Sumcheck Rust Docs (#779)

Author: LeonHibnik

docs/docs/icicle/rust-bindings/sumcheck.md

@@ -0,0 +1,133 @@
+# Sumcheck
+
+## Sumcheck API Overview
+
+### **Structs**
+
+#### `SumcheckTranscriptConfig`
+Configuration structure for the SumCheck protocol’s transcript.
+
+##### **Fields:**
+- `hash: &Hasher` - Reference to the hashing function used.
+- `domain_separator_label: Vec<u8>` - Domain separator label for transcript uniqueness.
+- `round_poly_label: Vec<u8>` - Label for the polynomial at each round.
+- `round_challenge_label: Vec<u8>` - Label for the challenge at each round.
+- `little_endian: bool` - Whether to use little-endian encoding.
+- `seed_rng: F` - Random number generator seed.
+
+##### **Methods:**
+- **`new(hash, domain_separator_label, round_poly_label, round_challenge_label, little_endian, seed_rng) -> Self`**:
+  Constructs a new `SumcheckTranscriptConfig` with explicit parameters.
+
+- **`from_string_labels(hash, domain_separator_label, round_poly_label, round_challenge_label, little_endian, seed_rng) -> Self`**:
+  Convenience constructor using string labels.
+
+#### `SumcheckConfig`
+General configuration for the SumCheck execution.
+
+##### **Fields:**
+- `stream: IcicleStreamHandle` - Stream for asynchronous execution (default: `nullptr`).
+- `use_extension_field: bool` - Whether to use an extension field for Fiat-Shamir transformation. Sumcheck currently does not support extension fields, always set to `false` otherwise return an error.
+- `batch: u64` - Number of input chunks to hash in batch (default: 1).
+- `are_inputs_on_device: bool` - Whether inputs reside on the device (e.g., GPU).
+- `is_async: bool` - Whether hashing is run asynchronously.
+- `ext: ConfigExtension` - Pointer to backend-specific configuration extensions.
+
+##### **Methods:**
+- **`default() -> Self`**: 
+  Returns a default `SumcheckConfig` instance.
+
+### **Traits**
+
+#### `Sumcheck`
+Defines the main API for SumCheck operations.
+
+##### **Associated Types:**
+- `Field: FieldImpl + Arithmetic` - The field implementation used.
+- `FieldConfig: FieldConfig + GenerateRandom<Self::Field> + FieldArithmetic<Self::Field>` - Field configuration.
+- `Proof: SumcheckProofOps<Self::Field>` - Type representing the proof.
+
+##### **Methods:**
+- **`new() -> Result<Self, eIcicleError>`**:
+  Initializes a new instance.
+
+- **`prove(mle_polys, mle_poly_size, claimed_sum, combine_function, transcript_config, sumcheck_config) -> Self::Proof`**:
+  Generates a proof for the polynomial sum over the Boolean hypercube.
+
+- **`verify(proof, claimed_sum, transcript_config) -> Result<bool, eIcicleError>`**:
+  Verifies the provided proof.
+
+
+#### `SumcheckProofOps`
+Operations for handling SumCheck proofs.
+
+##### **Methods:**
+- **`get_round_polys(&self) -> Result<Vec<Vec<F>>, eIcicleError>`**:
+  Retrieves the polynomials for each round.
+
+- **`print(&self) -> eIcicleError`**::
+  Prints the proof.
+
+
+## **Usage Example**
+
+Below is an example demonstrating how to use the `sumcheck` module, adapted from the `check_sumcheck_simple` test.
+
+```rust
+use icicle_core::sumcheck::{Sumcheck, SumcheckConfig, SumcheckTranscriptConfig};
+use icicle_core::field::FieldElement;
+use icicle_core::polynomial::Polynomial;
+use icicle_hash::keccak::Keccak256;
+
+fn main() {
+    // Initialize hashing function
+    let hash = Keccak256::new(0).unwrap();
+
+    // Define a polynomial, e.g., f(x, y) = x + y
+    let coefficients = vec![
+        FieldElement::from(0), // Constant term
+        FieldElement::from(1), // Coefficient for x
+        FieldElement::from(1), // Coefficient for y
+    ];
+    let poly = Polynomial::new(coefficients);
+
+    // Geerate mle polynomial
+    let mut mle_poly = Vec::with_capacity(2);
+    for _ in 0..4 {
+        mle_poly.push(poly);
+    }
+
+    // Calculate the expected sum over the Boolean hypercube {0,1}^2
+    let expected_sum = FieldElement::from(4);
+
+    // Configure transcript and execution settings
+    let transcript_config = SumcheckTranscriptConfig::from_string_labels(
+        &hash,
+        "domain_separator",
+        "round_poly",
+        "round_challenge",
+        false, // big endian
+        FieldElement::from(0),
+    );
+    let sumcheck_config = SumcheckConfig::default();
+   
+    // define sumcheck lambda
+    let combine_func = P::new_predefined(PreDefinedProgram::EQtimesABminusC).unwrap();
+    
+    // Initialize prover
+    let prover = Sumcheck::new().expect("Failed to create Sumcheck instance");
+
+    // Generate proof
+    let proof = prover.prove(
+        mle_poly.as_slice(),
+        2, // Number of variables in the polynomial
+        expected_sum,
+        combine_func, // Use pre-defined combine function eq * (a * b - c)
+        &transcript_config,
+        &sumcheck_config,
+    );
+
+    // Verify the proof
+    let result = prover.verify(&proof, expected_sum, &transcript_config);
+    assert!(result.is_ok() && result.unwrap(), "SumCheck proof verification failed!");
+}

docs/sidebars.ts

@@ -178,6 +178,11 @@ const rustBindingsApi = [
     label: "Merkle-Tree",
     id: "icicle/rust-bindings/merkle",
   },
+  {
+    "type": "doc",
+    "label": "Sumcheck",
+    "id": "icicle/rust-bindings/sumcheck"
+  }
   // {
   //   type: "doc",
   //   label: "Multi GPU Support (TODO)",

docs/versioned_docs/version-3.5.0/icicle/rust-bindings/sumcheck.md

@@ -0,0 +1,133 @@
+# Sumcheck
+
+## Sumcheck API Overview
+
+### **Structs**
+
+#### `SumcheckTranscriptConfig`
+Configuration structure for the SumCheck protocol’s transcript.
+
+##### **Fields:**
+- `hash: &Hasher` - Reference to the hashing function used.
+- `domain_separator_label: Vec<u8>` - Domain separator label for transcript uniqueness.
+- `round_poly_label: Vec<u8>` - Label for the polynomial at each round.
+- `round_challenge_label: Vec<u8>` - Label for the challenge at each round.
+- `little_endian: bool` - Whether to use little-endian encoding.
+- `seed_rng: F` - Random number generator seed.
+
+##### **Methods:**
+- **`new(hash, domain_separator_label, round_poly_label, round_challenge_label, little_endian, seed_rng) -> Self`**:
+  Constructs a new `SumcheckTranscriptConfig` with explicit parameters.
+
+- **`from_string_labels(hash, domain_separator_label, round_poly_label, round_challenge_label, little_endian, seed_rng) -> Self`**:
+  Convenience constructor using string labels.
+
+#### `SumcheckConfig`
+General configuration for the SumCheck execution.
+
+##### **Fields:**
+- `stream: IcicleStreamHandle` - Stream for asynchronous execution (default: `nullptr`).
+- `use_extension_field: bool` - Whether to use an extension field for Fiat-Shamir transformation. Sumcheck currently does not support extension fields, always set to `false` otherwise return an error.
+- `batch: u64` - Number of input chunks to hash in batch (default: 1).
+- `are_inputs_on_device: bool` - Whether inputs reside on the device (e.g., GPU).
+- `is_async: bool` - Whether hashing is run asynchronously.
+- `ext: ConfigExtension` - Pointer to backend-specific configuration extensions.
+
+##### **Methods:**
+- **`default() -> Self`**: 
+  Returns a default `SumcheckConfig` instance.
+
+### **Traits**
+
+#### `Sumcheck`
+Defines the main API for SumCheck operations.
+
+##### **Associated Types:**
+- `Field: FieldImpl + Arithmetic` - The field implementation used.
+- `FieldConfig: FieldConfig + GenerateRandom<Self::Field> + FieldArithmetic<Self::Field>` - Field configuration.
+- `Proof: SumcheckProofOps<Self::Field>` - Type representing the proof.
+
+##### **Methods:**
+- **`new() -> Result<Self, eIcicleError>`**:
+  Initializes a new instance.
+
+- **`prove(mle_polys, mle_poly_size, claimed_sum, combine_function, transcript_config, sumcheck_config) -> Self::Proof`**:
+  Generates a proof for the polynomial sum over the Boolean hypercube.
+
+- **`verify(proof, claimed_sum, transcript_config) -> Result<bool, eIcicleError>`**:
+  Verifies the provided proof.
+
+
+#### `SumcheckProofOps`
+Operations for handling SumCheck proofs.
+
+##### **Methods:**
+- **`get_round_polys(&self) -> Result<Vec<Vec<F>>, eIcicleError>`**:
+  Retrieves the polynomials for each round.
+
+- **`print(&self) -> eIcicleError`**::
+  Prints the proof.
+
+
+## **Usage Example**
+
+Below is an example demonstrating how to use the `sumcheck` module, adapted from the `check_sumcheck_simple` test.
+
+```rust
+use icicle_core::sumcheck::{Sumcheck, SumcheckConfig, SumcheckTranscriptConfig};
+use icicle_core::field::FieldElement;
+use icicle_core::polynomial::Polynomial;
+use icicle_hash::keccak::Keccak256;
+
+fn main() {
+    // Initialize hashing function
+    let hash = Keccak256::new(0).unwrap();
+
+    // Define a polynomial, e.g., f(x, y) = x + y
+    let coefficients = vec![
+        FieldElement::from(0), // Constant term
+        FieldElement::from(1), // Coefficient for x
+        FieldElement::from(1), // Coefficient for y
+    ];
+    let poly = Polynomial::new(coefficients);
+
+    // Geerate mle polynomial
+    let mut mle_poly = Vec::with_capacity(2);
+    for _ in 0..4 {
+        mle_poly.push(poly);
+    }
+
+    // Calculate the expected sum over the Boolean hypercube {0,1}^2
+    let expected_sum = FieldElement::from(4);
+
+    // Configure transcript and execution settings
+    let transcript_config = SumcheckTranscriptConfig::from_string_labels(
+        &hash,
+        "domain_separator",
+        "round_poly",
+        "round_challenge",
+        false, // big endian
+        FieldElement::from(0),
+    );
+    let sumcheck_config = SumcheckConfig::default();
+   
+    // define sumcheck lambda
+    let combine_func = P::new_predefined(PreDefinedProgram::EQtimesABminusC).unwrap();
+    
+    // Initialize prover
+    let prover = Sumcheck::new().expect("Failed to create Sumcheck instance");
+
+    // Generate proof
+    let proof = prover.prove(
+        mle_poly.as_slice(),
+        2, // Number of variables in the polynomial
+        expected_sum,
+        combine_func, // Use pre-defined combine function eq * (a * b - c)
+        &transcript_config,
+        &sumcheck_config,
+    );
+
+    // Verify the proof
+    let result = prover.verify(&proof, expected_sum, &transcript_config);
+    assert!(result.is_ok() && result.unwrap(), "SumCheck proof verification failed!");
+}

docs/versioned_sidebars/version-3.5.0-sidebars.json

@@ -231,6 +231,11 @@
                   "type": "doc",
                   "label": "Merkle-Tree",
                   "id": "icicle/rust-bindings/merkle"
+                },
+                {
+                  "type": "doc",
+                  "label": "Sumcheck",
+                  "id": "icicle/rust-bindings/sumcheck"
                 }
               ]
             }

icicle/backend/cpu/src/hash/cpu_blake2s.cpp

@@ -12,6 +12,8 @@
 
 #include "icicle/backend/hash/blake2s_backend.h"
 #include "icicle/utils/modifiers.h"
+#include <taskflow/taskflow.hpp>
+#include "icicle/config_extension.h"
 
 namespace icicle {
 
@@ -26,19 +28,50 @@ namespace icicle {
       const auto single_input_size = get_single_chunk_size(
         size); // if size==0 using default input chunk size. This is useful for Merkle-Tree constructions
 
-      // TODO (future): use tasks manager to parallel across threads. Add option to config-extension to set #threads
-      // with default=0. for now we don't do it and let the merkle-tree define the parallelizm so hashing a large batch
-      // outside a merkle-tree context is not as fast as it could be.
-      // Note that for batch=1 this has not effect.
-      for (unsigned batch_idx = 0; batch_idx < config.batch; ++batch_idx) {
-        int result = blake2s(
-          output + batch_idx * digest_size_in_bytes, digest_size_in_bytes, input + batch_idx * single_input_size,
-          single_input_size,
-          nullptr, // No key used
-          0        // Key length is 0
-        );
-
-        if (result != 0) { return eIcicleError::UNKNOWN_ERROR; } // TODO Yuval error codes
+      size_t num_chunks = 1;
+      if (config.ext && config.ext->has(CpuBackendConfig::CPU_NOF_THREADS)) {
+        num_chunks = config.ext && (config.ext->get<int>(CpuBackendConfig::CPU_NOF_THREADS) != 0)
+                       ? config.ext->get<int>(CpuBackendConfig::CPU_NOF_THREADS)
+                       :                                    // number of threads provided by config
+                       std::thread::hardware_concurrency(); // check machine properties (if provided with 0)
+      }
+      if (num_chunks <= 0) {
+        ICICLE_LOG_WARNING << "Unable to detect number of hardware supported threads - fixing it to 1\n";
+        num_chunks = 1;
+      }
+      size_t chunk_size = (config.batch + num_chunks - 1) / num_chunks;
+
+      if (num_chunks == 1) { // single thread without using taskflow
+        for (unsigned batch_idx = 0; batch_idx < config.batch; ++batch_idx) {
+          int result = blake2s(
+            output + batch_idx * digest_size_in_bytes, digest_size_in_bytes, input + batch_idx * single_input_size,
+            single_input_size,
+            nullptr, // No key used
+            0        // Key length is 0
+          );
+
+          if (result != 0) { return eIcicleError::UNKNOWN_ERROR; }
+        }
+      } else {
+        tf::Taskflow taskflow;
+        tf::Executor executor;
+        for (size_t i = 0; i < num_chunks; ++i) {
+          size_t start_index = i * chunk_size;
+          size_t end_index = std::min(start_index + chunk_size, static_cast<size_t>(config.batch));
+          taskflow.emplace([&, start_index, end_index, output, digest_size_in_bytes, single_input_size, input]() {
+            for (unsigned batch_idx = start_index; batch_idx < end_index; ++batch_idx) {
+              int result = blake2s(
+                output + batch_idx * digest_size_in_bytes, digest_size_in_bytes, input + batch_idx * single_input_size,
+                single_input_size,
+                nullptr, // No key used
+                0        // Key length is 0
+              );
+
+              if (result != 0) { return eIcicleError::UNKNOWN_ERROR; }
+            }
+          });
+        }
+        executor.run(taskflow).wait();
       }
       return eIcicleError::SUCCESS;
     }