pub struct RoundProof<F: Field>(/* private fields */);
Expand description
A sumcheck round proof is a univariate polynomial in monomial basis with the coefficient of the highest-degree term truncated off.
Since the verifier knows the claimed sum of the polynomial values at the points 0 and 1, the high-degree term coefficient can be easily recovered. Truncating the coefficient off saves a small amount of proof data.
Implementations§
source§impl<F: Field> RoundProof<F>
impl<F: Field> RoundProof<F>
sourcepub fn recover(self, sum: F) -> RoundCoeffs<F>
pub fn recover(self, sum: F) -> RoundCoeffs<F>
Recovers all univariate polynomial coefficients from the compressed round proof.
The prover has sent coefficients for the purported ith round polynomial $r_i(X) = \sum_{j=0}^d a_j * X^j$. However, the prover has not sent the highest degree coefficient $a_d$. The verifier will need to recover this missing coefficient.
Let $s$ denote the current round’s claimed sum. The verifier expects the round polynomial $r_i$ to satisfy the identity $s = r_i(0) + r_i(1)$. Using $r_i(0) = a_0$ $r_i(1) = \sum_{j=0}^d a_j$ There is a unique $a_d$ that allows $r_i$ to satisfy the above identity. Specifically $a_d = s - a_0 - \sum_{j=0}^{d-1} a_j$
Not sending the whole round polynomial is an optimization. In the unoptimized version of the protocol, the verifier will halt and reject if given a round polynomial that does not satisfy the above identity.
sourcepub fn isomorphic<FI: Field + From<F>>(self) -> RoundProof<FI>
pub fn isomorphic<FI: Field + From<F>>(self) -> RoundProof<FI>
Representation in an isomorphic field
Trait Implementations§
source§impl<F: Clone + Field> Clone for RoundProof<F>
impl<F: Clone + Field> Clone for RoundProof<F>
source§fn clone(&self) -> RoundProof<F>
fn clone(&self) -> RoundProof<F>
1.6.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresource§impl<F: Default + Field> Default for RoundProof<F>
impl<F: Default + Field> Default for RoundProof<F>
source§fn default() -> RoundProof<F>
fn default() -> RoundProof<F>
impl<F: Eq + Field> Eq for RoundProof<F>
impl<F: Field> StructuralPartialEq for RoundProof<F>
Auto Trait Implementations§
impl<F> Freeze for RoundProof<F>
impl<F> RefUnwindSafe for RoundProof<F>
impl<F> Send for RoundProof<F>
impl<F> Sync for RoundProof<F>
impl<F> Unpin for RoundProof<F>
impl<F> UnwindSafe for RoundProof<F>
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
source§unsafe fn clone_to_uninit(&self, dst: *mut T)
unsafe fn clone_to_uninit(&self, dst: *mut T)
clone_to_uninit
)§impl<T> Instrument for T
impl<T> Instrument for T
§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
source§impl<T> IntoEither for T
impl<T> IntoEither for T
source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moresource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read more