Struct MultiDegreeSumcheck 

pub struct MultiDegreeSumcheck<F>(/* private fields */);

Implementations

impl<F: FromPrimitiveWithConfig> MultiDegreeSumcheck<F>

pub fn prove_as_subprotocol( transcript: &mut impl Transcript, groups: Vec<MultiDegreeSumcheckGroup<F>>, num_vars: usize, config: &F::Config, ) -> (MultiDegreeSumcheckProof<F>, Vec<SumcheckProverState<F>>)

where F: InnerTransparentField + Send + Sync, F::Inner: ConstTranscribable + Zero, F::Modulus: ConstTranscribable,

Multi-degree sumcheck prover.

Runs the prover side of the sumcheck protocol for G degree groups sharing one verifier challenge per round. Proves the claim:

$$ \sum_{x \in {0, 1}^{\text{num\_vars}}} G_g(x) = \text{claimed\_sum}_g \quad \forall g $$

where $G_g(x) = \text{comb\_fn}_g(\text{mles}_g(x))$ is the combination function for group $g$ applied to its MLEs.

It is designed to be used as a subprotocol within a larger system. since it takes the FS transcript (transcript argument) as input and returns the internal ProverState alongside the sumcheck proof.

Claimed sums are derived by the prover during the first round.

Arguments

• transcript: Fiat-Shamir transcript.
• groups: One MultiDegreeSumcheckGroup per degree bucket, each carrying its MLEs and combination function.
• num_vars: Number of variables (must be consistent across all groups).
• config: Field configuration.

Returns

A tuple containing:

1. MultiDegreeSumcheckProof<F>: The proof (group messages, claimed sums, degrees).
2. Vec<ProverState<F>>: Per-group prover states — needed by the caller to evaluate MLEs at the shared point after the sumcheck.

Panics

• Panics if num_vars == 0 or groups is empty.

pub fn verify_as_subprotocol( transcript: &mut impl Transcript, num_vars: usize, proof: &MultiDegreeSumcheckProof<F>, config: &F::Config, ) -> Result<MultiDegreeSubClaims<F>, SumCheckError<F>>

where F: InnerTransparentField, F::Inner: ConstTranscribable, F::Modulus: ConstTranscribable,

Multi-degree sumcheck verifier.

Runs the verifier side of the sumcheck protocol for G degree groups sharing one verifier challenge per round. Verifies the claim:

$$ \sum_{x \in {0, 1}^{\text{num\_vars}}} G_g(x) = \text{claimed\_sum}_g \quad \forall g $$

where $G_g(x) = \text{comb\_fn}_g(\text{mles}_g(x))$.

It is designed to be used as a subprotocol within a larger system. If successful, it returns Subclaim for each group, a final equation that the outer protocol must satisfy for the overall sumcheck proof to be valid.

Mirrors the prover transcript exactly: absorbs metadata, then per-round absorbs all group messages, samples one shared challenge, and calls VerifierState::check_and_generate_subclaim per group. Per-group degrees are read from the proof — no external degree parameter needed.

Arguments

• transcript: Fiat-Shamir transcript (must match prover state at the start of the sumcheck).
• num_vars: Number of variables (sumcheck rounds).
• proof: The MultiDegreeSumcheckProof produced by the prover.
• config: Field configuration.

Returns

• Ok(MultiDegreeSubClaims<F>): Shared evaluation point r* and per-group expected evaluations. The caller must verify each group’s MLE combination at r* equals its expected evaluation.
• Err(SumCheckError<F>): If any round check fails.

Panics

• Panics if num_vars == 0 or the proof has no groups.