Evolve CommitmentScheme trait for PCS-generic batch opening#1300
Open
Evolve CommitmentScheme trait for PCS-generic batch opening#1300
Conversation
Refactor the CommitmentScheme trait to abstract away Dory-specific assumptions (homomorphic batching via combine_commitments/combine_hints) and prepare a clean PCS-generic Stage 8 batch opening interface. Key changes: - Add BatchPolynomialSource<F> trait for lazy polynomial access - Add StreamingBatchSource that wraps existing RLCPolynomial::new_streaming - Add batch_prove/batch_verify to CommitmentScheme trait - Add commitment param to prove() (needed by non-homomorphic PCS) - Remove combine_commitments/combine_hints from trait (moved to private Dory methods) - Refactor prove_stage8/verify_stage8 to use PCS::batch_prove/batch_verify - Remove DoryOpeningState (replaced by StreamingBatchSource) - Update JoltProof to store BatchedProof for joint opening Zero performance regression on Dory/BN254 path: the streaming RLC polynomial construction is preserved identically via StreamingBatchSource. Made-with: Cursor
…roof/config Convert all crypto methods (commit, batch_commit, prove, verify, batch_prove, batch_verify) and StreamingCommitmentScheme methods from static to instance methods (&self). Add opaque Config associated type, from_proof() for reconstructing PCS from proof, and config() accessor. Require Default on CommitmentScheme for ergonomic instance creation at call sites. DoryCommitmentScheme now carries a layout field and wraps its batched proof in DoryBatchedProof (proof + layout). Methods still read DoryGlobals internally; the instance state will replace globals in a follow-up. Made-with: Cursor
…l computation Extract balanced_sigma_nu as a standalone function. Replace DoryGlobals::get_num_columns/get_max_num_rows reads in commit, prove, process_chunk, process_chunk_onehot, aggregate_chunks, and combine_hints_internal with values derived from polynomial/chunk sizes. Thread layout through reorder_opening_point_for_layout via self.layout. Made-with: Cursor
…int cleanup Add missing match arms for OneHot and RLC variants in len()/original_len() which were panicking at runtime. Fix test_dory_one_hot_address_major to use AddressMajor layout on the DoryCommitmentScheme instance. Hoist FQ paths, remove commented-out code, move mid-function imports to top. Made-with: Cursor
Move DoryGlobals reads (layout, sigma, nu) from commit()/prove() into Default::default() and from_proof(), so the operational methods use self.sigma/self.nu/self.layout instead. Fixes AddressMajor Stage 8 verification failure caused by derive(Default) always using CycleMajor. Made-with: Cursor
…it evolution branch Reconcile the CommitmentScheme trait evolution (self-methods, Config, from_proof, batch_prove/batch_verify) with main's BlindFold ZK protocol, WASM verifier, JoltCurve type parameter, and tracing spans. Key decisions: - prove() takes &self + commitment param (branch) and returns (Proof, Option<Field>) for ZK y_blinding (main) - BatchedProof associated type removed; batch_prove/batch_verify use Proof - combine_commitments/combine_hints stay as Dory inherent methods - DoryBatchedProof removed (layout already in JoltProof::dory_layout) - ZK verifier uses batch_verify with zero claims (committed eval) - Non-ZK verifier uses batch_verify with actual claims Made-with: Cursor
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
CommitmentSchemetrait to abstract away Dory-specific homomorphic batching (combine_commitments/combine_hints) and introduce PCS-genericbatch_prove/batch_verifymethodsBatchPolynomialSource<F>trait +StreamingBatchSourcestruct to preserve Dory's zero-witness-regeneration streaming RLC path with no performance regressionPCS::batch_prove/PCS::batch_verifyinterface, removingDoryOpeningStateandcompute_joint_commitmentThis is preparation for integrating a non-homomorphic PCS (Hachi) alongside Dory. The trait changes are designed so that:
BatchPolynomialSourceand instead use its own ring-coefficient-based batch openingFiles changed
commitment_scheme.rsbatch_prove/batch_verify, addcommitmentparam toprove(), removecombine_commitments/combine_hintsopening_proof.rsBatchPolynomialSourcetrait +StreamingBatchSource; removeDoryOpeningStatedory/commitment_scheme.rsbatch_prove/batch_verify; move combine methods topub(crate)hyperkzg.rsbatch_prove/batch_verifymock.rsbatch_prove/batch_verifyprover.rsprove_stage8to useStreamingBatchSource+PCS::batch_proveverifier.rsverify_stage8to usePCS::batch_verify; removecompute_joint_commitmentproof_serialization.rsjoint_opening_proof: PCS::Proof→PCS::BatchedProofTest plan
cargo clippywith zero warningsmuldive2e test passesMade with Cursor