We present a new sumcheck protocol called Fold-DCS (Fold-Divide-and-Conquer-Sumcheck) for multivariate polynomials based on a divide-and-conquer strategy. Its round complexity and soundness error are logarithmic in the number of variables, whereas they are linear in the classical sumcheck protocol. This drastic improvement in number of rounds and soundness comes at the expense of exchanging multivariate polynomials, which can be alleviated using polynomial commitment schemes. We first present Fold-DCS in the PIOP model, where the prover provides oracle access to a multivariate polynomial at each round. We then replace this oracle access in practice with a multivariate polynomial commitment scheme; we illustrate this with an adapted version of the recent commitment scheme Zeromorph [KT24], which allows us to replace most of the queries made by the verifier with a single batched evaluation check.

翻译：本文提出了一种基于分治策略的新型多元多项式求和校验协议——Fold-DCS（折叠分治求和校验）。其轮复杂度和可靠性误差相对于变量数量呈对数增长，而经典求和校验协议中这两项指标均为线性增长。这一在轮数与可靠性方面的显著改进，是以交换多元多项式为代价实现的，该代价可通过多项式承诺方案予以缓解。我们首先在PIOP模型中提出Fold-DCS协议，其中证明者在每轮提供对多元多项式的预言机访问。随后，我们在实践中使用多元多项式承诺方案替代该预言机访问；本文通过适配近期承诺方案Zeromorph[KT24]的版本进行说明，该方案使我们能够将验证者发起的大多数查询替换为单次批处理求值验证。