fix: lookup safety = 1 during calibration falls OOR (#750)

BREAKING CHANGE: commitment is now an added flag

.github/workflows/npm.yml

@@ -1,4 +1,4 @@
-name: Build and Publish WASM<>JS Bindings
+name: Build and Publish EZKL npm packages (wasm bindings and in-browser evm verifier)
 
 on:
   workflow_dispatch:
@@ -14,7 +14,7 @@ defaults:
   run:
     working-directory: .
 jobs:
-  wasm-publish:
+  publish-wasm-bindings:
     name: publish-wasm-bindings
     runs-on: ubuntu-latest
     if: startsWith(github.ref, 'refs/tags/')
@@ -174,3 +174,40 @@ jobs:
           npm publish
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+  in-browser-evm-ver-publish:
+    name: publish-in-browser-evm-verifier-package
+    needs: ["publish-wasm-bindings"]
+    runs-on: ubuntu-latest
+    if: startsWith(github.ref, 'refs/tags/')
+    steps:
+      - uses: actions/checkout@v4
+      - name: Update version in package.json
+        shell: bash
+        env:
+          RELEASE_TAG: ${{ github.ref_name }}
+        run: |
+          sed -i "s|\"version\": \".*\"|\"version\": \"${{ github.ref_name }}\"|" in-browser-evm-verifier/package.json
+      - name: Update @ezkljs/engine version in package.json
+        shell: bash
+        env:
+          RELEASE_TAG: ${{ github.ref_name }}
+        run: |
+          sed -i "s|\"@ezkljs/engine\": \".*\"|\"@ezkljs/engine\": \"${{ github.ref_name }}\"|" in-browser-evm-verifier/package.json
+      - name: Update the engine import in in-browser-evm-verifier to use @ezkljs/engine package instead of the local one;
+        run: |
+          sed -i "s|import { encodeVerifierCalldata } from '../nodejs/ezkl';|import { encodeVerifierCalldata } from '@ezkljs/engine';|" in-browser-evm-verifier/src/index.ts
+      - name: Set up Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: "18.12.1"
+          registry-url: "https://registry.npmjs.org"
+      - name: Publish to npm
+        run: |
+          cd in-browser-evm-verifier
+          npm install
+          npm run build
+          npm ci
+          npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/rust.yml

@@ -303,12 +303,24 @@ jobs:
         with:
           node-version: "18.12.1"
           cache: "pnpm"
-      - name: Install dependencies
+      - name: Install dependencies for js tests and in-browser-evm-verifier package
         run: |
           pnpm install --no-frozen-lockfile
+          pnpm install --dir ./in-browser-evm-verifier --no-frozen-lockfile
         env:
           CI: false
           NODE_ENV: development
+      - name: Build wasm package for nodejs target.
+        run: |
+          wasm-pack build --release --target nodejs --out-dir ./in-browser-evm-verifier/nodejs . -- -Z build-std="panic_abort,std"
+      - name: Replace memory definition in nodejs
+        run: |
+          sed -i "3s|.*|imports['env'] = {memory: new WebAssembly.Memory({initial:20,maximum:65536,shared:true})}|" in-browser-evm-verifier/nodejs/ezkl.js
+      - name: Build @ezkljs/verify package
+        run: |
+          cd in-browser-evm-verifier
+          pnpm build:commonjs
+          cd ..
       - name: Install solc
         run: (hash svm 2>/dev/null || cargo install svm-rs) && svm install 0.8.20 && solc --version
       - name: Install Anvil
@@ -364,7 +376,7 @@ jobs:
         with:
           node-version: "18.12.1"
           cache: "pnpm"
-      - name: Install dependencies
+      - name: Install dependencies for js tests
         run: |
           pnpm install --no-frozen-lockfile
         env:
@@ -380,6 +392,12 @@ jobs:
       - name: Replace memory definition in nodejs
         run: |
           sed -i "3s|.*|imports['env'] = {memory: new WebAssembly.Memory({initial:20,maximum:65536,shared:true})}|" tests/wasm/nodejs/ezkl.js
+      - name: KZG prove and verify tests (public outputs)
+        run: cargo nextest run --release --verbose tests::kzg_prove_and_verify_tight_lookup_::t
+      - name: IPA prove and verify tests
+        run: cargo nextest run --release --verbose tests::ipa_prove_and_verify_::t --test-threads 1
+      - name: IPA prove and verify tests (ipa outputs)
+        run: cargo nextest run --release --verbose tests::ipa_prove_and_verify_ipa_output
       - name: KZG prove and verify tests (public outputs + column overflow)
         run: cargo nextest run --release --verbose tests::kzg_prove_and_verify_with_overflow_::w
       - name: KZG prove and verify tests single inner col
@@ -396,8 +414,6 @@ jobs:
         run: cargo nextest run --release --verbose tests::kzg_prove_and_verify_with_overflow_fixed_params_
       - name: KZG prove and verify tests (public outputs)
         run: cargo nextest run --release --verbose tests::kzg_prove_and_verify_::t
-      - name: KZG prove and verify tests (public outputs + column overflow)
-        run: cargo nextest run --release --verbose tests::kzg_prove_and_verify_::t
       - name: KZG prove and verify tests (public inputs)
         run: cargo nextest run --release --verbose tests::kzg_prove_and_verify_public_input
       - name: KZG prove and verify tests (fixed params)
@@ -440,29 +456,6 @@ jobs:
       - name: KZG prove and verify tests (hashed outputs)
         run: cargo nextest run --release --verbose tests::kzg_prove_and_verify_hashed --features icicle  --test-threads 1
 
-  fuzz-tests:
-    runs-on: ubuntu-latest-32-cores
-    needs: [build, library-tests, python-tests]
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions-rs/toolchain@v1
-        with:
-          toolchain: nightly-2024-01-04
-          override: true
-          components: rustfmt, clippy
-      - uses: baptiste0928/cargo-install@v1
-        with:
-          crate: cargo-nextest
-          locked: true
-      - name: Install solc
-        run: (hash svm 2>/dev/null || cargo install svm-rs) && svm install 0.8.20 && solc --version
-      - name: Install Anvil
-        run: cargo install --git https://github.com/foundry-rs/foundry --rev b320f350156a0fb15c2eb13dc380deb2367c4474 --profile local --locked anvil --force
-      - name: fuzz tests (EVM)
-        run: cargo nextest run --release --verbose tests_evm::kzg_evm_fuzz_ --test-threads 2
-      # - name: fuzz tests
-      #   run: cargo nextest run --release --verbose tests::kzg_fuzz_ --test-threads 6
-
   prove-and-verify-mock-aggr-tests:
     runs-on: self-hosted
     needs: [build, library-tests]
@@ -477,7 +470,7 @@ jobs:
         with:
           crate: cargo-nextest
           locked: true
-      - name: Mock aggr tests
+      - name: Mock aggr tests (KZG)
         run: cargo nextest run --release --verbose tests_aggr::kzg_aggr_mock_prove_and_verify_  --test-threads 8
 
   prove-and-verify-aggr-tests-gpu:
@@ -512,7 +505,7 @@ jobs:
         with:
           crate: cargo-nextest
           locked: true
-      - name: KZG )tests
+      - name: KZG tests
         run: cargo nextest run --release --verbose tests_aggr::kzg_aggr_prove_and_verify_  --test-threads 4 -- --include-ignored
 
   prove-and-verify-aggr-evm-tests:
@@ -617,7 +610,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-python@v4
         with:
-          python-version: "3.9"
+          python-version: "3.10"
       - uses: actions-rs/toolchain@v1
         with:
           toolchain: nightly-2024-01-04
@@ -645,12 +638,12 @@ jobs:
       #     echo $KAGGLE_API_KEY > /home/ubuntu/.kaggle/kaggle.json
       #     chmod 600 /home/ubuntu/.kaggle/kaggle.json
       - name: All notebooks
-        run: source .env/bin/activate; cargo nextest run py_tests::tests::run_notebook_ --no-capture
+        run: source .env/bin/activate; cargo nextest run py_tests::tests::run_notebook_ --test-threads 1
       - name: Voice tutorial
         run: source .env/bin/activate; cargo nextest run py_tests::tests::voice_
       - name: NBEATS tutorial
         run: source .env/bin/activate; cargo nextest run py_tests::tests::nbeats_
       - name: Tictactoe tutorials
-        run: source .env/bin/activate; cargo nextest run py_tests::tests::tictactoe_ --no-capture
+        run: source .env/bin/activate; cargo nextest run py_tests::tests::tictactoe_
       # - name: Postgres tutorials
       #   run: source .env/bin/activate; cargo nextest run py_tests::tests::postgres_ --test-threads 1

.gitignore

@@ -45,6 +45,7 @@ var/
 *.whl
 *.bak
 node_modules
+/dist
 timingData.json
 !tests/wasm/pk.key
 !tests/wasm/vk.key

Cargo.lock

@@ -843,7 +843,7 @@ dependencies = [
  "anstyle",
  "bitflags 1.3.2",
  "clap_lex",
- "strsim 0.10.0",
+ "strsim",
 ]
 
 [[package]]
@@ -1191,41 +1191,6 @@ dependencies = [
  "cuda-config",
 ]
 
-[[package]]
-name = "darling"
-version = "0.10.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0d706e75d87e35569db781a9b5e2416cff1236a47ed380831f959382ccd5f858"
-dependencies = [
- "darling_core",
- "darling_macro",
-]
-
-[[package]]
-name = "darling_core"
-version = "0.10.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f0c960ae2da4de88a91b2d920c2a7233b400bc33cb28453a2987822d8392519b"
-dependencies = [
- "fnv",
- "ident_case",
- "proc-macro2",
- "quote",
- "strsim 0.9.3",
- "syn 1.0.109",
-]
-
-[[package]]
-name = "darling_macro"
-version = "0.10.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d9b5a2f4ac4969822c62224815d069952656cadc7084fdca9751e6d959189b72"
-dependencies = [
- "darling_core",
- "quote",
- "syn 1.0.109",
-]
-
 [[package]]
 name = "der"
 version = "0.7.6"
@@ -1258,31 +1223,6 @@ dependencies = [
  "syn 1.0.109",
 ]
 
-[[package]]
-name = "derive_builder"
-version = "0.9.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a2658621297f2cf68762a6f7dc0bb7e1ff2cfd6583daef8ee0fed6f7ec468ec0"
-dependencies = [
- "darling",
- "derive_builder_core",
- "proc-macro2",
- "quote",
- "syn 1.0.109",
-]
-
-[[package]]
-name = "derive_builder_core"
-version = "0.9.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2791ea3e372c8495c0bc2033991d76b512cd799d07491fbd6890124db9458bef"
-dependencies = [
- "darling",
- "proc-macro2",
- "quote",
- "syn 1.0.109",
-]
-
 [[package]]
 name = "derive_more"
 version = "0.99.17"
@@ -2290,12 +2230,10 @@ dependencies = [
  "icicle",
  "log",
  "maybe-rayon",
- "plotters",
  "rand_chacha",
  "rand_core 0.6.4",
  "rustacuda",
  "sha3 0.9.1",
- "tabbycat",
  "tracing",
 ]
 
@@ -2624,12 +2562,6 @@ dependencies = [
  "serde_derive",
 ]
 
-[[package]]
-name = "ident_case"
-version = "1.0.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39"
-
 [[package]]
 name = "idna"
 version = "0.4.0"
@@ -5014,12 +4946,6 @@ dependencies = [
  "unicode-normalization",
 ]
 
-[[package]]
-name = "strsim"
-version = "0.9.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6446ced80d6c486436db5c078dde11a9f73d42b57fb273121e160b84f63d894c"
-
 [[package]]
 name = "strsim"
 version = "0.10.0"
@@ -5110,17 +5036,6 @@ dependencies = [
  "libc",
 ]
 
-[[package]]
-name = "tabbycat"
-version = "0.1.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c45590f0f859197b4545be1b17b2bc3cc7bb075f7d1cc0ea1dc6521c0bf256a3"
-dependencies = [
- "anyhow",
- "derive_builder",
- "regex",
-]
-
 [[package]]
 name = "tabled"
 version = "0.12.2"

Cargo.toml

@@ -15,73 +15,96 @@ crate-type = ["cdylib", "rlib"]
 
 
 [dependencies]
-halo2_gadgets = { git = "https://github.com/zkonduit/halo2", branch= "main" }
-halo2_proofs = { git = "https://github.com/zkonduit/halo2", branch= "main"  }
-halo2curves = { git = "https://github.com/privacy-scaling-explorations/halo2curves", rev="9fff22c", features=["derive_serde"] }
+halo2_gadgets = { git = "https://github.com/zkonduit/halo2", branch = "main" }
+halo2_proofs = { git = "https://github.com/zkonduit/halo2", branch = "main" }
+halo2curves = { git = "https://github.com/privacy-scaling-explorations/halo2curves", rev = "9fff22c", features = [
+    "derive_serde",
+] }
 rand = { version = "0.8", default_features = false }
 itertools = { version = "0.10.3", default_features = false }
-clap = { version = "4.3.3", features = ["derive"]}
+clap = { version = "4.3.3", features = ["derive"] }
 serde = { version = "1.0.126", features = ["derive"], optional = true }
-serde_json = { version = "1.0.97", default_features = false, features = ["float_roundtrip", "raw_value"], optional = true }
+serde_json = { version = "1.0.97", default_features = false, features = [
+    "float_roundtrip",
+    "raw_value",
+], optional = true }
 log = { version = "0.4.17", default_features = false, optional = true }
 thiserror = { version = "1.0.38", default_features = false }
 hex = { version = "0.4.3", default_features = false }
 halo2_wrong_ecc = { git = "https://github.com/zkonduit/halo2wrong", branch = "ac/chunked-mv-lookup", package = "ecc" }
-snark-verifier = { git = "https://github.com/zkonduit/snark-verifier", branch = "ac/chunked-mv-lookup", features=["derive_serde"]}
-halo2_solidity_verifier = { git = "https://github.com/alexander-camuto/halo2-solidity-verifier",  branch= "main" }
-maybe-rayon = { version = "0.1.1",  default_features = false }
+snark-verifier = { git = "https://github.com/zkonduit/snark-verifier", branch = "ac/chunked-mv-lookup", features = [
+    "derive_serde",
+] }
+halo2_solidity_verifier = { git = "https://github.com/alexander-camuto/halo2-solidity-verifier", branch = "main" }
+maybe-rayon = { version = "0.1.1", default_features = false }
 bincode = { version = "1.3.3", default_features = false }
 ark-std = { version = "^0.3.0", default-features = false }
 unzip-n = "0.1.2"
 num = "0.4.1"
 portable-atomic = "1.6.0"
-tosubcommand = { git =  "https://github.com/zkonduit/enum_to_subcommand", package = "tosubcommand" }
+tosubcommand = { git = "https://github.com/zkonduit/enum_to_subcommand", package = "tosubcommand" }
 
 
 # evm related deps
 [target.'cfg(not(target_arch = "wasm32"))'.dependencies]
-ethers = { version = "2.0.11", default_features = false, features = ["ethers-solc"] }
-indicatif = {version = "0.17.5", features = ["rayon"]}
-gag =  { version = "1.0.0", default_features = false}
+ethers = { version = "2.0.11", default_features = false, features = [
+    "ethers-solc",
+] }
+indicatif = { version = "0.17.5", features = ["rayon"] }
+gag = { version = "1.0.0", default_features = false }
 instant = { version = "0.1" }
-reqwest = { version = "0.11.14", default-features = false, features = ["default-tls", "multipart", "stream"] }
+reqwest = { version = "0.11.14", default-features = false, features = [
+    "default-tls",
+    "multipart",
+    "stream",
+] }
 openssl = { version = "0.10.55", features = ["vendored"] }
 postgres = "0.19.5"
 pg_bigdecimal = "0.1.5"
 lazy_static = "1.4.0"
-colored_json =  { version = "3.0.1",  default_features = false, optional = true}
+colored_json = { version = "3.0.1", default_features = false, optional = true }
 plotters = { version = "0.3.0", default_features = false, optional = true }
 regex = { version = "1", default_features = false }
-tokio = { version = "1.26.0",  default_features = false, features = ["macros", "rt"] }
+tokio = { version = "1.26.0", default_features = false, features = [
+    "macros",
+    "rt",
+] }
 tokio-util = { version = "0.7.9", features = ["codec"] }
-pyo3 = { version = "0.20.2", features = ["extension-module", "abi3-py37", "macros"],  default_features = false, optional = true }
-pyo3-asyncio = { version = "0.20.0",  features = ["attributes", "tokio-runtime"],  default_features = false, optional = true }
+pyo3 = { version = "0.20.2", features = [
+    "extension-module",
+    "abi3-py37",
+    "macros",
+], default_features = false, optional = true }
+pyo3-asyncio = { version = "0.20.0", features = [
+    "attributes",
+    "tokio-runtime",
+], default_features = false, optional = true }
 pyo3-log = { version = "0.9.0", default_features = false, optional = true }
-tract-onnx = { git = "https://github.com/sonos/tract/", rev= "7b1aa33b2f7d1f19b80e270c83320f0f94daff69", default_features = false, optional = true }
+tract-onnx = { git = "https://github.com/sonos/tract/", rev = "7b1aa33b2f7d1f19b80e270c83320f0f94daff69", default_features = false, optional = true }
 tabled = { version = "0.12.0", optional = true }
 
 
 [target.'cfg(not(all(target_arch = "wasm32", target_os = "unknown")))'.dependencies]
-colored = { version = "2.0.0",  default_features = false, optional = true}
-env_logger = { version = "0.10.0",  default_features = false, optional = true}
+colored = { version = "2.0.0", default_features = false, optional = true }
+env_logger = { version = "0.10.0", default_features = false, optional = true }
 chrono = "0.4.31"
 sha256 = "1.4.0"
 
 [target.'cfg(target_arch = "wasm32")'.dependencies]
 getrandom = { version = "0.2.8", features = ["js"] }
-instant = { version = "0.1", features = [ "wasm-bindgen", "inaccurate" ] }
+instant = { version = "0.1", features = ["wasm-bindgen", "inaccurate"] }
 
 [target.'cfg(all(target_arch = "wasm32", target_os = "unknown"))'.dependencies]
-wasm-bindgen-rayon = { version = "1.0", optional=true }
+wasm-bindgen-rayon = { version = "1.0", optional = true }
 wasm-bindgen-test = "0.3.34"
 serde-wasm-bindgen = "0.4"
-wasm-bindgen = { version = "0.2.81", features = ["serde-serialize"]}
+wasm-bindgen = { version = "0.2.81", features = ["serde-serialize"] }
 console_error_panic_hook = "0.1.7"
 wasm-bindgen-console-logger = "0.1.1"
 
 
 [dev-dependencies]
-criterion = {version = "0.3",  features = ["html_reports"]}
+criterion = { version = "0.3", features = ["html_reports"] }
 tempfile = "3.3.0"
 lazy_static = "1.4.0"
 mnist = "0.5"
@@ -153,11 +176,24 @@ required-features = ["ezkl"]
 [features]
 web = ["wasm-bindgen-rayon"]
 default = ["ezkl", "mv-lookup"]
-render = ["halo2_proofs/dev-graph", "plotters"]
 onnx = ["dep:tract-onnx"]
 python-bindings = ["pyo3", "pyo3-log", "pyo3-asyncio"]
-ezkl = ["onnx", "serde", "serde_json", "log", "colored", "env_logger", "tabled/color", "colored_json", "halo2_proofs/circuit-params"]
-mv-lookup = ["halo2_proofs/mv-lookup", "snark-verifier/mv-lookup", "halo2_solidity_verifier/mv-lookup"]
+ezkl = [
+    "onnx",
+    "serde",
+    "serde_json",
+    "log",
+    "colored",
+    "env_logger",
+    "tabled/color",
+    "colored_json",
+    "halo2_proofs/circuit-params",
+]
+mv-lookup = [
+    "halo2_proofs/mv-lookup",
+    "snark-verifier/mv-lookup",
+    "halo2_solidity_verifier/mv-lookup",
+]
 det-prove = []
 icicle = ["halo2_proofs/icicle_gpu"]
 empty-cmd = []
@@ -165,7 +201,7 @@ no-banner = []
 
 # icicle patch to 0.1.0 if feature icicle is enabled
 [patch.'https://github.com/ingonyama-zk/icicle']
-icicle = { git = "https://github.com/ingonyama-zk/icicle?rev=45b00fb", package = "icicle", branch = "fix/vhnat/ezkl-build-fix"}
+icicle = { git = "https://github.com/ingonyama-zk/icicle?rev=45b00fb", package = "icicle", branch = "fix/vhnat/ezkl-build-fix" }
 
 [profile.release]
-rustflags = [ "-C", "relocation-model=pic" ]
+rustflags = ["-C", "relocation-model=pic"]

README.md

@@ -31,9 +31,9 @@ EZKL
 
 [![Notebook](https://colab.research.google.com/assets/colab-badge.svg)](https://colab.research.google.com/github/zkonduit/ezkl/blob/main/examples/notebooks/simple_demo_all_public.ipynb) 
 
-In the backend we use [Halo2](https://github.com/privacy-scaling-explorations/halo2) as a proof system.
+In the backend we use the collaboratively-developed [Halo2](https://github.com/privacy-scaling-explorations/halo2) as a proof system.
 
-The generated proofs can then be used on-chain to verify computation, only the Ethereum Virtual Machine (EVM) is supported at the moment.
+The generated proofs can then be verified with much less computational resources, including on-chain (with the Ethereum Virtual Machine), in a browser, or on a device. 
 
 - If you have any questions, we'd love for you to open up a discussion topic in [Discussions](https://github.com/zkonduit/ezkl/discussions). Alternatively, you can join the ✨[EZKL Community Telegram Group](https://t.me/+QRzaRvTPIthlYWMx)💫.
 
@@ -45,6 +45,8 @@ The generated proofs can then be used on-chain to verify computation, only the E
 
 ### getting started ⚙️
 
+The easiest way to get started is to try out a notebook. 
+
 #### Python
 Install the python bindings by calling.
 
@@ -70,10 +72,14 @@ curl https://raw.githubusercontent.com/zkonduit/ezkl/main/install_ezkl_cli.sh |
 
 https://user-images.githubusercontent.com/45801863/236771676-5bbbbfd1-ba6f-418a-902e-20738ce0e9f0.mp4
 
-For more details visit the [docs](https://docs.ezkl.xyz).
+For more details visit the [docs](https://docs.ezkl.xyz). The CLI is faster than Python, as it has less overhead. For even more speed and convenience, check out the [remote proving service](https://ei40vx5x6j0.typeform.com/to/sFv1oxvb), which feels like the CLI but is backed by a tuned cluster.
 
 Build the auto-generated rust documentation and open the docs in your browser locally. `cargo doc --open`
 
+#### In-browser EVM verifier
+
+As an alternative to running the native Halo2 verifier as a WASM binding in the browser, you can use the in-browser EVM verifier. The source code of which you can find in the `in-browser-evm-verifier` directory and a README with instructions on how to use it.
+
 
 ### building the project 🔨
 
@@ -120,17 +126,6 @@ unset ENABLE_ICICLE_GPU
 
 **NOTE:** Even with the above environment variable set, icicle is disabled for circuits where k <= 8. To change the value of `k` where icicle is enabled, you can set the environment variable `ICICLE_SMALL_K`.
 
-### repos
-
-The EZKL project has several libraries and repos. 
-
-| Repo | Description |
-| --- | --- |
-| [@zkonduit/ezkl](https://github.com/zkonduit/ezkl) | the main ezkl repo in rust with wasm and python bindings |
-| [@zkonduit/ezkljs](https://github.com/zkonduit/ezkljs) | typescript and javascript tooling to help integrate ezkl into web apps |
-
-----------------------
-
 ### contributing 🌎
 
 If you're interested in contributing and are unsure where to start, reach out to one of the maintainers:
@@ -147,7 +142,7 @@ More broadly:
 - To report bugs or request new features [create a new issue within Issues](https://github.com/zkonduit/ezkl/issues) to inform the greater community.
 
 
-Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be licensed to Zkonduit Inc. under the terms and conditions specified in the [CLA](https://github.com/zkonduit/ezkl/blob/main/cla.md), which you agree to by intentionally submitting a contribution. In particular, you have the right to submit the contribution and we can distribute it under the Apache 2.0 license, among other terms and conditions. 
+Any contribution intentionally submitted for inclusion in the work by you shall be licensed to Zkonduit Inc. under the terms and conditions specified in the [CLA](https://github.com/zkonduit/ezkl/blob/main/cla.md), which you agree to by intentionally submitting a contribution. In particular, you have the right to submit the contribution and we can distribute it, among other terms and conditions. 
 
 ### no security guarantees
 
@@ -155,4 +150,7 @@ Ezkl is unaudited, beta software undergoing rapid development. There may be bugs
 
 > NOTE: Because operations are quantized when they are converted from an onnx file to a zk-circuit, outputs in python and ezkl may differ slightly. 
 
+### no warranty
 
+Copyright (c) 2024 Zkonduit Inc. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

benches/accum_conv.rs

@@ -2,11 +2,13 @@ use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion, Through
 use ezkl::circuit::poly::PolyOp;
 use ezkl::circuit::*;
 use ezkl::pfsys::create_keys;
-use ezkl::pfsys::create_proof_circuit_kzg;
+use ezkl::pfsys::create_proof_circuit;
 use ezkl::pfsys::srs::gen_srs;
 use ezkl::pfsys::TranscriptType;
 use ezkl::tensor::*;
 use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
+use halo2_proofs::poly::kzg::multiopen::ProverSHPLONK;
+use halo2_proofs::poly::kzg::multiopen::VerifierSHPLONK;
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2_proofs::{
     arithmetic::Field,
@@ -15,6 +17,7 @@ use halo2_proofs::{
 };
 use halo2curves::bn256::{Bn256, Fr};
 use rand::rngs::OsRng;
+use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 
 static mut KERNEL_HEIGHT: usize = 2;
 static mut KERNEL_WIDTH: usize = 2;
@@ -121,28 +124,35 @@ fn runcnvrl(c: &mut Criterion) {
             group.throughput(Throughput::Elements(*size as u64));
             group.bench_with_input(BenchmarkId::new("pk", size), &size, |b, &_| {
                 b.iter(|| {
-                    create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(
-                        &circuit, &params, true,
-                    )
-                    .unwrap();
+                    create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true)
+                        .unwrap();
                 });
             });
 
-            let pk =
-                create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
-                    .unwrap();
+            let pk = create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true)
+                .unwrap();
 
             group.throughput(Throughput::Elements(*size as u64));
             group.bench_with_input(BenchmarkId::new("prove", size), &size, |b, &_| {
                 b.iter(|| {
-                    let prover = create_proof_circuit_kzg(
+                    let prover = create_proof_circuit::<
+                        KZGCommitmentScheme<_>,
+                        MyCircuit,
+                        ProverSHPLONK<_>,
+                        VerifierSHPLONK<_>,
+                        SingleStrategy<_>,
+                        _,
+                        EvmTranscript<_, _, _, _>,
+                        EvmTranscript<_, _, _, _>,
+                    >(
                         circuit.clone(),
+                        vec![],
                         &params,
-                        None,
                         &pk,
-                        TranscriptType::EVM,
-                        SingleStrategy::new(&params),
                         CheckMode::UNSAFE,
+                        ezkl::Commitments::KZG,
+                        TranscriptType::EVM,
+                        None,
                         None,
                     );
                     prover.unwrap();

benches/accum_dot.rs

@@ -1,11 +1,13 @@
 use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion, Throughput};
 use ezkl::circuit::poly::PolyOp;
 use ezkl::circuit::*;
-use ezkl::pfsys::create_proof_circuit_kzg;
+use ezkl::pfsys::create_proof_circuit;
 use ezkl::pfsys::TranscriptType;
 use ezkl::pfsys::{create_keys, srs::gen_srs};
 use ezkl::tensor::*;
 use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
+use halo2_proofs::poly::kzg::multiopen::ProverSHPLONK;
+use halo2_proofs::poly::kzg::multiopen::VerifierSHPLONK;
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2_proofs::{
     arithmetic::Field,
@@ -14,6 +16,7 @@ use halo2_proofs::{
 };
 use halo2curves::bn256::{Bn256, Fr};
 use rand::rngs::OsRng;
+use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 use std::marker::PhantomData;
 
 static mut LEN: usize = 4;
@@ -90,25 +93,35 @@ fn rundot(c: &mut Criterion) {
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("pk", len), &len, |b, &_| {
             b.iter(|| {
-                create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
+                create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true)
                     .unwrap();
             });
         });
 
-        let pk = create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
-            .unwrap();
+        let pk =
+            create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true).unwrap();
 
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("prove", len), &len, |b, &_| {
             b.iter(|| {
-                let prover = create_proof_circuit_kzg(
+                let prover = create_proof_circuit::<
+                    KZGCommitmentScheme<_>,
+                    MyCircuit,
+                    ProverSHPLONK<_>,
+                    VerifierSHPLONK<_>,
+                    SingleStrategy<_>,
+                    _,
+                    EvmTranscript<_, _, _, _>,
+                    EvmTranscript<_, _, _, _>,
+                >(
                     circuit.clone(),
+                    vec![],
                     &params,
-                    None,
                     &pk,
-                    TranscriptType::EVM,
-                    SingleStrategy::new(&params),
                     CheckMode::UNSAFE,
+                    ezkl::Commitments::KZG,
+                    TranscriptType::EVM,
+                    None,
                     None,
                 );
                 prover.unwrap();

benches/accum_einsum_matmul.rs

@@ -1,11 +1,13 @@
 use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion, Throughput};
 use ezkl::circuit::poly::PolyOp;
 use ezkl::circuit::*;
-use ezkl::pfsys::create_proof_circuit_kzg;
+use ezkl::pfsys::create_proof_circuit;
 use ezkl::pfsys::TranscriptType;
 use ezkl::pfsys::{create_keys, srs::gen_srs};
 use ezkl::tensor::*;
 use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
+use halo2_proofs::poly::kzg::multiopen::ProverSHPLONK;
+use halo2_proofs::poly::kzg::multiopen::VerifierSHPLONK;
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2_proofs::{
     arithmetic::Field,
@@ -14,6 +16,7 @@ use halo2_proofs::{
 };
 use halo2curves::bn256::{Bn256, Fr};
 use rand::rngs::OsRng;
+use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 use std::marker::PhantomData;
 
 static mut LEN: usize = 4;
@@ -94,25 +97,35 @@ fn runmatmul(c: &mut Criterion) {
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("pk", len), &len, |b, &_| {
             b.iter(|| {
-                create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
+                create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true)
                     .unwrap();
             });
         });
 
-        let pk = create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
-            .unwrap();
+        let pk =
+            create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true).unwrap();
 
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("prove", len), &len, |b, &_| {
             b.iter(|| {
-                let prover = create_proof_circuit_kzg(
+                let prover = create_proof_circuit::<
+                    KZGCommitmentScheme<_>,
+                    MyCircuit,
+                    ProverSHPLONK<_>,
+                    VerifierSHPLONK<_>,
+                    SingleStrategy<_>,
+                    _,
+                    EvmTranscript<_, _, _, _>,
+                    EvmTranscript<_, _, _, _>,
+                >(
                     circuit.clone(),
+                    vec![],
                     &params,
-                    None,
                     &pk,
-                    TranscriptType::EVM,
-                    SingleStrategy::new(&params),
                     CheckMode::UNSAFE,
+                    ezkl::Commitments::KZG,
+                    TranscriptType::EVM,
+                    None,
                     None,
                 );
                 prover.unwrap();

benches/accum_matmul_relu.rs

@@ -4,17 +4,20 @@ use ezkl::circuit::*;
 
 use ezkl::circuit::lookup::LookupOp;
 use ezkl::circuit::poly::PolyOp;
-use ezkl::pfsys::create_proof_circuit_kzg;
+use ezkl::pfsys::create_proof_circuit;
 use ezkl::pfsys::TranscriptType;
 use ezkl::pfsys::{create_keys, srs::gen_srs};
 use ezkl::tensor::*;
 use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
+use halo2_proofs::poly::kzg::multiopen::ProverSHPLONK;
+use halo2_proofs::poly::kzg::multiopen::VerifierSHPLONK;
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2_proofs::{
     circuit::{Layouter, SimpleFloorPlanner, Value},
     plonk::{Circuit, ConstraintSystem, Error},
 };
 use halo2curves::bn256::{Bn256, Fr};
+use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 use std::marker::PhantomData;
 
 const BITS: Range = (-32768, 32768);
@@ -112,25 +115,35 @@ fn runmatmul(c: &mut Criterion) {
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("pk", len), &len, |b, &_| {
             b.iter(|| {
-                create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
+                create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true)
                     .unwrap();
             });
         });
 
-        let pk = create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
-            .unwrap();
+        let pk =
+            create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true).unwrap();
 
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("prove", len), &len, |b, &_| {
             b.iter(|| {
-                let prover = create_proof_circuit_kzg(
+                let prover = create_proof_circuit::<
+                    KZGCommitmentScheme<_>,
+                    MyCircuit,
+                    ProverSHPLONK<_>,
+                    VerifierSHPLONK<_>,
+                    SingleStrategy<_>,
+                    _,
+                    EvmTranscript<_, _, _, _>,
+                    EvmTranscript<_, _, _, _>,
+                >(
                     circuit.clone(),
+                    vec![],
                     &params,
-                    None,
                     &pk,
+                    CheckMode::UNSAFE,
+                    ezkl::Commitments::KZG,
                     TranscriptType::EVM,
-                    SingleStrategy::new(&params),
-                    CheckMode::SAFE,
+                    None,
                     None,
                 );
                 prover.unwrap();

benches/accum_matmul_relu_overflow.rs

@@ -4,17 +4,20 @@ use ezkl::circuit::*;
 use ezkl::circuit::lookup::LookupOp;
 use ezkl::circuit::poly::PolyOp;
 use ezkl::circuit::table::Range;
-use ezkl::pfsys::create_proof_circuit_kzg;
+use ezkl::pfsys::create_proof_circuit;
 use ezkl::pfsys::TranscriptType;
 use ezkl::pfsys::{create_keys, srs::gen_srs};
 use ezkl::tensor::*;
 use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
+use halo2_proofs::poly::kzg::multiopen::ProverSHPLONK;
+use halo2_proofs::poly::kzg::multiopen::VerifierSHPLONK;
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2_proofs::{
     circuit::{Layouter, SimpleFloorPlanner, Value},
     plonk::{Circuit, ConstraintSystem, Error},
 };
 use halo2curves::bn256::{Bn256, Fr};
+use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 use std::marker::PhantomData;
 
 const BITS: Range = (-8180, 8180);
@@ -115,25 +118,35 @@ fn runmatmul(c: &mut Criterion) {
         group.throughput(Throughput::Elements(k as u64));
         group.bench_with_input(BenchmarkId::new("pk", k), &k, |b, &_| {
             b.iter(|| {
-                create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
+                create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true)
                     .unwrap();
             });
         });
 
-        let pk = create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
-            .unwrap();
+        let pk =
+            create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true).unwrap();
 
         group.throughput(Throughput::Elements(k as u64));
         group.bench_with_input(BenchmarkId::new("prove", k), &k, |b, &_| {
             b.iter(|| {
-                let prover = create_proof_circuit_kzg(
+                let prover = create_proof_circuit::<
+                    KZGCommitmentScheme<_>,
+                    MyCircuit,
+                    ProverSHPLONK<_>,
+                    VerifierSHPLONK<_>,
+                    SingleStrategy<_>,
+                    _,
+                    EvmTranscript<_, _, _, _>,
+                    EvmTranscript<_, _, _, _>,
+                >(
                     circuit.clone(),
+                    vec![],
                     &params,
-                    None,
                     &pk,
+                    CheckMode::UNSAFE,
+                    ezkl::Commitments::KZG,
                     TranscriptType::EVM,
-                    SingleStrategy::new(&params),
-                    CheckMode::SAFE,
+                    None,
                     None,
                 );
                 prover.unwrap();

benches/accum_sum.rs

@@ -1,11 +1,13 @@
 use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion, Throughput};
 use ezkl::circuit::poly::PolyOp;
 use ezkl::circuit::*;
-use ezkl::pfsys::create_proof_circuit_kzg;
+use ezkl::pfsys::create_proof_circuit;
 use ezkl::pfsys::TranscriptType;
 use ezkl::pfsys::{create_keys, srs::gen_srs};
 use ezkl::tensor::*;
 use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
+use halo2_proofs::poly::kzg::multiopen::ProverSHPLONK;
+use halo2_proofs::poly::kzg::multiopen::VerifierSHPLONK;
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2_proofs::{
     arithmetic::Field,
@@ -14,6 +16,7 @@ use halo2_proofs::{
 };
 use halo2curves::bn256::{Bn256, Fr};
 use rand::rngs::OsRng;
+use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 use std::marker::PhantomData;
 
 static mut LEN: usize = 4;
@@ -86,25 +89,35 @@ fn runsum(c: &mut Criterion) {
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("pk", len), &len, |b, &_| {
             b.iter(|| {
-                create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
+                create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true)
                     .unwrap();
             });
         });
 
-        let pk = create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
-            .unwrap();
+        let pk =
+            create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true).unwrap();
 
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("prove", len), &len, |b, &_| {
             b.iter(|| {
-                let prover = create_proof_circuit_kzg(
+                let prover = create_proof_circuit::<
+                    KZGCommitmentScheme<_>,
+                    MyCircuit,
+                    ProverSHPLONK<_>,
+                    VerifierSHPLONK<_>,
+                    SingleStrategy<_>,
+                    _,
+                    EvmTranscript<_, _, _, _>,
+                    EvmTranscript<_, _, _, _>,
+                >(
                     circuit.clone(),
+                    vec![],
                     &params,
-                    None,
                     &pk,
-                    TranscriptType::EVM,
-                    SingleStrategy::new(&params),
                     CheckMode::UNSAFE,
+                    ezkl::Commitments::KZG,
+                    TranscriptType::EVM,
+                    None,
                     None,
                 );
                 prover.unwrap();

benches/accum_sumpool.rs

@@ -2,11 +2,13 @@ use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion, Through
 use ezkl::circuit::hybrid::HybridOp;
 use ezkl::circuit::*;
 use ezkl::pfsys::create_keys;
-use ezkl::pfsys::create_proof_circuit_kzg;
+use ezkl::pfsys::create_proof_circuit;
 use ezkl::pfsys::srs::gen_srs;
 use ezkl::pfsys::TranscriptType;
 use ezkl::tensor::*;
 use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
+use halo2_proofs::poly::kzg::multiopen::ProverSHPLONK;
+use halo2_proofs::poly::kzg::multiopen::VerifierSHPLONK;
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2_proofs::{
     arithmetic::Field,
@@ -15,6 +17,7 @@ use halo2_proofs::{
 };
 use halo2curves::bn256::{Bn256, Fr};
 use rand::rngs::OsRng;
+use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 
 static mut IMAGE_HEIGHT: usize = 2;
 static mut IMAGE_WIDTH: usize = 2;
@@ -101,28 +104,35 @@ fn runsumpool(c: &mut Criterion) {
             group.throughput(Throughput::Elements(*size as u64));
             group.bench_with_input(BenchmarkId::new("pk", size), &size, |b, &_| {
                 b.iter(|| {
-                    create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(
-                        &circuit, &params, true,
-                    )
-                    .unwrap();
+                    create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true)
+                        .unwrap();
                 });
             });
 
-            let pk =
-                create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
-                    .unwrap();
+            let pk = create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true)
+                .unwrap();
 
             group.throughput(Throughput::Elements(*size as u64));
             group.bench_with_input(BenchmarkId::new("prove", size), &size, |b, &_| {
                 b.iter(|| {
-                    let prover = create_proof_circuit_kzg(
+                    let prover = create_proof_circuit::<
+                        KZGCommitmentScheme<_>,
+                        MyCircuit,
+                        ProverSHPLONK<_>,
+                        VerifierSHPLONK<_>,
+                        SingleStrategy<_>,
+                        _,
+                        EvmTranscript<_, _, _, _>,
+                        EvmTranscript<_, _, _, _>,
+                    >(
                         circuit.clone(),
+                        vec![],
                         &params,
-                        None,
                         &pk,
-                        TranscriptType::EVM,
-                        SingleStrategy::new(&params),
                         CheckMode::UNSAFE,
+                        ezkl::Commitments::KZG,
+                        TranscriptType::EVM,
+                        None,
                         None,
                     );
                     prover.unwrap();

benches/pairwise_add.rs

@@ -1,11 +1,13 @@
 use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion, Throughput};
 use ezkl::circuit::poly::PolyOp;
 use ezkl::circuit::*;
-use ezkl::pfsys::create_proof_circuit_kzg;
+use ezkl::pfsys::create_proof_circuit;
 use ezkl::pfsys::TranscriptType;
 use ezkl::pfsys::{create_keys, srs::gen_srs};
 use ezkl::tensor::*;
 use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
+use halo2_proofs::poly::kzg::multiopen::ProverSHPLONK;
+use halo2_proofs::poly::kzg::multiopen::VerifierSHPLONK;
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2_proofs::{
     arithmetic::Field,
@@ -14,6 +16,7 @@ use halo2_proofs::{
 };
 use halo2curves::bn256::{Bn256, Fr};
 use rand::rngs::OsRng;
+use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 use std::marker::PhantomData;
 
 static mut LEN: usize = 4;
@@ -84,25 +87,35 @@ fn runadd(c: &mut Criterion) {
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("pk", len), &len, |b, &_| {
             b.iter(|| {
-                create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
+                create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true)
                     .unwrap();
             });
         });
 
-        let pk = create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
-            .unwrap();
+        let pk =
+            create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true).unwrap();
 
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("prove", len), &len, |b, &_| {
             b.iter(|| {
-                let prover = create_proof_circuit_kzg(
+                let prover = create_proof_circuit::<
+                    KZGCommitmentScheme<_>,
+                    MyCircuit,
+                    ProverSHPLONK<_>,
+                    VerifierSHPLONK<_>,
+                    SingleStrategy<_>,
+                    _,
+                    EvmTranscript<_, _, _, _>,
+                    EvmTranscript<_, _, _, _>,
+                >(
                     circuit.clone(),
+                    vec![],
                     &params,
-                    None,
                     &pk,
+                    CheckMode::UNSAFE,
+                    ezkl::Commitments::KZG,
                     TranscriptType::EVM,
-                    SingleStrategy::new(&params),
-                    CheckMode::SAFE,
+                    None,
                     None,
                 );
                 prover.unwrap();

benches/pairwise_pow.rs

@@ -2,11 +2,13 @@ use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion, Through
 use ezkl::circuit::poly::PolyOp;
 use ezkl::circuit::region::RegionCtx;
 use ezkl::circuit::*;
-use ezkl::pfsys::create_proof_circuit_kzg;
+use ezkl::pfsys::create_proof_circuit;
 use ezkl::pfsys::TranscriptType;
 use ezkl::pfsys::{create_keys, srs::gen_srs};
 use ezkl::tensor::*;
 use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
+use halo2_proofs::poly::kzg::multiopen::ProverSHPLONK;
+use halo2_proofs::poly::kzg::multiopen::VerifierSHPLONK;
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2_proofs::{
     arithmetic::Field,
@@ -15,6 +17,7 @@ use halo2_proofs::{
 };
 use halo2curves::bn256::{Bn256, Fr};
 use rand::rngs::OsRng;
+use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 use std::marker::PhantomData;
 
 static mut LEN: usize = 4;
@@ -83,25 +86,35 @@ fn runpow(c: &mut Criterion) {
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("pk", len), &len, |b, &_| {
             b.iter(|| {
-                create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
+                create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true)
                     .unwrap();
             });
         });
 
-        let pk = create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
-            .unwrap();
+        let pk =
+            create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true).unwrap();
 
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("prove", len), &len, |b, &_| {
             b.iter(|| {
-                let prover = create_proof_circuit_kzg(
+                let prover = create_proof_circuit::<
+                    KZGCommitmentScheme<_>,
+                    MyCircuit,
+                    ProverSHPLONK<_>,
+                    VerifierSHPLONK<_>,
+                    SingleStrategy<_>,
+                    _,
+                    EvmTranscript<_, _, _, _>,
+                    EvmTranscript<_, _, _, _>,
+                >(
                     circuit.clone(),
+                    vec![],
                     &params,
-                    None,
                     &pk,
+                    CheckMode::UNSAFE,
+                    ezkl::Commitments::KZG,
                     TranscriptType::EVM,
-                    SingleStrategy::new(&params),
-                    CheckMode::SAFE,
+                    None,
                     None,
                 );
                 prover.unwrap();

benches/poseidon.rs

@@ -4,12 +4,13 @@ use ezkl::circuit::modules::poseidon::{PoseidonChip, PoseidonConfig};
 use ezkl::circuit::modules::Module;
 use ezkl::circuit::*;
 use ezkl::pfsys::create_keys;
-use ezkl::pfsys::create_proof_circuit_kzg;
+use ezkl::pfsys::create_proof_circuit;
 use ezkl::pfsys::srs::gen_srs;
 use ezkl::pfsys::TranscriptType;
 use ezkl::tensor::*;
 use halo2_proofs::circuit::Value;
 use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
+use halo2_proofs::poly::kzg::multiopen::{ProverSHPLONK, VerifierSHPLONK};
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2_proofs::{
     arithmetic::Field,
@@ -18,6 +19,7 @@ use halo2_proofs::{
 };
 use halo2curves::bn256::{Bn256, Fr};
 use rand::rngs::OsRng;
+use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 
 const L: usize = 10;
 
@@ -62,7 +64,7 @@ fn runposeidon(c: &mut Criterion) {
         let params = gen_srs::<KZGCommitmentScheme<_>>(k);
 
         let message = (0..*size).map(|_| Fr::random(OsRng)).collect::<Vec<_>>();
-        let output =
+        let _output =
             PoseidonChip::<PoseidonSpec, POSEIDON_WIDTH, POSEIDON_RATE, L>::run(message.to_vec())
                 .unwrap();
 
@@ -76,25 +78,35 @@ fn runposeidon(c: &mut Criterion) {
         group.throughput(Throughput::Elements(*size as u64));
         group.bench_with_input(BenchmarkId::new("pk", size), &size, |b, &_| {
             b.iter(|| {
-                create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
+                create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true)
                     .unwrap();
             });
         });
 
-        let pk = create_keys::<KZGCommitmentScheme<Bn256>, Fr, MyCircuit>(&circuit, &params, true)
-            .unwrap();
+        let pk =
+            create_keys::<KZGCommitmentScheme<Bn256>, MyCircuit>(&circuit, &params, true).unwrap();
 
         group.throughput(Throughput::Elements(*size as u64));
         group.bench_with_input(BenchmarkId::new("prove", size), &size, |b, &_| {
             b.iter(|| {
-                let prover = create_proof_circuit_kzg(
+                let prover = create_proof_circuit::<
+                    KZGCommitmentScheme<_>,
+                    MyCircuit,
+                    ProverSHPLONK<_>,
+                    VerifierSHPLONK<_>,
+                    SingleStrategy<_>,
+                    _,
+                    EvmTranscript<_, _, _, _>,
+                    EvmTranscript<_, _, _, _>,
+                >(
                     circuit.clone(),
+                    vec![],
                     &params,
-                    Some(output[0].clone()),
                     &pk,
-                    TranscriptType::EVM,
-                    SingleStrategy::new(&params),
                     CheckMode::UNSAFE,
+                    ezkl::Commitments::KZG,
+                    TranscriptType::EVM,
+                    None,
                     None,
                 );
                 prover.unwrap();

benches/relu.rs

@@ -2,11 +2,12 @@ use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion, Through
 use ezkl::circuit::region::RegionCtx;
 use ezkl::circuit::table::Range;
 use ezkl::circuit::{ops::lookup::LookupOp, BaseConfig as Config, CheckMode};
-use ezkl::pfsys::create_proof_circuit_kzg;
+use ezkl::pfsys::create_proof_circuit;
 use ezkl::pfsys::TranscriptType;
 use ezkl::pfsys::{create_keys, srs::gen_srs};
 use ezkl::tensor::*;
 use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
+use halo2_proofs::poly::kzg::multiopen::{ProverSHPLONK, VerifierSHPLONK};
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2_proofs::{
     circuit::{Layouter, SimpleFloorPlanner, Value},
@@ -14,6 +15,7 @@ use halo2_proofs::{
 };
 use halo2curves::bn256::{Bn256, Fr};
 use rand::Rng;
+use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 
 const BITS: Range = (-32768, 32768);
 static mut LEN: usize = 4;
@@ -91,25 +93,35 @@ fn runrelu(c: &mut Criterion) {
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("pk", len), &len, |b, &_| {
             b.iter(|| {
-                create_keys::<KZGCommitmentScheme<Bn256>, Fr, NLCircuit>(&circuit, &params, true)
+                create_keys::<KZGCommitmentScheme<Bn256>, NLCircuit>(&circuit, &params, true)
                     .unwrap();
             });
         });
 
-        let pk = create_keys::<KZGCommitmentScheme<Bn256>, Fr, NLCircuit>(&circuit, &params, true)
-            .unwrap();
+        let pk =
+            create_keys::<KZGCommitmentScheme<Bn256>, NLCircuit>(&circuit, &params, true).unwrap();
 
         group.throughput(Throughput::Elements(len as u64));
         group.bench_with_input(BenchmarkId::new("prove", len), &len, |b, &_| {
             b.iter(|| {
-                let prover = create_proof_circuit_kzg(
+                let prover = create_proof_circuit::<
+                    KZGCommitmentScheme<_>,
+                    NLCircuit,
+                    ProverSHPLONK<_>,
+                    VerifierSHPLONK<_>,
+                    SingleStrategy<_>,
+                    _,
+                    EvmTranscript<_, _, _, _>,
+                    EvmTranscript<_, _, _, _>,
+                >(
                     circuit.clone(),
+                    vec![],
                     &params,
-                    None,
                     &pk,
+                    CheckMode::UNSAFE,
+                    ezkl::Commitments::KZG,
                     TranscriptType::EVM,
-                    SingleStrategy::new(&params),
-                    CheckMode::SAFE,
+                    None,
                     None,
                 );
                 prover.unwrap();

examples/notebooks/ezkl_demo.ipynb

@@ -696,10 +696,12 @@
         "for i, value in enumerate(proof[\"instances\"]):\n",
         "    for j, field_element in enumerate(value):\n",
         "        onchain_input_array.append(ezkl.felt_to_big_endian(field_element))\n",
-        "        formatted_output += str(onchain_input_array[-1])\n",
+        "        formatted_output += '\"' + str(onchain_input_array[-1]) + '\"'\n",
         "        if j != len(value) - 1:\n",
         "            formatted_output += \", \"\n",
-        "    formatted_output += \"]\"\n",
+        "    if i != len(proof[\"instances\"]) - 1:\n",
+        "        formatted_output += \", \"\n",
+        "formatted_output += \"]\"\n",
         "\n",
         "# This will be the values you use onchain\n",
         "# copy them over to remix and see if they verify\n",

examples/notebooks/generalized_inverse.ipynb

@@ -10,7 +10,7 @@
         "\n",
         "## Generalized Inverse\n",
         "\n",
-        "We show how to use EZKL to prove that we know matrices $A$ and its generalized inverse $B$. Since these are large we deal with the KZG commitments, with $a$ the kzgcommit of $A$, $b$ the kzgcommit of $B$, and $ABA = A$.\n"
+        "We show how to use EZKL to prove that we know matrices $A$ and its generalized inverse $B$. Since these are large we deal with the KZG commitments, with $a$ the polycommit of $A$, $b$ the polycommit of $B$, and $ABA = A$.\n"
       ]
     },
     {
@@ -77,7 +77,7 @@
       "outputs": [],
       "source": [
         "gip_run_args = ezkl.PyRunArgs()\n",
-        "gip_run_args.input_visibility = \"kzgcommit\"  # matrix and generalized inverse commitments\n",
+        "gip_run_args.input_visibility = \"polycommit\"  # matrix and generalized inverse commitments\n",
         "gip_run_args.output_visibility = \"fixed\"   # no parameters used\n",
         "gip_run_args.param_visibility = \"fixed\" # should be Tensor(True)"
       ]
@@ -340,4 +340,4 @@
   },
   "nbformat": 4,
   "nbformat_minor": 5
-}
+}

examples/notebooks/hashed_vis.ipynb

@@ -161,7 +161,7 @@
                 "- `fixed`: known to the prover and verifier (as a commit), but not modifiable by the prover.\n",
                 "- `hashed`: the hash pre-image is known to the prover, the prover and verifier know the hash. The prover proves that the they know the pre-image to the hash. \n",
                 "- `encrypted`: the non-encrypted element and the secret key used for decryption are known to the prover. The prover and the verifier know the encrypted element, the public key used to encrypt, and the hash of the decryption hey. The prover proves that they know the pre-image of the hashed decryption key and that this key can in fact decrypt the encrypted message.\n",
-                "- `kzgcommit`: unblinded advice column which generates a kzg commitment. This doesn't appear in the instances of the circuit and must instead be inserted directly within the proof bytes.  \n",
+                "- `polycommit`: unblinded advice column which generates a kzg commitment. This doesn't appear in the instances of the circuit and must instead be inserted directly within the proof bytes.  \n",
                 "\n",
                 "\n",
                 "Here we create the following setup:\n",
@@ -510,4 +510,4 @@
     },
     "nbformat": 4,
     "nbformat_minor": 2
-}
+}

examples/notebooks/kzg_vis.ipynb

@@ -154,11 +154,11 @@
                 "- `fixed`: known to the prover and verifier (as a commit), but not modifiable by the prover.\n",
                 "- `hashed`: the hash pre-image is known to the prover, the prover and verifier know the hash. The prover proves that the they know the pre-image to the hash. \n",
                 "- `encrypted`: the non-encrypted element and the secret key used for decryption are known to the prover. The prover and the verifier know the encrypted element, the public key used to encrypt, and the hash of the decryption hey. The prover proves that they know the pre-image of the hashed decryption key and that this key can in fact decrypt the encrypted message.\n",
-                "- `kzgcommit`: unblinded advice column which generates a kzg commitment. This doesn't appear in the instances of the circuit and must instead be modified directly within the proof bytes.  \n",
+                "- `polycommit`: unblinded advice column which generates a kzg commitment. This doesn't appear in the instances of the circuit and must instead be modified directly within the proof bytes.  \n",
                 "\n",
                 "Here we create the following setup:\n",
-                "- `input_visibility`: \"kzgcommit\"\n",
-                "- `param_visibility`: \"kzgcommit\"\n",
+                "- `input_visibility`: \"polycommit\"\n",
+                "- `param_visibility`: \"polycommit\"\n",
                 "- `output_visibility`: public\n",
                 "\n",
                 "We encourage you to play around with other setups :) \n",
@@ -186,8 +186,8 @@
                 "data_path = os.path.join('input.json')\n",
                 "\n",
                 "run_args = ezkl.PyRunArgs()\n",
-                "run_args.input_visibility = \"kzgcommit\"\n",
-                "run_args.param_visibility = \"kzgcommit\"\n",
+                "run_args.input_visibility = \"polycommit\"\n",
+                "run_args.param_visibility = \"polycommit\"\n",
                 "run_args.output_visibility = \"public\"\n",
                 "run_args.variables = [(\"batch_size\", 1)]\n",
                 "\n",
@@ -512,4 +512,4 @@
     },
     "nbformat": 4,
     "nbformat_minor": 2
-}
+}

examples/notebooks/mnist_gan_proof_splitting.ipynb

@@ -264,9 +264,9 @@
                 "###  KZG commitment intermediate calculations\n",
                 "\n",
                 "the visibility parameters are:\n",
-                "- `input_visibility`: \"kzgcommit\"\n",
+                "- `input_visibility`: \"polycommit\"\n",
                 "- `param_visibility`: \"public\"\n",
-                "- `output_visibility`: kzgcommit"
+                "- `output_visibility`: polycommit"
             ]
         },
         {
@@ -280,15 +280,15 @@
                 "srs_path = os.path.join('kzg.srs')\n",
                 "\n",
                 "run_args = ezkl.PyRunArgs()\n",
-                "run_args.input_visibility = \"kzgcommit\"\n",
+                "run_args.input_visibility = \"polycommit\"\n",
                 "run_args.param_visibility = \"fixed\"\n",
-                "run_args.output_visibility = \"kzgcommit\"\n",
+                "run_args.output_visibility = \"polycommit\"\n",
                 "run_args.variables = [(\"batch_size\", 1)]\n",
                 "run_args.input_scale = 0\n",
                 "run_args.param_scale = 0\n",
                 "run_args.logrows = 18\n",
                 "\n",
-                "ezkl.get_srs(logrows=run_args.logrows)\n"
+                "ezkl.get_srs(logrows=run_args.logrows, commitment=ezkl.PyCommitments.KZG)\n"
             ]
         },
         {

examples/notebooks/proof_splitting.ipynb

@@ -208,7 +208,7 @@
                 "- `private`: known only to the prover\n",
                 "- `hashed`: the hash pre-image is known to the prover, the prover and verifier know the hash. The prover proves that the they know the pre-image to the hash. \n",
                 "- `encrypted`: the non-encrypted element and the secret key used for decryption are known to the prover. The prover and the verifier know the encrypted element, the public key used to encrypt, and the hash of the decryption hey. The prover proves that they know the pre-image of the hashed decryption key and that this key can in fact decrypt the encrypted message.\n",
-                "- `kzgcommit`: unblinded advice column which generates a kzg commitment. This doesn't appear in the instances of the circuit and must instead be modified directly within the proof bytes.  \n",
+                "- `polycommit`: unblinded advice column which generates a kzg commitment. This doesn't appear in the instances of the circuit and must instead be modified directly within the proof bytes.  \n",
                 "\n",
                 "Here we create the following setup:\n",
                 "- `input_visibility`: \"public\"\n",
@@ -234,7 +234,7 @@
                 "run_args.input_scale = 2\n",
                 "run_args.logrows = 8\n",
                 "\n",
-                "ezkl.get_srs(logrows=run_args.logrows)"
+                "ezkl.get_srs(logrows=run_args.logrows, commitment=ezkl.PyCommitments.KZG)"
             ]
         },
         {
@@ -385,9 +385,9 @@
                 "###  KZG commitment intermediate calculations\n",
                 "\n",
                 "This time the visibility parameters are:\n",
-                "- `input_visibility`: \"kzgcommit\"\n",
+                "- `input_visibility`: \"polycommit\"\n",
                 "- `param_visibility`: \"public\"\n",
-                "- `output_visibility`: kzgcommit"
+                "- `output_visibility`: polycommit"
             ]
         },
         {
@@ -399,9 +399,9 @@
                 "import ezkl\n",
                 "\n",
                 "run_args = ezkl.PyRunArgs()\n",
-                "run_args.input_visibility = \"kzgcommit\"\n",
+                "run_args.input_visibility = \"polycommit\"\n",
                 "run_args.param_visibility = \"fixed\"\n",
-                "run_args.output_visibility = \"kzgcommit\"\n",
+                "run_args.output_visibility = \"polycommit\"\n",
                 "run_args.variables = [(\"batch_size\", 1)]\n",
                 "run_args.input_scale = 2\n",
                 "run_args.logrows = 8\n"

examples/notebooks/simple_demo_aggregated_proofs.ipynb

@@ -275,7 +275,6 @@
                 "        proof_path,\n",
                 "        settings_path,\n",
                 "        vk_path,\n",
-                "        \n",
                 "    )\n",
                 "\n",
                 "assert res == True\n",
@@ -291,7 +290,7 @@
             "source": [
                 "# Generate a larger SRS. This is needed for the aggregated proof\n",
                 "\n",
-                "res = ezkl.get_srs(settings_path=None, logrows=21)"
+                "res = ezkl.get_srs(settings_path=None, logrows=21, commitment=ezkl.PyCommitments.KZG)"
             ]
         },
         {

examples/notebooks/solvency.ipynb

@@ -9,7 +9,7 @@
       "source": [
         "## Solvency demo\n",
         "\n",
-        "Here we create a demo of a solvency calculation in the manner of [summa-solvency](https://github.com/summa-dev/summa-solvency). The aim here is to demonstrate the use of the new kzgcommit method detailed [here](https://blog.ezkl.xyz/post/commits/). \n",
+        "Here we create a demo of a solvency calculation in the manner of [summa-solvency](https://github.com/summa-dev/summa-solvency). The aim here is to demonstrate the use of the new polycommit method detailed [here](https://blog.ezkl.xyz/post/commits/). \n",
         "\n",
         "In this setup:\n",
         "- the commitments to users, respective balances, and total balance are known are publicly known to the prover and verifier. \n",
@@ -177,10 +177,10 @@
         "- `private`: known only to the prover\n",
         "- `hashed`: the hash pre-image is known to the prover, the prover and verifier know the hash. The prover proves that the they know the pre-image to the hash. \n",
         "- `encrypted`: the non-encrypted element and the secret key used for decryption are known to the prover. The prover and the verifier know the encrypted element, the public key used to encrypt, and the hash of the decryption hey. The prover proves that they know the pre-image of the hashed decryption key and that this key can in fact decrypt the encrypted message.\n",
-        "- `kzgcommit`: unblinded advice column which generates a kzg commitment. This doesn't appear in the instances of the circuit and must instead be modified directly within the proof bytes.  \n",
+        "- `polycommit`: unblinded advice column which generates a kzg commitment. This doesn't appear in the instances of the circuit and must instead be modified directly within the proof bytes.  \n",
         "\n",
         "Here we create the following setup:\n",
-        "- `input_visibility`: \"kzgcommit\"\n",
+        "- `input_visibility`: \"polycommit\"\n",
         "- `param_visibility`: \"public\"\n",
         "- `output_visibility`: public\n",
         "\n",
@@ -202,8 +202,8 @@
       "outputs": [],
       "source": [
         "run_args = ezkl.PyRunArgs()\n",
-        "# \"kzgcommit\" means that the output of the hashing is not visible to the verifier and is instead fed into the computational graph\n",
-        "run_args.input_visibility = \"kzgcommit\"\n",
+        "# \"polycommit\" means that the output of the hashing is not visible to the verifier and is instead fed into the computational graph\n",
+        "run_args.input_visibility = \"polycommit\"\n",
         "# the parameters are public\n",
         "run_args.param_visibility = \"fixed\"\n",
         "# the output is public (this is the inequality test)\n",
@@ -515,4 +515,4 @@
   },
   "nbformat": 4,
   "nbformat_minor": 5
-}
+}

examples/onnx/1l_lppool/gen.py

@@ -0,0 +1,40 @@
+from torch import nn
+import torch
+import json
+
+class Model(nn.Module):
+    def __init__(self):
+        super(Model, self).__init__()
+        self.layer = nn.LPPool2d(2, 1, (1, 1))
+
+    def forward(self, x):
+        return self.layer(x)[0]
+
+
+circuit = Model()
+
+x = torch.empty(1, 3, 2, 2).uniform_(0, 1)
+
+out = circuit(x)
+
+print(out)
+
+torch.onnx.export(circuit, x, "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=17,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  input_names=['input'],   # the model's input names
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},  # variable length axes
+                                'output': {0: 'batch_size'}})
+
+
+d1 = ((x).detach().numpy()).reshape([-1]).tolist()
+
+data = dict(
+    input_data=[d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))
+

examples/onnx/1l_lppool/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.7549541592597961, 0.990360677242279, 0.9473411440849304, 0.3951031565666199, 0.8500555753707886, 0.9352139830589294, 0.11867779493331909, 0.9493132829666138, 0.6588345766067505, 0.1933223009109497, 0.12139874696731567, 0.8547163605690002]]}

examples/onnx/celu/gen.py

@@ -0,0 +1,42 @@
+from torch import nn
+import torch
+import json
+import numpy as np
+
+
+class MyModel(nn.Module):
+    def __init__(self):
+        super(MyModel, self).__init__()
+
+    def forward(self, x):          
+        m = nn.CELU()(x)
+        
+        return m 
+
+
+circuit = MyModel()
+
+x = torch.empty(1, 8).uniform_(0, 1)
+
+out = circuit(x)
+
+print(out)
+
+torch.onnx.export(circuit, x, "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=17,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  input_names=['input'],   # the model's input names
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},  # variable length axes
+                                'output': {0: 'batch_size'}})
+
+
+d1 = ((x).detach().numpy()).reshape([-1]).tolist()
+
+data = dict(
+    input_data=[d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))

examples/onnx/celu/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.35387128591537476, 0.030473172664642334, 0.08707714080810547, 0.2429301142692566, 0.45228832960128784, 0.496021032333374, 0.13245105743408203, 0.8497090339660645]]}

examples/onnx/clip/gen.py

@@ -0,0 +1,41 @@
+from torch import nn
+import torch
+import json
+import numpy as np
+
+
+class MyModel(nn.Module):
+    def __init__(self):
+        super(MyModel, self).__init__()
+
+    def forward(self, x):          
+        m = torch.clamp(x, min=0.4, max=0.8)
+        return m
+
+
+circuit = MyModel()
+
+x = torch.empty(1, 2, 2, 8).uniform_(0, 1)
+
+out = circuit(x)
+
+print(out)
+
+torch.onnx.export(circuit, x, "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=17,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  input_names=['input'],   # the model's input names
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},  # variable length axes
+                                'output': {0: 'batch_size'}})
+
+
+d1 = ((x).detach().numpy()).reshape([-1]).tolist()
+
+data = dict(
+    input_data=[d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))

examples/onnx/clip/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.03297048807144165, 0.46362626552581787, 0.6044231057167053, 0.4949902892112732, 0.48823297023773193, 0.6798646450042725, 0.6824942231178284, 0.03491640090942383, 0.19608813524246216, 0.24129939079284668, 0.9769315123558044, 0.6306831240653992, 0.7690497636795044, 0.252221941947937, 0.9167693853378296, 0.3882681131362915, 0.9307044148445129, 0.33559417724609375, 0.7815426588058472, 0.3435332179069519, 0.7871478796005249, 0.12240773439407349, 0.5295405983924866, 0.4874419569969177, 0.08262640237808228, 0.1124718189239502, 0.5834914445877075, 0.30927878618240356, 0.48899340629577637, 0.9376634955406189, 0.21893149614334106, 0.526070773601532]]}

examples/onnx/clip/network.onnx

@@ -0,0 +1,24 @@
+pytorch2.2.1:±
+?/Constant_output_0	/Constant"Constant*
+value*
JÍÌÌ> 

+C/Constant_1_output_0/Constant_1"Constant*
+value*
JÍÌL? 

+F
+input
+/Constant_output_0
+/Constant_1_output_0output/Clip"Clip
+main_graphZ)
+input 
+

+
+batch_size
+
+
+b*
+output 
+

+
+batch_size
+
+
+B

examples/onnx/gather_nd/gen.py

@@ -0,0 +1,48 @@
+from torch import nn
+import json
+import numpy as np
+import tf2onnx
+
+
+import tensorflow as tf
+from tensorflow.keras.layers import *
+from tensorflow.keras.models import Model
+
+
+# gather_nd in tf then export to onnx
+
+
+
+
+x = in1 = Input((15, 18,))
+w = in2 = Input((15, 1), dtype=tf.int32)
+x = tf.gather_nd(x, w, batch_dims=1)
+tm = Model((in1, in2), x )
+tm.summary()
+tm.compile(optimizer='adam', loss='mse')
+
+shape = [1, 15, 18]
+index_shape = [1, 15, 1]
+# After training, export to onnx (network.onnx) and create a data file (input.json)
+x = 0.1*np.random.rand(1,*shape)
+# w = random int tensor
+w = np.random.randint(0, 10, index_shape)
+
+spec = tf.TensorSpec(shape, tf.float32, name='input_0')
+index_spec = tf.TensorSpec(index_shape, tf.int32, name='input_1')
+
+model_path = "network.onnx"
+
+tf2onnx.convert.from_keras(tm, input_signature=[spec, index_spec], inputs_as_nchw=['input_0', 'input_1'], opset=12, output_path=model_path)
+
+
+d = x.reshape([-1]).tolist()
+d1 = w.reshape([-1]).tolist()
+
+
+data = dict(
+    input_data=[d, d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))

examples/onnx/gru/gen.py

@@ -0,0 +1,41 @@
+import random
+import math
+import numpy as np
+
+import torch
+from torch import nn
+import torch.nn.functional as F
+import json
+
+
+model = nn.GRU(3, 3)  # Input dim is 3, output dim is 3
+x = torch.randn(1, 3)  # make a sequence of length 5
+
+print(x)
+
+# Flips the neural net into inference mode
+model.eval()
+model.to('cpu')
+
+# Export the model
+torch.onnx.export(model,               # model being run
+                  # model input (or a tuple for multiple inputs)
+                  x,
+                  # where to save the model (can be a file or file-like object)
+                  "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=10,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  input_names=['input'],   # the model's input names
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},    # variable length axes
+                                'output': {0: 'batch_size'}})
+
+data_array = ((x).detach().numpy()).reshape([-1]).tolist()
+
+data_json = dict(input_data=[data_array])
+
+print(data_json)
+
+# Serialize data into file:
+json.dump(data_json, open("input.json", 'w'))

examples/onnx/gru/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.4145222008228302, -0.4043896496295929, 0.7545749545097351]]}

examples/onnx/hard_max/gen.py

@@ -0,0 +1,42 @@
+from torch import nn
+import torch
+import json
+import numpy as np
+
+
+class MyModel(nn.Module):
+    def __init__(self):
+        super(MyModel, self).__init__()
+
+    def forward(self, x):          
+        m = torch.argmax(x)
+        
+        return m 
+
+
+circuit = MyModel()
+
+x = torch.empty(1, 8).uniform_(0, 1)
+
+out = circuit(x)
+
+print(out)
+
+torch.onnx.export(circuit, x, "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=17,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  input_names=['input'],   # the model's input names
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},  # variable length axes
+                                'output': {0: 'batch_size'}})
+
+
+d1 = ((x).detach().numpy()).reshape([-1]).tolist()
+
+data = dict(
+    input_data=[d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))

examples/onnx/hard_max/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.5505883693695068, 0.0766521692276001, 0.12006187438964844, 0.9497959017753601, 0.9100563526153564, 0.968717098236084, 0.5978299379348755, 0.9419963359832764]]}

examples/onnx/hard_sigmoid/gen.py

@@ -9,7 +9,7 @@ class MyModel(nn.Module):
         super(MyModel, self).__init__()
 
     def forward(self, x):          
-        m = nn.Logsoftmax()(x)
+        m = nn.Hardsigmoid()(x)
         
         return m 
 

examples/onnx/hard_sigmoid/input.json

@@ -1 +1 @@
-{"input_data": [[0.2971532940864563, 0.3465197682380676, 0.05381882190704346, 0.058654189109802246, 0.014198064804077148, 0.06088751554489136, 0.1723427176475525, 0.5115123987197876]]}
+{"input_data": [[0.8326942324638367, 0.2796096205711365, 0.600328266620636, 0.3701696991920471, 0.17832040786743164, 0.6247223019599915, 0.501872718334198, 0.6961578726768494]]}

examples/onnx/hard_sigmoid/network.onnx

@@ -1,4 +1,4 @@
-pytorch2.1.0:<3A>

+pytorch2.2.1:<3A>

 ;
 inputoutput/HardSigmoid"HardSigmoid*
 alpha«ª*> 



examples/onnx/hard_swish/gen.py

@@ -0,0 +1,41 @@
+from torch import nn
+import torch
+import json
+import numpy as np
+
+
+class MyModel(nn.Module):
+    def __init__(self):
+        super(MyModel, self).__init__()
+
+    def forward(self, x):
+        m = nn.Hardswish()(x)
+        return m
+
+
+circuit = MyModel()
+
+x = torch.empty(1, 8).uniform_(0, 1)
+
+out = circuit(x)
+
+print(out)
+
+torch.onnx.export(circuit, x, "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=17,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  input_names=['input'],   # the model's input names
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},  # variable length axes
+                                'output': {0: 'batch_size'}})
+
+
+d1 = ((x).detach().numpy()).reshape([-1]).tolist()
+
+data = dict(
+    input_data=[d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))

examples/onnx/hard_swish/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.6996762752532959, 0.42992985248565674, 0.5102168321609497, 0.5540387630462646, 0.8489438891410828, 0.8533616065979004, 0.36736780405044556, 0.5859147310256958]]}

examples/onnx/hard_swish/network.onnx

@@ -0,0 +1,15 @@
+pytorch2.2.1:{
+&
+inputoutput
+/HardSwish"	HardSwish
+main_graphZ!
+input
+

+
+batch_size
+b"
+output
+

+
+batch_size
+B

examples/onnx/log_softmax/gen.py

@@ -9,7 +9,7 @@ class MyModel(nn.Module):
         super(MyModel, self).__init__()
 
     def forward(self, x):          
-        m = nn.Hardsigmoid()(x)
+        m = nn.LogSoftmax()(x)
         
         return m 
 

examples/onnx/logsumexp/gen.py

@@ -0,0 +1,42 @@
+from torch import nn
+import torch
+import json
+import numpy as np
+
+
+class MyModel(nn.Module):
+    def __init__(self):
+        super(MyModel, self).__init__()
+
+    def forward(self, x):          
+        m = torch.logsumexp(x, dim=1)
+        
+        return m 
+
+
+circuit = MyModel()
+
+x = torch.empty(1, 2, 2, 8).uniform_(0, 1)
+
+out = circuit(x)
+
+print(out)
+
+torch.onnx.export(circuit, x, "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=17,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  input_names=['input'],   # the model's input names
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},  # variable length axes
+                                'output': {0: 'batch_size'}})
+
+
+d1 = ((x).detach().numpy()).reshape([-1]).tolist()
+
+data = dict(
+    input_data=[d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))

examples/onnx/logsumexp/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.7973018884658813, 0.5245689153671265, 0.34149593114852905, 0.1455438733100891, 0.9482707381248474, 0.4221445322036743, 0.001363217830657959, 0.8736765384674072, 0.42954301834106445, 0.7199509739875793, 0.37641745805740356, 0.5920265316963196, 0.42270803451538086, 0.41761744022369385, 0.603948712348938, 0.7250819802284241, 0.047173500061035156, 0.5115441679954529, 0.3743387460708618, 0.16794061660766602, 0.5352339148521423, 0.037976861000061035, 0.65323406457901, 0.5585184097290039, 0.10559147596359253, 0.07827490568161011, 0.6717077493667603, 0.6480781435966492, 0.9780838489532471, 0.8353415131568909, 0.6491701006889343, 0.6573048233985901]]}

examples/onnx/mish/gen.py

@@ -0,0 +1,42 @@
+from torch import nn
+import torch
+import json
+import numpy as np
+
+
+class MyModel(nn.Module):
+    def __init__(self):
+        super(MyModel, self).__init__()
+
+    def forward(self, x):          
+        m = nn.Mish()(x)
+        
+        return m 
+
+
+circuit = MyModel()
+
+x = torch.empty(1, 8).uniform_(0, 1)
+
+out = circuit(x)
+
+print(out)
+
+torch.onnx.export(circuit, x, "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=17,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  input_names=['input'],   # the model's input names
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},  # variable length axes
+                                'output': {0: 'batch_size'}})
+
+
+d1 = ((x).detach().numpy()).reshape([-1]).tolist()
+
+data = dict(
+    input_data=[d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))

examples/onnx/mish/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.18563222885131836, 0.4843214750289917, 0.9991059899330139, 0.02534431219100952, 0.8105666041374207, 0.9658406376838684, 0.681107759475708, 0.5365872979164124]]}

examples/onnx/mish/network.onnx

@@ -0,0 +1,19 @@
+pytorch2.2.1:ä

+0
+input/Softplus_output_0	/Softplus"Softplus
+1
+/Softplus_output_0/Tanh_output_0/Tanh"Tanh
+*
+input
+/Tanh_output_0output/Mul"Mul
+main_graphZ!
+input
+

+
+batch_size
+b"
+output
+

+
+batch_size
+B

examples/onnx/reducel1/gen.py

@@ -0,0 +1,42 @@
+from torch import nn
+import torch
+import json
+import numpy as np
+
+
+class MyModel(nn.Module):
+    def __init__(self):
+        super(MyModel, self).__init__()
+
+    def forward(self, x):          
+        m = torch.norm(x, p=1, dim=1)
+        
+        return m 
+
+
+circuit = MyModel()
+
+x = torch.empty(1, 2, 2, 8).uniform_(0, 1)
+
+out = circuit(x)
+
+print(out)
+
+torch.onnx.export(circuit, x, "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=17,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  input_names=['input'],   # the model's input names
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},  # variable length axes
+                                'output': {0: 'batch_size'}})
+
+
+d1 = ((x).detach().numpy()).reshape([-1]).tolist()
+
+data = dict(
+    input_data=[d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))

examples/onnx/reducel1/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.02284395694732666, 0.7941043376922607, 0.07971876859664917, 0.8898420929908752, 0.8233054280281067, 0.11066079139709473, 0.4424799084663391, 0.4355071783065796, 0.6723723411560059, 0.6818525195121765, 0.8726171851158142, 0.17742449045181274, 0.054257750511169434, 0.5775953531265259, 0.7758923172950745, 0.8431423306465149, 0.7602444887161255, 0.29686522483825684, 0.22489851713180542, 0.0675363540649414, 0.981339693069458, 0.15771394968032837, 0.5801441669464111, 0.9044001698493958, 0.49266451597213745, 0.42621421813964844, 0.35345613956451416, 0.042848050594329834, 0.6908614039421082, 0.5422852039337158, 0.01975083351135254, 0.5772860050201416]]}

examples/onnx/reducel2/gen.py

@@ -0,0 +1,42 @@
+from torch import nn
+import torch
+import json
+import numpy as np
+
+
+class MyModel(nn.Module):
+    def __init__(self):
+        super(MyModel, self).__init__()
+
+    def forward(self, x):          
+        m = torch.norm(x, p=2, dim=1)
+        
+        return m 
+
+
+circuit = MyModel()
+
+x = torch.empty(1, 2, 2, 8).uniform_(0, 1)
+
+out = circuit(x)
+
+print(out)
+
+torch.onnx.export(circuit, x, "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=17,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  input_names=['input'],   # the model's input names
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},  # variable length axes
+                                'output': {0: 'batch_size'}})
+
+
+d1 = ((x).detach().numpy()).reshape([-1]).tolist()
+
+data = dict(
+    input_data=[d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))

examples/onnx/reducel2/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.8709188103675842, 0.11553549766540527, 0.27376580238342285, 0.7518517971038818, 0.7879393100738525, 0.8765475749969482, 0.14315760135650635, 0.8982420563697815, 0.7274006605148315, 0.39007169008255005, 0.729040801525116, 0.11306107044219971, 0.658822774887085, 0.666404664516449, 0.3001367449760437, 0.45343858003616333, 0.7460223436355591, 0.7423691749572754, 0.7544230818748474, 0.5674425959587097, 0.8728761672973633, 0.27062875032424927, 0.1595977544784546, 0.22975260019302368, 0.6711723208427429, 0.8265992403030396, 0.48679041862487793, 0.689740777015686, 0.330846905708313, 0.5630669593811035, 0.8058932423591614, 0.5802426338195801]]}

examples/onnx/scatter_nd/gen.py

@@ -0,0 +1,76 @@
+import torch
+import torch.nn as nn
+import sys
+import json
+
+sys.path.append("..")
+
+class Model(nn.Module):
+    """
+    Just one Linear layer
+    """
+    def __init__(self, configs):
+        super(Model, self).__init__()
+        self.seq_len = configs.seq_len
+        self.pred_len = configs.pred_len
+
+        # Use this line if you want to visualize the weights
+        # self.Linear.weight = nn.Parameter((1/self.seq_len)*torch.ones([self.pred_len,self.seq_len]))
+        self.channels = configs.enc_in
+        self.individual = configs.individual
+        if self.individual:
+            self.Linear = nn.ModuleList()
+            for i in range(self.channels):
+                self.Linear.append(nn.Linear(self.seq_len,self.pred_len))
+        else:
+            self.Linear = nn.Linear(self.seq_len, self.pred_len)
+
+    def forward(self, x):
+        # x: [Batch, Input length, Channel]
+        if self.individual:
+            output = torch.zeros([x.size(0),self.pred_len,x.size(2)],dtype=x.dtype).to(x.device)
+            for i in range(self.channels):
+                output[:,:,i] = self.Linear[i](x[:,:,i])
+            x = output
+        else:
+            x = self.Linear(x.permute(0,2,1)).permute(0,2,1)
+        return x # [Batch, Output length, Channel]
+
+class Configs:
+    def __init__(self, seq_len, pred_len, enc_in=321, individual=True):
+      self.seq_len = seq_len
+      self.pred_len = pred_len
+      self.enc_in = enc_in
+      self.individual = individual
+
+model = 'Linear'
+seq_len = 10
+pred_len = 4
+enc_in = 3
+
+configs = Configs(seq_len, pred_len, enc_in, True)
+circuit = Model(configs)
+
+x = torch.randn(1, seq_len, pred_len)
+
+
+torch.onnx.export(circuit, x, "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=15,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  # the model's input names
+                  input_names=['input'],
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},  # variable length axes
+                                'output': {0: 'batch_size'}})
+
+
+d1 = ((x).detach().numpy()).reshape([-1]).tolist()
+
+
+data = dict(
+    input_data=[d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))

examples/onnx/scatter_nd/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.1874287724494934, 1.0498261451721191, 0.22384068369865417, 1.048445224761963, -0.5670360326766968, -0.38653188943862915, 0.12878702580928802, -2.3675858974456787, 0.5800458192825317, -0.43653929233551025, -0.2511898875236511, 0.3324051797389984, 0.27960312366485596, 0.4763695001602173, 0.3796705901622772, 1.1334782838821411, -0.87981778383255, -1.2451434135437012, 0.7672272324562073, -0.24404007196426392, -0.6875824928283691, 0.3619358539581299, -0.10131897777318954, 0.7169521450996399, 1.6585893630981445, -0.5451845526695251, 0.429487019777298, 0.7426952123641968, -0.2543637454509735, 0.06546942889690399, 0.7939824461936951, 0.1579471379518509, -0.043604474514722824, -0.8621711730957031, -0.5344759821891785, -0.05880478024482727, -0.17351101338863373, 0.5095029473304749, -0.7864817976951599, -0.449171245098114]]}

examples/onnx/tril/gen.py

@@ -0,0 +1,42 @@
+from torch import nn
+import torch
+import json
+import numpy as np
+
+
+class MyModel(nn.Module):
+    def __init__(self):
+        super(MyModel, self).__init__()
+
+    def forward(self, x):          
+        m = torch.triu(x)
+        
+        return m 
+
+
+circuit = MyModel()
+
+x = torch.empty(1, 3, 3).uniform_(0, 5)
+
+out = circuit(x)
+
+print(out)
+
+torch.onnx.export(circuit, x, "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=17,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  input_names=['input'],   # the model's input names
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},  # variable length axes
+                                'output': {0: 'batch_size'}})
+
+
+d1 = ((x).detach().numpy()).reshape([-1]).tolist()
+
+data = dict(
+    input_data=[d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))

examples/onnx/tril/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.4870188236236572, 2.275230646133423, 3.126268148422241, 0.6412187218666077, 0.9967470169067383, 1.9814395904541016, 1.6355383396148682, 0.6397527456283569, 0.7825168967247009]]}

examples/onnx/triu/gen.py

@@ -0,0 +1,42 @@
+from torch import nn
+import torch
+import json
+import numpy as np
+
+
+class MyModel(nn.Module):
+    def __init__(self):
+        super(MyModel, self).__init__()
+
+    def forward(self, x):          
+        m = torch.tril(x)
+        
+        return m 
+
+
+circuit = MyModel()
+
+x = torch.empty(1, 3, 3).uniform_(0, 5)
+
+out = circuit(x)
+
+print(out)
+
+torch.onnx.export(circuit, x, "network.onnx",
+                  export_params=True,        # store the trained parameter weights inside the model file
+                  opset_version=17,          # the ONNX version to export the model to
+                  do_constant_folding=True,  # whether to execute constant folding for optimization
+                  input_names=['input'],   # the model's input names
+                  output_names=['output'],  # the model's output names
+                  dynamic_axes={'input': {0: 'batch_size'},  # variable length axes
+                                'output': {0: 'batch_size'}})
+
+
+d1 = ((x).detach().numpy()).reshape([-1]).tolist()
+
+data = dict(
+    input_data=[d1],
+)
+
+# Serialize data into file:
+json.dump(data, open("input.json", 'w'))

examples/onnx/triu/input.json

@@ -0,0 +1 @@
+{"input_data": [[0.2898547053337097, 1.8070811033248901, 0.30266255140304565, 3.00581955909729, 0.5379888415336609, 1.7057424783706665, 2.415961265563965, 0.589233934879303, 0.03824889659881592]]}

in-browser-evm-verifier/README.md

@@ -0,0 +1,60 @@
+# inbrowser-evm-verify
+
+We would like the Solidity verifier to be canonical and usually all you ever need. For this, we need to be able to run that verifier in browser.
+
+## How to use (Node js)
+
+```ts 
+import localEVMVerify from '@ezkljs/verify';
+
+// Load in the proof file as a buffer
+const proofFileBuffer = fs.readFileSync(`${path}/${example}/proof.pf`)
+
+// Stringified EZKL evm verifier bytecode (this is just an example don't use in production)
+const bytecode = '0x608060405234801561001057600080fd5b5060d38061001f6000396000f3fe608060405234801561001057600080fd5b50600436106100415760003560e01c8063cfae321714610046575b600080fd5b6100496100f1565b60405161005691906100f1565b60405180910390f35b'
+
+const result = await localEVMVerify(proofFileBuffer, bytecode)
+
+console.log('result', result)
+```
+
+**Note**: Run `ezkl create-evm-verifier` to get the Solidity verifier, with which you can retrieve the bytecode once compiled. We recommend compiling to the Shanghai hardfork target, else you will have to pass an additional parameter specifying the EVM version to the `localEVMVerify` function like so (for Paris hardfork):
+
+```ts
+import localEVMVerify, { hardfork } from '@ezkljs/verify';
+
+const result = await localEVMVerify(proofFileBuffer, bytecode, hardfork['Paris'])
+```
+
+**Note**: You can also verify separated vk verifiers using the `localEVMVerify` function. Just pass the vk verifier bytecode as the third parameter like so:
+```ts
+import localEVMVerify from '@ezkljs/verify';
+
+const result = await localEVMVerify(proofFileBuffer, verifierBytecode, VKBytecode)
+```
+
+
+## How to use (Browser)
+
+```ts
+import localEVMVerify from '@ezkljs/verify';
+
+// Load in the proof file as a buffer using the web apis (fetch, FileReader, etc)
+// We use fetch in this example to load the proof file as a buffer
+const proofFileBuffer = await fetch(`${path}/${example}/proof.pf`).then(res => res.arrayBuffer())
+
+// Stringified EZKL evm verifier bytecode (this is just an example don't use in production)
+const bytecode = '0x608060405234801561001057600080fd5b5060d38061001f6000396000f3fe608060405234801561001057600080fd5b50600436106100415760003560e01c8063cfae321714610046575b600080fd5b6100496100f1565b60405161005691906100f1565b60405180910390f35b'
+
+const result = await browserEVMVerify(proofFileBuffer, bytecode)
+
+console.log('result', result)
+```
+
+Output:
+
+```ts  
+result: true
+```
+
+

in-browser-evm-verifier/package.json

@@ -0,0 +1,42 @@
+{
+  "name": "@ezkljs/verify",
+  "version": "0.0.0",
+  "publishConfig": {
+    "access": "public"
+  },
+  "description": "Evm verify EZKL proofs in the browser.",
+  "main": "dist/commonjs/index.js",
+  "module": "dist/esm/index.js",
+  "types": "dist/commonjs/index.d.ts",
+  "files": [
+    "dist",
+    "LICENSE",
+    "README.md"
+  ],
+  "scripts": {
+    "clean": "rm -r dist || true",
+    "build:commonjs": "tsc --project tsconfig.commonjs.json && resolve-tspaths -p tsconfig.commonjs.json",
+    "build:esm": "tsc --project tsconfig.esm.json && resolve-tspaths -p tsconfig.esm.json",
+    "build": "pnpm run clean && pnpm run build:commonjs && pnpm run build:esm"
+  },
+  "dependencies": {
+    "@ethereumjs/common": "^4.0.0",
+    "@ethereumjs/evm": "^2.0.0",
+    "@ethereumjs/statemanager": "^2.0.0",
+    "@ethereumjs/tx": "^5.0.0",
+    "@ethereumjs/util": "^9.0.0",
+    "@ethereumjs/vm": "^7.0.0",
+    "@ethersproject/abi": "^5.7.0",
+    "@ezkljs/engine": "^9.4.4",
+    "ethers": "^6.7.1",
+    "json-bigint": "^1.0.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20.8.3",
+    "ts-loader": "^9.5.0",
+    "ts-node": "^10.9.1",
+    "resolve-tspaths": "^0.8.16",
+    "tsconfig-paths": "^4.2.0",
+    "typescript": "^5.2.2"
+  }
+}

in-browser-evm-verifier/src/index.ts

@@ -0,0 +1,145 @@
+import { defaultAbiCoder as AbiCoder } from '@ethersproject/abi'
+import { Address, hexToBytes } from '@ethereumjs/util'
+import { Chain, Common, Hardfork } from '@ethereumjs/common'
+import { LegacyTransaction, LegacyTxData } from '@ethereumjs/tx'
+// import { DefaultStateManager } from '@ethereumjs/statemanager'
+// import { Blockchain } from '@ethereumjs/blockchain'
+import { VM } from '@ethereumjs/vm'
+import { EVM } from '@ethereumjs/evm'
+import { buildTransaction, encodeDeployment } from './utils/tx-builder'
+import { getAccountNonce, insertAccount } from './utils/account-utils'
+import { encodeVerifierCalldata } from '../nodejs/ezkl';
+import { error } from 'console'
+
+async function deployContract(
+  vm: VM,
+  common: Common,
+  senderPrivateKey: Uint8Array,
+  deploymentBytecode: string
+): Promise<Address> {
+  // Contracts are deployed by sending their deployment bytecode to the address 0
+  // The contract params should be abi-encoded and appended to the deployment bytecode.
+  // const data =
+  const data = encodeDeployment(deploymentBytecode)
+  const txData = {
+    data,
+    nonce: await getAccountNonce(vm, senderPrivateKey),
+  }
+
+  const tx = LegacyTransaction.fromTxData(
+    buildTransaction(txData) as LegacyTxData,
+    { common, allowUnlimitedInitCodeSize: true },
+  ).sign(senderPrivateKey)
+
+  const deploymentResult = await vm.runTx({
+    tx,
+    skipBlockGasLimitValidation: true,
+    skipNonce: true
+  })
+
+  if (deploymentResult.execResult.exceptionError) {
+    throw deploymentResult.execResult.exceptionError
+  }
+
+  return deploymentResult.createdAddress!
+}
+
+async function verify(
+  vm: VM,
+  contractAddress: Address,
+  caller: Address,
+  proof: Uint8Array | Uint8ClampedArray,
+  vkAddress?: Address | Uint8Array,
+): Promise<boolean> {
+  if (proof instanceof Uint8Array) {
+    proof = new Uint8ClampedArray(proof.buffer)
+  }
+  if (vkAddress) {
+    const vkAddressBytes = hexToBytes(vkAddress.toString())
+    const vkAddressArray = Array.from(vkAddressBytes)
+
+    let string = JSON.stringify(vkAddressArray)
+
+    const uint8Array = new TextEncoder().encode(string);
+
+    // Step 3: Convert to Uint8ClampedArray
+    vkAddress = new Uint8Array(uint8Array.buffer);
+
+    // convert uitn8array of length
+    error('vkAddress', vkAddress)
+  }
+  const data = encodeVerifierCalldata(proof, vkAddress)
+
+  const verifyResult = await vm.evm.runCall({
+    to: contractAddress,
+    caller: caller,
+    origin: caller, // The tx.origin is also the caller here
+    data: data,
+  })
+
+  if (verifyResult.execResult.exceptionError) {
+    throw verifyResult.execResult.exceptionError
+  }
+
+  const results = AbiCoder.decode(['bool'], verifyResult.execResult.returnValue)
+
+  return results[0]
+}
+
+/**
+ * Spins up an ephemeral EVM instance for executing the bytecode of a solidity verifier
+ * @param proof Json serialized proof file
+ * @param bytecode The bytecode of a compiled solidity verifier.
+ * @param bytecode_vk The bytecode of a contract that stores the vk. (Optional, only required if the vk is stored in a separate contract)
+ * @param evmVersion The evm version to use for the verification. (Default: London)
+ * @returns The result of the evm verification.
+ * @throws If the verify transaction reverts
+ */
+export default async function localEVMVerify(
+  proof: Uint8Array | Uint8ClampedArray,
+  bytecode_verifier: string,
+  bytecode_vk?: string,
+  evmVersion?: Hardfork,
+): Promise<boolean> {
+  try {
+    const hardfork = evmVersion ? evmVersion : Hardfork['Shanghai']
+    const common = new Common({ chain: Chain.Mainnet, hardfork })
+    const accountPk = hexToBytes(
+      '0xe331b6d69882b4cb4ea581d88e0b604039a3de5967688d3dcffdd2270c0fd109', // anvil deterministic Pk 
+    )
+
+    const evm = new EVM({
+      allowUnlimitedContractSize: true,
+      allowUnlimitedInitCodeSize: true,
+    })
+
+    const vm = await VM.create({ common, evm })
+    const accountAddress = Address.fromPrivateKey(accountPk)
+
+    await insertAccount(vm, accountAddress)
+
+    const verifierAddress = await deployContract(
+      vm,
+      common,
+      accountPk,
+      bytecode_verifier
+    )
+
+    if (bytecode_vk) {
+      const accountPk = hexToBytes("0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80"); // anvil deterministic Pk
+      const accountAddress = Address.fromPrivateKey(accountPk)
+      await insertAccount(vm, accountAddress)
+      const output = await deployContract(vm, common, accountPk, bytecode_vk)
+      const result = await verify(vm, verifierAddress, accountAddress, proof, output)
+      return true
+    }
+
+    const result = await verify(vm, verifierAddress, accountAddress, proof)
+
+    return result
+  } catch (error) {
+    // log or re-throw the error, depending on your needs
+    console.error('An error occurred:', error)
+    throw error
+  }
+}

in-browser-evm-verifier/src/utils/account-utils.ts

@@ -0,0 +1,32 @@
+import { VM } from '@ethereumjs/vm'
+import { Account, Address } from '@ethereumjs/util'
+
+export const keyPair = {
+  secretKey:
+    '0x3cd7232cd6f3fc66a57a6bedc1a8ed6c228fff0a327e169c2bcc5e869ed49511',
+  publicKey:
+    '0x0406cc661590d48ee972944b35ad13ff03c7876eae3fd191e8a2f77311b0a3c6613407b5005e63d7d8d76b89d5f900cde691497688bb281e07a5052ff61edebdc0',
+}
+
+export const insertAccount = async (vm: VM, address: Address) => {
+  const acctData = {
+    nonce: 0,
+    balance: BigInt('1000000000000000000'), // 1 eth
+  }
+  const account = Account.fromAccountData(acctData)
+
+  await vm.stateManager.putAccount(address, account)
+}
+
+export const getAccountNonce = async (
+  vm: VM,
+  accountPrivateKey: Uint8Array,
+) => {
+  const address = Address.fromPrivateKey(accountPrivateKey)
+  const account = await vm.stateManager.getAccount(address)
+  if (account) {
+    return account.nonce
+  } else {
+    return BigInt(0)
+  }
+}

in-browser-evm-verifier/src/utils/tx-builder.ts

@@ -0,0 +1,59 @@
+import { Interface, defaultAbiCoder as AbiCoder } from '@ethersproject/abi'
+import {
+  AccessListEIP2930TxData,
+  FeeMarketEIP1559TxData,
+  TxData,
+} from '@ethereumjs/tx'
+
+type TransactionsData =
+  | TxData
+  | AccessListEIP2930TxData
+  | FeeMarketEIP1559TxData
+
+export const encodeFunction = (
+  method: string,
+  params?: {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    types: any[]
+    values: unknown[]
+  },
+): string => {
+  const parameters = params?.types ?? []
+  const methodWithParameters = `function ${method}(${parameters.join(',')})`
+  const signatureHash = new Interface([methodWithParameters]).getSighash(method)
+  const encodedArgs = AbiCoder.encode(parameters, params?.values ?? [])
+
+  return signatureHash + encodedArgs.slice(2)
+}
+
+export const encodeDeployment = (
+  bytecode: string,
+  params?: {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    types: any[]
+    values: unknown[]
+  },
+) => {
+  const deploymentData = '0x' + bytecode
+  if (params) {
+    const argumentsEncoded = AbiCoder.encode(params.types, params.values)
+    return deploymentData + argumentsEncoded.slice(2)
+  }
+  return deploymentData
+}
+
+export const buildTransaction = (
+  data: Partial<TransactionsData>,
+): TransactionsData => {
+  const defaultData: Partial<TransactionsData> = {
+    gasLimit: 3_000_000_000_000_000,
+    gasPrice: 7,
+    value: 0,
+    data: '0x',
+  }
+
+  return {
+    ...defaultData,
+    ...data,
+  }
+}

in-browser-evm-verifier/tsconfig.commonjs.json

@@ -0,0 +1,7 @@
+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "module": "CommonJS",
+    "outDir": "./dist/commonjs"
+  }
+}

in-browser-evm-verifier/tsconfig.esm.json

@@ -0,0 +1,7 @@
+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "module": "ES2020",
+    "outDir": "./dist/esm"
+  }
+}

in-browser-evm-verifier/tsconfig.json

@@ -0,0 +1,62 @@
+{
+  "compilerOptions": {
+    "rootDir": "src",
+    "target": "es2017",
+    "outDir": "dist",
+    "declaration": true,
+    "lib": [
+      "dom",
+      "dom.iterable",
+      "esnext"
+    ],
+    "allowJs": true,
+    "checkJs": true,
+    "skipLibCheck": true,
+    "strict": true,
+    "forceConsistentCasingInFileNames": true,
+    "noEmit": false,
+    "esModuleInterop": true,
+    "module": "CommonJS",
+    "moduleResolution": "node",
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "jsx": "preserve",
+    // "incremental": true,
+    "noUncheckedIndexedAccess": true,
+    "baseUrl": ".",
+    "paths": {
+      "@/*": [
+        "./src/*"
+      ]
+    }
+  },
+  "include": [
+    "src/**/*.ts",
+    "src/**/*.tsx",
+    "src/**/*.cjs",
+    "src/**/*.mjs"
+  ],
+  "exclude": [
+    "node_modules"
+  ],
+  // NEW: Options for file/directory watching
+  "watchOptions": {
+    // Use native file system events for files and directories
+    "watchFile": "useFsEvents",
+    "watchDirectory": "useFsEvents",
+    // Poll files for updates more frequently
+    // when they're updated a lot.
+    "fallbackPolling": "dynamicPriority",
+    // Don't coalesce watch notification
+    "synchronousWatchDirectory": true,
+    // Finally, two additional settings for reducing the amount of possible
+    // files to track  work from these directories
+    "excludeDirectories": [
+      "**/node_modules",
+      "_build"
+    ],
+    "excludeFiles": [
+      "build/fileWhichChangesOften.ts"
+    ]
+  }
+}

package.json

@@ -7,7 +7,7 @@
     "test": "jest"
   },
   "devDependencies": {
-    "@ezkljs/engine": "^2.4.5",
+    "@ezkljs/engine": "^9.4.4",
     "@ezkljs/verify": "^0.0.6",
     "@jest/types": "^29.6.3",
     "@types/file-saver": "^2.0.5",
@@ -27,4 +27,4 @@
     "tsconfig-paths": "^4.2.0",
     "typescript": "5.1.6"
   }
-}
+}

pnpm-lock.yaml

@@ -6,8 +6,8 @@ settings:
 
 devDependencies:
   '@ezkljs/engine':
-    specifier: ^2.4.5
-    version: 2.4.5
+    specifier: ^9.4.4
+    version: 9.4.4
   '@ezkljs/verify':
     specifier: ^0.0.6
     version: 0.0.6(buffer@6.0.3)
@@ -785,6 +785,13 @@ packages:
       json-bigint: 1.0.0
     dev: true
 
+  /@ezkljs/engine@9.4.4:
+    resolution: {integrity: sha512-kNsTmDQa8mIiQ6yjJmBMwVgAAxh4nfs4NCtnewJifonyA8Mfhs+teXwwW8WhERRDoQPUofKO2pT8BPvV/XGIDA==}
+    dependencies:
+      '@types/json-bigint': 1.0.1
+      json-bigint: 1.0.0
+    dev: true
+
   /@ezkljs/verify@0.0.6(buffer@6.0.3):
     resolution: {integrity: sha512-9DHoEhLKl1DBGuUVseXLThuMyYceY08Zymr/OsLH0zbdA9OoISYhb77j4QPm4ANRKEm5dCi8oHDqkwGbFc2xFQ==}
     dependencies:

src/circuit/modules/mod.rs

@@ -2,7 +2,7 @@
 pub mod poseidon;
 
 ///
-pub mod kzg;
+pub mod polycommit;
 
 ///
 pub mod planner;

src/circuit/modules/polycommit.rs

@@ -6,10 +6,9 @@ Thanks to https://github.com/summa-dev/summa-solvency/blob/master/src/chips/pose
 
 // This chip adds a set of advice columns to the gadget Chip to store the inputs of the hash
 use halo2_proofs::halo2curves::bn256::Fr as Fp;
-use halo2_proofs::poly::commitment::{Blind, Params};
-use halo2_proofs::poly::kzg::commitment::ParamsKZG;
+use halo2_proofs::poly::commitment::{Blind, CommitmentScheme, Params};
 use halo2_proofs::{circuit::*, plonk::*};
-use halo2curves::bn256::{Bn256, G1Affine};
+use halo2curves::bn256::G1Affine;
 use halo2curves::group::prime::PrimeCurveAffine;
 use halo2curves::group::Curve;
 use halo2curves::CurveAffine;
@@ -18,35 +17,33 @@ use crate::tensor::{Tensor, ValTensor, ValType, VarTensor};
 
 use super::Module;
 
-/// The number of instance columns used by the KZG hash function
+/// The number of instance columns used by the PolyCommit hash function
 pub const NUM_INSTANCE_COLUMNS: usize = 0;
-/// The number of advice columns used by the KZG hash function
+/// The number of advice columns used by the PolyCommit hash function
 pub const NUM_INNER_COLS: usize = 1;
 
 #[derive(Debug, Clone)]
-/// WIDTH, RATE and L are const generics for the struct, which represent the width, rate, and number of inputs for the Poseidon hash function, respectively.
-/// This means they are values that are known at compile time and can be used to specialize the implementation of the struct.
-/// The actual chip provided by halo2_gadgets is added to the parent Chip.
-pub struct KZGConfig {
+/// Configuration for the PolyCommit chip
+pub struct PolyCommitConfig {
     ///
-    pub hash_inputs: VarTensor,
+    pub inputs: VarTensor,
 }
 
 type InputAssignments = ();
 
-/// PoseidonChip is a wrapper around the Pow5Chip that adds a set of advice columns to the gadget Chip to store the inputs of the hash
+///
 #[derive(Debug)]
-pub struct KZGChip {
-    config: KZGConfig,
+pub struct PolyCommitChip {
+    config: PolyCommitConfig,
 }
 
-impl KZGChip {
+impl PolyCommitChip {
     /// Commit to the message using the KZG commitment scheme
-    pub fn commit(
-        message: Vec<Fp>,
+    pub fn commit<Scheme: CommitmentScheme<Scalar = Fp, Curve = G1Affine>>(
+        message: Vec<Scheme::Scalar>,
         degree: u32,
         num_unusable_rows: u32,
-        params: &ParamsKZG<Bn256>,
+        params: &Scheme::ParamsProver,
     ) -> Vec<G1Affine> {
         let k = params.k();
         let domain = halo2_proofs::poly::EvaluationDomain::new(degree, k);
@@ -81,14 +78,14 @@ impl KZGChip {
     }
 }
 
-impl Module<Fp> for KZGChip {
-    type Config = KZGConfig;
+impl Module<Fp> for PolyCommitChip {
+    type Config = PolyCommitConfig;
     type InputAssignments = InputAssignments;
     type RunInputs = Vec<Fp>;
     type Params = (usize, usize);
 
     fn name(&self) -> &'static str {
-        "KZG"
+        "PolyCommit"
     }
 
     fn instance_increment_input(&self) -> Vec<usize> {
@@ -102,8 +99,8 @@ impl Module<Fp> for KZGChip {
 
     /// Configuration of the PoseidonChip
     fn configure(meta: &mut ConstraintSystem<Fp>, params: Self::Params) -> Self::Config {
-        let hash_inputs = VarTensor::new_unblinded_advice(meta, params.0, NUM_INNER_COLS, params.1);
-        Self::Config { hash_inputs }
+        let inputs = VarTensor::new_unblinded_advice(meta, params.0, NUM_INNER_COLS, params.1);
+        Self::Config { inputs }
     }
 
     fn layout_inputs(
@@ -125,8 +122,8 @@ impl Module<Fp> for KZGChip {
     ) -> Result<ValTensor<Fp>, Error> {
         assert_eq!(input.len(), 1);
         layouter.assign_region(
-            || "kzg commit",
-            |mut region| self.config.hash_inputs.assign(&mut region, 0, &input[0]),
+            || "PolyCommit",
+            |mut region| self.config.inputs.assign(&mut region, 0, &input[0]),
         )
     }
 
@@ -163,7 +160,7 @@ mod tests {
     }
 
     impl Circuit<Fp> for HashCircuit {
-        type Config = KZGConfig;
+        type Config = PolyCommitConfig;
         type FloorPlanner = ModulePlanner;
         type Params = ();
 
@@ -178,7 +175,7 @@ mod tests {
 
         fn configure(meta: &mut ConstraintSystem<Fp>) -> Self::Config {
             let params = (K, R);
-            KZGChip::configure(meta, params)
+            PolyCommitChip::configure(meta, params)
         }
 
         fn synthesize(
@@ -186,8 +183,8 @@ mod tests {
             config: Self::Config,
             mut layouter: impl Layouter<Fp>,
         ) -> Result<(), Error> {
-            let kzg_chip = KZGChip::new(config);
-            kzg_chip.layout(&mut layouter, &[self.message.clone()], 0);
+            let polycommit_chip = PolyCommitChip::new(config);
+            polycommit_chip.layout(&mut layouter, &[self.message.clone()], 0);
 
             Ok(())
         }
@@ -195,7 +192,7 @@ mod tests {
 
     #[test]
     #[ignore]
-    fn kzg_for_a_range_of_input_sizes() {
+    fn polycommit_chip_for_a_range_of_input_sizes() {
         let rng = rand::rngs::OsRng;
 
         #[cfg(not(target_arch = "wasm32"))]
@@ -225,7 +222,7 @@ mod tests {
 
     #[test]
     #[ignore]
-    fn kzg_commit_much_longer_input() {
+    fn polycommit_chip_much_longer_input() {
         #[cfg(not(target_arch = "wasm32"))]
         env_logger::init();
 

src/circuit/ops/layouts.rs

@@ -646,14 +646,13 @@ fn select<F: PrimeField + TensorType + PartialOrd>(
     config: &BaseConfig<F>,
     region: &mut RegionCtx<F>,
     values: &[ValTensor<F>; 2],
-    dim_indices: ValTensor<F>,
 ) -> Result<ValTensor<F>, Box<dyn Error>> {
     let (mut input, index) = (values[0].clone(), values[1].clone());
     input.flatten();
 
-    if !(dim_indices.all_prev_assigned() || region.is_dummy()) {
-        return Err("dim_indices must be assigned".into());
-    }
+    // these will be assigned as constants
+    let dim_indices: ValTensor<F> =
+        Tensor::from((0..input.len() as u64).map(|x| ValType::Constant(F::from(x)))).into();
 
     let is_assigned = !input.any_unknowns()? && !index.any_unknowns()?;
 
@@ -929,91 +928,25 @@ pub(crate) fn gather<F: PrimeField + TensorType + PartialOrd>(
     values: &[ValTensor<F>; 2],
     dim: usize,
 ) -> Result<ValTensor<F>, Box<dyn Error>> {
-    let (mut input, mut index_clone) = (values[0].clone(), values[1].clone());
+    let (input, mut index_clone) = (values[0].clone(), values[1].clone());
     index_clone.flatten();
     if index_clone.is_singleton() {
         index_clone.reshape(&[1])?;
     }
 
-    let mut assigned_len = vec![];
-    if !input.all_prev_assigned() {
-        input = region.assign(&config.custom_gates.inputs[0], &input)?;
-        assigned_len.push(input.len());
-    }
-    if !index_clone.all_prev_assigned() {
-        index_clone = region.assign(&config.custom_gates.inputs[1], &index_clone)?;
-        assigned_len.push(index_clone.len());
-    }
-
-    if !assigned_len.is_empty() {
-        // safe to unwrap since we've just checked it has at least one element
-        region.increment(*assigned_len.iter().max().unwrap());
-    }
-
     // Calculate the output tensor size
     let input_dims = input.dims();
     let mut output_size = input_dims.to_vec();
-
     output_size[dim] = index_clone.dims()[0];
 
-    // these will be assigned as constants
-    let mut indices = Tensor::from((0..input.dims()[dim] as u64).map(|x| F::from(x)));
-    indices.set_visibility(&crate::graph::Visibility::Fixed);
-    let indices = region.assign(&config.custom_gates.inputs[1], &indices.try_into()?)?;
-    region.increment(indices.len());
+    let linear_index =
+        linearize_element_index(config, region, &[index_clone], input_dims, dim, true)?;
 
-    let mut iteration_dims = output_size.clone();
-    iteration_dims[dim] = 1;
+    let mut output = select(config, region, &[input, linear_index])?;
 
-    // Allocate memory for the output tensor
-    let cartesian_coord = iteration_dims
-        .iter()
-        .map(|x| 0..*x)
-        .multi_cartesian_product()
-        .collect::<Vec<_>>();
-
-    let mut results = HashMap::new();
-
-    for coord in cartesian_coord {
-        let mut slice = coord.iter().map(|x| *x..*x + 1).collect::<Vec<_>>();
-        slice[dim] = 0..input_dims[dim];
-
-        let mut sliced_input = input.get_slice(&slice)?;
-        sliced_input.flatten();
-
-        let res = select(
-            config,
-            region,
-            &[sliced_input, index_clone.clone()],
-            indices.clone(),
-        )?;
-
-        results.insert(coord, res);
-    }
-
-    // Allocate memory for the output tensor
-    let cartesian_coord = output_size
-        .iter()
-        .map(|x| 0..*x)
-        .multi_cartesian_product()
-        .collect::<Vec<_>>();
-
-    let mut output = Tensor::new(None, &output_size)?.par_enum_map(|i, _: ValType<F>| {
-        let coord = cartesian_coord[i].clone();
-        let mut key = coord.clone();
-        key[dim] = 0;
-        let result = &results.get(&key).ok_or("missing result")?;
-        let o = result.get_inner_tensor().map_err(|_| "missing tensor")?[coord[dim]].clone();
-        Ok::<ValType<F>, region::RegionError>(o)
-    })?;
-
-    // Reshape the output tensor
-    if index_clone.is_singleton() {
-        output_size.remove(dim);
-    }
     output.reshape(&output_size)?;
 
-    Ok(output.into())
+    Ok(output)
 }
 
 /// Gather accumulated layout
@@ -1022,82 +955,387 @@ pub(crate) fn gather_elements<F: PrimeField + TensorType + PartialOrd>(
     region: &mut RegionCtx<F>,
     values: &[ValTensor<F>; 2],
     dim: usize,
-) -> Result<ValTensor<F>, Box<dyn Error>> {
-    let (mut input, mut index) = (values[0].clone(), values[1].clone());
+) -> Result<(ValTensor<F>, ValTensor<F>), Box<dyn Error>> {
+    let (input, index) = (values[0].clone(), values[1].clone());
 
     assert_eq!(input.dims().len(), index.dims().len());
 
-    if !input.all_prev_assigned() {
-        input = region.assign(&config.custom_gates.inputs[0], &input)?;
-    }
-    if !index.all_prev_assigned() {
-        index = region.assign(&config.custom_gates.inputs[1], &index)?;
-    }
-
-    region.increment(std::cmp::max(input.len(), index.len()));
-
     // Calculate the output tensor size
-    let input_dims = input.dims();
     let output_size = index.dims().to_vec();
 
-    // these will be assigned as constants
-    let mut indices = Tensor::from((0..input_dims[dim] as u64).map(|x| F::from(x)));
-    indices.set_visibility(&crate::graph::Visibility::Fixed);
-    let indices = region.assign(&config.custom_gates.inputs[1], &indices.try_into()?)?;
-    region.increment(indices.len());
+    let linear_index = linearize_element_index(config, region, &[index], input.dims(), dim, false)?;
 
-    let mut iteration_dims = output_size.clone();
-    iteration_dims[dim] = 1;
+    let mut output = select(config, region, &[input, linear_index.clone()])?;
+
+    output.reshape(&output_size)?;
+
+    Ok((output, linear_index))
+}
+
+/// Gather accumulated layout
+pub(crate) fn gather_nd<F: PrimeField + TensorType + PartialOrd>(
+    config: &BaseConfig<F>,
+    region: &mut RegionCtx<F>,
+    values: &[ValTensor<F>; 2],
+    batch_dims: usize,
+) -> Result<(ValTensor<F>, ValTensor<F>), Box<dyn Error>> {
+    let (input, index) = (values[0].clone(), values[1].clone());
+
+    let index_dims = index.dims().to_vec();
+    let input_dims = input.dims().to_vec();
+    let last_value = index_dims
+        .last()
+        .ok_or(TensorError::DimMismatch("gather_nd".to_string()))?;
+    if index_dims.last() > Some(&(input_dims.len() - batch_dims)) {
+        return Err(TensorError::DimMismatch("gather_nd".to_string()).into());
+    }
+
+    let output_size =
+    // If indices_shape[-1] == r-b, since the rank of indices is q,
+    // indices can be thought of as N (q-b-1)-dimensional tensors containing 1-D tensors of dimension r-b,
+    // where N is an integer equals to the product of 1 and all the elements in the batch dimensions of the indices_shape.
+    // Let us think of each such r-b ranked tensor as indices_slice.
+    // Each scalar value corresponding to data[0:b-1,indices_slice] is filled into
+    // the corresponding location of the (q-b-1)-dimensional tensor to form the output tensor
+     // if indices_shape[-1] < r-b, since the rank of indices is q, indices can be thought of as N (q-b-1)-dimensional tensor containing 1-D tensors of dimension < r-b.
+    // Let us think of each such tensors as indices_slice.
+    // Each tensor slice corresponding to data[0:b-1, indices_slice , :] is filled into the corresponding location of the (q-b-1)-dimensional tensor to form the output tensor
+    {
+        let output_rank = input_dims.len() + index_dims.len() - 1 - batch_dims - last_value;
+
+        let mut dims = index_dims[..index_dims.len() - 1].to_vec();
+        let input_offset = batch_dims + last_value;
+        dims.extend(input_dims[input_offset..input_dims.len()].to_vec());
+
+        assert_eq!(output_rank, dims.len());
+        dims
+
+    };
+
+    let linear_index = linearize_nd_index(config, region, &[index], input.dims(), batch_dims)?;
+
+    let mut output = select(config, region, &[input, linear_index.clone()])?;
+
+    output.reshape(&output_size)?;
+
+    Ok((output, linear_index))
+}
+
+/// Takes a tensor representing a multi-dimensional index and returns a tensor representing the linearized index.
+/// The linearized index is the index of the element in the flattened tensor.
+/// FOr instance if the dims is [3,5,2], the linearized index of [2] at dim 1 is 2*5 + 3 = 13
+pub(crate) fn linearize_element_index<F: PrimeField + TensorType + PartialOrd>(
+    config: &BaseConfig<F>,
+    region: &mut RegionCtx<F>,
+    values: &[ValTensor<F>; 1],
+    dims: &[usize],
+    dim: usize,
+    is_flat_index: bool,
+) -> Result<ValTensor<F>, Box<dyn Error>> {
+    let index = values[0].clone();
+    if !is_flat_index {
+        assert_eq!(index.dims().len(), dims.len());
+        // if the index is already flat, return it
+        if index.dims().len() == 1 {
+            return Ok(index);
+        }
+    }
+
+    let dim_multiplier: Tensor<usize> = Tensor::new(None, &[dims.len()])?;
+
+    let dim_multiplier: Tensor<F> = dim_multiplier.par_enum_map(|i, _| {
+        let mut res = 1;
+        for dim in dims.iter().skip(i + 1) {
+            res *= dim;
+        }
+
+        Ok::<_, region::RegionError>(F::from(res as u64))
+    })?;
+
+    let iteration_dims = if is_flat_index {
+        let mut dims = dims.to_vec();
+        dims[dim] = index.len();
+        dims
+    } else {
+        index.dims().to_vec()
+    };
 
-    // Allocate memory for the output tensor
     let cartesian_coord = iteration_dims
         .iter()
         .map(|x| 0..*x)
         .multi_cartesian_product()
         .collect::<Vec<_>>();
 
-    let mut results = HashMap::new();
+    let val_dim_multiplier: ValTensor<F> = dim_multiplier
+        .get_slice(&[dim..dim + 1])?
+        .map(|x| ValType::Constant(x))
+        .into();
 
-    for coord in cartesian_coord {
-        let mut slice = coord.iter().map(|x| *x..*x + 1).collect::<Vec<_>>();
-        slice[dim] = 0..input_dims[dim];
+    let mut output = Tensor::new(None, &[cartesian_coord.len()])?;
 
-        let mut sliced_input = input.get_slice(&slice)?;
-        sliced_input.flatten();
+    let inner_loop_function = |i: usize, region: &mut RegionCtx<'_, F>| {
+        let coord = cartesian_coord[i].clone();
+        let slice: Vec<Range<usize>> = if is_flat_index {
+            coord[dim..dim + 1].iter().map(|x| *x..*x + 1).collect()
+        } else {
+            coord.iter().map(|x| *x..*x + 1).collect::<Vec<_>>()
+        };
 
-        slice[dim] = 0..output_size[dim];
-        let mut sliced_index = index.get_slice(&slice)?;
-        sliced_index.flatten();
+        let index_val = index.get_slice(&slice)?;
 
-        let res = select(
+        let mut const_offset = F::ZERO;
+        for i in 0..dims.len() {
+            if i != dim {
+                const_offset += F::from(coord[i] as u64) * dim_multiplier[i];
+            }
+        }
+        let const_offset = create_constant_tensor(const_offset, 1);
+
+        let res = pairwise(
             config,
             region,
-            &[sliced_input, sliced_index],
-            indices.clone(),
+            &[index_val, val_dim_multiplier.clone()],
+            BaseOp::Mult,
         )?;
 
-        results.insert(coord, res);
-    }
+        let res = pairwise(config, region, &[res, const_offset], BaseOp::Add)?;
 
-    // Allocate memory for the output tensor
-    let cartesian_coord = output_size
+        Ok(res.get_inner_tensor()?[0].clone())
+    };
+
+    region.apply_in_loop(&mut output, inner_loop_function)?;
+
+    Ok(output.into())
+}
+
+/// Takes a tensor representing a nd index and returns a tensor representing the linearized index.
+/// The linearized index is the index of the element in the flattened tensor.
+/// Given data tensor of rank r >= 1, indices tensor of rank q >= 1, and batch_dims integer b, this operator gathers slices of data into an output tensor of rank q + r - indices_shape[-1] - 1 - b.
+/// indices is an q-dimensional integer tensor, best thought of as a (q-1)-dimensional tensor of index-tuples into data, where each element defines a slice of data
+/// batch_dims (denoted as b) is an integer indicating the number of batch dimensions, i.e the leading b number of dimensions of data tensor and indices are representing the batches, and the gather starts from the b+1 dimension.
+/// Some salient points about the inputs’ rank and shape:
+///     r >= 1 and q >= 1 are to be honored. There is no dependency condition to be met between ranks r and q
+///     The first b dimensions of the shape of indices tensor and data tensor must be equal.
+///     b < min(q, r) is to be honored.
+///     The indices_shape[-1] should have a value between 1 (inclusive) and rank r-b (inclusive)
+///     All values in indices are expected to be within bounds [-s, s-1] along axis of size s (i.e.) -data_shape[i] <= indices[...,i] <= data_shape[i] - 1. It is an error if any of the index values are out of bounds.
+// The output is computed as follows:
+/// The output tensor is obtained by mapping each index-tuple in the indices tensor to the corresponding slice of the input data.
+///     If indices_shape[-1] > r-b => error condition
+///     If indices_shape[-1] == r-b, since the rank of indices is q, indices can be thought of as N (q-b-1)-dimensional tensors containing 1-D tensors of dimension r-b, where N is an integer equals to the product of 1 and all the elements in the batch dimensions of the indices_shape.
+///     Let us think of each such r-b ranked tensor as indices_slice. Each scalar value corresponding to data[0:b-1,indices_slice] is filled into the corresponding location of the (q-b-1)-dimensional tensor to form the output tensor (Example 1 below)
+///     If indices_shape[-1] < r-b, since the rank of indices is q, indices can be thought of as N (q-b-1)-dimensional tensor containing 1-D tensors of dimension < r-b. Let us think of each such tensors as indices_slice. Each tensor slice corresponding to data[0:b-1, indices_slice , :] is filled into the corresponding location of the (q-b-1)-dimensional tensor to form the output tensor (Examples 2, 3, 4 and 5 below)
+pub(crate) fn linearize_nd_index<F: PrimeField + TensorType + PartialOrd>(
+    config: &BaseConfig<F>,
+    region: &mut RegionCtx<F>,
+    values: &[ValTensor<F>; 1],
+    dims: &[usize],
+    batch_dims: usize,
+) -> Result<ValTensor<F>, Box<dyn Error>> {
+    let index = values[0].clone();
+    let index_dims = index.dims().to_vec();
+
+    let last_dim = index.dims().last().unwrap();
+    let input_rank = dims[batch_dims..].len();
+
+    let dim_multiplier: Tensor<usize> = Tensor::new(None, &[dims.len()])?;
+    let dim_multiplier: Tensor<F> = dim_multiplier.par_enum_map(|i, _| {
+        let mut res = 1;
+        for dim in dims.iter().skip(i + 1) {
+            res *= dim;
+        }
+        Ok::<_, region::RegionError>(F::from(res as u64))
+    })?;
+
+    let iteration_dims = index.dims()[0..batch_dims].to_vec();
+
+    let mut batch_cartesian_coord = iteration_dims
         .iter()
         .map(|x| 0..*x)
         .multi_cartesian_product()
         .collect::<Vec<_>>();
 
-    let output = Tensor::new(None, &output_size)?.par_enum_map(|i, _: ValType<F>| {
-        let coord = cartesian_coord[i].clone();
-        let mut key = coord.clone();
-        key[dim] = 0;
-        let result = &results.get(&key).ok_or("missing result")?;
-        let o = result.get_inner_tensor().map_err(|_| "missing tensor")?[coord[dim]].clone();
-        Ok::<ValType<F>, region::RegionError>(o)
-    })?;
+    if batch_cartesian_coord.is_empty() {
+        batch_cartesian_coord.push(vec![]);
+    }
+
+    let index_dim_multiplier: ValTensor<F> = dim_multiplier
+        .get_slice(&[batch_dims..dims.len()])?
+        .map(|x| ValType::Constant(x))
+        .into();
+
+    let mut outer_results = vec![];
+
+    for coord in batch_cartesian_coord {
+        let slice: Vec<Range<usize>> = coord.iter().map(|x| *x..*x + 1).collect::<Vec<_>>();
+
+        let mut index_slice = index.get_slice(&slice)?;
+        index_slice.reshape(&index_dims[batch_dims..])?;
+
+        // expand the index to the full dims by iterating over the rest of the dims and inserting constants
+        // eg in the case
+        // batch_dims = 0
+        // data    = [[[0,1],[2,3]],[[4,5],[6,7]]] # data_shape    = [2, 2, 2]
+        // indices = [[0,1],[1,0]]                 # indices_shape = [2, 2]
+        // output  = [[2,3],[4,5]]                 # output_shape  = [2, 2]
+        // the index should be expanded to the shape [2,2,3]: [[0,1,0],[0,1,1],[1,0,0],[1,0,1]]
+
+        let mut inner_cartesian_coord = index_slice.dims()[0..index_slice.dims().len() - 1]
+            .iter()
+            .map(|x| 0..*x)
+            .multi_cartesian_product()
+            .collect::<Vec<_>>();
+
+        if inner_cartesian_coord.is_empty() {
+            inner_cartesian_coord.push(vec![]);
+        }
+
+        let indices = if last_dim < &input_rank {
+            inner_cartesian_coord
+                .iter()
+                .map(|x| {
+                    let slice = x.iter().map(|x| *x..*x + 1).collect::<Vec<_>>();
+                    let index = index_slice.get_slice(&slice)?;
+
+                    // map over cartesian coord of rest of dims and insert constants
+                    let grid = (*last_dim..input_rank)
+                        .map(|x| 0..dims[x])
+                        .multi_cartesian_product();
+
+                    Ok(grid
+                        .map(|x| {
+                            let index = index.clone();
+                            let constant_valtensor: ValTensor<F> = Tensor::from(
+                                x.into_iter().map(|x| ValType::Constant(F::from(x as u64))),
+                            )
+                            .into();
+                            index.concat(constant_valtensor)
+                        })
+                        .collect::<Result<Vec<_>, TensorError>>()?)
+                })
+                .collect::<Result<Vec<_>, Box<dyn Error>>>()?
+                .into_iter()
+                .flatten()
+                .collect::<Vec<_>>()
+        } else {
+            inner_cartesian_coord
+                .iter()
+                .map(|x| {
+                    let slice = x.iter().map(|x| *x..*x + 1).collect::<Vec<_>>();
+                    index_slice.get_slice(&slice)
+                })
+                .collect::<Result<Vec<_>, Box<dyn Error>>>()?
+        };
+
+        let mut const_offset = F::ZERO;
+        for i in 0..batch_dims {
+            const_offset += F::from(coord[i] as u64) * dim_multiplier[i];
+        }
+
+
+        let const_offset = create_constant_tensor(const_offset, 1);
+
+        let mut results = vec![];
+
+        for index_val in indices {
+            let mut index_val = index_val.clone();
+            index_val.flatten();
+            let res = pairwise(
+                config,
+                region,
+                &[index_val.clone(), index_dim_multiplier.clone()],
+                BaseOp::Mult,
+            )?;
+            let res = res.concat(const_offset.clone())?;
+            let res = sum(config, region, &[res])?;
+            results.push(res.get_inner_tensor()?.clone());
+            // assert than res is less than the product of the dims
+            assert!(
+                res.get_int_evals()?
+                    .iter()
+                    .all(|x| *x < dims.iter().product::<usize>() as i128),
+                "res is greater than the product of the dims {} (coord={}, index_dim_multiplier={}, res={})",
+                dims.iter().product::<usize>(),
+                index_val.show(), 
+                index_dim_multiplier.show(),
+                res.show()
+            );
+        }
+
+        let result_tensor = Tensor::from(results.into_iter());
+
+        outer_results.push(result_tensor.combine()?);
+    }
+
+    let output = Tensor::from(outer_results.into_iter());
+    let output = output.combine()?;
 
     Ok(output.into())
 }
 
+pub(crate) fn get_missing_set_elements<F: PrimeField + TensorType + PartialOrd>(
+    config: &BaseConfig<F>,
+    region: &mut RegionCtx<F>,
+    values: &[ValTensor<F>; 2],
+    ordered: bool,
+) -> Result<ValTensor<F>, Box<dyn Error>> {
+    let (mut input, fullset) = (values[0].clone(), values[1].clone());
+    let set_len = fullset.len();
+    input.flatten();
+
+    let is_assigned = !input.any_unknowns()? && !fullset.any_unknowns()?;
+
+    let mut claimed_output: ValTensor<F> = if is_assigned {
+        let input_evals = input.get_int_evals()?;
+        let mut fullset_evals = fullset.get_int_evals()?.into_iter().collect::<Vec<_>>();
+
+        // get the difference between the two vectors
+        for eval in input_evals.iter() {
+            // delete first occurence of that value
+            if let Some(pos) = fullset_evals.iter().position(|x| x == eval) {
+                fullset_evals.remove(pos);
+            }
+        }
+
+        // if fullset + input is the same length, then input is a subset of fullset, else randomly delete elements, this is a patch for
+        // the fact that we can't have a tensor of unknowns when using constant during gen-settings
+        if fullset_evals.len() != set_len - input.len() {
+            fullset_evals.truncate(set_len - input.len());
+        }
+
+        fullset_evals
+            .iter()
+            .map(|x| Value::known(i128_to_felt(*x)))
+            .collect::<Tensor<Value<F>>>()
+            .into()
+    } else {
+        let dim = fullset.len() - input.len();
+        Tensor::new(Some(&vec![Value::<F>::unknown(); dim]), &[dim])?.into()
+    };
+
+    // assign the claimed output
+    claimed_output = region.assign(&config.custom_gates.output, &claimed_output)?;
+
+    // input and claimed output should be the shuffles of fullset
+    // concatentate input and claimed output
+    let input_and_claimed_output = input.concat(claimed_output.clone())?;
+
+    // assert that this is a permutation/shuffle
+    shuffles(
+        config,
+        region,
+        &[input_and_claimed_output.clone()],
+        &[fullset.clone()],
+    )?;
+
+    if ordered {
+        // assert that the claimed output is sorted
+        claimed_output = _sort_ascending(config, region, &[claimed_output])?;
+    }
+
+    Ok(claimed_output)
+}
+
 /// Gather accumulated layout
 pub(crate) fn scatter_elements<F: PrimeField + TensorType + PartialOrd>(
     config: &BaseConfig<F>,
@@ -1105,88 +1343,158 @@ pub(crate) fn scatter_elements<F: PrimeField + TensorType + PartialOrd>(
     values: &[ValTensor<F>; 3],
     dim: usize,
 ) -> Result<ValTensor<F>, Box<dyn Error>> {
-    let (mut input, mut index, mut src) = (values[0].clone(), values[1].clone(), values[2].clone());
+    let (input, mut index, src) = (values[0].clone(), values[1].clone(), values[2].clone());
 
     assert_eq!(input.dims().len(), index.dims().len());
 
-    let mut assigned_len = vec![];
-
-    if !input.all_prev_assigned() {
-        input = region.assign(&config.custom_gates.inputs[0], &input)?;
-        assigned_len.push(input.len());
-    }
     if !index.all_prev_assigned() {
         index = region.assign(&config.custom_gates.inputs[1], &index)?;
-        assigned_len.push(index.len());
-    }
-    if !src.all_prev_assigned() {
-        src = region.assign(&config.custom_gates.output, &src)?;
-        assigned_len.push(src.len());
+        region.increment(index.len());
     }
 
-    if !assigned_len.is_empty() {
-        // safe to unwrap since we've just checked it has at least one element
-        region.increment(*assigned_len.iter().max().unwrap());
-    }
+    let is_assigned = !input.any_unknowns()? && !index.any_unknowns()? && !src.any_unknowns()?;
 
-    // Calculate the output tensor size
-    let input_dim = input.dims()[dim];
-    let output_size = index.dims().to_vec();
+    let claimed_output: ValTensor<F> = if is_assigned {
+        let input_inner = input.get_int_evals()?;
+        let index_inner = index.get_int_evals()?.map(|x| x as usize);
+        let src_inner = src.get_int_evals()?;
 
-    // these will be assigned as constants
-    let mut indices = Tensor::from((0..input_dim as u64).map(|x| F::from(x)));
-    indices.set_visibility(&crate::graph::Visibility::Fixed);
-    let indices = region.assign(&config.custom_gates.inputs[1], &indices.try_into()?)?;
-    region.increment(indices.len());
+        let res = tensor::ops::scatter(&input_inner, &index_inner, &src_inner, dim)?;
 
-    // Allocate memory for the output tensor
-    let cartesian_coord = output_size
-        .iter()
-        .map(|x| 0..*x)
-        .multi_cartesian_product()
-        .collect::<Vec<_>>();
-
-    let mut output: Tensor<()> = Tensor::new(None, &output_size)?;
-
-    let mut inner_loop_function = |i: usize, region: &mut RegionCtx<'_, F>| {
-        let coord = cartesian_coord[i].clone();
-        let index_val = index.get_inner_tensor()?.get(&coord);
-
-        let src_val = src.get_inner_tensor()?.get(&coord);
-        let src_valtensor: ValTensor<F> = Tensor::from([src_val.clone()].into_iter()).into();
-
-        let mut slice = coord.iter().map(|x| *x..*x + 1).collect::<Vec<_>>();
-        slice[dim] = 0..input_dim;
-
-        let mut sliced_input = input.get_slice(&slice)?;
-        sliced_input.flatten();
-
-        let index_valtensor: ValTensor<F> = Tensor::from([index_val.clone()].into_iter()).into();
-
-        let mask = equals(config, region, &[index_valtensor, indices.clone()])?;
-
-        let res = iff(config, region, &[mask, src_valtensor, sliced_input])?;
-
-        let input_cartesian_coord = slice.into_iter().multi_cartesian_product();
-        let mutable_input_inner = input.get_inner_tensor_mut()?;
-
-        for (i, r) in res.get_inner_tensor()?.iter().enumerate() {
-            let coord = input_cartesian_coord
-                .clone()
-                .nth(i)
-                .ok_or("invalid coord")?;
-            *mutable_input_inner.get_mut(&coord) = r.clone();
-        }
-        Ok(())
+        res.iter()
+            .map(|x| Value::known(i128_to_felt(*x)))
+            .collect::<Tensor<Value<F>>>()
+            .into()
+    } else {
+        Tensor::new(
+            Some(&vec![Value::<F>::unknown(); input.len()]),
+            &[input.len()],
+        )?
+        .into()
     };
 
-    output
-        .iter_mut()
-        .enumerate()
-        .map(|(i, _)| inner_loop_function(i, region))
-        .collect::<Result<Vec<()>, Box<dyn Error>>>()?;
+    // assign the claimed output
+    let mut claimed_output = region.assign(&config.custom_gates.output, &claimed_output)?;
+    region.increment(claimed_output.len());
+    claimed_output.reshape(input.dims())?;
 
-    Ok(input)
+    // scatter elements is the inverse of gather elements
+    let (gather_src, linear_index) = gather_elements(
+        config,
+        region,
+        &[claimed_output.clone(), index.clone()],
+        dim,
+    )?;
+
+    // assert this is equal to the src
+    enforce_equality(config, region, &[gather_src, src])?;
+
+    let full_index_set: ValTensor<F> =
+        Tensor::from((0..input.len() as u64).map(|x| ValType::Constant(F::from(x)))).into();
+    let input_indices = get_missing_set_elements(
+        config,
+        region,
+        &[linear_index, full_index_set.clone()],
+        true,
+    )?;
+
+    claimed_output.flatten();
+    let (gather_input, _) = gather_elements(
+        config,
+        region,
+        &[claimed_output.clone(), input_indices.clone()],
+        0,
+    )?;
+    // assert this is a subset of the input
+    dynamic_lookup(
+        config,
+        region,
+        &[input_indices, gather_input],
+        &[full_index_set, input.clone()],
+    )?;
+
+    claimed_output.reshape(input.dims())?;
+
+    Ok(claimed_output)
+}
+
+/// Scatter Nd
+pub(crate) fn scatter_nd<F: PrimeField + TensorType + PartialOrd>(
+    config: &BaseConfig<F>,
+    region: &mut RegionCtx<F>,
+    values: &[ValTensor<F>; 3],
+) -> Result<ValTensor<F>, Box<dyn Error>> {
+    let (input, mut index, src) = (values[0].clone(), values[1].clone(), values[2].clone());
+
+    if !index.all_prev_assigned() {
+        index = region.assign(&config.custom_gates.inputs[1], &index)?;
+        region.increment(index.len());
+    }
+
+    let is_assigned = !input.any_unknowns()? && !index.any_unknowns()? && !src.any_unknowns()?;
+
+    let claimed_output: ValTensor<F> = if is_assigned {
+        let input_inner = input.get_int_evals()?;
+        let index_inner = index.get_int_evals()?.map(|x| x as usize);
+        let src_inner = src.get_int_evals()?;
+
+        let res = tensor::ops::scatter_nd(&input_inner, &index_inner, &src_inner)?;
+
+        res.iter()
+            .map(|x| Value::known(i128_to_felt(*x)))
+            .collect::<Tensor<Value<F>>>()
+            .into()
+    } else {
+        Tensor::new(
+            Some(&vec![Value::<F>::unknown(); input.len()]),
+            &[input.len()],
+        )?
+        .into()
+    };
+
+    // assign the claimed output
+    let mut claimed_output = region.assign(&config.custom_gates.output, &claimed_output)?;
+    region.increment(claimed_output.len());
+    claimed_output.reshape(input.dims())?;
+
+
+    // scatter elements is the inverse of gather elements
+    let (gather_src, linear_index) =
+        gather_nd(config, region, &[claimed_output.clone(), index.clone()], 0)?;
+
+    // assert this is equal to the src
+    enforce_equality(config, region, &[gather_src, src])?;
+
+    let full_index_set: ValTensor<F> =
+        Tensor::from((0..input.len() as u64).map(|x| ValType::Constant(F::from(x)))).into();
+
+    let input_indices = get_missing_set_elements(
+        config,
+        region,
+        &[linear_index, full_index_set.clone()],
+        true,
+    )?;
+
+    // now that it is flattened we can gather over elements on dim 0
+    claimed_output.flatten();
+    let (gather_input, _) = gather_elements(
+        config,
+        region,
+        &[claimed_output.clone(), input_indices.clone()],
+        0,
+    )?;
+
+    // assert this is a subset of the input
+    dynamic_lookup(
+        config,
+        region,
+        &[input_indices, gather_input],
+        &[full_index_set, input.clone()],
+    )?;
+
+    claimed_output.reshape(input.dims())?;
+
+    Ok(claimed_output)
 }
 
 /// sum accumulated layout
@@ -1443,17 +1751,11 @@ pub(crate) fn argmax_axes<F: PrimeField + TensorType + PartialOrd>(
     dim: usize,
 ) -> Result<ValTensor<F>, Box<dyn Error>> {
     // these will be assigned as constants
-    let mut indices = Tensor::from((0..values[0].dims()[dim] as u64).map(|x| F::from(x)));
-    indices.set_visibility(&crate::graph::Visibility::Fixed);
-    let indices = region.assign(&config.custom_gates.inputs[1], &indices.try_into()?)?;
-    region.increment(indices.len());
-
-    let argmax = move |config: &BaseConfig<F>,
-                       region: &mut RegionCtx<F>,
-                       values: &[ValTensor<F>; 1]|
-          -> Result<ValTensor<F>, Box<dyn Error>> {
-        argmax(config, region, values, indices.clone())
-    };
+    let argmax =
+        move |config: &BaseConfig<F>,
+              region: &mut RegionCtx<F>,
+              values: &[ValTensor<F>; 1]|
+              -> Result<ValTensor<F>, Box<dyn Error>> { argmax(config, region, values) };
 
     // calculate value of output
     axes_wise_op(config, region, values, &[dim], argmax)
@@ -1479,18 +1781,12 @@ pub(crate) fn argmin_axes<F: PrimeField + TensorType + PartialOrd>(
     dim: usize,
 ) -> Result<ValTensor<F>, Box<dyn Error>> {
     // calculate value of output
-    // these will be assigned as constants
-    let mut indices = Tensor::from((0..values[0].dims()[dim] as u64).map(|x| F::from(x)));
-    indices.set_visibility(&crate::graph::Visibility::Fixed);
-    let indices = region.assign(&config.custom_gates.inputs[1], &indices.try_into()?)?;
-    region.increment(indices.len());
 
-    let argmin = move |config: &BaseConfig<F>,
-                       region: &mut RegionCtx<F>,
-                       values: &[ValTensor<F>; 1]|
-          -> Result<ValTensor<F>, Box<dyn Error>> {
-        argmin(config, region, values, indices.clone())
-    };
+    let argmin =
+        move |config: &BaseConfig<F>,
+              region: &mut RegionCtx<F>,
+              values: &[ValTensor<F>; 1]|
+              -> Result<ValTensor<F>, Box<dyn Error>> { argmin(config, region, values) };
 
     axes_wise_op(config, region, values, &[dim], argmin)
 }
@@ -2364,13 +2660,43 @@ pub(crate) fn slice<F: PrimeField + TensorType + PartialOrd>(
     end: &usize,
 ) -> Result<ValTensor<F>, Box<dyn Error>> {
     // assigns the instance to the advice.
-    let mut output = region.assign(&config.custom_gates.output, &values[0])?;
-    region.increment(output.len());
+    let mut output = values[0].clone();
+
+    let is_assigned = output.all_prev_assigned();
+    if !is_assigned {
+        output = region.assign(&config.custom_gates.output, &values[0])?;
+        region.increment(output.len());
+    }
+
     output.slice(axis, start, end)?;
 
     Ok(output)
 }
 
+/// Trilu layout
+pub(crate) fn trilu<F: PrimeField + TensorType + PartialOrd>(
+    config: &BaseConfig<F>,
+    region: &mut RegionCtx<F>,
+    values: &[ValTensor<F>; 1],
+    k: &i32,
+    upper: &bool,
+) -> Result<ValTensor<F>, Box<dyn Error>> {
+    // assigns the instance to the advice.
+    let mut output = values[0].clone();
+
+    let is_assigned = output.all_prev_assigned();
+    if !is_assigned {
+        output = region.assign(&config.custom_gates.inputs[0], &values[0])?;
+    }
+
+    let res = tensor::ops::trilu(output.get_inner_tensor()?, *k, *upper)?;
+
+    let output = region.assign(&config.custom_gates.output, &res.into())?;
+    region.increment(output.len());
+
+    Ok(output)
+}
+
 /// Concat layout
 pub(crate) fn concat<F: PrimeField + TensorType + PartialOrd>(
     values: &[ValTensor<F>],
@@ -2665,7 +2991,6 @@ pub(crate) fn argmax<F: PrimeField + TensorType + PartialOrd>(
     config: &BaseConfig<F>,
     region: &mut RegionCtx<F>,
     values: &[ValTensor<F>; 1],
-    indices: ValTensor<F>,
 ) -> Result<ValTensor<F>, Box<dyn Error>> {
     // this is safe because we later constrain it
     let argmax = values[0]
@@ -2688,7 +3013,6 @@ pub(crate) fn argmax<F: PrimeField + TensorType + PartialOrd>(
         config,
         region,
         &[values[0].clone(), assigned_argmax.clone()],
-        indices,
     )?;
 
     let max_val = max(config, region, &[values[0].clone()])?;
@@ -2703,7 +3027,6 @@ pub(crate) fn argmin<F: PrimeField + TensorType + PartialOrd>(
     config: &BaseConfig<F>,
     region: &mut RegionCtx<F>,
     values: &[ValTensor<F>; 1],
-    indices: ValTensor<F>,
 ) -> Result<ValTensor<F>, Box<dyn Error>> {
     // this is safe because we later constrain it
     let argmin = values[0]
@@ -2727,7 +3050,6 @@ pub(crate) fn argmin<F: PrimeField + TensorType + PartialOrd>(
         config,
         region,
         &[values[0].clone(), assigned_argmin.clone()],
-        indices,
     )?;
     let min_val = min(config, region, &[values[0].clone()])?;
 

src/circuit/ops/lookup.rs

@@ -123,6 +123,9 @@ pub enum LookupOp {
         scale: utils::F32,
         a: utils::F32,
     },
+    HardSwish {
+        scale: utils::F32,
+    },
 }
 
 impl LookupOp {
@@ -223,6 +226,9 @@ impl<F: PrimeField + TensorType + PartialOrd> Op<F> for LookupOp {
             LookupOp::ATan { scale } => Ok(tensor::ops::nonlinearities::atan(&x, scale.into())),
             LookupOp::ATanh { scale } => Ok(tensor::ops::nonlinearities::atanh(&x, scale.into())),
             LookupOp::Tanh { scale } => Ok(tensor::ops::nonlinearities::tanh(&x, scale.into())),
+            LookupOp::HardSwish { scale } => {
+                Ok(tensor::ops::nonlinearities::hardswish(&x, scale.into()))
+            }
         }?;
 
         let output = res.map(|x| i128_to_felt(x));
@@ -276,6 +282,7 @@ impl<F: PrimeField + TensorType + PartialOrd> Op<F> for LookupOp {
             LookupOp::ASin { scale } => format!("ASIN(scale={})", scale),
             LookupOp::Sinh { scale } => format!("SINH(scale={})", scale),
             LookupOp::ASinh { scale } => format!("ASINH(scale={})", scale),
+            LookupOp::HardSwish { scale } => format!("HARDSWISH(scale={})", scale),
         }
     }
 

src/circuit/ops/poly.rs

@@ -14,10 +14,17 @@ pub enum PolyOp {
         dim: usize,
         constant_idx: Option<Tensor<usize>>,
     },
+    GatherND {
+        batch_dims: usize,
+        indices: Option<Tensor<usize>>,
+    },
     ScatterElements {
         dim: usize,
         constant_idx: Option<Tensor<usize>>,
     },
+    ScatterND {
+        constant_idx: Option<Tensor<usize>>,
+    },
     MultiBroadcastTo {
         shape: Vec<usize>,
     },
@@ -76,6 +83,10 @@ pub enum PolyOp {
     And,
     Or,
     Xor,
+    Trilu {
+        upper: bool,
+        k: i32,
+    },
 }
 
 impl<F: PrimeField + TensorType + PartialOrd + Serialize + for<'de> Deserialize<'de>> Op<F>
@@ -89,7 +100,9 @@ impl<F: PrimeField + TensorType + PartialOrd + Serialize + for<'de> Deserialize<
     fn as_string(&self) -> String {
         match &self {
             PolyOp::GatherElements { dim, .. } => format!("GATHERELEMENTS (dim={})", dim),
+            PolyOp::GatherND { batch_dims, .. } => format!("GATHERND (batch_dims={})", batch_dims),
             PolyOp::ScatterElements { dim, .. } => format!("SCATTERELEMENTS (dim={})", dim),
+            PolyOp::ScatterND { .. } => "SCATTERND".into(),
             PolyOp::MultiBroadcastTo { shape } => format!("MULTIBROADCASTTO (shape={:?})", shape),
             PolyOp::MoveAxis { .. } => "MOVEAXIS".into(),
             PolyOp::Downsample { .. } => "DOWNSAMPLE".into(),
@@ -105,7 +118,7 @@ impl<F: PrimeField + TensorType + PartialOrd + Serialize + for<'de> Deserialize<
             PolyOp::Add => "ADD".into(),
             PolyOp::Mult => "MULT".into(),
             PolyOp::Sub => "SUB".into(),
-            PolyOp::Sum { .. } => "SUM".into(),
+            PolyOp::Sum { axes } => format!("SUM (axes={:?})", axes),
             PolyOp::Prod { .. } => "PROD".into(),
             PolyOp::Pow(_) => "POW".into(),
             PolyOp::Conv { .. } => "CONV".into(),
@@ -119,6 +132,7 @@ impl<F: PrimeField + TensorType + PartialOrd + Serialize + for<'de> Deserialize<
             PolyOp::And => "AND".into(),
             PolyOp::Or => "OR".into(),
             PolyOp::Xor => "XOR".into(),
+            PolyOp::Trilu { upper, k } => format!("TRILU (upper={}, k={})", upper, k),
         }
     }
 
@@ -213,6 +227,18 @@ impl<F: PrimeField + TensorType + PartialOrd + Serialize + for<'de> Deserialize<
                 };
                 tensor::ops::gather_elements(&x, &y, *dim)
             }
+            PolyOp::GatherND {
+                indices,
+                batch_dims,
+            } => {
+                let x = inputs[0].clone();
+                let y = if let Some(idx) = indices {
+                    idx.clone()
+                } else {
+                    inputs[1].clone().map(|x| felt_to_i128(x) as usize)
+                };
+                tensor::ops::gather_nd(&x, &y, *batch_dims)
+            }
             PolyOp::ScatterElements { dim, constant_idx } => {
                 let x = inputs[0].clone();
 
@@ -229,6 +255,22 @@ impl<F: PrimeField + TensorType + PartialOrd + Serialize + for<'de> Deserialize<
                 };
                 tensor::ops::scatter(&x, &idx, &src, *dim)
             }
+
+            PolyOp::ScatterND { constant_idx } => {
+                let x = inputs[0].clone();
+                let idx = if let Some(idx) = constant_idx {
+                    idx.clone()
+                } else {
+                    inputs[1].clone().map(|x| felt_to_i128(x) as usize)
+                };
+                let src = if constant_idx.is_some() {
+                    inputs[1].clone()
+                } else {
+                    inputs[2].clone()
+                };
+                tensor::ops::scatter_nd(&x, &idx, &src)
+            }
+            PolyOp::Trilu { upper, k } => tensor::ops::trilu(&inputs[0], *k, *upper),
         }?;
 
         Ok(ForwardResult { output: res })
@@ -276,7 +318,17 @@ impl<F: PrimeField + TensorType + PartialOrd + Serialize + for<'de> Deserialize<
                 if let Some(idx) = constant_idx {
                     tensor::ops::gather_elements(values[0].get_inner_tensor()?, idx, *dim)?.into()
                 } else {
-                    layouts::gather_elements(config, region, values[..].try_into()?, *dim)?
+                    layouts::gather_elements(config, region, values[..].try_into()?, *dim)?.0
+                }
+            }
+            PolyOp::GatherND {
+                batch_dims,
+                indices,
+            } => {
+                if let Some(idx) = indices {
+                    tensor::ops::gather_nd(values[0].get_inner_tensor()?, idx, *batch_dims)?.into()
+                } else {
+                    layouts::gather_nd(config, region, values[..].try_into()?, *batch_dims)?.0
                 }
             }
             PolyOp::ScatterElements { dim, constant_idx } => {
@@ -292,6 +344,18 @@ impl<F: PrimeField + TensorType + PartialOrd + Serialize + for<'de> Deserialize<
                     layouts::scatter_elements(config, region, values[..].try_into()?, *dim)?
                 }
             }
+            PolyOp::ScatterND { constant_idx } => {
+                if let Some(idx) = constant_idx {
+                    tensor::ops::scatter_nd(
+                        values[0].get_inner_tensor()?,
+                        idx,
+                        values[1].get_inner_tensor()?,
+                    )?
+                    .into()
+                } else {
+                    layouts::scatter_nd(config, region, values[..].try_into()?)?
+                }
+            }
             PolyOp::DeConv {
                 padding,
                 output_padding,
@@ -326,6 +390,9 @@ impl<F: PrimeField + TensorType + PartialOrd + Serialize + for<'de> Deserialize<
             PolyOp::Slice { axis, start, end } => {
                 layouts::slice(config, region, values[..].try_into()?, axis, start, end)?
             }
+            PolyOp::Trilu { upper, k } => {
+                layouts::trilu(config, region, values[..].try_into()?, k, upper)?
+            }
         }))
     }
 
@@ -389,7 +456,9 @@ impl<F: PrimeField + TensorType + PartialOrd + Serialize + for<'de> Deserialize<
             vec![1, 2]
         } else if matches!(self, PolyOp::Concat { .. }) {
             (0..100).collect()
-        } else if matches!(self, PolyOp::ScatterElements { .. }) {
+        } else if matches!(self, PolyOp::ScatterElements { .. })
+            | matches!(self, PolyOp::ScatterND { .. })
+        {
             vec![0, 2]
         } else {
             vec![]

src/circuit/table.rs

@@ -6,7 +6,7 @@ use halo2_proofs::{
     circuit::{Layouter, Value},
     plonk::{ConstraintSystem, Expression, TableColumn},
 };
-use log::warn;
+use log::{debug, warn};
 use maybe_rayon::prelude::{IntoParallelIterator, ParallelIterator};
 
 use crate::{
@@ -165,7 +165,7 @@ impl<F: PrimeField + TensorType + PartialOrd> Table<F> {
         let num_cols = table_inputs.len();
 
         if num_cols > 1 {
-            warn!("Using {} columns for non-linearity table.", num_cols);
+            debug!("Using {} columns for non-linearity table.", num_cols);
         }
 
         let table_outputs = table_inputs

src/circuit/tests.rs

@@ -245,7 +245,13 @@ mod matmul_col_overflow {
 #[cfg(test)]
 #[cfg(not(all(target_arch = "wasm32", target_os = "unknown")))]
 mod matmul_col_ultra_overflow_double_col {
-    use halo2_proofs::poly::commitment::{Params, ParamsProver};
+
+    use halo2_proofs::poly::kzg::{
+        commitment::KZGCommitmentScheme,
+        multiopen::{ProverSHPLONK, VerifierSHPLONK},
+        strategy::SingleStrategy,
+    };
+    use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 
     use super::*;
 
@@ -324,46 +330,46 @@ mod matmul_col_ultra_overflow_double_col {
 
         let pk = crate::pfsys::create_keys::<
             halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme<halo2curves::bn256::Bn256>,
-            F,
             MatmulCircuit<F>,
         >(&circuit, &params, true)
         .unwrap();
 
-        let prover = crate::pfsys::create_proof_circuit_kzg(
+        let prover = crate::pfsys::create_proof_circuit::<
+            KZGCommitmentScheme<_>,
+            _,
+            ProverSHPLONK<_>,
+            VerifierSHPLONK<_>,
+            SingleStrategy<_>,
+            _,
+            EvmTranscript<_, _, _, _>,
+            EvmTranscript<_, _, _, _>,
+        >(
             circuit.clone(),
+            vec![],
             &params,
-            None,
             &pk,
-            crate::pfsys::TranscriptType::EVM,
-            halo2_proofs::poly::kzg::strategy::SingleStrategy::new(&params),
             // use safe mode to verify that the proof is correct
             CheckMode::SAFE,
+            crate::Commitments::KZG,
+            crate::pfsys::TranscriptType::EVM,
+            None,
             None,
         );
 
         assert!(prover.is_ok());
-
-        let proof = prover.unwrap();
-
-        let strategy =
-            halo2_proofs::poly::kzg::strategy::SingleStrategy::new(params.verifier_params());
-        let vk = pk.get_vk();
-        let result = crate::pfsys::verify_proof_circuit_kzg(
-            params.verifier_params(),
-            proof,
-            vk,
-            strategy,
-            params.n(),
-        );
-
-        assert!(result.is_ok());
     }
 }
 
 #[cfg(test)]
 #[cfg(not(all(target_arch = "wasm32", target_os = "unknown")))]
 mod matmul_col_ultra_overflow {
-    use halo2_proofs::poly::commitment::{Params, ParamsProver};
+
+    use halo2_proofs::poly::kzg::{
+        commitment::KZGCommitmentScheme,
+        multiopen::{ProverSHPLONK, VerifierSHPLONK},
+        strategy::SingleStrategy,
+    };
+    use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 
     use super::*;
 
@@ -441,39 +447,33 @@ mod matmul_col_ultra_overflow {
 
         let pk = crate::pfsys::create_keys::<
             halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme<halo2curves::bn256::Bn256>,
-            F,
             MatmulCircuit<F>,
         >(&circuit, &params, true)
         .unwrap();
 
-        let prover = crate::pfsys::create_proof_circuit_kzg(
+        let prover = crate::pfsys::create_proof_circuit::<
+            KZGCommitmentScheme<_>,
+            _,
+            ProverSHPLONK<_>,
+            VerifierSHPLONK<_>,
+            SingleStrategy<_>,
+            _,
+            EvmTranscript<_, _, _, _>,
+            EvmTranscript<_, _, _, _>,
+        >(
             circuit.clone(),
+            vec![],
             &params,
-            None,
             &pk,
-            crate::pfsys::TranscriptType::EVM,
-            halo2_proofs::poly::kzg::strategy::SingleStrategy::new(&params),
             // use safe mode to verify that the proof is correct
             CheckMode::SAFE,
+            crate::Commitments::KZG,
+            crate::pfsys::TranscriptType::EVM,
+            None,
             None,
         );
 
         assert!(prover.is_ok());
-
-        let proof = prover.unwrap();
-
-        let strategy =
-            halo2_proofs::poly::kzg::strategy::SingleStrategy::new(params.verifier_params());
-        let vk = pk.get_vk();
-        let result = crate::pfsys::verify_proof_circuit_kzg(
-            params.verifier_params(),
-            proof,
-            vk,
-            strategy,
-            params.n(),
-        );
-
-        assert!(result.is_ok());
     }
 }
 
@@ -1145,7 +1145,15 @@ mod conv {
 #[cfg(test)]
 #[cfg(not(all(target_arch = "wasm32", target_os = "unknown")))]
 mod conv_col_ultra_overflow {
-    use halo2_proofs::poly::commitment::{Params, ParamsProver};
+
+    use halo2_proofs::poly::{
+        kzg::strategy::SingleStrategy,
+        kzg::{
+            commitment::KZGCommitmentScheme,
+            multiopen::{ProverSHPLONK, VerifierSHPLONK},
+        },
+    };
+    use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 
     use super::*;
 
@@ -1243,39 +1251,33 @@ mod conv_col_ultra_overflow {
 
         let pk = crate::pfsys::create_keys::<
             halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme<halo2curves::bn256::Bn256>,
-            F,
             ConvCircuit<F>,
         >(&circuit, &params, true)
         .unwrap();
 
-        let prover = crate::pfsys::create_proof_circuit_kzg(
+        let prover = crate::pfsys::create_proof_circuit::<
+            KZGCommitmentScheme<_>,
+            _,
+            ProverSHPLONK<_>,
+            VerifierSHPLONK<_>,
+            SingleStrategy<_>,
+            _,
+            EvmTranscript<_, _, _, _>,
+            EvmTranscript<_, _, _, _>,
+        >(
             circuit.clone(),
+            vec![],
             &params,
-            None,
             &pk,
-            crate::pfsys::TranscriptType::EVM,
-            halo2_proofs::poly::kzg::strategy::SingleStrategy::new(&params),
             // use safe mode to verify that the proof is correct
             CheckMode::SAFE,
+            crate::Commitments::KZG,
+            crate::pfsys::TranscriptType::EVM,
+            None,
             None,
         );
 
         assert!(prover.is_ok());
-
-        let proof = prover.unwrap();
-
-        let strategy =
-            halo2_proofs::poly::kzg::strategy::SingleStrategy::new(params.verifier_params());
-        let vk = pk.get_vk();
-        let result = crate::pfsys::verify_proof_circuit_kzg(
-            params.verifier_params(),
-            proof,
-            vk,
-            strategy,
-            params.n(),
-        );
-
-        assert!(result.is_ok());
     }
 }
 
@@ -1283,7 +1285,13 @@ mod conv_col_ultra_overflow {
 // not wasm 32 unknown
 #[cfg(not(all(target_arch = "wasm32", target_os = "unknown")))]
 mod conv_relu_col_ultra_overflow {
-    use halo2_proofs::poly::commitment::{Params, ParamsProver};
+
+    use halo2_proofs::poly::kzg::{
+        commitment::KZGCommitmentScheme,
+        multiopen::{ProverSHPLONK, VerifierSHPLONK},
+        strategy::SingleStrategy,
+    };
+    use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 
     use super::*;
 
@@ -1396,39 +1404,33 @@ mod conv_relu_col_ultra_overflow {
 
         let pk = crate::pfsys::create_keys::<
             halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme<halo2curves::bn256::Bn256>,
-            F,
             ConvCircuit<F>,
         >(&circuit, &params, true)
         .unwrap();
 
-        let prover = crate::pfsys::create_proof_circuit_kzg(
+        let prover = crate::pfsys::create_proof_circuit::<
+            KZGCommitmentScheme<_>,
+            _,
+            ProverSHPLONK<_>,
+            VerifierSHPLONK<_>,
+            SingleStrategy<_>,
+            _,
+            EvmTranscript<_, _, _, _>,
+            EvmTranscript<_, _, _, _>,
+        >(
             circuit.clone(),
+            vec![],
             &params,
-            None,
             &pk,
-            crate::pfsys::TranscriptType::EVM,
-            halo2_proofs::poly::kzg::strategy::SingleStrategy::new(&params),
-            // use safe mode to verify that the proof is correct
             CheckMode::SAFE,
+            crate::Commitments::KZG,
+            crate::pfsys::TranscriptType::EVM,
+            // use safe mode to verify that the proof is correct
+            None,
             None,
         );
 
         assert!(prover.is_ok());
-
-        let proof = prover.unwrap();
-
-        let strategy =
-            halo2_proofs::poly::kzg::strategy::SingleStrategy::new(params.verifier_params());
-        let vk = pk.get_vk();
-        let result = crate::pfsys::verify_proof_circuit_kzg(
-            params.verifier_params(),
-            proof,
-            vk,
-            strategy,
-            params.n(),
-        );
-
-        assert!(result.is_ok());
     }
 }
 
@@ -2417,8 +2419,13 @@ mod lookup_ultra_overflow {
     use halo2_proofs::{
         circuit::{Layouter, SimpleFloorPlanner, Value},
         plonk::{Circuit, ConstraintSystem, Error},
-        poly::commitment::{Params, ParamsProver},
+        poly::kzg::{
+            commitment::KZGCommitmentScheme,
+            multiopen::{ProverSHPLONK, VerifierSHPLONK},
+            strategy::SingleStrategy,
+        },
     };
+    use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
 
     #[derive(Clone)]
     struct ReLUCircuit<F: PrimeField + TensorType + PartialOrd> {
@@ -2497,38 +2504,32 @@ mod lookup_ultra_overflow {
 
         let pk = crate::pfsys::create_keys::<
             halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme<halo2curves::bn256::Bn256>,
-            F,
             ReLUCircuit<F>,
         >(&circuit, &params, true)
         .unwrap();
 
-        let prover = crate::pfsys::create_proof_circuit_kzg(
+        let prover = crate::pfsys::create_proof_circuit::<
+            KZGCommitmentScheme<_>,
+            _,
+            ProverSHPLONK<_>,
+            VerifierSHPLONK<_>,
+            SingleStrategy<_>,
+            _,
+            EvmTranscript<_, _, _, _>,
+            EvmTranscript<_, _, _, _>,
+        >(
             circuit.clone(),
+            vec![],
             &params,
-            None,
             &pk,
-            crate::pfsys::TranscriptType::EVM,
-            halo2_proofs::poly::kzg::strategy::SingleStrategy::new(&params),
             // use safe mode to verify that the proof is correct
             CheckMode::SAFE,
+            crate::Commitments::KZG,
+            crate::pfsys::TranscriptType::EVM,
+            None,
             None,
         );
 
         assert!(prover.is_ok());
-
-        let proof = prover.unwrap();
-
-        let strategy =
-            halo2_proofs::poly::kzg::strategy::SingleStrategy::new(params.verifier_params());
-        let vk = pk.get_vk();
-        let result = crate::pfsys::verify_proof_circuit_kzg(
-            params.verifier_params(),
-            proof,
-            vk,
-            strategy,
-            params.n(),
-        );
-
-        assert!(result.is_ok());
     }
 }

src/commands.rs

@@ -13,7 +13,7 @@ use std::path::PathBuf;
 use std::{error::Error, str::FromStr};
 use tosubcommand::{ToFlags, ToSubcommand};
 
-use crate::{pfsys::ProofType, RunArgs};
+use crate::{pfsys::ProofType, Commitments, RunArgs};
 
 use crate::circuit::CheckMode;
 #[cfg(not(target_arch = "wasm32"))]
@@ -90,6 +90,8 @@ pub const DEFAULT_SCALE_REBASE_MULTIPLIERS: &str = "1,2,10";
 pub const DEFAULT_USE_REDUCED_SRS_FOR_VERIFICATION: &str = "false";
 /// Default only check for range check rebase
 pub const DEFAULT_ONLY_RANGE_CHECK_REBASE: &str = "false";
+/// Default commitment
+pub const DEFAULT_COMMITMENT: &str = "kzg";
 
 #[cfg(feature = "python-bindings")]
 /// Converts TranscriptType into a PyObject (Required for TranscriptType to be compatible with Python)
@@ -294,21 +296,6 @@ pub enum Commands {
         args: RunArgs,
     },
 
-    #[cfg(feature = "render")]
-    /// Renders the model circuit to a .png file. For an overview of how to interpret these plots, see https://zcash.github.io/halo2/user/dev-tools.html
-    #[command(arg_required_else_help = true)]
-    RenderCircuit {
-        /// The path to the .onnx model file
-        #[arg(short = 'M', long)]
-        model: PathBuf,
-        /// Path to save the .png circuit render
-        #[arg(short = 'O', long)]
-        output: PathBuf,
-        /// proving arguments
-        #[clap(flatten)]
-        args: RunArgs,
-    },
-
     /// Generates the witness from an input file.
     GenWitness {
         /// The path to the .json data file
@@ -387,6 +374,9 @@ pub enum Commands {
         /// number of logrows to use for srs
         #[arg(long)]
         logrows: usize,
+        /// commitment used
+        #[arg(long, default_value = DEFAULT_COMMITMENT)]
+        commitment: Commitments,
     },
 
     #[cfg(not(target_arch = "wasm32"))]
@@ -402,9 +392,9 @@ pub enum Commands {
         /// Number of logrows to use for srs. Overrides settings_path if specified.
         #[arg(long, default_value = None)]
         logrows: Option<u32>,
-        /// Check mode for SRS. Verifies downloaded srs is valid. Set to unsafe for speed.
-        #[arg(long, default_value = DEFAULT_CHECKMODE)]
-        check: CheckMode,
+        /// Commitment used
+        #[arg(long, default_value = None)]
+        commitment: Option<Commitments>,
     },
     /// Loads model and input and runs mock prover (for testing)
     Mock {
@@ -452,6 +442,9 @@ pub enum Commands {
         /// compress selectors
         #[arg(long, default_value = DEFAULT_DISABLE_SELECTOR_COMPRESSION)]
         disable_selector_compression: bool,
+        /// commitment used
+        #[arg(long, default_value = DEFAULT_COMMITMENT)]
+        commitment: Commitments,
     },
     /// Aggregates proofs :)
     Aggregate {
@@ -484,6 +477,9 @@ pub enum Commands {
         /// whether the accumulated proofs are segments of a larger circuit
         #[arg(long, default_value = DEFAULT_SPLIT)]
         split_proofs: bool,
+        /// commitment used
+        #[arg(long, default_value = DEFAULT_COMMITMENT)]
+        commitment: Commitments,
     },
     /// Compiles a circuit from onnx to a simplified graph (einsum + other ops) and parameters as sets of field elements
     CompileCircuit {
@@ -518,31 +514,6 @@ pub enum Commands {
         #[arg(long, default_value = DEFAULT_DISABLE_SELECTOR_COMPRESSION)]
         disable_selector_compression: bool,
     },
-
-    #[cfg(not(target_arch = "wasm32"))]
-    /// Fuzzes the proof pipeline with random inputs, random parameters, and random keys
-    Fuzz {
-        /// The path to the .json witness file (generated using the gen-witness command)
-        #[arg(short = 'W', long, default_value = DEFAULT_WITNESS)]
-        witness: PathBuf,
-        /// The path to the compiled model file (generated using the compile-circuit command)
-        #[arg(short = 'M', long)]
-        compiled_circuit: PathBuf,
-        #[arg(
-            long,
-            require_equals = true,
-            num_args = 0..=1,
-            default_value_t = TranscriptType::default(),
-            value_enum
-        )]
-        transcript: TranscriptType,
-        /// number of fuzz iterations
-        #[arg(long, default_value = DEFAULT_FUZZ_RUNS)]
-        num_runs: usize,
-        /// compress selectors
-        #[arg(long, default_value = DEFAULT_DISABLE_SELECTOR_COMPRESSION)]
-        disable_selector_compression: bool,
-    },
     #[cfg(not(target_arch = "wasm32"))]
     /// Deploys a test contact that the data attester reads from and creates a data attestation formatted input.json file that contains call data information
     #[command(arg_required_else_help = true)]
@@ -744,12 +715,18 @@ pub enum Commands {
         /// The path to the verification key file (generated using the setup-aggregate command)
         #[arg(long, default_value = DEFAULT_VK_AGGREGATED)]
         vk_path: PathBuf,
+        /// reduced srs
+        #[arg(long, default_value = DEFAULT_USE_REDUCED_SRS_FOR_VERIFICATION)]
+        reduced_srs: bool,
         /// The path to SRS, if None will use $EZKL_REPO_PATH/srs/kzg{logrows}.srs
         #[arg(long)]
         srs_path: Option<PathBuf>,
         /// logrows used for aggregation circuit
         #[arg(long, default_value = DEFAULT_AGGREGATED_LOGROWS)]
         logrows: u32,
+        /// commitment
+        #[arg(long, default_value = DEFAULT_COMMITMENT)]
+        commitment: Commitments,
     },
     #[cfg(not(target_arch = "wasm32"))]
     /// Deploys an evm verifier that is generated by ezkl

src/graph/mod.rs

@@ -15,7 +15,7 @@ use colored_json::ToColoredJson;
 #[cfg(unix)]
 use gag::Gag;
 use halo2_proofs::plonk::VerifyingKey;
-use halo2_proofs::poly::kzg::commitment::ParamsKZG;
+use halo2_proofs::poly::commitment::CommitmentScheme;
 pub use input::DataSource;
 use itertools::Itertools;
 use tosubcommand::ToFlags;
@@ -37,7 +37,7 @@ use halo2_proofs::{
     circuit::Layouter,
     plonk::{Circuit, ConstraintSystem, Error as PlonkError},
 };
-use halo2curves::bn256::{self, Bn256, Fr as Fp, G1Affine};
+use halo2curves::bn256::{self, Fr as Fp, G1Affine};
 use halo2curves::ff::PrimeField;
 #[cfg(not(target_arch = "wasm32"))]
 use lazy_static::lazy_static;
@@ -126,7 +126,7 @@ pub enum GraphError {
     #[error("failed to rescale inputs for {0}")]
     RescalingError(String),
     /// Error when attempting to load a model
-    #[error("failed to load model")]
+    #[error("failed to load")]
     ModelLoad,
     /// Packing exponent is too large
     #[error("largest packing exponent exceeds max. try reducing the scale")]
@@ -284,20 +284,20 @@ impl GraphWitness {
     }
 
     ///
-    pub fn get_kzg_commitments(&self) -> Vec<G1Affine> {
+    pub fn get_polycommitments(&self) -> Vec<G1Affine> {
         let mut commitments = vec![];
         if let Some(processed_inputs) = &self.processed_inputs {
-            if let Some(commits) = &processed_inputs.kzg_commit {
+            if let Some(commits) = &processed_inputs.polycommit {
                 commitments.extend(commits.iter().flatten());
             }
         }
         if let Some(processed_params) = &self.processed_params {
-            if let Some(commits) = &processed_params.kzg_commit {
+            if let Some(commits) = &processed_params.polycommit {
                 commitments.extend(commits.iter().flatten());
             }
         }
         if let Some(processed_outputs) = &self.processed_outputs {
-            if let Some(commits) = &processed_outputs.kzg_commit {
+            if let Some(commits) = &processed_outputs.polycommit {
                 commitments.extend(commits.iter().flatten());
             }
         }
@@ -318,7 +318,7 @@ impl GraphWitness {
     /// Load the model input from a file
     pub fn from_path(path: std::path::PathBuf) -> Result<Self, Box<dyn std::error::Error>> {
         let file = std::fs::File::open(path.clone())
-            .map_err(|_| format!("failed to load model at {}", path.display()))?;
+            .map_err(|_| format!("failed to load {}", path.display()))?;
 
         let reader = std::io::BufReader::with_capacity(*EZKL_BUF_CAPACITY, file);
         serde_json::from_reader(reader).map_err(|e| e.into())
@@ -387,8 +387,8 @@ impl ToPyObject for GraphWitness {
             if let Some(processed_inputs_poseidon_hash) = &processed_inputs.poseidon_hash {
                 insert_poseidon_hash_pydict(dict_inputs, processed_inputs_poseidon_hash).unwrap();
             }
-            if let Some(processed_inputs_kzg_commit) = &processed_inputs.kzg_commit {
-                insert_kzg_commit_pydict(dict_inputs, processed_inputs_kzg_commit).unwrap();
+            if let Some(processed_inputs_polycommit) = &processed_inputs.polycommit {
+                insert_polycommit_pydict(dict_inputs, processed_inputs_polycommit).unwrap();
             }
 
             dict.set_item("processed_inputs", dict_inputs).unwrap();
@@ -398,8 +398,8 @@ impl ToPyObject for GraphWitness {
             if let Some(processed_params_poseidon_hash) = &processed_params.poseidon_hash {
                 insert_poseidon_hash_pydict(dict_params, processed_params_poseidon_hash).unwrap();
             }
-            if let Some(processed_params_kzg_commit) = &processed_params.kzg_commit {
-                insert_kzg_commit_pydict(dict_inputs, processed_params_kzg_commit).unwrap();
+            if let Some(processed_params_polycommit) = &processed_params.polycommit {
+                insert_polycommit_pydict(dict_inputs, processed_params_polycommit).unwrap();
             }
 
             dict.set_item("processed_params", dict_params).unwrap();
@@ -409,8 +409,8 @@ impl ToPyObject for GraphWitness {
             if let Some(processed_outputs_poseidon_hash) = &processed_outputs.poseidon_hash {
                 insert_poseidon_hash_pydict(dict_outputs, processed_outputs_poseidon_hash).unwrap();
             }
-            if let Some(processed_outputs_kzg_commit) = &processed_outputs.kzg_commit {
-                insert_kzg_commit_pydict(dict_inputs, processed_outputs_kzg_commit).unwrap();
+            if let Some(processed_outputs_polycommit) = &processed_outputs.polycommit {
+                insert_polycommit_pydict(dict_inputs, processed_outputs_polycommit).unwrap();
             }
 
             dict.set_item("processed_outputs", dict_outputs).unwrap();
@@ -429,13 +429,13 @@ fn insert_poseidon_hash_pydict(pydict: &PyDict, poseidon_hash: &Vec<Fp>) -> Resu
 }
 
 #[cfg(feature = "python-bindings")]
-fn insert_kzg_commit_pydict(pydict: &PyDict, commits: &Vec<Vec<G1Affine>>) -> Result<(), PyErr> {
+fn insert_polycommit_pydict(pydict: &PyDict, commits: &Vec<Vec<G1Affine>>) -> Result<(), PyErr> {
     use crate::python::PyG1Affine;
     let poseidon_hash: Vec<Vec<PyG1Affine>> = commits
         .iter()
         .map(|c| c.iter().map(|x| PyG1Affine::from(*x)).collect())
         .collect();
-    pydict.set_item("kzg_commit", poseidon_hash)?;
+    pydict.set_item("polycommit", poseidon_hash)?;
 
     Ok(())
 }
@@ -503,7 +503,9 @@ impl GraphSettings {
     }
 
     fn constants_logrows(&self) -> u32 {
-        (self.total_const_size as f64).log2().ceil() as u32
+        (self.total_const_size as f64 / self.run_args.num_inner_cols as f64)
+            .log2()
+            .ceil() as u32
     }
 
     /// calculate the total number of instances
@@ -590,7 +592,7 @@ impl GraphSettings {
             || self.run_args.param_visibility.is_hashed()
     }
 
-    /// requires dynamic lookup  
+    /// requires dynamic lookup
     pub fn requires_dynamic_lookup(&self) -> bool {
         self.num_dynamic_lookups > 0
     }
@@ -601,10 +603,10 @@ impl GraphSettings {
     }
 
     /// any kzg visibility
-    pub fn module_requires_kzg(&self) -> bool {
-        self.run_args.input_visibility.is_kzgcommit()
-            || self.run_args.output_visibility.is_kzgcommit()
-            || self.run_args.param_visibility.is_kzgcommit()
+    pub fn module_requires_polycommit(&self) -> bool {
+        self.run_args.input_visibility.is_polycommit()
+            || self.run_args.output_visibility.is_polycommit()
+            || self.run_args.param_visibility.is_polycommit()
     }
 }
 
@@ -1049,14 +1051,10 @@ impl GraphCircuit {
     }
 
     fn calc_safe_lookup_range(min_max_lookup: Range, lookup_safety_margin: i128) -> Range {
-        let mut margin = (
+        let margin = (
             lookup_safety_margin * min_max_lookup.0,
             lookup_safety_margin * min_max_lookup.1,
         );
-        if lookup_safety_margin == 1 {
-            margin.0 += 4;
-            margin.1 += 4;
-        }
 
         margin
     }
@@ -1171,17 +1169,6 @@ impl GraphCircuit {
             .settings()
             .clone();
 
-        // recalculate the logrows if there has been overflow on the constants
-        settings_mut.run_args.logrows = std::cmp::max(
-            settings_mut.run_args.logrows,
-            settings_mut.constants_logrows(),
-        );
-        // recalculate the logrows if there has been overflow for the model constraints
-        settings_mut.run_args.logrows = std::cmp::max(
-            settings_mut.run_args.logrows,
-            settings_mut.model_constraint_logrows(),
-        );
-
         debug!(
             "setting lookup_range to: {:?}, setting logrows to: {}",
             self.settings().run_args.lookup_range,
@@ -1248,11 +1235,11 @@ impl GraphCircuit {
     }
 
     /// Runs the forward pass of the model / graph of computations and any associated hashing.
-    pub fn forward(
+    pub fn forward<Scheme: CommitmentScheme<Scalar = Fp, Curve = G1Affine>>(
         &self,
         inputs: &mut [Tensor<Fp>],
         vk: Option<&VerifyingKey<G1Affine>>,
-        srs: Option<&ParamsKZG<Bn256>>,
+        srs: Option<&Scheme::ParamsProver>,
         throw_range_check_error: bool,
     ) -> Result<GraphWitness, Box<dyn std::error::Error>> {
         let original_inputs = inputs.to_vec();
@@ -1269,7 +1256,8 @@ impl GraphCircuit {
                 for outlet in &module_outlets {
                     module_inputs.push(inputs[*outlet].clone());
                 }
-                let res = GraphModules::forward(&module_inputs, &visibility.input, vk, srs)?;
+                let res =
+                    GraphModules::forward::<Scheme>(&module_inputs, &visibility.input, vk, srs)?;
                 processed_inputs = Some(res.clone());
                 let module_results = res.get_result(visibility.input.clone());
 
@@ -1277,7 +1265,12 @@ impl GraphCircuit {
                     inputs[*outlet] = Tensor::from(module_results[i].clone().into_iter());
                 }
             } else {
-                processed_inputs = Some(GraphModules::forward(inputs, &visibility.input, vk, srs)?);
+                processed_inputs = Some(GraphModules::forward::<Scheme>(
+                    inputs,
+                    &visibility.input,
+                    vk,
+                    srs,
+                )?);
             }
         }
 
@@ -1285,7 +1278,7 @@ impl GraphCircuit {
             let params = self.model().get_all_params();
             if !params.is_empty() {
                 let flattened_params = Tensor::new(Some(&params), &[params.len()])?.combine()?;
-                processed_params = Some(GraphModules::forward(
+                processed_params = Some(GraphModules::forward::<Scheme>(
                     &[flattened_params],
                     &visibility.params,
                     vk,
@@ -1305,7 +1298,8 @@ impl GraphCircuit {
                 for outlet in &module_outlets {
                     module_inputs.push(model_results.outputs[*outlet].clone());
                 }
-                let res = GraphModules::forward(&module_inputs, &visibility.output, vk, srs)?;
+                let res =
+                    GraphModules::forward::<Scheme>(&module_inputs, &visibility.output, vk, srs)?;
                 processed_outputs = Some(res.clone());
                 let module_results = res.get_result(visibility.output.clone());
 
@@ -1314,7 +1308,7 @@ impl GraphCircuit {
                         Tensor::from(module_results[i].clone().into_iter());
                 }
             } else {
-                processed_outputs = Some(GraphModules::forward(
+                processed_outputs = Some(GraphModules::forward::<Scheme>(
                     &model_results.outputs,
                     &visibility.output,
                     vk,

src/graph/model.rs

@@ -970,7 +970,7 @@ impl Model {
 
         let (model, _) = Model::load_onnx_using_tract(
             &mut std::fs::File::open(model_path)
-                .map_err(|_| format!("failed to load model at {}", model_path.display()))?,
+                .map_err(|_| format!("failed to load {}", model_path.display()))?,
             run_args,
         )?;
 
@@ -1006,7 +1006,7 @@ impl Model {
     ) -> Result<Self, Box<dyn Error>> {
         Model::new(
             &mut std::fs::File::open(model)
-                .map_err(|_| format!("failed to load model at {}", model.display()))?,
+                .map_err(|_| format!("failed to load {}", model.display()))?,
             run_args,
         )
     }

src/graph/modules.rs

@@ -1,12 +1,12 @@
-use crate::circuit::modules::kzg::{KZGChip, KZGConfig};
+use crate::circuit::modules::polycommit::{PolyCommitChip, PolyCommitConfig};
 use crate::circuit::modules::poseidon::spec::{PoseidonSpec, POSEIDON_RATE, POSEIDON_WIDTH};
 use crate::circuit::modules::poseidon::{PoseidonChip, PoseidonConfig};
 use crate::circuit::modules::Module;
 use crate::tensor::{Tensor, ValTensor};
 use halo2_proofs::circuit::Layouter;
 use halo2_proofs::plonk::{Column, ConstraintSystem, Error, Instance, VerifyingKey};
-use halo2_proofs::poly::kzg::commitment::ParamsKZG;
-use halo2curves::bn256::{Bn256, Fr as Fp, G1Affine};
+use halo2_proofs::poly::commitment::CommitmentScheme;
+use halo2curves::bn256::{Fr as Fp, G1Affine};
 use itertools::Itertools;
 use serde::{Deserialize, Serialize};
 
@@ -14,9 +14,6 @@ use super::{VarVisibility, Visibility};
 
 /// poseidon len to hash in tree
 pub const POSEIDON_LEN_GRAPH: usize = 32;
-
-/// ElGamal number of instances
-pub const ELGAMAL_INSTANCES: usize = 4;
 /// Poseidon number of instancess
 pub const POSEIDON_INSTANCES: usize = 1;
 
@@ -29,8 +26,8 @@ pub type ModulePoseidonConfig = PoseidonConfig<POSEIDON_WIDTH, POSEIDON_RATE>;
 ///
 #[derive(Clone, Debug, Default)]
 pub struct ModuleConfigs {
-    /// KZG
-    kzg: Vec<KZGConfig>,
+    /// PolyCommit
+    polycommit: Vec<PolyCommitConfig>,
     /// Poseidon
     poseidon: Option<ModulePoseidonConfig>,
     /// Instance
@@ -46,8 +43,10 @@ impl ModuleConfigs {
     ) -> Self {
         let mut config = Self::default();
 
-        for size in module_size.kzg {
-            config.kzg.push(KZGChip::configure(cs, (logrows, size)));
+        for size in module_size.polycommit {
+            config
+                .polycommit
+                .push(PolyCommitChip::configure(cs, (logrows, size)));
         }
 
         config
@@ -94,8 +93,8 @@ impl ModuleConfigs {
 pub struct ModuleForwardResult {
     /// The inputs of the forward pass for poseidon
     pub poseidon_hash: Option<Vec<Fp>>,
-    /// The outputs of the forward pass for KZG
-    pub kzg_commit: Option<Vec<Vec<G1Affine>>>,
+    /// The outputs of the forward pass for PolyCommit
+    pub polycommit: Option<Vec<Vec<G1Affine>>>,
 }
 
 impl ModuleForwardResult {
@@ -126,7 +125,7 @@ impl ModuleForwardResult {
 #[derive(Clone, Debug, Default, Serialize, Deserialize, PartialEq)]
 ///
 pub struct ModuleSizes {
-    kzg: Vec<usize>,
+    polycommit: Vec<usize>,
     poseidon: (usize, Vec<usize>),
 }
 
@@ -134,7 +133,7 @@ impl ModuleSizes {
     /// Create new module sizes
     pub fn new() -> Self {
         ModuleSizes {
-            kzg: vec![],
+            polycommit: vec![],
             poseidon: (
                 0,
                 vec![0; crate::circuit::modules::poseidon::NUM_INSTANCE_COLUMNS],
@@ -156,17 +155,17 @@ impl ModuleSizes {
 /// Graph modules that can process inputs, params and outputs beyond the basic operations
 #[derive(Clone, Debug, Default, Serialize, Deserialize)]
 pub struct GraphModules {
-    kzg_idx: usize,
+    polycommit_idx: usize,
 }
 impl GraphModules {
     ///
     pub fn new() -> GraphModules {
-        GraphModules { kzg_idx: 0 }
+        GraphModules { polycommit_idx: 0 }
     }
 
     ///
     pub fn reset_index(&mut self) {
-        self.kzg_idx = 0;
+        self.polycommit_idx = 0;
     }
 }
 
@@ -179,9 +178,9 @@ impl GraphModules {
         for shape in shapes {
             let total_len = shape.iter().product::<usize>();
             if total_len > 0 {
-                if visibility.is_kzgcommit() {
-                    // 1 constraint for each kzg commitment
-                    sizes.kzg.push(total_len);
+                if visibility.is_polycommit() {
+                    // 1 constraint for each polycommit commitment
+                    sizes.polycommit.push(total_len);
                 } else if visibility.is_hashed() {
                     sizes.poseidon.0 += ModulePoseidon::num_rows(total_len);
                     // 1 constraints for hash
@@ -236,22 +235,22 @@ impl GraphModules {
         element_visibility: &Visibility,
         instance_offset: &mut usize,
     ) -> Result<(), Error> {
-        if element_visibility.is_kzgcommit() && !values.is_empty() {
+        if element_visibility.is_polycommit() && !values.is_empty() {
             // concat values and sk to get the inputs
             let mut inputs = values.iter_mut().map(|x| vec![x.clone()]).collect_vec();
 
             // layout the module
             inputs.iter_mut().for_each(|x| {
                 // create the module
-                let chip = KZGChip::new(configs.kzg[self.kzg_idx].clone());
-                // reserve module 2 onwards for kzg modules
-                let module_offset = 3 + self.kzg_idx;
+                let chip = PolyCommitChip::new(configs.polycommit[self.polycommit_idx].clone());
+                // reserve module 2 onwards for polycommit modules
+                let module_offset = 3 + self.polycommit_idx;
                 layouter
                     .assign_region(|| format!("_enter_module_{}", module_offset), |_| Ok(()))
                     .unwrap();
                 Self::layout_module(&chip, layouter, x, instance_offset).unwrap();
                 // increment the current index
-                self.kzg_idx += 1;
+                self.polycommit_idx += 1;
             });
 
             // replace the inputs with the outputs
@@ -288,14 +287,14 @@ impl GraphModules {
     }
 
     /// Run forward pass
-    pub fn forward(
-        inputs: &[Tensor<Fp>],
+    pub fn forward<Scheme: CommitmentScheme<Scalar = Fp, Curve = G1Affine>>(
+        inputs: &[Tensor<Scheme::Scalar>],
         element_visibility: &Visibility,
         vk: Option<&VerifyingKey<G1Affine>>,
-        srs: Option<&ParamsKZG<Bn256>>,
+        srs: Option<&Scheme::ParamsProver>,
     ) -> Result<ModuleForwardResult, Box<dyn std::error::Error>> {
         let mut poseidon_hash = None;
-        let mut kzg_commit = None;
+        let mut polycommit = None;
 
         if element_visibility.is_hashed() {
             let field_elements = inputs.iter().fold(vec![], |mut acc, x| {
@@ -306,11 +305,11 @@ impl GraphModules {
             poseidon_hash = Some(field_elements);
         }
 
-        if element_visibility.is_kzgcommit() {
+        if element_visibility.is_polycommit() {
             if let Some(vk) = vk {
                 if let Some(srs) = srs {
                     let commitments = inputs.iter().fold(vec![], |mut acc, x| {
-                        let res = KZGChip::commit(
+                        let res = PolyCommitChip::commit::<Scheme>(
                             x.to_vec(),
                             vk.cs().degree() as u32,
                             (vk.cs().blinding_factors() + 1) as u32,
@@ -319,20 +318,20 @@ impl GraphModules {
                         acc.push(res);
                         acc
                     });
-                    kzg_commit = Some(commitments);
+                    polycommit = Some(commitments);
                 } else {
-                    log::warn!("no srs provided for kzgcommit. processed value will be none");
+                    log::warn!("no srs provided for polycommit. processed value will be none");
                 }
             } else {
                 log::debug!(
-                    "no verifying key provided for kzgcommit. processed value will be none"
+                    "no verifying key provided for polycommit. processed value will be none"
                 );
             }
         }
 
         Ok(ModuleForwardResult {
             poseidon_hash,
-            kzg_commit,
+            polycommit,
         })
     }
 }

src/graph/utilities.rs

@@ -23,7 +23,10 @@ use std::sync::Arc;
 use tract_onnx::prelude::{DatumType, Node as OnnxNode, TypedFact, TypedOp};
 #[cfg(not(target_arch = "wasm32"))]
 use tract_onnx::tract_core::ops::{
-    array::{Gather, GatherElements, MultiBroadcastTo, OneHot, ScatterElements, Slice, Topk},
+    array::{
+        Gather, GatherElements, GatherNd, MultiBroadcastTo, OneHot, ScatterElements, ScatterNd,
+        Slice, Topk,
+    },
     change_axes::AxisOp,
     cnn::{Conv, Deconv},
     einsum::EinSum,
@@ -245,6 +248,8 @@ pub fn new_op_from_onnx(
     symbol_values: &SymbolValues,
     rebase_frac_zero_constants: bool,
 ) -> Result<(SupportedOp, Vec<usize>), Box<dyn std::error::Error>> {
+    use tract_onnx::tract_core::ops::array::Trilu;
+
     use crate::circuit::InputType;
 
     let input_scales = inputs
@@ -360,6 +365,26 @@ pub fn new_op_from_onnx(
             SupportedOp::Constant(c)
         }
 
+        "Trilu" => {
+            let op = load_op::<Trilu>(node.op(), idx, node.op().name().to_string())?;
+            let upper = op.upper;
+
+            // assert second input is a constant
+            let diagonal = if let Some(c) = inputs[1].opkind().get_mutable_constant() {
+                inputs[1].decrement_use();
+                deleted_indices.push(1);
+                let raw_values = &c.raw_values;
+                if raw_values.len() != 1 {
+                    return Err(Box::new(GraphError::InvalidDims(idx, "trilu".to_string())));
+                }
+                raw_values[0] as i32
+            } else {
+                return Err("we only support constant inputs for trilu diagonal".into());
+            };
+
+            SupportedOp::Linear(PolyOp::Trilu { upper, k: diagonal })
+        }
+
         "Gather" => {
             if inputs.len() != 2 {
                 return Err(Box::new(GraphError::InvalidDims(idx, "gather".to_string())));
@@ -467,6 +492,78 @@ pub fn new_op_from_onnx(
 
             // Extract the max value
         }
+        "ScatterNd" => {
+            if inputs.len() != 3 {
+                return Err(Box::new(GraphError::InvalidDims(
+                    idx,
+                    "scatter nd".to_string(),
+                )));
+            };
+            // just verify it deserializes correctly
+            let _op = load_op::<ScatterNd>(node.op(), idx, node.op().name().to_string())?;
+
+            let mut op = SupportedOp::Linear(crate::circuit::ops::poly::PolyOp::ScatterND {
+                constant_idx: None,
+            });
+
+            // if param_visibility.is_public() {
+            if let Some(c) = inputs[1].opkind().get_mutable_constant() {
+                inputs[1].decrement_use();
+                deleted_indices.push(inputs.len() - 1);
+                op = SupportedOp::Linear(crate::circuit::ops::poly::PolyOp::ScatterND {
+                    constant_idx: Some(c.raw_values.map(|x| x as usize)),
+                })
+            }
+            // }
+
+            if inputs[1].opkind().is_input() {
+                inputs[1].replace_opkind(SupportedOp::Input(crate::circuit::ops::Input {
+                    scale: 0,
+                    datum_type: InputType::TDim,
+                }));
+                inputs[1].bump_scale(0);
+            }
+
+            op
+        }
+
+        "GatherNd" => {
+            if inputs.len() != 2 {
+                return Err(Box::new(GraphError::InvalidDims(
+                    idx,
+                    "gather nd".to_string(),
+                )));
+            };
+            let op = load_op::<GatherNd>(node.op(), idx, node.op().name().to_string())?;
+            let batch_dims = op.batch_dims;
+
+            let mut op = SupportedOp::Linear(crate::circuit::ops::poly::PolyOp::GatherND {
+                batch_dims,
+                indices: None,
+            });
+
+            // if param_visibility.is_public() {
+            if let Some(c) = inputs[1].opkind().get_mutable_constant() {
+                inputs[1].decrement_use();
+                deleted_indices.push(inputs.len() - 1);
+                op = SupportedOp::Linear(crate::circuit::ops::poly::PolyOp::GatherND {
+                    batch_dims,
+                    indices: Some(c.raw_values.map(|x| x as usize)),
+                })
+            }
+            // }
+
+            if inputs[1].opkind().is_input() {
+                inputs[1].replace_opkind(SupportedOp::Input(crate::circuit::ops::Input {
+                    scale: 0,
+                    datum_type: InputType::TDim,
+                }));
+                inputs[1].bump_scale(0);
+            }
+
+            op
+        }
+
         "GatherElements" => {
             if inputs.len() != 2 {
                 return Err(Box::new(GraphError::InvalidDims(
@@ -764,6 +861,9 @@ pub fn new_op_from_onnx(
         }
         "Abs" => SupportedOp::Nonlinear(LookupOp::Abs),
         "Neg" => SupportedOp::Linear(PolyOp::Neg),
+        "HardSwish" => SupportedOp::Nonlinear(LookupOp::HardSwish {
+            scale: scale_to_multiplier(inputs[0].out_scales()[0]).into(),
+        }),
         "Sigmoid" => SupportedOp::Nonlinear(LookupOp::Sigmoid {
             scale: scale_to_multiplier(inputs[0].out_scales()[0]).into(),
         }),

src/graph/vars.rs

@@ -45,7 +45,7 @@ pub enum Visibility {
 impl Display for Visibility {
     fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
         match self {
-            Visibility::KZGCommit => write!(f, "kzgcommit"),
+            Visibility::KZGCommit => write!(f, "polycommit"),
             Visibility::Private => write!(f, "private"),
             Visibility::Public => write!(f, "public"),
             Visibility::Fixed => write!(f, "fixed"),
@@ -88,7 +88,7 @@ impl<'a> From<&'a str> for Visibility {
         match s {
             "private" => Visibility::Private,
             "public" => Visibility::Public,
-            "kzgcommit" => Visibility::KZGCommit,
+            "polycommit" => Visibility::KZGCommit,
             "fixed" => Visibility::Fixed,
             "hashed" | "hashed/public" => Visibility::Hashed {
                 hash_is_public: true,
@@ -111,7 +111,7 @@ impl IntoPy<PyObject> for Visibility {
             Visibility::Private => "private".to_object(py),
             Visibility::Public => "public".to_object(py),
             Visibility::Fixed => "fixed".to_object(py),
-            Visibility::KZGCommit => "kzgcommit".to_object(py),
+            Visibility::KZGCommit => "polycommit".to_object(py),
             Visibility::Hashed {
                 hash_is_public,
                 outlets,
@@ -158,7 +158,7 @@ impl<'source> FromPyObject<'source> for Visibility {
         match strval.to_lowercase().as_str() {
             "private" => Ok(Visibility::Private),
             "public" => Ok(Visibility::Public),
-            "kzgcommit" => Ok(Visibility::KZGCommit),
+            "polycommit" => Ok(Visibility::KZGCommit),
             "hashed" => Ok(Visibility::Hashed {
                 hash_is_public: true,
                 outlets: vec![],
@@ -192,7 +192,7 @@ impl Visibility {
         matches!(&self, Visibility::Hashed { .. })
     }
     #[allow(missing_docs)]
-    pub fn is_kzgcommit(&self) -> bool {
+    pub fn is_polycommit(&self) -> bool {
         matches!(&self, Visibility::KZGCommit)
     }
 
@@ -323,9 +323,9 @@ impl VarVisibility {
             & !output_vis.is_hashed()
             & !params_vis.is_hashed()
             & !input_vis.is_hashed()
-            & !output_vis.is_kzgcommit()
-            & !params_vis.is_kzgcommit()
-            & !input_vis.is_kzgcommit()
+            & !output_vis.is_polycommit()
+            & !params_vis.is_polycommit()
+            & !input_vis.is_polycommit()
         {
             return Err(Box::new(GraphError::Visibility));
         }

src/lib.rs

@@ -28,9 +28,15 @@
 //! A library for turning computational graphs, such as neural networks, into ZK-circuits.
 //!
 
+use std::str::FromStr;
+
 use circuit::{table::Range, CheckMode, Tolerance};
 use clap::Args;
 use graph::Visibility;
+use halo2_proofs::poly::{
+    ipa::commitment::IPACommitmentScheme, kzg::commitment::KZGCommitmentScheme,
+};
+use halo2curves::bn256::{Bn256, G1Affine};
 use serde::{Deserialize, Serialize};
 use tosubcommand::ToFlags;
 
@@ -97,6 +103,71 @@ const EZKL_KEY_FORMAT: &str = "raw-bytes";
 #[cfg(target_arch = "wasm32")]
 const EZKL_BUF_CAPACITY: &usize = &8000;
 
+#[derive(
+    Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Serialize, Deserialize, Default, Copy,
+)]
+/// Commitment scheme
+pub enum Commitments {
+    #[default]
+    /// KZG
+    KZG,
+    /// IPA
+    IPA,
+}
+
+impl FromStr for Commitments {
+    type Err = String;
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        match s.to_lowercase().as_str() {
+            "kzg" => Ok(Commitments::KZG),
+            "ipa" => Ok(Commitments::IPA),
+            _ => Err("Invalid value for Commitments".to_string()),
+        }
+    }
+}
+
+impl From<KZGCommitmentScheme<Bn256>> for Commitments {
+    fn from(_value: KZGCommitmentScheme<Bn256>) -> Self {
+        Commitments::KZG
+    }
+}
+
+impl From<IPACommitmentScheme<G1Affine>> for Commitments {
+    fn from(_value: IPACommitmentScheme<G1Affine>) -> Self {
+        Commitments::IPA
+    }
+}
+
+impl std::fmt::Display for Commitments {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            Commitments::KZG => write!(f, "kzg"),
+            Commitments::IPA => write!(f, "ipa"),
+        }
+    }
+}
+
+impl ToFlags for Commitments {
+    /// Convert the struct to a subcommand string
+    fn to_flags(&self) -> Vec<String> {
+        vec![format!("{}", self)]
+    }
+}
+
+impl From<String> for Commitments {
+    fn from(value: String) -> Self {
+        match value.to_lowercase().as_str() {
+            "kzg" => Commitments::KZG,
+            "ipa" => Commitments::IPA,
+            _ => {
+                log::error!("Invalid value for Commitments");
+                log::warn!("defaulting to KZG");
+                Commitments::KZG
+            }
+        }
+    }
+}
+
 /// Parameters specific to a proving run
 #[derive(Debug, Args, Deserialize, Serialize, Clone, PartialEq, PartialOrd, ToFlags)]
 pub struct RunArgs {
@@ -142,6 +213,9 @@ pub struct RunArgs {
     /// check mode (safe, unsafe, etc)
     #[arg(long, default_value = "unsafe")]
     pub check_mode: CheckMode,
+    /// commitment scheme
+    #[arg(long, default_value = "kzg")]
+    pub commitment: Commitments,
 }
 
 impl Default for RunArgs {
@@ -161,6 +235,7 @@ impl Default for RunArgs {
             div_rebasing: false,
             rebase_frac_zero_constants: false,
             check_mode: CheckMode::UNSAFE,
+            commitment: Commitments::KZG,
         }
     }
 }

src/pfsys/evm/mod.rs

@@ -1,7 +1,7 @@
 use thiserror::Error;
 
-/// Aggregate proof generation for EVM
-pub mod aggregation;
+/// Aggregate proof generation for EVM using KZG
+pub mod aggregation_kzg;
 
 #[derive(Error, Debug)]
 /// Errors related to evm verification

src/pfsys/mod.rs

@@ -6,17 +6,16 @@ pub mod srs;
 
 use crate::circuit::CheckMode;
 use crate::graph::GraphWitness;
-use crate::pfsys::evm::aggregation::PoseidonTranscript;
-use crate::tensor::TensorType;
-use crate::{EZKL_BUF_CAPACITY, EZKL_KEY_FORMAT};
+use crate::pfsys::evm::aggregation_kzg::PoseidonTranscript;
+use crate::{Commitments, EZKL_BUF_CAPACITY, EZKL_KEY_FORMAT};
 use clap::ValueEnum;
 use halo2_proofs::circuit::Value;
 use halo2_proofs::plonk::{
     create_proof, keygen_pk, keygen_vk_custom, verify_proof, Circuit, ProvingKey, VerifyingKey,
 };
 use halo2_proofs::poly::commitment::{CommitmentScheme, Params, ParamsProver, Prover, Verifier};
-use halo2_proofs::poly::kzg::commitment::{KZGCommitmentScheme, ParamsKZG};
-use halo2_proofs::poly::kzg::multiopen::{ProverSHPLONK, VerifierSHPLONK};
+use halo2_proofs::poly::ipa::commitment::IPACommitmentScheme;
+use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
 use halo2_proofs::poly::VerificationStrategy;
 use halo2_proofs::transcript::{EncodedChallenge, TranscriptReadBuffer, TranscriptWriterBuffer};
 use halo2curves::ff::{FromUniformBytes, PrimeField, WithSmallOrderMulGroup};
@@ -32,7 +31,6 @@ use serde::de::DeserializeOwned;
 use serde::{Deserialize, Serialize};
 use snark_verifier::loader::native::NativeLoader;
 use snark_verifier::system::halo2::transcript::evm::EvmTranscript;
-use snark_verifier::system::halo2::{compile, Config};
 use snark_verifier::verifier::plonk::PlonkProtocol;
 use std::error::Error;
 use std::fs::File;
@@ -293,6 +291,8 @@ where
     pub pretty_public_inputs: Option<PrettyElements>,
     /// timestamp
     pub timestamp: Option<u128>,
+    /// commitment
+    pub commitment: Option<Commitments>,
 }
 
 #[cfg(feature = "python-bindings")]
@@ -336,6 +336,7 @@ where
         transcript_type: TranscriptType,
         split: Option<ProofSplitCommit>,
         pretty_public_inputs: Option<PrettyElements>,
+        commitment: Option<Commitments>,
     ) -> Self {
         Self {
             protocol,
@@ -352,6 +353,7 @@ where
                     .unwrap()
                     .as_millis(),
             ),
+            commitment,
         }
     }
 
@@ -398,27 +400,36 @@ impl From<GraphWitness> for Option<ProofSplitCommit> {
         let mut elem_offset = 0;
 
         if let Some(input) = witness.processed_inputs {
-            if let Some(kzg) = input.kzg_commit {
+            if let Some(polycommit) = input.polycommit {
                 // flatten and count number of elements
-                let num_elements = kzg.iter().map(|kzg| kzg.len()).sum::<usize>();
+                let num_elements = polycommit
+                    .iter()
+                    .map(|polycommit| polycommit.len())
+                    .sum::<usize>();
 
                 elem_offset += num_elements;
             }
         }
 
         if let Some(params) = witness.processed_params {
-            if let Some(kzg) = params.kzg_commit {
+            if let Some(polycommit) = params.polycommit {
                 // flatten and count number of elements
-                let num_elements = kzg.iter().map(|kzg| kzg.len()).sum::<usize>();
+                let num_elements = polycommit
+                    .iter()
+                    .map(|polycommit| polycommit.len())
+                    .sum::<usize>();
 
                 elem_offset += num_elements;
             }
         }
 
         if let Some(output) = witness.processed_outputs {
-            if let Some(kzg) = output.kzg_commit {
+            if let Some(polycommit) = output.polycommit {
                 // flatten and count number of elements
-                let num_elements = kzg.iter().map(|kzg| kzg.len()).sum::<usize>();
+                let num_elements = polycommit
+                    .iter()
+                    .map(|polycommit| polycommit.len())
+                    .sum::<usize>();
 
                 Some(ProofSplitCommit {
                     start: elem_offset,
@@ -481,7 +492,7 @@ where
 }
 
 /// Creates a [VerifyingKey] and [ProvingKey] for a [crate::graph::GraphCircuit] (`circuit`) with specific [CommitmentScheme] parameters (`params`).
-pub fn create_keys<Scheme: CommitmentScheme, F: PrimeField + TensorType, C: Circuit<F>>(
+pub fn create_keys<Scheme: CommitmentScheme, C: Circuit<Scheme::Scalar>>(
     circuit: &C,
     params: &'_ Scheme::ParamsProver,
     disable_selector_compression: bool,
@@ -491,7 +502,7 @@ where
     <Scheme as CommitmentScheme>::Scalar: FromUniformBytes<64>,
 {
     //	Real proof
-    let empty_circuit = <C as Circuit<F>>::without_witnesses(circuit);
+    let empty_circuit = <C as Circuit<Scheme::Scalar>>::without_witnesses(circuit);
 
     // Initialize verifying key
     let now = Instant::now();
@@ -513,8 +524,7 @@ where
 pub fn create_proof_circuit<
     'params,
     Scheme: CommitmentScheme,
-    F: PrimeField + TensorType,
-    C: Circuit<F>,
+    C: Circuit<Scheme::Scalar>,
     P: Prover<'params, Scheme>,
     V: Verifier<'params, Scheme>,
     Strategy: VerificationStrategy<'params, Scheme, V>,
@@ -526,40 +536,28 @@ pub fn create_proof_circuit<
     instances: Vec<Vec<Scheme::Scalar>>,
     params: &'params Scheme::ParamsProver,
     pk: &ProvingKey<Scheme::Curve>,
-    strategy: Strategy,
     check_mode: CheckMode,
+    commitment: Commitments,
     transcript_type: TranscriptType,
     split: Option<ProofSplitCommit>,
-    set_protocol: bool,
+    protocol: Option<PlonkProtocol<Scheme::Curve>>,
 ) -> Result<Snark<Scheme::Scalar, Scheme::Curve>, Box<dyn Error>>
 where
-    C: Circuit<Scheme::Scalar>,
     Scheme::ParamsVerifier: 'params,
     Scheme::Scalar: Serialize
         + DeserializeOwned
         + SerdeObject
         + PrimeField
         + FromUniformBytes<64>
-        + WithSmallOrderMulGroup<3>
-        + Ord,
+        + WithSmallOrderMulGroup<3>,
     Scheme::Curve: Serialize + DeserializeOwned,
 {
+    let strategy = Strategy::new(params.verifier_params());
     let mut transcript = TranscriptWriterBuffer::<_, Scheme::Curve, _>::init(vec![]);
     #[cfg(feature = "det-prove")]
     let mut rng = <StdRng as rand::SeedableRng>::from_seed([0u8; 32]);
     #[cfg(not(feature = "det-prove"))]
     let mut rng = OsRng;
-    let number_instance = instances.iter().map(|x| x.len()).collect();
-    trace!("number_instance {:?}", number_instance);
-    let mut protocol = None;
-
-    if set_protocol {
-        protocol = Some(compile(
-            params,
-            pk.get_vk(),
-            Config::kzg().with_num_instance(number_instance),
-        ))
-    }
 
     let pi_inner = instances
         .iter()
@@ -595,13 +593,14 @@ where
         transcript_type,
         split,
         None,
+        Some(commitment),
     );
 
     // sanity check that the generated proof is valid
     if check_mode == CheckMode::SAFE {
         debug!("verifying generated proof");
         let verifier_params = params.verifier_params();
-        verify_proof_circuit::<F, V, Scheme, Strategy, E, TR>(
+        verify_proof_circuit::<V, Scheme, Strategy, E, TR>(
             &checkable_pf,
             verifier_params,
             pk.get_vk(),
@@ -621,7 +620,6 @@ where
 
 /// Swaps the proof commitments to a new set in the proof
 pub fn swap_proof_commitments<
-    F: PrimeField,
     Scheme: CommitmentScheme,
     E: EncodedChallenge<Scheme::Curve>,
     TW: TranscriptWriterBuffer<Vec<u8>, Scheme::Curve, E>,
@@ -641,7 +639,7 @@ where
 {
     let mut transcript_new: TW = TranscriptWriterBuffer::<_, Scheme::Curve, _>::init(vec![]);
 
-    // kzg commitments are the first set of points in the proof, this we'll always be the first set of advice
+    // polycommit commitments are the first set of points in the proof, this we'll always be the first set of advice
     for commit in commitments {
         transcript_new
             .write_point(*commit)
@@ -659,31 +657,46 @@ where
 }
 
 /// Swap the proof commitments to a new set in the proof for KZG
-pub fn swap_proof_commitments_kzg(
+pub fn swap_proof_commitments_polycommit(
     snark: &Snark<Fr, G1Affine>,
     commitments: &[G1Affine],
 ) -> Result<Snark<Fr, G1Affine>, Box<dyn Error>> {
-    let proof = match snark.transcript_type {
-        TranscriptType::EVM => swap_proof_commitments::<
-            Fr,
-            KZGCommitmentScheme<Bn256>,
-            _,
-            EvmTranscript<G1Affine, _, _, _>,
-        >(snark, commitments)?,
-        TranscriptType::Poseidon => swap_proof_commitments::<
-            Fr,
-            KZGCommitmentScheme<Bn256>,
-            _,
-            PoseidonTranscript<NativeLoader, _>,
-        >(snark, commitments)?,
+    let proof = match snark.commitment {
+        Some(Commitments::KZG) => match snark.transcript_type {
+            TranscriptType::EVM => swap_proof_commitments::<
+                KZGCommitmentScheme<Bn256>,
+                _,
+                EvmTranscript<G1Affine, _, _, _>,
+            >(snark, commitments)?,
+            TranscriptType::Poseidon => swap_proof_commitments::<
+                KZGCommitmentScheme<Bn256>,
+                _,
+                PoseidonTranscript<NativeLoader, _>,
+            >(snark, commitments)?,
+        },
+        Some(Commitments::IPA) => match snark.transcript_type {
+            TranscriptType::EVM => swap_proof_commitments::<
+                IPACommitmentScheme<G1Affine>,
+                _,
+                EvmTranscript<G1Affine, _, _, _>,
+            >(snark, commitments)?,
+            TranscriptType::Poseidon => swap_proof_commitments::<
+                IPACommitmentScheme<G1Affine>,
+                _,
+                PoseidonTranscript<NativeLoader, _>,
+            >(snark, commitments)?,
+        },
+        None => {
+            return Err("commitment scheme not found".into());
+        }
     };
+
     Ok(proof)
 }
 
 /// A wrapper around halo2's verify_proof
 pub fn verify_proof_circuit<
     'params,
-    F: PrimeField,
     V: Verifier<'params, Scheme>,
     Scheme: CommitmentScheme,
     Strategy: VerificationStrategy<'params, Scheme, V>,
@@ -701,7 +714,6 @@ where
         + PrimeField
         + FromUniformBytes<64>
         + WithSmallOrderMulGroup<3>
-        + Ord
         + Serialize
         + DeserializeOwned,
     Scheme::Curve: Serialize + DeserializeOwned,
@@ -719,7 +731,7 @@ where
 }
 
 /// Loads a [VerifyingKey] at `path`.
-pub fn load_vk<Scheme: CommitmentScheme, F: PrimeField + TensorType, C: Circuit<F>>(
+pub fn load_vk<Scheme: CommitmentScheme, C: Circuit<Scheme::Scalar>>(
     path: PathBuf,
     params: <C as Circuit<Scheme::Scalar>>::Params,
 ) -> Result<VerifyingKey<Scheme::Curve>, Box<dyn Error>>
@@ -742,7 +754,7 @@ where
 }
 
 /// Loads a [ProvingKey] at `path`.
-pub fn load_pk<Scheme: CommitmentScheme, F: PrimeField + TensorType, C: Circuit<F>>(
+pub fn load_pk<Scheme: CommitmentScheme, C: Circuit<Scheme::Scalar>>(
     path: PathBuf,
     params: <C as Circuit<Scheme::Scalar>>::Params,
 ) -> Result<ProvingKey<Scheme::Curve>, Box<dyn Error>>
@@ -765,13 +777,12 @@ where
 }
 
 /// Saves a [ProvingKey] to `path`.
-pub fn save_pk<Scheme: CommitmentScheme>(
+pub fn save_pk<C: SerdeObject + CurveAffine>(
     path: &PathBuf,
-    pk: &ProvingKey<Scheme::Curve>,
+    pk: &ProvingKey<C>,
 ) -> Result<(), io::Error>
 where
-    Scheme::Curve: SerdeObject + CurveAffine,
-    Scheme::Scalar: PrimeField + SerdeObject + FromUniformBytes<64>,
+    C::ScalarExt: FromUniformBytes<64> + SerdeObject,
 {
     info!("saving proving key 💾");
     let f = File::create(path)?;
@@ -783,13 +794,12 @@ where
 }
 
 /// Saves a [VerifyingKey] to `path`.
-pub fn save_vk<Scheme: CommitmentScheme>(
+pub fn save_vk<C: CurveAffine + SerdeObject>(
     path: &PathBuf,
-    vk: &VerifyingKey<Scheme::Curve>,
+    vk: &VerifyingKey<C>,
 ) -> Result<(), io::Error>
 where
-    Scheme::Curve: SerdeObject + CurveAffine,
-    Scheme::Scalar: PrimeField + SerdeObject + FromUniformBytes<64>,
+    C::ScalarExt: FromUniformBytes<64> + SerdeObject,
 {
     info!("saving verification key 💾");
     let f = File::create(path)?;
@@ -813,156 +823,25 @@ pub fn save_params<Scheme: CommitmentScheme>(
     Ok(())
 }
 
-/// helper function
-#[allow(clippy::too_many_arguments)]
-pub fn create_proof_circuit_kzg<
-    'params,
-    C: Circuit<Fr>,
-    Strategy: VerificationStrategy<'params, KZGCommitmentScheme<Bn256>, VerifierSHPLONK<'params, Bn256>>,
->(
-    circuit: C,
-    params: &'params ParamsKZG<Bn256>,
-    public_inputs: Option<Vec<Fr>>,
-    pk: &ProvingKey<G1Affine>,
-    transcript: TranscriptType,
-    strategy: Strategy,
-    check_mode: CheckMode,
-    split: Option<ProofSplitCommit>,
-) -> Result<Snark<Fr, G1Affine>, Box<dyn Error>> {
-    let public_inputs = if let Some(public_inputs) = public_inputs {
-        if !public_inputs.is_empty() {
-            vec![public_inputs]
-        } else {
-            vec![vec![]]
-        }
-    } else {
-        vec![]
-    };
-
-    match transcript {
-        TranscriptType::EVM => create_proof_circuit::<
-            KZGCommitmentScheme<_>,
-            Fr,
-            _,
-            ProverSHPLONK<_>,
-            VerifierSHPLONK<_>,
-            _,
-            _,
-            EvmTranscript<G1Affine, _, _, _>,
-            EvmTranscript<G1Affine, _, _, _>,
-        >(
-            circuit,
-            public_inputs,
-            params,
-            pk,
-            strategy,
-            check_mode,
-            transcript,
-            split,
-            false,
-        )
-        .map_err(Box::<dyn Error>::from),
-        TranscriptType::Poseidon => create_proof_circuit::<
-            KZGCommitmentScheme<_>,
-            Fr,
-            _,
-            ProverSHPLONK<_>,
-            VerifierSHPLONK<_>,
-            _,
-            _,
-            PoseidonTranscript<NativeLoader, _>,
-            PoseidonTranscript<NativeLoader, _>,
-        >(
-            circuit,
-            public_inputs,
-            params,
-            pk,
-            strategy,
-            check_mode,
-            transcript,
-            split,
-            true,
-        )
-        .map_err(Box::<dyn Error>::from),
-    }
-}
-
-#[allow(unused)]
-/// helper function
-pub(crate) fn verify_proof_circuit_kzg<
-    'params,
-    Strategy: VerificationStrategy<'params, KZGCommitmentScheme<Bn256>, VerifierSHPLONK<'params, Bn256>>,
->(
-    params: &'params ParamsKZG<Bn256>,
-    proof: Snark<Fr, G1Affine>,
-    vk: &VerifyingKey<G1Affine>,
-    strategy: Strategy,
-    orig_n: u64,
-) -> Result<Strategy::Output, halo2_proofs::plonk::Error> {
-    match proof.transcript_type {
-        TranscriptType::EVM => verify_proof_circuit::<
-            Fr,
-            VerifierSHPLONK<'_, Bn256>,
-            _,
-            _,
-            _,
-            EvmTranscript<G1Affine, _, _, _>,
-        >(&proof, params, vk, strategy, orig_n),
-        TranscriptType::Poseidon => verify_proof_circuit::<
-            Fr,
-            VerifierSHPLONK<'_, Bn256>,
-            _,
-            _,
-            _,
-            PoseidonTranscript<NativeLoader, _>,
-        >(&proof, params, vk, strategy, orig_n),
-    }
-}
-
 ////////////////////////
 
 #[cfg(test)]
 #[cfg(not(target_arch = "wasm32"))]
 mod tests {
-    use std::io::copy;
 
     use super::*;
     use halo2_proofs::poly::kzg::commitment::KZGCommitmentScheme;
     use halo2curves::bn256::{Bn256, Fr, G1Affine};
     use tempfile::Builder;
 
-    #[tokio::test]
-    async fn test_can_load_pre_generated_srs() {
-        let tmp_dir = Builder::new().prefix("example").tempdir().unwrap();
-        // lets hope this link never rots
-        let target = "https://trusted-setup-halo2kzg.s3.eu-central-1.amazonaws.com/hermez-raw-1";
-        let response = reqwest::get(target).await.unwrap();
-
-        let fname = response
-            .url()
-            .path_segments()
-            .and_then(|segments| segments.last())
-            .and_then(|name| if name.is_empty() { None } else { Some(name) })
-            .unwrap_or("tmp.bin");
-
-        info!("file to download: '{}'", fname);
-        let fname = tmp_dir.path().join(fname);
-        info!("will be located under: '{:?}'", fname);
-        let mut dest = File::create(fname.clone()).unwrap();
-        let content = response.bytes().await.unwrap();
-        copy(&mut &content[..], &mut dest).unwrap();
-        let res = srs::load_srs::<KZGCommitmentScheme<Bn256>>(fname);
-        assert!(res.is_ok())
-    }
-
     #[tokio::test]
     async fn test_can_load_saved_srs() {
         let tmp_dir = Builder::new().prefix("example").tempdir().unwrap();
-        let fname = tmp_dir.path().join("kzg.params");
+        let fname = tmp_dir.path().join("polycommit.params");
         let srs = srs::gen_srs::<KZGCommitmentScheme<Bn256>>(1);
         let res = save_params::<KZGCommitmentScheme<Bn256>>(&fname, &srs);
         assert!(res.is_ok());
-        let res = srs::load_srs::<KZGCommitmentScheme<Bn256>>(fname);
+        let res = srs::load_srs_prover::<KZGCommitmentScheme<Bn256>>(fname);
         assert!(res.is_ok())
     }
 
@@ -977,6 +856,7 @@ mod tests {
             split: None,
             pretty_public_inputs: None,
             timestamp: None,
+            commitment: None,
         };
 
         snark