experimental-frontends & IVC renamings

Cargo.toml

@@ -3,7 +3,7 @@ members = [
     "folding-schemes",
     "solidity-verifiers",
     "cli",
-    "frontends"
+    "experimental-frontends"
 ]
 resolver = "2"
 

README.md

@@ -23,9 +23,6 @@ Folding schemes implemented:
 - [Nova: Recursive Zero-Knowledge Arguments from Folding Schemes](https://eprint.iacr.org/2021/370.pdf), Abhiram Kothapalli, Srinath Setty, Ioanna Tzialla. 2021
 - [CycleFold: Folding-scheme-based recursive arguments over a cycle of elliptic curves](https://eprint.iacr.org/2023/1192.pdf), Abhiram Kothapalli, Srinath Setty. 2023
 - [HyperNova: Recursive arguments for customizable constraint systems](https://eprint.iacr.org/2023/573.pdf), Abhiram Kothapalli, Srinath Setty. 2023
-
-Work in progress:
-
 - [ProtoGalaxy: Efficient ProtoStar-style folding of multiple instances](https://eprint.iacr.org/2023/1106.pdf), Liam Eagen, Ariel Gabizon. 2023
 
 
@@ -34,7 +31,7 @@ Work in progress:
 Frontends allow to define the circuit to be folded (ie. `FCircuit`).
 The recommended frontend is directly implementing the [`FCircuit` trait](https://github.com/privacy-scaling-explorations/sonobe/blob/main/folding-schemes/src/frontend/mod.rs#L16) with the Arkworks constraint system.
 
-Alternatively, experimental frontends for [Circom](https://github.com/iden3/circom), [Noir](https://github.com/noir-lang/noir) and [Noname](https://github.com/zksecurity/noname) can be found at the [sonobe/frontends](https://github.com/privacy-scaling-explorations/sonobe/tree/main/frontends) directory, which have some computational (and time) overhead.
+Alternatively, experimental frontends for [Circom](https://github.com/iden3/circom), [Noir](https://github.com/noir-lang/noir) and [Noname](https://github.com/zksecurity/noname) can be found at the [sonobe/experimental-frontends](https://github.com/privacy-scaling-explorations/sonobe/tree/main/experimental-frontends) directory, which have some computational (and time) overhead.
 
 More details about the frontend interface and the experimental frontends can be found at the [sonobe-docs/frontend](https://privacy-scaling-explorations.github.io/sonobe-docs/usage/frontend.html) page.
 
@@ -49,7 +46,7 @@ folding-schemes = { git = "https://github.com/privacy-scaling-explorations/sonob
 Available packages:
 - `folding-schemes`: main crate, contains the different scheme implementations, together with commitment schemes, frontend trait, arithmetization, transcript, etc.
 - `solidity-verifiers`: contains the templating logic to output the verifier contracts for the DeciderEth proofs. Currently only supports Nova+CycleFold DeciderEth proofs.
-- `frontends`: contains the experimental frontends other than the arkworks frontend. More details at the [sonobe/frontends](https://github.com/privacy-scaling-explorations/sonobe/tree/main/frontends) directory.
+- `experimental-frontends`: contains the experimental frontends other than the arkworks frontend. More details at the [sonobe/experimental-frontends](https://github.com/privacy-scaling-explorations/sonobe/tree/main/experimental-frontends) directory.
 
 Available features:
 - `parallel` enables some parallelization optimizations available in the crate. It is enabled by default.
@@ -105,7 +102,7 @@ Sonobe is [MIT Licensed](https://github.com/privacy-scaling-explorations/sonobe/
 
 ## Acknowledgments
 
-This project builds on top of multiple [arkworks](https://github.com/arkworks-rs) libraries. It uses Espresso system's [virtual polynomial](https://github.com/EspressoSystems/hyperplonk/blob/main/arithmetic/src/virtual_polynomial.rs) abstraction and its [SumCheck](https://github.com/EspressoSystems/hyperplonk/tree/main/subroutines/src/poly_iop/sum_check) implementation.
+This project builds on top of multiple [arkworks](https://github.com/arkworks-rs) libraries. It uses Espresso System's [virtual polynomial](https://github.com/EspressoSystems/hyperplonk/blob/main/arithmetic/src/virtual_polynomial.rs) abstraction and its [SumCheck](https://github.com/EspressoSystems/hyperplonk/tree/main/subroutines/src/poly_iop/sum_check) implementation.
 
 The Solidity templates used in `nova_cyclefold_verifier.sol`, use [iden3](https://github.com/iden3/snarkjs/blob/master/templates/verifier_groth16.sol.ejs)'s Groth16 implementation and a KZG10 Solidity template adapted from [weijiekoh/libkzg](https://github.com/weijiekoh/libkzg).
 

examples/circom_full_flow.rs

@@ -17,6 +17,7 @@ use ark_grumpkin::{constraints::GVar as GVar2, Projective as G2};
 use std::path::PathBuf;
 use std::time::Instant;
 
+use experimental_frontends::circom::CircomFCircuit;
 use folding_schemes::{
     commitment::{kzg::KZG, pedersen::Pedersen},
     folding::{
@@ -30,7 +31,6 @@ use folding_schemes::{
     transcript::poseidon::poseidon_canonical_config,
     Decider, FoldingScheme,
 };
-use frontends::circom::CircomFCircuit;
 use solidity_verifiers::{
     evm::{compile_solidity, Evm},
     utils::get_function_selector_for_nova_cyclefold_verifier,
@@ -58,9 +58,10 @@ fn main() {
     ];
 
     // initialize the Circom circuit
-    let r1cs_path = PathBuf::from("./frontends/src/circom/test_folder/with_external_inputs.r1cs");
+    let r1cs_path =
+        PathBuf::from("./experimental-frontends/src/circom/test_folder/with_external_inputs.r1cs");
     let wasm_path = PathBuf::from(
-        "./frontends/src/circom/test_folder/with_external_inputs_js/with_external_inputs.wasm",
+        "./experimental-frontends/src/circom/test_folder/with_external_inputs_js/with_external_inputs.wasm",
     );
 
     let f_circuit_params = (r1cs_path.into(), wasm_path.into(), 1, 2);

examples/noir_full_flow.rs

@@ -14,6 +14,7 @@ use ark_bn254::{constraints::GVar, Bn254, Fr, G1Projective as G1};
 use ark_groth16::Groth16;
 use ark_grumpkin::{constraints::GVar as GVar2, Projective as G2};
 
+use experimental_frontends::noir::{load_noir_circuit, NoirFCircuit};
 use folding_schemes::{
     commitment::{kzg::KZG, pedersen::Pedersen},
     folding::{
@@ -27,7 +28,6 @@ use folding_schemes::{
     transcript::poseidon::poseidon_canonical_config,
     Decider, FoldingScheme,
 };
-use frontends::noir::{load_noir_circuit, NoirFCircuit};
 use std::time::Instant;
 
 use solidity_verifiers::{
@@ -42,7 +42,8 @@ fn main() {
     let z_0 = vec![Fr::from(1)];
 
     // initialize the noir fcircuit
-    let circuit_path = format!("./frontends/src/noir/test_folder/test_mimc/target/test_mimc.json",);
+    let circuit_path =
+        format!("./experimental-frontends/src/noir/test_folder/test_mimc/target/test_mimc.json",);
 
     let circuit = load_noir_circuit(circuit_path).unwrap();
     let f_circuit = NoirFCircuit {

examples/noname_full_flow.rs

@@ -15,6 +15,7 @@ use noname::backends::r1cs::R1csBn254Field;
 use ark_groth16::Groth16;
 use ark_grumpkin::{constraints::GVar as GVar2, Projective as G2};
 
+use experimental_frontends::noname::NonameFCircuit;
 use folding_schemes::{
     commitment::{kzg::KZG, pedersen::Pedersen},
     folding::{
@@ -28,7 +29,6 @@ use folding_schemes::{
     transcript::poseidon::poseidon_canonical_config,
     Decider, FoldingScheme,
 };
-use frontends::noname::NonameFCircuit;
 use std::time::Instant;
 
 use solidity_verifiers::{

frontends/Cargo.toml → experimental-frontends/Cargo.toml

@@ -1,5 +1,5 @@
 [package]
-name = "frontends"
+name = "experimental-frontends"
 version = "0.1.0"
 edition = "2021"
 

frontends/README.md → experimental-frontends/README.md

@@ -1,9 +1,8 @@
-# frontends
+# experimental-frontends
 
 This crate contains *experimental frontends* for Sonobe.
 The recommended frontend is to directly use [arkworks](https://github.com/arkworks-rs) to define the FCircuit, just following the [`FCircuit` trait](https://github.com/privacy-scaling-explorations/sonobe/blob/main/folding-schemes/src/frontend/mod.rs).
 
-## Experimental frontends
 > Warning: the following frontends are experimental and some computational and time overhead is expected when using them compared to directly using the [arkworks frontend](https://github.com/privacy-scaling-explorations/sonobe/blob/main/folding-schemes/src/frontend/mod.rs).
 
 Available experimental frontends:

folding-schemes/src/folding/hypernova/circuits.rs

@@ -566,7 +566,7 @@ where
         ccs: Option<CCS<C1::ScalarField>>,
     ) -> Result<Self, Error> {
         let initial_ccs = CCS {
-            // m, n, s, s_prime and M will be overwritten by the `upper_bound_ccs' method
+            // m, n, s, s_prime and M will be overwritten by the `compute_concrete_ccs' method
             m: 0,
             n: 0,
             l: 2, // io_len
@@ -582,15 +582,15 @@ where
         let mut augmented_f_circuit = Self::default(poseidon_config, F, initial_ccs)?;
         augmented_f_circuit.ccs = ccs
             .ok_or(())
-            .or_else(|_| augmented_f_circuit.upper_bound_ccs())?;
+            .or_else(|_| augmented_f_circuit.compute_concrete_ccs())?;
         Ok(augmented_f_circuit)
     }
 
     /// This method computes the CCS parameters. This is used because there is a circular
     /// dependency between the AugmentedFCircuit CCS and the CCS parameters m & n & s & s'.
     /// For a stable FCircuit circuit, the CCS parameters can be computed in advance and can be
     /// feed in as parameter for the AugmentedFCircuit::empty method to avoid computing them there.
-    pub fn upper_bound_ccs(&self) -> Result<CCS<C1::ScalarField>, Error> {
+    pub fn compute_concrete_ccs(&self) -> Result<CCS<C1::ScalarField>, Error> {
         let r1cs = get_r1cs_from_cs::<CF1<C1>>(self.clone())?;
         let mut ccs = CCS::from(r1cs);
 
@@ -667,8 +667,6 @@ where
             U_i = LCCCS::<C1>::dummy(&ccs);
         }
         Ok(ccs)
-
-        // Ok(augmented_f_circuit.compute_cs_ccs()?.1)
     }
 
     /// Returns the cs (ConstraintSystem) and the CCS out of the AugmentedFCircuit

solidity-verifiers/Cargo.toml

@@ -29,7 +29,7 @@ ark-bn254 = {version="0.4.0", features=["r1cs"]}
 ark-grumpkin = {version="0.4.0", features=["r1cs"]}
 rand = "0.8.5"
 folding-schemes = { path = "../folding-schemes/", features=["light-test"]}
-frontends = { path = "../frontends/"}
+experimental-frontends = { path = "../experimental-frontends/"}
 noname = { git = "https://github.com/dmpierre/noname" }
 
 [features]