Expand description
The multivariate sumcheck and zerocheck polynomial protocols.
Sumcheck supports an efficient prover algorithm when the virtual polynomial is a multilinear composite, so this module only handles that case, rather than the case of general multivariate polynomials.
Re-exports§
pub use prove::batch_prove;
pub use univariate_zerocheck::batch_verify_zerocheck_univariate_round;
pub use verify::batch_verify;
pub use zerocheck::ZerocheckClaim;
Modules§
Structs§
- A claim about the sum of the values of a multilinear composite polynomial over the boolean hypercube.
- A sumcheck batch proof.
- A univariate polynomial in monomial basis.
- A sumcheck round proof is a univariate polynomial in monomial basis with the coefficient of the highest-degree term truncated off.
- A group of claims about the sum of the values of multilinear composite polynomials over the boolean hypercube.
Enums§
Functions§
- Multiply a sequence of field elements by the consecutive powers of
batch_coeff
- Create a sumcheck claim out of constraint set. Fails when the constraint set contains zerochecks. Returns claim and metadata used for evalcheck claim construction.
- Constructs sumcheck claims and metas from the vector of
ConstraintSet
- Create a zerocheck claim from the constraint set. Fails when the constraint set contains regular sumchecks. Returns claim and metadata used for evalcheck claim construction.
- Determine switchover rounds for a slice of multilinears.
- Check that all multilinears in a slice are of the same size.
- Sumcheck switchover heuristic that begins folding immediately in the first round.
- Constructs evalcheck claims from metadata returned by constraint set claim constructors.
- Check that evaluations of all multilinears can actually be embedded in the scalar type of small field
PBase
. - Constructs a switchover function thaw returns the round number where folded multilinear is at least 2^k times smaller (in bytes) than the original, or 1 when not applicable.