chore: kernels start with eq and reset#15734
Merged
maramihali merged 49 commits intoJul 18, 2025
Merged
Conversation
We modify the Merge protocol so that it enforces that the subtable polynomial `t_j` has degree smaller than `subtable_size` as read from the proof. Closes AztecProtocol/barretenberg#1442 **Details** As per the linked issue, we want to support ecc operations in app circuits. To ensure that app ecc ops do not modify ecc ops that happened before them, we need to ensure that the subtable length `t.size()` is smaller than the constant `l` by which we right shift `T_prev`. This is to ensure that `t + X^{l-1} T_prev` is indeed the polynomial corresponding to the column `t || T_prev`. We enforce this degree check in the merge protocol by requiring the prover to commit to `g(X) := X^{l-1} t(1/X)` and provide openings `c`, `d` of `t`, `g` at challenges `1/kappa`, `kappa`, respectively, for which we check `c * kappa^{l-1} = d`. To save on the number of MSMs performed, we use Shplonk to verify the following claims: - `t(X)` opens to `c` at `1/kappa` - `p(X) = t(X) + X^{l-1} T_prev(X) - T(X)` opens to `0` at `kappa` - `g(X) := X^{l-1} t(1/X)` opens to `d` at `kappa` --------- Co-authored-by: AztecBot <tech@aztecprotocol.com> Co-authored-by: sergei iakovenko <105737703+iakovenkos@users.noreply.github.com> Co-authored-by: ludamad <adam.domurad@gmail.com> Co-authored-by: Suyash Bagad <suyash@aztecprotocol.com> Co-authored-by: Jonathan Hao <jonathan@aztec-labs.com> Co-authored-by: ledwards2225 <98505400+ledwards2225@users.noreply.github.com> Co-authored-by: Raju Krishnamoorthy <krishnamoorthy@gmail.com> Co-authored-by: notnotraju <raju@aztec-labs.com> Co-authored-by: Lucas Xia <lucasxia01@gmail.com> Co-authored-by: Khashayar Barooti <khashayar@aztecprotocol.com> Co-authored-by: Jean M <132435771+jeanmon@users.noreply.github.com> Co-authored-by: Alex Gherghisan <alexghr@users.noreply.github.com> Co-authored-by: Santiago Palladino <spalladino@users.noreply.github.com> Co-authored-by: Santiago Palladino <santiago@aztec-labs.com> Co-authored-by: ludamad <domuradical@gmail.com> Co-authored-by: maramihali <mara@aztecprotocol.com>
Restore accidentally deleted files in a previous PR. #15562
In my [previous PR](#15427), I moved the `GateSeparatorPolynomial` into the SumcheckProver class as a member, which extended its lifetime and increased memory usage in CIVC by the size of this polynomial, e.g. by 21 MB in `ecdsar1+transfer_0_recursions+sponsored_fpc` bench
This makes `SharedShiftedVirtualZeroesArray` holds an abstract BackingMemory. When `BB_SLOW_LOW_MEMORY=1` or when the `--slow_low_memory` runtime flag is enabled, `BackingMemory` will be `FileBackedMemory`. The memory is `mmap`ed to physical files so in memory-constrained environment, it won't be OOM. Otherwise, `BackingMemory` is `AlignedMemory` and the behavior is unchanged. See AztecProtocol/barretenberg#1456 for more contexts.
- Move the CIVC cli to use the new bbapi API - add placeholder for UH implementation - rename bbrpc => bbapi - bundle some CI changes, auto rebase script and bench_ivc tweaks
…m/kernels-start-with-reset
…m/kernels-start-with-reset
ledwards2225
approved these changes
Jul 16, 2025
ledwards2225
left a comment
ledwards2225
left a comment
Contributor
There was a problem hiding this comment.
LG! Suggestion to ensure we aren't relying on setting is_kernel from within CIVC anymore, as discussed.
…m/kernels-start-with-reset
maramihali
commented
Jul 17, 2025
| @@ -225,8 +224,6 @@ void ClientIVC::accumulate(ClientCircuit& circuit, | |||
| BB_ASSERT_LT( | |||
| num_circuits_accumulated, num_circuits, "ClientIVC: Attempting to accumulate more circuits than expected."); | |||
|
|
|||
Author
There was a problem hiding this comment.
this was a closed so I removed it
|
|
||
| public: | ||
| ClientCircuit create_next_circuit(ClientIVC& ivc, size_t log2_num_gates = 16, const size_t num_public_inputs = 0) | ||
| { |
Author
There was a problem hiding this comment.
this was actually a kinda bug cus create_mock_circuit was recreating the circuit
added 2 commits
July 18, 2025 09:58
…m/kernels-start-with-reset
github-merge-queue Bot
pushed a commit
that referenced
this pull request
Jul 21, 2025
See [merge-train-readme.md](https://github.com/AztecProtocol/aztec-packages/blob/next/.github/workflows/merge-train-readme.md). BEGIN_COMMIT_OVERRIDE chore!: Remove circuit_size from all VKs (#15747) chore: Introduce data structures to hold inputs/outputs of the Merge verification (#15735) chore: replace asserts with runtime errors. (#15671) chore: kernels start with eq and reset (#15734) chore: Introduce Native IO mechanism (#15820) fix: Update Cargo.lock in avm-transpiler (#15837) END_COMMIT_OVERRIDE --------- Co-authored-by: AztecBot <tech@aztecprotocol.com> Co-authored-by: ledwards2225 <98505400+ledwards2225@users.noreply.github.com> Co-authored-by: federicobarbacovi <171914500+federicobarbacovi@users.noreply.github.com> Co-authored-by: sergei iakovenko <105737703+iakovenkos@users.noreply.github.com> Co-authored-by: ludamad <adam.domurad@gmail.com> Co-authored-by: Suyash Bagad <suyash@aztecprotocol.com> Co-authored-by: Jonathan Hao <jonathan@aztec-labs.com> Co-authored-by: Raju Krishnamoorthy <krishnamoorthy@gmail.com> Co-authored-by: notnotraju <raju@aztec-labs.com> Co-authored-by: Lucas Xia <lucasxia01@gmail.com> Co-authored-by: Khashayar Barooti <khashayar@aztecprotocol.com> Co-authored-by: Jean M <132435771+jeanmon@users.noreply.github.com> Co-authored-by: Alex Gherghisan <alexghr@users.noreply.github.com> Co-authored-by: Santiago Palladino <spalladino@users.noreply.github.com> Co-authored-by: Santiago Palladino <santiago@aztec-labs.com> Co-authored-by: ludamad <domuradical@gmail.com> Co-authored-by: maramihali <mara@aztecprotocol.com> Co-authored-by: Sarkoxed <75146596+Sarkoxed@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
As a measure of precaution in case of misconfigured ecc ops in an app circuit that might attempt, for example, to link ecc ops between apps and kernels, the subtable of ecc ops in each kernel circuit will start with an eq and reset op. This cannot happen when the API for creating ecc ops is used properly as the logic in
goblin_elementensures an eq and reset op is present at the end of eachbatch_mul, function also used foroperator+andoperator-. Moreover, theadd_gates_to_ensure_nonzero_polynomialsmakes sure that an eq and reset exists if no other ecc ops are encountered in the circuit.