refactor(Barretenberg): Static Analysis of Goblin Recursive Verifier#14610
Merged
Conversation
Rumata888
requested changes
May 30, 2025
| fixed_variables.insert(this->to_real(ultra_circuit_builder, left_idx)); | ||
| } else if (!q_m.is_zero() || q_1 != FF::one() || !q_2.is_zero() || !q_3.is_zero() || !q_4.is_zero()) { | ||
| // this is not the gate for fix_witness, so we have to process this gate | ||
| // gate_variables.reserve(8); |
| */ | ||
| template <typename FF> | ||
| inline void Graph_<FF>::process_gate_variables(UltraCircuitBuilder& ultra_circuit_builder, | ||
| inline void Graph_<FF>::process_gate_variables([[maybe_unused]] UltraCircuitBuilder& ultra_circuit_builder, |
Contributor
There was a problem hiding this comment.
Why do you need this then?
| * 4) Special handling for sorted constraints in delta range blocks | ||
| */ | ||
| template <typename FF> Graph_<FF>::Graph_(bb::UltraCircuitBuilder& ultra_circuit_constructor) | ||
| template <typename FF> Graph_<FF>::Graph_(bb::UltraCircuitBuilder& ultra_circuit_constructor, bool graph) |
Contributor
There was a problem hiding this comment.
What does the "graph" variable mean? I think there should be a better name
| // Compute the evaluation of the vanishing polynomia Z_H(X) at X = | ||
| // gemini_evaluation_challenge | ||
| const FF vanishing_poly_eval = gemini_evaluation_challenge.pow(SUBGROUP_SIZE) - FF(1); | ||
| auto compute_vanishing_poly_eval = [&]() { |
Contributor
There was a problem hiding this comment.
This is inefficient, please use field's implementation of pow. If it's broken, then we need to fix it
Contributor
There was a problem hiding this comment.
Alternatively, at least use square and multiply
DanielKotov
force-pushed
the
dk/goblin_recursive_verifier_PR
branch
from
f226dbb to
b54e8be
Compare
DanielKotov
force-pushed
the
dk/goblin_recursive_verifier_PR
branch
3 times, most recently
from
e96f36c to
d4dee54
Compare
iakovenkos
reviewed
Jun 16, 2025
| commitments.emplace_back(claim.commitment); | ||
| batched_eval += alpha_pow * claim.opening_pair.evaluation; | ||
| alpha_pow *= alpha; | ||
| if (idx < opening_claims.size() - 1) { |
iakovenkos
reviewed
Jun 16, 2025
| } | ||
| } | ||
| if (shifted_exponent != 0) { | ||
| if (shifted_exponent >= 2) { |
Contributor
There was a problem hiding this comment.
@suyash67 here's an example of a bug that Daniel's tool finds automatically
iakovenkos
reviewed
Jun 16, 2025
| CommitmentLabels commitment_labels; | ||
|
|
||
| const BF accumulated_result = transcript->template receive_from_prover<BF>("accumulated_result"); | ||
| if constexpr (IsUltraBuilder<Builder>) { |
Contributor
There was a problem hiding this comment.
de-instantiate Translator with MegaCircuitBuilder pls, it's not needed, then you'd avoid this constexpr
- add a comment explaining what's going on
DanielKotov
force-pushed
the
dk/goblin_recursive_verifier_PR
branch
2 times, most recently
from
142a763 to
8ab1127
Compare
DanielKotov
force-pushed
the
dk/goblin_recursive_verifier_PR
branch
from
b6de4d3 to
f21205c
Compare
Rumata888
approved these changes
Jun 18, 2025
github-merge-queue
Bot
removed this pull request from the merge queue due to failed status checks
DanielKotov
force-pushed
the
dk/goblin_recursive_verifier_PR
branch
2 times, most recently
from
69a8266 to
621c979
Compare
DanielKotov
force-pushed
the
dk/goblin_recursive_verifier_PR
branch
from
1e71761 to
ae610e6
Compare
…sult prime basis limb
DanielKotov
force-pushed
the
dk/goblin_recursive_verifier_PR
branch
from
5339cf9 to
f72f11b
Compare
github-merge-queue
Bot
removed this pull request from the merge queue due to failed status checks
danielntmd
pushed a commit
to danielntmd/aztec-packages
that referenced
this pull request
Jul 16, 2025
Made sure that the current impl of `field_t` `pow()` matches the audited (and [deprecated](AztecProtocol#14563)) implementation of `bigfield` `pow()`. The `pow` method taking const integers as an argument is taken from AztecProtocol#14610
danielntmd
pushed a commit
to danielntmd/aztec-packages
that referenced
this pull request
Jul 16, 2025
…ztecProtocol#14610) This time Recursive Verifier was tested by static analysis tool. There was found bug with using of insecure function "pow" that was removed. Also there was the bug in function compute_barycentric_evaluations, that appeared because of vector wasn't initialized correctly by default constructor. Finally, there were many cases with unused variables in the circuit and they can be described this way: variable is often a result of sequential multiplications on some challenge, but there's no need to do the last multiplication, because we add new variables in the gate that won't be used in the circuit. And there was a try to improve static analyzer performance again, maybe it became faster by some seconds, result weren't stable to get visible data. --------- Co-authored-by: iakovenkos <sergey.s.yakovenko@gmail.com>
AztecBot
pushed a commit
to AztecProtocol/barretenberg
that referenced
this pull request
Dec 3, 2025
Made sure that the current impl of `field_t` `pow()` matches the audited (and [deprecated](AztecProtocol/aztec-packages#14563)) implementation of `bigfield` `pow()`. The `pow` method taking const integers as an argument is taken from AztecProtocol/aztec-packages#14610
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This time Recursive Verifier was tested by static analysis tool.
There was found bug with using of insecure function "pow" that was removed. Also there was the bug in function compute_barycentric_evaluations, that appeared because of vector wasn't initialized correctly by default constructor.
Finally, there were many cases with unused variables in the circuit and they can be described this way: variable is often a result of sequential multiplications on some challenge, but there's no need to do the last multiplication, because we add new variables in the gate that won't be used in the circuit.
And there was a try to improve static analyzer performance again, maybe it became faster by some seconds, result weren't stable to get visible data.