Skip to content

chore: opt sol verifier scope + renaming #20069

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
iakovenkos merged 3 commits into from
Feb 2, 2026
Merged

chore: opt sol verifier scope + renaming #20069

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b5415f8
add scope + renaming
iakovenkos Jan 30, 2026
ebfdf80
upd md
iakovenkos Jan 30, 2026
2844dc8
fix bug
iakovenkos Feb 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 73 additions & 0 deletions ...erg/cpp/src/barretenberg/dsl/acir_proofs/OPTIMIZED_HONK_VERIFIER_AUDIT_SCOPE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
# Optimized Honk Verifier - Audit Scope

**Primary file to audit**: `barretenberg/sol/src/honk/optimised/honk-optimized.sol.template`

## Generation Pipeline

The optimized verifier is a **circuit-agnostic** template. Blake is used only as the test circuit for Solidity test coverage.

1. **honk-optimized.sol.template**
- Generic Honk verifier logic (sumcheck, shplemini, KZG)
- Contains Blake VK values as placeholders for testing
- Contract name: `BlakeOptHonkVerifier` (for Solidity tests)

2. **sync_blake_opt_vk.sh** injects VK from `BlakeHonkVerificationKey.sol`

3. **honk-optimized.sol** (testable contract)
- Used by Solidity tests (`blakeOpt.t.sol`)
- Has concrete Blake circuit VK values

4. **copy_optimized_to_cpp.sh** replaces VK values
- Replaces hardcoded VK values with `{{ TEMPLATE }}` placeholders
- Renames contract to `HonkVerifier`

5. **honk_optimized_contract.hpp** (C++ template)
- Contains `HONK_CONTRACT_OPT_SOURCE` with `{{ placeholders }}`
- `get_optimized_honk_solidity_verifier(vk)` injects any circuit's VK

6. **bb CLI** with `--optimized` flag produces **HonkVerifier.sol**
- Circuit-specific VK values injected
- Ready for on-chain deployment

## What It Does

Gas-optimized Solidity assembly verifier for Honk proofs. Uses EVM precompiles:
- `ecAdd` (0x06), `ecMul` (0x07), `ecPairing` (0x08)

## C++ Reference

Must match: `UltraVerifier_<UltraKeccakFlavor, DefaultIO>` in `ultra_honk/ultra_verifier.*`

## Verification Steps (Solidity ↔ C++)

| Step | Solidity | C++ |
|------|----------|-----|
| VK Loading | `loadVk()` | `OinkVerifier::verify()` |
| Public Inputs | `computePublicInputDelta()` | `OinkVerifier::verify()` |
| Sumcheck | `verifySumcheck()` | `SumcheckVerifier::verify()` |
| Shplemini | `computeBatchOpeningClaim()` | `ShpleminiVerifier::compute_batch_opening_claim()` |
| KZG | `batchAccumulate()` + pairing | `KZG::reduce_verify_batch_opening_claim()` |


## Upcoming Change: Public Input Encoding

**Current**: 4 limbs per Fq (16 Fr elements for pairing points)
**Planned**: 2 limbs per Fq (8 Fr elements for pairing points)

Affects pairing point encoding in final verification step.

## Testing

```bash
cd barretenberg/sol

# Primary test for optimized verifier
forge test --match-path test/honk/blakeOpt.t.sol

# Regenerate after changes
./scripts/sync_blake_opt_vk.sh && ./scripts/copy_optimized_to_cpp.sh -f
```

**Primary test**: `blakeOpt.t.sol` - tests the optimized assembly verifier

**Standard verifier tests** (different code path, for reference only): `Add2`, `Blake`, `ECDSA`, `Recursive` (+ ZK variants)
10 changes: 5 additions & 5 deletions barretenberg/sol/CLAUDE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,8 @@ Circuit-specific verification keys:

### Optimized Verifier (src/honk/optimised/)

- `blake-opt.sol` - Hand-optimized assembly verifier for Blake circuit
- `blake-opt.sol.template` - Template used to generate blake-opt.sol
- `honk-optimized.sol` - Hand-optimized assembly verifier (uses Blake circuit for testing)
- `honk-optimized.sol.template` - Template used to generate honk-optimized.sol
- `generate_offsets.py` - Helper for memory layout

### C++ Contract Templates (cpp/src/barretenberg/dsl/acir_proofs/)
Expand All @@ -48,10 +48,10 @@ These hpp files contain embedded Solidity code used by bb CLI to generate verifi
# Regenerate honk_contract.hpp and honk_zk_contract.hpp from Solidity sources
./scripts/copy_to_cpp.sh -f

# Sync VK values from BlakeHonkVerificationKey.sol to blake-opt.sol
# Sync VK values from BlakeHonkVerificationKey.sol to honk-optimized.sol
./scripts/sync_blake_opt_vk.sh

# Copy blake-opt.sol to honk_optimized_contract.hpp
Copy link
Collaborator

@ludamad ludamad Feb 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

blake-opt did always confuse me

# Copy honk-optimized.sol to honk_optimized_contract.hpp
./scripts/copy_optimized_to_cpp.sh -f

# Regenerate all VKs (requires rebuilt bb)
Expand Down Expand Up @@ -138,7 +138,7 @@ When making changes to core Solidity files:
4. Run tests: `forge test`

For optimized verifier changes:
1. Edit `blake-opt.sol.template`
1. Edit `honk-optimized.sol.template`
2. Run `./scripts/sync_blake_opt_vk.sh` to apply VK values
3. Run `./scripts/copy_optimized_to_cpp.sh -f`

Expand Down
4 changes: 2 additions & 2 deletions barretenberg/sol/scripts/copy_optimized_to_cpp.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ REPO_ROOT=$(git rev-parse --show-toplevel)

# Define paths relative to the barretenberg directory
BARRETENBERG_DIR="$REPO_ROOT/barretenberg"
SOL_SRC_FILE="$BARRETENBERG_DIR/sol/src/honk/optimised/blake-opt.sol"
SOL_SRC_FILE="$BARRETENBERG_DIR/sol/src/honk/optimised/honk-optimized.sol"
CPP_FILE="$BARRETENBERG_DIR/cpp/src/barretenberg/dsl/acir_proofs/honk_optimized_contract.hpp"

# Check if source file exists
Expand Down Expand Up @@ -57,7 +57,7 @@ TEMP_PROCESSED=$(mktemp)
FINAL_SOL=$(mktemp)
trap "rm -f $TEMP_CPP $TEMP_SOL $TEMP_PROCESSED $FINAL_SOL" EXIT

# First, copy blake-opt.sol to a temp file for processing
# First, copy honk-optimized.sol to a temp file for processing
cp "$SOL_SRC_FILE" "$TEMP_SOL"

# Replace the hardcoded constants with template placeholders
Expand Down
4 changes: 2 additions & 2 deletions barretenberg/sol/scripts/init_honk.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ mkdir -p './src/honk/keys'
echo ""
echo "✓ VK generation complete"

# Sync blake-opt.sol with generated Blake VK
# Sync honk-optimized.sol with generated Blake VK
echo ""
echo "Syncing blake-opt.sol with generated Blake VK..."
echo "Syncing honk-optimized.sol with generated Blake VK..."
./scripts/sync_blake_opt_vk.sh
18 changes: 9 additions & 9 deletions barretenberg/sol/scripts/sync_blake_opt_vk.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,23 @@
#!/usr/bin/env bash
# Script to sync VK values from generated BlakeHonkVerificationKey.sol to blake-opt.sol
# This ensures blake-opt.sol stays in sync when VK structure changes
# Script to sync VK values from generated BlakeHonkVerificationKey.sol to honk-optimized.sol
# This ensures honk-optimized.sol stays in sync when VK structure changes
#
# This script is IDEMPOTENT - safe to run multiple times, will only update if values differ

set -e

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
VK_FILE="$SCRIPT_DIR/../src/honk/keys/BlakeHonkVerificationKey.sol"
OPT_FILE="$SCRIPT_DIR/../src/honk/optimised/blake-opt.sol"
TEMPLATE_FILE="$SCRIPT_DIR/../src/honk/optimised/blake-opt.sol.template"
OPT_FILE="$SCRIPT_DIR/../src/honk/optimised/honk-optimized.sol"
TEMPLATE_FILE="$SCRIPT_DIR/../src/honk/optimised/honk-optimized.sol.template"

if [ ! -f "$VK_FILE" ]; then
echo "Error: VK file not found at $VK_FILE"
exit 1
fi

if [ ! -f "$TEMPLATE_FILE" ]; then
echo "Error: blake-opt.sol.template not found at $TEMPLATE_FILE"
echo "Error: honk-optimized.sol.template not found at $TEMPLATE_FILE"
exit 1
fi

Expand All @@ -37,11 +37,11 @@ VK_HASH=$(grep "uint256 constant VK_HASH" "$VK_FILE" | sed -E 's/.*= (0x[0-9a-fA
CURRENT_VK_HASH=$(grep "uint256 constant VK_HASH" "$OPT_FILE" | sed -E 's/.*= (0x[0-9a-fA-F]+);/\1/')

if [ "$VK_HASH" = "$CURRENT_VK_HASH" ]; then
echo "✓ blake-opt.sol already in sync with VK (VK_HASH: $VK_HASH)"
echo "✓ honk-optimized.sol already in sync with VK (VK_HASH: $VK_HASH)"
exit 0
fi

echo "Syncing VK values from VK file to blake-opt.sol..."
echo "Syncing VK values from VK file to honk-optimized.sol..."
echo " VK_HASH: $CURRENT_VK_HASH → $VK_HASH"

# Extract circuit parameters
Expand All @@ -65,7 +65,7 @@ read Q_NNF_X Q_NNF_Y <<< $(extract_coords "qNnf")
read Q_POSEIDON_2_EXTERNAL_X Q_POSEIDON_2_EXTERNAL_Y <<< $(extract_coords "qPoseidon2External")
read Q_POSEIDON_2_INTERNAL_X Q_POSEIDON_2_INTERNAL_Y <<< $(extract_coords "qPoseidon2Internal")

# Extract permutation polynomials (SIGMA in blake-opt.sol, s in VK)
# Extract permutation polynomials (SIGMA in honk-optimized.sol, s in VK)
read SIGMA_1_X SIGMA_1_Y <<< $(extract_coords "s1")
read SIGMA_2_X SIGMA_2_Y <<< $(extract_coords "s2")
read SIGMA_3_X SIGMA_3_Y <<< $(extract_coords "s3")
Expand Down Expand Up @@ -165,6 +165,6 @@ sed -i "s/mstore(LAGRANGE_FIRST_Y_LOC, 0x[0-9a-fA-F]\+)/mstore(LAGRANGE_FIRST_Y_
sed -i "s/mstore(LAGRANGE_LAST_X_LOC, 0x[0-9a-fA-F]\+)/mstore(LAGRANGE_LAST_X_LOC, $LAGRANGE_LAST_X)/" "$OPT_FILE"
sed -i "s/mstore(LAGRANGE_LAST_Y_LOC, 0x[0-9a-fA-F]\+)/mstore(LAGRANGE_LAST_Y_LOC, $LAGRANGE_LAST_Y)/" "$OPT_FILE"

echo "✓ Successfully synced all VK values to blake-opt.sol"
echo "✓ Successfully synced all VK values to honk-optimized.sol"
echo " Updated: VK_HASH, circuit params, and all selector commitments"
echo " Backup saved at ${OPT_FILE}.bak"
4 changes: 2 additions & 2 deletions barretenberg/sol/src/honk/optimised/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
blake-opt.sol
blake-opt.sol.bak
honk-optimized.sol
honk-optimized.sol.bak
2 changes: 1 addition & 1 deletion ...src/honk/optimised/blake-opt.sol.template → ...onk/optimised/honk-optimized.sol.template
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2841,7 +2841,7 @@ contract BlakeOptHonkVerifier is IVerifier {

if iszero(sumcheck_valid) {
mstore(0x00, SUMCHECK_FAILED_SELECTOR)
return(0x00, 0x20)
revert(0x00, 0x04)
}
}

Expand Down
2 changes: 1 addition & 1 deletion barretenberg/sol/test/honk/blakeOpt.t.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import {BlakeHonkVerifier} from "../../src/honk/instance/BlakeHonk.sol";
import {BlakeOptHonkVerifier} from "../../src/honk/optimised/blake-opt.sol";
import {BlakeOptHonkVerifier} from "../../src/honk/optimised/honk-optimized.sol";
import {DifferentialFuzzer} from "../base/DifferentialFuzzer.sol";
import {TestBaseHonk} from "./TestBaseHonk.sol";
import {IVerifier} from "../../src/interfaces/IVerifier.sol";
Expand Down
Loading