1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#![allow(clippy::too_many_arguments)]
use crate::commitment_scheme::kzg10::Commitment;
use crate::permutation::constants::{K1, K2, K3};
use crate::proof_system::linearisation_poly::ProofEvaluations;
use dusk_bls12_381::{G1Affine, Scalar};
#[derive(Debug)]
pub struct VerifierKey {
pub left_sigma: Commitment,
pub right_sigma: Commitment,
pub out_sigma: Commitment,
pub fourth_sigma: Commitment,
}
impl VerifierKey {
pub(crate) fn compute_linearisation_commitment(
&self,
scalars: &mut Vec<Scalar>,
points: &mut Vec<G1Affine>,
evaluations: &ProofEvaluations,
z_challenge: &Scalar,
(alpha, beta, gamma): (&Scalar, &Scalar, &Scalar),
l1_eval: &Scalar,
z_comm: G1Affine,
) {
let alpha_sq = alpha.square();
let x = {
let beta_z = beta * z_challenge;
let q_0 = evaluations.a_eval + beta_z + gamma;
let beta_k1_z = beta * K1 * z_challenge;
let q_1 = evaluations.b_eval + beta_k1_z + gamma;
let beta_k2_z = beta * K2 * z_challenge;
let q_2 = evaluations.c_eval + beta_k2_z + gamma;
let beta_k3_z = beta * K3 * z_challenge;
let q_3 = (evaluations.d_eval + beta_k3_z + gamma) * alpha;
q_0 * q_1 * q_2 * q_3
};
let r = l1_eval * alpha_sq;
scalars.push(x + r);
points.push(z_comm);
let y = {
let beta_sigma_1 = beta * evaluations.left_sigma_eval;
let q_0 = evaluations.a_eval + beta_sigma_1 + gamma;
let beta_sigma_2 = beta * evaluations.right_sigma_eval;
let q_1 = evaluations.b_eval + beta_sigma_2 + gamma;
let beta_sigma_3 = beta * evaluations.out_sigma_eval;
let q_2 = evaluations.c_eval + beta_sigma_3 + gamma;
let q_3 = beta * evaluations.perm_eval * alpha;
-(q_0 * q_1 * q_2 * q_3)
};
scalars.push(y);
points.push(self.fourth_sigma.0);
}
}