Solver (mavkit-libs.Plompiler.Solver)

module CS = Csir.CS

module Tables = Csir.Tables

type wire =

| W of int

Index of a wire

type row =

| R of int

Index of a row

type 'a tagged =

| Input of 'a
| Output of 'a

Input/output tag for generic lookups.

val untag : 'a tagged -> 'a

untag t unwraps a tagged value.

Descriptors for core gates.

type arith_desc = {

wires : row array;
linear : Csir.Scalar.t array;
qm : Csir.Scalar.t;
qc : Csir.Scalar.t;
qx5a : Csir.Scalar.t;
qx2b : Csir.Scalar.t;
to_solve : wire;

}

type pow5_desc = {

a : int;
c : int;

}

type wires_desc = int array

type lookup_desc = {

wires : int tagged array;
table : string;

}

type swap_desc = {

b : int;
x : int;
y : int;
u : int;
v : int;

}

type ws_desc = {

x1 : int;
y1 : int;
x2 : int;
y2 : int;
x3 : int;
y3 : int;

}

type ed_desc = {

a : Csir.Scalar.t;
d : Csir.Scalar.t;
x1 : int;
y1 : int;
x2 : int;
y2 : int;
x3 : int;
y3 : int;

}

type ed_cond_desc = {

a : Csir.Scalar.t;
d : Csir.Scalar.t;
x1 : int;
y1 : int;
x2 : int;
y2 : int;
bit : int;
x3 : int;
y3 : int;

}

type bits_desc = {

nb_bits : int;
shift : Z.t;
l : int;
bits : int list;

}

type limbs_desc = {

total_nb_bits : int;
nb_bits : int;
shift : Z.t;
l : int;
limbs : int list;

}

type pos128full_desc = {

x0 : int;
y0 : int;
x1 : int;
y1 : int;
x2 : int;
y2 : int;
k : Csir.Scalar.t array;
matrix : Linear_algebra.Make_VectorSpace(Csir.Scalar).matrix;

}

type pos128partial_desc = {

a : int;
b : int;
c : int;
a_5 : int;
b_5 : int;
c_5 : int;
x0 : int;
y0 : int;
x1 : int;
y1 : int;
x2 : int;
y2 : int;
k_cols : Linear_algebra.Make_VectorSpace(Csir.Scalar).matrix array;
matrix : Linear_algebra.Make_VectorSpace(Csir.Scalar).matrix;

}

type anemoi_desc = {

x0 : int;
y0 : int;
w : int;
v : int;
x1 : int;
y1 : int;
kx : Csir.Scalar.t;
ky : Csir.Scalar.t;

}

type anemoi_double_desc = {

x0 : int;
y0 : int;
w0 : int;
w1 : int;
y1 : int;
x2 : int;
y2 : int;
kx1 : Csir.Scalar.t;
ky1 : Csir.Scalar.t;
kx2 : Csir.Scalar.t;
ky2 : Csir.Scalar.t;

}

type anemoi_custom_desc = {

x0 : int;
y0 : int;
x1 : int;
y1 : int;
x2 : int;
y2 : int;
kx1 : Csir.Scalar.t;
ky1 : Csir.Scalar.t;
kx2 : Csir.Scalar.t;
ky2 : Csir.Scalar.t;

}

type mod_arith_desc = {

modulus : Z.t;
base : Z.t;
nb_limbs : int;
moduli : Z.t list;
qm_bound : Z.t * Z.t;
ts_bounds : (Z.t * Z.t) list;
inverse : bool;
inp1 : int list;
inp2 : int list;
out : int list;
qm : int;
ts : int list;

}

See lib_plompiler/gadget_mod_arith.ml for documentation on mod_arith

type mod_arith_is_zero_desc = {

modulus : Z.t;
base : Z.t;
nb_limbs : int;
inp : int list;
aux : int list;
out : int;

}

See lib_plompiler/gadget_mod_arith.ml for documentation on mod_arith

val mod_arith_is_zero_desc_t : mod_arith_is_zero_desc Repr.t

type solver_desc =

| Arith of arith_desc
| Pow5 of pow5_desc
| IsZero of wires_desc
| IsNotZero of wires_desc
| Lookup of lookup_desc
| Ecc_Ws of ws_desc
| Ecc_Ed of ed_desc
| Ecc_Cond_Ed of ed_cond_desc
| Swap of swap_desc
| Skip
| BitsOfS of bits_desc
| LimbsOfS of limbs_desc
| Poseidon128Full of pos128full_desc
| Poseidon128Partial of pos128partial_desc
| AnemoiRound of anemoi_desc
| AnemoiDoubleRound of anemoi_double_desc
| AnemoiCustom of anemoi_custom_desc
| Mod_Add of mod_arith_desc
| Mod_Mul of mod_arith_desc
| Mod_IsZero of mod_arith_is_zero_desc
| Updater of Optimizer.trace_info

Solver description language. Each core gate has a descriptor holding the data needed to compute the part of the trace it determines.

type solvers

Collection of solver descriptors for a circuit.

type t = {

solvers : solvers;
initial_size : int;
final_size : int;

}

A solver is formed by solver descriptors together with meta-data about the size of the initial inputs and final size of the witness.

val t : t Repr.t

val empty_solver : t

Empty solver.

val append_solver : solver_desc -> t -> t

append_solver sd s sdds a solver descriptor sd to a solver s.

val solve : t -> Csir.Scalar.t array -> Csir.Scalar.t array

solve s inital computes the witness using solver s and the initial inputs.