From 0d1ddb12ecc8fc4beec73571de517832e9708af6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eduardo=20Antu=C3=B1a=20D=C3=ADez?= Date: Mon, 20 Feb 2023 17:49:20 +0100 Subject: [PATCH] add computeLiS0 --- src/fflonk_prover.cpp | 26 +++++++++++++++++++++++++- src/fflonk_prover.hpp | 2 ++ 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/src/fflonk_prover.cpp b/src/fflonk_prover.cpp index bd39477..966fcbf 100644 --- a/src/fflonk_prover.cpp +++ b/src/fflonk_prover.cpp @@ -1508,7 +1508,16 @@ namespace Fflonk { // · denominator needed in step 10 and 11 of the verifier // toInverse.yBatch -> Computed in round5, computeL() - // · denominator needed in the verifier when computing L_i^{S1}(X) and L_i^{S2}(X) + // · denominator needed in the verifier when computing L_i^{S0}(X), L_i^{S1}(X) and L_i^{S2}(X) + + for (uint i = 0; i < 8; i++) + { + ss.str(""); + ss << "LiS0_" << (i + 1); + toInverse[ss.str()] = computeLiS0(i); + } + + for (uint i = 0; i < 4; i++) { ss.str(""); ss << "LiS1_" << (i + 1); @@ -1542,6 +1551,21 @@ namespace Fflonk { return mulAccumulator; } + template + typename Engine::FrElement FflonkProver::computeLiS0(u_int32_t i) + { + // Compute L_i^{(S0)}(y) + u_int32_t idx = i; + FrElement den = E.fr.one(); + for (uint j = 0; j < 7; j++) + { + idx = (idx + 1) % 8; + + den = E.fr.mul(den, E.fr.sub(roots["S0h0"][i], roots["S0h0"][idx])); + } + return den; + } + template typename Engine::FrElement FflonkProver::computeLiS1(u_int32_t i) { // Compute L_i^{(S1)}(y) diff --git a/src/fflonk_prover.hpp b/src/fflonk_prover.hpp index 932c572..77c57c4 100644 --- a/src/fflonk_prover.hpp +++ b/src/fflonk_prover.hpp @@ -135,6 +135,8 @@ namespace Fflonk { FrElement getMontgomeryBatchedInverse(); + FrElement computeLiS0(u_int32_t i); + FrElement computeLiS1(u_int32_t i); FrElement computeLiS2(u_int32_t i);