From 4d46fd30e3af34b077e8db9a9083c995ff9cf75d Mon Sep 17 00:00:00 2001 From: John Guibas Date: Tue, 2 Jul 2024 15:39:26 -0700 Subject: [PATCH 1/2] proof aggregation docs --- book/SUMMARY.md | 2 + book/writing-programs/proof-aggregation.md | 51 ++++++++++++++++++++++ 2 files changed, 53 insertions(+) create mode 100644 book/writing-programs/proof-aggregation.md diff --git a/book/SUMMARY.md b/book/SUMMARY.md index 7e41b5b30b..af0364a6a4 100644 --- a/book/SUMMARY.md +++ b/book/SUMMARY.md @@ -24,6 +24,8 @@ - [Cycle Tracking](./writing-programs/cycle-tracking.md) +- [Proof Aggregation](./writing-programs/proof-aggregation.md) + # Generating Proofs - [Setup](./generating-proofs/setup.md) diff --git a/book/writing-programs/proof-aggregation.md b/book/writing-programs/proof-aggregation.md new file mode 100644 index 0000000000..6ac07ad14e --- /dev/null +++ b/book/writing-programs/proof-aggregation.md @@ -0,0 +1,51 @@ +# Proof Aggregation + +SP1 supports proof aggregation and recursion, which allows you to verify proofs within a proof. Usecases include: + +- Reducing on-chain verification costs by aggregating multiple proofs into a single proof. +- Proving logic that is split into multiple proofs, such as proving a statement about a rollup's state transition function. +- etc. + +**For an example of how to use proof aggregation and recursion in SP1, refer to the [aggregation example](https://github.com/succinctlabs/sp1/blob/main/examples/aggregation/script/src/main.rs).** + +## Verifying Proofs inside the zkVM + +To verify a proof inside the zkVM, you can use the `sp1_zkvm::lib::verify_proof` function. + +```rust,noplayground +sp1_zkvm::lib::verify_proof(vkey, public_values_digest); +``` + +**You do not need to pass in the proof as input into the syscall, as the proof will automatically be read for the proof input stream by the prover.** + +## Generating Proofs with Aggregation + +To provide an existing proof as input to the SP1 zkVM, you can use the existing `SP1Stdin` object +which is already used for all inputs to the zkVM. + +```rust,noplayground +# Generating proving key and verifying key. +let (input_pk, input_vk) = client.setup(PROOF_INPUT_ELF); +let (aggregation_pk, aggregation_vk) = client.setup(AGGREGATION_ELF); + +// Generate a proof that will be recursively verified / aggregated. +let mut stdin = SP1Stdin::new(); +let input_proof = client + .prove(&input_pk, stdin) + .compressed() + .run() + .expect("proving failed"); + +// Create a new stdin object to write the proof and the corresponding verifying key to. +let mut stdin = SP1Stdin::new(); +stdin.write_proof(proof, input_vk); + +// Generate a proof that will recusively verify / aggregate the input proof. +let aggregation_proof = client + .prove(&aggregation_pk, stdin) + .compressed() + .run() + .expect("proving failed"); + +``` + From 99c250253a9094435ad417a20c251f5500178b28 Mon Sep 17 00:00:00 2001 From: John Guibas Date: Tue, 2 Jul 2024 15:46:13 -0700 Subject: [PATCH 2/2] fix matts comments --- book/writing-programs/proof-aggregation.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/book/writing-programs/proof-aggregation.md b/book/writing-programs/proof-aggregation.md index 6ac07ad14e..38806019c0 100644 --- a/book/writing-programs/proof-aggregation.md +++ b/book/writing-programs/proof-aggregation.md @@ -1,10 +1,9 @@ # Proof Aggregation -SP1 supports proof aggregation and recursion, which allows you to verify proofs within a proof. Usecases include: +SP1 supports proof aggregation and recursion, which allows you to verify proofs within a proof. Use cases include: - Reducing on-chain verification costs by aggregating multiple proofs into a single proof. - Proving logic that is split into multiple proofs, such as proving a statement about a rollup's state transition function. -- etc. **For an example of how to use proof aggregation and recursion in SP1, refer to the [aggregation example](https://github.com/succinctlabs/sp1/blob/main/examples/aggregation/script/src/main.rs).**