @@ -110,7 +110,7 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): n_buses_per_table = Array(N_TABLES) # indexed by table_index n_cols_per_table = Array(N_TABLES) # indexed by table_index for i in unroll(0, N_TABLES): - n_buses_per_table[i] = len(ONE_BUSES_DOMSEPS[i]) + 1 # + 1 for the precompile bus interraction (the rest is memory / bytecode interractions) + n_buses_per_table[i] = len(ONE_BUSES_DOMSEPS[i]) + 1 # + 1 for the precompile bus interaction (the rest is memory / bytecode interactions) n_cols_per_table[i] = NUM_COLS_AIR[i] gkr_table_base_offset = Array(N_TABLES) @@ -129,12 +129,12 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): num_ood_at_commitment = num_oods[0] fs, whir_base_root, whir_base_ood_points, whir_base_ood_evals = parse_commitment(fs, num_ood_at_commitment) - fs, logup_c = fs_sample_ef(fs) + fs, logup_gamma = fs_sample_ef(fs) fs = fs_duplex(fs) - fs, logup_alphas = fs_sample_many_ef(fs, log2_ceil(MAX_BUS_WIDTH)) + fs, logup_beta = fs_sample_many_ef(fs, log2_ceil(MAX_BUS_WIDTH)) - logup_alphas_eq_poly = compute_eq_mle_extension(logup_alphas, log2_ceil(MAX_BUS_WIDTH)) + logup_beta_eq_poly = compute_eq_mle_extension(logup_beta, log2_ceil(MAX_BUS_WIDTH)) # LOGUP @@ -149,9 +149,9 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): retrieved_numerators_value: Mut = opposite_extension_ret(mul_extension_ret(memory_and_acc_prefix, value_acc)) value_index = mle_of_01234567_etc(point_gkr + (n_vars_logup_gkr - log_memory) * DIM, log_memory) - fingerprint_memory = fingerprint_2(LOGUP_MEMORY_DOMAINSEP, value_index, value_memory, logup_alphas_eq_poly) + fingerprint_memory = fingerprint_2(LOGUP_MEMORY_DOMAINSEP, value_index, value_memory, logup_beta_eq_poly) retrieved_denominators_value: Mut = mul_extension_ret( - memory_and_acc_prefix, sub_extension_ret(logup_c, fingerprint_memory) + memory_and_acc_prefix, sub_extension_ret(logup_gamma, fingerprint_memory) ) bytecode_section_offset = two_exp(log_memory) @@ -167,7 +167,7 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): bytecode_claim = Array(BYTECODE_CLAIM_SIZE_PADDED) copy_many_ef(bytecode_and_acc_point, bytecode_claim, LOG_GUEST_BYTECODE_LEN) copy_many_ef( - logup_alphas + (log2_ceil(MAX_BUS_WIDTH) - log2_ceil(N_INSTRUCTION_COLUMNS)) * DIM, + logup_beta + (log2_ceil(MAX_BUS_WIDTH) - log2_ceil(N_INSTRUCTION_COLUMNS)) * DIM, bytecode_claim + LOG_GUEST_BYTECODE_LEN * DIM, log2_ceil(N_INSTRUCTION_COLUMNS), ) @@ -178,7 +178,7 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): bytecode_value_corrected: Mut = bytecode_value for i in unroll(0, log2_ceil(MAX_BUS_WIDTH) - log2_ceil(N_INSTRUCTION_COLUMNS)): bytecode_value_corrected = mul_extension_ret( - bytecode_value_corrected, one_minus_self_extension_ret(logup_alphas + i * DIM) + bytecode_value_corrected, one_minus_self_extension_ret(logup_beta + i * DIM) ) fs, value_bytecode_acc = fs_receive_ef_inlined(fs, 1) @@ -192,13 +192,13 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): mul_extension_ret( bytecode_multilinear_location_prefix, sub_extension_ret( - logup_c, + logup_gamma, add_extension_ret( bytecode_value_corrected, add_extension_ret( - mul_extension_ret(bytecode_index_value, logup_alphas_eq_poly + N_INSTRUCTION_COLUMNS * DIM), + mul_extension_ret(bytecode_index_value, logup_beta_eq_poly + N_INSTRUCTION_COLUMNS * DIM), mul_base_extension_ret( - LOGUP_BYTECODE_DOMAINSEP, logup_alphas_eq_poly + (2 ** log2_ceil(MAX_BUS_WIDTH) - 1) * DIM + LOGUP_BYTECODE_DOMAINSEP, logup_beta_eq_poly + (2 ** log2_ceil(MAX_BUS_WIDTH) - 1) * DIM ), ), ), @@ -275,10 +275,10 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): pref = multilinear_location_prefix(offset / n_rows, n_vars_logup_gkr - log_n_rows, point_gkr) retrieved_numerators_value = add_extension_ret(retrieved_numerators_value, pref) - fingerp = fingerprint_n(domsep, data_evals, n_data, logup_alphas_eq_poly) + fingerp = fingerprint_n(domsep, data_evals, n_data, logup_beta_eq_poly) retrieved_denominators_value = add_extension_ret( retrieved_denominators_value, - mul_extension_ret(pref, sub_extension_ret(logup_c, fingerp)), + mul_extension_ret(pref, sub_extension_ret(logup_gamma, fingerp)), ) offset += n_rows @@ -314,7 +314,7 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): bus_final_value, mul_extension_ret( air_alpha_powers + (alpha_offset + 1) * DIM, - sub_extension_ret(logup_c, bus_denominator_value), + sub_extension_ret(logup_gamma, bus_denominator_value), ), ) initial_sum = add_extension_ret(initial_sum, bus_final_value) @@ -333,7 +333,7 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): fs, inner_evals = fs_receive_ef_inlined(fs, n_flat_columns + n_shift_columns) air_constraints_eval = evaluate_air_constraints( - table_index, inner_evals, air_alpha_powers + alpha_offset * DIM, logup_alphas_eq_poly + table_index, inner_evals, air_alpha_powers + alpha_offset * DIM, logup_beta_eq_poly ) bus_point = pcs_inner_points[table_index] @@ -411,10 +411,10 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): curr_randomness += DIM folding_randomness_global: Mut - s: Mut + eval_weights: Mut final_value: Mut end_sum: Mut - fs, folding_randomness_global, s, final_value, end_sum = whir_open( + fs, folding_randomness_global, eval_weights, final_value, end_sum = whir_open( fs, stacked_n_vars, whir_log_inv_rate, @@ -432,15 +432,15 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): log_memory, ) prefix_memory = multilinear_location_prefix(0, stacked_n_vars - log_memory, folding_randomness_global) - s = add_extension_ret( - s, + eval_weights = add_extension_ret( + eval_weights, mul_extension_ret(mul_extension_ret(curr_randomness, prefix_memory), eq_memory_and_acc_point), ) curr_randomness += DIM prefix_acc_memory = multilinear_location_prefix(1, stacked_n_vars - log_memory, folding_randomness_global) - s = add_extension_ret( - s, + eval_weights = add_extension_ret( + eval_weights, mul_extension_ret(mul_extension_ret(curr_randomness, prefix_acc_memory), eq_memory_and_acc_point), ) curr_randomness += DIM @@ -455,8 +455,8 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): prefix_pub_mem = multilinear_location_prefix( 0, stacked_n_vars - INNER_PUBLIC_MEMORY_LOG_SIZE, folding_randomness_global ) - s = add_extension_ret( - s, + eval_weights = add_extension_ret( + eval_weights, mul_extension_ret(mul_extension_ret(curr_randomness, prefix_pub_mem), eq_pub_mem), ) curr_randomness += DIM @@ -475,8 +475,8 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): stacked_n_vars - LOG_GUEST_BYTECODE_LEN, folding_randomness_global, ) - s = add_extension_ret( - s, + eval_weights = add_extension_ret( + eval_weights, mul_extension_ret(mul_extension_ret(curr_randomness, prefix_bytecode_acc), eq_bytecode_acc), ) curr_randomness += DIM @@ -493,7 +493,7 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): stacked_n_vars, folding_randomness_global, ) - s = add_extension_ret(s, mul_extension_ret(curr_randomness, prefix_pc_start)) + eval_weights = add_extension_ret(eval_weights, mul_extension_ret(curr_randomness, prefix_pc_start)) curr_randomness += DIM prefix_pc_end = multilinear_location_prefix( @@ -501,7 +501,7 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): stacked_n_vars, folding_randomness_global, ) - s = add_extension_ret(s, mul_extension_ret(curr_randomness, prefix_pc_end)) + eval_weights = add_extension_ret(eval_weights, mul_extension_ret(curr_randomness, prefix_pc_end)) curr_randomness += DIM column_prefixes = compute_column_prefixes( @@ -521,20 +521,20 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): prefix = column_prefixes + col * DIM logup_acc = add_extension_ret(logup_acc, mul_extension_ret(curr_randomness, prefix)) curr_randomness += DIM - s = add_extension_ret(s, mul_extension_ret(logup_acc, eq_factor_logup)) + eval_weights = add_extension_ret(eval_weights, mul_extension_ret(logup_acc, eq_factor_logup)) # AIR if n_shift_columns != 0: next_factor = next_mle(all_challenges, inner_folding, log_n_rows) shift_sum = dot_product_ee_ret(curr_randomness, column_prefixes, n_shift_columns) - s = add_extension_ret(s, mul_extension_ret(shift_sum, next_factor)) + eval_weights = add_extension_ret(eval_weights, mul_extension_ret(shift_sum, next_factor)) curr_randomness += n_shift_columns * DIM eq_factor_air = poly_eq_extension_dynamic_ret(all_challenges, inner_folding, log_n_rows) air_sum = dot_product_ee_ret(curr_randomness, column_prefixes, N_AIR_COLUMNS[table_index]) - s = add_extension_ret(s, mul_extension_ret(air_sum, eq_factor_air)) + eval_weights = add_extension_ret(eval_weights, mul_extension_ret(air_sum, eq_factor_air)) curr_randomness += N_AIR_COLUMNS[table_index] * DIM - copy_5(mul_extension_ret(s, final_value), end_sum) + copy_5(mul_extension_ret(eval_weights, final_value), end_sum) return bytecode_claim @@ -577,23 +577,23 @@ def compute_column_prefixes(first_col_offset, n_vars, point, n_cols: Const): return column_prefixes + r * DIM -def fingerprint_2(table_index, data_1, data_2, logup_alphas_eq_poly): +def fingerprint_2(table_index, data_1, data_2, logup_beta_eq_poly): buff = Array(DIM * 2) copy_5(data_1, buff) copy_5(data_2, buff + DIM) - res: Mut = dot_product_ee_ret(buff, logup_alphas_eq_poly, 2) + res: Mut = dot_product_ee_ret(buff, logup_beta_eq_poly, 2) res = add_extension_ret( - res, mul_base_extension_ret(table_index, logup_alphas_eq_poly + (2 ** log2_ceil(MAX_BUS_WIDTH) - 1) * DIM) + res, mul_base_extension_ret(table_index, logup_beta_eq_poly + (2 ** log2_ceil(MAX_BUS_WIDTH) - 1) * DIM) ) return res @inline -def fingerprint_n(domsep, data_evals, n, logup_alphas_eq_poly): - res: Mut = dot_product_ee_ret(data_evals, logup_alphas_eq_poly, n) +def fingerprint_n(domsep, data_evals, n, logup_beta_eq_poly): + res: Mut = dot_product_ee_ret(data_evals, logup_beta_eq_poly, n) res = add_extension_ret( res, - mul_base_extension_ret(domsep, logup_alphas_eq_poly + (2 ** log2_ceil(MAX_BUS_WIDTH) - 1) * DIM), + mul_base_extension_ret(domsep, logup_beta_eq_poly + (2 ** log2_ceil(MAX_BUS_WIDTH) - 1) * DIM), ) return res @@ -699,16 +699,16 @@ def compute_total_gkr_n_vars(log_memory, log_bytecode_padded, tables_heights): return log2_ceil_runtime(total) -def evaluate_air_constraints(table_index, inner_evals, air_alpha_powers, logup_alphas_eq_poly): +def evaluate_air_constraints(table_index, inner_evals, air_alpha_powers, logup_beta_eq_poly): res: Imm debug_assert(table_index < N_TABLES) match table_index: case 0: - res = evaluate_air_constraints_table_0(inner_evals, air_alpha_powers, logup_alphas_eq_poly) + res = evaluate_air_constraints_table_0(inner_evals, air_alpha_powers, logup_beta_eq_poly) case 1: - res = evaluate_air_constraints_table_1(inner_evals, air_alpha_powers, logup_alphas_eq_poly) + res = evaluate_air_constraints_table_1(inner_evals, air_alpha_powers, logup_beta_eq_poly) case 2: - res = evaluate_air_constraints_table_2(inner_evals, air_alpha_powers, logup_alphas_eq_poly) + res = evaluate_air_constraints_table_2(inner_evals, air_alpha_powers, logup_beta_eq_poly) return res diff --git a/crates/rec_aggregation/zkdsl_implem/utils.py b/crates/rec_aggregation/zkdsl_implem/utils.py index 49d94c13b..d5484e4e3 100644 --- a/crates/rec_aggregation/zkdsl_implem/utils.py +++ b/crates/rec_aggregation/zkdsl_implem/utils.py @@ -41,7 +41,7 @@ def powers(alpha, n): # n: F assert n < 400 assert 0 < n - # 2**log2_ceil(i) is not really necessary but helps reduce byetcode size (traedoff cycles / bytecode size) + # 2**log2_ceil(i) is not really necessary but helps reduce bytecode size (tradeoff cycles / bytecode size) res = match_range(n, range(1, 400), lambda i: powers_const(alpha, 2 ** log2_ceil(i))) return res diff --git a/crates/rec_aggregation/zkdsl_implem/whir.py b/crates/rec_aggregation/zkdsl_implem/whir.py index 253b95a60..8b3e57d97 100644 --- a/crates/rec_aggregation/zkdsl_implem/whir.py +++ b/crates/rec_aggregation/zkdsl_implem/whir.py @@ -34,7 +34,7 @@ def whir_open( all_folding_randomness = Array(n_rounds + 2) all_ood_points = Array(n_rounds) - all_circle_values = Array(n_rounds + 1) + all_stir_points = Array(n_rounds + 1) all_combination_randomness_powers = Array(n_rounds) carry = Array((n_rounds + 1) * 4) @@ -58,7 +58,7 @@ def whir_open( all_folding_randomness[r], all_ood_points[r], root, - all_circle_values[r], + all_stir_points[r], all_combination_randomness_powers[r], claimed_sum, ) = whir_round( @@ -91,14 +91,14 @@ def whir_open( fs, WHIR_SUBSEQUENT_FOLDING_FACTOR, claimed_sum, 2, folding_grinding[n_rounds] ) - fs, final_coeffcients = fs_receive_ef_by_log_dynamic( + fs, final_coefficients = fs_receive_ef_by_log_dynamic( fs, n_final_vars, MAX_NUM_VARIABLES_TO_SEND_COEFFS - WHIR_SUBSEQUENT_FOLDING_FACTOR, MAX_NUM_VARIABLES_TO_SEND_COEFFS + 1, ) - fs, all_circle_values[n_rounds], final_folds = sample_stir_indexes_and_fold( + fs, all_stir_points[n_rounds], final_folds = sample_stir_indexes_and_fold( fs, num_queries[n_rounds], 0, @@ -110,17 +110,17 @@ def whir_open( query_grinding_bits[n_rounds], ) - final_circle_values = all_circle_values[n_rounds] + final_stir_points = all_stir_points[n_rounds] for i in range(0, num_queries[n_rounds]): - alpha = final_circle_values[i] - final_pol_evaluated_on_circle = match_range( + alpha = final_stir_points[i] + final_pol_eval_on_stir_point = match_range( n_final_vars, range( MAX_NUM_VARIABLES_TO_SEND_COEFFS - WHIR_SUBSEQUENT_FOLDING_FACTOR, MAX_NUM_VARIABLES_TO_SEND_COEFFS + 1 ), - lambda n: univariate_eval_on_base(final_coeffcients, alpha, n), + lambda n: univariate_eval_on_base(final_coefficients, alpha, n), ) - copy_5(final_pol_evaluated_on_circle, final_folds + i * DIM) + copy_5(final_pol_eval_on_stir_point, final_folds + i * DIM) fs, all_folding_randomness[n_rounds + 1], end_sum = sumcheck_verify(fs, n_final_vars, claimed_sum, 2) @@ -144,23 +144,23 @@ def whir_open( poly_eq_extension_dynamic_to( expanded_from_univariate, folding_randomness_global, all_ood_recovered_evals + i * DIM, n_vars ) - s_init = Array(DIM) + ood_eval_sum = Array(DIM) dot_product_ee_dynamic( all_ood_recovered_evals, combination_randomness_powers_0, - s_init, + ood_eval_sum, num_oods[0], ) eval_carry = Array((n_rounds + 1) * 3) eval_carry[0] = n_vars eval_carry[1] = folding_randomness_global - eval_carry[2] = s_init + eval_carry[2] = ood_eval_sum for i in range(0, n_rounds): base = i * 3 n_vars_remaining: Mut = eval_carry[base] my_folding_randomness: Mut = eval_carry[base + 1] - s: Mut = eval_carry[base + 2] + eval_weights: Mut = eval_carry[base + 2] n_vars_remaining -= folding_factors[i] my_ood_recovered_evals = Array(num_oods[i + 1] * DIM) combination_randomness_powers = all_combination_randomness_powers[i] @@ -178,32 +178,32 @@ def whir_open( num_oods[i + 1], ) - s6s = Array((num_queries[i]) * DIM) - circle_value_i = all_circle_values[i] + query_recovered_evals = Array((num_queries[i]) * DIM) + stir_points_i = all_stir_points[i] for j in range(0, num_queries[i]): # unroll ? - expanded_from_univariate = expand_from_univariate_base(circle_value_i[j], n_vars_remaining) - poly_eq_base_extension_to(expanded_from_univariate, my_folding_randomness, s6s + j * DIM, n_vars_remaining) - s7 = Array(DIM) + expanded_from_univariate = expand_from_univariate_base(stir_points_i[j], n_vars_remaining) + poly_eq_base_extension_to(expanded_from_univariate, my_folding_randomness, query_recovered_evals + j * DIM, n_vars_remaining) + query_eval_sum = Array(DIM) dot_product_ee_dynamic( - s6s, + query_recovered_evals, combination_randomness_powers + num_oods[i + 1] * DIM, - s7, + query_eval_sum, num_queries[i], ) - s = add_extension_ret(s, s7) - s = add_extension_ret(summed_ood, s) + eval_weights = add_extension_ret(eval_weights, query_eval_sum) + eval_weights = add_extension_ret(summed_ood, eval_weights) eval_carry[base + 3] = n_vars_remaining eval_carry[base + 4] = my_folding_randomness - eval_carry[base + 5] = s - s = eval_carry[n_rounds * 3 + 2] + eval_carry[base + 5] = eval_weights + eval_weights = eval_carry[n_rounds * 3 + 2] final_value = match_range( n_final_vars, range(MAX_NUM_VARIABLES_TO_SEND_COEFFS - WHIR_SUBSEQUENT_FOLDING_FACTOR, MAX_NUM_VARIABLES_TO_SEND_COEFFS + 1), - lambda n: eval_multilinear_coeffs_rev(final_coeffcients, all_folding_randomness[n_rounds + 1], n), + lambda n: eval_multilinear_coeffs_rev(final_coefficients, all_folding_randomness[n_rounds + 1], n), ) - # copy_5(mul_extension_ret(s, final_value), end_sum); + # copy_5(mul_extension_ret(eval_weights, final_value), end_sum); - return fs, folding_randomness_global, s, final_value, end_sum + return fs, folding_randomness_global, eval_weights, final_value, end_sum def sumcheck_verify(fs, n_steps, claimed_sum, degree: Const): @@ -286,52 +286,52 @@ def sumcheck_verify_with_grinding(prev_fs, n_steps, prev_claimed_sum, degree: Co @inline -def decompose_and_verify_merkle_batch(num_queries, sampled, root, height, num_chunks, circle_values, answers): +def decompose_and_verify_merkle_batch(num_queries, sampled, root, height, num_chunks, stir_points, answers): debug_assert(height < 25) match_range( height, range(5, 25), lambda h: decompose_and_verify_merkle_batch_with_height( - num_queries, sampled, root, h, num_chunks, circle_values, answers + num_queries, sampled, root, h, num_chunks, stir_points, answers ), ) return def decompose_and_verify_merkle_batch_with_height( - num_queries, sampled, root, height: Const, num_chunks, circle_values, answers + num_queries, sampled, root, height: Const, num_chunks, stir_points, answers ): if num_chunks == DIM * 2: - decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, DIM * 2, circle_values, answers) + decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, DIM * 2, stir_points, answers) return if num_chunks == 16: - decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, 16, circle_values, answers) + decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, 16, stir_points, answers) return if num_chunks == 8: - decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, 8, circle_values, answers) + decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, 8, stir_points, answers) return if num_chunks == 20: - decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, 20, circle_values, answers) + decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, 20, stir_points, answers) return if num_chunks == 1: - decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, 1, circle_values, answers) + decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, 1, stir_points, answers) return if num_chunks == 4: - decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, 4, circle_values, answers) + decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, 4, stir_points, answers) return if num_chunks == 5: - decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, 5, circle_values, answers) + decompose_and_verify_merkle_batch_const(num_queries, sampled, root, height, 5, stir_points, answers) return print(num_chunks) assert False, "decompose_and_verify_merkle_batch called with unsupported num_chunks" def decompose_and_verify_merkle_batch_const( - num_queries, sampled, root, height: Const, num_chunks: Const, circle_values, merkle_leaves + num_queries, sampled, root, height: Const, num_chunks: Const, stir_points, merkle_leaves ): leaf_iv = build_iv(num_chunks * DIGEST_LEN) for i in range(0, num_queries): - merkle_leaves[i], circle_values[i] = decompose_and_verify_merkle_query( + merkle_leaves[i], stir_points[i] = decompose_and_verify_merkle_query( sampled[i], height, root, num_chunks, leaf_iv ) return @@ -355,7 +355,7 @@ def sample_stir_indexes_and_fold( sampled, fs = fs_sample_queries(fs, num_queries) merkle_leaves = Array(num_queries) - circle_values = Array(num_queries) + stir_points = Array(num_queries) n_chunks_per_answer: Imm # the number of chunk of 8 field elements per merkle leaf opened @@ -370,7 +370,7 @@ def sample_stir_indexes_and_fold( prev_root, folded_domain_size, n_chunks_per_answer / DIGEST_LEN, - circle_values, + stir_points, merkle_leaves, ) @@ -385,7 +385,7 @@ def sample_stir_indexes_and_fold( for i in range(0, num_queries): dot_product_ee_dynamic(merkle_leaves[i], poly_eq, folds + i * DIM, two_pow_folding_factor) - return fs, circle_values, folds + return fs, stir_points, folds def whir_round( @@ -408,7 +408,7 @@ def whir_round( fs, root, ood_points, ood_evals = parse_commitment(fs, num_ood) - fs, circle_values, folds = sample_stir_indexes_and_fold( + fs, stir_points, folds = sample_stir_indexes_and_fold( fs, num_queries, merkle_leaves_in_basefield, @@ -440,7 +440,7 @@ def whir_round( folding_randomness, ood_points, root, - circle_values, + stir_points, combination_randomness_powers, final_sum, ) diff --git a/crates/rec_aggregation/zkdsl_implem/xmss_aggregate.py b/crates/rec_aggregation/zkdsl_implem/xmss_aggregate.py index d13d66e50..ff0a0c151 100644 --- a/crates/rec_aggregation/zkdsl_implem/xmss_aggregate.py +++ b/crates/rec_aggregation/zkdsl_implem/xmss_aggregate.py @@ -49,12 +49,12 @@ def xmss_verify(pub_key, message, merkle_chunks): pre_compressed = Array(DIGEST_LEN) poseidon16_compress_half(message, a_input_right, pre_compressed) - public_params_paded_buff = Array(DIGEST_LEN + 2) # 0 [public_param(4) | zeros(4)] 0 - copy_5(public_param - 1, public_params_paded_buff) - set_to_5_zeros(public_params_paded_buff + 5) - public_params_paded = public_params_paded_buff + 1 + public_params_padded_buff = Array(DIGEST_LEN + 2) # 0 [public_param(4) | zeros(4)] 0 + copy_5(public_param - 1, public_params_padded_buff) + set_to_5_zeros(public_params_padded_buff + 5) + public_params_padded = public_params_padded_buff + 1 encoding_fe = Array(DIGEST_LEN) - poseidon16_compress_half(pre_compressed, public_params_paded, encoding_fe) + poseidon16_compress_half(pre_compressed, public_params_padded, encoding_fe) # Decompose the encoding into chunks of 2*W bits. Each chunk packs the chain step # counts of two consecutive WOTS chains: chunk i = step_{2i} + CHAIN_LENGTH * step_{2i+1}. @@ -100,7 +100,7 @@ def xmss_verify(pub_key, message, merkle_chunks): chain_end_b, tweaks_a, tweaks_b, - public_params_paded, + public_params_padded, pair_sum_ptr, ), ) From 1c84f44d5f91e2308ea43711e6cc87be4986da1d Mon Sep 17 00:00:00 2001 From: Tom Wambsgans Date: Tue, 9 Jun 2026 11:27:26 +0200 Subject: [PATCH 3/5] clippy --- crates/whir/src/open.rs | 1 - 1 file changed, 1 deletion(-) diff --git a/crates/whir/src/open.rs b/crates/whir/src/open.rs index bf26924db..358d23814 100644 --- a/crates/whir/src/open.rs +++ b/crates/whir/src/open.rs @@ -4,7 +4,6 @@ use ::utils::log2_strict_usize; use fiat_shamir::{FSProver, MerklePath, ProofResult}; use field::PrimeCharacteristicRing; use field::{ExtensionField, Field, TwoAdicField}; -use poly::*; use sumcheck::{ProductComputation, run_product_sumcheck, sumcheck_prove_many_rounds}; use tracing::{info_span, instrument}; use zk_alloc::{ArenaVec, arena_vec}; From b3635199513b859935dd485225d843c0a1013dfe Mon Sep 17 00:00:00 2001 From: Tom Wambsgans Date: Tue, 9 Jun 2026 11:34:49 +0200 Subject: [PATCH 4/5] use copy_ef insteaf of copy_5 --- .../tests/test_data/program_179.py | 4 ++-- .../lean_vm/src/tables/extension_op/exec.rs | 2 +- crates/rec_aggregation/src/compilation.rs | 4 ++-- crates/rec_aggregation/zkdsl_implem/main.py | 4 ++-- .../rec_aggregation/zkdsl_implem/recursion.py | 22 +++++++++---------- crates/rec_aggregation/zkdsl_implem/utils.py | 18 ++++++++++----- crates/rec_aggregation/zkdsl_implem/whir.py | 14 ++++++------ 7 files changed, 37 insertions(+), 31 deletions(-) diff --git a/crates/lean_compiler/tests/test_data/program_179.py b/crates/lean_compiler/tests/test_data/program_179.py index 521d0af63..b7948dc19 100644 --- a/crates/lean_compiler/tests/test_data/program_179.py +++ b/crates/lean_compiler/tests/test_data/program_179.py @@ -9,14 +9,14 @@ def main(): output = Array(5) input[0] = 1 input[4] = 5 - copy_5(input, output) + copy_ef(input, output) assert output[0] == 1 assert output[4] == 5 return @inline -def copy_5(a, b): +def copy_ef(a, b): dot_product_ee(a, ONE_EF_PTR, b) return diff --git a/crates/lean_vm/src/tables/extension_op/exec.rs b/crates/lean_vm/src/tables/extension_op/exec.rs index 542aecad2..4f0c42b9e 100644 --- a/crates/lean_vm/src/tables/extension_op/exec.rs +++ b/crates/lean_vm/src/tables/extension_op/exec.rs @@ -46,7 +46,7 @@ fn solve_unknowns( let c = memory.get_ef_element(addr_res); if op == ExtensionOp::DotProduct && !flag_be { - // detect "copy_5" + // detect "copy_ef" (single EF-element copy: dot_product_ee against EF::ONE) if b == Ok(EF::ONE) { memory.make_slices_equal_and_defined(ptr_a.to_usize(), ptr_res.to_usize(), DIMENSION)?; return Ok(()); diff --git a/crates/rec_aggregation/src/compilation.rs b/crates/rec_aggregation/src/compilation.rs index fa8d96bb1..df5baa0b7 100644 --- a/crates/rec_aggregation/src/compilation.rs +++ b/crates/rec_aggregation/src/compilation.rs @@ -539,7 +539,7 @@ where res += &format!("\n buff = Array(DIM * {})", bus_real_data.len()); for (i, data) in bus_real_data.iter().enumerate() { let data_str = eval_air_constraint(*data, None, &mut ctx, &mut res); - res += &format!("\n copy_5({}, buff + DIM * {})", data_str, i); + res += &format!("\n copy_ef({}, buff + DIM * {})", data_str, i); } let domainsep_str = eval_air_constraint(*bus_domainsep, None, &mut ctx, &mut res); // bus_res = sum(buff[i] * logup_beta_eq_poly[i]) + disc * logup_beta_eq_poly.last() @@ -608,7 +608,7 @@ fn eval_air_constraint( if let Some(d) = dest && v != d { - res.push_str(&format!("\n copy_5({}, {})", v, d)); + res.push_str(&format!("\n copy_ef({}, {})", v, d)); } v } diff --git a/crates/rec_aggregation/zkdsl_implem/main.py b/crates/rec_aggregation/zkdsl_implem/main.py index 8225a30b4..0afb0f029 100644 --- a/crates/rec_aggregation/zkdsl_implem/main.py +++ b/crates/rec_aggregation/zkdsl_implem/main.py @@ -299,7 +299,7 @@ def reduce_bytecode_claims(bytecode_claims, n_bytecode_claims, bytecode_claim_ou all_values = Array(n_bytecode_claims * DIM) for i in range(0, n_bytecode_claims): claim_ptr = bytecode_claims[i] - copy_5(claim_ptr + BYTECODE_POINT_N_VARS * DIM, all_values + i * DIM) + copy_ef(claim_ptr + BYTECODE_POINT_N_VARS * DIM, all_values + i * DIM) claimed_sum = Array(DIM) dot_product_ee_dynamic(all_values, alpha_powers, claimed_sum, n_bytecode_claims) @@ -316,7 +316,7 @@ def reduce_bytecode_claims(bytecode_claims, n_bytecode_claims, bytecode_claim_ou bytecode_value_at_r = div_extension_ret(final_eval, w_r) copy_many_ef(challenges, bytecode_claim_output, BYTECODE_POINT_N_VARS) - copy_5(bytecode_value_at_r, bytecode_claim_output + BYTECODE_POINT_N_VARS * DIM) + copy_ef(bytecode_value_at_r, bytecode_claim_output + BYTECODE_POINT_N_VARS * DIM) return diff --git a/crates/rec_aggregation/zkdsl_implem/recursion.py b/crates/rec_aggregation/zkdsl_implem/recursion.py index 3fe975a6e..14cc04e47 100644 --- a/crates/rec_aggregation/zkdsl_implem/recursion.py +++ b/crates/rec_aggregation/zkdsl_implem/recursion.py @@ -246,8 +246,8 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): retrieved_denominators_value, mul_extension_ret(prefix, eval_on_data) ) - copy_5(eval_on_selector, bus_numerators_values + table_index * DIM) - copy_5(eval_on_data, bus_denominators_values + table_index * DIM) + copy_ef(eval_on_selector, bus_numerators_values + table_index * DIM) + copy_ef(eval_on_data, bus_denominators_values + table_index * DIM) offset += n_rows @@ -269,9 +269,9 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): data_ofs = ONE_BUSES_DATA_OFFSETS[table_index][one_bus_idx][i] src = pcs_vals_logup[table_index * MAX_NUM_COLS_AIR + data_col] if data_ofs == 0: - copy_5(src, data_evals + i * DIM) + copy_ef(src, data_evals + i * DIM) if data_ofs != 0: - copy_5(add_base_extension_ret(data_ofs, src), data_evals + i * DIM) + copy_ef(add_base_extension_ret(data_ofs, src), data_evals + i * DIM) pref = multilinear_location_prefix(offset / n_rows, n_vars_logup_gkr - log_n_rows, point_gkr) retrieved_numerators_value = add_extension_ret(retrieved_numerators_value, pref) @@ -288,8 +288,8 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): mle_of_zeros_then_ones(point_gkr, gkr_cumul, n_vars_logup_gkr), ) - copy_5(retrieved_numerators_value, numerators_value) - copy_5(retrieved_denominators_value, denominators_value) + copy_ef(retrieved_numerators_value, numerators_value) + copy_ef(retrieved_denominators_value, denominators_value) memory_and_acc_point = point_gkr + (n_vars_logup_gkr - log_memory) * DIM @@ -353,7 +353,7 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): pcs_shifts_air[table_index * MAX_NUM_COLS_AIR + i] = evals_shift + i * DIM # verify that the AIR-batched sumcheck is valid - copy_5(check_sum, batched_air_final_value) + copy_ef(check_sum, batched_air_final_value) fs, public_memory_random_point = fs_sample_many_ef(fs, INNER_PUBLIC_MEMORY_LOG_SIZE) poly_eq_public_mem = compute_eq_mle_extension(public_memory_random_point, INNER_PUBLIC_MEMORY_LOG_SIZE) @@ -534,7 +534,7 @@ def recursion(inner_public_memory, initial_fiat_shamir_cap): eval_weights = add_extension_ret(eval_weights, mul_extension_ret(air_sum, eq_factor_air)) curr_randomness += N_AIR_COLUMNS[table_index] * DIM - copy_5(mul_extension_ret(eval_weights, final_value), end_sum) + copy_ef(mul_extension_ret(eval_weights, final_value), end_sum) return bytecode_claim @@ -579,8 +579,8 @@ def compute_column_prefixes(first_col_offset, n_vars, point, n_cols: Const): def fingerprint_2(table_index, data_1, data_2, logup_beta_eq_poly): buff = Array(DIM * 2) - copy_5(data_1, buff) - copy_5(data_2, buff + DIM) + copy_ef(data_1, buff) + copy_ef(data_2, buff + DIM) res: Mut = dot_product_ee_ret(buff, logup_beta_eq_poly, 2) res = add_extension_ret( res, mul_base_extension_ret(table_index, logup_beta_eq_poly + (2 ** log2_ceil(MAX_BUS_WIDTH) - 1) * DIM) @@ -672,7 +672,7 @@ def verify_gkr_quotient_step(prev_fs, n_vars, point, claim_num, claim_den): new_claim_num = dot_product_ee_ret(inner_evals, point_poly_eq, 2) new_claim_den = dot_product_ee_ret(inner_evals + 2 * DIM, point_poly_eq, 2) - copy_5(beta, postponed_point + n_vars * DIM) + copy_ef(beta, postponed_point + n_vars * DIM) return fs, postponed_point, new_claim_num, new_claim_den diff --git a/crates/rec_aggregation/zkdsl_implem/utils.py b/crates/rec_aggregation/zkdsl_implem/utils.py index d5484e4e3..2aeb7853e 100644 --- a/crates/rec_aggregation/zkdsl_implem/utils.py +++ b/crates/rec_aggregation/zkdsl_implem/utils.py @@ -55,7 +55,7 @@ def powers_const(alpha, n: Const): set_to_one(res) if n == 1: return res - copy_5(alpha, res + DIM) + copy_ef(alpha, res + DIM) for i in unroll(1, n - 1): mul_extension(res + i * DIM, res + DIM, res + (i + 1) * DIM) return res @@ -92,7 +92,7 @@ def compute_eq_mle_extension(point, n: Const): for s in unroll(0, n): p = Array(DIM) - copy_5(point + (n - 1 - s) * DIM, p) + copy_ef(point + (n - 1 - s) * DIM, p) for i in unroll(0, 2**s): mul_extension(p, res + (2**s - 1 + i) * DIM, res + (2 ** (s + 1) - 1 + 2**s + i) * DIM) sub_extension( @@ -174,7 +174,7 @@ def expand_from_univariate_ext(alpha, n): def expand_from_univariate_ext_const(alpha, n: Const): res = Array(n * DIM) - copy_5(alpha, res) + copy_ef(alpha, res) for i in unroll(0, n - 1): mul_extension(res + i * DIM, res + i * DIM, res + (i + 1) * DIM) return res @@ -199,7 +199,7 @@ def eval_multilinear_coeffs_rev(coeffs, point, n: Const): set_to_one(basis) for k in unroll(0, n): p = Array(DIM) - copy_5(point + k * DIM, p) + copy_ef(point + k * DIM, p) for j in unroll(0, 2**k): mul_extension(basis + j * DIM, p, basis + (j + 2**k) * DIM) result = Array(DIM) @@ -373,6 +373,12 @@ def sub_extension_ret(a, b): return c +@inline +def copy_ef(a, b): + dot_product_ee(a, ONE_EF_PTR, b) + return + + @inline def copy_5(a, b): dot_product_ee(a, ONE_EF_PTR, b) @@ -420,9 +426,9 @@ def copy_8(a, b): def copy_32(a, b): chunks = div_floor(32, DIM) for i in unroll(0, chunks): - copy_5(a + i * DIM, b + i * DIM) + copy_ef(a + i * DIM, b + i * DIM) if DIM * chunks != 32: - copy_5(a + (32 - DIM), b + (32 - DIM)) + copy_ef(a + (32 - DIM), b + (32 - DIM)) return diff --git a/crates/rec_aggregation/zkdsl_implem/whir.py b/crates/rec_aggregation/zkdsl_implem/whir.py index 8b3e57d97..524bdedde 100644 --- a/crates/rec_aggregation/zkdsl_implem/whir.py +++ b/crates/rec_aggregation/zkdsl_implem/whir.py @@ -120,7 +120,7 @@ def whir_open( ), lambda n: univariate_eval_on_base(final_coefficients, alpha, n), ) - copy_5(final_pol_eval_on_stir_point, final_folds + i * DIM) + copy_ef(final_pol_eval_on_stir_point, final_folds + i * DIM) fs, all_folding_randomness[n_rounds + 1], end_sum = sumcheck_verify(fs, n_final_vars, claimed_sum, 2) @@ -131,12 +131,12 @@ def whir_open( for i in range(0, n_rounds + 1): start: Mut = start_buf[i] for j in range(0, folding_factors[i]): - copy_5(all_folding_randomness[i] + j * DIM, start + j * DIM) + copy_ef(all_folding_randomness[i] + j * DIM, start + j * DIM) start += folding_factors[i] * DIM start_buf[i + 1] = start start = start_buf[n_rounds + 1] for j in range(0, n_final_vars): - copy_5(all_folding_randomness[n_rounds + 1] + j * DIM, start + j * DIM) + copy_ef(all_folding_randomness[n_rounds + 1] + j * DIM, start + j * DIM) all_ood_recovered_evals = Array(num_oods[0] * DIM) for i in range(0, num_oods[0]): @@ -201,7 +201,7 @@ def whir_open( range(MAX_NUM_VARIABLES_TO_SEND_COEFFS - WHIR_SUBSEQUENT_FOLDING_FACTOR, MAX_NUM_VARIABLES_TO_SEND_COEFFS + 1), lambda n: eval_multilinear_coeffs_rev(final_coefficients, all_folding_randomness[n_rounds + 1], n), ) - # copy_5(mul_extension_ret(eval_weights, final_value), end_sum); + # copy_ef(mul_extension_ret(eval_weights, final_value), end_sum); return fs, folding_randomness_global, eval_weights, final_value, end_sum @@ -224,7 +224,7 @@ def sumcheck_verify_helper(prev_fs, n_steps, prev_claimed_sum, degree: Const, ch polynomial_sum_at_0_and_1(poly, degree, claimed_sum) fs, rand = fs_sample_ef(fs) claimed_sum = univariate_polynomial_eval(poly, rand, degree) - copy_5(rand, challenges + sc_round * DIM) + copy_ef(rand, challenges + sc_round * DIM) carry[base + 2] = fs carry[base + 3] = claimed_sum @@ -257,7 +257,7 @@ def sumcheck_verify_reversed_helper_const(prev_fs, n_steps: Const, prev_claimed_ polynomial_sum_at_0_and_1(poly, degree, claimed_sum) fs, rand = fs_sample_ef(fs) claimed_sum = univariate_polynomial_eval(poly, rand, degree) - copy_5(rand, challenges + (n_steps - 1 - sc_round) * DIM) + copy_ef(rand, challenges + (n_steps - 1 - sc_round) * DIM) return fs, claimed_sum @@ -276,7 +276,7 @@ def sumcheck_verify_with_grinding(prev_fs, n_steps, prev_claimed_sum, degree: Co fs = fs_grinding(fs, folding_grinding_bits) fs, rand = fs_sample_ef(fs) claimed_sum = univariate_polynomial_eval(poly, rand, degree) - copy_5(rand, challenges + sc_round * DIM) + copy_ef(rand, challenges + sc_round * DIM) carry[base + 2] = fs carry[base + 3] = claimed_sum From 26b8845dd925e9570417a70859c659c814d6b30c Mon Sep 17 00:00:00 2001 From: Tom Wambsgans Date: Tue, 9 Jun 2026 11:36:08 +0200 Subject: [PATCH 5/5] clippy --- crates/whir/src/dft.rs | 1 - crates/whir/src/verify.rs | 1 - 2 files changed, 2 deletions(-) diff --git a/crates/whir/src/dft.rs b/crates/whir/src/dft.rs index 50d45d5b4..83d51db2d 100644 --- a/crates/whir/src/dft.rs +++ b/crates/whir/src/dft.rs @@ -546,7 +546,6 @@ impl Butterfly for EvalsButterfly { mod tests { use field::{PrimeCharacteristicRing, TwoAdicField}; use koala_bear::{KoalaBear, QuinticExtensionFieldKB}; - use poly::*; use rand::{RngExt, SeedableRng, rngs::StdRng}; use zk_alloc::ArenaVec; diff --git a/crates/whir/src/verify.rs b/crates/whir/src/verify.rs index 53ed173f7..9ec784ac4 100644 --- a/crates/whir/src/verify.rs +++ b/crates/whir/src/verify.rs @@ -4,7 +4,6 @@ use std::{fmt::Debug, marker::PhantomData}; use fiat_shamir::{FSVerifier, ProofError, ProofResult, try_pack_scalars_to_extension}; use field::{ExtensionField, Field, PrimeCharacteristicRing, TwoAdicField}; -use poly::*; use crate::*;