This repository contains Solidity implementation of Nova-based proving system
The idea is actually to gather required cryptographic building blocks (Pasta / Grumpkin curve operations, Poseidon, KeccakTranscript, Sumcheck protocol, etc.) in main branch,
evaluate them and check that they work as expected via test vectors provided by "trusted" reference Rust implementation (Arecibo).
Since reference proving system is under active development, the original end-to-end verification flow is a subject of changes, that is why, full e2e contracts are located in various branches,
depending on the Nova cryptographic feature. See pasta, grumpkin, zeromorph, gas-optimizing branches for more details.
To cleanup current build artifacts:
forge cleanTo build:
forge buildTo run Solidity unit-tests:
forge test --match-path test/* -vvMore details about Foundry tooling is here.
├── lib
| └── forge-std # Forge standard library for testing utilities.
├── src
| ├── blocks # Cryptographic building blocks shared between all our features.
| └── Utilities.sol # Mostly Mathematical building blocks such as Field operations or Polynomial-related methods.
└── test # Unit test for our contracts.This section aims to describe the main features currently being developed and outline their specificities. It has to be noted that each of these branches have dedicated e2e testing, documented in their respective README.
Orignal feature branch, implementing the Nova Verifier over Pallas/Vesta (Pasta) curve cycles. The reference Nova implementation over Pasta can be found over the lurk-lab/Nova repository.
Development is nearly finalized but there are some compatibility checks to be run between the latest version of Arecibo and our solidity verifier.
Feature branch aiming to implement our Nova Verifier over BN254/Grumpkin curve cycle instead of Pasta, to keep up with the development on the Rust implementation side. As for Pasta, the reference implementation can be found over the lurk-lab/Nova repository.
Development is nearly finalized but there are some compatibility checks to be run between the latest version of Arecibo and our solidity verifier.
The goal is to take into account the Zeromorph feature done in Arecibo. Zeromorph impacts how we generate prover randomness at proving time, and allows us to have a new (and faster) Polynomial Commitment Scheme (PCS). The reference implementation for the Zeromorph feature can be found in the Arecibo repository.
The branch needs to integrate the lastest updates pushed over Arecibo and will most likely need some development in Assembly to properly work.
Feature branch: gas-optimizing
This last branch contains development in Assembly, leveraging Yul. This development will allow optimization on gas consumption, readying our contracts for production. Based on the Grumpkin feature branch, it should aim to implement a Grumpkin contract in Yul.
The verification steps 1 and 2 have been implemented but the rest of the steps need to be developed.
Poseidon contracts in this repository have been generated with a help of correspondent Python scripts.
To re-generate them (for Pallas and Vesta curves) compatible to Neptune and "sharpened" for usage in Nova:
python src/blocks/poseidon/poseidon-contract-gen.py src/blocks/poseidon/neptune-constants-U24-pallas.json PoseidonU24Pallas > src/blocks/poseidon/PoseidonNeptuneU24pallas.sol
python src/blocks/poseidon/poseidon-contract-gen.py src/blocks/poseidon/neptune-constants-U24-vesta.json PoseidonU24Vesta > src/blocks/poseidon/PoseidonNeptuneU24vesta.sol