This is a (WIP) implementation of a Plonky2 verifier written in Haskell.
Plonky2 is a zero-knowledge proof system developed by Polygon Zero, optimized for recursive proofs.
The goal here is to provide an executable specification (along a with less precise, but still detailed human language description) of the Plonky2 verification algorithm.
Another goal is to be a basis for further tooling (for example: estimating verifier costs, helping the design of recursive circuits, generating Plonky2 verifier circuits for other proof systems, etc)
Note: It's deliberately not a goal for this verifier to be efficient; instead we try to focus on simplicity.
- Parsing the proof and verification key from JSON
- Parsing from Plonky's custom binary serialization
- Generating verifier challenges
- Recursive circuit subtle details (like this)
- Constraints check
- FRI check
- Support lookup tables
- Documenting Plonky2 internals and the verifier algorithm (WIP)
Supported gates:
- ArithmeticGate
- ArithmeticExtensionGate
- BaseSumGate
- CosetInterpolationGate
- ConstantGate
- ExponentiationGate
- LookupGate
- LookupTableGate
- MulExtensionGate
- NoopGate
- PublicInputGate
- PoseidonGate
- PoseidonMdsGate
- RandomAccessGate
- ReducingGate
- ReducingExtensionGate
Optional features:
- Field extensions with degree higher than 2
- Being parametric over the field choice
- Supporting different hash functions