chad11111 · February 18, 2025 13:42
diff --git a/mina prover flow b/mina prover flow
 sequenceDiagram
    autonumber
    participant P as Prover
    participant W as Witness
    participant I as ProverIndex
    participant FQ as Fq-Sponge
    participant SRS as SRS
    participant L as LookupContext
    participant FR as Fr-Sponge

    Note over P: Start proof generation (create_recursive)

    %% 1. Witness Preparation
    P->>W: Receive witness data & runtime tables
    P->>P: Pad witness with zeros and add zk rows

    %% 2. Fq-Sponge Setup & Absorptions
    P->>FQ: Initialize Fq-Sponge
    FQ->>FQ: Absorb verifier index digest
    FQ->>FQ: Absorb previous recursion challenges

    %% 3. Public Polynomial
    P->>P: Compute public polynomial from witness public inputs
    P->>SRS: Commit public polynomial (non-hiding)
    SRS-->>P: Return public commitment
    P->>FQ: Absorb public commitment

    %% 4. Commit Witness Columns
    loop For each witness column
        P->>SRS: Commit witness column (hiding)
        SRS-->>P: Return witness commitment
        P->>FQ: Absorb witness commitment
    end
    P->>P: Interpolate witness polynomials

    %% 5. Lookup Constraints (if enabled)
    alt Lookup Constraints Used
        P->>P: Process runtime tables (pad & compute runtime column)
        P->>SRS: Commit runtime table polynomial
        SRS-->>P: Return runtime table commitment
        P->>FQ: Absorb runtime table commitment

        P->>FQ: Squeeze for joint combiner challenge
        P->>P: Derive joint combiner & table_id_combiner
        P->>P: Compute dummy lookup value

        P->>P: Combine fixed lookup table entries into joint lookup table
        P->>P: Compute sorted evaluations (apply zk patch)
        P->>SRS: Commit each sorted polynomial
        SRS-->>P: Return sorted commitments
        P->>FQ: Absorb sorted commitments

        P->>P: Compute lookup aggregation polynomial
        P->>SRS: Commit lookup aggregation polynomial
        SRS-->>P: Return lookup aggregation commitment
        P->>FQ: Absorb lookup aggregation commitment
    end

    %% 6. Sampling Challenges & Permutation Polynomial
    P->>FQ: Sample beta challenge
    FQ-->>P: Return beta
    P->>FQ: Sample gamma challenge
    FQ-->>P: Return gamma

    P->>P: Compute permutation aggregation polynomial z
    P->>SRS: Commit z polynomial (hiding)
    SRS-->>P: Return z commitment
    P->>FQ: Absorb z commitment

    %% 7. Alpha Challenge & Quotient Polynomial
    P->>FQ: Sample alpha challenge
    FQ-->>P: Return alpha challenge
    P->>P: Derive alpha & instantiate powers of alpha
    P->>P: Compute quotient polynomial (generic + permutation [+ lookup] + public)
    P->>P: Divide by vanishing polynomial
    P->>SRS: Commit quotient polynomial t (hiding)
    SRS-->>P: Return t commitment
    P->>FQ: Absorb t commitment

    %% 8. Evaluation Points & Chunked Evaluations
    P->>FQ: Sample zeta challenge
    FQ-->>P: Return zeta challenge
    P->>P: Derive evaluation points ζ and ζ·ω
    alt Lookup Constraints Used
        P->>P: Evaluate lookup aggregation, sorted, and table polynomials at ζ & ζ·ω
    end
    P->>P: Chunk evaluate polynomials (witness, selectors, etc.)
    P->>P: Compute Lagrange basis evaluations at ζ and ζ·ω

    %% 9. ft Polynomial & Blinding
    P->>P: Compute ft polynomial via Maller’s optimization
    P->>P: Compute blinding factors for ft
    P->>P: Evaluate ft polynomial at ζ·ω (ft_eval1)

    %% 10. Fr-Sponge & Final Challenges
    P->>FR: Initialize Fr-Sponge with digest from Fq-Sponge
    FR->>FR: Absorb previous recursion challenges
    FR->>FR: Absorb all polynomial evaluations (public, z, selectors, witness, etc.)
    FR->>FR: Sample challenge v
    FR-->>P: Return v
    FR->>FR: Sample challenge u
    FR-->>P: Return u

    %% 11. Aggregated Evaluation Proof
    P->>P: Aggregate all polynomial commitments & evaluations
    P->>SRS: Create aggregated evaluation proof (OpenProof::open)
    SRS-->>P: Return aggregated evaluation proof

    %% 12. Assemble & Return Final Proof
    P->>P: Assemble final proof with:
    P->>P: - Commitments (witness, z, t, [lookup])
    P->>P: - Aggregated evaluation proof
    P->>P: - Chunked evaluations and ft_eval1
    P->>P: - Previous recursion challenges
    P->>P: Return final proof
	sequenceDiagram
	autonumber
	participant P as Prover
	participant W as Witness
	participant I as ProverIndex
	participant FQ as Fq-Sponge
	participant SRS as SRS
	participant L as LookupContext
	participant FR as Fr-Sponge

	Note over P: Start proof generation (create_recursive)

	%% 1. Witness Preparation
	P->>W: Receive witness data & runtime tables
	P->>P: Pad witness with zeros and add zk rows

	%% 2. Fq-Sponge Setup & Absorptions
	P->>FQ: Initialize Fq-Sponge
	FQ->>FQ: Absorb verifier index digest
	FQ->>FQ: Absorb previous recursion challenges

	%% 3. Public Polynomial
	P->>P: Compute public polynomial from witness public inputs
	P->>SRS: Commit public polynomial (non-hiding)
	SRS-->>P: Return public commitment
	P->>FQ: Absorb public commitment

	%% 4. Commit Witness Columns
	loop For each witness column
	P->>SRS: Commit witness column (hiding)
	SRS-->>P: Return witness commitment
	P->>FQ: Absorb witness commitment
	end
	P->>P: Interpolate witness polynomials

	%% 5. Lookup Constraints (if enabled)
	alt Lookup Constraints Used
	P->>P: Process runtime tables (pad & compute runtime column)
	P->>SRS: Commit runtime table polynomial
	SRS-->>P: Return runtime table commitment
	P->>FQ: Absorb runtime table commitment

	P->>FQ: Squeeze for joint combiner challenge
	P->>P: Derive joint combiner & table_id_combiner
	P->>P: Compute dummy lookup value

	P->>P: Combine fixed lookup table entries into joint lookup table
	P->>P: Compute sorted evaluations (apply zk patch)
	P->>SRS: Commit each sorted polynomial
	SRS-->>P: Return sorted commitments
	P->>FQ: Absorb sorted commitments

	P->>P: Compute lookup aggregation polynomial
	P->>SRS: Commit lookup aggregation polynomial
	SRS-->>P: Return lookup aggregation commitment
	P->>FQ: Absorb lookup aggregation commitment
	end

	%% 6. Sampling Challenges & Permutation Polynomial
	P->>FQ: Sample beta challenge
	FQ-->>P: Return beta
	P->>FQ: Sample gamma challenge
	FQ-->>P: Return gamma

	P->>P: Compute permutation aggregation polynomial z
	P->>SRS: Commit z polynomial (hiding)
	SRS-->>P: Return z commitment
	P->>FQ: Absorb z commitment

	%% 7. Alpha Challenge & Quotient Polynomial
	P->>FQ: Sample alpha challenge
	FQ-->>P: Return alpha challenge
	P->>P: Derive alpha & instantiate powers of alpha
	P->>P: Compute quotient polynomial (generic + permutation [+ lookup] + public)
	P->>P: Divide by vanishing polynomial
	P->>SRS: Commit quotient polynomial t (hiding)
	SRS-->>P: Return t commitment
	P->>FQ: Absorb t commitment

	%% 8. Evaluation Points & Chunked Evaluations
	P->>FQ: Sample zeta challenge
	FQ-->>P: Return zeta challenge
	P->>P: Derive evaluation points ζ and ζ·ω
	alt Lookup Constraints Used
	P->>P: Evaluate lookup aggregation, sorted, and table polynomials at ζ & ζ·ω
	end
	P->>P: Chunk evaluate polynomials (witness, selectors, etc.)
	P->>P: Compute Lagrange basis evaluations at ζ and ζ·ω

	%% 9. ft Polynomial & Blinding
	P->>P: Compute ft polynomial via Maller’s optimization
	P->>P: Compute blinding factors for ft
	P->>P: Evaluate ft polynomial at ζ·ω (ft_eval1)

	%% 10. Fr-Sponge & Final Challenges
	P->>FR: Initialize Fr-Sponge with digest from Fq-Sponge
	FR->>FR: Absorb previous recursion challenges
	FR->>FR: Absorb all polynomial evaluations (public, z, selectors, witness, etc.)
	FR->>FR: Sample challenge v
	FR-->>P: Return v
	FR->>FR: Sample challenge u
	FR-->>P: Return u

	%% 11. Aggregated Evaluation Proof
	P->>P: Aggregate all polynomial commitments & evaluations
	P->>SRS: Create aggregated evaluation proof (OpenProof::open)
	SRS-->>P: Return aggregated evaluation proof

	%% 12. Assemble & Return Final Proof
	P->>P: Assemble final proof with:
	P->>P: - Commitments (witness, z, t, [lookup])
	P->>P: - Aggregated evaluation proof
	P->>P: - Chunked evaluations and ft_eval1
	P->>P: - Previous recursion challenges
	P->>P: Return final proof