From 6743afcc77014fac575469395116b77dd205caf7 Mon Sep 17 00:00:00 2001 From: ludamad Date: Mon, 27 Nov 2023 18:55:43 -0500 Subject: [PATCH 01/67] feat: Aztec CI files in Noir (#3430) This is a dual-list commit in both Noir and aztec repo. In this PR, Aztec gets the code to make a mirror, and the mirror action pushes to our `aztec` branch in Noir. The `aztec` branch features this as the first commit, to then be pushed one by one from master as Noir changes come in. --------- Co-authored-by: ludamad --- .dockerignore | 22 ++++++++++++++++++++++ .gitignore | 3 +++ Dockerfile | 15 +++++++++++++++ Dockerfile.packages | 19 +++++++++++++++++++ acvm-repo/acvm_js/build.sh | 2 +- bootstrap.sh | 19 +++++++++++++++++++ compiler/wasm/build.sh | 2 +- package.json | 2 +- scripts/bootstrap_native.sh | 14 ++++++++++++++ scripts/bootstrap_packages.sh | 32 ++++++++++++++++++++++++++++++++ scripts/install_wasm-bindgen.sh | 10 ++++++++++ tooling/noirc_abi_wasm/build.sh | 2 +- 12 files changed, 138 insertions(+), 4 deletions(-) create mode 100644 .dockerignore create mode 100644 Dockerfile create mode 100644 Dockerfile.packages create mode 100755 bootstrap.sh create mode 100755 scripts/bootstrap_native.sh create mode 100755 scripts/bootstrap_packages.sh create mode 100755 scripts/install_wasm-bindgen.sh diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000000..25dd24f015c --- /dev/null +++ b/.dockerignore @@ -0,0 +1,22 @@ +Dockerfile* +.dockerignore + +packages +**/package.tgz +**/target +**/node_modules +**/outputs + +# Source resolver +compiler/source-resolver/lib +compiler/source-resolver/lib-node + +# Noir.js +tooling/noir_js/lib + +# Wasm build artifacts +compiler/wasm/nodejs +compiler/wasm/web +tooling/noirc_abi_wasm/nodejs +tooling/noirc_abi_wasm/web +tooling/noir_js/lib \ No newline at end of file diff --git a/.gitignore b/.gitignore index 2a8db5d2686..355ae67f11c 100644 --- a/.gitignore +++ b/.gitignore @@ -54,5 +54,8 @@ tooling/noirc_abi_wasm/nodejs tooling/noirc_abi_wasm/web tooling/noir_js/lib +**/package.tgz +packages + # docs autogen build /docs/docs/noir_js/reference/ diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000000..ac818cb8bd2 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,15 @@ +FROM rust:alpine3.17 +RUN apk update \ + && apk upgrade \ + && apk add --no-cache \ + build-base \ + bash +WORKDIR /usr/src/noir +COPY . . +RUN ./scripts/bootstrap_native.sh + +# When running the container, mount the current working directory to /project. +FROM alpine:3.17 +COPY --from=0 /usr/src/noir/target/release/nargo /usr/src/noir/target/release/nargo +WORKDIR /project +ENTRYPOINT ["/usr/src/noir/target/release/nargo"] \ No newline at end of file diff --git a/Dockerfile.packages b/Dockerfile.packages new file mode 100644 index 00000000000..11737014e3d --- /dev/null +++ b/Dockerfile.packages @@ -0,0 +1,19 @@ +FROM rust:alpine3.17 +RUN apk update \ + && apk upgrade \ + && apk add --no-cache \ + build-base \ + pkgconfig \ + openssl-dev \ + npm \ + yarn \ + bash \ + jq +WORKDIR /usr/src/noir +COPY . . +RUN ./scripts/bootstrap_packages.sh + +FROM scratch +COPY --from=0 /usr/src/noir/packages /usr/src/noir/packages +# For some unknown reason, on alpine only, we need this to exist. +COPY --from=0 /usr/src/noir/node_modules/@noir-lang /usr/src/noir/node_modules/@noir-lang \ No newline at end of file diff --git a/acvm-repo/acvm_js/build.sh b/acvm-repo/acvm_js/build.sh index 37f2fd0a5a9..24af149bcea 100755 --- a/acvm-repo/acvm_js/build.sh +++ b/acvm-repo/acvm_js/build.sh @@ -34,7 +34,7 @@ export CARGO_TARGET_DIR=$self_path/target rm -rf $self_path/outputs >/dev/null 2>&1 rm -rf $self_path/result >/dev/null 2>&1 -if [ -v out ]; then +if [ -n "$out" ]; then echo "Will install package to $out (defined outside installPhase.sh script)" else export out="$self_path/outputs/out" diff --git a/bootstrap.sh b/bootstrap.sh new file mode 100755 index 00000000000..bf672ac0ad2 --- /dev/null +++ b/bootstrap.sh @@ -0,0 +1,19 @@ +#!/bin/bash +set -eu + +cd $(dirname "$0") + +CMD=${1:-} + +if [ -n "$CMD" ]; then + if [ "$CMD" = "clean" ]; then + git clean -fdx + exit 0 + else + echo "Unknown command: $CMD" + exit 1 + fi +fi + +./scripts/bootstrap_native.sh +./scripts/bootstrap_packages.sh \ No newline at end of file diff --git a/compiler/wasm/build.sh b/compiler/wasm/build.sh index 37f2fd0a5a9..24af149bcea 100755 --- a/compiler/wasm/build.sh +++ b/compiler/wasm/build.sh @@ -34,7 +34,7 @@ export CARGO_TARGET_DIR=$self_path/target rm -rf $self_path/outputs >/dev/null 2>&1 rm -rf $self_path/result >/dev/null 2>&1 -if [ -v out ]; then +if [ -n "$out" ]; then echo "Will install package to $out (defined outside installPhase.sh script)" else export out="$self_path/outputs/out" diff --git a/package.json b/package.json index 0e86b100b7c..bced1fb21e8 100644 --- a/package.json +++ b/package.json @@ -19,7 +19,7 @@ "test": "yarn workspaces foreach run test", "test:integration": "yarn workspace integration-tests test", "clean:workspaces": "yarn workspaces foreach --exclude @noir-lang/root run clean", - "clean:root": "rm -rf ./result ./target", + "clean:root": "rm -rf ./result ./target ./packages", "clean": "yarn clean:workspaces && yarn clean:root", "lint": "yarn workspaces foreach --verbose run lint", "install:acvm_js": "yarn workspace @noir-lang/acvm_js run install:from:nix", diff --git a/scripts/bootstrap_native.sh b/scripts/bootstrap_native.sh new file mode 100755 index 00000000000..26cd44704aa --- /dev/null +++ b/scripts/bootstrap_native.sh @@ -0,0 +1,14 @@ +#!/bin/bash +set -eu + +cd $(dirname "$0")/.. + +# If this project has been subrepod into another project, set build data manually. +if [ -f ".gitrepo" ]; then + export SOURCE_DATE_EPOCH=$(date +%s) + export GIT_DIRTY=false + export GIT_COMMIT=$(awk '/commit =/ {print $3}' .gitrepo) +fi + +# Build native. +cargo build --features="noirc_frontend/aztec" --release \ No newline at end of file diff --git a/scripts/bootstrap_packages.sh b/scripts/bootstrap_packages.sh new file mode 100755 index 00000000000..552ddd7597a --- /dev/null +++ b/scripts/bootstrap_packages.sh @@ -0,0 +1,32 @@ +#!/bin/bash +set -eu + +cd $(dirname "$0")/.. + +./scripts/install_wasm-bindgen.sh + +# If this project has been subrepod into another project, set build data manually. +if [ -f ".gitrepo" ]; then + export SOURCE_DATE_EPOCH=$(date +%s) + export GIT_DIRTY=false + export GIT_COMMIT=$(awk '/commit =/ {print $3}' .gitrepo) +fi + +export cargoExtraArgs="--features noirc_frontend/aztec" + +yarn +yarn build + +# We create a folder called packages, that contains each package as it would be published to npm, named correctly. +# These can be useful for testing, or portaling into other projects. +yarn workspaces foreach pack + +rm -rf packages && mkdir -p packages +tar zxfv acvm-repo/acvm_js/package.tgz -C packages && mv packages/package packages/acvm_js +tar zxfv compiler/source-resolver/package.tgz -C packages && mv packages/package packages/source-resolver +tar zxfv compiler/wasm/package.tgz -C packages && mv packages/package packages/noir_wasm +tar zxfv tooling/noir_codegen/package.tgz -C packages && mv packages/package packages/noir_codegen +tar zxfv tooling/noir_js/package.tgz -C packages && mv packages/package packages/noir_js +tar zxfv tooling/noir_js_backend_barretenberg/package.tgz -C packages && mv packages/package packages/backend_barretenberg +tar zxfv tooling/noir_js_types/package.tgz -C packages && mv packages/package packages/types +tar zxfv tooling/noirc_abi_wasm/package.tgz -C packages && mv packages/package packages/noirc_abi \ No newline at end of file diff --git a/scripts/install_wasm-bindgen.sh b/scripts/install_wasm-bindgen.sh new file mode 100755 index 00000000000..5e9f9127506 --- /dev/null +++ b/scripts/install_wasm-bindgen.sh @@ -0,0 +1,10 @@ +#!/bin/bash +set -eu + +cd $(dirname "$0")/.. + +# Install wasm-bindgen-cli. +if [ "$(wasm-bindgen --version | cut -d' ' -f2)" != "0.2.86" ]; then + echo "Building wasm-bindgen..." + RUSTFLAGS="-Ctarget-feature=-crt-static" cargo install -f wasm-bindgen-cli --version 0.2.86 +fi diff --git a/tooling/noirc_abi_wasm/build.sh b/tooling/noirc_abi_wasm/build.sh index 37f2fd0a5a9..24af149bcea 100755 --- a/tooling/noirc_abi_wasm/build.sh +++ b/tooling/noirc_abi_wasm/build.sh @@ -34,7 +34,7 @@ export CARGO_TARGET_DIR=$self_path/target rm -rf $self_path/outputs >/dev/null 2>&1 rm -rf $self_path/result >/dev/null 2>&1 -if [ -v out ]; then +if [ -n "$out" ]; then echo "Will install package to $out (defined outside installPhase.sh script)" else export out="$self_path/outputs/out" From 454b140cfa276656ed9b8900a05771d5f48d052c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lvaro=20Rodr=C3=ADguez?= Date: Wed, 29 Nov 2023 13:14:28 +0100 Subject: [PATCH 02/67] feat: Pull latest noir for brillig optimizations (#3464) --- test_programs/rebuild.sh | 104 ++++++++++++++++++++++----------------- 1 file changed, 60 insertions(+), 44 deletions(-) diff --git a/test_programs/rebuild.sh b/test_programs/rebuild.sh index d89402fb1cf..dfc3dc5c967 100755 --- a/test_programs/rebuild.sh +++ b/test_programs/rebuild.sh @@ -1,56 +1,72 @@ #!/bin/bash set -e -excluded_dirs=("workspace" "workspace_default_member") +process_dir() { + local dir=$1 + local current_dir=$2 + local dir_name=$(basename "$dir") + + if [[ ! -d "$current_dir/acir_artifacts/$dir_name" ]]; then + mkdir -p $current_dir/acir_artifacts/$dir_name + fi + + cd $dir + if [ -d ./target/ ]; then + rm -r ./target/ + fi + nargo compile && nargo execute witness + + if [ -f ./target/witness.tr ]; then + mv ./target/witness.tr ./target/witness.gz + fi + + if [ -f ./target/${dir_name}.json ]; then + jq -r '.bytecode' ./target/${dir_name}.json | base64 -d > ./target/acir.gz + fi + + rm ./target/${dir_name}.json + + if [ -d "$current_dir/acir_artifacts/$dir_name/target" ]; then + rm -r "$current_dir/acir_artifacts/$dir_name/target" + fi + mkdir $current_dir/acir_artifacts/$dir_name/target + + mv ./target/*.gz $current_dir/acir_artifacts/$dir_name/target/ + cd $current_dir +} + +export -f process_dir + +excluded_dirs=("workspace" "workspace_default_member") current_dir=$(pwd) base_path="$current_dir/execution_success" -# Clear the acir_artifacts directory of any existing artifacts rm -rf $current_dir/acir_artifacts mkdir -p $current_dir/acir_artifacts -# Loop over every directory +# Gather directories to process. +dirs_to_process=() for dir in $base_path/*; do - if [[ ! -d $dir ]]; then - continue - fi - - dir_name=$(basename "$dir") - - if [[ ! " ${excluded_dirs[@]} " =~ " ${dir_name} " ]]; then - if [[ ! -d "$current_dir/acir_artifacts/$dir_name" ]]; then - mkdir -p $current_dir/acir_artifacts/$dir_name - fi - - cd $dir - if [ -d ./target/ ]; then - rm -r ./target/ - fi - nargo compile && nargo execute witness - - # Rename witness.tr to witness.gz - if [ -f ./target/witness.tr ]; then - mv ./target/witness.tr ./target/witness.gz - fi - - # Extract bytecode field from JSON, base64 decode it, and save it to the target directory - if [ -f ./target/${dir_name}.json ]; then - jq -r '.bytecode' ./target/${dir_name}.json | base64 -d > ./target/acir.gz - fi - - # Delete the JSON file after extracting bytecode field - rm ./target/${dir_name}.json - - # Clear the target directory in acir_artifacts - if [ -d "$current_dir/acir_artifacts/$dir_name/target" ]; then - rm -r "$current_dir/acir_artifacts/$dir_name/target" - fi - mkdir $current_dir/acir_artifacts/$dir_name/target - - # Move the artifacts from the target directory to the corresponding directory in acir_artifacts - mv ./target/*.gz $current_dir/acir_artifacts/$dir_name/target/ - - cd $base_path - fi + if [[ ! -d $dir ]] || [[ " ${excluded_dirs[@]} " =~ " $(basename "$dir") " ]]; then + continue + fi + dirs_to_process+=("$dir") +done + +# Process each directory in parallel +pids=() +for dir in "${dirs_to_process[@]}"; do + process_dir "$dir" "$current_dir" & + pids+=($!) +done + +# Check the exit status of each background job. +for pid in "${pids[@]}"; do + wait $pid || exit_status=$? done + +# Exit with a failure status if any job failed. +if [ ! -z "$exit_status" ]; then + exit $exit_status +fi \ No newline at end of file From f06ab9cf5e3580385bf5945276b57460a56aafbd Mon Sep 17 00:00:00 2001 From: Gregorio Juliana Date: Tue, 19 Dec 2023 14:39:22 +0100 Subject: [PATCH 03/67] feat: update to latest noir and update noir compiler (#3696) This PR updates aztec-packages to use latest noir. - Regarding noir_wasm, providing the solved sources directly to `node_wasm` eliminates the need for `source-resolver`, which has been completely removed from the repository. - Added required pub in return values - Updated return_type - Pulled latest noir --- .github/actions/docs/build-status/script.sh | 2 +- .github/workflows/test-cargo.yml | 51 +++++++++++++++++++ Cargo.lock | 35 ++++++++----- Dockerfile | 17 +++---- bootstrap.sh | 2 +- .../scripts/codegen-verifiers.sh | 2 +- scripts/bootstrap_native.sh | 8 ++- scripts/bootstrap_packages.sh | 2 +- scripts/install_wasm-bindgen.sh | 2 +- test_programs/gates_report.sh | 2 +- test_programs/rebuild.sh | 4 +- tooling/nargo_cli/src/cli/lsp_cmd.rs | 5 +- 12 files changed, 97 insertions(+), 35 deletions(-) create mode 100644 .github/workflows/test-cargo.yml diff --git a/.github/actions/docs/build-status/script.sh b/.github/actions/docs/build-status/script.sh index 0b282557cf2..2e86de6c173 100755 --- a/.github/actions/docs/build-status/script.sh +++ b/.github/actions/docs/build-status/script.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash BRANCH_NAME=$(echo "$BRANCH_NAME" | sed -e "s#refs/[^/]*/##") DEPLOY_STATUS=$(curl -X GET "https://api.netlify.com/api/v1/sites/$SITE_ID/deploys?branch=$BRANCH_NAME" | jq -r '.[] | select(.created_at != null) | .state' | head -1) diff --git a/.github/workflows/test-cargo.yml b/.github/workflows/test-cargo.yml new file mode 100644 index 00000000000..8d414daa75b --- /dev/null +++ b/.github/workflows/test-cargo.yml @@ -0,0 +1,51 @@ +name: Test cargo + +on: + pull_request: + merge_group: + push: + branches: + - master + +# This will cancel previous runs when a branch or PR is updated +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.ref || github.run_id }} + cancel-in-progress: true + +jobs: + build: + name: Test cargo + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Get current date + id: date + run: echo "date=$(date +'%Y.%m.%d.%H.%M')" >> $GITHUB_STATE + - name: prepare docker images tags + id: prep + run: | + REGISTRY="ghcr.io" + IMG="${REGISTRY}/${{ github.repository }}" + IMAGE=$(echo "$IMG" | tr '[:upper:]' '[:lower:]') + TAGS="${IMAGE}:${{ github.sha }}" + TAGS="${TAGS},${IMAGE}:latest,${IMAGE}:v${{ steps.date.outputs.date }}" + echo ::set-output name=tags::${TAGS} + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v3 + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Test cargo + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ci + tags: ${{ steps.prep.outputs.tags }} + target: test-cargo + cache-from: type=gha + cache-to: type=gha,mode=max \ No newline at end of file diff --git a/Cargo.lock b/Cargo.lock index 7f964cd58ef..f1fb11aea6a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2021,7 +2021,7 @@ dependencies = [ "httpdate", "itoa", "pin-project-lite", - "socket2", + "socket2 0.4.9", "tokio", "tower-service", "tracing", @@ -2269,9 +2269,9 @@ checksum = "884e2677b40cc8c339eaefcb701c32ef1fd2493d71118dc0ca4b6a736c93bd67" [[package]] name = "libc" -version = "0.2.147" +version = "0.2.151" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" +checksum = "302d7ab3130588088d277783b1e2d2e10c9e9e4a16dd9050e6ec93fb3e7048f4" [[package]] name = "libm" @@ -2413,9 +2413,9 @@ dependencies = [ [[package]] name = "mio" -version = "0.8.8" +version = "0.8.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "927a765cd3fc26206e66b296465fa9d3e5ab003e651c1b3c060e7956d96b19d2" +checksum = "8f3d0b296e374a4e6f3c7b0a1f5a51d748a0d34c85e7dc48fc3fa9a87657fe09" dependencies = [ "libc", "wasi", @@ -2934,9 +2934,9 @@ dependencies = [ [[package]] name = "pin-project-lite" -version = "0.2.10" +version = "0.2.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c40d25201921e5ff0c862a505c6557ea88568a4e3ace775ab55e93f2f4f9d57" +checksum = "8afb450f006bf6385ca15ef45d71d2288452bc3683ce2e2cacc0d18e4be60b58" [[package]] name = "pin-utils" @@ -4027,6 +4027,16 @@ dependencies = [ "winapi", ] +[[package]] +name = "socket2" +version = "0.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7b5fac59a5cb5dd637972e5fca70daf0523c9067fcdc4842f053dae04a18f8e9" +dependencies = [ + "libc", + "windows-sys 0.48.0", +] + [[package]] name = "spin" version = "0.5.2" @@ -4324,27 +4334,26 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.29.1" +version = "1.35.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "532826ff75199d5833b9d2c5fe410f29235e25704ee5f0ef599fb51c21f4a4da" +checksum = "841d45b238a16291a4e1584e61820b8ae57d696cc5015c459c229ccc6990cc1c" dependencies = [ - "autocfg", "backtrace", "bytes", "libc", "mio", "num_cpus", "pin-project-lite", - "socket2", + "socket2 0.5.5", "tokio-macros", "windows-sys 0.48.0", ] [[package]] name = "tokio-macros" -version = "2.1.0" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" +checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b" dependencies = [ "proc-macro2", "quote", diff --git a/Dockerfile b/Dockerfile index ac818cb8bd2..000292e0a47 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,15 +1,12 @@ -FROM rust:alpine3.17 -RUN apk update \ - && apk upgrade \ - && apk add --no-cache \ - build-base \ - bash +FROM rust:bookworm WORKDIR /usr/src/noir COPY . . RUN ./scripts/bootstrap_native.sh -# When running the container, mount the current working directory to /project. -FROM alpine:3.17 +# When running the container, mount the users home directory to same location. +FROM ubuntu:lunar +# Install Tini as nargo doesn't handle signals properly. +# Install git as nargo needs it to clone. +RUN apt-get update && apt-get install -y git tini && rm -rf /var/lib/apt/lists/* && apt-get clean COPY --from=0 /usr/src/noir/target/release/nargo /usr/src/noir/target/release/nargo -WORKDIR /project -ENTRYPOINT ["/usr/src/noir/target/release/nargo"] \ No newline at end of file +ENTRYPOINT ["/usr/bin/tini", "--", "/usr/src/noir/target/release/nargo"] \ No newline at end of file diff --git a/bootstrap.sh b/bootstrap.sh index bf672ac0ad2..5ebe7ade090 100755 --- a/bootstrap.sh +++ b/bootstrap.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash set -eu cd $(dirname "$0") diff --git a/compiler/integration-tests/scripts/codegen-verifiers.sh b/compiler/integration-tests/scripts/codegen-verifiers.sh index b3a52217271..e377a3ee3f8 100644 --- a/compiler/integration-tests/scripts/codegen-verifiers.sh +++ b/compiler/integration-tests/scripts/codegen-verifiers.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash self_path=$(dirname "$(readlink -f "$0")") diff --git a/scripts/bootstrap_native.sh b/scripts/bootstrap_native.sh index 481c76a263e..3e0e2ed853a 100755 --- a/scripts/bootstrap_native.sh +++ b/scripts/bootstrap_native.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash set -eu cd $(dirname "$0")/.. @@ -13,4 +13,8 @@ else fi # Build native. -cargo build --release +if [ -n "${DEBUG:-}" ]; then + cargo build +else + cargo build --release +fi diff --git a/scripts/bootstrap_packages.sh b/scripts/bootstrap_packages.sh index 2f293d93faf..df4ee5b3aed 100755 --- a/scripts/bootstrap_packages.sh +++ b/scripts/bootstrap_packages.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash set -eu cd $(dirname "$0")/.. diff --git a/scripts/install_wasm-bindgen.sh b/scripts/install_wasm-bindgen.sh index 5e9f9127506..c6e85bac50b 100755 --- a/scripts/install_wasm-bindgen.sh +++ b/scripts/install_wasm-bindgen.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash set -eu cd $(dirname "$0")/.. diff --git a/test_programs/gates_report.sh b/test_programs/gates_report.sh index e06e6812e9d..4192c581376 100755 --- a/test_programs/gates_report.sh +++ b/test_programs/gates_report.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash set -e # These tests are incompatible with gas reporting diff --git a/test_programs/rebuild.sh b/test_programs/rebuild.sh index d879ca417ee..a3137920fd5 100755 --- a/test_programs/rebuild.sh +++ b/test_programs/rebuild.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash set -e process_dir() { @@ -14,7 +14,7 @@ process_dir() { if [ -d ./target/ ]; then rm -r ./target/ fi - cargo run compile --only-acir && cargo run execute witness + nargo compile --only-acir && nargo execute witness if [ -d "$current_dir/acir_artifacts/$dir_name/target" ]; then rm -r "$current_dir/acir_artifacts/$dir_name/target" diff --git a/tooling/nargo_cli/src/cli/lsp_cmd.rs b/tooling/nargo_cli/src/cli/lsp_cmd.rs index a41bb877991..e1f0a9dd8b9 100644 --- a/tooling/nargo_cli/src/cli/lsp_cmd.rs +++ b/tooling/nargo_cli/src/cli/lsp_cmd.rs @@ -1,5 +1,5 @@ use async_lsp::{ - client_monitor::ClientProcessMonitorLayer, concurrency::ConcurrencyLayer, + concurrency::ConcurrencyLayer, panic::CatchUnwindLayer, server::LifecycleLayer, tracing::TracingLayer, }; use clap::Args; @@ -39,10 +39,11 @@ pub(crate) fn run( .layer(LifecycleLayer::default()) .layer(CatchUnwindLayer::default()) .layer(ConcurrencyLayer::default()) - .layer(ClientProcessMonitorLayer::new(client)) .service(router) }); + eprintln!("LSP starting..."); + // Prefer truly asynchronous piped stdin/stdout without blocking tasks. #[cfg(unix)] let (stdin, stdout) = ( From 29ff6ceb74e2c0cbf66fd780cd323760ebed296e Mon Sep 17 00:00:00 2001 From: Tom French Date: Tue, 19 Dec 2023 13:47:05 +0000 Subject: [PATCH 04/67] chore: revert unwanted changes --- .github/workflows/test-cargo.yml | 51 ---------------------------- Cargo.lock | 35 +++++++------------ tooling/nargo_cli/src/cli/lsp_cmd.rs | 5 ++- 3 files changed, 15 insertions(+), 76 deletions(-) delete mode 100644 .github/workflows/test-cargo.yml diff --git a/.github/workflows/test-cargo.yml b/.github/workflows/test-cargo.yml deleted file mode 100644 index 8d414daa75b..00000000000 --- a/.github/workflows/test-cargo.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Test cargo - -on: - pull_request: - merge_group: - push: - branches: - - master - -# This will cancel previous runs when a branch or PR is updated -concurrency: - group: ${{ github.workflow }}-${{ github.head_ref || github.ref || github.run_id }} - cancel-in-progress: true - -jobs: - build: - name: Test cargo - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v4 - - name: Get current date - id: date - run: echo "date=$(date +'%Y.%m.%d.%H.%M')" >> $GITHUB_STATE - - name: prepare docker images tags - id: prep - run: | - REGISTRY="ghcr.io" - IMG="${REGISTRY}/${{ github.repository }}" - IMAGE=$(echo "$IMG" | tr '[:upper:]' '[:lower:]') - TAGS="${IMAGE}:${{ github.sha }}" - TAGS="${TAGS},${IMAGE}:latest,${IMAGE}:v${{ steps.date.outputs.date }}" - echo ::set-output name=tags::${TAGS} - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v3 - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Test cargo - uses: docker/build-push-action@v5 - with: - context: . - file: Dockerfile.ci - tags: ${{ steps.prep.outputs.tags }} - target: test-cargo - cache-from: type=gha - cache-to: type=gha,mode=max \ No newline at end of file diff --git a/Cargo.lock b/Cargo.lock index f1fb11aea6a..7f964cd58ef 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2021,7 +2021,7 @@ dependencies = [ "httpdate", "itoa", "pin-project-lite", - "socket2 0.4.9", + "socket2", "tokio", "tower-service", "tracing", @@ -2269,9 +2269,9 @@ checksum = "884e2677b40cc8c339eaefcb701c32ef1fd2493d71118dc0ca4b6a736c93bd67" [[package]] name = "libc" -version = "0.2.151" +version = "0.2.147" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "302d7ab3130588088d277783b1e2d2e10c9e9e4a16dd9050e6ec93fb3e7048f4" +checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" [[package]] name = "libm" @@ -2413,9 +2413,9 @@ dependencies = [ [[package]] name = "mio" -version = "0.8.10" +version = "0.8.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f3d0b296e374a4e6f3c7b0a1f5a51d748a0d34c85e7dc48fc3fa9a87657fe09" +checksum = "927a765cd3fc26206e66b296465fa9d3e5ab003e651c1b3c060e7956d96b19d2" dependencies = [ "libc", "wasi", @@ -2934,9 +2934,9 @@ dependencies = [ [[package]] name = "pin-project-lite" -version = "0.2.13" +version = "0.2.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8afb450f006bf6385ca15ef45d71d2288452bc3683ce2e2cacc0d18e4be60b58" +checksum = "4c40d25201921e5ff0c862a505c6557ea88568a4e3ace775ab55e93f2f4f9d57" [[package]] name = "pin-utils" @@ -4027,16 +4027,6 @@ dependencies = [ "winapi", ] -[[package]] -name = "socket2" -version = "0.5.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b5fac59a5cb5dd637972e5fca70daf0523c9067fcdc4842f053dae04a18f8e9" -dependencies = [ - "libc", - "windows-sys 0.48.0", -] - [[package]] name = "spin" version = "0.5.2" @@ -4334,26 +4324,27 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.35.0" +version = "1.29.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "841d45b238a16291a4e1584e61820b8ae57d696cc5015c459c229ccc6990cc1c" +checksum = "532826ff75199d5833b9d2c5fe410f29235e25704ee5f0ef599fb51c21f4a4da" dependencies = [ + "autocfg", "backtrace", "bytes", "libc", "mio", "num_cpus", "pin-project-lite", - "socket2 0.5.5", + "socket2", "tokio-macros", "windows-sys 0.48.0", ] [[package]] name = "tokio-macros" -version = "2.2.0" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b" +checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" dependencies = [ "proc-macro2", "quote", diff --git a/tooling/nargo_cli/src/cli/lsp_cmd.rs b/tooling/nargo_cli/src/cli/lsp_cmd.rs index e1f0a9dd8b9..a41bb877991 100644 --- a/tooling/nargo_cli/src/cli/lsp_cmd.rs +++ b/tooling/nargo_cli/src/cli/lsp_cmd.rs @@ -1,5 +1,5 @@ use async_lsp::{ - concurrency::ConcurrencyLayer, + client_monitor::ClientProcessMonitorLayer, concurrency::ConcurrencyLayer, panic::CatchUnwindLayer, server::LifecycleLayer, tracing::TracingLayer, }; use clap::Args; @@ -39,11 +39,10 @@ pub(crate) fn run( .layer(LifecycleLayer::default()) .layer(CatchUnwindLayer::default()) .layer(ConcurrencyLayer::default()) + .layer(ClientProcessMonitorLayer::new(client)) .service(router) }); - eprintln!("LSP starting..."); - // Prefer truly asynchronous piped stdin/stdout without blocking tasks. #[cfg(unix)] let (stdin, stdout) = ( From d144743310c347e28f1024c6e9ca5bb313fdda2f Mon Sep 17 00:00:00 2001 From: Maxim Vezenov Date: Tue, 19 Dec 2023 19:33:58 +0000 Subject: [PATCH 05/67] chore: Cleanup recursion interface (#3744) This is a recreation of this PR (https://github.com/AztecProtocol/aztec-packages/pull/3528) to handle PR https://github.com/AztecProtocol/aztec-packages/pull/3729 # Checklist: Remove the checklist to signal you've completed it. Enable auto-merge if the PR is ready to merge. - [ ] If the pull request requires a cryptography review (e.g. cryptographic algorithm implementations) I have added the 'crypto' tag. - [ ] I have reviewed my diff in github, line by line and removed unexpected formatting changes, testing logs, or commented-out code. - [ ] Every change is related to the PR description. - [ ] I have [linked](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue) this pull request to relevant issues (if any exist). --------- Co-authored-by: kevaundray --- .../double_verify_proof/target/acir.gz | Bin 0 -> 1186 bytes .../double_verify_proof/target/witness.gz | Bin 0 -> 8144 bytes .../double_verify_proof/Prover.toml | 9 +++-- .../double_verify_proof/src/main.nr | 31 ++++++++++-------- 4 files changed, 21 insertions(+), 19 deletions(-) create mode 100644 test_programs/acir_artifacts/double_verify_proof/target/acir.gz create mode 100644 test_programs/acir_artifacts/double_verify_proof/target/witness.gz diff --git a/test_programs/acir_artifacts/double_verify_proof/target/acir.gz b/test_programs/acir_artifacts/double_verify_proof/target/acir.gz new file mode 100644 index 0000000000000000000000000000000000000000..31ff852f775fd90f01e16b25100e391e964dd19d GIT binary patch literal 1186 zcma*j{Zo<$0KjqU>3SQZ!TY+CxoUcOk4PddK$hIhGx+$ z@dby9iCQ=GQdrI#r=iUfZ4f>WHKlVi(P+QO445w_&KS5LUi}Yd6 zX;(hhC7iUqKS8(^H1)2`YwVYR?w8M=i%A<<;ZuFP6z!O2YH>%jq6ed2fC$tqZ(n(a z;`;{uJLr^8mIn=<5O*ai?j`A8K~dRRzH&KN(TnImihK7eq?ya!CHGppx>xs?bhXM@ zt0zl(Tf3K5cg>Lfr(;!Qe}rmGP{sNie2g)wm_8)i2&v-w3{J+=DhdZVYfMtnIED~o zoQnDeDK#=w@lLDe8KScmWpd%AIO|BJ03N+fi!*uipf(-LbdtwlYP-NPX6xs?ataek zHYW0DOv4EyjYs_*$^0lhZYVN^@t6_X&rELSln7nCDbP$G*7}=#%+RooV+t`d%C*iW zoEa?FF-<4TsoUBJW!09<*TgZCw&87K`8P7T^2QHv;S3{$Og25y-s>AWr491VQ*{%*--Rpp)-vud8tw#uBaC|Hk4#o zDVc3|;@-Z9_zopLSSg&9hHx9#k+7lU_bX*#?WkiP@>9?*o+;~qgi)U#N6+I4Gbk%jdWVoCMUs!1PnS=gOhfe*(X z655~y>7&y5$2sTleprmq3RRVU>%hW3iuK##96bI2c8_qE;IiAp$~k{VW?gmUsA&rH@%x_BL~*1YOC4K}J{sUT zMr^XMW2&hIXuta&3Sz^EZL&J%4EjiJ7B-F8!gq{UQ-aW*_ucD>w<2vxYO+1rHNc%u z{MN!YLOo7kNd_jtKY%<0PyNo}=}s1J;HQ?V!NC^6paT3AxPTnfh!dweGHC;ypblUo zftqG`GA+}0pdNezoJRsQO^K7PnR^HL;6vaX;;(rSU0wSiqng?%(x@|L`!9e>073w2 zgM;RBhN_a>+!}LQKNP9BROA1~k^iwFP!00002|E-*3uw_Y?hPyu7wv9A~-`KV%v2twNwr$(CZQHhuXPu6i z*yrEQm|NWyU484`Jc)%DxwpA>+vS)3=XtmP@iy1J&r|Fu!-nOYjM}TXRa0BCe2Ol) z>{D9BX46coq0BZz8@A6V#oXaAmihnvDtElOvErR>a9(%5xv}hBZf-1d*Bcz`ZZ|mA z-EVNLd)(ky_q@Te?sbD>-TMZ|y3Y-cb>ABt>wY&l*8OjAtOwlSSP#6xu^x1TV?Fo= z$9l*Oj`h&fV^wE;9m)14wuP|F8ab63O%676Nu@k&Z(cT;AwgWOvC!;jX2Pg`MXAj_ z{Pb9H4mW*XDVE{8o5?H}axl`Z?lVLfJZzf55@R?&(dMQmD&MVjG~E$*?W$8vKn$sAj5))fQQXY?+eclQ;Hjlu)`1>8bTxOj^_TQrP`of~9OcWp7?N6X{dP=T&Dg zmMrSFElU)S^3?P36-l3-e9Eq6@0T+`?pAXORIjjNFi+b%$H`7dwtD3_S*0tHg9v35 zTYGu>`8vVWsD8$b-dky|F6x%G(fSejw@&kny?LdRqhZ!+>KWC4jx;*Tt=~;XA%jRk|losW^$jHV8&XH=^!}8DG=tC)5+f4BE z9%7Bg6I&UH*5Pt%xy|S7&8x0vLnFBd=V)d6)_Y$Zfpexk_w-l<_wX(jDUOhj$w=(6 z+cLT+jVoEq-n<$?5keeV;OVmxr}O%M(rk(L^jL*YPI+0FV(6n68g`2&h31oAiEZp| zFCW9C-vm$0+u>yq3@kYHB(C@1&(|+sgeKO58y)~bq4&&H%IeFy=l}v?Z@)~cX3an? zojq8}J&Q}-7YhCy@$^_0=G`dDoq`{2r@*^zr4%;3R-YVwb1xr5VK^~l_sAnrSpCd} zowqCbkx!46NXVRR4GOvZL=Q+a=ayV-(mLsB%iew^8rv+@ah$AhwM@}Z(JV7VHuZe{ zqGOEGLL$JO9fsoNS0-yLVC}(zoWds-Z=uCO!H_pfoRClJI*kUI(nw|zu@`$)#;4Ouw%s2n6ojl zn!KflQ=yek_Ap{B0re>qHaZ%SC-VD?obN*h0Pbruoz4+B$3|;hgqDfDde@h{=x%)F z-hexG3N5XyV)zZftd4g1V&`#Ax1_Tzb*47UX?gG2nt79FTUBgK@@;Ezvc)& zOfua$O0-X5*7y<|e29wWY5Zh&4>d2Xv7OcgMs%+7F)z7yj-;^S@8p1jg{DzKmsP*8 ze26b~eykKDjoPGcsiRJ@0LQ>up@6Ng;O$HA?bm2yEh-f`jtuG}P<4gIYN=@cWzNS} zq*TCaYn(n1R%zPc0oP=ZgiE!3*}eTTD7a`USgog&t&T zkqKm-Q4cbfs7(aUXI_3U?kPHT7zJL|N+nXsO9xk`d3*B;=j#N3k~-5$&1DvdwaG)vIE;@&w5bD};E2X#c;E@34*l%lS<;wzo6tH8Ge9U?F(TRl)EGOZWbOS0!V z?Re$AbA%G~)=Z9II(WQ^k!I8zF=A4Fl?^;$MY0G)vG*vU8@O>Y)xrS1AClaw?ww<3 zLdPcP>5xP$csS2dskJ`1@@nVj1>|LIH6+z1==y|#!)#bkaEe=);nnx%RmSq-Tptig zNU~6KglI7+JQ82ye0+fh3qna5y4mnF3t3}64&+IaQx0EqQ#T1iVz7$?wHgS)gt6LU z11N{Db-vzb`gB~Y2k<1w5G4WWLmZsX_{w_MYj4eqHkfLJ!W2j;$Tgq`Q2POLtTnvO z`LRl&S^J*H9rqdzOKM*MZoHb9^UT*{6Q|4D7 zpa$wvqT+ym6UC$Eo}+_7zWy$MT&Ppb20)KQ=uyE&P$h+wtZ#6h4G+0w^NQ$b84%1d&Pwy{AORMS$^#dDqw{?`K-9a-5QP-bLKFWC8I(a% zK{Io_@n&6(C_%`Nu~;aU2S!6Ys!)My80~yMqM13gLP(TQ0ufth3aULZm?j0}V{cw- z1=5ghLw50!(F~CRphz7o?8o`BdUir6WeZ`C6G>XkD$J8q)WVNmx`}fDI23t`A(V>F z<{2_09Y)xU$a$Uyf+sqIpaOxNhym5sx^db8;NPyTy?N2m20u-W@!&3(V=9Zx{&JpFs1ErA~J!m41h^!DPX4BI!-|V~| zotA0`D6A8~7nxNBcS6F=EXatV#5do>UkZ<;g7YJB9Jdwqj zoI@C>+!?QfeL~Fi4XF8+d;8TP$7tf!=@~}227KOmzFd1~Z*_iN%QfThB|>3xN$lvY z55O<`M*)dq-+EKWWJXgpDl`T9e??G}8OE5hqI;W-bMz`mR|4N&>K0mldc0x1 z?Ot6KX-VbOjH*Vpw%~#VRS3{56W{K9+=GuSolByf9?(USEAFB|JFT=am$%>BFR)0Z z=MG05?bGy$jD`_2dlxs};k<5w>H@k)D0ewvf>~Evwib5E2{^juc*jj2h7OAs!8YN5 zA>~jv`gGZ;U>@G-d>>)}I}K@!{NH`D5f18Lw9Jj}4YYXY&HaM30L=#zfi_kpw-wup zK1l<9m-F*N{r8SMY^=%=VJKG>sZSUXC6O`TbrVOM2@Dk5ktjF=i}yt)*&t9G|8D2U z3Za1reQR{-fklMal!3w?fCxqhNWJ@}&V;oJmIm;GD(H*Dc^12H=|(BN`s4zfzqq2K} z0@@6?wjfXP^1U~GD+e%)n1;Z(tV*r0QE34cXCLo#daUe2Zmf@}!m=g1%QDLU2newh z$GYBkvu{HenOcB&XVy$R0!u)&)VZDSw-H};rUJ6Pu5-W*Cu1;&-e{)_D znW^KaQJgQJC)m0utuSO;Kj8d1x`=&Ahix=%RVsSbMPjakGAI_#e&D7rs)ZGS-H(bc zhhC^~vw_DjRLlpR?~egZLx~U`kwbMs-ljEy^1&(CMYQk_-rFxqvQe&qnp{G*-6G$k zJVw6W!iSviL&gULoLGgj9Ffd1tPpII?jj@*q3%OB@x7(W&?{zx2I2o^s2W`ku>!pR zVds5O7zRy(n7}zikW(QhX`0d^K}^lf58vdEwC=1r$D*W$+9#SQ_yidRaQG1$KA&nj z5)9lit88zv=LT#jX#2pJl#krS(F@@VEqNq@iz1t7yxq)JP#8YyeB9&Tz@# zB(2W*9zS+dCr1`FtPN=?0?H*>ln?5^2b#E#JFf$D5c$Hwv?!}!eYgfjr0LWMWe>^t zkKgpIa250l42EBUY2i6_B0iOX3Yk7(L(hRIPGn1v1vA1DE$o;>U{wPU{x&{wQ;%Nw zjm@eZhJMmBGIA<8ky4ADY1 z_81FBQVRvt>HMdh*Q1e?SYvN0m*`z(N*5j0mFCgT!4~;bcl|V=NUsyL1A>D(BpkM+ z9Nx$9Y3F%|bT7b3ZwuRxkVY|++)Np1ChUckKYdfjtVC62!PBYptfq_-m#B%to^Kn1K0o|}% zu+}K^dC|!|9tD!9$56K6vp4y6UKWzQ=thAI0-snEL%mf&WBHupSY92wtOBeWcVNh# zO%f`*5$H53Hi!mSJ50TqGw}~IaZk~~T5hNTpL-a~l2wJ4Of7~lp`KC&tXg{z7vxKy z9iI~gzyuA#8jXVPF;(CT6}=&T-f>=$wvM14@#fLeiRV_3S1>v#Fp!o?P0)Py3ghq~ z(Z_KhXUAWliiv#wajby28BOuXBPw_DW3i%x!`3IQdf+JthNCkc0HIOeB1QNEqPMuBEaNA}uJk3??|8|Kj6VAT?yI$j@{HW^6ant49sSuNErjK}&^3 zEhNl{}ar(03 zIaW~~O-F|i;>r*9AB(UP{+P~9Z~EZF2pT&vHVfL7-tWw2bq*6w`sK%Y1r;44Ep@7M z7MUQ8Lg?{QmuLce?L3$W7`6@D9)d<}n~ODyB>fe~dC}NGdwe$ttBc}Vn5)I3icX6< z%kgOK#$T*ZN>63a7HAW;ZA9u<9`~Nl#(qLu0j^Qoz(<7&i1$_qfCYEKHJjZcC1B=E zBOn}z8z@s-c`;vgb&g?JkC{iOX%K0d*(Rms60mRNa@z#Dp;!!^5J-)9c?lvS%|ms+ z`nX?6cuYTQ@}Sg^%1GF8>g^B|8@+B!ywN5I4n~QL-z=6~&GZ0PpTFj~UtRqHLtwIR z-6~K+ZG$I6dY#? zQHIQp!V8w>a8XZ?C-fRJoJeI~+rI9&#_BHjfs5Yho%}Tg7F61U1pj7uX+b<9hruD z==6r81c$aB*Q6(cO!&c-hTbx@AUQUiEvMFC2`IL%*?-e#u zSM(5C!%{V)TJ%M7oI?dG5y9wYF5rK;i{poy1K%!`?G#q|_8mN75#PvaYsd?uw^nh} zAb*Hykx0tlu{GAb2-Wa8a5_aQ{xsVnoAYzeBdL0o@BGAbr=t)=)={;Kwu!U|$RSTAhRKRLna})^ja~R5E zgr9TD2qgdvm;pW-4t#85>iwpwY$&GhJ&rXOU86z-q|nDGzzvydskdPv*a-eK-(2wk zfM1Z74xiz>tEL{RQTV>A`UU8qlw+zC#7eX+un5K_u{6*R7}BU|+!fMM2O3kvS{>x8 zN5)F#`>*P14fO6pix^q!Jxw*D@}|VuDXT^<#N^8aYjyM_KB-ctN?52B;Lsnq!g8P` zVh8VavZ)c}E@;yyr~nlJ^2sT~$yBxn;4v$>=;}eQ+-AVT4<6Up^fN914qL>+&r#;5 zL1i>x8frWh5eJh`%RbVTl`O19yzp_DAo+)``s1bH_o{+;oLHcN5M(ADq($4p{+tR` z78_O=rV5n@Nq0!mrA(k7z8*TwwhFt-eyn(4L*m;Fi3+q`8J|1g^9O- z{za88c~$o#$Gx`{PEenAHN8WP!ppx%*vtrreNY}%8R7#?)T=&FMpnpYtU*0lIpUwEGO^pvSN~s3MSvorCuoM(u&ba}CfBN)T9K7hWTc8B6X`zvNq!>{t za%H_P=YD2$UKt@80a+t#+OBl1x=_&a@j-s}wi|nH&i~w14pHJN_AbB-5CBa9PAa>A z4L|?|rFUY&!C@+BN0~2WmbRR5AH|gQ^XK;qz@IAYA3c?lia%=PW zK*ixF1^5;kzhINpD7_McN%xEAHRRO5|40DH;+3v*Gdu8{Dp0Xi ze*L_b){Wl9h06d|eWm0FZMIWgWe+bf{x@#hd`7C_?#&YpA*W)@FQ_)exL;ifC2D1<0DF)Ye7Di{8&czWM$09_z3u0>o*z`XtLjNr5Gx0i(l% zTg0b7*z^M6p_e;Nno6#rD7uN10$QCe{Ned?gwyJMw5C`JFKkS`Sqm;Pny8fS{zsef z1u)hprHFN-_hK+NIapGGZX5o1!_z@eqh&A}N(if?pz4hPR5>S*h>`zfbH6~Y7>7{7 zIx_GqXgfg@gC-UKr>Dm%bPm`u53N)Y&*NAw^>|H z;V;j7U=b*(I}~2X^tm^E9?ub6C|z;=_4ztM z)LV!b$Xp+nvSm4nEGUe5O;Nr4Z*JSXivc*X2%y%`iz7uMp9p zx>cg5u>RAgXJ{jSEvHtnRmTb}8ZjF8923m^^LY;+`w~QgSn81_QJb9Z5r1Om@M91~ z|7CAppl3qCLANh=6y4H0NJ!*p>pA}G`S?QmDi@oAbc9V|iU@yb`Xp+k?0frfd+`Mp zCy$W+!2XhvS<$SZ@%oHXl7BxxFNcf|sG;eDS%HI>hwuQxF)~+tB>Nw`brpRUwTPl` zLh$&bg=tPiwKm&-Zs1iQCFEW`6&d=-913DpS+>wA=!JRO$Sz0PZ17?+Cv|o&Hc}n z27`2&t9Iq=41JZ_JC|vC!CoI;0>dZ7Po(^yR}2JUQ>iklw>1E>pfBzEzj;wUkaT_1 zEBjNeE_5#pIgZFD7HDk#9!2=3Ocqi#a(cfBbX_->2H67jlV zt&!4J((PG8FLytRPSMAeSU|ngoQ-P6=s_^Op?Qs{ zk#NKye1ZfS(Pwn)8?HHe{2gyyX~-a{=4rwWIK)Qart*)^sa(u|Pl477h`)&qZ}lb- z8W@@|;w>L}r{fy2aX{}X=5a3S6j?)(0T)#!wZabH>&? zAJ>TXK;}d95s$i3U(S!2)PawHRyZwTf}d=_s_Y^a2VVr;(3y*&HSTg;BgcdqY(<}x zQC|VC(Grqa{d4H!=$G`g5WQAyP6kK>Ol_GQ$-07S{D`_;bzo&a**nZWrSFm z8$2WNO<0Aj#Gno%Ki>VgUkwwa&V@LZ1_E-+k<}0)Y=&gd7Fg7M^hu&wEty1y@E06+ z*4I3=dmP8oN9qubMR_Ko4H=@3g#x|x=^hhs-y;($I6QcCWLBh#v0`S9;5z+1kNbt1 zjk1-8bV!te=69nv#zij(W1_|Z2*Hmb7}P#OC_=VXfk$uYWNYqq+%JRzd}8*8-xL#e zEn}lx9?(+Ji)Igi9;`nxEK&geE$9$oTAiX$?|ob&7JkP_)GJSf7d-+aj0nd`!0>nI zivfI8m63*lYu63Qz==~PNbm0Na~vxYMEZ^deaL~()`!{kT@&yWeTkB^Nd+?w0twN8 zDNL&`a-luyrFDYxzSr~8lgWCYni7JZP7Yhq#}tSmy|6$Jg8yW|GvctJ^NxT>3bvL; z)xF=Krxg$@mW1f~Dx`&`y!1^9)Kzp>@J4*#aje=Fb_#fbcwoQuB7#;zvITTSVb`0g zu!N*nnkFuw2j{4hPJ1G7SLcS(l=H;DIW1@{KVDzL*adrXfdhkp{BILyv1*2uP^+wAFEW z+!5$eF;)p8u=vCwvNT6nGTjgk$^JzJ7{ntI77hAgSGf)Dz~ky_%#*~XG<^+C%WPtD zKtBOYW_{r$cDGi@q;In5vM?d&(*EJM&f^JS62cyh1QlSaDNHJPCEeO6%LtFy7;C98 z$g;fN7tv;gO^bKywR))2_sH{OSqdX2Egb|a4n9Tg*9X(OUX@e-Z9M9jLz60lBkpWe zbi_HJ%o6LQOO>I|_Xx%bYJif4Mt>Y^s=;OSIL9FW8loOCWG*!of{4{E= z;c`vvb&6yL7}DAG7C)7hibiOFQu8n4gJ`kqwkYW!}>>hiZ7c5xcR;4d~Q>=}Yu`rIY>N@@gN~qq_qO=1r1dm86A0e9H zj=0BHc-+}O@&g!%sv-JmYM4;d2G)AkE2q_KOMU#+8uis8 zG!L99+;38&HhL_%JsSH#8iH`W2EK~zY#3H1B#o0DOgY&nTw$i9uUViL>)YAr9$BsN zmeIJ>0W9hvr|hvxl)A9H`idI<2G7k_)aoZ5V?v>g-o>WjTqF|oF%WVChEVT}BD1Ma z!zOSm1N)*2pfzy#4U8dAI?fB6;lNu0R$r=K8@=&>kgW<(R!5n`$_tprd}34cRqvw! zCnMc))+b-puL6(51O%~FVijjw@5^4^&cT-HgF0ySfY~;Qw}A}FeyB5?W$>T)lv`JK zM2ec&6t>{?*}X^&@`_SfIeLcIIxqV65jDU>tuHKFNCPKEe%q&>&PPOTfF`p0q=%^X zHT0SsXhLW&`oax)+O0jUV-+H-G1m$`UYEzP0d-)Wx#rVPkF`9SmF<99*0r=eB2?5B z^%W9DU$r=%acfWG(|4pyDt!X*>uXBLb|g%FvfPJfo*!#T$3*6=lRoPK&;X7w>bm_# zreEV(d-Lj(q6WkD`VtUoVkR{fjj-vHEYChYmcHc)KS*zFIlW^F^0A6v>E$#O@MC_? q-n>XZv^kI%$X_l!Zs~10y@O@Kb8p?4XK2g~j`hD6<9 pub [Field; 16] { - let output_aggregation_object_a = std::verify_proof( + proof_b: [Field; 93] +) { + // Create dummy aggregation object + // It is no longer needed but we don't want to make a breaking change to the serialization format + // just yet. The object can be anything as the backend is no longer checking it anyways. + let unused_input_aggregation_object = [verification_key[0]]; + + let _ = std::verify_proof( verification_key.as_slice(), proof.as_slice(), public_inputs.as_slice(), key_hash, - input_aggregation_object + unused_input_aggregation_object ); - let output_aggregation_object = std::verify_proof( + let _ = std::verify_proof( verification_key.as_slice(), proof_b.as_slice(), public_inputs.as_slice(), key_hash, - output_aggregation_object_a + unused_input_aggregation_object ); - - let mut output = [0; 16]; - for i in 0..16 { - output[i] = output_aggregation_object[i]; - } - output } From 20f165258db8990ef0cfd2a1dcc8f03e6ddce0f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20Bene=C5=A1?= Date: Tue, 2 Jan 2024 12:17:22 +0100 Subject: [PATCH 06/67] feat!: updated note hash and nullifier macro (#3777) Fixes #3669 --- aztec_macros/src/lib.rs | 7 +++++-- tooling/nargo_fmt/tests/expected/contract.nr | 2 +- tooling/nargo_fmt/tests/input/contract.nr | 2 +- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/aztec_macros/src/lib.rs b/aztec_macros/src/lib.rs index 1b433c33df3..a8e8419e671 100644 --- a/aztec_macros/src/lib.rs +++ b/aztec_macros/src/lib.rs @@ -252,12 +252,15 @@ fn check_for_storage_definition(module: &SortedModule) -> bool { module.types.iter().any(|r#struct| r#struct.name.0.contents == "Storage") } -// Check if "compute_note_hash_and_nullifier(Field,Field,Field,[Field; N]) -> [Field; 4]" is defined +// Check if "compute_note_hash_and_nullifier(AztecAddress,Field,Field,[Field; N]) -> [Field; 4]" is defined fn check_for_compute_note_hash_and_nullifier_definition(module: &SortedModule) -> bool { module.functions.iter().any(|func| { func.def.name.0.contents == "compute_note_hash_and_nullifier" && func.def.parameters.len() == 4 - && func.def.parameters[0].typ.typ == UnresolvedTypeData::FieldElement + && match &func.def.parameters[0].typ.typ { + UnresolvedTypeData::Named(path, _) => path.segments.last().unwrap().0.contents == "AztecAddress", + _ => false, + } && func.def.parameters[1].typ.typ == UnresolvedTypeData::FieldElement && func.def.parameters[2].typ.typ == UnresolvedTypeData::FieldElement // checks if the 4th parameter is an array and the Box in diff --git a/tooling/nargo_fmt/tests/expected/contract.nr b/tooling/nargo_fmt/tests/expected/contract.nr index d288b1af7eb..7d799459aff 100644 --- a/tooling/nargo_fmt/tests/expected/contract.nr +++ b/tooling/nargo_fmt/tests/expected/contract.nr @@ -71,7 +71,7 @@ contract Benchmarking { } unconstrained fn compute_note_hash_and_nullifier( - contract_address: Field, + contract_address: AztecAddress, nonce: Field, storage_slot: Field, preimage: [Field; VALUE_NOTE_LEN] diff --git a/tooling/nargo_fmt/tests/input/contract.nr b/tooling/nargo_fmt/tests/input/contract.nr index 6bc5c552110..ec27c662fe5 100644 --- a/tooling/nargo_fmt/tests/input/contract.nr +++ b/tooling/nargo_fmt/tests/input/contract.nr @@ -66,7 +66,7 @@ contract Benchmarking { emit_unencrypted_log(&mut context, storage.balances.at(owner).read()); } - unconstrained fn compute_note_hash_and_nullifier(contract_address: Field, nonce: Field, storage_slot: Field, preimage: [Field; VALUE_NOTE_LEN]) -> [Field; 4] { + unconstrained fn compute_note_hash_and_nullifier(contract_address: AztecAddress, nonce: Field, storage_slot: Field, preimage: [Field; VALUE_NOTE_LEN]) -> [Field; 4] { let note_header = NoteHeader::new(contract_address, nonce, storage_slot); note_utils::compute_note_hash_and_nullifier(ValueNoteMethods, note_header, preimage) } From ce02b019bc19089e425ac92d86a968896de0468e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20Bene=C5=A1?= Date: Tue, 2 Jan 2024 17:52:11 +0100 Subject: [PATCH 07/67] fix: event macro (#3784) Fixes #3655 --- aztec_macros/src/lib.rs | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/aztec_macros/src/lib.rs b/aztec_macros/src/lib.rs index a8e8419e671..56cd700790b 100644 --- a/aztec_macros/src/lib.rs +++ b/aztec_macros/src/lib.rs @@ -486,8 +486,8 @@ const SIGNATURE_PLACEHOLDER: &str = "SIGNATURE_PLACEHOLDER"; /// Inserts the following code: /// ```noir /// impl SomeStruct { -/// fn selector() -> Field { -/// aztec::oracle::compute_selector::compute_selector("SIGNATURE_PLACEHOLDER") +/// fn selector() -> FunctionSelector { +/// aztec::selector::compute_selector("SIGNATURE_PLACEHOLDER") /// } /// } /// ``` @@ -503,13 +503,18 @@ fn generate_selector_impl(structure: &NoirStruct) -> TypeImpl { vec![expression(ExpressionKind::Literal(Literal::Str(SIGNATURE_PLACEHOLDER.to_string())))], )))]); + // Define `FunctionSelector` return type + // TODO(https://github.com/AztecProtocol/aztec-packages/issues/3590): Make this point to aztec-nr once the issue is fixed. + let return_type_path = chained_path!("protocol_types", "abis", "function_selector", "FunctionSelector"); + let return_type = FunctionReturnType::Ty(make_type(UnresolvedTypeData::Named(return_type_path, vec![]))); + let mut selector_fn_def = FunctionDefinition::normal( &ident("selector"), &vec![], &[], &selector_fun_body, &[], - &FunctionReturnType::Ty(make_type(UnresolvedTypeData::FieldElement)), + &return_type, ); selector_fn_def.visibility = FunctionVisibility::Public; From 50925ea14972f9d3654158717bd0d1b2e8366794 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20Bene=C5=A1?= Date: Wed, 3 Jan 2024 14:18:50 +0100 Subject: [PATCH 08/67] feat!: moving `compute_selector` to `FunctionSelector` (#3806) Fixes #3681 --- aztec_macros/src/lib.rs | 14 +++++++++----- tooling/nargo_fmt/tests/expected/contract.nr | 5 +++-- tooling/nargo_fmt/tests/input/contract.nr | 5 +++-- 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/aztec_macros/src/lib.rs b/aztec_macros/src/lib.rs index 56cd700790b..2ed2f66789e 100644 --- a/aztec_macros/src/lib.rs +++ b/aztec_macros/src/lib.rs @@ -483,11 +483,12 @@ const SIGNATURE_PLACEHOLDER: &str = "SIGNATURE_PLACEHOLDER"; /// Generates the impl for an event selector /// +/// TODO(https://github.com/AztecProtocol/aztec-packages/issues/3590): Make this point to aztec-nr once the issue is fixed. /// Inserts the following code: /// ```noir /// impl SomeStruct { /// fn selector() -> FunctionSelector { -/// aztec::selector::compute_selector("SIGNATURE_PLACEHOLDER") +/// protocol_types::abis::function_selector::FunctionSelector::from_signature("SIGNATURE_PLACEHOLDER") /// } /// } /// ``` @@ -498,15 +499,18 @@ const SIGNATURE_PLACEHOLDER: &str = "SIGNATURE_PLACEHOLDER"; fn generate_selector_impl(structure: &NoirStruct) -> TypeImpl { let struct_type = make_type(UnresolvedTypeData::Named(path(structure.name.clone()), vec![])); + // TODO(https://github.com/AztecProtocol/aztec-packages/issues/3590): Make this point to aztec-nr once the issue is fixed. + let selector_path = chained_path!("protocol_types", "abis", "function_selector", "FunctionSelector"); + let mut from_signature_path = selector_path.clone(); + from_signature_path.segments.push(ident("from_signature")); + let selector_fun_body = BlockExpression(vec![make_statement(StatementKind::Expression(call( - variable_path(chained_path!("aztec", "selector", "compute_selector")), + variable_path(from_signature_path), vec![expression(ExpressionKind::Literal(Literal::Str(SIGNATURE_PLACEHOLDER.to_string())))], )))]); // Define `FunctionSelector` return type - // TODO(https://github.com/AztecProtocol/aztec-packages/issues/3590): Make this point to aztec-nr once the issue is fixed. - let return_type_path = chained_path!("protocol_types", "abis", "function_selector", "FunctionSelector"); - let return_type = FunctionReturnType::Ty(make_type(UnresolvedTypeData::Named(return_type_path, vec![]))); + let return_type = FunctionReturnType::Ty(make_type(UnresolvedTypeData::Named(selector_path, vec![]))); let mut selector_fn_def = FunctionDefinition::normal( &ident("selector"), diff --git a/tooling/nargo_fmt/tests/expected/contract.nr b/tooling/nargo_fmt/tests/expected/contract.nr index 7d799459aff..0313da832a8 100644 --- a/tooling/nargo_fmt/tests/expected/contract.nr +++ b/tooling/nargo_fmt/tests/expected/contract.nr @@ -3,6 +3,8 @@ // Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. // Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. contract Benchmarking { + use dep::protocol_types::abis::function_selector::FunctionSelector; + use dep::value_note::{ utils::{increment, decrement}, value_note::{VALUE_NOTE_LEN, ValueNote, ValueNoteMethods}, @@ -11,7 +13,6 @@ contract Benchmarking { use dep::aztec::{ context::{Context}, note::{utils as note_utils, note_getter_options::NoteGetterOptions, note_header::NoteHeader}, - selector::compute_selector, log::emit_unencrypted_log, state_vars::{map::Map, public_state::PublicState, set::Set}, types::type_serialization::field_serialization::{FieldSerializationMethods, FIELD_SERIALIZED_LEN}, @@ -59,7 +60,7 @@ contract Benchmarking { storage.balances.at(owner).write(current + value); let _callStackItem1 = context.call_public_function( context.this_address(), - compute_selector("broadcast(Field)"), + FunctionSelector::from_signature("broadcast(Field)"), [owner] ); } diff --git a/tooling/nargo_fmt/tests/input/contract.nr b/tooling/nargo_fmt/tests/input/contract.nr index ec27c662fe5..58ae0e909a1 100644 --- a/tooling/nargo_fmt/tests/input/contract.nr +++ b/tooling/nargo_fmt/tests/input/contract.nr @@ -3,6 +3,8 @@ // Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. // Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. contract Benchmarking { + use dep::protocol_types::abis::function_selector::FunctionSelector; + use dep::value_note::{ utils::{increment, decrement}, value_note::{VALUE_NOTE_LEN, ValueNote, ValueNoteMethods}, @@ -11,7 +13,6 @@ contract Benchmarking { use dep::aztec::{ context::{Context}, note::{utils as note_utils, note_getter_options::NoteGetterOptions, note_header::NoteHeader}, - selector::compute_selector, log::emit_unencrypted_log, state_vars::{map::Map, public_state::PublicState, set::Set}, types::type_serialization::field_serialization::{FieldSerializationMethods, FIELD_SERIALIZED_LEN}, @@ -57,7 +58,7 @@ contract Benchmarking { fn increment_balance(owner: Field, value: Field) { let current = storage.balances.at(owner).read(); storage.balances.at(owner).write(current + value); - let _callStackItem1 = context.call_public_function(context.this_address(), compute_selector("broadcast(Field)"), [owner]); + let _callStackItem1 = context.call_public_function(context.this_address(), FunctionSelector::from_signature("broadcast(Field)"), [owner]); } // Est ultricies integer quis auctor elit sed. In nibh mauris cursus mattis molestie a iaculis. From 338cb57e803ca91b3514f452226e01be313a86c1 Mon Sep 17 00:00:00 2001 From: Charlie Lye Date: Wed, 3 Jan 2024 18:53:51 +0000 Subject: [PATCH 09/67] chore: Just nargo compile. (#3775) Ok. Don't be scared. 262 files sounds horrific but it's mostly path updates and that kind of nonsense. The `noir-contracts` and `noir-compiler` changes are probably what to focus on. * We update boxes to use our build of nargo, and the modified code-generator. * We update paths in docs, as noir-contracts/src/contracts moved to noir-contracts/contracts, as src is now pure codegen output. * Contracts are now imported e.g. `import { ChildContractArtifact } from '@aztec/noir-contracts/Child';`. You can still just import from top level index, but it's pretty cruel to ask the runtime to parse all the artifacts just to get one, they are huge. * Contract files are now just named as per the name of the contract (i.e. not snake case). Less moving parts is better here. Given it's codegen output it's acceptable to allow the output names to be inconsistent. * aztec.js is now responsible for copying the account contracts into itself, as opposed to have some other random module push code into it. But we just need to get rid of this baked account stuff at some point anyway. * Got rid of lodash.zip in one place, and then restrained myself to not go further. But think we should remove the "trivial" lodash cases at some point. * Tidied up yp/bootstrap a bit, it's basically in line with the dockerfile at this point. Will prob make dockerfile just call bootstrap as part of some other docker cleanup I'll do later. * `source-map-support` in cli. * Remove compile command from cli. We are just going to promote use of aztec-nargo. * The ts and noir generators now expect nargo output as input, rather than our transformed abi. The ts generator outputs the transformed abi as part of it's generation. * Delete all the script stuff from `noir-contracts`. src folder is now just the codegen output, and the codegen is done with a trivial script to call compile and the ts generator in noir-compiler. * Added an unused script called `transform_json_abi.sh` that uses a tiny bit of jq to perform the transform. Probably to be deleted, especially if we just stop transforming the noir output and use it directly, but it served me as a useful tool at one point. --- docs/docs/noir/modules_packages_crates/crates_and_packages.md | 2 +- docs/docs/noir/modules_packages_crates/dependencies.md | 2 +- .../noir/modules_packages_crates/crates_and_packages.md | 2 +- .../version-v../noir/modules_packages_crates/dependencies.md | 2 +- .../modules_packages_crates/crates_and_packages.md | 2 +- .../version-v0.17.0/modules_packages_crates/dependencies.md | 2 +- .../modules_packages_crates/crates_and_packages.md | 2 +- .../version-v0.19.0/modules_packages_crates/dependencies.md | 2 +- .../modules_packages_crates/crates_and_packages.md | 2 +- .../version-v0.19.1/modules_packages_crates/dependencies.md | 2 +- .../modules_packages_crates/crates_and_packages.md | 2 +- .../version-v0.19.2/modules_packages_crates/dependencies.md | 2 +- .../modules_packages_crates/crates_and_packages.md | 2 +- .../version-v0.19.3/modules_packages_crates/dependencies.md | 2 +- .../modules_packages_crates/crates_and_packages.md | 2 +- .../version-v0.19.4/modules_packages_crates/dependencies.md | 2 +- 16 files changed, 16 insertions(+), 16 deletions(-) diff --git a/docs/docs/noir/modules_packages_crates/crates_and_packages.md b/docs/docs/noir/modules_packages_crates/crates_and_packages.md index aae6795b229..760a463094c 100644 --- a/docs/docs/noir/modules_packages_crates/crates_and_packages.md +++ b/docs/docs/noir/modules_packages_crates/crates_and_packages.md @@ -24,7 +24,7 @@ _Library crates_ don't have a `main` function and they don't compile down to ACI #### Contracts -Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/src/contracts). +Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/contracts). ### Crate Root diff --git a/docs/docs/noir/modules_packages_crates/dependencies.md b/docs/docs/noir/modules_packages_crates/dependencies.md index 57f0f9fd420..21286bb3f72 100644 --- a/docs/docs/noir/modules_packages_crates/dependencies.md +++ b/docs/docs/noir/modules_packages_crates/dependencies.md @@ -35,7 +35,7 @@ If the module is in a subdirectory, you can define a subdirectory in your git re # Nargo.toml [dependencies] -easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/src/contracts/easy_private_token_contract"} +easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/contracts/easy_private_token_contract"} ``` ## Specifying a local dependency diff --git a/docs/versioned_docs/version-v../noir/modules_packages_crates/crates_and_packages.md b/docs/versioned_docs/version-v../noir/modules_packages_crates/crates_and_packages.md index aae6795b229..760a463094c 100644 --- a/docs/versioned_docs/version-v../noir/modules_packages_crates/crates_and_packages.md +++ b/docs/versioned_docs/version-v../noir/modules_packages_crates/crates_and_packages.md @@ -24,7 +24,7 @@ _Library crates_ don't have a `main` function and they don't compile down to ACI #### Contracts -Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/src/contracts). +Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/contracts). ### Crate Root diff --git a/docs/versioned_docs/version-v../noir/modules_packages_crates/dependencies.md b/docs/versioned_docs/version-v../noir/modules_packages_crates/dependencies.md index 57f0f9fd420..21286bb3f72 100644 --- a/docs/versioned_docs/version-v../noir/modules_packages_crates/dependencies.md +++ b/docs/versioned_docs/version-v../noir/modules_packages_crates/dependencies.md @@ -35,7 +35,7 @@ If the module is in a subdirectory, you can define a subdirectory in your git re # Nargo.toml [dependencies] -easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/src/contracts/easy_private_token_contract"} +easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/contracts/easy_private_token_contract"} ``` ## Specifying a local dependency diff --git a/docs/versioned_docs/version-v0.17.0/modules_packages_crates/crates_and_packages.md b/docs/versioned_docs/version-v0.17.0/modules_packages_crates/crates_and_packages.md index fb83a33d94e..744de72bb2c 100644 --- a/docs/versioned_docs/version-v0.17.0/modules_packages_crates/crates_and_packages.md +++ b/docs/versioned_docs/version-v0.17.0/modules_packages_crates/crates_and_packages.md @@ -23,7 +23,7 @@ _Library crates_ don't have a `main` function and they don't compile down to ACI #### Contracts -Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/src/contracts). +Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/contracts). ### Crate Root diff --git a/docs/versioned_docs/version-v0.17.0/modules_packages_crates/dependencies.md b/docs/versioned_docs/version-v0.17.0/modules_packages_crates/dependencies.md index 75f95aaa305..fd7511a3423 100644 --- a/docs/versioned_docs/version-v0.17.0/modules_packages_crates/dependencies.md +++ b/docs/versioned_docs/version-v0.17.0/modules_packages_crates/dependencies.md @@ -34,7 +34,7 @@ If the module is in a subdirectory, you can define a subdirectory in your git re # Nargo.toml [dependencies] -easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/src/contracts/easy_private_token_contract"} +easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/contracts/easy_private_token_contract"} ``` ## Specifying a local dependency diff --git a/docs/versioned_docs/version-v0.19.0/modules_packages_crates/crates_and_packages.md b/docs/versioned_docs/version-v0.19.0/modules_packages_crates/crates_and_packages.md index fb83a33d94e..744de72bb2c 100644 --- a/docs/versioned_docs/version-v0.19.0/modules_packages_crates/crates_and_packages.md +++ b/docs/versioned_docs/version-v0.19.0/modules_packages_crates/crates_and_packages.md @@ -23,7 +23,7 @@ _Library crates_ don't have a `main` function and they don't compile down to ACI #### Contracts -Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/src/contracts). +Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/contracts). ### Crate Root diff --git a/docs/versioned_docs/version-v0.19.0/modules_packages_crates/dependencies.md b/docs/versioned_docs/version-v0.19.0/modules_packages_crates/dependencies.md index 75f95aaa305..fd7511a3423 100644 --- a/docs/versioned_docs/version-v0.19.0/modules_packages_crates/dependencies.md +++ b/docs/versioned_docs/version-v0.19.0/modules_packages_crates/dependencies.md @@ -34,7 +34,7 @@ If the module is in a subdirectory, you can define a subdirectory in your git re # Nargo.toml [dependencies] -easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/src/contracts/easy_private_token_contract"} +easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/contracts/easy_private_token_contract"} ``` ## Specifying a local dependency diff --git a/docs/versioned_docs/version-v0.19.1/modules_packages_crates/crates_and_packages.md b/docs/versioned_docs/version-v0.19.1/modules_packages_crates/crates_and_packages.md index fb83a33d94e..744de72bb2c 100644 --- a/docs/versioned_docs/version-v0.19.1/modules_packages_crates/crates_and_packages.md +++ b/docs/versioned_docs/version-v0.19.1/modules_packages_crates/crates_and_packages.md @@ -23,7 +23,7 @@ _Library crates_ don't have a `main` function and they don't compile down to ACI #### Contracts -Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/src/contracts). +Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/contracts). ### Crate Root diff --git a/docs/versioned_docs/version-v0.19.1/modules_packages_crates/dependencies.md b/docs/versioned_docs/version-v0.19.1/modules_packages_crates/dependencies.md index 75f95aaa305..fd7511a3423 100644 --- a/docs/versioned_docs/version-v0.19.1/modules_packages_crates/dependencies.md +++ b/docs/versioned_docs/version-v0.19.1/modules_packages_crates/dependencies.md @@ -34,7 +34,7 @@ If the module is in a subdirectory, you can define a subdirectory in your git re # Nargo.toml [dependencies] -easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/src/contracts/easy_private_token_contract"} +easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/contracts/easy_private_token_contract"} ``` ## Specifying a local dependency diff --git a/docs/versioned_docs/version-v0.19.2/modules_packages_crates/crates_and_packages.md b/docs/versioned_docs/version-v0.19.2/modules_packages_crates/crates_and_packages.md index fb83a33d94e..744de72bb2c 100644 --- a/docs/versioned_docs/version-v0.19.2/modules_packages_crates/crates_and_packages.md +++ b/docs/versioned_docs/version-v0.19.2/modules_packages_crates/crates_and_packages.md @@ -23,7 +23,7 @@ _Library crates_ don't have a `main` function and they don't compile down to ACI #### Contracts -Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/src/contracts). +Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/contracts). ### Crate Root diff --git a/docs/versioned_docs/version-v0.19.2/modules_packages_crates/dependencies.md b/docs/versioned_docs/version-v0.19.2/modules_packages_crates/dependencies.md index 75f95aaa305..fd7511a3423 100644 --- a/docs/versioned_docs/version-v0.19.2/modules_packages_crates/dependencies.md +++ b/docs/versioned_docs/version-v0.19.2/modules_packages_crates/dependencies.md @@ -34,7 +34,7 @@ If the module is in a subdirectory, you can define a subdirectory in your git re # Nargo.toml [dependencies] -easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/src/contracts/easy_private_token_contract"} +easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/contracts/easy_private_token_contract"} ``` ## Specifying a local dependency diff --git a/docs/versioned_docs/version-v0.19.3/modules_packages_crates/crates_and_packages.md b/docs/versioned_docs/version-v0.19.3/modules_packages_crates/crates_and_packages.md index fb83a33d94e..744de72bb2c 100644 --- a/docs/versioned_docs/version-v0.19.3/modules_packages_crates/crates_and_packages.md +++ b/docs/versioned_docs/version-v0.19.3/modules_packages_crates/crates_and_packages.md @@ -23,7 +23,7 @@ _Library crates_ don't have a `main` function and they don't compile down to ACI #### Contracts -Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/src/contracts). +Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/contracts). ### Crate Root diff --git a/docs/versioned_docs/version-v0.19.3/modules_packages_crates/dependencies.md b/docs/versioned_docs/version-v0.19.3/modules_packages_crates/dependencies.md index 75f95aaa305..fd7511a3423 100644 --- a/docs/versioned_docs/version-v0.19.3/modules_packages_crates/dependencies.md +++ b/docs/versioned_docs/version-v0.19.3/modules_packages_crates/dependencies.md @@ -34,7 +34,7 @@ If the module is in a subdirectory, you can define a subdirectory in your git re # Nargo.toml [dependencies] -easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/src/contracts/easy_private_token_contract"} +easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/contracts/easy_private_token_contract"} ``` ## Specifying a local dependency diff --git a/docs/versioned_docs/version-v0.19.4/modules_packages_crates/crates_and_packages.md b/docs/versioned_docs/version-v0.19.4/modules_packages_crates/crates_and_packages.md index fb83a33d94e..744de72bb2c 100644 --- a/docs/versioned_docs/version-v0.19.4/modules_packages_crates/crates_and_packages.md +++ b/docs/versioned_docs/version-v0.19.4/modules_packages_crates/crates_and_packages.md @@ -23,7 +23,7 @@ _Library crates_ don't have a `main` function and they don't compile down to ACI #### Contracts -Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/src/contracts). +Contract crates are similar to binary crates in that they compile to ACIR which you can create proofs against. They are different in that they do not have a single `main` function, but are a collection of functions to be deployed to the [Aztec network](https://aztec.network). You can learn more about the technical details of Aztec in the [monorepo](https://github.com/AztecProtocol/aztec-packages) or contract [examples](https://github.com/AztecProtocol/aztec-packages/tree/master/yarn-project/noir-contracts/contracts). ### Crate Root diff --git a/docs/versioned_docs/version-v0.19.4/modules_packages_crates/dependencies.md b/docs/versioned_docs/version-v0.19.4/modules_packages_crates/dependencies.md index 75f95aaa305..fd7511a3423 100644 --- a/docs/versioned_docs/version-v0.19.4/modules_packages_crates/dependencies.md +++ b/docs/versioned_docs/version-v0.19.4/modules_packages_crates/dependencies.md @@ -34,7 +34,7 @@ If the module is in a subdirectory, you can define a subdirectory in your git re # Nargo.toml [dependencies] -easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/src/contracts/easy_private_token_contract"} +easy_private_token_contract = {tag ="v0.1.0-alpha62", git = "https://github.com/AztecProtocol/aztec-packages", directory = "yarn-project/noir-contracts/contracts/easy_private_token_contract"} ``` ## Specifying a local dependency From 1005f329f83e32b547e7e4b13f317bc18579e27a Mon Sep 17 00:00:00 2001 From: sirasistant Date: Thu, 4 Jan 2024 17:30:41 +0000 Subject: [PATCH 10/67] chore: delete extraneous gzips --- .../double_verify_proof/target/acir.gz | Bin 1186 -> 0 bytes .../double_verify_proof/target/witness.gz | Bin 8144 -> 0 bytes 2 files changed, 0 insertions(+), 0 deletions(-) delete mode 100644 test_programs/acir_artifacts/double_verify_proof/target/acir.gz delete mode 100644 test_programs/acir_artifacts/double_verify_proof/target/witness.gz diff --git a/test_programs/acir_artifacts/double_verify_proof/target/acir.gz b/test_programs/acir_artifacts/double_verify_proof/target/acir.gz deleted file mode 100644 index 31ff852f775fd90f01e16b25100e391e964dd19d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1186 zcma*j{Zo<$0KjqU>3SQZ!TY+CxoUcOk4PddK$hIhGx+$ z@dby9iCQ=GQdrI#r=iUfZ4f>WHKlVi(P+QO445w_&KS5LUi}Yd6 zX;(hhC7iUqKS8(^H1)2`YwVYR?w8M=i%A<<;ZuFP6z!O2YH>%jq6ed2fC$tqZ(n(a z;`;{uJLr^8mIn=<5O*ai?j`A8K~dRRzH&KN(TnImihK7eq?ya!CHGppx>xs?bhXM@ zt0zl(Tf3K5cg>Lfr(;!Qe}rmGP{sNie2g)wm_8)i2&v-w3{J+=DhdZVYfMtnIED~o zoQnDeDK#=w@lLDe8KScmWpd%AIO|BJ03N+fi!*uipf(-LbdtwlYP-NPX6xs?ataek zHYW0DOv4EyjYs_*$^0lhZYVN^@t6_X&rELSln7nCDbP$G*7}=#%+RooV+t`d%C*iW zoEa?FF-<4TsoUBJW!09<*TgZCw&87K`8P7T^2QHv;S3{$Og25y-s>AWr491VQ*{%*--Rpp)-vud8tw#uBaC|Hk4#o zDVc3|;@-Z9_zopLSSg&9hHx9#k+7lU_bX*#?WkiP@>9?*o+;~qgi)U#N6+I4Gbk%jdWVoCMUs!1PnS=gOhfe*(X z655~y>7&y5$2sTleprmq3RRVU>%hW3iuK##96bI2c8_qE;IiAp$~k{VW?gmUsA&rH@%x_BL~*1YOC4K}J{sUT zMr^XMW2&hIXuta&3Sz^EZL&J%4EjiJ7B-F8!gq{UQ-aW*_ucD>w<2vxYO+1rHNc%u z{MN!YLOo7kNd_jtKY%<0PyNo}=}s1J;HQ?V!NC^6paT3AxPTnfh!dweGHC;ypblUo zftqG`GA+}0pdNezoJRsQO^K7PnR^HL;6vaX;;(rSU0wSiqng?%(x@|L`!9e>073w2 zgM;RBhN_a>+!}LQKNP9BROA1~k^iwFP!00002|E-*3uw_Y?hPyu7wv9A~-`KV%v2twNwr$(CZQHhuXPu6i z*yrEQm|NWyU484`Jc)%DxwpA>+vS)3=XtmP@iy1J&r|Fu!-nOYjM}TXRa0BCe2Ol) z>{D9BX46coq0BZz8@A6V#oXaAmihnvDtElOvErR>a9(%5xv}hBZf-1d*Bcz`ZZ|mA z-EVNLd)(ky_q@Te?sbD>-TMZ|y3Y-cb>ABt>wY&l*8OjAtOwlSSP#6xu^x1TV?Fo= z$9l*Oj`h&fV^wE;9m)14wuP|F8ab63O%676Nu@k&Z(cT;AwgWOvC!;jX2Pg`MXAj_ z{Pb9H4mW*XDVE{8o5?H}axl`Z?lVLfJZzf55@R?&(dMQmD&MVjG~E$*?W$8vKn$sAj5))fQQXY?+eclQ;Hjlu)`1>8bTxOj^_TQrP`of~9OcWp7?N6X{dP=T&Dg zmMrSFElU)S^3?P36-l3-e9Eq6@0T+`?pAXORIjjNFi+b%$H`7dwtD3_S*0tHg9v35 zTYGu>`8vVWsD8$b-dky|F6x%G(fSejw@&kny?LdRqhZ!+>KWC4jx;*Tt=~;XA%jRk|losW^$jHV8&XH=^!}8DG=tC)5+f4BE z9%7Bg6I&UH*5Pt%xy|S7&8x0vLnFBd=V)d6)_Y$Zfpexk_w-l<_wX(jDUOhj$w=(6 z+cLT+jVoEq-n<$?5keeV;OVmxr}O%M(rk(L^jL*YPI+0FV(6n68g`2&h31oAiEZp| zFCW9C-vm$0+u>yq3@kYHB(C@1&(|+sgeKO58y)~bq4&&H%IeFy=l}v?Z@)~cX3an? zojq8}J&Q}-7YhCy@$^_0=G`dDoq`{2r@*^zr4%;3R-YVwb1xr5VK^~l_sAnrSpCd} zowqCbkx!46NXVRR4GOvZL=Q+a=ayV-(mLsB%iew^8rv+@ah$AhwM@}Z(JV7VHuZe{ zqGOEGLL$JO9fsoNS0-yLVC}(zoWds-Z=uCO!H_pfoRClJI*kUI(nw|zu@`$)#;4Ouw%s2n6ojl zn!KflQ=yek_Ap{B0re>qHaZ%SC-VD?obN*h0Pbruoz4+B$3|;hgqDfDde@h{=x%)F z-hexG3N5XyV)zZftd4g1V&`#Ax1_Tzb*47UX?gG2nt79FTUBgK@@;Ezvc)& zOfua$O0-X5*7y<|e29wWY5Zh&4>d2Xv7OcgMs%+7F)z7yj-;^S@8p1jg{DzKmsP*8 ze26b~eykKDjoPGcsiRJ@0LQ>up@6Ng;O$HA?bm2yEh-f`jtuG}P<4gIYN=@cWzNS} zq*TCaYn(n1R%zPc0oP=ZgiE!3*}eTTD7a`USgog&t&T zkqKm-Q4cbfs7(aUXI_3U?kPHT7zJL|N+nXsO9xk`d3*B;=j#N3k~-5$&1DvdwaG)vIE;@&w5bD};E2X#c;E@34*l%lS<;wzo6tH8Ge9U?F(TRl)EGOZWbOS0!V z?Re$AbA%G~)=Z9II(WQ^k!I8zF=A4Fl?^;$MY0G)vG*vU8@O>Y)xrS1AClaw?ww<3 zLdPcP>5xP$csS2dskJ`1@@nVj1>|LIH6+z1==y|#!)#bkaEe=);nnx%RmSq-Tptig zNU~6KglI7+JQ82ye0+fh3qna5y4mnF3t3}64&+IaQx0EqQ#T1iVz7$?wHgS)gt6LU z11N{Db-vzb`gB~Y2k<1w5G4WWLmZsX_{w_MYj4eqHkfLJ!W2j;$Tgq`Q2POLtTnvO z`LRl&S^J*H9rqdzOKM*MZoHb9^UT*{6Q|4D7 zpa$wvqT+ym6UC$Eo}+_7zWy$MT&Ppb20)KQ=uyE&P$h+wtZ#6h4G+0w^NQ$b84%1d&Pwy{AORMS$^#dDqw{?`K-9a-5QP-bLKFWC8I(a% zK{Io_@n&6(C_%`Nu~;aU2S!6Ys!)My80~yMqM13gLP(TQ0ufth3aULZm?j0}V{cw- z1=5ghLw50!(F~CRphz7o?8o`BdUir6WeZ`C6G>XkD$J8q)WVNmx`}fDI23t`A(V>F z<{2_09Y)xU$a$Uyf+sqIpaOxNhym5sx^db8;NPyTy?N2m20u-W@!&3(V=9Zx{&JpFs1ErA~J!m41h^!DPX4BI!-|V~| zotA0`D6A8~7nxNBcS6F=EXatV#5do>UkZ<;g7YJB9Jdwqj zoI@C>+!?QfeL~Fi4XF8+d;8TP$7tf!=@~}227KOmzFd1~Z*_iN%QfThB|>3xN$lvY z55O<`M*)dq-+EKWWJXgpDl`T9e??G}8OE5hqI;W-bMz`mR|4N&>K0mldc0x1 z?Ot6KX-VbOjH*Vpw%~#VRS3{56W{K9+=GuSolByf9?(USEAFB|JFT=am$%>BFR)0Z z=MG05?bGy$jD`_2dlxs};k<5w>H@k)D0ewvf>~Evwib5E2{^juc*jj2h7OAs!8YN5 zA>~jv`gGZ;U>@G-d>>)}I}K@!{NH`D5f18Lw9Jj}4YYXY&HaM30L=#zfi_kpw-wup zK1l<9m-F*N{r8SMY^=%=VJKG>sZSUXC6O`TbrVOM2@Dk5ktjF=i}yt)*&t9G|8D2U z3Za1reQR{-fklMal!3w?fCxqhNWJ@}&V;oJmIm;GD(H*Dc^12H=|(BN`s4zfzqq2K} z0@@6?wjfXP^1U~GD+e%)n1;Z(tV*r0QE34cXCLo#daUe2Zmf@}!m=g1%QDLU2newh z$GYBkvu{HenOcB&XVy$R0!u)&)VZDSw-H};rUJ6Pu5-W*Cu1;&-e{)_D znW^KaQJgQJC)m0utuSO;Kj8d1x`=&Ahix=%RVsSbMPjakGAI_#e&D7rs)ZGS-H(bc zhhC^~vw_DjRLlpR?~egZLx~U`kwbMs-ljEy^1&(CMYQk_-rFxqvQe&qnp{G*-6G$k zJVw6W!iSviL&gULoLGgj9Ffd1tPpII?jj@*q3%OB@x7(W&?{zx2I2o^s2W`ku>!pR zVds5O7zRy(n7}zikW(QhX`0d^K}^lf58vdEwC=1r$D*W$+9#SQ_yidRaQG1$KA&nj z5)9lit88zv=LT#jX#2pJl#krS(F@@VEqNq@iz1t7yxq)JP#8YyeB9&Tz@# zB(2W*9zS+dCr1`FtPN=?0?H*>ln?5^2b#E#JFf$D5c$Hwv?!}!eYgfjr0LWMWe>^t zkKgpIa250l42EBUY2i6_B0iOX3Yk7(L(hRIPGn1v1vA1DE$o;>U{wPU{x&{wQ;%Nw zjm@eZhJMmBGIA<8ky4ADY1 z_81FBQVRvt>HMdh*Q1e?SYvN0m*`z(N*5j0mFCgT!4~;bcl|V=NUsyL1A>D(BpkM+ z9Nx$9Y3F%|bT7b3ZwuRxkVY|++)Np1ChUckKYdfjtVC62!PBYptfq_-m#B%to^Kn1K0o|}% zu+}K^dC|!|9tD!9$56K6vp4y6UKWzQ=thAI0-snEL%mf&WBHupSY92wtOBeWcVNh# zO%f`*5$H53Hi!mSJ50TqGw}~IaZk~~T5hNTpL-a~l2wJ4Of7~lp`KC&tXg{z7vxKy z9iI~gzyuA#8jXVPF;(CT6}=&T-f>=$wvM14@#fLeiRV_3S1>v#Fp!o?P0)Py3ghq~ z(Z_KhXUAWliiv#wajby28BOuXBPw_DW3i%x!`3IQdf+JthNCkc0HIOeB1QNEqPMuBEaNA}uJk3??|8|Kj6VAT?yI$j@{HW^6ant49sSuNErjK}&^3 zEhNl{}ar(03 zIaW~~O-F|i;>r*9AB(UP{+P~9Z~EZF2pT&vHVfL7-tWw2bq*6w`sK%Y1r;44Ep@7M z7MUQ8Lg?{QmuLce?L3$W7`6@D9)d<}n~ODyB>fe~dC}NGdwe$ttBc}Vn5)I3icX6< z%kgOK#$T*ZN>63a7HAW;ZA9u<9`~Nl#(qLu0j^Qoz(<7&i1$_qfCYEKHJjZcC1B=E zBOn}z8z@s-c`;vgb&g?JkC{iOX%K0d*(Rms60mRNa@z#Dp;!!^5J-)9c?lvS%|ms+ z`nX?6cuYTQ@}Sg^%1GF8>g^B|8@+B!ywN5I4n~QL-z=6~&GZ0PpTFj~UtRqHLtwIR z-6~K+ZG$I6dY#? zQHIQp!V8w>a8XZ?C-fRJoJeI~+rI9&#_BHjfs5Yho%}Tg7F61U1pj7uX+b<9hruD z==6r81c$aB*Q6(cO!&c-hTbx@AUQUiEvMFC2`IL%*?-e#u zSM(5C!%{V)TJ%M7oI?dG5y9wYF5rK;i{poy1K%!`?G#q|_8mN75#PvaYsd?uw^nh} zAb*Hykx0tlu{GAb2-Wa8a5_aQ{xsVnoAYzeBdL0o@BGAbr=t)=)={;Kwu!U|$RSTAhRKRLna})^ja~R5E zgr9TD2qgdvm;pW-4t#85>iwpwY$&GhJ&rXOU86z-q|nDGzzvydskdPv*a-eK-(2wk zfM1Z74xiz>tEL{RQTV>A`UU8qlw+zC#7eX+un5K_u{6*R7}BU|+!fMM2O3kvS{>x8 zN5)F#`>*P14fO6pix^q!Jxw*D@}|VuDXT^<#N^8aYjyM_KB-ctN?52B;Lsnq!g8P` zVh8VavZ)c}E@;yyr~nlJ^2sT~$yBxn;4v$>=;}eQ+-AVT4<6Up^fN914qL>+&r#;5 zL1i>x8frWh5eJh`%RbVTl`O19yzp_DAo+)``s1bH_o{+;oLHcN5M(ADq($4p{+tR` z78_O=rV5n@Nq0!mrA(k7z8*TwwhFt-eyn(4L*m;Fi3+q`8J|1g^9O- z{za88c~$o#$Gx`{PEenAHN8WP!ppx%*vtrreNY}%8R7#?)T=&FMpnpYtU*0lIpUwEGO^pvSN~s3MSvorCuoM(u&ba}CfBN)T9K7hWTc8B6X`zvNq!>{t za%H_P=YD2$UKt@80a+t#+OBl1x=_&a@j-s}wi|nH&i~w14pHJN_AbB-5CBa9PAa>A z4L|?|rFUY&!C@+BN0~2WmbRR5AH|gQ^XK;qz@IAYA3c?lia%=PW zK*ixF1^5;kzhINpD7_McN%xEAHRRO5|40DH;+3v*Gdu8{Dp0Xi ze*L_b){Wl9h06d|eWm0FZMIWgWe+bf{x@#hd`7C_?#&YpA*W)@FQ_)exL;ifC2D1<0DF)Ye7Di{8&czWM$09_z3u0>o*z`XtLjNr5Gx0i(l% zTg0b7*z^M6p_e;Nno6#rD7uN10$QCe{Ned?gwyJMw5C`JFKkS`Sqm;Pny8fS{zsef z1u)hprHFN-_hK+NIapGGZX5o1!_z@eqh&A}N(if?pz4hPR5>S*h>`zfbH6~Y7>7{7 zIx_GqXgfg@gC-UKr>Dm%bPm`u53N)Y&*NAw^>|H z;V;j7U=b*(I}~2X^tm^E9?ub6C|z;=_4ztM z)LV!b$Xp+nvSm4nEGUe5O;Nr4Z*JSXivc*X2%y%`iz7uMp9p zx>cg5u>RAgXJ{jSEvHtnRmTb}8ZjF8923m^^LY;+`w~QgSn81_QJb9Z5r1Om@M91~ z|7CAppl3qCLANh=6y4H0NJ!*p>pA}G`S?QmDi@oAbc9V|iU@yb`Xp+k?0frfd+`Mp zCy$W+!2XhvS<$SZ@%oHXl7BxxFNcf|sG;eDS%HI>hwuQxF)~+tB>Nw`brpRUwTPl` zLh$&bg=tPiwKm&-Zs1iQCFEW`6&d=-913DpS+>wA=!JRO$Sz0PZ17?+Cv|o&Hc}n z27`2&t9Iq=41JZ_JC|vC!CoI;0>dZ7Po(^yR}2JUQ>iklw>1E>pfBzEzj;wUkaT_1 zEBjNeE_5#pIgZFD7HDk#9!2=3Ocqi#a(cfBbX_->2H67jlV zt&!4J((PG8FLytRPSMAeSU|ngoQ-P6=s_^Op?Qs{ zk#NKye1ZfS(Pwn)8?HHe{2gyyX~-a{=4rwWIK)Qart*)^sa(u|Pl477h`)&qZ}lb- z8W@@|;w>L}r{fy2aX{}X=5a3S6j?)(0T)#!wZabH>&? zAJ>TXK;}d95s$i3U(S!2)PawHRyZwTf}d=_s_Y^a2VVr;(3y*&HSTg;BgcdqY(<}x zQC|VC(Grqa{d4H!=$G`g5WQAyP6kK>Ol_GQ$-07S{D`_;bzo&a**nZWrSFm z8$2WNO<0Aj#Gno%Ki>VgUkwwa&V@LZ1_E-+k<}0)Y=&gd7Fg7M^hu&wEty1y@E06+ z*4I3=dmP8oN9qubMR_Ko4H=@3g#x|x=^hhs-y;($I6QcCWLBh#v0`S9;5z+1kNbt1 zjk1-8bV!te=69nv#zij(W1_|Z2*Hmb7}P#OC_=VXfk$uYWNYqq+%JRzd}8*8-xL#e zEn}lx9?(+Ji)Igi9;`nxEK&geE$9$oTAiX$?|ob&7JkP_)GJSf7d-+aj0nd`!0>nI zivfI8m63*lYu63Qz==~PNbm0Na~vxYMEZ^deaL~()`!{kT@&yWeTkB^Nd+?w0twN8 zDNL&`a-luyrFDYxzSr~8lgWCYni7JZP7Yhq#}tSmy|6$Jg8yW|GvctJ^NxT>3bvL; z)xF=Krxg$@mW1f~Dx`&`y!1^9)Kzp>@J4*#aje=Fb_#fbcwoQuB7#;zvITTSVb`0g zu!N*nnkFuw2j{4hPJ1G7SLcS(l=H;DIW1@{KVDzL*adrXfdhkp{BILyv1*2uP^+wAFEW z+!5$eF;)p8u=vCwvNT6nGTjgk$^JzJ7{ntI77hAgSGf)Dz~ky_%#*~XG<^+C%WPtD zKtBOYW_{r$cDGi@q;In5vM?d&(*EJM&f^JS62cyh1QlSaDNHJPCEeO6%LtFy7;C98 z$g;fN7tv;gO^bKywR))2_sH{OSqdX2Egb|a4n9Tg*9X(OUX@e-Z9M9jLz60lBkpWe zbi_HJ%o6LQOO>I|_Xx%bYJif4Mt>Y^s=;OSIL9FW8loOCWG*!of{4{E= z;c`vvb&6yL7}DAG7C)7hibiOFQu8n4gJ`kqwkYW!}>>hiZ7c5xcR;4d~Q>=}Yu`rIY>N@@gN~qq_qO=1r1dm86A0e9H zj=0BHc-+}O@&g!%sv-JmYM4;d2G)AkE2q_KOMU#+8uis8 zG!L99+;38&HhL_%JsSH#8iH`W2EK~zY#3H1B#o0DOgY&nTw$i9uUViL>)YAr9$BsN zmeIJ>0W9hvr|hvxl)A9H`idI<2G7k_)aoZ5V?v>g-o>WjTqF|oF%WVChEVT}BD1Ma z!zOSm1N)*2pfzy#4U8dAI?fB6;lNu0R$r=K8@=&>kgW<(R!5n`$_tprd}34cRqvw! zCnMc))+b-puL6(51O%~FVijjw@5^4^&cT-HgF0ySfY~;Qw}A}FeyB5?W$>T)lv`JK zM2ec&6t>{?*}X^&@`_SfIeLcIIxqV65jDU>tuHKFNCPKEe%q&>&PPOTfF`p0q=%^X zHT0SsXhLW&`oax)+O0jUV-+H-G1m$`UYEzP0d-)Wx#rVPkF`9SmF<99*0r=eB2?5B z^%W9DU$r=%acfWG(|4pyDt!X*>uXBLb|g%FvfPJfo*!#T$3*6=lRoPK&;X7w>bm_# zreEV(d-Lj(q6WkD`VtUoVkR{fjj-vHEYChYmcHc)KS*zFIlW^F^0A6v>E$#O@MC_? q-n>XZv^kI%$X_l!Zs~10y@O@Kb8p?4XK2g~j`hD6<9 Date: Thu, 4 Jan 2024 17:33:09 +0000 Subject: [PATCH 11/67] chore: fix clippy and fmt --- aztec_macros/src/lib.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/aztec_macros/src/lib.rs b/aztec_macros/src/lib.rs index 2ed2f66789e..3bba3c7adfc 100644 --- a/aztec_macros/src/lib.rs +++ b/aztec_macros/src/lib.rs @@ -500,7 +500,8 @@ fn generate_selector_impl(structure: &NoirStruct) -> TypeImpl { let struct_type = make_type(UnresolvedTypeData::Named(path(structure.name.clone()), vec![])); // TODO(https://github.com/AztecProtocol/aztec-packages/issues/3590): Make this point to aztec-nr once the issue is fixed. - let selector_path = chained_path!("protocol_types", "abis", "function_selector", "FunctionSelector"); + let selector_path = + chained_path!("protocol_types", "abis", "function_selector", "FunctionSelector"); let mut from_signature_path = selector_path.clone(); from_signature_path.segments.push(ident("from_signature")); @@ -510,7 +511,8 @@ fn generate_selector_impl(structure: &NoirStruct) -> TypeImpl { )))]); // Define `FunctionSelector` return type - let return_type = FunctionReturnType::Ty(make_type(UnresolvedTypeData::Named(selector_path, vec![]))); + let return_type = + FunctionReturnType::Ty(make_type(UnresolvedTypeData::Named(selector_path, vec![]))); let mut selector_fn_def = FunctionDefinition::normal( &ident("selector"), From a6289a59829190747dc2053b52762744f1ead2f4 Mon Sep 17 00:00:00 2001 From: ludamad Date: Mon, 8 Jan 2024 13:28:19 -0500 Subject: [PATCH 12/67] chore: noir sync (#3884) Needed a bit of a graft here: - Looked at current commit on noir/.gitrepo, it pointed to 'just nargo compile' commit, fixed that to actual commit in aztec-packages branch of noir - Fixed parent commit - did git subrepo noir pull and fixed merge conflicts per instructions - this PR resulted --- .github/workflows/test-cargo.yml | 51 +++++ Cargo.lock | 61 ++++-- acvm-repo/acir/codegen/acir.cpp | 204 +++++++++--------- .../acir/src/circuit/black_box_functions.rs | 16 +- acvm-repo/acir/src/circuit/mod.rs | 59 +++++ .../opcodes/black_box_function_call.rs | 25 ++- .../acvm/src/compiler/transformers/mod.rs | 10 +- acvm-repo/acvm/src/pwg/blackbox/hash.rs | 96 +++++++-- acvm-repo/acvm/src/pwg/blackbox/mod.rs | 33 ++- acvm-repo/acvm_js/src/black_box_solvers.rs | 15 -- .../test/browser/black_box_solvers.test.ts | 12 -- .../acvm_js/test/shared/black_box_solvers.ts | 7 - acvm-repo/blackbox_solver/Cargo.toml | 1 + acvm-repo/blackbox_solver/src/lib.rs | 17 +- acvm-repo/brillig/src/black_box.rs | 6 - acvm-repo/brillig_vm/src/black_box.rs | 11 +- .../brillig/brillig_gen/brillig_black_box.rs | 19 +- .../src/brillig/brillig_ir/debug_show.rs | 8 - .../ssa/acir_gen/acir_ir/generated_acir.rs | 22 +- .../src/ssa/ir/instruction/call.rs | 14 +- .../noir/standard_library/black_box_fns.md | 1 - .../cryptographic_primitives/hashes.mdx | 1 - noir_stdlib/src/hash.nr | 3 + .../execution_success/blake3/Nargo.toml | 7 + .../execution_success/blake3/Prover.toml | 37 ++++ .../execution_success/blake3/src/main.nr | 6 + .../mock_backend/src/info_cmd.rs | 2 +- tooling/nargo_cli/src/cli/lsp_cmd.rs | 2 + tooling/noir_codegen/package.json | 2 - tooling/noir_codegen/src/utils/glob.ts | 5 +- yarn.lock | 9 - 31 files changed, 479 insertions(+), 283 deletions(-) create mode 100644 .github/workflows/test-cargo.yml create mode 100644 test_programs/execution_success/blake3/Nargo.toml create mode 100644 test_programs/execution_success/blake3/Prover.toml create mode 100644 test_programs/execution_success/blake3/src/main.nr diff --git a/.github/workflows/test-cargo.yml b/.github/workflows/test-cargo.yml new file mode 100644 index 00000000000..8d414daa75b --- /dev/null +++ b/.github/workflows/test-cargo.yml @@ -0,0 +1,51 @@ +name: Test cargo + +on: + pull_request: + merge_group: + push: + branches: + - master + +# This will cancel previous runs when a branch or PR is updated +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.ref || github.run_id }} + cancel-in-progress: true + +jobs: + build: + name: Test cargo + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Get current date + id: date + run: echo "date=$(date +'%Y.%m.%d.%H.%M')" >> $GITHUB_STATE + - name: prepare docker images tags + id: prep + run: | + REGISTRY="ghcr.io" + IMG="${REGISTRY}/${{ github.repository }}" + IMAGE=$(echo "$IMG" | tr '[:upper:]' '[:lower:]') + TAGS="${IMAGE}:${{ github.sha }}" + TAGS="${TAGS},${IMAGE}:latest,${IMAGE}:v${{ steps.date.outputs.date }}" + echo ::set-output name=tags::${TAGS} + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v3 + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Test cargo + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ci + tags: ${{ steps.prep.outputs.tags }} + target: test-cargo + cache-from: type=gha + cache-to: type=gha,mode=max \ No newline at end of file diff --git a/Cargo.lock b/Cargo.lock index 3266f4e652e..05bcfb2b582 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -58,6 +58,7 @@ version = "0.38.0" dependencies = [ "acir", "blake2", + "blake3", "k256", "p256", "sha2", @@ -344,6 +345,12 @@ dependencies = [ "rand 0.8.5", ] +[[package]] +name = "arrayref" +version = "0.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b4930d2cb77ce62f89ee5d5289b4ac049559b1c45539271f5ed4fdc7db34545" + [[package]] name = "arrayvec" version = "0.7.4" @@ -548,6 +555,19 @@ dependencies = [ "digest", ] +[[package]] +name = "blake3" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0231f06152bf547e9c2b5194f247cd97aacf6dcd8b15d8e5ec0663f64580da87" +dependencies = [ + "arrayref", + "arrayvec", + "cc", + "cfg-if", + "constant_time_eq", +] + [[package]] name = "block-buffer" version = "0.10.4" @@ -970,6 +990,12 @@ dependencies = [ "unicode-xid", ] +[[package]] +name = "constant_time_eq" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f7144d30dcf0fafbce74250a3963025d8d52177934239851c917d29f1df280c2" + [[package]] name = "convert_case" version = "0.4.0" @@ -2061,7 +2087,7 @@ dependencies = [ "httpdate", "itoa", "pin-project-lite", - "socket2", + "socket2 0.4.9", "tokio", "tower-service", "tracing", @@ -2443,9 +2469,9 @@ checksum = "884e2677b40cc8c339eaefcb701c32ef1fd2493d71118dc0ca4b6a736c93bd67" [[package]] name = "libc" -version = "0.2.147" +version = "0.2.151" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" +checksum = "302d7ab3130588088d277783b1e2d2e10c9e9e4a16dd9050e6ec93fb3e7048f4" [[package]] name = "libm" @@ -2604,9 +2630,9 @@ dependencies = [ [[package]] name = "mio" -version = "0.8.8" +version = "0.8.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "927a765cd3fc26206e66b296465fa9d3e5ab003e651c1b3c060e7956d96b19d2" +checksum = "8f3d0b296e374a4e6f3c7b0a1f5a51d748a0d34c85e7dc48fc3fa9a87657fe09" dependencies = [ "libc", "wasi 0.11.0+wasi-snapshot-preview1", @@ -3197,9 +3223,9 @@ dependencies = [ [[package]] name = "pin-project-lite" -version = "0.2.10" +version = "0.2.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c40d25201921e5ff0c862a505c6557ea88568a4e3ace775ab55e93f2f4f9d57" +checksum = "8afb450f006bf6385ca15ef45d71d2288452bc3683ce2e2cacc0d18e4be60b58" [[package]] name = "pin-utils" @@ -4387,6 +4413,16 @@ dependencies = [ "winapi", ] +[[package]] +name = "socket2" +version = "0.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7b5fac59a5cb5dd637972e5fca70daf0523c9067fcdc4842f053dae04a18f8e9" +dependencies = [ + "libc", + "windows-sys 0.48.0", +] + [[package]] name = "spin" version = "0.5.2" @@ -4678,27 +4714,26 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.29.1" +version = "1.35.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "532826ff75199d5833b9d2c5fe410f29235e25704ee5f0ef599fb51c21f4a4da" +checksum = "841d45b238a16291a4e1584e61820b8ae57d696cc5015c459c229ccc6990cc1c" dependencies = [ - "autocfg", "backtrace", "bytes", "libc", "mio", "num_cpus", "pin-project-lite", - "socket2", + "socket2 0.5.5", "tokio-macros", "windows-sys 0.48.0", ] [[package]] name = "tokio-macros" -version = "2.1.0" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" +checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b" dependencies = [ "proc-macro2", "quote", diff --git a/acvm-repo/acir/codegen/acir.cpp b/acvm-repo/acir/codegen/acir.cpp index 21a98b3ee2c..0cabaed8349 100644 --- a/acvm-repo/acir/codegen/acir.cpp +++ b/acvm-repo/acir/codegen/acir.cpp @@ -70,6 +70,15 @@ namespace Circuit { static Blake2s bincodeDeserialize(std::vector); }; + struct Blake3 { + std::vector inputs; + std::vector outputs; + + friend bool operator==(const Blake3&, const Blake3&); + std::vector bincodeSerialize() const; + static Blake3 bincodeDeserialize(std::vector); + }; + struct SchnorrVerify { Circuit::FunctionInput public_key_x; Circuit::FunctionInput public_key_y; @@ -102,15 +111,6 @@ namespace Circuit { static PedersenHash bincodeDeserialize(std::vector); }; - struct HashToField128Security { - std::vector inputs; - Circuit::Witness output; - - friend bool operator==(const HashToField128Security&, const HashToField128Security&); - std::vector bincodeSerialize() const; - static HashToField128Security bincodeDeserialize(std::vector); - }; - struct EcdsaSecp256k1 { std::vector public_key_x; std::vector public_key_y; @@ -164,6 +164,15 @@ namespace Circuit { static Keccak256VariableLength bincodeDeserialize(std::vector); }; + struct Keccakf1600 { + std::vector inputs; + std::vector outputs; + + friend bool operator==(const Keccakf1600&, const Keccakf1600&); + std::vector bincodeSerialize() const; + static Keccakf1600 bincodeDeserialize(std::vector); + }; + struct RecursiveAggregation { std::vector verification_key; std::vector proof; @@ -177,7 +186,7 @@ namespace Circuit { static RecursiveAggregation bincodeDeserialize(std::vector); }; - std::variant value; + std::variant value; friend bool operator==(const BlackBoxFuncCall&, const BlackBoxFuncCall&); std::vector bincodeSerialize() const; @@ -408,15 +417,6 @@ namespace Circuit { static Keccak256 bincodeDeserialize(std::vector); }; - struct HashToField128Security { - Circuit::HeapVector message; - Circuit::RegisterIndex output; - - friend bool operator==(const HashToField128Security&, const HashToField128Security&); - std::vector bincodeSerialize() const; - static HashToField128Security bincodeDeserialize(std::vector); - }; - struct EcdsaSecp256k1 { Circuit::HeapVector hashed_msg; Circuit::HeapArray public_key_x; @@ -483,7 +483,7 @@ namespace Circuit { static FixedBaseScalarMul bincodeDeserialize(std::vector); }; - std::variant value; + std::variant value; friend bool operator==(const BlackBoxOp&, const BlackBoxOp&); std::vector bincodeSerialize() const; @@ -1839,6 +1839,47 @@ Circuit::BlackBoxFuncCall::Blake2s serde::Deserializable BlackBoxFuncCall::Blake3::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxFuncCall::Blake3 BlackBoxFuncCall::Blake3::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Blake3 &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.inputs, serializer); + serde::Serializable::serialize(obj.outputs, serializer); +} + +template <> +template +Circuit::BlackBoxFuncCall::Blake3 serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxFuncCall::Blake3 obj; + obj.inputs = serde::Deserializable::deserialize(deserializer); + obj.outputs = serde::Deserializable::deserialize(deserializer); + return obj; +} + namespace Circuit { inline bool operator==(const BlackBoxFuncCall::SchnorrVerify &lhs, const BlackBoxFuncCall::SchnorrVerify &rhs) { @@ -1977,47 +2018,6 @@ Circuit::BlackBoxFuncCall::PedersenHash serde::Deserializable BlackBoxFuncCall::HashToField128Security::bincodeSerialize() const { - auto serializer = serde::BincodeSerializer(); - serde::Serializable::serialize(*this, serializer); - return std::move(serializer).bytes(); - } - - inline BlackBoxFuncCall::HashToField128Security BlackBoxFuncCall::HashToField128Security::bincodeDeserialize(std::vector input) { - auto deserializer = serde::BincodeDeserializer(input); - auto value = serde::Deserializable::deserialize(deserializer); - if (deserializer.get_buffer_offset() < input.size()) { - throw serde::deserialization_error("Some input bytes were not read"); - } - return value; - } - -} // end of namespace Circuit - -template <> -template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::HashToField128Security &obj, Serializer &serializer) { - serde::Serializable::serialize(obj.inputs, serializer); - serde::Serializable::serialize(obj.output, serializer); -} - -template <> -template -Circuit::BlackBoxFuncCall::HashToField128Security serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::HashToField128Security obj; - obj.inputs = serde::Deserializable::deserialize(deserializer); - obj.output = serde::Deserializable::deserialize(deserializer); - return obj; -} - namespace Circuit { inline bool operator==(const BlackBoxFuncCall::EcdsaSecp256k1 &lhs, const BlackBoxFuncCall::EcdsaSecp256k1 &rhs) { @@ -2247,6 +2247,47 @@ Circuit::BlackBoxFuncCall::Keccak256VariableLength serde::Deserializable BlackBoxFuncCall::Keccakf1600::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxFuncCall::Keccakf1600 BlackBoxFuncCall::Keccakf1600::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Keccakf1600 &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.inputs, serializer); + serde::Serializable::serialize(obj.outputs, serializer); +} + +template <> +template +Circuit::BlackBoxFuncCall::Keccakf1600 serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxFuncCall::Keccakf1600 obj; + obj.inputs = serde::Deserializable::deserialize(deserializer); + obj.outputs = serde::Deserializable::deserialize(deserializer); + return obj; +} + namespace Circuit { inline bool operator==(const BlackBoxFuncCall::RecursiveAggregation &lhs, const BlackBoxFuncCall::RecursiveAggregation &rhs) { @@ -2465,47 +2506,6 @@ Circuit::BlackBoxOp::Keccak256 serde::Deserializable BlackBoxOp::HashToField128Security::bincodeSerialize() const { - auto serializer = serde::BincodeSerializer(); - serde::Serializable::serialize(*this, serializer); - return std::move(serializer).bytes(); - } - - inline BlackBoxOp::HashToField128Security BlackBoxOp::HashToField128Security::bincodeDeserialize(std::vector input) { - auto deserializer = serde::BincodeDeserializer(input); - auto value = serde::Deserializable::deserialize(deserializer); - if (deserializer.get_buffer_offset() < input.size()) { - throw serde::deserialization_error("Some input bytes were not read"); - } - return value; - } - -} // end of namespace Circuit - -template <> -template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::HashToField128Security &obj, Serializer &serializer) { - serde::Serializable::serialize(obj.message, serializer); - serde::Serializable::serialize(obj.output, serializer); -} - -template <> -template -Circuit::BlackBoxOp::HashToField128Security serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::HashToField128Security obj; - obj.message = serde::Deserializable::deserialize(deserializer); - obj.output = serde::Deserializable::deserialize(deserializer); - return obj; -} - namespace Circuit { inline bool operator==(const BlackBoxOp::EcdsaSecp256k1 &lhs, const BlackBoxOp::EcdsaSecp256k1 &rhs) { diff --git a/acvm-repo/acir/src/circuit/black_box_functions.rs b/acvm-repo/acir/src/circuit/black_box_functions.rs index dec60c09077..6e45a9a2c21 100644 --- a/acvm-repo/acir/src/circuit/black_box_functions.rs +++ b/acvm-repo/acir/src/circuit/black_box_functions.rs @@ -19,6 +19,8 @@ pub enum BlackBoxFunc { SHA256, /// Calculates the Blake2s hash of the inputs. Blake2s, + /// Calculates the Blake3 hash of the inputs. + Blake3, /// Verifies a Schnorr signature over a curve which is "pairing friendly" with the curve on which the ACIR circuit is defined. /// /// The exact curve which this signature uses will vary based on the curve being used by ACIR. @@ -30,12 +32,6 @@ pub enum BlackBoxFunc { PedersenCommitment, /// Calculates a Pedersen hash to the inputs. PedersenHash, - /// Hashes a set of inputs and applies the field modulus to the result - /// to return a value which can be represented as a [`FieldElement`][acir_field::FieldElement] - /// - /// This is implemented using the `Blake2s` hash function. - /// The "128" in the name specifies that this function should have 128 bits of security. - HashToField128Security, /// Verifies a ECDSA signature over the secp256k1 curve. EcdsaSecp256k1, /// Verifies a ECDSA signature over the secp256r1 curve. @@ -44,6 +40,8 @@ pub enum BlackBoxFunc { FixedBaseScalarMul, /// Calculates the Keccak256 hash of the inputs. Keccak256, + /// Keccak Permutation function of 1600 width + Keccakf1600, /// Compute a recursive aggregation object when verifying a proof inside another circuit. /// This outputted aggregation object will then be either checked in a top-level verifier or aggregated upon again. RecursiveAggregation, @@ -61,15 +59,16 @@ impl BlackBoxFunc { BlackBoxFunc::SHA256 => "sha256", BlackBoxFunc::SchnorrVerify => "schnorr_verify", BlackBoxFunc::Blake2s => "blake2s", + BlackBoxFunc::Blake3 => "blake3", BlackBoxFunc::PedersenCommitment => "pedersen_commitment", BlackBoxFunc::PedersenHash => "pedersen_hash", - BlackBoxFunc::HashToField128Security => "hash_to_field_128_security", BlackBoxFunc::EcdsaSecp256k1 => "ecdsa_secp256k1", BlackBoxFunc::FixedBaseScalarMul => "fixed_base_scalar_mul", BlackBoxFunc::AND => "and", BlackBoxFunc::XOR => "xor", BlackBoxFunc::RANGE => "range", BlackBoxFunc::Keccak256 => "keccak256", + BlackBoxFunc::Keccakf1600 => "keccak_f1600", BlackBoxFunc::RecursiveAggregation => "recursive_aggregation", BlackBoxFunc::EcdsaSecp256r1 => "ecdsa_secp256r1", } @@ -79,9 +78,9 @@ impl BlackBoxFunc { "sha256" => Some(BlackBoxFunc::SHA256), "schnorr_verify" => Some(BlackBoxFunc::SchnorrVerify), "blake2s" => Some(BlackBoxFunc::Blake2s), + "blake3" => Some(BlackBoxFunc::Blake3), "pedersen_commitment" => Some(BlackBoxFunc::PedersenCommitment), "pedersen_hash" => Some(BlackBoxFunc::PedersenHash), - "hash_to_field_128_security" => Some(BlackBoxFunc::HashToField128Security), "ecdsa_secp256k1" => Some(BlackBoxFunc::EcdsaSecp256k1), "ecdsa_secp256r1" => Some(BlackBoxFunc::EcdsaSecp256r1), "fixed_base_scalar_mul" => Some(BlackBoxFunc::FixedBaseScalarMul), @@ -89,6 +88,7 @@ impl BlackBoxFunc { "xor" => Some(BlackBoxFunc::XOR), "range" => Some(BlackBoxFunc::RANGE), "keccak256" => Some(BlackBoxFunc::Keccak256), + "keccakf1600" => Some(BlackBoxFunc::Keccakf1600), "recursive_aggregation" => Some(BlackBoxFunc::RecursiveAggregation), _ => None, } diff --git a/acvm-repo/acir/src/circuit/mod.rs b/acvm-repo/acir/src/circuit/mod.rs index df58b949b85..48c6b14ce69 100644 --- a/acvm-repo/acir/src/circuit/mod.rs +++ b/acvm-repo/acir/src/circuit/mod.rs @@ -250,6 +250,64 @@ mod tests { input: FunctionInput { witness: Witness(1), num_bits: 8 }, }) } + fn keccakf1600_opcode() -> Opcode { + Opcode::BlackBoxFuncCall(BlackBoxFuncCall::Keccakf1600 { + inputs: vec![ + FunctionInput { witness: Witness(1), num_bits: 64 }, + FunctionInput { witness: Witness(2), num_bits: 64 }, + FunctionInput { witness: Witness(3), num_bits: 64 }, + FunctionInput { witness: Witness(4), num_bits: 64 }, + FunctionInput { witness: Witness(5), num_bits: 64 }, + FunctionInput { witness: Witness(6), num_bits: 64 }, + FunctionInput { witness: Witness(7), num_bits: 64 }, + FunctionInput { witness: Witness(8), num_bits: 64 }, + FunctionInput { witness: Witness(9), num_bits: 64 }, + FunctionInput { witness: Witness(10), num_bits: 64 }, + FunctionInput { witness: Witness(11), num_bits: 64 }, + FunctionInput { witness: Witness(12), num_bits: 64 }, + FunctionInput { witness: Witness(13), num_bits: 64 }, + FunctionInput { witness: Witness(14), num_bits: 64 }, + FunctionInput { witness: Witness(15), num_bits: 64 }, + FunctionInput { witness: Witness(16), num_bits: 64 }, + FunctionInput { witness: Witness(17), num_bits: 64 }, + FunctionInput { witness: Witness(18), num_bits: 64 }, + FunctionInput { witness: Witness(19), num_bits: 64 }, + FunctionInput { witness: Witness(20), num_bits: 64 }, + FunctionInput { witness: Witness(21), num_bits: 64 }, + FunctionInput { witness: Witness(22), num_bits: 64 }, + FunctionInput { witness: Witness(23), num_bits: 64 }, + FunctionInput { witness: Witness(24), num_bits: 64 }, + FunctionInput { witness: Witness(25), num_bits: 64 }, + ], + outputs: vec![ + Witness(26), + Witness(27), + Witness(28), + Witness(29), + Witness(30), + Witness(31), + Witness(32), + Witness(33), + Witness(34), + Witness(35), + Witness(36), + Witness(37), + Witness(38), + Witness(39), + Witness(40), + Witness(41), + Witness(42), + Witness(43), + Witness(44), + Witness(45), + Witness(46), + Witness(47), + Witness(48), + Witness(49), + Witness(50), + ], + }) + } #[test] fn serialization_roundtrip() { @@ -284,6 +342,7 @@ mod tests { }), range_opcode(), and_opcode(), + keccakf1600_opcode(), ], private_parameters: BTreeSet::new(), public_parameters: PublicInputs(BTreeSet::from_iter(vec![Witness(2)])), diff --git a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs index 70821913836..fea12f9c08a 100644 --- a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs +++ b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs @@ -39,6 +39,10 @@ pub enum BlackBoxFuncCall { inputs: Vec, outputs: Vec, }, + Blake3 { + inputs: Vec, + outputs: Vec, + }, SchnorrVerify { public_key_x: FunctionInput, public_key_y: FunctionInput, @@ -56,12 +60,6 @@ pub enum BlackBoxFuncCall { domain_separator: u32, output: Witness, }, - // 128 here specifies that this function - // should have 128 bits of security - HashToField128Security { - inputs: Vec, - output: Witness, - }, EcdsaSecp256k1 { public_key_x: Vec, public_key_y: Vec, @@ -94,6 +92,10 @@ pub enum BlackBoxFuncCall { var_message_size: FunctionInput, outputs: Vec, }, + Keccakf1600 { + inputs: Vec, + outputs: Vec, + }, RecursiveAggregation { verification_key: Vec, proof: Vec, @@ -127,15 +129,16 @@ impl BlackBoxFuncCall { BlackBoxFuncCall::RANGE { .. } => BlackBoxFunc::RANGE, BlackBoxFuncCall::SHA256 { .. } => BlackBoxFunc::SHA256, BlackBoxFuncCall::Blake2s { .. } => BlackBoxFunc::Blake2s, + BlackBoxFuncCall::Blake3 { .. } => BlackBoxFunc::Blake3, BlackBoxFuncCall::SchnorrVerify { .. } => BlackBoxFunc::SchnorrVerify, BlackBoxFuncCall::PedersenCommitment { .. } => BlackBoxFunc::PedersenCommitment, BlackBoxFuncCall::PedersenHash { .. } => BlackBoxFunc::PedersenHash, - BlackBoxFuncCall::HashToField128Security { .. } => BlackBoxFunc::HashToField128Security, BlackBoxFuncCall::EcdsaSecp256k1 { .. } => BlackBoxFunc::EcdsaSecp256k1, BlackBoxFuncCall::EcdsaSecp256r1 { .. } => BlackBoxFunc::EcdsaSecp256r1, BlackBoxFuncCall::FixedBaseScalarMul { .. } => BlackBoxFunc::FixedBaseScalarMul, BlackBoxFuncCall::Keccak256 { .. } => BlackBoxFunc::Keccak256, BlackBoxFuncCall::Keccak256VariableLength { .. } => BlackBoxFunc::Keccak256, + BlackBoxFuncCall::Keccakf1600 { .. } => BlackBoxFunc::Keccakf1600, BlackBoxFuncCall::RecursiveAggregation { .. } => BlackBoxFunc::RecursiveAggregation, } } @@ -148,10 +151,11 @@ impl BlackBoxFuncCall { match self { BlackBoxFuncCall::SHA256 { inputs, .. } | BlackBoxFuncCall::Blake2s { inputs, .. } + | BlackBoxFuncCall::Blake3 { inputs, .. } | BlackBoxFuncCall::Keccak256 { inputs, .. } + | BlackBoxFuncCall::Keccakf1600 { inputs, .. } | BlackBoxFuncCall::PedersenCommitment { inputs, .. } - | BlackBoxFuncCall::PedersenHash { inputs, .. } - | BlackBoxFuncCall::HashToField128Security { inputs, .. } => inputs.to_vec(), + | BlackBoxFuncCall::PedersenHash { inputs, .. } => inputs.to_vec(), BlackBoxFuncCall::AND { lhs, rhs, .. } | BlackBoxFuncCall::XOR { lhs, rhs, .. } => { vec![*lhs, *rhs] } @@ -238,13 +242,14 @@ impl BlackBoxFuncCall { match self { BlackBoxFuncCall::SHA256 { outputs, .. } | BlackBoxFuncCall::Blake2s { outputs, .. } + | BlackBoxFuncCall::Blake3 { outputs, .. } | BlackBoxFuncCall::Keccak256 { outputs, .. } + | BlackBoxFuncCall::Keccakf1600 { outputs, .. } | BlackBoxFuncCall::RecursiveAggregation { output_aggregation_object: outputs, .. } => outputs.to_vec(), BlackBoxFuncCall::AND { output, .. } | BlackBoxFuncCall::XOR { output, .. } - | BlackBoxFuncCall::HashToField128Security { output, .. } | BlackBoxFuncCall::SchnorrVerify { output, .. } | BlackBoxFuncCall::EcdsaSecp256k1 { output, .. } | BlackBoxFuncCall::PedersenHash { output, .. } diff --git a/acvm-repo/acvm/src/compiler/transformers/mod.rs b/acvm-repo/acvm/src/compiler/transformers/mod.rs index c9bc91b02c7..7f4e6540e1a 100644 --- a/acvm-repo/acvm/src/compiler/transformers/mod.rs +++ b/acvm-repo/acvm/src/compiler/transformers/mod.rs @@ -111,11 +111,13 @@ pub(super) fn transform_internal( outputs, .. } + | acir::circuit::opcodes::BlackBoxFuncCall::Keccakf1600 { outputs, .. } | acir::circuit::opcodes::BlackBoxFuncCall::RecursiveAggregation { output_aggregation_object: outputs, .. } - | acir::circuit::opcodes::BlackBoxFuncCall::Blake2s { outputs, .. } => { + | acir::circuit::opcodes::BlackBoxFuncCall::Blake2s { outputs, .. } + | acir::circuit::opcodes::BlackBoxFuncCall::Blake3 { outputs, .. } => { for witness in outputs { transformer.mark_solvable(*witness); } @@ -131,11 +133,7 @@ pub(super) fn transform_internal( transformer.mark_solvable(outputs.0); transformer.mark_solvable(outputs.1); } - acir::circuit::opcodes::BlackBoxFuncCall::HashToField128Security { - output, - .. - } - | acir::circuit::opcodes::BlackBoxFuncCall::EcdsaSecp256k1 { output, .. } + acir::circuit::opcodes::BlackBoxFuncCall::EcdsaSecp256k1 { output, .. } | acir::circuit::opcodes::BlackBoxFuncCall::EcdsaSecp256r1 { output, .. } | acir::circuit::opcodes::BlackBoxFuncCall::SchnorrVerify { output, .. } | acir::circuit::opcodes::BlackBoxFuncCall::PedersenHash { output, .. } => { diff --git a/acvm-repo/acvm/src/pwg/blackbox/hash.rs b/acvm-repo/acvm/src/pwg/blackbox/hash.rs index 80665a743c4..bbf7dd43bd9 100644 --- a/acvm-repo/acvm/src/pwg/blackbox/hash.rs +++ b/acvm-repo/acvm/src/pwg/blackbox/hash.rs @@ -3,26 +3,11 @@ use acir::{ native_types::{Witness, WitnessMap}, BlackBoxFunc, FieldElement, }; -use acvm_blackbox_solver::{hash_to_field_128_security, BlackBoxResolutionError}; +use acvm_blackbox_solver::BlackBoxResolutionError; use crate::pwg::{insert_value, witness_to_value}; use crate::OpcodeResolutionError; -/// Attempts to solve a `HashToField128Security` opcode -/// If successful, `initial_witness` will be mutated to contain the new witness assignment. -pub(super) fn solve_hash_to_field( - initial_witness: &mut WitnessMap, - inputs: &[FunctionInput], - output: &Witness, -) -> Result<(), OpcodeResolutionError> { - let message_input = get_hash_input(initial_witness, inputs, None)?; - let field = hash_to_field_128_security(&message_input)?; - - insert_value(output, field, initial_witness)?; - - Ok(()) -} - /// Attempts to solve a 256 bit hash function opcode. /// If successful, `initial_witness` will be mutated to contain the new witness assignment. pub(super) fn solve_generic_256_hash_opcode( @@ -101,3 +86,82 @@ fn write_digest_to_outputs( Ok(()) } + +const ROUNDS: usize = 24; + +const RC: [u64; ROUNDS] = [ + 1u64, + 0x8082u64, + 0x800000000000808au64, + 0x8000000080008000u64, + 0x808bu64, + 0x80000001u64, + 0x8000000080008081u64, + 0x8000000000008009u64, + 0x8au64, + 0x88u64, + 0x80008009u64, + 0x8000000au64, + 0x8000808bu64, + 0x800000000000008bu64, + 0x8000000000008089u64, + 0x8000000000008003u64, + 0x8000000000008002u64, + 0x8000000000000080u64, + 0x800au64, + 0x800000008000000au64, + 0x8000000080008081u64, + 0x8000000000008080u64, + 0x80000001u64, + 0x8000000080008008u64, +]; + +const RHO: [u32; 24] = + [1, 3, 6, 10, 15, 21, 28, 36, 45, 55, 2, 14, 27, 41, 56, 8, 25, 43, 62, 18, 39, 61, 20, 44]; + +const PI: [usize; 24] = + [10, 7, 11, 17, 18, 3, 5, 16, 8, 21, 24, 4, 15, 23, 19, 13, 12, 2, 20, 14, 22, 9, 6, 1]; + +const KECCAK_LANES: usize = 25; + +pub(crate) fn keccakf1600(state: &mut [u64; KECCAK_LANES]) { + for rc in RC { + let mut array: [u64; 5] = [0; 5]; + + // Theta + for x in 0..5 { + for y_count in 0..5 { + let y = y_count * 5; + array[x] ^= state[x + y]; + } + } + + for x in 0..5 { + for y_count in 0..5 { + let y = y_count * 5; + state[y + x] ^= array[(x + 4) % 5] ^ array[(x + 1) % 5].rotate_left(1); + } + } + + // Rho and pi + let mut last = state[1]; + for x in 0..24 { + array[0] = state[PI[x]]; + state[PI[x]] = last.rotate_left(RHO[x]); + last = array[0]; + } + + // Chi + for y_step in 0..5 { + let y = y_step * 5; + array[..5].copy_from_slice(&state[y..(5 + y)]); + + for x in 0..5 { + state[y + x] = array[x] ^ ((!array[(x + 1) % 5]) & (array[(x + 2) % 5])); + } + } + + // Iota + state[0] ^= rc; + } +} diff --git a/acvm-repo/acvm/src/pwg/blackbox/mod.rs b/acvm-repo/acvm/src/pwg/blackbox/mod.rs index 7e8ab8b948c..c36596235a2 100644 --- a/acvm-repo/acvm/src/pwg/blackbox/mod.rs +++ b/acvm-repo/acvm/src/pwg/blackbox/mod.rs @@ -3,12 +3,12 @@ use acir::{ native_types::{Witness, WitnessMap}, FieldElement, }; -use acvm_blackbox_solver::{blake2s, keccak256, sha256}; +use acvm_blackbox_solver::{blake2s, blake3, keccak256, sha256}; -use self::pedersen::pedersen_hash; +use self::{hash::keccakf1600, pedersen::pedersen_hash}; use super::{insert_value, OpcodeNotSolvable, OpcodeResolutionError}; -use crate::BlackBoxFunctionSolver; +use crate::{pwg::witness_to_value, BlackBoxFunctionSolver}; mod fixed_base_scalar_mul; mod hash; @@ -19,7 +19,7 @@ mod signature; use fixed_base_scalar_mul::fixed_base_scalar_mul; // Hash functions should eventually be exposed for external consumers. -use hash::{solve_generic_256_hash_opcode, solve_hash_to_field}; +use hash::solve_generic_256_hash_opcode; use logic::{and, xor}; use pedersen::pedersen; use range::solve_range_opcode; @@ -83,6 +83,14 @@ pub(crate) fn solve( blake2s, bb_func.get_black_box_func(), ), + BlackBoxFuncCall::Blake3 { inputs, outputs } => solve_generic_256_hash_opcode( + initial_witness, + inputs, + None, + outputs, + blake3, + bb_func.get_black_box_func(), + ), BlackBoxFuncCall::Keccak256 { inputs, outputs } => solve_generic_256_hash_opcode( initial_witness, inputs, @@ -101,8 +109,21 @@ pub(crate) fn solve( bb_func.get_black_box_func(), ) } - BlackBoxFuncCall::HashToField128Security { inputs, output } => { - solve_hash_to_field(initial_witness, inputs, output) + BlackBoxFuncCall::Keccakf1600 { inputs, outputs } => { + let mut state = [0; 25]; + for (i, input) in inputs.iter().enumerate() { + let witness = input.witness; + let num_bits = input.num_bits as usize; + assert_eq!(num_bits, 64); + let witness_assignment = witness_to_value(initial_witness, witness)?; + let lane = witness_assignment.try_to_u64(); + state[i] = lane.unwrap(); + } + keccakf1600(&mut state); + for (output_witness, value) in outputs.iter().zip(state.into_iter()) { + insert_value(output_witness, FieldElement::from(value as u128), initial_witness)?; + } + Ok(()) } BlackBoxFuncCall::SchnorrVerify { public_key_x, diff --git a/acvm-repo/acvm_js/src/black_box_solvers.rs b/acvm-repo/acvm_js/src/black_box_solvers.rs index cc3edc3de04..fc0e3b28ebf 100644 --- a/acvm-repo/acvm_js/src/black_box_solvers.rs +++ b/acvm-repo/acvm_js/src/black_box_solvers.rs @@ -40,21 +40,6 @@ pub fn keccak256(inputs: &[u8]) -> Vec { acvm::blackbox_solver::keccak256(inputs).unwrap().into() } -/// Calculates the Blake2s256 hash of the input bytes and represents these as a single field element. -// #[wasm_bindgen] -// pub fn hash_to_field_128_security(inputs: Vec) -> JsString { -// let input_bytes: Vec = inputs -// .into_iter() -// .flat_map(|field_string| { -// let field_element = js_value_to_field_element(field_string.into()).unwrap(); -// witness_assignment.fetch_nearest_bytes(FieldElement::max_num_bits()); -// }) -// .collect(); -// field_element_to_js_string( -// &acvm::blackbox_solver::hash_to_field_128_security(&input_bytes).unwrap(), -// ) -// } - /// Verifies a ECDSA signature over the secp256k1 curve. #[wasm_bindgen] pub fn ecdsa_secp256k1_verify( diff --git a/acvm-repo/acvm_js/test/browser/black_box_solvers.test.ts b/acvm-repo/acvm_js/test/browser/black_box_solvers.test.ts index 9aec1403f6c..3c54fe8e38f 100644 --- a/acvm-repo/acvm_js/test/browser/black_box_solvers.test.ts +++ b/acvm-repo/acvm_js/test/browser/black_box_solvers.test.ts @@ -64,18 +64,6 @@ it('successfully calculates the keccak256 hash', async () => { } }); -// it("successfully calculates the hash_to_field_128_security field", async () => { -// const { hash_to_field_128_security_test_cases } = await import( -// "../shared/black_box_solvers" -// ); - -// for (const testCase of hash_to_field_128_security_test_cases) { -// const [preimage, expectedResult] = testCase; -// const hashField = hash_to_field_128_security(preimage); -// expect(hashField).to.be.eq(expectedResult); -// } -// }); - it('successfully verifies secp256k1 ECDSA signatures', async () => { const { ecdsa_secp256k1_test_cases } = await import('../shared/black_box_solvers'); diff --git a/acvm-repo/acvm_js/test/shared/black_box_solvers.ts b/acvm-repo/acvm_js/test/shared/black_box_solvers.ts index a5b6d1ac996..0ab3fc12b72 100644 --- a/acvm-repo/acvm_js/test/shared/black_box_solvers.ts +++ b/acvm-repo/acvm_js/test/shared/black_box_solvers.ts @@ -66,13 +66,6 @@ export const keccak256_test_cases: [Uint8Array, Uint8Array][] = [ ], ]; -// export const hash_to_field_128_security_test_cases: [string[], string][] = [ -// [ -// ["0x0000000000000000000000000000000000000000000000000000000000000001"], -// "0x25cebc29ded2fa515a937e2b5f674e3026c012e5b57f8a48d7dce6b7d274f9d9", -// ], -// ]; - export const ecdsa_secp256k1_test_cases: [[Uint8Array, Uint8Array, Uint8Array, Uint8Array], boolean][] = [ [ [ diff --git a/acvm-repo/blackbox_solver/Cargo.toml b/acvm-repo/blackbox_solver/Cargo.toml index be2a58417f4..258321d8ef4 100644 --- a/acvm-repo/blackbox_solver/Cargo.toml +++ b/acvm-repo/blackbox_solver/Cargo.toml @@ -17,6 +17,7 @@ acir.workspace = true thiserror.workspace = true blake2 = "0.10.6" +blake3 = "1.5.0" sha2 = "0.10.6" sha3 = "0.10.6" k256 = { version = "0.11.0", features = [ diff --git a/acvm-repo/blackbox_solver/src/lib.rs b/acvm-repo/blackbox_solver/src/lib.rs index 8b7c6343962..ede648ef75e 100644 --- a/acvm-repo/blackbox_solver/src/lib.rs +++ b/acvm-repo/blackbox_solver/src/lib.rs @@ -59,16 +59,15 @@ pub fn blake2s(inputs: &[u8]) -> Result<[u8; 32], BlackBoxResolutionError> { .map_err(|err| BlackBoxResolutionError::Failed(BlackBoxFunc::Blake2s, err)) } +pub fn blake3(inputs: &[u8]) -> Result<[u8; 32], BlackBoxResolutionError> { + Ok(blake3::hash(inputs).into()) +} + pub fn keccak256(inputs: &[u8]) -> Result<[u8; 32], BlackBoxResolutionError> { generic_hash_256::(inputs) .map_err(|err| BlackBoxResolutionError::Failed(BlackBoxFunc::Keccak256, err)) } -pub fn hash_to_field_128_security(inputs: &[u8]) -> Result { - generic_hash_to_field::(inputs) - .map_err(|err| BlackBoxResolutionError::Failed(BlackBoxFunc::HashToField128Security, err)) -} - pub fn ecdsa_secp256k1_verify( hashed_msg: &[u8], public_key_x: &[u8; 32], @@ -95,14 +94,6 @@ fn generic_hash_256(message: &[u8]) -> Result<[u8; 32], String> { Ok(output_bytes) } -/// Does a generic hash of the entire inputs converting the resulting hash into a single output field. -fn generic_hash_to_field(message: &[u8]) -> Result { - let output_bytes: [u8; 32] = - D::digest(message).as_slice().try_into().map_err(|_| "digest should be 256 bits")?; - - Ok(FieldElement::from_be_bytes_reduce(&output_bytes)) -} - fn verify_secp256k1_ecdsa_signature( hashed_msg: &[u8], public_key_x_bytes: &[u8; 32], diff --git a/acvm-repo/brillig/src/black_box.rs b/acvm-repo/brillig/src/black_box.rs index 75fae0a10f0..41e54ab2705 100644 --- a/acvm-repo/brillig/src/black_box.rs +++ b/acvm-repo/brillig/src/black_box.rs @@ -11,12 +11,6 @@ pub enum BlackBoxOp { Blake2s { message: HeapVector, output: HeapArray }, /// Calculates the Keccak256 hash of the inputs. Keccak256 { message: HeapVector, output: HeapArray }, - /// Hashes a set of inputs and applies the field modulus to the result - /// to return a value which can be represented as a [`FieldElement`][acir_field::FieldElement] - /// - /// This is implemented using the `Blake2s` hash function. - /// The "128" in the name specifies that this function should have 128 bits of security. - HashToField128Security { message: HeapVector, output: RegisterIndex }, /// Verifies a ECDSA signature over the secp256k1 curve. EcdsaSecp256k1 { hashed_msg: HeapVector, diff --git a/acvm-repo/brillig_vm/src/black_box.rs b/acvm-repo/brillig_vm/src/black_box.rs index 66d40c48aec..bf05522f89a 100644 --- a/acvm-repo/brillig_vm/src/black_box.rs +++ b/acvm-repo/brillig_vm/src/black_box.rs @@ -1,8 +1,8 @@ use acir::brillig::{BlackBoxOp, HeapArray, HeapVector, Value}; use acir::{BlackBoxFunc, FieldElement}; use acvm_blackbox_solver::{ - blake2s, ecdsa_secp256k1_verify, ecdsa_secp256r1_verify, hash_to_field_128_security, keccak256, - sha256, BlackBoxFunctionSolver, BlackBoxResolutionError, + blake2s, ecdsa_secp256k1_verify, ecdsa_secp256r1_verify, keccak256, sha256, + BlackBoxFunctionSolver, BlackBoxResolutionError, }; use crate::{Memory, Registers}; @@ -64,13 +64,6 @@ pub(crate) fn evaluate_black_box( memory.write_slice(registers.get(output.pointer).to_usize(), &to_value_vec(&bytes)); Ok(()) } - BlackBoxOp::HashToField128Security { message, output } => { - let field = hash_to_field_128_security(&to_u8_vec(read_heap_vector( - memory, registers, message, - )))?; - registers.set(*output, field.into()); - Ok(()) - } BlackBoxOp::EcdsaSecp256k1 { hashed_msg, public_key_x, diff --git a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs index 542c23fcd2e..a6d3220fa85 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs @@ -58,19 +58,6 @@ pub(crate) fn convert_black_box_call( unreachable!("ICE: Keccak256 expects message, message size and result array") } } - BlackBoxFunc::HashToField128Security => { - if let ([message], [BrilligVariable::Simple(result_register)]) = - (function_arguments, function_results) - { - let message_vector = convert_array_or_vector(brillig_context, message, bb_func); - brillig_context.black_box_op_instruction(BlackBoxOp::HashToField128Security { - message: message_vector.to_heap_vector(), - output: *result_register, - }); - } else { - unreachable!("ICE: HashToField128Security expects one array argument and one register result") - } - } BlackBoxFunc::EcdsaSecp256k1 => { if let ( [BrilligVariable::BrilligArray(public_key_x), BrilligVariable::BrilligArray(public_key_y), BrilligVariable::BrilligArray(signature), message], @@ -194,6 +181,12 @@ pub(crate) fn convert_black_box_call( BlackBoxFunc::RecursiveAggregation => unimplemented!( "ICE: `BlackBoxFunc::RecursiveAggregation` is not implemented by the Brillig VM" ), + BlackBoxFunc::Blake3 => { + unimplemented!("ICE: `BlackBoxFunc::Blake3` is not implemented by the Brillig VM") + } + BlackBoxFunc::Keccakf1600 => { + unimplemented!("ICE: `BlackBoxFunc::Keccakf1600` is not implemented by the Brillig VM") + } } } diff --git a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs index 65db47dd2e0..aae74849b8c 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs @@ -353,14 +353,6 @@ impl DebugShow { BlackBoxOp::Blake2s { message, output } => { debug_println!(self.enable_debug_trace, " BLAKE2S {} -> {}", message, output); } - BlackBoxOp::HashToField128Security { message, output } => { - debug_println!( - self.enable_debug_trace, - " HASH_TO_FIELD_128_SECURITY {} -> {}", - message, - output - ); - } BlackBoxOp::EcdsaSecp256k1 { hashed_msg, public_key_x, diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs index 0ea4d99123c..bea0a5e3158 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs @@ -155,10 +155,7 @@ impl GeneratedAcir { BlackBoxFunc::Blake2s => { BlackBoxFuncCall::Blake2s { inputs: inputs[0].clone(), outputs } } - BlackBoxFunc::HashToField128Security => BlackBoxFuncCall::HashToField128Security { - inputs: inputs[0].clone(), - output: outputs[0], - }, + BlackBoxFunc::Blake3 => BlackBoxFuncCall::Blake3 { inputs: inputs[0].clone(), outputs }, BlackBoxFunc::SchnorrVerify => { BlackBoxFuncCall::SchnorrVerify { public_key_x: inputs[0][0], @@ -226,6 +223,9 @@ impl GeneratedAcir { outputs, } } + BlackBoxFunc::Keccakf1600 => { + BlackBoxFuncCall::Keccakf1600 { inputs: inputs[0].clone(), outputs } + } BlackBoxFunc::RecursiveAggregation => { let has_previous_aggregation = self.opcodes.iter().any(|op| { matches!( @@ -573,9 +573,11 @@ fn black_box_func_expected_input_size(name: BlackBoxFunc) -> Option { BlackBoxFunc::Keccak256 | BlackBoxFunc::SHA256 | BlackBoxFunc::Blake2s + | BlackBoxFunc::Blake3 | BlackBoxFunc::PedersenCommitment - | BlackBoxFunc::PedersenHash - | BlackBoxFunc::HashToField128Security => None, + | BlackBoxFunc::PedersenHash => None, + + BlackBoxFunc::Keccakf1600 => Some(25), // Can only apply a range constraint to one // witness at a time. @@ -602,9 +604,11 @@ fn black_box_expected_output_size(name: BlackBoxFunc) -> Option { // or the operation. BlackBoxFunc::AND | BlackBoxFunc::XOR => Some(1), // 32 byte hash algorithms - BlackBoxFunc::Keccak256 | BlackBoxFunc::SHA256 | BlackBoxFunc::Blake2s => Some(32), - // Hash to field returns a field element - BlackBoxFunc::HashToField128Security => Some(1), + BlackBoxFunc::Keccak256 + | BlackBoxFunc::SHA256 + | BlackBoxFunc::Blake2s + | BlackBoxFunc::Blake3 => Some(32), + BlackBoxFunc::Keccakf1600 => Some(25), // Pedersen commitment returns a point BlackBoxFunc::PedersenCommitment => Some(2), // Pedersen hash returns a field diff --git a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs index b07e2df7bd3..f77e84d99e0 100644 --- a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs +++ b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs @@ -374,6 +374,8 @@ fn simplify_black_box_func( match bb_func { BlackBoxFunc::SHA256 => simplify_hash(dfg, arguments, acvm::blackbox_solver::sha256), BlackBoxFunc::Blake2s => simplify_hash(dfg, arguments, acvm::blackbox_solver::blake2s), + BlackBoxFunc::Blake3 => simplify_hash(dfg, arguments, acvm::blackbox_solver::blake3), + BlackBoxFunc::Keccakf1600 => SimplifyResult::None, //TODO(Guillaume) BlackBoxFunc::Keccak256 => { match (dfg.get_array_constant(arguments[0]), dfg.get_numeric_constant(arguments[1])) { (Some((input, _)), Some(num_bytes)) if array_is_constant(dfg, &input) => { @@ -393,18 +395,6 @@ fn simplify_black_box_func( _ => SimplifyResult::None, } } - BlackBoxFunc::HashToField128Security => match dfg.get_array_constant(arguments[0]) { - Some((input, _)) if array_is_constant(dfg, &input) => { - let input_bytes: Vec = to_u8_vec(dfg, input); - - let field = acvm::blackbox_solver::hash_to_field_128_security(&input_bytes) - .expect("Rust solvable black box function should not fail"); - - let field_constant = dfg.make_constant(field, Type::field()); - SimplifyResult::SimplifiedTo(field_constant) - } - _ => SimplifyResult::None, - }, BlackBoxFunc::EcdsaSecp256k1 => { simplify_signature(dfg, arguments, acvm::blackbox_solver::ecdsa_secp256k1_verify) diff --git a/docs/docs/noir/standard_library/black_box_fns.md b/docs/docs/noir/standard_library/black_box_fns.md index e0c6d475c1f..4b1efbd17de 100644 --- a/docs/docs/noir/standard_library/black_box_fns.md +++ b/docs/docs/noir/standard_library/black_box_fns.md @@ -31,7 +31,6 @@ Here is a list of the current black box functions that are supported by UltraPlo - [Blake2s](./cryptographic_primitives/hashes#blake2s) - [Pedersen Hash](./cryptographic_primitives/hashes#pedersen_hash) - [Pedersen Commitment](./cryptographic_primitives/hashes#pedersen_commitment) -- [HashToField128Security](./cryptographic_primitives/hashes#hash_to_field) - [ECDSA signature verification](./cryptographic_primitives/ecdsa_sig_verification) - [Fixed base scalar multiplication](./cryptographic_primitives/scalar) - [Compute merkle root](./merkle_trees#compute_merkle_root) diff --git a/docs/docs/noir/standard_library/cryptographic_primitives/hashes.mdx b/docs/docs/noir/standard_library/cryptographic_primitives/hashes.mdx index 9250cb4a0c0..3c5f7f79603 100644 --- a/docs/docs/noir/standard_library/cryptographic_primitives/hashes.mdx +++ b/docs/docs/noir/standard_library/cryptographic_primitives/hashes.mdx @@ -165,4 +165,3 @@ fn hash_to_field(_input : [Field; N]) -> Field {} Calculates the `blake2s` hash of the inputs and returns the hash modulo the field modulus to return a value which can be represented as a `Field`. - diff --git a/noir_stdlib/src/hash.nr b/noir_stdlib/src/hash.nr index ad7e4f2e28f..5933209d9bc 100644 --- a/noir_stdlib/src/hash.nr +++ b/noir_stdlib/src/hash.nr @@ -7,6 +7,9 @@ pub fn sha256(_input: [u8; N]) -> [u8; 32] {} #[foreign(blake2s)] pub fn blake2s(_input: [u8; N]) -> [u8; 32] {} +#[foreign(blake3)] +pub fn blake3(_input: [u8; N]) -> [u8; 32] {} + struct PedersenPoint { x : Field, y : Field, diff --git a/test_programs/execution_success/blake3/Nargo.toml b/test_programs/execution_success/blake3/Nargo.toml new file mode 100644 index 00000000000..29f6ad5f11c --- /dev/null +++ b/test_programs/execution_success/blake3/Nargo.toml @@ -0,0 +1,7 @@ +[package] +name = "blake3" +type = "bin" +authors = [""] +compiler_version = ">=0.22.0" + +[dependencies] \ No newline at end of file diff --git a/test_programs/execution_success/blake3/Prover.toml b/test_programs/execution_success/blake3/Prover.toml new file mode 100644 index 00000000000..c807701479b --- /dev/null +++ b/test_programs/execution_success/blake3/Prover.toml @@ -0,0 +1,37 @@ +# hello as bytes +# https://connor4312.github.io/blake3/index.html +x = [104, 101, 108, 108, 111] +result = [ + 0xea, + 0x8f, + 0x16, + 0x3d, + 0xb3, + 0x86, + 0x82, + 0x92, + 0x5e, + 0x44, + 0x91, + 0xc5, + 0xe5, + 0x8d, + 0x4b, + 0xb3, + 0x50, + 0x6e, + 0xf8, + 0xc1, + 0x4e, + 0xb7, + 0x8a, + 0x86, + 0xe9, + 0x08, + 0xc5, + 0x62, + 0x4a, + 0x67, + 0x20, + 0x0f, +] diff --git a/test_programs/execution_success/blake3/src/main.nr b/test_programs/execution_success/blake3/src/main.nr new file mode 100644 index 00000000000..3bfea6c5f95 --- /dev/null +++ b/test_programs/execution_success/blake3/src/main.nr @@ -0,0 +1,6 @@ +use dep::std; + +fn main(x: [u8; 5], result: [u8; 32]) { + let digest = std::hash::blake3(x); + assert(digest == result); +} diff --git a/tooling/backend_interface/test-binaries/mock_backend/src/info_cmd.rs b/tooling/backend_interface/test-binaries/mock_backend/src/info_cmd.rs index e9a7842ba24..fd8cf602125 100644 --- a/tooling/backend_interface/test-binaries/mock_backend/src/info_cmd.rs +++ b/tooling/backend_interface/test-binaries/mock_backend/src/info_cmd.rs @@ -14,11 +14,11 @@ const INFO_RESPONSE: &str = r#"{ "range", "sha256", "blake2s", + "blake3", "keccak256", "schnorr_verify", "pedersen", "pedersen_hash", - "hash_to_field_128_security", "ecdsa_secp256k1", "ecdsa_secp256r1", "fixed_base_scalar_mul", diff --git a/tooling/nargo_cli/src/cli/lsp_cmd.rs b/tooling/nargo_cli/src/cli/lsp_cmd.rs index 4a2801eaf6e..1428b8070c8 100644 --- a/tooling/nargo_cli/src/cli/lsp_cmd.rs +++ b/tooling/nargo_cli/src/cli/lsp_cmd.rs @@ -42,6 +42,8 @@ pub(crate) fn run( .service(router) }); + eprintln!("LSP starting..."); + // Prefer truly asynchronous piped stdin/stdout without blocking tasks. #[cfg(unix)] let (stdin, stdout) = ( diff --git a/tooling/noir_codegen/package.json b/tooling/noir_codegen/package.json index a10855ed63d..97bab815764 100644 --- a/tooling/noir_codegen/package.json +++ b/tooling/noir_codegen/package.json @@ -19,7 +19,6 @@ "dependencies": { "@noir-lang/types": "workspace:*", "glob": "^10.3.10", - "lodash": "^4.17.21", "ts-command-line-args": "^2.5.1" }, "files": [ @@ -49,7 +48,6 @@ "devDependencies": { "@noir-lang/noir_js": "workspace:*", "@types/chai": "^4", - "@types/lodash": "^4", "@types/mocha": "^10.0.1", "@types/node": "^20.6.2", "@types/prettier": "^3", diff --git a/tooling/noir_codegen/src/utils/glob.ts b/tooling/noir_codegen/src/utils/glob.ts index 15deaf72e44..a1e4c3b1ea1 100644 --- a/tooling/noir_codegen/src/utils/glob.ts +++ b/tooling/noir_codegen/src/utils/glob.ts @@ -1,9 +1,6 @@ import { sync as globSync } from 'glob'; -import _ from 'lodash'; -const { flatten, uniq } = _; export function glob(cwd: string, patternsOrFiles: string[]): string[] { const matches = patternsOrFiles.map((p) => globSync(p, { ignore: 'node_modules/**', absolute: true, cwd })); - - return uniq(flatten(matches)); + return [...new Set(matches.flat())]; } diff --git a/yarn.lock b/yarn.lock index fab2866a228..65b977864b4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3980,7 +3980,6 @@ __metadata: "@noir-lang/noir_js": "workspace:*" "@noir-lang/types": "workspace:*" "@types/chai": ^4 - "@types/lodash": ^4 "@types/mocha": ^10.0.1 "@types/node": ^20.6.2 "@types/prettier": ^3 @@ -3988,7 +3987,6 @@ __metadata: eslint: ^8.50.0 eslint-plugin-prettier: ^5.0.0 glob: ^10.3.10 - lodash: ^4.17.21 mocha: ^10.2.0 prettier: 3.0.3 ts-command-line-args: ^2.5.1 @@ -5340,13 +5338,6 @@ __metadata: languageName: node linkType: hard -"@types/lodash@npm:^4": - version: 4.14.202 - resolution: "@types/lodash@npm:4.14.202" - checksum: a91acf3564a568c6f199912f3eb2c76c99c5a0d7e219394294213b3f2d54f672619f0fde4da22b29dc5d4c31457cd799acc2e5cb6bd90f9af04a1578483b6ff7 - languageName: node - linkType: hard - "@types/lru-cache@npm:^5.1.0": version: 5.1.1 resolution: "@types/lru-cache@npm:5.1.1" From c0826b58272bbba28d6cd25bc07dd5de3cc12e61 Mon Sep 17 00:00:00 2001 From: Maxim Vezenov Date: Mon, 8 Jan 2024 21:59:32 +0000 Subject: [PATCH 13/67] chore!: Remove aggregation objects from RecursionConstraint (#3885) This removes the aggregation objects which are currently unused in the RecursionConstraint implementation. Next we will update the ACVM opcode to no longer use the aggregation object fields and update the serialization. # Checklist: Remove the checklist to signal you've completed it. Enable auto-merge if the PR is ready to merge. - [ ] If the pull request requires a cryptography review (e.g. cryptographic algorithm implementations) I have added the 'crypto' tag. - [ ] I have reviewed my diff in github, line by line and removed unexpected formatting changes, testing logs, or commented-out code. - [ ] Every change is related to the PR description. - [ ] I have [linked](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue) this pull request to relevant issues (if any exist). --------- Co-authored-by: kevaundray --- Cargo.lock | 2 +- acvm-repo/acir/codegen/acir.cpp | 8 ------- .../opcodes/black_box_function_call.rs | 21 ++----------------- .../acvm/src/compiler/transformers/mod.rs | 6 +----- acvm-repo/acvm/src/pwg/blackbox/mod.rs | 10 ++------- .../ssa/acir_gen/acir_ir/generated_acir.rs | 12 ----------- noir_stdlib/src/lib.nr | 9 ++------ .../double_verify_proof/Prover.toml | 6 ------ .../double_verify_proof/src/main.nr | 15 ++++--------- 9 files changed, 12 insertions(+), 77 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 05bcfb2b582..0334ee5f552 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -564,7 +564,7 @@ dependencies = [ "arrayref", "arrayvec", "cc", - "cfg-if", + "cfg-if 1.0.0", "constant_time_eq", ] diff --git a/acvm-repo/acir/codegen/acir.cpp b/acvm-repo/acir/codegen/acir.cpp index 0cabaed8349..2b217c7e93d 100644 --- a/acvm-repo/acir/codegen/acir.cpp +++ b/acvm-repo/acir/codegen/acir.cpp @@ -178,8 +178,6 @@ namespace Circuit { std::vector proof; std::vector public_inputs; Circuit::FunctionInput key_hash; - std::optional> input_aggregation_object; - std::vector output_aggregation_object; friend bool operator==(const RecursiveAggregation&, const RecursiveAggregation&); std::vector bincodeSerialize() const; @@ -2295,8 +2293,6 @@ namespace Circuit { if (!(lhs.proof == rhs.proof)) { return false; } if (!(lhs.public_inputs == rhs.public_inputs)) { return false; } if (!(lhs.key_hash == rhs.key_hash)) { return false; } - if (!(lhs.input_aggregation_object == rhs.input_aggregation_object)) { return false; } - if (!(lhs.output_aggregation_object == rhs.output_aggregation_object)) { return false; } return true; } @@ -2324,8 +2320,6 @@ void serde::Serializable::seria serde::Serializable::serialize(obj.proof, serializer); serde::Serializable::serialize(obj.public_inputs, serializer); serde::Serializable::serialize(obj.key_hash, serializer); - serde::Serializable::serialize(obj.input_aggregation_object, serializer); - serde::Serializable::serialize(obj.output_aggregation_object, serializer); } template <> @@ -2336,8 +2330,6 @@ Circuit::BlackBoxFuncCall::RecursiveAggregation serde::Deserializable::deserialize(deserializer); obj.public_inputs = serde::Deserializable::deserialize(deserializer); obj.key_hash = serde::Deserializable::deserialize(deserializer); - obj.input_aggregation_object = serde::Deserializable::deserialize(deserializer); - obj.output_aggregation_object = serde::Deserializable::deserialize(deserializer); return obj; } diff --git a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs index fea12f9c08a..2ef9790221c 100644 --- a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs +++ b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs @@ -107,17 +107,6 @@ pub enum BlackBoxFuncCall { /// The circuit implementing this opcode can use this hash to ensure that the /// key provided to the circuit matches the key produced by the circuit creator key_hash: FunctionInput, - /// An aggregation object is blob of data that the top-level verifier must run some proof system specific - /// algorithm on to complete verification. The size is proof system specific and will be set by the backend integrating this opcode. - /// The input aggregation object is only not `None` when we are verifying a previous recursive aggregation in - /// the current circuit. If this is the first recursive aggregation there is no input aggregation object. - /// It is left to the backend to determine how to handle when there is no input aggregation object. - input_aggregation_object: Option>, - /// This is the result of a recursive aggregation and is what will be fed into the next verifier. - /// The next verifier can either perform a final verification (returning true or false) - /// or perform another recursive aggregation where this output aggregation object - /// will be the input aggregation object of the next recursive aggregation. - output_aggregation_object: Vec, }, } @@ -223,16 +212,12 @@ impl BlackBoxFuncCall { proof, public_inputs, key_hash, - .. } => { let mut inputs = Vec::new(); inputs.extend(key.iter().copied()); inputs.extend(proof.iter().copied()); inputs.extend(public_inputs.iter().copied()); inputs.push(*key_hash); - // NOTE: we do not return an input aggregation object as it will either be non-existent for the first recursive aggregation - // or the output aggregation object of a previous recursive aggregation. We do not simulate recursive aggregation - // thus the input aggregation object will always be unassigned until proving inputs } } @@ -245,9 +230,7 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::Blake3 { outputs, .. } | BlackBoxFuncCall::Keccak256 { outputs, .. } | BlackBoxFuncCall::Keccakf1600 { outputs, .. } - | BlackBoxFuncCall::RecursiveAggregation { - output_aggregation_object: outputs, .. - } => outputs.to_vec(), + => outputs.to_vec(), BlackBoxFuncCall::AND { output, .. } | BlackBoxFuncCall::XOR { output, .. } | BlackBoxFuncCall::SchnorrVerify { output, .. } @@ -256,7 +239,7 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::EcdsaSecp256r1 { output, .. } => vec![*output], BlackBoxFuncCall::FixedBaseScalarMul { outputs, .. } | BlackBoxFuncCall::PedersenCommitment { outputs, .. } => vec![outputs.0, outputs.1], - BlackBoxFuncCall::RANGE { .. } => vec![], + BlackBoxFuncCall::RANGE { .. } | BlackBoxFuncCall::RecursiveAggregation { .. } => vec![], BlackBoxFuncCall::Keccak256VariableLength { outputs, .. } => outputs.to_vec(), } } diff --git a/acvm-repo/acvm/src/compiler/transformers/mod.rs b/acvm-repo/acvm/src/compiler/transformers/mod.rs index 7f4e6540e1a..14cb1ae9fa7 100644 --- a/acvm-repo/acvm/src/compiler/transformers/mod.rs +++ b/acvm-repo/acvm/src/compiler/transformers/mod.rs @@ -104,7 +104,7 @@ pub(super) fn transform_internal( | acir::circuit::opcodes::BlackBoxFuncCall::XOR { output, .. } => { transformer.mark_solvable(*output); } - acir::circuit::opcodes::BlackBoxFuncCall::RANGE { .. } => (), + acir::circuit::opcodes::BlackBoxFuncCall::RANGE { .. } | acir::circuit::opcodes::BlackBoxFuncCall::RecursiveAggregation { .. } => (), acir::circuit::opcodes::BlackBoxFuncCall::SHA256 { outputs, .. } | acir::circuit::opcodes::BlackBoxFuncCall::Keccak256 { outputs, .. } | acir::circuit::opcodes::BlackBoxFuncCall::Keccak256VariableLength { @@ -112,10 +112,6 @@ pub(super) fn transform_internal( .. } | acir::circuit::opcodes::BlackBoxFuncCall::Keccakf1600 { outputs, .. } - | acir::circuit::opcodes::BlackBoxFuncCall::RecursiveAggregation { - output_aggregation_object: outputs, - .. - } | acir::circuit::opcodes::BlackBoxFuncCall::Blake2s { outputs, .. } | acir::circuit::opcodes::BlackBoxFuncCall::Blake3 { outputs, .. } => { for witness in outputs { diff --git a/acvm-repo/acvm/src/pwg/blackbox/mod.rs b/acvm-repo/acvm/src/pwg/blackbox/mod.rs index c36596235a2..f752924ac18 100644 --- a/acvm-repo/acvm/src/pwg/blackbox/mod.rs +++ b/acvm-repo/acvm/src/pwg/blackbox/mod.rs @@ -177,13 +177,7 @@ pub(crate) fn solve( BlackBoxFuncCall::FixedBaseScalarMul { low, high, outputs } => { fixed_base_scalar_mul(backend, initial_witness, *low, *high, *outputs) } - BlackBoxFuncCall::RecursiveAggregation { output_aggregation_object, .. } => { - // Solve the output of the recursive aggregation to zero to prevent missing assignment errors - // The correct value will be computed by the backend - for witness in output_aggregation_object { - insert_value(witness, FieldElement::zero(), initial_witness)?; - } - Ok(()) - } + // Recursive aggregation will be entirely handled by the backend and is not solved by the ACVM + BlackBoxFuncCall::RecursiveAggregation { .. } => Ok(()), } } diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs index bea0a5e3158..20055aac8ad 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs @@ -227,23 +227,11 @@ impl GeneratedAcir { BlackBoxFuncCall::Keccakf1600 { inputs: inputs[0].clone(), outputs } } BlackBoxFunc::RecursiveAggregation => { - let has_previous_aggregation = self.opcodes.iter().any(|op| { - matches!( - op, - AcirOpcode::BlackBoxFuncCall(BlackBoxFuncCall::RecursiveAggregation { .. }) - ) - }); - - let input_aggregation_object = - if !has_previous_aggregation { None } else { Some(inputs[4].clone()) }; - BlackBoxFuncCall::RecursiveAggregation { verification_key: inputs[0].clone(), proof: inputs[1].clone(), public_inputs: inputs[2].clone(), key_hash: inputs[3][0], - input_aggregation_object, - output_aggregation_object: outputs, } } }; diff --git a/noir_stdlib/src/lib.nr b/noir_stdlib/src/lib.nr index 9b166f6ae94..ab984cafc88 100644 --- a/noir_stdlib/src/lib.nr +++ b/noir_stdlib/src/lib.nr @@ -38,13 +38,8 @@ unconstrained pub fn println(input: T) { } #[foreign(recursive_aggregation)] -pub fn verify_proof( - _verification_key: [Field], - _proof: [Field], - _public_inputs: [Field], - _key_hash: Field, - _input_aggregation_object: [Field; N] -) -> [Field; N] {} +pub fn verify_proof(_verification_key: [Field], _proof: [Field], _public_inputs: [Field], _key_hash: Field) {} + // Asserts that the given value is known at compile-time. // Useful for debugging for-loop bounds. #[builtin(assert_constant)] diff --git a/test_programs/execution_success/double_verify_proof/Prover.toml b/test_programs/execution_success/double_verify_proof/Prover.toml index 162c9a5060c..dff48212e50 100644 --- a/test_programs/execution_success/double_verify_proof/Prover.toml +++ b/test_programs/execution_success/double_verify_proof/Prover.toml @@ -1,9 +1,3 @@ -# key_hash = "0x17a5d2b205c1bf45b015ba33bc2f0beb7fbb36682f31f953b8d4d093c8644be5" -# proof = ["0x0000000000000000000000000000008f66908323784e7c5259f4eefab77ca881","0x0000000000000000000000000000000000109cac7b943f9b737d7b023d4f5d8a","0x000000000000000000000000000000e991d3ac0a68a252bd3cd09cd1b43fe1b4","0x000000000000000000000000000000000014213d346a426777351fdabaa0fa26","0x000000000000000000000000000000e4603692a76af630015380b08d0e13c239","0x0000000000000000000000000000000000149e7046461203c1b72392bb93c262","0x000000000000000000000000000000c27ffc719f223ca6ef5476a5b66f03a4a8","0x000000000000000000000000000000000003718c62098243e3c1f38090e61753","0x000000000000000000000000000000749492aa98716ce5bf7c06e5c2a0a8a528","0x000000000000000000000000000000000018e4c7d33848bccdc3eed924bfaa15","0x0000000000000000000000000000004e10a37f41fd7c4fe32982daa498530d62","0x00000000000000000000000000000000001b76c8c59489c63f11280187109dd7","0x0000000000000000000000000000002a6cd84d3b8537a7c3cb0cb9461f02e4bb","0x0000000000000000000000000000000000197e524fd48ca5ccb30d6c5ffe689d","0x0000000000000000000000000000000013bf25498ce1f51078c06dac450c0325","0x000000000000000000000000000000000018d347b88a0c32e32571deb9b40466","0x00000000000000000000000000000060d496191298eb1b1c2ce18f9a4afcfc55","0x000000000000000000000000000000000024e11b8e8fcb45b8628cb9cc565513","0x00000000000000000000000000000004e976f6d12fff6250eea2d21c570d3d6a","0x00000000000000000000000000000000000967dbd89d2c7dc0121ea71ded7203","0x000000000000000000000000000000d96f810588c0daa43e88d765a3f82ea9b7","0x00000000000000000000000000000000001f69d7015fe6694bd1d4d61049dae9","0x000000000000000000000000000000c539910d0f81a890fa3d996a676db39640","0x000000000000000000000000000000000026d8b64020a669e24f740b4eba633a","0x000000000000000000000000000000c53cc90f99c40eb5d449f38180d9e9c8b6","0x00000000000000000000000000000000001071ddf2bacc2367dfb2c5084b7dd1","0x0000000000000000000000000000001b9791181eb174db1a50d903fa9fea9999","0x0000000000000000000000000000000000118c059d41a95311a5c361c6a9a00d","0x0000000000000000000000000000003caf4ad04551a3ffba19cc6a1fff457370","0x00000000000000000000000000000000001dc4d8be804c5289fbf54183f93149","0x00000000000000000000000000000050766764bb82799df5172043c515956263","0x00000000000000000000000000000000000a5849adbac9c33e53571b29aab672","0x0000000000000000000000000000002edb078e589d44ac93e283680b34adf574","0x000000000000000000000000000000000015e9e187c4fb683ca78d52a2a0301b","0x00000000000000000000000000000048ac0f1db3575ed0f84d61ab6cbdd53d9f","0x00000000000000000000000000000000002ddc4243fbc7104347d29a823194ae","0x00000000000000000000000000000070ad92aeea2bdea4277ffdfa3d3ed93443","0x000000000000000000000000000000000003bad3e3aae806c278094cb682a8e0","0x000000000000000000000000000000fb74b99eb44c80d8f7ba83d7e9e2efa5c0","0x00000000000000000000000000000000002819cc14e399c1dadc4f921e2a58fa","0x000000000000000000000000000000e3938bb3e7866c6499ec44fb72549efca0","0x00000000000000000000000000000000002d8264d5cdc2109da12e1864aca147","0x000000000000000000000000000000b12d7828cacbe86350f0b171b0cb0d1cd4","0x0000000000000000000000000000000000244155cecb315326f05641cac9475c","0x070b059f9471e22eed5a9ea08093dba3c59c941634611884c5f0f1a1a6b93e5c","0x118124ada70b46c7d23a6ca8b90d545f30e028b1689fe5c55c86bf55f42e0401","0x25dca6ad78c03ce1f7783cc39a5ea5ef90b318d5edf4f1367d4451c1db3c113e","0x0d9557b4e661b5c53b84fcb41f05d15c0ca112430db16f56d0ab54032fffe734","0x06aedf13a3b182784f4d64162f4706759f95e42fc8dc17d1b8b5f551dafdc007","0x132f97ab5f1f8817689b17e336125c5273d6970a1b3b0901fd26d193a4d2dce4","0x1b0c9980b5b09343e807d82bad307a06d1bfadcd1fa50be666c2907d31ef43e1","0x1ce7000cb24ecc1f2ff9d9507b2290513fed574a84d893811cb54a3c0bc51ccc","0x2e1df58d36444c2dfda98991847422f56ef66f079d26eb7f8110d0d7c46b2c0c","0x166c2f821be7c3e3e4440980e73770840194f14d003778b7fbcdd2690776255c","0x1ae8390287e2eb117851a5011575ba3801e5ee5c66a8f7432e2a2fb13c276008","0x047c09806bfb272d940d9b802e3e49b40050fd0f66717e8b325c5d4834b13aac","0x08f81300d7f64e5b281b37005c7c936800a1fa1ecce2fd1664b8ba9069627558","0x2ed7260e623b68d580304751341bb72141314b881e9e8dade626bf5cde8a077c","0x23e04c035fd9396ca06cdc0171f24da00287e87b338bf45992e2ea41a589d560","0x285c5583cbd4609a347a7781a030975402d8e58a99fd72e4c53f4789da3b100c","0x2cd85f0437cf87c7c8881301ce6ee1080329e29a006ef16ff79ba4d20eec4ab8","0x12eb74da267caf98c494db16c87f90f510fdca1f8095b40156a6f0bb066e3400","0x2267004535c434df4cbee1a356e48b1f317cb849ac69c3eb94e377d2274f1e08","0x2c9d4ce9d1d8b8cf1cb90cbc3e121f570c8260c53b48ed2070d474d5a6f12c4e","0x2c6c83ffaad6f30da5aa696973ccfbd0337cb7a5e5f9e5fc8e826dce21e8f51c","0x056c23922e9435f93853044ba96a1c12db97f47053987df5187269ce884ec00f","0x09e82d129a8f5d26cc609fcbd7a865c6dbe8f17fba09fc804acec716bcfffabb","0x0e643693068a8454606e3b4c05e6af7adc39ee8f207b7b0b7d2b245ef1b13567","0x12e040137285ab81f47bd6cc3424f92edc8aeb9e86ecf996af8781a726627013","0x00f01a11c2990ecba44568cb7b2bd25edb46f760ed26ff69e6160c86539d8563","0x28a91699dfa4e85e18e8621d39a147a40930701d2d88546e01adb71a1f8e407f","0x000000000000000000000000000000009d7cc0b2d2bdef816f4fb17e7a6f6c08","0x00000000000000000000000000000000bcfc1a7030171f681f2c6e97c61f4e70","0x00000000000000000000000000000000dc7b742d8d704f4ecf092bb111cf30d8","0x13b099dc4869006fde9df04bf36f4c8f08d4491cc6229ac36a98f93214c79b6a","0x008fa95e0d431d617d8d3288fde7f8bbe36492019943e2018564633528575892","0x0fc66c06bdff20dba4dc491d5cd13cc209c4d2d9e29802db665bb397c2a4e754","0x0fe48ae6623efbaadce6d6b75b87be6caa19c2fd4d94a74149ceb6bcb88251e1","0x1bb41738028855cb5e0085edcd62cff208121427ea19a57425a0cf6bb68deb93","0x0fbc646333ddc21ab1a77b01a35973a56d5a617c482a21a231497fd3cc9b74c1","0x19ab9eaa1a902faff2dd9baa19ff00cea9086baa8c28bcdb95f7a3549eaf09b4","0x25e2b7a7643df4d964cd787b593888b00abfe3ce79e8deaa6d68fd1686b84bcb","0x2d134d7eea07414451e54854d61d5b71245434d0638bba9a1184914f65f2521c","0x03df94e38e9eed8586acd277d180d5d515b49d89d37525f871be2ff4552c586c","0x0b102abb146839f073c4a2514e65a8962f48ee8bbd1801e815d9c42d34665ebd","0x000000000000000000000000000000b7a4109cb92b514401fb63667454a9c892","0x0000000000000000000000000000000000016fce7f8ef56fef466636f3fbc3de","0x00000000000000000000000000000005f2d1c401a7aa14ac7e9fce7c21ec2e1a","0x00000000000000000000000000000000000621322c74c5d0da5eb71a4f2b046f","0x00000000000000000000000000000073d774ad7f61b1c1b93800f7838cca6bde","0x00000000000000000000000000000000002d603cc025e6af192394df113d4677","0x00000000000000000000000000000066a2a702b4d4b1a24af9c56cacb18ae4b8","0x00000000000000000000000000000000000124a3c25b427cfb6fca07525c5b8d"] -# public_inputs = ["0x0000000000000000000000000000000000000000000000000000000000000003"] -# verification_key = ["0x2b337de1c8c14f22ec9b9e2f96afef3652627366f8170a0a948dad4ac1bd5e80","0x0000000000000000000000000000000000000000000000000000000000000008","0x0000000000000000000000000000000000000000000000000000000000000005","0x0000000000000000000000000000000000000000000000000000000000000008","0x0000000000000000000000000000000000000000000000000000000000000001","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x0000000000000000000000000000000000000000000000000000000000000000","0x00000000000000000000000000000092139c61bae1a44f0fc7689507414be688","0x00000000000000000000000000000000000160ce4e279582f91bde4f03f5e9a2","0x0000000000000000000000000000005dc2d37f658c3b2d60f24740eb13b65d79","0x000000000000000000000000000000000007e3e8a5d98a1177ec85bf88f163a5","0x000000000000000000000000000000dc3035fbd7ff16412a8fd7da587a935298","0x000000000000000000000000000000000023d08e2817ac16990004ed11d8fc66","0x000000000000000000000000000000356a5ad59c646c746a8d09f5d154e47c4f","0x00000000000000000000000000000000000708529196af3c8e16ffa580c26182","0x0000000000000000000000000000002ddfe70eb7a1280596e8e4a804f118a6dd","0x000000000000000000000000000000000013757e15a0905f298303784a161b21","0x000000000000000000000000000000a23a729df796935c7824e3a26be794829b","0x000000000000000000000000000000000005775b6c146c4a59856e869fe5a70e","0x000000000000000000000000000000eef0c9e088fd2d45aa40311082d1f2809b","0x00000000000000000000000000000000001d539ccbfc556d0ad59307a218de65","0x000000000000000000000000000000a2c848beceb6ab7806fd3b88037b8410fc","0x0000000000000000000000000000000000177004deeb1f9d401fd7b1af1a5ac8","0x0000000000000000000000000000002508eb63672a733f20de1a97644be4f540","0x00000000000000000000000000000000000d82d51f2f75d806285fd248c819b8","0x000000000000000000000000000000d002f9100cbba8a29f13b11513c53c59d0","0x000000000000000000000000000000000006cd3b0e3460533b9e5ea2cdc0fcbb","0x000000000000000000000000000000f45ea38a93b2f810c5633ddb54927c1c96","0x000000000000000000000000000000000021791de65f9a28ec7024b1a87ab4f3","0x000000000000000000000000000000926511a0439502c86885a8c6f0327aa7ad","0x000000000000000000000000000000000029fa14a969c5d81ed3abbbfb11220a","0x000000000000000000000000000000b84c3258e8206f560e5b5b18cbeafef87e","0x00000000000000000000000000000000002a910445cd8fc895e5d235cd8ea185","0x000000000000000000000000000000887e67f15e84bcb8507a5064a363f6043b","0x000000000000000000000000000000000014dc6643d801c3ef27c2066b6e2bb4","0x000000000000000000000000000000e38e900b42c314ba803088e8fbf125203f","0x000000000000000000000000000000000020690fd4869db418306046b38161dc","0x0000000000000000000000000000001e2fa856bf7951b8292b1e88185993629c","0x0000000000000000000000000000000000048a85e0bbac7c60ad3d78f601f63c","0x0000000000000000000000000000006f457719495073d3666d77a625aeab0c51","0x00000000000000000000000000000000002623ad892dc62b1fa7d0a650f0d470","0x000000000000000000000000000000dbfcc8a467e021c03b13f74a9f79c3a10c","0x0000000000000000000000000000000000295f6f10976c37bd9c6f96bb7187d5","0x000000000000000000000000000000c13ef9a937cc12420fb38d9ab8e848e85e","0x000000000000000000000000000000000003560a3b334e887532f605c9cb7628","0x0000000000000000000000000000009bcebf08a4599cdda0fb96312d4dc0c7a9","0x000000000000000000000000000000000015adc8bb1e01c835f48959d1237bd6","0x00000000000000000000000000000047762ab839e4ff63c77605a9f383da37c2","0x000000000000000000000000000000000016a8c3c53d89660cf271522cd301fb","0x000000000000000000000000000000f0c8539a0b5f94420a513f9c305b932bfe","0x00000000000000000000000000000000002957ba01d9de5638f808f88a692533","0x000000000000000000000000000000ab17c6189d67d3bf5dd2f3885de0151b6f","0x0000000000000000000000000000000000060d8aa43fdc434d1942263f364d95","0x0000000000000000000000000000005d292333b3adb497f00b4bc32d45229060","0x00000000000000000000000000000000001a1018a66221883639f2898a66f345","0x00000000000000000000000000000006555a806b1993291deba0dc44e2abf431","0x00000000000000000000000000000000000cacff7099a9d5e35a21f4a00b2dc3","0x000000000000000000000000000000f50c11ba95d349c36d143eefd12e494950","0x00000000000000000000000000000000001022e8c5f02d639bc9dd8bc4407f99","0x000000000000000000000000000000c76828795098eda73d50b4b585c60afc60","0x00000000000000000000000000000000002bf09c0ec7011e93888962f2406630","0x00000000000000000000000000000049e5c83a8978d832fb8e144548e3ca1adb","0x00000000000000000000000000000000000e0ec242c2e160a984f61ca5adf5f5","0x0000000000000000000000000000009c5d6e08a6605ab4513748ac0fa017dd1c","0x00000000000000000000000000000000001f54baa07558e5fb055bd9ba49c067","0x0000000000000000000000000000001e1ee7ee29bbb5e4b080c6091c1433ce62","0x000000000000000000000000000000000024aec62a9d9763499267dc98c33428","0x0000000000000000000000000000001a96755946ff16f0d6632365f0eb0ab4d4","0x000000000000000000000000000000000028cf3e22bcd53782ebc3e0490e27e5","0x00000000000000000000000000000043148d7d8c9ba43f2133fab4201435a364","0x0000000000000000000000000000000000234ce541f1f5117dd404cfaf01a229","0x000000000000000000000000000000a7fb95ffb461d9514a1070e2d2403982ef","0x00000000000000000000000000000000003016955028b6390f446c3fd0c5b424","0x00000000000000000000000000000008863c3b7cd7cddc20ba79ce915051c56e","0x000000000000000000000000000000000013ef666111b0be56a235983d397d2a","0x000000000000000000000000000000e3993f465fc9f56e93ac769e597b752c1c","0x0000000000000000000000000000000000217f7c4235161e9a3c16c45b6ca499","0x0000000000000000000000000000008ffa4cd96bc67b0b7df5678271e1114075","0x0000000000000000000000000000000000256467bfcb63d9fdcb5dde397757ad","0x00000000000000000000000000000054e5eb270bb64bde6e6ececadfd8c3236c","0x00000000000000000000000000000000000e52d1bd75812c33c6f3d79ee4b94c","0x000000000000000000000000000000484a2c641dce55bc2dd64ef0cd790a7fea","0x00000000000000000000000000000000000ff417d256be43e73c8b1aa85bdda3","0x0000000000000000000000000000000b72e7b7713ab5da44e0f864182e748a23","0x00000000000000000000000000000000001a221055f1625ad833a44705f5f74e","0x00000000000000000000000000000067a99a34e9b81a17ad001db02e29bcb82a","0x000000000000000000000000000000000018a6c02e398389827568fa960e86e2","0x000000000000000000000000000000bb29f26f9890d6cc6401f4921d5884edca","0x00000000000000000000000000000000000868357b28039385c5a5058b6d358e","0x00000000000000000000000000000036fb6e229dde8edf7ec858b12d7e8be485","0x00000000000000000000000000000000001060afe929554ca473103f5e68193c","0x00000000000000000000000000000015226e07e207744c0857074dcab883af4a","0x00000000000000000000000000000000000b1c02619282755533457230b19b4a","0x0000000000000000000000000000001f2a0277e4807e6e1cbabca21dde5eb5e1","0x00000000000000000000000000000000000d928deafed363659688ed4ccdef52","0x000000000000000000000000000000363f0c994e91cecad25835338edee2294f","0x00000000000000000000000000000000002eea648c8732596b1314fe2a4d2f05","0x000000000000000000000000000000b2671d2ae51d31c1210433c3972bb64578","0x00000000000000000000000000000000000ab49886c2b94bd0bd3f6ed1dbbe2c"] -# proof_b = ["0x0000000000000000000000000000002ab91b132e624f2a408aa8c9bf31cca8d7","0x000000000000000000000000000000000015ad57528e0f065c820cc5ad4eab81","0x0000000000000000000000000000001acb78b1b6a5c9a6ec8bf2272b463014da","0x0000000000000000000000000000000000117fd65346e04bf3666d2ab3f24c90","0x000000000000000000000000000000aad0adaf9a768ba6a178f804edac5c8943","0x000000000000000000000000000000000004a11c7d31f25c20e3af16f9b01f71","0x0000000000000000000000000000001f0ae9bb921893ce2710148eb1fcd99e39","0x0000000000000000000000000000000000123fda5008d3709f5afeda01de1930","0x000000000000000000000000000000971c2a8d0119097fd82b7a8074a14853f8","0x000000000000000000000000000000000009965b998750710678da7891d8aba6","0x0000000000000000000000000000002d6ef3813ba14a5f5202afed6b1c41de1c","0x000000000000000000000000000000000020366bfdb2f9279c43d66f90dfdf4d","0x00000000000000000000000000000041389f221eadec33e1b87518668c3bc92e","0x00000000000000000000000000000000000d3858169bb0432ab761d4be8ef03e","0x000000000000000000000000000000c1dbfe670dc912cb0fa1a0f633f81a4cef","0x00000000000000000000000000000000000fc0c403e668b0f51e07089082c32f","0x0000000000000000000000000000009a4fba9bf1369f637fd295c8bf795c9d02","0x00000000000000000000000000000000001d6d1e7286ce52401e6ea79d2cfa3d","0x0000000000000000000000000000004762bf7702ffe7a2c147e704280cd50bba","0x0000000000000000000000000000000000205797cdeaeff9a8d5ea4b95d41b1a","0x000000000000000000000000000000b3d43cc863ba8d98f51118c0db70761079","0x00000000000000000000000000000000002d2a3d10381bc6b47a693c1692b1b6","0x000000000000000000000000000000d35a69fb0e68729f71e651799c0d19e9eb","0x00000000000000000000000000000000002ade1dc7741b7f397271c10e596557","0x0000000000000000000000000000001a67b44714687085004e4142f700043298","0x00000000000000000000000000000000001bb7bbb7f45876b1d72e5d20cee106","0x00000000000000000000000000000025f1f1cbf43fad70cba255b37a19e88b0c","0x00000000000000000000000000000000000cc46b215fbd8e4b233cc74aab250b","0x0000000000000000000000000000008168026f51135fc1670664bc50e629917f","0x000000000000000000000000000000000004d822d80ba0c1bcbd4b000573c6f9","0x000000000000000000000000000000d85756249b937277eba3f5dcb89c56e7bb","0x000000000000000000000000000000000019a3a7a5b20dac138d7ddb1d499134","0x0000000000000000000000000000007621614c7ebc31a2177011f9da01668eb3","0x000000000000000000000000000000000024e9beb5d616ab120073170fc431e8","0x00000000000000000000000000000031fbf901896e958fbbed3e5c57aebbdd04","0x0000000000000000000000000000000000005ac0f10fcc255e179a40518875d4","0x0000000000000000000000000000002dab820c019bcca563b7dbdd26974653e9","0x00000000000000000000000000000000001a5655ec1a67f722b14c65d5c2197f","0x0000000000000000000000000000008e277e490196db5c19d09a9034e10c6432","0x000000000000000000000000000000000003f13b1af07db07eec88698d0aaf2a","0x0000000000000000000000000000002d618452e2b4c790d0551ea5863ed62e76","0x00000000000000000000000000000000001a7171e790a433a972d80218fb482d","0x0000000000000000000000000000005669975cd5bf65a739c0a35a8ab9b7963b","0x00000000000000000000000000000000000d27ffb6f00c86a0ce76a8067d1bce","0x03a0054fe9f93ab96e7c7ed6ec1ac641dffd99a1c804ee5db52cf1efa1a12c15","0x059324381c89c12c87d0f6c27963c31647721fdb02c125961da1a21cbfb3ed1c","0x04a5ead891b7c3f30329e6abcf2ac6903c3c1d8e68874f6baf3a6fc00e84533a","0x03c02f6b862734acf9d0c5133f8141b3a008c5499336a588b376a5dd86d9c837","0x1dd26b35c21c584c410df89d1fd549e7f5da9bb4fd290b7c528d92fbd652f5ad","0x2c8e7ef6f7a130769ae74d0f47aeab5c443492ef4b1ed0b3a9d61dfca80cbdda","0x2b074486c21c62e6eccf3191b3ab3c8df0fb98f0c44b9f0e9e2c281b908b83a6","0x149a6d620be135bba6bbfe8ac826df37567c8be78007e47cdcf5d6e4683d339e","0x119fdfd330036bde31af71e43bd5e191460605e4760d08a6e0ebddbdb5abfeeb","0x1713efc63c00b2de4f68e696d9d30c5603963484f4829e716de2796640864b09","0x1bb1862114cda3712c177b1b6bca0ecd9de7723925698aee83dc91ade7078d3e","0x049d965ad8ccf092dcae948491f702779a513db430e6ec7d15fa1847a6814235","0x093b2cb5b199e125b95d290923ee04ef34a27b6861cdd8fa2bf4308f4d02846a","0x2710c6cd6f14f8071976509d1002e915bfc182b843a3967134de380302423c72","0x24ecb2d6c6678496e574a4248fb813bcd289eda1873763e8afd0c23d340a11a8","0x298a49319f347529c22338a921af16346cdb2b55b81e5065c5cada84da8b53dd","0x2e27df8c780165bc9ed1cd2db3a618ac072c6909e9053ce2dbc4f2cc810c9612","0x07350f3a2e23c1ccbde0d39370159060de5b8df40ae7c58d3f9852b371f1adac","0x2fdf8bf8e2fa2acad0f6d6a3f73e7dc516e8e2d167128bf3a560972339122835","0x0d3ec457703c228d4b6cd1635df9d9bde51997d0228edef64d667cbd16f3cb70","0x148320b9ceab1f3be840dc38b0344e7db0755283d1eacf2dd472e99ee0fb473f","0x06febdcf4869a6b89fdeb0805612c53e139afc29d119a54bc3d72dc7de0f1a7b","0x0b9c542a2136974b7c8d4504e809c7b5adec39de020091c8d9d1460f84905cb0","0x1039ea84fa0387de593bd9897a00ca2d483d779232e77e45efcb5e572b119ee5","0x14d780dfd2d0787135ea6e0e0bf7cca4e28eb54663ce6ac305c5769ed192e11a","0x026127746f9cb625c3301bfbc41bc2c67949be75a032b8ceaddd1580378dd846","0x123cf1180af5fdf09444de423947c9a71790f2c85468b51ecc25fb7bf075a0d5","0x000000000000000000000000000000008419a4f769ceb72c3ac28f559331a5df","0x000000000000000000000000000000009e852c5c1891a89b79b64599e3d52d72","0x00000000000000000000000000000000b8f0b3c0c7549a0ab8a9fbde3478b505","0x056af493dda97ae84cdbbf9ce379e35bdd66e1223eebacdc4a6c2c92553604f4","0x023624c49a722bc8dc5d945b4b10be8ed6c608020e65038a470b5a407375c8aa","0x0ed9f8dd445bda548ef08b7a2ff233867c41b72786f98054597833a68cc9b900","0x2cbf3d04669aa3a0dcda95e19da879f36029abe28317f1ee69be28ddef2a0b87","0x284ca7049611e293aa4535dd7841a540996609d541814373b387b00069636f14","0x246a69ce4030b1e8a675eec89960bfe188bd4073f07afe74f7a77c0698c80bc5","0x1bbdab5d007c4743fbcbf3cc89252baf0b0e1b645b977434ccd4e7560d124761","0x210427e70ee1b484bbb0b4e98263faf24a45325236eed618d51dcb1cb3a9f60d","0x1fbc24b0bd5b0b8c514e138317cc332962714dd306b34939768d723d6ea2ca8e","0x1e74217a6bd46293e6eb721cad346b607a9d6953d677bc5a17fd195e299b9f0f","0x1d2c1e441a4db99b7c88d0b6429ca39792c984d4a63c2f7ab96cc07ee4947390","0x00000000000000000000000000000005b1e3524625c466540f3f7468172403cb","0x000000000000000000000000000000000013bb985f9d5562699347b5dfbc441e","0x000000000000000000000000000000f4fb87d7f481bb198aa6237a0c9ffd3c22","0x0000000000000000000000000000000000254c5f1b76e278f4c71cf5e71533dd","0x0000000000000000000000000000005a72a28b51be9c538b4d28b5106b9239b8","0x00000000000000000000000000000000000d02d80e1a73c82cb0dd8af1aabb3f","0x000000000000000000000000000000434c46502fc1c425a72a4717a3e44c3415","0x00000000000000000000000000000000001c8d74d967b9b65ff2772592a15d0e"] - key_hash = "0x096129b1c6e108252fc5c829c4cc9b7e8f0d1fd9f29c2532b563d6396645e08f" proof = ["0x000000000000000000000000000000d62b795bec274279129a71195796825fcc","0x00000000000000000000000000000000000793ab763140f20a68a6bd2721fd74","0x00000000000000000000000000000053141d06d3307b36153f321511199e579c","0x00000000000000000000000000000000000a4b55d6c21f98a9c434911dcb5c67","0x0000000000000000000000000000005f9d324c0abd22cec92d99dbec438e9491","0x0000000000000000000000000000000000240dfafe1b53dc27147cbab14ea893","0x000000000000000000000000000000044a61d3aac32c6931247cf334a19d9611","0x000000000000000000000000000000000003f0f8cf4207bfa85c23ec9f8d0c88","0x00000000000000000000000000000002168a470e39ba2ac266f6b474de12045f","0x000000000000000000000000000000000025791e7d3feab542345c00ec5a30df","0x000000000000000000000000000000dcafd76d4c3640969c80e017b951ef6397","0x00000000000000000000000000000000001d27f75a1256771e88e0c86fc42dbc","0x0000000000000000000000000000007347ae7d2d9d7fc2b8f0baa014ee1fed9f","0x000000000000000000000000000000000018bd927f42bf7caf9555f56f09000d","0x000000000000000000000000000000041f765f83cbe5904c8f453f70a4531d10","0x00000000000000000000000000000000001858aabeeb5331a221419f4fed1c19","0x000000000000000000000000000000d254a54caaedf8287b9af951b2f2611121","0x000000000000000000000000000000000005ab493623c9563cf2e55ba5f18200","0x00000000000000000000000000000014f24cddc1a02440dc63637df8032c8074","0x000000000000000000000000000000000011950c16cef98471b1d78b935195a4","0x000000000000000000000000000000b0340b459e6bd5cc8f031c8654a502897f","0x00000000000000000000000000000000000e1cf3968dac4545a76a2ae58e512c","0x0000000000000000000000000000002adf7218aa06ca0d2c2e600dcc39193a2d","0x00000000000000000000000000000000001302e7e4b0f14749bd885ca25588b6","0x00000000000000000000000000000092009ce4056e79ab815d8cdfd4491138ae","0x000000000000000000000000000000000018af11e853c6cf2f0f6274b0da8133","0x000000000000000000000000000000dd3dc6f49232141718527b3a0e4b26e21d","0x00000000000000000000000000000000001a877853348a8b695c4f9a9aa4ce68","0x000000000000000000000000000000aecfc56ba07155450b368140d6324023b5","0x000000000000000000000000000000000029c11052798c57ece614617d33fcc2","0x000000000000000000000000000000eb106ffc816d16fb84e84b0b61157b2603","0x000000000000000000000000000000000026c3cac16206899a21cb5126841446","0x000000000000000000000000000000a782ed54805fe845068b362b58e2fa34ec","0x00000000000000000000000000000000000cf046a1bfcc666b7f28b572676073","0x000000000000000000000000000000b931c8dda60bb4aca4cc817f5540f1209f","0x000000000000000000000000000000000024ad50c3936fafc3d190e6a4874223","0x000000000000000000000000000000cce90cfbaf5671c8c8652db28a3a9566f7","0x000000000000000000000000000000000003574db9d0f84380c9635660f86354","0x0000000000000000000000000000003eb3e1dc31846a90f721e7a08c6d6dc4f7","0x000000000000000000000000000000000028999a700cd1abae1a288eebb9a91c","0x000000000000000000000000000000c1be4d385b11387e14eb9817050d772f78","0x000000000000000000000000000000000003c56b5bad8b4484c66ac921f1f102","0x000000000000000000000000000000ace245cabf0f00dc7fd253dd8af0377a14","0x0000000000000000000000000000000000107f1731fcf34b364c813599fa1df7","0x035b937d404932b542b706eb810ef4a7dca4566d4dde1ad6a8717f46167ead7e","0x17608cef3dc7960f41cb1295706df663727d45ee598a61e05e989d111449fb65","0x054712a950ad67da3aa860e49e6891f99b586b7f37caff94eb013fdb374b61ee","0x04b755083086c769b7f593e0e48d68dc54be808203351380ca5566a48149d8bb","0x17d7670b0915235f626fdc1d7e1134d2be906ef138d7843384b3ebc23b1d630f","0x064cf544ab5f4e3dab47960502cccc83321fb275068dfbdd3a2fcbc6dddcaa65","0x083338262712e2b66769ea40d9f412b18caa1bc81a51ff5a50b6c41f8c4b3d23","0x0cdd38958cab97defde00f4a5961b6fd676e29d9f2c352f6bb2c68b91f83f8af","0x02c8bdd005c2f43a0a8cbb2744916ce5c322dfa5b23367a829c12699f4036d32","0x25bac73c7e7b659fbea3135b7a0decf9db8dc3045bd2837dae337c64cc722546","0x19eb361aa419d37bce3d2e8b2b7692a02a9559e83d7f3d8fe9169970fbbc2cba","0x2494bd5106d00e05c7ea60e632e9fe03773b7f2c5b662aa37ec512a01f4a0775","0x18c52c2f2c6e7be1d7847c15e452a3a9c64316103d12e4b5b9a82fac4e940ee9","0x0e0342810456ef78f498c1bfa085a5f3cbc06db1f32fabd0ea9ad27dccac1680","0x024c13d6ef56af33ed7164ea8e47ddecc8a487b000d8b1b45edcd3895a503ba2","0x26e0d127f626bd39b55bc5d0c131dbf03fe006dc5c3edc57dda1e629799a4317","0x1b1140061bc52b15c4f5e100729a81968ee79dc03deb966a18850335a8e44a8b","0x1bb76f945199e71d531a89288912087a02dd0e83020e65d671485bf2e5e86e1a","0x29269900859c6d86e404185b415bf3b279cd100f38cfdb0077e8d6a299c4fd35","0x22b5e94bae2f6f0cdb424a3b12c4bf82cec3fb228e012c1974ed457827bbe012","0x18d3543a93249778e7a57936170dae85ffc47c2567f2d0076a32c0bb86fcf10a","0x03721dc2670206cde42a175fd56bcce32cf6cb8801450a8e8e4b3d4e07785973","0x2806db136dd214d3ac1478460855cae6a4324ab45cab35320d104fee26c260e8","0x1c3749f1937082afbbae9375b9be708cf339e1983e57ef4447f36cfa560c685c","0x1067b8cfb90ef08bcb48aea56b2716334241787c2004a95682d68a0685566fd0","0x0f41aee4416398f1d48ffc302403273cddef34a41f98507c53682041d82e51ff","0x10d854c9f0bfbdff7ca91a68f4978e9a79e7b14243d92f465f17bdf88d9f64f8","0x00000000000000000000000000000000018938b11099e0cdc05ddab84a153a97","0x0000000000000000000000000000000001d7dda1471f0dc3b3a3d3438c197982","0x00000000000000000000000000000000022682917da43ab9a6e9cbcece1db86d","0x2453913e6b0f36eab883ac4b0e0604d56aaeb9c55e641135173e63c342f1a660","0x05216c1b58dc43a49d01aaba3113b0e86be450fc17d28016e648e7162a1b67fb","0x152b34845a0222a2b41354c0d395a250d8363dc18748647d85acd89d6934ec56","0x1dfc6e971ce82b7dcda1f7f282713c6e22a8c79258a61209bda69719806da544","0x2968dd8b3af8e3953f1fbbd72f4c49b8270597bb27d4037adc157ac6083bee60","0x1b9425b88a4c7d39b3d75afe66917a9aa1d2055724392bc01fb918d84ff1410e","0x04ab571f236d8e750904dc307dd274003d9130f1a7110e4c1521cfb408877c73","0x2ad84f26fdc5831545272d02b806bb0e6dae44e71f73552c4eb9ff06030748c7","0x020e632b99d325db774b8630fb50b9a4e74d35b7f27d9fc02c65087ee747e42c","0x09a8c5a3171268cb61c02515c01c109889200ed13f415ae54df2078bbb887f92","0x1143281a9451abbb4c34c3fa84e7678c2af2e7ea8c05160a6f7f06988fc91af8","0x000000000000000000000000000000cbda736ca5cf6bc75413c2cc9e28ab0a68","0x00000000000000000000000000000000001ee78c9cc56aa5991062ae2e338587","0x000000000000000000000000000000bc9bfcdebb486f4cb314e681d2cc5f8df6","0x00000000000000000000000000000000000ad538431d04771bca7f633cb659ff","0x000000000000000000000000000000d45b317afcefa466a59bba9e171f1af70c","0x0000000000000000000000000000000000133c50180ea17932e4881124e7a7c6","0x000000000000000000000000000000fc9ed37f543775849f3e84eaa06f77f992","0x00000000000000000000000000000000001372873c9c051d1baff99248b8f70e"] public_inputs = ["0x0000000000000000000000000000000000000000000000000000000000000003"] diff --git a/test_programs/execution_success/double_verify_proof/src/main.nr b/test_programs/execution_success/double_verify_proof/src/main.nr index fc30f1c1088..ce087dc4e61 100644 --- a/test_programs/execution_success/double_verify_proof/src/main.nr +++ b/test_programs/execution_success/double_verify_proof/src/main.nr @@ -12,24 +12,17 @@ fn main( key_hash: Field, proof_b: [Field; 93] ) { - // Create dummy aggregation object - // It is no longer needed but we don't want to make a breaking change to the serialization format - // just yet. The object can be anything as the backend is no longer checking it anyways. - let unused_input_aggregation_object = [verification_key[0]]; - - let _ = std::verify_proof( + std::verify_proof( verification_key.as_slice(), proof.as_slice(), public_inputs.as_slice(), - key_hash, - unused_input_aggregation_object + key_hash ); - let _ = std::verify_proof( + std::verify_proof( verification_key.as_slice(), proof_b.as_slice(), public_inputs.as_slice(), - key_hash, - unused_input_aggregation_object + key_hash ); } From 3521d28443d4dc2d6f9bf6e3870ee35e81c0b434 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 11:25:37 +0000 Subject: [PATCH 14/67] feat: update BB version --- tooling/bb_abstraction_leaks/build.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tooling/bb_abstraction_leaks/build.rs b/tooling/bb_abstraction_leaks/build.rs index 166e61a5a97..965a57747f9 100644 --- a/tooling/bb_abstraction_leaks/build.rs +++ b/tooling/bb_abstraction_leaks/build.rs @@ -10,7 +10,7 @@ use const_format::formatcp; const USERNAME: &str = "AztecProtocol"; const REPO: &str = "aztec-packages"; -const VERSION: &str = "0.16.0"; +const VERSION: &str = "0.17.0"; const TAG: &str = formatcp!("aztec-packages-v{}", VERSION); const API_URL: &str = From a3366d6453b046d11b75c393c1d881e25d40c79a Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 11:46:05 +0000 Subject: [PATCH 15/67] test: fix serialization and bb tests --- acvm-repo/acir/src/circuit/black_box_functions.rs | 2 +- acvm-repo/acir/tests/test_program_serialization.rs | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/acvm-repo/acir/src/circuit/black_box_functions.rs b/acvm-repo/acir/src/circuit/black_box_functions.rs index 6e45a9a2c21..445da50ac81 100644 --- a/acvm-repo/acir/src/circuit/black_box_functions.rs +++ b/acvm-repo/acir/src/circuit/black_box_functions.rs @@ -68,7 +68,7 @@ impl BlackBoxFunc { BlackBoxFunc::XOR => "xor", BlackBoxFunc::RANGE => "range", BlackBoxFunc::Keccak256 => "keccak256", - BlackBoxFunc::Keccakf1600 => "keccak_f1600", + BlackBoxFunc::Keccakf1600 => "keccakf1600", BlackBoxFunc::RecursiveAggregation => "recursive_aggregation", BlackBoxFunc::EcdsaSecp256r1 => "ecdsa_secp256r1", } diff --git a/acvm-repo/acir/tests/test_program_serialization.rs b/acvm-repo/acir/tests/test_program_serialization.rs index 1f25b665573..7d3b7b32d35 100644 --- a/acvm-repo/acir/tests/test_program_serialization.rs +++ b/acvm-repo/acir/tests/test_program_serialization.rs @@ -102,9 +102,9 @@ fn pedersen_circuit() { let bytes = Circuit::serialize_circuit(&circuit); let expected_serialization: Vec = vec![ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 93, 138, 9, 10, 0, 64, 8, 2, 103, 15, 250, 255, 139, - 163, 162, 130, 72, 16, 149, 241, 3, 135, 84, 164, 172, 173, 213, 175, 251, 45, 198, 96, - 243, 211, 50, 152, 67, 220, 211, 92, 0, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 93, 138, 9, 10, 0, 64, 8, 2, 103, 15, 232, 255, 31, 142, + 138, 10, 34, 65, 84, 198, 15, 28, 82, 145, 178, 182, 86, 191, 238, 183, 24, 131, 205, 79, + 203, 0, 166, 242, 158, 93, 92, 0, 0, 0, ]; assert_eq!(bytes, expected_serialization) @@ -145,7 +145,7 @@ fn schnorr_verify_circuit() { let expected_serialization: Vec = vec![ 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 77, 210, 87, 78, 2, 1, 20, 134, 209, 177, 247, 222, 123, 71, 68, 68, 68, 68, 68, 68, 68, 68, 68, 221, 133, 251, 95, 130, 145, 27, 206, 36, 78, 50, - 57, 16, 94, 200, 253, 191, 159, 36, 73, 134, 146, 193, 19, 142, 241, 183, 255, 14, 179, + 57, 16, 94, 200, 253, 191, 159, 36, 73, 134, 146, 193, 19, 142, 243, 183, 255, 14, 179, 233, 247, 145, 254, 59, 217, 127, 71, 57, 198, 113, 78, 48, 125, 167, 56, 205, 25, 206, 114, 142, 243, 92, 224, 34, 151, 184, 204, 21, 174, 114, 141, 235, 220, 224, 38, 183, 184, 205, 29, 238, 114, 143, 251, 60, 224, 33, 143, 120, 204, 19, 158, 242, 140, 25, 158, 51, @@ -158,7 +158,7 @@ fn schnorr_verify_circuit() { 91, 159, 218, 56, 99, 219, 172, 77, 115, 182, 204, 219, 176, 96, 187, 162, 205, 74, 182, 42, 219, 168, 98, 155, 170, 77, 106, 182, 168, 219, 160, 225, 246, 77, 55, 111, 185, 113, 219, 109, 59, 110, 218, 117, 203, 158, 27, 166, 55, 75, 239, 150, 184, 101, 250, 252, 1, - 19, 89, 159, 101, 220, 3, 0, 0, + 55, 204, 92, 74, 220, 3, 0, 0, ]; assert_eq!(bytes, expected_serialization) From c6bc06213f559ef27e951b1c9976e579df92d63f Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 12:14:20 +0000 Subject: [PATCH 16/67] fix: remove extraneous usage of hash to field --- acvm-repo/brillig_vm/src/black_box.rs | 1 - 1 file changed, 1 deletion(-) diff --git a/acvm-repo/brillig_vm/src/black_box.rs b/acvm-repo/brillig_vm/src/black_box.rs index 9deda0d08b6..94feb23e1a6 100644 --- a/acvm-repo/brillig_vm/src/black_box.rs +++ b/acvm-repo/brillig_vm/src/black_box.rs @@ -172,7 +172,6 @@ fn black_box_function_from_op(op: &BlackBoxOp) -> BlackBoxFunc { BlackBoxOp::Sha256 { .. } => BlackBoxFunc::SHA256, BlackBoxOp::Blake2s { .. } => BlackBoxFunc::Blake2s, BlackBoxOp::Keccak256 { .. } => BlackBoxFunc::Keccak256, - BlackBoxOp::HashToField128Security { .. } => BlackBoxFunc::HashToField128Security, BlackBoxOp::EcdsaSecp256k1 { .. } => BlackBoxFunc::EcdsaSecp256k1, BlackBoxOp::EcdsaSecp256r1 { .. } => BlackBoxFunc::EcdsaSecp256r1, BlackBoxOp::SchnorrVerify { .. } => BlackBoxFunc::SchnorrVerify, From e9405f05b5e47fc342596ddc74478138cb7b7291 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 12:33:13 +0000 Subject: [PATCH 17/67] style: fmt --- .../src/circuit/opcodes/black_box_function_call.rs | 7 ++++--- acvm-repo/acvm/src/compiler/transformers/mod.rs | 3 ++- .../src/ssa/acir_gen/acir_ir/generated_acir.rs | 14 ++++++-------- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs index 2ef9790221c..6e4d7fdd660 100644 --- a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs +++ b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs @@ -229,8 +229,7 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::Blake2s { outputs, .. } | BlackBoxFuncCall::Blake3 { outputs, .. } | BlackBoxFuncCall::Keccak256 { outputs, .. } - | BlackBoxFuncCall::Keccakf1600 { outputs, .. } - => outputs.to_vec(), + | BlackBoxFuncCall::Keccakf1600 { outputs, .. } => outputs.to_vec(), BlackBoxFuncCall::AND { output, .. } | BlackBoxFuncCall::XOR { output, .. } | BlackBoxFuncCall::SchnorrVerify { output, .. } @@ -239,7 +238,9 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::EcdsaSecp256r1 { output, .. } => vec![*output], BlackBoxFuncCall::FixedBaseScalarMul { outputs, .. } | BlackBoxFuncCall::PedersenCommitment { outputs, .. } => vec![outputs.0, outputs.1], - BlackBoxFuncCall::RANGE { .. } | BlackBoxFuncCall::RecursiveAggregation { .. } => vec![], + BlackBoxFuncCall::RANGE { .. } | BlackBoxFuncCall::RecursiveAggregation { .. } => { + vec![] + } BlackBoxFuncCall::Keccak256VariableLength { outputs, .. } => outputs.to_vec(), } } diff --git a/acvm-repo/acvm/src/compiler/transformers/mod.rs b/acvm-repo/acvm/src/compiler/transformers/mod.rs index 14cb1ae9fa7..d26b3f8bbf3 100644 --- a/acvm-repo/acvm/src/compiler/transformers/mod.rs +++ b/acvm-repo/acvm/src/compiler/transformers/mod.rs @@ -104,7 +104,8 @@ pub(super) fn transform_internal( | acir::circuit::opcodes::BlackBoxFuncCall::XOR { output, .. } => { transformer.mark_solvable(*output); } - acir::circuit::opcodes::BlackBoxFuncCall::RANGE { .. } | acir::circuit::opcodes::BlackBoxFuncCall::RecursiveAggregation { .. } => (), + acir::circuit::opcodes::BlackBoxFuncCall::RANGE { .. } + | acir::circuit::opcodes::BlackBoxFuncCall::RecursiveAggregation { .. } => (), acir::circuit::opcodes::BlackBoxFuncCall::SHA256 { outputs, .. } | acir::circuit::opcodes::BlackBoxFuncCall::Keccak256 { outputs, .. } | acir::circuit::opcodes::BlackBoxFuncCall::Keccak256VariableLength { diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs index 20055aac8ad..2506af8c8c8 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs @@ -226,14 +226,12 @@ impl GeneratedAcir { BlackBoxFunc::Keccakf1600 => { BlackBoxFuncCall::Keccakf1600 { inputs: inputs[0].clone(), outputs } } - BlackBoxFunc::RecursiveAggregation => { - BlackBoxFuncCall::RecursiveAggregation { - verification_key: inputs[0].clone(), - proof: inputs[1].clone(), - public_inputs: inputs[2].clone(), - key_hash: inputs[3][0], - } - } + BlackBoxFunc::RecursiveAggregation => BlackBoxFuncCall::RecursiveAggregation { + verification_key: inputs[0].clone(), + proof: inputs[1].clone(), + public_inputs: inputs[2].clone(), + key_hash: inputs[3][0], + }, }; self.push_opcode(AcirOpcode::BlackBoxFuncCall(black_box_func_call)); From 4178e748aeb509276982331014f295f48d6dd51f Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 12:41:33 +0000 Subject: [PATCH 18/67] chore: update serialized bytecodes --- acvm-repo/acvm_js/test/shared/pedersen.ts | 4 ++-- acvm-repo/acvm_js/test/shared/schnorr_verify.ts | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/acvm-repo/acvm_js/test/shared/pedersen.ts b/acvm-repo/acvm_js/test/shared/pedersen.ts index 668ee2b510b..e35893fc355 100644 --- a/acvm-repo/acvm_js/test/shared/pedersen.ts +++ b/acvm-repo/acvm_js/test/shared/pedersen.ts @@ -1,7 +1,7 @@ // See `pedersen_circuit` integration test in `acir/tests/test_program_serialization.rs`. export const bytecode = Uint8Array.from([ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 93, 138, 9, 10, 0, 64, 8, 2, 103, 15, 250, 255, 139, 163, 162, 130, 72, 16, 149, - 241, 3, 135, 84, 164, 172, 173, 213, 175, 251, 45, 198, 96, 243, 211, 50, 152, 67, 220, 211, 92, 0, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 93, 138, 9, 10, 0, 64, 8, 2, 103, 15, 232, 255, 31, 142, 138, 10, 34, 65, 84, 198, + 15, 28, 82, 145, 178, 182, 86, 191, 238, 183, 24, 131, 205, 79, 203, 0, 166, 242, 158, 93, 92, 0, 0, 0, ]); export const initialWitnessMap = new Map([[1, '0x0000000000000000000000000000000000000000000000000000000000000001']]); diff --git a/acvm-repo/acvm_js/test/shared/schnorr_verify.ts b/acvm-repo/acvm_js/test/shared/schnorr_verify.ts index f88a70ba4a1..5716cbd30f8 100644 --- a/acvm-repo/acvm_js/test/shared/schnorr_verify.ts +++ b/acvm-repo/acvm_js/test/shared/schnorr_verify.ts @@ -2,7 +2,7 @@ export const bytecode = Uint8Array.from([ 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 77, 210, 87, 78, 2, 1, 20, 134, 209, 177, 247, 222, 123, 71, 68, 68, 68, 68, 68, 68, 68, 68, 68, 221, 133, 251, 95, 130, 145, 27, 206, 36, 78, 50, 57, 16, 94, 200, 253, 191, 159, 36, 73, 134, 146, - 193, 19, 142, 241, 183, 255, 14, 179, 233, 247, 145, 254, 59, 217, 127, 71, 57, 198, 113, 78, 48, 125, 167, 56, 205, + 193, 19, 142, 243, 183, 255, 14, 179, 233, 247, 145, 254, 59, 217, 127, 71, 57, 198, 113, 78, 48, 125, 167, 56, 205, 25, 206, 114, 142, 243, 92, 224, 34, 151, 184, 204, 21, 174, 114, 141, 235, 220, 224, 38, 183, 184, 205, 29, 238, 114, 143, 251, 60, 224, 33, 143, 120, 204, 19, 158, 242, 140, 25, 158, 51, 203, 11, 230, 120, 201, 60, 175, 88, 224, 53, 139, 188, 97, 137, 183, 44, 243, 142, 21, 222, 179, 202, 7, 214, 248, 200, 58, 159, 216, 224, 51, 155, 124, 97, 235, @@ -11,7 +11,7 @@ export const bytecode = Uint8Array.from([ 162, 149, 232, 36, 26, 137, 62, 162, 141, 232, 34, 154, 136, 30, 162, 133, 232, 32, 26, 136, 253, 99, 251, 195, 100, 176, 121, 236, 29, 91, 159, 218, 56, 99, 219, 172, 77, 115, 182, 204, 219, 176, 96, 187, 162, 205, 74, 182, 42, 219, 168, 98, 155, 170, 77, 106, 182, 168, 219, 160, 225, 246, 77, 55, 111, 185, 113, 219, 109, 59, 110, 218, 117, 203, - 158, 27, 166, 55, 75, 239, 150, 184, 101, 250, 252, 1, 19, 89, 159, 101, 220, 3, 0, 0, + 158, 27, 166, 55, 75, 239, 150, 184, 101, 250, 252, 1, 55, 204, 92, 74, 220, 3, 0, 0, ]); export const initialWitnessMap = new Map([ From ad7e3b1f614cce218a67037ac8c0b3bc3ec8ee17 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 13:22:18 +0000 Subject: [PATCH 19/67] chore: update bbjs --- .../circuits/recursion/src/main.nr | 20 +++++++++---------- .../noir_js_backend_barretenberg/package.json | 2 +- .../noir_js_backend_barretenberg/src/index.ts | 2 +- yarn.lock | 16 ++++++++++++++- 4 files changed, 26 insertions(+), 14 deletions(-) diff --git a/compiler/integration-tests/circuits/recursion/src/main.nr b/compiler/integration-tests/circuits/recursion/src/main.nr index e60e4e0b61a..173207766fb 100644 --- a/compiler/integration-tests/circuits/recursion/src/main.nr +++ b/compiler/integration-tests/circuits/recursion/src/main.nr @@ -1,17 +1,15 @@ use dep::std; fn main( - verification_key : [Field; 114], - proof : [Field; 94], - public_inputs : [Field; 1], - key_hash : Field, -) -> pub [Field;16]{ - let input_aggregation_object = [0; 16]; + verification_key: [Field; 114], + proof: [Field; 93], + public_inputs: [Field; 1], + key_hash: Field +) { std::verify_proof( - verification_key.as_slice(), - proof.as_slice(), - public_inputs.as_slice(), - key_hash, - input_aggregation_object + verification_key.as_slice(), + proof.as_slice(), + public_inputs.as_slice(), + key_hash ) } diff --git a/tooling/noir_js_backend_barretenberg/package.json b/tooling/noir_js_backend_barretenberg/package.json index 93fdc856338..1688db1ab2d 100644 --- a/tooling/noir_js_backend_barretenberg/package.json +++ b/tooling/noir_js_backend_barretenberg/package.json @@ -42,7 +42,7 @@ "lint": "NODE_NO_WARNINGS=1 eslint . --ext .ts --ignore-path ./.eslintignore --max-warnings 0" }, "dependencies": { - "@aztec/bb.js": "0.16.0", + "@aztec/bb.js": "0.17.0", "@noir-lang/types": "workspace:*", "fflate": "^0.8.0" }, diff --git a/tooling/noir_js_backend_barretenberg/src/index.ts b/tooling/noir_js_backend_barretenberg/src/index.ts index 100418debd0..f574c15723a 100644 --- a/tooling/noir_js_backend_barretenberg/src/index.ts +++ b/tooling/noir_js_backend_barretenberg/src/index.ts @@ -34,7 +34,7 @@ export class BarretenbergBackend implements Backend { // eslint-disable-next-line @typescript-eslint/ban-ts-comment //@ts-ignore const { Barretenberg, RawBuffer, Crs } = await import('@aztec/bb.js'); - const api = await Barretenberg.new(this.options.threads); + const api = await Barretenberg.new({ threads: this.options.threads }); const [_exact, _total, subgroupSize] = await api.acirGetCircuitSizes(this.acirUncompressedBytecode); const crs = await Crs.new(subgroupSize + 1); diff --git a/yarn.lock b/yarn.lock index 65b977864b4..01860e55921 100644 --- a/yarn.lock +++ b/yarn.lock @@ -235,6 +235,20 @@ __metadata: languageName: node linkType: hard +"@aztec/bb.js@npm:0.17.0": + version: 0.17.0 + resolution: "@aztec/bb.js@npm:0.17.0" + dependencies: + comlink: ^4.4.1 + commander: ^10.0.1 + debug: ^4.3.4 + tslib: ^2.4.0 + bin: + bb.js: dest/node/main.js + checksum: 459838076e4db7e6ca17f95acbd5c83028ea3b5c21e016a1561cec065a95d20e8d65906ad63e44e071556bc331070ceda6d48c058f5accdb76b3c6daab8ef1a5 + languageName: node + linkType: hard + "@babel/code-frame@npm:^7.0.0, @babel/code-frame@npm:^7.10.4, @babel/code-frame@npm:^7.12.11, @babel/code-frame@npm:^7.16.0, @babel/code-frame@npm:^7.22.13, @babel/code-frame@npm:^7.23.5, @babel/code-frame@npm:^7.8.3": version: 7.23.5 resolution: "@babel/code-frame@npm:7.23.5" @@ -3958,7 +3972,7 @@ __metadata: version: 0.0.0-use.local resolution: "@noir-lang/backend_barretenberg@workspace:tooling/noir_js_backend_barretenberg" dependencies: - "@aztec/bb.js": 0.16.0 + "@aztec/bb.js": 0.17.0 "@noir-lang/types": "workspace:*" "@types/node": ^20.6.2 "@types/prettier": ^3 From 404ffbf4ac688220dc178e575b6c6028f70bd2c8 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 13:31:29 +0000 Subject: [PATCH 20/67] fix: intermediate proof artifacts returns proof without public inputs --- tooling/noir_js_backend_barretenberg/src/index.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tooling/noir_js_backend_barretenberg/src/index.ts b/tooling/noir_js_backend_barretenberg/src/index.ts index f574c15723a..94c728ec69c 100644 --- a/tooling/noir_js_backend_barretenberg/src/index.ts +++ b/tooling/noir_js_backend_barretenberg/src/index.ts @@ -127,7 +127,9 @@ export class BarretenbergBackend implements Backend { }> { await this.instantiate(); const proof = reconstructProofWithPublicInputs(proofData); - const proofAsFields = await this.api.acirSerializeProofIntoFields(this.acirComposer, proof, numOfPublicInputs); + const proofAsFields = ( + await this.api.acirSerializeProofIntoFields(this.acirComposer, proof, numOfPublicInputs) + ).slice(numOfPublicInputs); // TODO: perhaps we should put this in the init function. Need to benchmark // TODO how long it takes. From 0886b1bf10362c134aedbf87fda9f521efc714e3 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 14:25:35 +0000 Subject: [PATCH 21/67] Try to fix recursion test and remove unused codegen --- .../test/browser/recursion.test.ts | 1 - tooling/bb_abstraction_leaks/src/contract.sol | 2575 ----------------- tooling/bb_abstraction_leaks/src/lib.rs | 7 - .../nargo_cli/src/cli/codegen_verifier_cmd.rs | 10 +- 4 files changed, 1 insertion(+), 2592 deletions(-) delete mode 100644 tooling/bb_abstraction_leaks/src/contract.sol diff --git a/compiler/integration-tests/test/browser/recursion.test.ts b/compiler/integration-tests/test/browser/recursion.test.ts index faa317b2c3c..2097164ebcb 100644 --- a/compiler/integration-tests/test/browser/recursion.test.ts +++ b/compiler/integration-tests/test/browser/recursion.test.ts @@ -79,7 +79,6 @@ describe('It compiles noir program code, receiving circuit bytes and abi object. proof: proofAsFields, public_inputs: [main_inputs.y as Field], key_hash: vkHash, - input_aggregation_object: ['0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0'], }; logger.debug('recursion_inputs', recursion_inputs); diff --git a/tooling/bb_abstraction_leaks/src/contract.sol b/tooling/bb_abstraction_leaks/src/contract.sol deleted file mode 100644 index 814c81d235e..00000000000 --- a/tooling/bb_abstraction_leaks/src/contract.sol +++ /dev/null @@ -1,2575 +0,0 @@ -/** - * @title Ultra Plonk proof verification contract - * @dev Top level Plonk proof verification contract, which allows Plonk proof to be verified - */ -abstract contract BaseUltraVerifier { - // VERIFICATION KEY MEMORY LOCATIONS - uint256 internal constant N_LOC = 0x380; - uint256 internal constant NUM_INPUTS_LOC = 0x3a0; - uint256 internal constant OMEGA_LOC = 0x3c0; - uint256 internal constant DOMAIN_INVERSE_LOC = 0x3e0; - uint256 internal constant Q1_X_LOC = 0x400; - uint256 internal constant Q1_Y_LOC = 0x420; - uint256 internal constant Q2_X_LOC = 0x440; - uint256 internal constant Q2_Y_LOC = 0x460; - uint256 internal constant Q3_X_LOC = 0x480; - uint256 internal constant Q3_Y_LOC = 0x4a0; - uint256 internal constant Q4_X_LOC = 0x4c0; - uint256 internal constant Q4_Y_LOC = 0x4e0; - uint256 internal constant QM_X_LOC = 0x500; - uint256 internal constant QM_Y_LOC = 0x520; - uint256 internal constant QC_X_LOC = 0x540; - uint256 internal constant QC_Y_LOC = 0x560; - uint256 internal constant QARITH_X_LOC = 0x580; - uint256 internal constant QARITH_Y_LOC = 0x5a0; - uint256 internal constant QSORT_X_LOC = 0x5c0; - uint256 internal constant QSORT_Y_LOC = 0x5e0; - uint256 internal constant QELLIPTIC_X_LOC = 0x600; - uint256 internal constant QELLIPTIC_Y_LOC = 0x620; - uint256 internal constant QAUX_X_LOC = 0x640; - uint256 internal constant QAUX_Y_LOC = 0x660; - uint256 internal constant SIGMA1_X_LOC = 0x680; - uint256 internal constant SIGMA1_Y_LOC = 0x6a0; - uint256 internal constant SIGMA2_X_LOC = 0x6c0; - uint256 internal constant SIGMA2_Y_LOC = 0x6e0; - uint256 internal constant SIGMA3_X_LOC = 0x700; - uint256 internal constant SIGMA3_Y_LOC = 0x720; - uint256 internal constant SIGMA4_X_LOC = 0x740; - uint256 internal constant SIGMA4_Y_LOC = 0x760; - uint256 internal constant TABLE1_X_LOC = 0x780; - uint256 internal constant TABLE1_Y_LOC = 0x7a0; - uint256 internal constant TABLE2_X_LOC = 0x7c0; - uint256 internal constant TABLE2_Y_LOC = 0x7e0; - uint256 internal constant TABLE3_X_LOC = 0x800; - uint256 internal constant TABLE3_Y_LOC = 0x820; - uint256 internal constant TABLE4_X_LOC = 0x840; - uint256 internal constant TABLE4_Y_LOC = 0x860; - uint256 internal constant TABLE_TYPE_X_LOC = 0x880; - uint256 internal constant TABLE_TYPE_Y_LOC = 0x8a0; - uint256 internal constant ID1_X_LOC = 0x8c0; - uint256 internal constant ID1_Y_LOC = 0x8e0; - uint256 internal constant ID2_X_LOC = 0x900; - uint256 internal constant ID2_Y_LOC = 0x920; - uint256 internal constant ID3_X_LOC = 0x940; - uint256 internal constant ID3_Y_LOC = 0x960; - uint256 internal constant ID4_X_LOC = 0x980; - uint256 internal constant ID4_Y_LOC = 0x9a0; - uint256 internal constant CONTAINS_RECURSIVE_PROOF_LOC = 0x9c0; - uint256 internal constant RECURSIVE_PROOF_PUBLIC_INPUT_INDICES_LOC = 0x9e0; - uint256 internal constant G2X_X0_LOC = 0xa00; - uint256 internal constant G2X_X1_LOC = 0xa20; - uint256 internal constant G2X_Y0_LOC = 0xa40; - uint256 internal constant G2X_Y1_LOC = 0xa60; - - // ### PROOF DATA MEMORY LOCATIONS - uint256 internal constant W1_X_LOC = 0x1200; - uint256 internal constant W1_Y_LOC = 0x1220; - uint256 internal constant W2_X_LOC = 0x1240; - uint256 internal constant W2_Y_LOC = 0x1260; - uint256 internal constant W3_X_LOC = 0x1280; - uint256 internal constant W3_Y_LOC = 0x12a0; - uint256 internal constant W4_X_LOC = 0x12c0; - uint256 internal constant W4_Y_LOC = 0x12e0; - uint256 internal constant S_X_LOC = 0x1300; - uint256 internal constant S_Y_LOC = 0x1320; - uint256 internal constant Z_X_LOC = 0x1340; - uint256 internal constant Z_Y_LOC = 0x1360; - uint256 internal constant Z_LOOKUP_X_LOC = 0x1380; - uint256 internal constant Z_LOOKUP_Y_LOC = 0x13a0; - uint256 internal constant T1_X_LOC = 0x13c0; - uint256 internal constant T1_Y_LOC = 0x13e0; - uint256 internal constant T2_X_LOC = 0x1400; - uint256 internal constant T2_Y_LOC = 0x1420; - uint256 internal constant T3_X_LOC = 0x1440; - uint256 internal constant T3_Y_LOC = 0x1460; - uint256 internal constant T4_X_LOC = 0x1480; - uint256 internal constant T4_Y_LOC = 0x14a0; - - uint256 internal constant W1_EVAL_LOC = 0x1600; - uint256 internal constant W2_EVAL_LOC = 0x1620; - uint256 internal constant W3_EVAL_LOC = 0x1640; - uint256 internal constant W4_EVAL_LOC = 0x1660; - uint256 internal constant S_EVAL_LOC = 0x1680; - uint256 internal constant Z_EVAL_LOC = 0x16a0; - uint256 internal constant Z_LOOKUP_EVAL_LOC = 0x16c0; - uint256 internal constant Q1_EVAL_LOC = 0x16e0; - uint256 internal constant Q2_EVAL_LOC = 0x1700; - uint256 internal constant Q3_EVAL_LOC = 0x1720; - uint256 internal constant Q4_EVAL_LOC = 0x1740; - uint256 internal constant QM_EVAL_LOC = 0x1760; - uint256 internal constant QC_EVAL_LOC = 0x1780; - uint256 internal constant QARITH_EVAL_LOC = 0x17a0; - uint256 internal constant QSORT_EVAL_LOC = 0x17c0; - uint256 internal constant QELLIPTIC_EVAL_LOC = 0x17e0; - uint256 internal constant QAUX_EVAL_LOC = 0x1800; - uint256 internal constant TABLE1_EVAL_LOC = 0x1840; - uint256 internal constant TABLE2_EVAL_LOC = 0x1860; - uint256 internal constant TABLE3_EVAL_LOC = 0x1880; - uint256 internal constant TABLE4_EVAL_LOC = 0x18a0; - uint256 internal constant TABLE_TYPE_EVAL_LOC = 0x18c0; - uint256 internal constant ID1_EVAL_LOC = 0x18e0; - uint256 internal constant ID2_EVAL_LOC = 0x1900; - uint256 internal constant ID3_EVAL_LOC = 0x1920; - uint256 internal constant ID4_EVAL_LOC = 0x1940; - uint256 internal constant SIGMA1_EVAL_LOC = 0x1960; - uint256 internal constant SIGMA2_EVAL_LOC = 0x1980; - uint256 internal constant SIGMA3_EVAL_LOC = 0x19a0; - uint256 internal constant SIGMA4_EVAL_LOC = 0x19c0; - uint256 internal constant W1_OMEGA_EVAL_LOC = 0x19e0; - uint256 internal constant W2_OMEGA_EVAL_LOC = 0x2000; - uint256 internal constant W3_OMEGA_EVAL_LOC = 0x2020; - uint256 internal constant W4_OMEGA_EVAL_LOC = 0x2040; - uint256 internal constant S_OMEGA_EVAL_LOC = 0x2060; - uint256 internal constant Z_OMEGA_EVAL_LOC = 0x2080; - uint256 internal constant Z_LOOKUP_OMEGA_EVAL_LOC = 0x20a0; - uint256 internal constant TABLE1_OMEGA_EVAL_LOC = 0x20c0; - uint256 internal constant TABLE2_OMEGA_EVAL_LOC = 0x20e0; - uint256 internal constant TABLE3_OMEGA_EVAL_LOC = 0x2100; - uint256 internal constant TABLE4_OMEGA_EVAL_LOC = 0x2120; - - uint256 internal constant PI_Z_X_LOC = 0x2300; - uint256 internal constant PI_Z_Y_LOC = 0x2320; - uint256 internal constant PI_Z_OMEGA_X_LOC = 0x2340; - uint256 internal constant PI_Z_OMEGA_Y_LOC = 0x2360; - - // Used for elliptic widget. These are alias names for wire + shifted wire evaluations - uint256 internal constant X1_EVAL_LOC = W2_EVAL_LOC; - uint256 internal constant X2_EVAL_LOC = W1_OMEGA_EVAL_LOC; - uint256 internal constant X3_EVAL_LOC = W2_OMEGA_EVAL_LOC; - uint256 internal constant Y1_EVAL_LOC = W3_EVAL_LOC; - uint256 internal constant Y2_EVAL_LOC = W4_OMEGA_EVAL_LOC; - uint256 internal constant Y3_EVAL_LOC = W3_OMEGA_EVAL_LOC; - uint256 internal constant QBETA_LOC = Q3_EVAL_LOC; - uint256 internal constant QBETA_SQR_LOC = Q4_EVAL_LOC; - uint256 internal constant QSIGN_LOC = Q1_EVAL_LOC; - - // ### CHALLENGES MEMORY OFFSETS - - uint256 internal constant C_BETA_LOC = 0x2600; - uint256 internal constant C_GAMMA_LOC = 0x2620; - uint256 internal constant C_ALPHA_LOC = 0x2640; - uint256 internal constant C_ETA_LOC = 0x2660; - uint256 internal constant C_ETA_SQR_LOC = 0x2680; - uint256 internal constant C_ETA_CUBE_LOC = 0x26a0; - - uint256 internal constant C_ZETA_LOC = 0x26c0; - uint256 internal constant C_CURRENT_LOC = 0x26e0; - uint256 internal constant C_V0_LOC = 0x2700; - uint256 internal constant C_V1_LOC = 0x2720; - uint256 internal constant C_V2_LOC = 0x2740; - uint256 internal constant C_V3_LOC = 0x2760; - uint256 internal constant C_V4_LOC = 0x2780; - uint256 internal constant C_V5_LOC = 0x27a0; - uint256 internal constant C_V6_LOC = 0x27c0; - uint256 internal constant C_V7_LOC = 0x27e0; - uint256 internal constant C_V8_LOC = 0x2800; - uint256 internal constant C_V9_LOC = 0x2820; - uint256 internal constant C_V10_LOC = 0x2840; - uint256 internal constant C_V11_LOC = 0x2860; - uint256 internal constant C_V12_LOC = 0x2880; - uint256 internal constant C_V13_LOC = 0x28a0; - uint256 internal constant C_V14_LOC = 0x28c0; - uint256 internal constant C_V15_LOC = 0x28e0; - uint256 internal constant C_V16_LOC = 0x2900; - uint256 internal constant C_V17_LOC = 0x2920; - uint256 internal constant C_V18_LOC = 0x2940; - uint256 internal constant C_V19_LOC = 0x2960; - uint256 internal constant C_V20_LOC = 0x2980; - uint256 internal constant C_V21_LOC = 0x29a0; - uint256 internal constant C_V22_LOC = 0x29c0; - uint256 internal constant C_V23_LOC = 0x29e0; - uint256 internal constant C_V24_LOC = 0x2a00; - uint256 internal constant C_V25_LOC = 0x2a20; - uint256 internal constant C_V26_LOC = 0x2a40; - uint256 internal constant C_V27_LOC = 0x2a60; - uint256 internal constant C_V28_LOC = 0x2a80; - uint256 internal constant C_V29_LOC = 0x2aa0; - uint256 internal constant C_V30_LOC = 0x2ac0; - - uint256 internal constant C_U_LOC = 0x2b00; - - // ### LOCAL VARIABLES MEMORY OFFSETS - uint256 internal constant DELTA_NUMERATOR_LOC = 0x3000; - uint256 internal constant DELTA_DENOMINATOR_LOC = 0x3020; - uint256 internal constant ZETA_POW_N_LOC = 0x3040; - uint256 internal constant PUBLIC_INPUT_DELTA_LOC = 0x3060; - uint256 internal constant ZERO_POLY_LOC = 0x3080; - uint256 internal constant L_START_LOC = 0x30a0; - uint256 internal constant L_END_LOC = 0x30c0; - uint256 internal constant R_ZERO_EVAL_LOC = 0x30e0; - - uint256 internal constant PLOOKUP_DELTA_NUMERATOR_LOC = 0x3100; - uint256 internal constant PLOOKUP_DELTA_DENOMINATOR_LOC = 0x3120; - uint256 internal constant PLOOKUP_DELTA_LOC = 0x3140; - - uint256 internal constant ACCUMULATOR_X_LOC = 0x3160; - uint256 internal constant ACCUMULATOR_Y_LOC = 0x3180; - uint256 internal constant ACCUMULATOR2_X_LOC = 0x31a0; - uint256 internal constant ACCUMULATOR2_Y_LOC = 0x31c0; - uint256 internal constant PAIRING_LHS_X_LOC = 0x31e0; - uint256 internal constant PAIRING_LHS_Y_LOC = 0x3200; - uint256 internal constant PAIRING_RHS_X_LOC = 0x3220; - uint256 internal constant PAIRING_RHS_Y_LOC = 0x3240; - - // ### SUCCESS FLAG MEMORY LOCATIONS - uint256 internal constant GRAND_PRODUCT_SUCCESS_FLAG = 0x3300; - uint256 internal constant ARITHMETIC_TERM_SUCCESS_FLAG = 0x3020; - uint256 internal constant BATCH_OPENING_SUCCESS_FLAG = 0x3340; - uint256 internal constant OPENING_COMMITMENT_SUCCESS_FLAG = 0x3360; - uint256 internal constant PAIRING_PREAMBLE_SUCCESS_FLAG = 0x3380; - uint256 internal constant PAIRING_SUCCESS_FLAG = 0x33a0; - uint256 internal constant RESULT_FLAG = 0x33c0; - - // misc stuff - uint256 internal constant OMEGA_INVERSE_LOC = 0x3400; - uint256 internal constant C_ALPHA_SQR_LOC = 0x3420; - uint256 internal constant C_ALPHA_CUBE_LOC = 0x3440; - uint256 internal constant C_ALPHA_QUAD_LOC = 0x3460; - uint256 internal constant C_ALPHA_BASE_LOC = 0x3480; - - // ### RECURSION VARIABLE MEMORY LOCATIONS - uint256 internal constant RECURSIVE_P1_X_LOC = 0x3500; - uint256 internal constant RECURSIVE_P1_Y_LOC = 0x3520; - uint256 internal constant RECURSIVE_P2_X_LOC = 0x3540; - uint256 internal constant RECURSIVE_P2_Y_LOC = 0x3560; - - uint256 internal constant PUBLIC_INPUTS_HASH_LOCATION = 0x3580; - - // sub-identity storage - uint256 internal constant PERMUTATION_IDENTITY = 0x3600; - uint256 internal constant PLOOKUP_IDENTITY = 0x3620; - uint256 internal constant ARITHMETIC_IDENTITY = 0x3640; - uint256 internal constant SORT_IDENTITY = 0x3660; - uint256 internal constant ELLIPTIC_IDENTITY = 0x3680; - uint256 internal constant AUX_IDENTITY = 0x36a0; - uint256 internal constant AUX_NON_NATIVE_FIELD_EVALUATION = 0x36c0; - uint256 internal constant AUX_LIMB_ACCUMULATOR_EVALUATION = 0x36e0; - uint256 internal constant AUX_RAM_CONSISTENCY_EVALUATION = 0x3700; - uint256 internal constant AUX_ROM_CONSISTENCY_EVALUATION = 0x3720; - uint256 internal constant AUX_MEMORY_EVALUATION = 0x3740; - - uint256 internal constant QUOTIENT_EVAL_LOC = 0x3760; - uint256 internal constant ZERO_POLY_INVERSE_LOC = 0x3780; - - // when hashing public inputs we use memory at NU_CHALLENGE_INPUT_LOC_A, as the hash input size is unknown at compile time - uint256 internal constant NU_CHALLENGE_INPUT_LOC_A = 0x37a0; - uint256 internal constant NU_CHALLENGE_INPUT_LOC_B = 0x37c0; - uint256 internal constant NU_CHALLENGE_INPUT_LOC_C = 0x37e0; - - bytes4 internal constant PUBLIC_INPUT_INVALID_BN128_G1_POINT_SELECTOR = 0xeba9f4a6; - bytes4 internal constant PUBLIC_INPUT_GE_P_SELECTOR = 0x374a972f; - bytes4 internal constant MOD_EXP_FAILURE_SELECTOR = 0xf894a7bc; - bytes4 internal constant EC_SCALAR_MUL_FAILURE_SELECTOR = 0xf755f369; - bytes4 internal constant PROOF_FAILURE_SELECTOR = 0x0711fcec; - - uint256 internal constant ETA_INPUT_LENGTH = 0xc0; // W1, W2, W3 = 6 * 0x20 bytes - - // We need to hash 41 field elements when generating the NU challenge - // w1, w2, w3, w4, s, z, z_lookup, q1, q2, q3, q4, qm, qc, qarith (14) - // qsort, qelliptic, qaux, sigma1, sigma2, sigma, sigma4, (7) - // table1, table2, table3, table4, tabletype, id1, id2, id3, id4, (9) - // w1_omega, w2_omega, w3_omega, w4_omega, s_omega, z_omega, z_lookup_omega, (7) - // table1_omega, table2_omega, table3_omega, table4_omega (4) - uint256 internal constant NU_INPUT_LENGTH = 0x520; // 0x520 = 41 * 0x20 - - // There are ELEVEN G1 group elements added into the transcript in the `beta` round, that we need to skip over - // W1, W2, W3, W4, S, Z, Z_LOOKUP, T1, T2, T3, T4 - uint256 internal constant NU_CALLDATA_SKIP_LENGTH = 0x2c0; // 11 * 0x40 = 0x2c0 - - uint256 internal constant NEGATIVE_INVERSE_OF_2_MODULO_P = - 0x183227397098d014dc2822db40c0ac2e9419f4243cdcb848a1f0fac9f8000000; - uint256 internal constant LIMB_SIZE = 0x100000000000000000; // 2<<68 - uint256 internal constant SUBLIMB_SHIFT = 0x4000; // 2<<14 - - // y^2 = x^3 + ax + b - // for Grumpkin, a = 0 and b = -17. We use b in a custom gate relation that evaluates elliptic curve arithmetic - uint256 internal constant GRUMPKIN_CURVE_B_PARAMETER_NEGATED = 17; - error PUBLIC_INPUT_COUNT_INVALID(uint256 expected, uint256 actual); - error PUBLIC_INPUT_INVALID_BN128_G1_POINT(); - error PUBLIC_INPUT_GE_P(); - error MOD_EXP_FAILURE(); - error EC_SCALAR_MUL_FAILURE(); - error PROOF_FAILURE(); - - function getVerificationKeyHash() public pure virtual returns (bytes32); - - function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure virtual; - - /** - * @notice Verify a Ultra Plonk proof - * @param _proof - The serialized proof - * @param _publicInputs - An array of the public inputs - * @return True if proof is valid, reverts otherwise - */ - function verify(bytes calldata _proof, bytes32[] calldata _publicInputs) external view returns (bool) { - loadVerificationKey(N_LOC, OMEGA_INVERSE_LOC); - - uint256 requiredPublicInputCount; - assembly { - requiredPublicInputCount := mload(NUM_INPUTS_LOC) - } - if (requiredPublicInputCount != _publicInputs.length) { - revert PUBLIC_INPUT_COUNT_INVALID(requiredPublicInputCount, _publicInputs.length); - } - - assembly { - let q := 21888242871839275222246405745257275088696311157297823662689037894645226208583 // EC group order - let p := 21888242871839275222246405745257275088548364400416034343698204186575808495617 // Prime field order - - /** - * LOAD PROOF FROM CALLDATA - */ - { - let data_ptr := add(calldataload(0x04), 0x24) - - mstore(W1_Y_LOC, mod(calldataload(data_ptr), q)) - mstore(W1_X_LOC, mod(calldataload(add(data_ptr, 0x20)), q)) - - mstore(W2_Y_LOC, mod(calldataload(add(data_ptr, 0x40)), q)) - mstore(W2_X_LOC, mod(calldataload(add(data_ptr, 0x60)), q)) - - mstore(W3_Y_LOC, mod(calldataload(add(data_ptr, 0x80)), q)) - mstore(W3_X_LOC, mod(calldataload(add(data_ptr, 0xa0)), q)) - - mstore(W4_Y_LOC, mod(calldataload(add(data_ptr, 0xc0)), q)) - mstore(W4_X_LOC, mod(calldataload(add(data_ptr, 0xe0)), q)) - - mstore(S_Y_LOC, mod(calldataload(add(data_ptr, 0x100)), q)) - mstore(S_X_LOC, mod(calldataload(add(data_ptr, 0x120)), q)) - mstore(Z_Y_LOC, mod(calldataload(add(data_ptr, 0x140)), q)) - mstore(Z_X_LOC, mod(calldataload(add(data_ptr, 0x160)), q)) - mstore(Z_LOOKUP_Y_LOC, mod(calldataload(add(data_ptr, 0x180)), q)) - mstore(Z_LOOKUP_X_LOC, mod(calldataload(add(data_ptr, 0x1a0)), q)) - mstore(T1_Y_LOC, mod(calldataload(add(data_ptr, 0x1c0)), q)) - mstore(T1_X_LOC, mod(calldataload(add(data_ptr, 0x1e0)), q)) - - mstore(T2_Y_LOC, mod(calldataload(add(data_ptr, 0x200)), q)) - mstore(T2_X_LOC, mod(calldataload(add(data_ptr, 0x220)), q)) - - mstore(T3_Y_LOC, mod(calldataload(add(data_ptr, 0x240)), q)) - mstore(T3_X_LOC, mod(calldataload(add(data_ptr, 0x260)), q)) - - mstore(T4_Y_LOC, mod(calldataload(add(data_ptr, 0x280)), q)) - mstore(T4_X_LOC, mod(calldataload(add(data_ptr, 0x2a0)), q)) - - mstore(W1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x2c0)), p)) - mstore(W2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x2e0)), p)) - mstore(W3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x300)), p)) - mstore(W4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x320)), p)) - mstore(S_EVAL_LOC, mod(calldataload(add(data_ptr, 0x340)), p)) - mstore(Z_EVAL_LOC, mod(calldataload(add(data_ptr, 0x360)), p)) - mstore(Z_LOOKUP_EVAL_LOC, mod(calldataload(add(data_ptr, 0x380)), p)) - mstore(Q1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x3a0)), p)) - mstore(Q2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x3c0)), p)) - mstore(Q3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x3e0)), p)) - mstore(Q4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x400)), p)) - mstore(QM_EVAL_LOC, mod(calldataload(add(data_ptr, 0x420)), p)) - mstore(QC_EVAL_LOC, mod(calldataload(add(data_ptr, 0x440)), p)) - mstore(QARITH_EVAL_LOC, mod(calldataload(add(data_ptr, 0x460)), p)) - mstore(QSORT_EVAL_LOC, mod(calldataload(add(data_ptr, 0x480)), p)) - mstore(QELLIPTIC_EVAL_LOC, mod(calldataload(add(data_ptr, 0x4a0)), p)) - mstore(QAUX_EVAL_LOC, mod(calldataload(add(data_ptr, 0x4c0)), p)) - - mstore(SIGMA1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x4e0)), p)) - mstore(SIGMA2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x500)), p)) - - mstore(SIGMA3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x520)), p)) - mstore(SIGMA4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x540)), p)) - - mstore(TABLE1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x560)), p)) - mstore(TABLE2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x580)), p)) - mstore(TABLE3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x5a0)), p)) - mstore(TABLE4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x5c0)), p)) - mstore(TABLE_TYPE_EVAL_LOC, mod(calldataload(add(data_ptr, 0x5e0)), p)) - - mstore(ID1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x600)), p)) - mstore(ID2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x620)), p)) - mstore(ID3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x640)), p)) - mstore(ID4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x660)), p)) - - mstore(W1_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x680)), p)) - mstore(W2_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x6a0)), p)) - mstore(W3_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x6c0)), p)) - mstore(W4_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x6e0)), p)) - mstore(S_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x700)), p)) - - mstore(Z_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x720)), p)) - - mstore(Z_LOOKUP_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x740)), p)) - mstore(TABLE1_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x760)), p)) - mstore(TABLE2_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x780)), p)) - mstore(TABLE3_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x7a0)), p)) - mstore(TABLE4_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x7c0)), p)) - - mstore(PI_Z_Y_LOC, mod(calldataload(add(data_ptr, 0x7e0)), q)) - mstore(PI_Z_X_LOC, mod(calldataload(add(data_ptr, 0x800)), q)) - - mstore(PI_Z_OMEGA_Y_LOC, mod(calldataload(add(data_ptr, 0x820)), q)) - mstore(PI_Z_OMEGA_X_LOC, mod(calldataload(add(data_ptr, 0x840)), q)) - } - - /** - * LOAD RECURSIVE PROOF INTO MEMORY - */ - { - if mload(CONTAINS_RECURSIVE_PROOF_LOC) { - let public_inputs_ptr := add(calldataload(0x24), 0x24) - let index_counter := add(shl(5, mload(RECURSIVE_PROOF_PUBLIC_INPUT_INDICES_LOC)), public_inputs_ptr) - - let x0 := calldataload(index_counter) - x0 := add(x0, shl(68, calldataload(add(index_counter, 0x20)))) - x0 := add(x0, shl(136, calldataload(add(index_counter, 0x40)))) - x0 := add(x0, shl(204, calldataload(add(index_counter, 0x60)))) - let y0 := calldataload(add(index_counter, 0x80)) - y0 := add(y0, shl(68, calldataload(add(index_counter, 0xa0)))) - y0 := add(y0, shl(136, calldataload(add(index_counter, 0xc0)))) - y0 := add(y0, shl(204, calldataload(add(index_counter, 0xe0)))) - let x1 := calldataload(add(index_counter, 0x100)) - x1 := add(x1, shl(68, calldataload(add(index_counter, 0x120)))) - x1 := add(x1, shl(136, calldataload(add(index_counter, 0x140)))) - x1 := add(x1, shl(204, calldataload(add(index_counter, 0x160)))) - let y1 := calldataload(add(index_counter, 0x180)) - y1 := add(y1, shl(68, calldataload(add(index_counter, 0x1a0)))) - y1 := add(y1, shl(136, calldataload(add(index_counter, 0x1c0)))) - y1 := add(y1, shl(204, calldataload(add(index_counter, 0x1e0)))) - mstore(RECURSIVE_P1_X_LOC, x0) - mstore(RECURSIVE_P1_Y_LOC, y0) - mstore(RECURSIVE_P2_X_LOC, x1) - mstore(RECURSIVE_P2_Y_LOC, y1) - - // validate these are valid bn128 G1 points - if iszero(and(and(lt(x0, q), lt(x1, q)), and(lt(y0, q), lt(y1, q)))) { - mstore(0x00, PUBLIC_INPUT_INVALID_BN128_G1_POINT_SELECTOR) - revert(0x00, 0x04) - } - } - } - - { - /** - * Generate initial challenge - */ - mstore(0x00, shl(224, mload(N_LOC))) - mstore(0x04, shl(224, mload(NUM_INPUTS_LOC))) - let challenge := keccak256(0x00, 0x08) - - /** - * Generate eta challenge - */ - mstore(PUBLIC_INPUTS_HASH_LOCATION, challenge) - // The public input location is stored at 0x24, we then add 0x24 to skip selector and the length of public inputs - let public_inputs_start := add(calldataload(0x24), 0x24) - // copy the public inputs over - let public_input_size := mul(mload(NUM_INPUTS_LOC), 0x20) - calldatacopy(add(PUBLIC_INPUTS_HASH_LOCATION, 0x20), public_inputs_start, public_input_size) - - // copy W1, W2, W3 into challenge. Each point is 0x40 bytes, so load 0xc0 = 3 * 0x40 bytes (ETA input length) - let w_start := add(calldataload(0x04), 0x24) - calldatacopy(add(add(PUBLIC_INPUTS_HASH_LOCATION, 0x20), public_input_size), w_start, ETA_INPUT_LENGTH) - - // Challenge is the old challenge + public inputs + W1, W2, W3 (0x20 + public_input_size + 0xc0) - let challenge_bytes_size := add(0x20, add(public_input_size, ETA_INPUT_LENGTH)) - - challenge := keccak256(PUBLIC_INPUTS_HASH_LOCATION, challenge_bytes_size) - { - let eta := mod(challenge, p) - mstore(C_ETA_LOC, eta) - mstore(C_ETA_SQR_LOC, mulmod(eta, eta, p)) - mstore(C_ETA_CUBE_LOC, mulmod(mload(C_ETA_SQR_LOC), eta, p)) - } - - /** - * Generate beta challenge - */ - mstore(0x00, challenge) - mstore(0x20, mload(W4_Y_LOC)) - mstore(0x40, mload(W4_X_LOC)) - mstore(0x60, mload(S_Y_LOC)) - mstore(0x80, mload(S_X_LOC)) - challenge := keccak256(0x00, 0xa0) - mstore(C_BETA_LOC, mod(challenge, p)) - - /** - * Generate gamma challenge - */ - mstore(0x00, challenge) - mstore8(0x20, 0x01) - challenge := keccak256(0x00, 0x21) - mstore(C_GAMMA_LOC, mod(challenge, p)) - - /** - * Generate alpha challenge - */ - mstore(0x00, challenge) - mstore(0x20, mload(Z_Y_LOC)) - mstore(0x40, mload(Z_X_LOC)) - mstore(0x60, mload(Z_LOOKUP_Y_LOC)) - mstore(0x80, mload(Z_LOOKUP_X_LOC)) - challenge := keccak256(0x00, 0xa0) - mstore(C_ALPHA_LOC, mod(challenge, p)) - - /** - * Compute and store some powers of alpha for future computations - */ - let alpha := mload(C_ALPHA_LOC) - mstore(C_ALPHA_SQR_LOC, mulmod(alpha, alpha, p)) - mstore(C_ALPHA_CUBE_LOC, mulmod(mload(C_ALPHA_SQR_LOC), alpha, p)) - mstore(C_ALPHA_QUAD_LOC, mulmod(mload(C_ALPHA_CUBE_LOC), alpha, p)) - mstore(C_ALPHA_BASE_LOC, alpha) - - /** - * Generate zeta challenge - */ - mstore(0x00, challenge) - mstore(0x20, mload(T1_Y_LOC)) - mstore(0x40, mload(T1_X_LOC)) - mstore(0x60, mload(T2_Y_LOC)) - mstore(0x80, mload(T2_X_LOC)) - mstore(0xa0, mload(T3_Y_LOC)) - mstore(0xc0, mload(T3_X_LOC)) - mstore(0xe0, mload(T4_Y_LOC)) - mstore(0x100, mload(T4_X_LOC)) - - challenge := keccak256(0x00, 0x120) - - mstore(C_ZETA_LOC, mod(challenge, p)) - mstore(C_CURRENT_LOC, challenge) - } - - /** - * EVALUATE FIELD OPERATIONS - */ - - /** - * COMPUTE PUBLIC INPUT DELTA - * ΔPI = ∏ᵢ∈ℓ(wᵢ + β σ(i) + γ) / ∏ᵢ∈ℓ(wᵢ + β σ'(i) + γ) - */ - { - let beta := mload(C_BETA_LOC) // β - let gamma := mload(C_GAMMA_LOC) // γ - let work_root := mload(OMEGA_LOC) // ω - let numerator_value := 1 - let denominator_value := 1 - - let p_clone := p // move p to the front of the stack - let valid_inputs := true - - // Load the starting point of the public inputs (jump over the selector and the length of public inputs [0x24]) - let public_inputs_ptr := add(calldataload(0x24), 0x24) - - // endpoint_ptr = public_inputs_ptr + num_inputs * 0x20. // every public input is 0x20 bytes - let endpoint_ptr := add(public_inputs_ptr, mul(mload(NUM_INPUTS_LOC), 0x20)) - - // root_1 = β * 0x05 - let root_1 := mulmod(beta, 0x05, p_clone) // k1.β - // root_2 = β * 0x0c - let root_2 := mulmod(beta, 0x0c, p_clone) - // @note 0x05 + 0x07 == 0x0c == external coset generator - - for {} lt(public_inputs_ptr, endpoint_ptr) { public_inputs_ptr := add(public_inputs_ptr, 0x20) } { - /** - * input = public_input[i] - * valid_inputs &= input < p - * temp = input + gamma - * numerator_value *= (β.σ(i) + wᵢ + γ) // σ(i) = 0x05.ωⁱ - * denominator_value *= (β.σ'(i) + wᵢ + γ) // σ'(i) = 0x0c.ωⁱ - * root_1 *= ω - * root_2 *= ω - */ - - let input := calldataload(public_inputs_ptr) - valid_inputs := and(valid_inputs, lt(input, p_clone)) - let temp := addmod(input, gamma, p_clone) - - numerator_value := mulmod(numerator_value, add(root_1, temp), p_clone) - denominator_value := mulmod(denominator_value, add(root_2, temp), p_clone) - - root_1 := mulmod(root_1, work_root, p_clone) - root_2 := mulmod(root_2, work_root, p_clone) - } - - // Revert if not all public inputs are field elements (i.e. < p) - if iszero(valid_inputs) { - mstore(0x00, PUBLIC_INPUT_GE_P_SELECTOR) - revert(0x00, 0x04) - } - - mstore(DELTA_NUMERATOR_LOC, numerator_value) - mstore(DELTA_DENOMINATOR_LOC, denominator_value) - } - - /** - * Compute Plookup delta factor [γ(1 + β)]^{n-k} - * k = num roots cut out of Z_H = 4 - */ - { - let delta_base := mulmod(mload(C_GAMMA_LOC), addmod(mload(C_BETA_LOC), 1, p), p) - let delta_numerator := delta_base - { - let exponent := mload(N_LOC) - let count := 1 - for {} lt(count, exponent) { count := add(count, count) } { - delta_numerator := mulmod(delta_numerator, delta_numerator, p) - } - } - mstore(PLOOKUP_DELTA_NUMERATOR_LOC, delta_numerator) - - let delta_denominator := mulmod(delta_base, delta_base, p) - delta_denominator := mulmod(delta_denominator, delta_denominator, p) - mstore(PLOOKUP_DELTA_DENOMINATOR_LOC, delta_denominator) - } - /** - * Compute lagrange poly and vanishing poly fractions - */ - { - /** - * vanishing_numerator = zeta - * ZETA_POW_N = zeta^n - * vanishing_numerator -= 1 - * accumulating_root = omega_inverse - * work_root = p - accumulating_root - * domain_inverse = domain_inverse - * vanishing_denominator = zeta + work_root - * work_root *= accumulating_root - * vanishing_denominator *= (zeta + work_root) - * work_root *= accumulating_root - * vanishing_denominator *= (zeta + work_root) - * vanishing_denominator *= (zeta + (zeta + accumulating_root)) - * work_root = omega - * lagrange_numerator = vanishing_numerator * domain_inverse - * l_start_denominator = zeta - 1 - * accumulating_root = work_root^2 - * l_end_denominator = accumulating_root^2 * work_root * zeta - 1 - * Note: l_end_denominator term contains a term \omega^5 to cut out 5 roots of unity from vanishing poly - */ - - let zeta := mload(C_ZETA_LOC) - - // compute zeta^n, where n is a power of 2 - let vanishing_numerator := zeta - { - // pow_small - let exponent := mload(N_LOC) - let count := 1 - for {} lt(count, exponent) { count := add(count, count) } { - vanishing_numerator := mulmod(vanishing_numerator, vanishing_numerator, p) - } - } - mstore(ZETA_POW_N_LOC, vanishing_numerator) - vanishing_numerator := addmod(vanishing_numerator, sub(p, 1), p) - - let accumulating_root := mload(OMEGA_INVERSE_LOC) - let work_root := sub(p, accumulating_root) - let domain_inverse := mload(DOMAIN_INVERSE_LOC) - - let vanishing_denominator := addmod(zeta, work_root, p) - work_root := mulmod(work_root, accumulating_root, p) - vanishing_denominator := mulmod(vanishing_denominator, addmod(zeta, work_root, p), p) - work_root := mulmod(work_root, accumulating_root, p) - vanishing_denominator := mulmod(vanishing_denominator, addmod(zeta, work_root, p), p) - vanishing_denominator := - mulmod(vanishing_denominator, addmod(zeta, mulmod(work_root, accumulating_root, p), p), p) - - work_root := mload(OMEGA_LOC) - - let lagrange_numerator := mulmod(vanishing_numerator, domain_inverse, p) - let l_start_denominator := addmod(zeta, sub(p, 1), p) - - accumulating_root := mulmod(work_root, work_root, p) - - let l_end_denominator := - addmod( - mulmod(mulmod(mulmod(accumulating_root, accumulating_root, p), work_root, p), zeta, p), sub(p, 1), p - ) - - /** - * Compute inversions using Montgomery's batch inversion trick - */ - let accumulator := mload(DELTA_DENOMINATOR_LOC) - let t0 := accumulator - accumulator := mulmod(accumulator, vanishing_denominator, p) - let t1 := accumulator - accumulator := mulmod(accumulator, vanishing_numerator, p) - let t2 := accumulator - accumulator := mulmod(accumulator, l_start_denominator, p) - let t3 := accumulator - accumulator := mulmod(accumulator, mload(PLOOKUP_DELTA_DENOMINATOR_LOC), p) - let t4 := accumulator - { - mstore(0, 0x20) - mstore(0x20, 0x20) - mstore(0x40, 0x20) - mstore(0x60, mulmod(accumulator, l_end_denominator, p)) - mstore(0x80, sub(p, 2)) - mstore(0xa0, p) - if iszero(staticcall(gas(), 0x05, 0x00, 0xc0, 0x00, 0x20)) { - mstore(0x0, MOD_EXP_FAILURE_SELECTOR) - revert(0x00, 0x04) - } - accumulator := mload(0x00) - } - - t4 := mulmod(accumulator, t4, p) - accumulator := mulmod(accumulator, l_end_denominator, p) - - t3 := mulmod(accumulator, t3, p) - accumulator := mulmod(accumulator, mload(PLOOKUP_DELTA_DENOMINATOR_LOC), p) - - t2 := mulmod(accumulator, t2, p) - accumulator := mulmod(accumulator, l_start_denominator, p) - - t1 := mulmod(accumulator, t1, p) - accumulator := mulmod(accumulator, vanishing_numerator, p) - - t0 := mulmod(accumulator, t0, p) - accumulator := mulmod(accumulator, vanishing_denominator, p) - - accumulator := mulmod(mulmod(accumulator, accumulator, p), mload(DELTA_DENOMINATOR_LOC), p) - - mstore(PUBLIC_INPUT_DELTA_LOC, mulmod(mload(DELTA_NUMERATOR_LOC), accumulator, p)) - mstore(ZERO_POLY_LOC, mulmod(vanishing_numerator, t0, p)) - mstore(ZERO_POLY_INVERSE_LOC, mulmod(vanishing_denominator, t1, p)) - mstore(L_START_LOC, mulmod(lagrange_numerator, t2, p)) - mstore(PLOOKUP_DELTA_LOC, mulmod(mload(PLOOKUP_DELTA_NUMERATOR_LOC), t3, p)) - mstore(L_END_LOC, mulmod(lagrange_numerator, t4, p)) - } - - /** - * UltraPlonk Widget Ordering: - * - * 1. Permutation widget - * 2. Plookup widget - * 3. Arithmetic widget - * 4. Fixed base widget (?) - * 5. GenPermSort widget - * 6. Elliptic widget - * 7. Auxiliary widget - */ - - /** - * COMPUTE PERMUTATION WIDGET EVALUATION - */ - { - let alpha := mload(C_ALPHA_LOC) - let beta := mload(C_BETA_LOC) - let gamma := mload(C_GAMMA_LOC) - - /** - * t1 = (W1 + gamma + beta * ID1) * (W2 + gamma + beta * ID2) - * t2 = (W3 + gamma + beta * ID3) * (W4 + gamma + beta * ID4) - * result = alpha_base * z_eval * t1 * t2 - * t1 = (W1 + gamma + beta * sigma_1_eval) * (W2 + gamma + beta * sigma_2_eval) - * t2 = (W2 + gamma + beta * sigma_3_eval) * (W3 + gamma + beta * sigma_4_eval) - * result -= (alpha_base * z_omega_eval * t1 * t2) - */ - let t1 := - mulmod( - add(add(mload(W1_EVAL_LOC), gamma), mulmod(beta, mload(ID1_EVAL_LOC), p)), - add(add(mload(W2_EVAL_LOC), gamma), mulmod(beta, mload(ID2_EVAL_LOC), p)), - p - ) - let t2 := - mulmod( - add(add(mload(W3_EVAL_LOC), gamma), mulmod(beta, mload(ID3_EVAL_LOC), p)), - add(add(mload(W4_EVAL_LOC), gamma), mulmod(beta, mload(ID4_EVAL_LOC), p)), - p - ) - let result := mulmod(mload(C_ALPHA_BASE_LOC), mulmod(mload(Z_EVAL_LOC), mulmod(t1, t2, p), p), p) - t1 := - mulmod( - add(add(mload(W1_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA1_EVAL_LOC), p)), - add(add(mload(W2_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA2_EVAL_LOC), p)), - p - ) - t2 := - mulmod( - add(add(mload(W3_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA3_EVAL_LOC), p)), - add(add(mload(W4_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA4_EVAL_LOC), p)), - p - ) - result := - addmod( - result, - sub(p, mulmod(mload(C_ALPHA_BASE_LOC), mulmod(mload(Z_OMEGA_EVAL_LOC), mulmod(t1, t2, p), p), p)), - p - ) - - /** - * alpha_base *= alpha - * result += alpha_base . (L_{n-k}(ʓ) . (z(ʓ.ω) - ∆_{PI})) - * alpha_base *= alpha - * result += alpha_base . (L_1(ʓ)(Z(ʓ) - 1)) - * alpha_Base *= alpha - */ - mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p)) - result := - addmod( - result, - mulmod( - mload(C_ALPHA_BASE_LOC), - mulmod( - mload(L_END_LOC), - addmod(mload(Z_OMEGA_EVAL_LOC), sub(p, mload(PUBLIC_INPUT_DELTA_LOC)), p), - p - ), - p - ), - p - ) - mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p)) - mstore( - PERMUTATION_IDENTITY, - addmod( - result, - mulmod( - mload(C_ALPHA_BASE_LOC), - mulmod(mload(L_START_LOC), addmod(mload(Z_EVAL_LOC), sub(p, 1), p), p), - p - ), - p - ) - ) - mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p)) - } - - /** - * COMPUTE PLOOKUP WIDGET EVALUATION - */ - { - /** - * Goal: f = (w1(z) + q2.w1(zω)) + η(w2(z) + qm.w2(zω)) + η²(w3(z) + qc.w_3(zω)) + q3(z).η³ - * f = η.q3(z) - * f += (w3(z) + qc.w_3(zω)) - * f *= η - * f += (w2(z) + qm.w2(zω)) - * f *= η - * f += (w1(z) + q2.w1(zω)) - */ - let f := mulmod(mload(C_ETA_LOC), mload(Q3_EVAL_LOC), p) - f := - addmod(f, addmod(mload(W3_EVAL_LOC), mulmod(mload(QC_EVAL_LOC), mload(W3_OMEGA_EVAL_LOC), p), p), p) - f := mulmod(f, mload(C_ETA_LOC), p) - f := - addmod(f, addmod(mload(W2_EVAL_LOC), mulmod(mload(QM_EVAL_LOC), mload(W2_OMEGA_EVAL_LOC), p), p), p) - f := mulmod(f, mload(C_ETA_LOC), p) - f := - addmod(f, addmod(mload(W1_EVAL_LOC), mulmod(mload(Q2_EVAL_LOC), mload(W1_OMEGA_EVAL_LOC), p), p), p) - - // t(z) = table4(z).η³ + table3(z).η² + table2(z).η + table1(z) - let t := - addmod( - addmod( - addmod( - mulmod(mload(TABLE4_EVAL_LOC), mload(C_ETA_CUBE_LOC), p), - mulmod(mload(TABLE3_EVAL_LOC), mload(C_ETA_SQR_LOC), p), - p - ), - mulmod(mload(TABLE2_EVAL_LOC), mload(C_ETA_LOC), p), - p - ), - mload(TABLE1_EVAL_LOC), - p - ) - - // t(zw) = table4(zw).η³ + table3(zw).η² + table2(zw).η + table1(zw) - let t_omega := - addmod( - addmod( - addmod( - mulmod(mload(TABLE4_OMEGA_EVAL_LOC), mload(C_ETA_CUBE_LOC), p), - mulmod(mload(TABLE3_OMEGA_EVAL_LOC), mload(C_ETA_SQR_LOC), p), - p - ), - mulmod(mload(TABLE2_OMEGA_EVAL_LOC), mload(C_ETA_LOC), p), - p - ), - mload(TABLE1_OMEGA_EVAL_LOC), - p - ) - - /** - * Goal: numerator = (TABLE_TYPE_EVAL * f(z) + γ) * (t(z) + βt(zω) + γ(β + 1)) * (β + 1) - * gamma_beta_constant = γ(β + 1) - * numerator = f * TABLE_TYPE_EVAL + gamma - * temp0 = t(z) + t(zω) * β + gamma_beta_constant - * numerator *= temp0 - * numerator *= (β + 1) - * temp0 = alpha * l_1 - * numerator += temp0 - * numerator *= z_lookup(z) - * numerator -= temp0 - */ - let gamma_beta_constant := mulmod(mload(C_GAMMA_LOC), addmod(mload(C_BETA_LOC), 1, p), p) - let numerator := addmod(mulmod(f, mload(TABLE_TYPE_EVAL_LOC), p), mload(C_GAMMA_LOC), p) - let temp0 := addmod(addmod(t, mulmod(t_omega, mload(C_BETA_LOC), p), p), gamma_beta_constant, p) - numerator := mulmod(numerator, temp0, p) - numerator := mulmod(numerator, addmod(mload(C_BETA_LOC), 1, p), p) - temp0 := mulmod(mload(C_ALPHA_LOC), mload(L_START_LOC), p) - numerator := addmod(numerator, temp0, p) - numerator := mulmod(numerator, mload(Z_LOOKUP_EVAL_LOC), p) - numerator := addmod(numerator, sub(p, temp0), p) - - /** - * Goal: denominator = z_lookup(zω)*[s(z) + βs(zω) + γ(1 + β)] - [z_lookup(zω) - [γ(1 + β)]^{n-k}]*α²L_end(z) - * note: delta_factor = [γ(1 + β)]^{n-k} - * denominator = s(z) + βs(zω) + γ(β + 1) - * temp1 = α²L_end(z) - * denominator -= temp1 - * denominator *= z_lookup(zω) - * denominator += temp1 * delta_factor - * PLOOKUP_IDENTITY = (numerator - denominator).alpha_base - * alpha_base *= alpha^3 - */ - let denominator := - addmod( - addmod(mload(S_EVAL_LOC), mulmod(mload(S_OMEGA_EVAL_LOC), mload(C_BETA_LOC), p), p), - gamma_beta_constant, - p - ) - let temp1 := mulmod(mload(C_ALPHA_SQR_LOC), mload(L_END_LOC), p) - denominator := addmod(denominator, sub(p, temp1), p) - denominator := mulmod(denominator, mload(Z_LOOKUP_OMEGA_EVAL_LOC), p) - denominator := addmod(denominator, mulmod(temp1, mload(PLOOKUP_DELTA_LOC), p), p) - - mstore(PLOOKUP_IDENTITY, mulmod(addmod(numerator, sub(p, denominator), p), mload(C_ALPHA_BASE_LOC), p)) - - // update alpha - mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_CUBE_LOC), p)) - } - - /** - * COMPUTE ARITHMETIC WIDGET EVALUATION - */ - { - /** - * The basic arithmetic gate identity in standard plonk is as follows. - * (w_1 . w_2 . q_m) + (w_1 . q_1) + (w_2 . q_2) + (w_3 . q_3) + (w_4 . q_4) + q_c = 0 - * However, for Ultraplonk, we extend this to support "passing" wires between rows (shown without alpha scaling below): - * q_arith * ( ( (-1/2) * (q_arith - 3) * q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c ) + - * (q_arith - 1)*( α * (q_arith - 2) * (w_1 + w_4 - w_1_omega + q_m) + w_4_omega) ) = 0 - * - * This formula results in several cases depending on q_arith: - * 1. q_arith == 0: Arithmetic gate is completely disabled - * - * 2. q_arith == 1: Everything in the minigate on the right is disabled. The equation is just a standard plonk equation - * with extra wires: q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c = 0 - * - * 3. q_arith == 2: The (w_1 + w_4 - ...) term is disabled. THe equation is: - * (1/2) * q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + w_4_omega = 0 - * It allows defining w_4 at next index (w_4_omega) in terms of current wire values - * - * 4. q_arith == 3: The product of w_1 and w_2 is disabled, but a mini addition gate is enabled. α allows us to split - * the equation into two: - * - * q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + 2 * w_4_omega = 0 - * and - * w_1 + w_4 - w_1_omega + q_m = 0 (we are reusing q_m here) - * - * 5. q_arith > 3: The product of w_1 and w_2 is scaled by (q_arith - 3), while the w_4_omega term is scaled by (q_arith - 1). - * The equation can be split into two: - * - * (q_arith - 3)* q_m * w_1 * w_ 2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + (q_arith - 1) * w_4_omega = 0 - * and - * w_1 + w_4 - w_1_omega + q_m = 0 - * - * The problem that q_m is used both in both equations can be dealt with by appropriately changing selector values at - * the next gate. Then we can treat (q_arith - 1) as a simulated q_6 selector and scale q_m to handle (q_arith - 3) at - * product. - */ - - let w1q1 := mulmod(mload(W1_EVAL_LOC), mload(Q1_EVAL_LOC), p) - let w2q2 := mulmod(mload(W2_EVAL_LOC), mload(Q2_EVAL_LOC), p) - let w3q3 := mulmod(mload(W3_EVAL_LOC), mload(Q3_EVAL_LOC), p) - let w4q3 := mulmod(mload(W4_EVAL_LOC), mload(Q4_EVAL_LOC), p) - - // @todo - Add a explicit test that hits QARITH == 3 - // w1w2qm := (w_1 . w_2 . q_m . (QARITH_EVAL_LOC - 3)) / 2 - let w1w2qm := - mulmod( - mulmod( - mulmod(mulmod(mload(W1_EVAL_LOC), mload(W2_EVAL_LOC), p), mload(QM_EVAL_LOC), p), - addmod(mload(QARITH_EVAL_LOC), sub(p, 3), p), - p - ), - NEGATIVE_INVERSE_OF_2_MODULO_P, - p - ) - - // (w_1 . w_2 . q_m . (q_arith - 3)) / -2) + (w_1 . q_1) + (w_2 . q_2) + (w_3 . q_3) + (w_4 . q_4) + q_c - let identity := - addmod( - mload(QC_EVAL_LOC), addmod(w4q3, addmod(w3q3, addmod(w2q2, addmod(w1q1, w1w2qm, p), p), p), p), p - ) - - // if q_arith == 3 we evaluate an additional mini addition gate (on top of the regular one), where: - // w_1 + w_4 - w_1_omega + q_m = 0 - // we use this gate to save an addition gate when adding or subtracting non-native field elements - // α * (q_arith - 2) * (w_1 + w_4 - w_1_omega + q_m) - let extra_small_addition_gate_identity := - mulmod( - mload(C_ALPHA_LOC), - mulmod( - addmod(mload(QARITH_EVAL_LOC), sub(p, 2), p), - addmod( - mload(QM_EVAL_LOC), - addmod( - sub(p, mload(W1_OMEGA_EVAL_LOC)), addmod(mload(W1_EVAL_LOC), mload(W4_EVAL_LOC), p), p - ), - p - ), - p - ), - p - ) - - // if q_arith == 2 OR q_arith == 3 we add the 4th wire of the NEXT gate into the arithmetic identity - // N.B. if q_arith > 2, this wire value will be scaled by (q_arith - 1) relative to the other gate wires! - // alpha_base * q_arith * (identity + (q_arith - 1) * (w_4_omega + extra_small_addition_gate_identity)) - mstore( - ARITHMETIC_IDENTITY, - mulmod( - mload(C_ALPHA_BASE_LOC), - mulmod( - mload(QARITH_EVAL_LOC), - addmod( - identity, - mulmod( - addmod(mload(QARITH_EVAL_LOC), sub(p, 1), p), - addmod(mload(W4_OMEGA_EVAL_LOC), extra_small_addition_gate_identity, p), - p - ), - p - ), - p - ), - p - ) - ) - - // update alpha - mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_SQR_LOC), p)) - } - - /** - * COMPUTE GENPERMSORT WIDGET EVALUATION - */ - { - /** - * D1 = (w2 - w1) - * D2 = (w3 - w2) - * D3 = (w4 - w3) - * D4 = (w1_omega - w4) - * - * α_a = alpha_base - * α_b = alpha_base * α - * α_c = alpha_base * α^2 - * α_d = alpha_base * α^3 - * - * range_accumulator = ( - * D1(D1 - 1)(D1 - 2)(D1 - 3).α_a + - * D2(D2 - 1)(D2 - 2)(D2 - 3).α_b + - * D3(D3 - 1)(D3 - 2)(D3 - 3).α_c + - * D4(D4 - 1)(D4 - 2)(D4 - 3).α_d + - * ) . q_sort - */ - let minus_two := sub(p, 2) - let minus_three := sub(p, 3) - let d1 := addmod(mload(W2_EVAL_LOC), sub(p, mload(W1_EVAL_LOC)), p) - let d2 := addmod(mload(W3_EVAL_LOC), sub(p, mload(W2_EVAL_LOC)), p) - let d3 := addmod(mload(W4_EVAL_LOC), sub(p, mload(W3_EVAL_LOC)), p) - let d4 := addmod(mload(W1_OMEGA_EVAL_LOC), sub(p, mload(W4_EVAL_LOC)), p) - - let range_accumulator := - mulmod( - mulmod( - mulmod(addmod(mulmod(d1, d1, p), sub(p, d1), p), addmod(d1, minus_two, p), p), - addmod(d1, minus_three, p), - p - ), - mload(C_ALPHA_BASE_LOC), - p - ) - range_accumulator := - addmod( - range_accumulator, - mulmod( - mulmod( - mulmod(addmod(mulmod(d2, d2, p), sub(p, d2), p), addmod(d2, minus_two, p), p), - addmod(d2, minus_three, p), - p - ), - mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p), - p - ), - p - ) - range_accumulator := - addmod( - range_accumulator, - mulmod( - mulmod( - mulmod(addmod(mulmod(d3, d3, p), sub(p, d3), p), addmod(d3, minus_two, p), p), - addmod(d3, minus_three, p), - p - ), - mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_SQR_LOC), p), - p - ), - p - ) - range_accumulator := - addmod( - range_accumulator, - mulmod( - mulmod( - mulmod(addmod(mulmod(d4, d4, p), sub(p, d4), p), addmod(d4, minus_two, p), p), - addmod(d4, minus_three, p), - p - ), - mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_CUBE_LOC), p), - p - ), - p - ) - range_accumulator := mulmod(range_accumulator, mload(QSORT_EVAL_LOC), p) - - mstore(SORT_IDENTITY, range_accumulator) - - // update alpha - mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_QUAD_LOC), p)) - } - - /** - * COMPUTE ELLIPTIC WIDGET EVALUATION - */ - { - /** - * endo_term = (-x_2) * x_1 * (x_3 * 2 + x_1) * q_beta - * endo_sqr_term = x_2^2 - * endo_sqr_term *= (x_3 - x_1) - * endo_sqr_term *= q_beta^2 - * leftovers = x_2^2 - * leftovers *= x_2 - * leftovers += x_1^2 * (x_3 + x_1) @follow-up Invalid comment in BB widget - * leftovers -= (y_2^2 + y_1^2) - * sign_term = y_2 * y_1 - * sign_term += sign_term - * sign_term *= q_sign - */ - // q_elliptic * (x3 + x2 + x1)(x2 - x1)(x2 - x1) - y2^2 - y1^2 + 2(y2y1)*q_sign = 0 - let x_diff := addmod(mload(X2_EVAL_LOC), sub(p, mload(X1_EVAL_LOC)), p) - let y2_sqr := mulmod(mload(Y2_EVAL_LOC), mload(Y2_EVAL_LOC), p) - let y1_sqr := mulmod(mload(Y1_EVAL_LOC), mload(Y1_EVAL_LOC), p) - let y1y2 := mulmod(mulmod(mload(Y1_EVAL_LOC), mload(Y2_EVAL_LOC), p), mload(QSIGN_LOC), p) - - let x_add_identity := - addmod( - mulmod( - addmod(mload(X3_EVAL_LOC), addmod(mload(X2_EVAL_LOC), mload(X1_EVAL_LOC), p), p), - mulmod(x_diff, x_diff, p), - p - ), - addmod( - sub( - p, - addmod(y2_sqr, y1_sqr, p) - ), - addmod(y1y2, y1y2, p), - p - ), - p - ) - x_add_identity := - mulmod( - mulmod( - x_add_identity, - addmod( - 1, - sub(p, mload(QM_EVAL_LOC)), - p - ), - p - ), - mload(C_ALPHA_BASE_LOC), - p - ) - - // q_elliptic * (x3 + x2 + x1)(x2 - x1)(x2 - x1) - y2^2 - y1^2 + 2(y2y1)*q_sign = 0 - let y1_plus_y3 := addmod( - mload(Y1_EVAL_LOC), - mload(Y3_EVAL_LOC), - p - ) - let y_diff := addmod(mulmod(mload(Y2_EVAL_LOC), mload(QSIGN_LOC), p), sub(p, mload(Y1_EVAL_LOC)), p) - let y_add_identity := - addmod( - mulmod(y1_plus_y3, x_diff, p), - mulmod(addmod(mload(X3_EVAL_LOC), sub(p, mload(X1_EVAL_LOC)), p), y_diff, p), - p - ) - y_add_identity := - mulmod( - mulmod(y_add_identity, addmod(1, sub(p, mload(QM_EVAL_LOC)), p), p), - mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p), - p - ) - - // ELLIPTIC_IDENTITY = (x_identity + y_identity) * Q_ELLIPTIC_EVAL - mstore( - ELLIPTIC_IDENTITY, mulmod(addmod(x_add_identity, y_add_identity, p), mload(QELLIPTIC_EVAL_LOC), p) - ) - } - { - /** - * x_pow_4 = (y_1_sqr - curve_b) * x_1; - * y_1_sqr_mul_4 = y_1_sqr + y_1_sqr; - * y_1_sqr_mul_4 += y_1_sqr_mul_4; - * x_1_pow_4_mul_9 = x_pow_4; - * x_1_pow_4_mul_9 += x_1_pow_4_mul_9; - * x_1_pow_4_mul_9 += x_1_pow_4_mul_9; - * x_1_pow_4_mul_9 += x_1_pow_4_mul_9; - * x_1_pow_4_mul_9 += x_pow_4; - * x_1_sqr_mul_3 = x_1_sqr + x_1_sqr + x_1_sqr; - * x_double_identity = (x_3 + x_1 + x_1) * y_1_sqr_mul_4 - x_1_pow_4_mul_9; - * y_double_identity = x_1_sqr_mul_3 * (x_1 - x_3) - (y_1 + y_1) * (y_1 + y_3); - */ - // (x3 + x1 + x1) (4y1*y1) - 9 * x1 * x1 * x1 * x1 = 0 - let x1_sqr := mulmod(mload(X1_EVAL_LOC), mload(X1_EVAL_LOC), p) - let y1_sqr := mulmod(mload(Y1_EVAL_LOC), mload(Y1_EVAL_LOC), p) - let x_pow_4 := mulmod(addmod(y1_sqr, GRUMPKIN_CURVE_B_PARAMETER_NEGATED, p), mload(X1_EVAL_LOC), p) - let y1_sqr_mul_4 := mulmod(y1_sqr, 4, p) - let x1_pow_4_mul_9 := mulmod(x_pow_4, 9, p) - let x1_sqr_mul_3 := mulmod(x1_sqr, 3, p) - let x_double_identity := - addmod( - mulmod( - addmod(mload(X3_EVAL_LOC), addmod(mload(X1_EVAL_LOC), mload(X1_EVAL_LOC), p), p), - y1_sqr_mul_4, - p - ), - sub(p, x1_pow_4_mul_9), - p - ) - // (y1 + y1) (2y1) - (3 * x1 * x1)(x1 - x3) = 0 - let y_double_identity := - addmod( - mulmod(x1_sqr_mul_3, addmod(mload(X1_EVAL_LOC), sub(p, mload(X3_EVAL_LOC)), p), p), - sub( - p, - mulmod( - addmod(mload(Y1_EVAL_LOC), mload(Y1_EVAL_LOC), p), - addmod(mload(Y1_EVAL_LOC), mload(Y3_EVAL_LOC), p), - p - ) - ), - p - ) - x_double_identity := mulmod(x_double_identity, mload(C_ALPHA_BASE_LOC), p) - y_double_identity := - mulmod(y_double_identity, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p), p) - x_double_identity := mulmod(x_double_identity, mload(QM_EVAL_LOC), p) - y_double_identity := mulmod(y_double_identity, mload(QM_EVAL_LOC), p) - // ELLIPTIC_IDENTITY += (x_double_identity + y_double_identity) * Q_DOUBLE_EVAL - mstore( - ELLIPTIC_IDENTITY, - addmod( - mload(ELLIPTIC_IDENTITY), - mulmod(addmod(x_double_identity, y_double_identity, p), mload(QELLIPTIC_EVAL_LOC), p), - p - ) - ) - - // update alpha - mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_QUAD_LOC), p)) - } - - /** - * COMPUTE AUXILIARY WIDGET EVALUATION - */ - { - { - /** - * Non native field arithmetic gate 2 - * _ _ - * / _ _ _ 14 \ - * q_2 . q_4 | (w_1 . w_2) + (w_1 . w_2) + (w_1 . w_4 + w_2 . w_3 - w_3) . 2 - w_3 - w_4 | - * \_ _/ - * - * limb_subproduct = w_1 . w_2_omega + w_1_omega . w_2 - * non_native_field_gate_2 = w_1 * w_4 + w_4 * w_3 - w_3_omega - * non_native_field_gate_2 = non_native_field_gate_2 * limb_size - * non_native_field_gate_2 -= w_4_omega - * non_native_field_gate_2 += limb_subproduct - * non_native_field_gate_2 *= q_4 - * limb_subproduct *= limb_size - * limb_subproduct += w_1_omega * w_2_omega - * non_native_field_gate_1 = (limb_subproduct + w_3 + w_4) * q_3 - * non_native_field_gate_3 = (limb_subproduct + w_4 - (w_3_omega + w_4_omega)) * q_m - * non_native_field_identity = (non_native_field_gate_1 + non_native_field_gate_2 + non_native_field_gate_3) * q_2 - */ - - let limb_subproduct := - addmod( - mulmod(mload(W1_EVAL_LOC), mload(W2_OMEGA_EVAL_LOC), p), - mulmod(mload(W1_OMEGA_EVAL_LOC), mload(W2_EVAL_LOC), p), - p - ) - - let non_native_field_gate_2 := - addmod( - addmod( - mulmod(mload(W1_EVAL_LOC), mload(W4_EVAL_LOC), p), - mulmod(mload(W2_EVAL_LOC), mload(W3_EVAL_LOC), p), - p - ), - sub(p, mload(W3_OMEGA_EVAL_LOC)), - p - ) - non_native_field_gate_2 := mulmod(non_native_field_gate_2, LIMB_SIZE, p) - non_native_field_gate_2 := addmod(non_native_field_gate_2, sub(p, mload(W4_OMEGA_EVAL_LOC)), p) - non_native_field_gate_2 := addmod(non_native_field_gate_2, limb_subproduct, p) - non_native_field_gate_2 := mulmod(non_native_field_gate_2, mload(Q4_EVAL_LOC), p) - limb_subproduct := mulmod(limb_subproduct, LIMB_SIZE, p) - limb_subproduct := - addmod(limb_subproduct, mulmod(mload(W1_OMEGA_EVAL_LOC), mload(W2_OMEGA_EVAL_LOC), p), p) - let non_native_field_gate_1 := - mulmod( - addmod(limb_subproduct, sub(p, addmod(mload(W3_EVAL_LOC), mload(W4_EVAL_LOC), p)), p), - mload(Q3_EVAL_LOC), - p - ) - let non_native_field_gate_3 := - mulmod( - addmod( - addmod(limb_subproduct, mload(W4_EVAL_LOC), p), - sub(p, addmod(mload(W3_OMEGA_EVAL_LOC), mload(W4_OMEGA_EVAL_LOC), p)), - p - ), - mload(QM_EVAL_LOC), - p - ) - let non_native_field_identity := - mulmod( - addmod(addmod(non_native_field_gate_1, non_native_field_gate_2, p), non_native_field_gate_3, p), - mload(Q2_EVAL_LOC), - p - ) - - mstore(AUX_NON_NATIVE_FIELD_EVALUATION, non_native_field_identity) - } - - { - /** - * limb_accumulator_1 = w_2_omega; - * limb_accumulator_1 *= SUBLIMB_SHIFT; - * limb_accumulator_1 += w_1_omega; - * limb_accumulator_1 *= SUBLIMB_SHIFT; - * limb_accumulator_1 += w_3; - * limb_accumulator_1 *= SUBLIMB_SHIFT; - * limb_accumulator_1 += w_2; - * limb_accumulator_1 *= SUBLIMB_SHIFT; - * limb_accumulator_1 += w_1; - * limb_accumulator_1 -= w_4; - * limb_accumulator_1 *= q_4; - */ - let limb_accumulator_1 := mulmod(mload(W2_OMEGA_EVAL_LOC), SUBLIMB_SHIFT, p) - limb_accumulator_1 := addmod(limb_accumulator_1, mload(W1_OMEGA_EVAL_LOC), p) - limb_accumulator_1 := mulmod(limb_accumulator_1, SUBLIMB_SHIFT, p) - limb_accumulator_1 := addmod(limb_accumulator_1, mload(W3_EVAL_LOC), p) - limb_accumulator_1 := mulmod(limb_accumulator_1, SUBLIMB_SHIFT, p) - limb_accumulator_1 := addmod(limb_accumulator_1, mload(W2_EVAL_LOC), p) - limb_accumulator_1 := mulmod(limb_accumulator_1, SUBLIMB_SHIFT, p) - limb_accumulator_1 := addmod(limb_accumulator_1, mload(W1_EVAL_LOC), p) - limb_accumulator_1 := addmod(limb_accumulator_1, sub(p, mload(W4_EVAL_LOC)), p) - limb_accumulator_1 := mulmod(limb_accumulator_1, mload(Q4_EVAL_LOC), p) - - /** - * limb_accumulator_2 = w_3_omega; - * limb_accumulator_2 *= SUBLIMB_SHIFT; - * limb_accumulator_2 += w_2_omega; - * limb_accumulator_2 *= SUBLIMB_SHIFT; - * limb_accumulator_2 += w_1_omega; - * limb_accumulator_2 *= SUBLIMB_SHIFT; - * limb_accumulator_2 += w_4; - * limb_accumulator_2 *= SUBLIMB_SHIFT; - * limb_accumulator_2 += w_3; - * limb_accumulator_2 -= w_4_omega; - * limb_accumulator_2 *= q_m; - */ - let limb_accumulator_2 := mulmod(mload(W3_OMEGA_EVAL_LOC), SUBLIMB_SHIFT, p) - limb_accumulator_2 := addmod(limb_accumulator_2, mload(W2_OMEGA_EVAL_LOC), p) - limb_accumulator_2 := mulmod(limb_accumulator_2, SUBLIMB_SHIFT, p) - limb_accumulator_2 := addmod(limb_accumulator_2, mload(W1_OMEGA_EVAL_LOC), p) - limb_accumulator_2 := mulmod(limb_accumulator_2, SUBLIMB_SHIFT, p) - limb_accumulator_2 := addmod(limb_accumulator_2, mload(W4_EVAL_LOC), p) - limb_accumulator_2 := mulmod(limb_accumulator_2, SUBLIMB_SHIFT, p) - limb_accumulator_2 := addmod(limb_accumulator_2, mload(W3_EVAL_LOC), p) - limb_accumulator_2 := addmod(limb_accumulator_2, sub(p, mload(W4_OMEGA_EVAL_LOC)), p) - limb_accumulator_2 := mulmod(limb_accumulator_2, mload(QM_EVAL_LOC), p) - - mstore( - AUX_LIMB_ACCUMULATOR_EVALUATION, - mulmod(addmod(limb_accumulator_1, limb_accumulator_2, p), mload(Q3_EVAL_LOC), p) - ) - } - - { - /** - * memory_record_check = w_3; - * memory_record_check *= eta; - * memory_record_check += w_2; - * memory_record_check *= eta; - * memory_record_check += w_1; - * memory_record_check *= eta; - * memory_record_check += q_c; - * - * partial_record_check = memory_record_check; - * - * memory_record_check -= w_4; - */ - - let memory_record_check := mulmod(mload(W3_EVAL_LOC), mload(C_ETA_LOC), p) - memory_record_check := addmod(memory_record_check, mload(W2_EVAL_LOC), p) - memory_record_check := mulmod(memory_record_check, mload(C_ETA_LOC), p) - memory_record_check := addmod(memory_record_check, mload(W1_EVAL_LOC), p) - memory_record_check := mulmod(memory_record_check, mload(C_ETA_LOC), p) - memory_record_check := addmod(memory_record_check, mload(QC_EVAL_LOC), p) - - let partial_record_check := memory_record_check - memory_record_check := addmod(memory_record_check, sub(p, mload(W4_EVAL_LOC)), p) - - mstore(AUX_MEMORY_EVALUATION, memory_record_check) - - // index_delta = w_1_omega - w_1 - let index_delta := addmod(mload(W1_OMEGA_EVAL_LOC), sub(p, mload(W1_EVAL_LOC)), p) - // record_delta = w_4_omega - w_4 - let record_delta := addmod(mload(W4_OMEGA_EVAL_LOC), sub(p, mload(W4_EVAL_LOC)), p) - // index_is_monotonically_increasing = index_delta * (index_delta - 1) - let index_is_monotonically_increasing := mulmod(index_delta, addmod(index_delta, sub(p, 1), p), p) - - // adjacent_values_match_if_adjacent_indices_match = record_delta * (1 - index_delta) - let adjacent_values_match_if_adjacent_indices_match := - mulmod(record_delta, addmod(1, sub(p, index_delta), p), p) - - // AUX_ROM_CONSISTENCY_EVALUATION = ((adjacent_values_match_if_adjacent_indices_match * alpha) + index_is_monotonically_increasing) * alpha + partial_record_check - mstore( - AUX_ROM_CONSISTENCY_EVALUATION, - addmod( - mulmod( - addmod( - mulmod(adjacent_values_match_if_adjacent_indices_match, mload(C_ALPHA_LOC), p), - index_is_monotonically_increasing, - p - ), - mload(C_ALPHA_LOC), - p - ), - memory_record_check, - p - ) - ) - - { - /** - * next_gate_access_type = w_3_omega; - * next_gate_access_type *= eta; - * next_gate_access_type += w_2_omega; - * next_gate_access_type *= eta; - * next_gate_access_type += w_1_omega; - * next_gate_access_type *= eta; - * next_gate_access_type = w_4_omega - next_gate_access_type; - */ - let next_gate_access_type := mulmod(mload(W3_OMEGA_EVAL_LOC), mload(C_ETA_LOC), p) - next_gate_access_type := addmod(next_gate_access_type, mload(W2_OMEGA_EVAL_LOC), p) - next_gate_access_type := mulmod(next_gate_access_type, mload(C_ETA_LOC), p) - next_gate_access_type := addmod(next_gate_access_type, mload(W1_OMEGA_EVAL_LOC), p) - next_gate_access_type := mulmod(next_gate_access_type, mload(C_ETA_LOC), p) - next_gate_access_type := addmod(mload(W4_OMEGA_EVAL_LOC), sub(p, next_gate_access_type), p) - - // value_delta = w_3_omega - w_3 - let value_delta := addmod(mload(W3_OMEGA_EVAL_LOC), sub(p, mload(W3_EVAL_LOC)), p) - // adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation = (1 - index_delta) * value_delta * (1 - next_gate_access_type); - - let adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation := - mulmod( - addmod(1, sub(p, index_delta), p), - mulmod(value_delta, addmod(1, sub(p, next_gate_access_type), p), p), - p - ) - - // AUX_RAM_CONSISTENCY_EVALUATION - - /** - * access_type = w_4 - partial_record_check - * access_check = access_type^2 - access_type - * next_gate_access_type_is_boolean = next_gate_access_type^2 - next_gate_access_type - * RAM_consistency_check_identity = adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation; - * RAM_consistency_check_identity *= alpha; - * RAM_consistency_check_identity += index_is_monotonically_increasing; - * RAM_consistency_check_identity *= alpha; - * RAM_consistency_check_identity += next_gate_access_type_is_boolean; - * RAM_consistency_check_identity *= alpha; - * RAM_consistency_check_identity += access_check; - */ - - let access_type := addmod(mload(W4_EVAL_LOC), sub(p, partial_record_check), p) - let access_check := mulmod(access_type, addmod(access_type, sub(p, 1), p), p) - let next_gate_access_type_is_boolean := - mulmod(next_gate_access_type, addmod(next_gate_access_type, sub(p, 1), p), p) - let RAM_cci := - mulmod( - adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation, - mload(C_ALPHA_LOC), - p - ) - RAM_cci := addmod(RAM_cci, index_is_monotonically_increasing, p) - RAM_cci := mulmod(RAM_cci, mload(C_ALPHA_LOC), p) - RAM_cci := addmod(RAM_cci, next_gate_access_type_is_boolean, p) - RAM_cci := mulmod(RAM_cci, mload(C_ALPHA_LOC), p) - RAM_cci := addmod(RAM_cci, access_check, p) - - mstore(AUX_RAM_CONSISTENCY_EVALUATION, RAM_cci) - } - - { - // timestamp_delta = w_2_omega - w_2 - let timestamp_delta := addmod(mload(W2_OMEGA_EVAL_LOC), sub(p, mload(W2_EVAL_LOC)), p) - - // RAM_timestamp_check_identity = (1 - index_delta) * timestamp_delta - w_3 - let RAM_timestamp_check_identity := - addmod( - mulmod(timestamp_delta, addmod(1, sub(p, index_delta), p), p), sub(p, mload(W3_EVAL_LOC)), p - ) - - /** - * memory_identity = ROM_consistency_check_identity * q_2; - * memory_identity += RAM_timestamp_check_identity * q_4; - * memory_identity += memory_record_check * q_m; - * memory_identity *= q_1; - * memory_identity += (RAM_consistency_check_identity * q_arith); - * - * auxiliary_identity = memory_identity + non_native_field_identity + limb_accumulator_identity; - * auxiliary_identity *= q_aux; - * auxiliary_identity *= alpha_base; - */ - let memory_identity := mulmod(mload(AUX_ROM_CONSISTENCY_EVALUATION), mload(Q2_EVAL_LOC), p) - memory_identity := - addmod(memory_identity, mulmod(RAM_timestamp_check_identity, mload(Q4_EVAL_LOC), p), p) - memory_identity := - addmod(memory_identity, mulmod(mload(AUX_MEMORY_EVALUATION), mload(QM_EVAL_LOC), p), p) - memory_identity := mulmod(memory_identity, mload(Q1_EVAL_LOC), p) - memory_identity := - addmod( - memory_identity, mulmod(mload(AUX_RAM_CONSISTENCY_EVALUATION), mload(QARITH_EVAL_LOC), p), p - ) - - let auxiliary_identity := addmod(memory_identity, mload(AUX_NON_NATIVE_FIELD_EVALUATION), p) - auxiliary_identity := addmod(auxiliary_identity, mload(AUX_LIMB_ACCUMULATOR_EVALUATION), p) - auxiliary_identity := mulmod(auxiliary_identity, mload(QAUX_EVAL_LOC), p) - auxiliary_identity := mulmod(auxiliary_identity, mload(C_ALPHA_BASE_LOC), p) - - mstore(AUX_IDENTITY, auxiliary_identity) - - // update alpha - mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_CUBE_LOC), p)) - } - } - } - - { - /** - * quotient = ARITHMETIC_IDENTITY - * quotient += PERMUTATION_IDENTITY - * quotient += PLOOKUP_IDENTITY - * quotient += SORT_IDENTITY - * quotient += ELLIPTIC_IDENTITY - * quotient += AUX_IDENTITY - * quotient *= ZERO_POLY_INVERSE - */ - mstore( - QUOTIENT_EVAL_LOC, - mulmod( - addmod( - addmod( - addmod( - addmod( - addmod(mload(PERMUTATION_IDENTITY), mload(PLOOKUP_IDENTITY), p), - mload(ARITHMETIC_IDENTITY), - p - ), - mload(SORT_IDENTITY), - p - ), - mload(ELLIPTIC_IDENTITY), - p - ), - mload(AUX_IDENTITY), - p - ), - mload(ZERO_POLY_INVERSE_LOC), - p - ) - ) - } - - /** - * GENERATE NU AND SEPARATOR CHALLENGES - */ - { - let current_challenge := mload(C_CURRENT_LOC) - // get a calldata pointer that points to the start of the data we want to copy - let calldata_ptr := add(calldataload(0x04), 0x24) - - calldata_ptr := add(calldata_ptr, NU_CALLDATA_SKIP_LENGTH) - - mstore(NU_CHALLENGE_INPUT_LOC_A, current_challenge) - mstore(NU_CHALLENGE_INPUT_LOC_B, mload(QUOTIENT_EVAL_LOC)) - calldatacopy(NU_CHALLENGE_INPUT_LOC_C, calldata_ptr, NU_INPUT_LENGTH) - - // hash length = (0x20 + num field elements), we include the previous challenge in the hash - let challenge := keccak256(NU_CHALLENGE_INPUT_LOC_A, add(NU_INPUT_LENGTH, 0x40)) - - mstore(C_V0_LOC, mod(challenge, p)) - // We need THIRTY-ONE independent nu challenges! - mstore(0x00, challenge) - mstore8(0x20, 0x01) - mstore(C_V1_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x02) - mstore(C_V2_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x03) - mstore(C_V3_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x04) - mstore(C_V4_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x05) - mstore(C_V5_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x06) - mstore(C_V6_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x07) - mstore(C_V7_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x08) - mstore(C_V8_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x09) - mstore(C_V9_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x0a) - mstore(C_V10_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x0b) - mstore(C_V11_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x0c) - mstore(C_V12_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x0d) - mstore(C_V13_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x0e) - mstore(C_V14_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x0f) - mstore(C_V15_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x10) - mstore(C_V16_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x11) - mstore(C_V17_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x12) - mstore(C_V18_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x13) - mstore(C_V19_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x14) - mstore(C_V20_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x15) - mstore(C_V21_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x16) - mstore(C_V22_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x17) - mstore(C_V23_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x18) - mstore(C_V24_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x19) - mstore(C_V25_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x1a) - mstore(C_V26_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x1b) - mstore(C_V27_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x1c) - mstore(C_V28_LOC, mod(keccak256(0x00, 0x21), p)) - mstore8(0x20, 0x1d) - mstore(C_V29_LOC, mod(keccak256(0x00, 0x21), p)) - - // @follow-up - Why are both v29 and v30 using appending 0x1d to the prior challenge and hashing, should it not change? - mstore8(0x20, 0x1d) - challenge := keccak256(0x00, 0x21) - mstore(C_V30_LOC, mod(challenge, p)) - - // separator - mstore(0x00, challenge) - mstore(0x20, mload(PI_Z_Y_LOC)) - mstore(0x40, mload(PI_Z_X_LOC)) - mstore(0x60, mload(PI_Z_OMEGA_Y_LOC)) - mstore(0x80, mload(PI_Z_OMEGA_X_LOC)) - - mstore(C_U_LOC, mod(keccak256(0x00, 0xa0), p)) - } - - let success := 0 - // VALIDATE T1 - { - let x := mload(T1_X_LOC) - let y := mload(T1_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q)) - mstore(ACCUMULATOR_X_LOC, x) - mstore(add(ACCUMULATOR_X_LOC, 0x20), y) - } - // VALIDATE T2 - { - let x := mload(T2_X_LOC) // 0x1400 - let y := mload(T2_Y_LOC) // 0x1420 - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(ZETA_POW_N_LOC)) - // accumulator_2 = [T2].zeta^n - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = [T1] + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE T3 - { - let x := mload(T3_X_LOC) - let y := mload(T3_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(mload(ZETA_POW_N_LOC), mload(ZETA_POW_N_LOC), p)) - // accumulator_2 = [T3].zeta^{2n} - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE T4 - { - let x := mload(T4_X_LOC) - let y := mload(T4_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(mulmod(mload(ZETA_POW_N_LOC), mload(ZETA_POW_N_LOC), p), mload(ZETA_POW_N_LOC), p)) - // accumulator_2 = [T4].zeta^{3n} - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE W1 - { - let x := mload(W1_X_LOC) - let y := mload(W1_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V0_LOC), p)) - // accumulator_2 = v0.(u + 1).[W1] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE W2 - { - let x := mload(W2_X_LOC) - let y := mload(W2_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V1_LOC), p)) - // accumulator_2 = v1.(u + 1).[W2] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE W3 - { - let x := mload(W3_X_LOC) - let y := mload(W3_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V2_LOC), p)) - // accumulator_2 = v2.(u + 1).[W3] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE W4 - { - let x := mload(W4_X_LOC) - let y := mload(W4_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V3_LOC), p)) - // accumulator_2 = v3.(u + 1).[W4] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE S - { - let x := mload(S_X_LOC) - let y := mload(S_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V4_LOC), p)) - // accumulator_2 = v4.(u + 1).[S] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE Z - { - let x := mload(Z_X_LOC) - let y := mload(Z_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V5_LOC), p)) - // accumulator_2 = v5.(u + 1).[Z] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE Z_LOOKUP - { - let x := mload(Z_LOOKUP_X_LOC) - let y := mload(Z_LOOKUP_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V6_LOC), p)) - // accumulator_2 = v6.(u + 1).[Z_LOOKUP] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE Q1 - { - let x := mload(Q1_X_LOC) - let y := mload(Q1_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V7_LOC)) - // accumulator_2 = v7.[Q1] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE Q2 - { - let x := mload(Q2_X_LOC) - let y := mload(Q2_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V8_LOC)) - // accumulator_2 = v8.[Q2] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE Q3 - { - let x := mload(Q3_X_LOC) - let y := mload(Q3_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V9_LOC)) - // accumulator_2 = v9.[Q3] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE Q4 - { - let x := mload(Q4_X_LOC) - let y := mload(Q4_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V10_LOC)) - // accumulator_2 = v10.[Q4] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE QM - { - let x := mload(QM_X_LOC) - let y := mload(QM_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V11_LOC)) - // accumulator_2 = v11.[Q;] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE QC - { - let x := mload(QC_X_LOC) - let y := mload(QC_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V12_LOC)) - // accumulator_2 = v12.[QC] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE QARITH - { - let x := mload(QARITH_X_LOC) - let y := mload(QARITH_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V13_LOC)) - // accumulator_2 = v13.[QARITH] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE QSORT - { - let x := mload(QSORT_X_LOC) - let y := mload(QSORT_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V14_LOC)) - // accumulator_2 = v14.[QSORT] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE QELLIPTIC - { - let x := mload(QELLIPTIC_X_LOC) - let y := mload(QELLIPTIC_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V15_LOC)) - // accumulator_2 = v15.[QELLIPTIC] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE QAUX - { - let x := mload(QAUX_X_LOC) - let y := mload(QAUX_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V16_LOC)) - // accumulator_2 = v15.[Q_AUX] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE SIGMA1 - { - let x := mload(SIGMA1_X_LOC) - let y := mload(SIGMA1_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V17_LOC)) - // accumulator_2 = v17.[sigma1] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE SIGMA2 - { - let x := mload(SIGMA2_X_LOC) - let y := mload(SIGMA2_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V18_LOC)) - // accumulator_2 = v18.[sigma2] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE SIGMA3 - { - let x := mload(SIGMA3_X_LOC) - let y := mload(SIGMA3_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V19_LOC)) - // accumulator_2 = v19.[sigma3] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE SIGMA4 - { - let x := mload(SIGMA4_X_LOC) - let y := mload(SIGMA4_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V20_LOC)) - // accumulator_2 = v20.[sigma4] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE TABLE1 - { - let x := mload(TABLE1_X_LOC) - let y := mload(TABLE1_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V21_LOC), p)) - // accumulator_2 = u.[table1] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE TABLE2 - { - let x := mload(TABLE2_X_LOC) - let y := mload(TABLE2_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V22_LOC), p)) - // accumulator_2 = u.[table2] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE TABLE3 - { - let x := mload(TABLE3_X_LOC) - let y := mload(TABLE3_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V23_LOC), p)) - // accumulator_2 = u.[table3] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE TABLE4 - { - let x := mload(TABLE4_X_LOC) - let y := mload(TABLE4_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V24_LOC), p)) - // accumulator_2 = u.[table4] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE TABLE_TYPE - { - let x := mload(TABLE_TYPE_X_LOC) - let y := mload(TABLE_TYPE_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V25_LOC)) - // accumulator_2 = v25.[TableType] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE ID1 - { - let x := mload(ID1_X_LOC) - let y := mload(ID1_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V26_LOC)) - // accumulator_2 = v26.[ID1] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE ID2 - { - let x := mload(ID2_X_LOC) - let y := mload(ID2_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V27_LOC)) - // accumulator_2 = v27.[ID2] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE ID3 - { - let x := mload(ID3_X_LOC) - let y := mload(ID3_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V28_LOC)) - // accumulator_2 = v28.[ID3] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE ID4 - { - let x := mload(ID4_X_LOC) - let y := mload(ID4_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mload(C_V29_LOC)) - // accumulator_2 = v29.[ID4] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - /** - * COMPUTE BATCH EVALUATION SCALAR MULTIPLIER - */ - { - /** - * batch_evaluation = v0 * (w_1_omega * u + w_1_eval) - * batch_evaluation += v1 * (w_2_omega * u + w_2_eval) - * batch_evaluation += v2 * (w_3_omega * u + w_3_eval) - * batch_evaluation += v3 * (w_4_omega * u + w_4_eval) - * batch_evaluation += v4 * (s_omega_eval * u + s_eval) - * batch_evaluation += v5 * (z_omega_eval * u + z_eval) - * batch_evaluation += v6 * (z_lookup_omega_eval * u + z_lookup_eval) - */ - let batch_evaluation := - mulmod( - mload(C_V0_LOC), - addmod(mulmod(mload(W1_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W1_EVAL_LOC), p), - p - ) - batch_evaluation := - addmod( - batch_evaluation, - mulmod( - mload(C_V1_LOC), - addmod(mulmod(mload(W2_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W2_EVAL_LOC), p), - p - ), - p - ) - batch_evaluation := - addmod( - batch_evaluation, - mulmod( - mload(C_V2_LOC), - addmod(mulmod(mload(W3_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W3_EVAL_LOC), p), - p - ), - p - ) - batch_evaluation := - addmod( - batch_evaluation, - mulmod( - mload(C_V3_LOC), - addmod(mulmod(mload(W4_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W4_EVAL_LOC), p), - p - ), - p - ) - batch_evaluation := - addmod( - batch_evaluation, - mulmod( - mload(C_V4_LOC), - addmod(mulmod(mload(S_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(S_EVAL_LOC), p), - p - ), - p - ) - batch_evaluation := - addmod( - batch_evaluation, - mulmod( - mload(C_V5_LOC), - addmod(mulmod(mload(Z_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(Z_EVAL_LOC), p), - p - ), - p - ) - batch_evaluation := - addmod( - batch_evaluation, - mulmod( - mload(C_V6_LOC), - addmod(mulmod(mload(Z_LOOKUP_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(Z_LOOKUP_EVAL_LOC), p), - p - ), - p - ) - - /** - * batch_evaluation += v7 * Q1_EVAL - * batch_evaluation += v8 * Q2_EVAL - * batch_evaluation += v9 * Q3_EVAL - * batch_evaluation += v10 * Q4_EVAL - * batch_evaluation += v11 * QM_EVAL - * batch_evaluation += v12 * QC_EVAL - * batch_evaluation += v13 * QARITH_EVAL - * batch_evaluation += v14 * QSORT_EVAL_LOC - * batch_evaluation += v15 * QELLIPTIC_EVAL_LOC - * batch_evaluation += v16 * QAUX_EVAL_LOC - * batch_evaluation += v17 * SIGMA1_EVAL_LOC - * batch_evaluation += v18 * SIGMA2_EVAL_LOC - * batch_evaluation += v19 * SIGMA3_EVAL_LOC - * batch_evaluation += v20 * SIGMA4_EVAL_LOC - */ - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V7_LOC), mload(Q1_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V8_LOC), mload(Q2_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V9_LOC), mload(Q3_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V10_LOC), mload(Q4_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V11_LOC), mload(QM_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V12_LOC), mload(QC_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V13_LOC), mload(QARITH_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V14_LOC), mload(QSORT_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V15_LOC), mload(QELLIPTIC_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V16_LOC), mload(QAUX_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V17_LOC), mload(SIGMA1_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V18_LOC), mload(SIGMA2_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V19_LOC), mload(SIGMA3_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V20_LOC), mload(SIGMA4_EVAL_LOC), p), p) - - /** - * batch_evaluation += v21 * (table1(zw) * u + table1(z)) - * batch_evaluation += v22 * (table2(zw) * u + table2(z)) - * batch_evaluation += v23 * (table3(zw) * u + table3(z)) - * batch_evaluation += v24 * (table4(zw) * u + table4(z)) - * batch_evaluation += v25 * table_type_eval - * batch_evaluation += v26 * id1_eval - * batch_evaluation += v27 * id2_eval - * batch_evaluation += v28 * id3_eval - * batch_evaluation += v29 * id4_eval - * batch_evaluation += quotient_eval - */ - batch_evaluation := - addmod( - batch_evaluation, - mulmod( - mload(C_V21_LOC), - addmod(mulmod(mload(TABLE1_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE1_EVAL_LOC), p), - p - ), - p - ) - batch_evaluation := - addmod( - batch_evaluation, - mulmod( - mload(C_V22_LOC), - addmod(mulmod(mload(TABLE2_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE2_EVAL_LOC), p), - p - ), - p - ) - batch_evaluation := - addmod( - batch_evaluation, - mulmod( - mload(C_V23_LOC), - addmod(mulmod(mload(TABLE3_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE3_EVAL_LOC), p), - p - ), - p - ) - batch_evaluation := - addmod( - batch_evaluation, - mulmod( - mload(C_V24_LOC), - addmod(mulmod(mload(TABLE4_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE4_EVAL_LOC), p), - p - ), - p - ) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V25_LOC), mload(TABLE_TYPE_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V26_LOC), mload(ID1_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V27_LOC), mload(ID2_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V28_LOC), mload(ID3_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V29_LOC), mload(ID4_EVAL_LOC), p), p) - batch_evaluation := addmod(batch_evaluation, mload(QUOTIENT_EVAL_LOC), p) - - mstore(0x00, 0x01) // [1].x - mstore(0x20, 0x02) // [1].y - mstore(0x40, sub(p, batch_evaluation)) - // accumulator_2 = -[1].(batch_evaluation) - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - mstore(OPENING_COMMITMENT_SUCCESS_FLAG, success) - } - - /** - * PERFORM PAIRING PREAMBLE - */ - { - let u := mload(C_U_LOC) - let zeta := mload(C_ZETA_LOC) - // VALIDATE PI_Z - { - let x := mload(PI_Z_X_LOC) - let y := mload(PI_Z_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q)) - mstore(0x00, x) - mstore(0x20, y) - } - // compute zeta.[PI_Z] and add into accumulator - mstore(0x40, zeta) - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // accumulator = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) - - // VALIDATE PI_Z_OMEGA - { - let x := mload(PI_Z_OMEGA_X_LOC) - let y := mload(PI_Z_OMEGA_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - mstore(0x40, mulmod(mulmod(u, zeta, p), mload(OMEGA_LOC), p)) - // accumulator_2 = u.zeta.omega.[PI_Z_OMEGA] - success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) - // PAIRING_RHS = accumulator + accumulator_2 - success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, PAIRING_RHS_X_LOC, 0x40)) - - mstore(0x00, mload(PI_Z_X_LOC)) - mstore(0x20, mload(PI_Z_Y_LOC)) - mstore(0x40, mload(PI_Z_OMEGA_X_LOC)) - mstore(0x60, mload(PI_Z_OMEGA_Y_LOC)) - mstore(0x80, u) - success := and(success, staticcall(gas(), 7, 0x40, 0x60, 0x40, 0x40)) - // PAIRING_LHS = [PI_Z] + [PI_Z_OMEGA] * u - success := and(success, staticcall(gas(), 6, 0x00, 0x80, PAIRING_LHS_X_LOC, 0x40)) - // negate lhs y-coordinate - mstore(PAIRING_LHS_Y_LOC, sub(q, mload(PAIRING_LHS_Y_LOC))) - - if mload(CONTAINS_RECURSIVE_PROOF_LOC) { - // VALIDATE RECURSIVE P1 - { - let x := mload(RECURSIVE_P1_X_LOC) - let y := mload(RECURSIVE_P1_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - - // compute u.u.[recursive_p1] and write into 0x60 - mstore(0x40, mulmod(u, u, p)) - success := and(success, staticcall(gas(), 7, 0x00, 0x60, 0x60, 0x40)) - // VALIDATE RECURSIVE P2 - { - let x := mload(RECURSIVE_P2_X_LOC) - let y := mload(RECURSIVE_P2_Y_LOC) - let xx := mulmod(x, x, q) - // validate on curve - success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) - mstore(0x00, x) - mstore(0x20, y) - } - // compute u.u.[recursive_p2] and write into 0x00 - // 0x40 still contains u*u - success := and(success, staticcall(gas(), 7, 0x00, 0x60, 0x00, 0x40)) - - // compute u.u.[recursiveP1] + rhs and write into rhs - mstore(0xa0, mload(PAIRING_RHS_X_LOC)) - mstore(0xc0, mload(PAIRING_RHS_Y_LOC)) - success := and(success, staticcall(gas(), 6, 0x60, 0x80, PAIRING_RHS_X_LOC, 0x40)) - - // compute u.u.[recursiveP2] + lhs and write into lhs - mstore(0x40, mload(PAIRING_LHS_X_LOC)) - mstore(0x60, mload(PAIRING_LHS_Y_LOC)) - success := and(success, staticcall(gas(), 6, 0x00, 0x80, PAIRING_LHS_X_LOC, 0x40)) - } - - if iszero(success) { - mstore(0x0, EC_SCALAR_MUL_FAILURE_SELECTOR) - revert(0x00, 0x04) - } - mstore(PAIRING_PREAMBLE_SUCCESS_FLAG, success) - } - - /** - * PERFORM PAIRING - */ - { - // rhs paired with [1]_2 - // lhs paired with [x]_2 - - mstore(0x00, mload(PAIRING_RHS_X_LOC)) - mstore(0x20, mload(PAIRING_RHS_Y_LOC)) - mstore(0x40, 0x198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c2) // this is [1]_2 - mstore(0x60, 0x1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed) - mstore(0x80, 0x090689d0585ff075ec9e99ad690c3395bc4b313370b38ef355acdadcd122975b) - mstore(0xa0, 0x12c85ea5db8c6deb4aab71808dcb408fe3d1e7690c43d37b4ce6cc0166fa7daa) - - mstore(0xc0, mload(PAIRING_LHS_X_LOC)) - mstore(0xe0, mload(PAIRING_LHS_Y_LOC)) - mstore(0x100, mload(G2X_X0_LOC)) - mstore(0x120, mload(G2X_X1_LOC)) - mstore(0x140, mload(G2X_Y0_LOC)) - mstore(0x160, mload(G2X_Y1_LOC)) - - success := staticcall(gas(), 8, 0x00, 0x180, 0x00, 0x20) - mstore(PAIRING_SUCCESS_FLAG, success) - mstore(RESULT_FLAG, mload(0x00)) - } - if iszero( - and( - and(and(mload(PAIRING_SUCCESS_FLAG), mload(RESULT_FLAG)), mload(PAIRING_PREAMBLE_SUCCESS_FLAG)), - mload(OPENING_COMMITMENT_SUCCESS_FLAG) - ) - ) { - mstore(0x0, PROOF_FAILURE_SELECTOR) - revert(0x00, 0x04) - } - { - mstore(0x00, 0x01) - return(0x00, 0x20) // Proof succeeded! - } - } - } -} - -contract UltraVerifier is BaseUltraVerifier { - function getVerificationKeyHash() public pure override(BaseUltraVerifier) returns (bytes32) { - return UltraVerificationKey.verificationKeyHash(); - } - - function loadVerificationKey(uint256 vk, uint256 _omegaInverseLoc) internal pure virtual override(BaseUltraVerifier) { - UltraVerificationKey.loadVerificationKey(vk, _omegaInverseLoc); - } -} diff --git a/tooling/bb_abstraction_leaks/src/lib.rs b/tooling/bb_abstraction_leaks/src/lib.rs index fec53809ad4..56a4f58cd21 100644 --- a/tooling/bb_abstraction_leaks/src/lib.rs +++ b/tooling/bb_abstraction_leaks/src/lib.rs @@ -7,13 +7,6 @@ pub const ACVM_BACKEND_BARRETENBERG: &str = "acvm-backend-barretenberg"; pub const BB_DOWNLOAD_URL: &str = env!("BB_BINARY_URL"); pub const BB_VERSION: &str = env!("BB_VERSION"); -/// Embed the Solidity verifier file -const ULTRA_VERIFIER_CONTRACT: &str = include_str!("contract.sol"); - -pub fn complete_barretenberg_verifier_contract(contract: String) -> String { - format!("{contract}{ULTRA_VERIFIER_CONTRACT}") -} - /// Removes the public inputs which are prepended to a proof by Barretenberg. pub fn remove_public_inputs(num_pub_inputs: usize, proof: &[u8]) -> Vec { // Barretenberg prepends the public inputs onto the proof so we need to remove diff --git a/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs b/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs index fe79c0b8c23..1eb8153ce9b 100644 --- a/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs +++ b/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs @@ -7,7 +7,6 @@ use crate::backends::Backend; use crate::errors::CliError; use acvm::ExpressionWidth; -use bb_abstraction_leaks::ACVM_BACKEND_BARRETENBERG; use clap::Args; use fm::FileManager; use nargo::insert_all_files_for_workspace_into_file_manager; @@ -83,12 +82,5 @@ fn smart_contract_for_package( let program = compile_bin_package(file_manager, workspace, package, compile_options, expression_width)?; - let mut smart_contract_string = backend.eth_contract(&program.circuit)?; - - if backend.name() == ACVM_BACKEND_BARRETENBERG { - smart_contract_string = - bb_abstraction_leaks::complete_barretenberg_verifier_contract(smart_contract_string); - } - - Ok(smart_contract_string) + Ok(backend.eth_contract(&program.circuit)?) } From 812576b1dcba889ddd59cc8ce150774018d239ba Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 14:26:45 +0000 Subject: [PATCH 22/67] Remove test-cargo workflow --- .github/workflows/test-cargo.yml | 51 -------------------------------- 1 file changed, 51 deletions(-) delete mode 100644 .github/workflows/test-cargo.yml diff --git a/.github/workflows/test-cargo.yml b/.github/workflows/test-cargo.yml deleted file mode 100644 index 8d414daa75b..00000000000 --- a/.github/workflows/test-cargo.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Test cargo - -on: - pull_request: - merge_group: - push: - branches: - - master - -# This will cancel previous runs when a branch or PR is updated -concurrency: - group: ${{ github.workflow }}-${{ github.head_ref || github.ref || github.run_id }} - cancel-in-progress: true - -jobs: - build: - name: Test cargo - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v4 - - name: Get current date - id: date - run: echo "date=$(date +'%Y.%m.%d.%H.%M')" >> $GITHUB_STATE - - name: prepare docker images tags - id: prep - run: | - REGISTRY="ghcr.io" - IMG="${REGISTRY}/${{ github.repository }}" - IMAGE=$(echo "$IMG" | tr '[:upper:]' '[:lower:]') - TAGS="${IMAGE}:${{ github.sha }}" - TAGS="${TAGS},${IMAGE}:latest,${IMAGE}:v${{ steps.date.outputs.date }}" - echo ::set-output name=tags::${TAGS} - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v3 - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Test cargo - uses: docker/build-push-action@v5 - with: - context: . - file: Dockerfile.ci - tags: ${{ steps.prep.outputs.tags }} - target: test-cargo - cache-from: type=gha - cache-to: type=gha,mode=max \ No newline at end of file From 3c8f83e4f4f8ae8fa211ec46838bb5673a27c771 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 14:53:55 +0000 Subject: [PATCH 23/67] chore: remove now unused bb abstraction leaks --- Cargo.lock | 1 - tooling/nargo_cli/Cargo.toml | 1 - 2 files changed, 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index fee91a2d93e..50892d98ff3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2682,7 +2682,6 @@ dependencies = [ "assert_fs", "async-lsp", "backend-interface", - "bb_abstraction_leaks", "bn254_blackbox_solver", "build-data", "clap", diff --git a/tooling/nargo_cli/Cargo.toml b/tooling/nargo_cli/Cargo.toml index f280682e15c..2652adaf327 100644 --- a/tooling/nargo_cli/Cargo.toml +++ b/tooling/nargo_cli/Cargo.toml @@ -51,7 +51,6 @@ dap.workspace = true # Backends backend-interface = { path = "../backend_interface" } -bb_abstraction_leaks.workspace = true # Logs tracing-subscriber.workspace = true From 89bf4986cc5e8cf0e2b904c2ad9d1276794b69c1 Mon Sep 17 00:00:00 2001 From: Tom French Date: Tue, 9 Jan 2024 15:31:09 +0000 Subject: [PATCH 24/67] chore: fix builds of `noir_js_backend_barretenberg` --- tooling/noir_js_backend_barretenberg/src/index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tooling/noir_js_backend_barretenberg/src/index.ts b/tooling/noir_js_backend_barretenberg/src/index.ts index 94c728ec69c..811cbebeef7 100644 --- a/tooling/noir_js_backend_barretenberg/src/index.ts +++ b/tooling/noir_js_backend_barretenberg/src/index.ts @@ -34,7 +34,7 @@ export class BarretenbergBackend implements Backend { // eslint-disable-next-line @typescript-eslint/ban-ts-comment //@ts-ignore const { Barretenberg, RawBuffer, Crs } = await import('@aztec/bb.js'); - const api = await Barretenberg.new({ threads: this.options.threads }); + const api = await Barretenberg.new(this.options.threads); const [_exact, _total, subgroupSize] = await api.acirGetCircuitSizes(this.acirUncompressedBytecode); const crs = await Crs.new(subgroupSize + 1); From 9affee68668c96167c9bbeaefd80eb5280ba9dfa Mon Sep 17 00:00:00 2001 From: Tom French Date: Tue, 9 Jan 2024 15:48:41 +0000 Subject: [PATCH 25/67] Revert "chore: remove now unused bb abstraction leaks" This reverts commit 3c8f83e4f4f8ae8fa211ec46838bb5673a27c771. --- Cargo.lock | 1 + tooling/nargo_cli/Cargo.toml | 1 + 2 files changed, 2 insertions(+) diff --git a/Cargo.lock b/Cargo.lock index 50892d98ff3..fee91a2d93e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2682,6 +2682,7 @@ dependencies = [ "assert_fs", "async-lsp", "backend-interface", + "bb_abstraction_leaks", "bn254_blackbox_solver", "build-data", "clap", diff --git a/tooling/nargo_cli/Cargo.toml b/tooling/nargo_cli/Cargo.toml index 2652adaf327..f280682e15c 100644 --- a/tooling/nargo_cli/Cargo.toml +++ b/tooling/nargo_cli/Cargo.toml @@ -51,6 +51,7 @@ dap.workspace = true # Backends backend-interface = { path = "../backend_interface" } +bb_abstraction_leaks.workspace = true # Logs tracing-subscriber.workspace = true From 1725e701ad32a1df738cdae0f54404d56caedfb1 Mon Sep 17 00:00:00 2001 From: Tom French Date: Tue, 9 Jan 2024 15:53:17 +0000 Subject: [PATCH 26/67] chore: clippy fix --- Cargo.lock | 1 - tooling/nargo_cli/Cargo.toml | 1 - 2 files changed, 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index fee91a2d93e..50892d98ff3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2682,7 +2682,6 @@ dependencies = [ "assert_fs", "async-lsp", "backend-interface", - "bb_abstraction_leaks", "bn254_blackbox_solver", "build-data", "clap", diff --git a/tooling/nargo_cli/Cargo.toml b/tooling/nargo_cli/Cargo.toml index f280682e15c..2652adaf327 100644 --- a/tooling/nargo_cli/Cargo.toml +++ b/tooling/nargo_cli/Cargo.toml @@ -51,7 +51,6 @@ dap.workspace = true # Backends backend-interface = { path = "../backend_interface" } -bb_abstraction_leaks.workspace = true # Logs tracing-subscriber.workspace = true From 394154eefb075abcda8288e0cb05f602a7fcd189 Mon Sep 17 00:00:00 2001 From: Tom French Date: Tue, 9 Jan 2024 15:53:41 +0000 Subject: [PATCH 27/67] Revert "chore: fix builds of `noir_js_backend_barretenberg`" This reverts commit 89bf4986cc5e8cf0e2b904c2ad9d1276794b69c1. --- tooling/noir_js_backend_barretenberg/src/index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tooling/noir_js_backend_barretenberg/src/index.ts b/tooling/noir_js_backend_barretenberg/src/index.ts index 811cbebeef7..94c728ec69c 100644 --- a/tooling/noir_js_backend_barretenberg/src/index.ts +++ b/tooling/noir_js_backend_barretenberg/src/index.ts @@ -34,7 +34,7 @@ export class BarretenbergBackend implements Backend { // eslint-disable-next-line @typescript-eslint/ban-ts-comment //@ts-ignore const { Barretenberg, RawBuffer, Crs } = await import('@aztec/bb.js'); - const api = await Barretenberg.new(this.options.threads); + const api = await Barretenberg.new({ threads: this.options.threads }); const [_exact, _total, subgroupSize] = await api.acirGetCircuitSizes(this.acirUncompressedBytecode); const crs = await Crs.new(subgroupSize + 1); From 39d4bfa86444238ac2da4a6f70447150df2895d6 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 17:06:19 +0000 Subject: [PATCH 28/67] fix: avoid decoding public inputs --- tooling/noir_js_backend_barretenberg/src/index.ts | 9 ++------- tooling/noir_js_types/src/types.ts | 2 +- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/tooling/noir_js_backend_barretenberg/src/index.ts b/tooling/noir_js_backend_barretenberg/src/index.ts index 94c728ec69c..7f3e5f2dfd8 100644 --- a/tooling/noir_js_backend_barretenberg/src/index.ts +++ b/tooling/noir_js_backend_barretenberg/src/index.ts @@ -3,7 +3,6 @@ import { decompressSync as gunzip } from 'fflate'; import { acirToUint8Array } from './serialize.js'; import { Backend, CompiledCircuit, ProofData } from '@noir-lang/types'; import { BackendOptions } from './types.js'; -import { deflattenPublicInputs, flattenPublicInputsAsArray } from './public_inputs.js'; export { flattenPublicInputs } from './public_inputs.js'; @@ -93,9 +92,8 @@ export class BarretenbergBackend implements Backend { const splitIndex = proofWithPublicInputs.length - numBytesInProofWithoutPublicInputs; - const publicInputsConcatenated = proofWithPublicInputs.slice(0, splitIndex); + const publicInputs = proofWithPublicInputs.slice(0, splitIndex); const proof = proofWithPublicInputs.slice(splitIndex); - const publicInputs = deflattenPublicInputs(publicInputsConcatenated, this.acirCircuit.abi); return { proof, publicInputs }; } @@ -181,11 +179,8 @@ export class BarretenbergBackend implements Backend { } function reconstructProofWithPublicInputs(proofData: ProofData): Uint8Array { - // Flatten publicInputs - const publicInputsConcatenated = flattenPublicInputsAsArray(proofData.publicInputs); - // Concatenate publicInputs and proof - const proofWithPublicInputs = Uint8Array.from([...publicInputsConcatenated, ...proofData.proof]); + const proofWithPublicInputs = Uint8Array.from([...proofData.publicInputs, ...proofData.proof]); return proofWithPublicInputs; } diff --git a/tooling/noir_js_types/src/types.ts b/tooling/noir_js_types/src/types.ts index b997d92425d..e7c16f8d454 100644 --- a/tooling/noir_js_types/src/types.ts +++ b/tooling/noir_js_types/src/types.ts @@ -45,7 +45,7 @@ export interface Backend { * */ export type ProofData = { /** @description Public inputs of a proof */ - publicInputs: WitnessMap; + publicInputs: Uint8Array; /** @description An byte array representing the proof */ proof: Uint8Array; }; From 5b64df36fa1df44b1a49c0cc2fd63fba4a34bb1c Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 17:19:36 +0000 Subject: [PATCH 29/67] Revert "fix: avoid decoding public inputs" This reverts commit 39d4bfa86444238ac2da4a6f70447150df2895d6. --- tooling/noir_js_backend_barretenberg/src/index.ts | 9 +++++++-- tooling/noir_js_types/src/types.ts | 2 +- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/tooling/noir_js_backend_barretenberg/src/index.ts b/tooling/noir_js_backend_barretenberg/src/index.ts index 7f3e5f2dfd8..94c728ec69c 100644 --- a/tooling/noir_js_backend_barretenberg/src/index.ts +++ b/tooling/noir_js_backend_barretenberg/src/index.ts @@ -3,6 +3,7 @@ import { decompressSync as gunzip } from 'fflate'; import { acirToUint8Array } from './serialize.js'; import { Backend, CompiledCircuit, ProofData } from '@noir-lang/types'; import { BackendOptions } from './types.js'; +import { deflattenPublicInputs, flattenPublicInputsAsArray } from './public_inputs.js'; export { flattenPublicInputs } from './public_inputs.js'; @@ -92,8 +93,9 @@ export class BarretenbergBackend implements Backend { const splitIndex = proofWithPublicInputs.length - numBytesInProofWithoutPublicInputs; - const publicInputs = proofWithPublicInputs.slice(0, splitIndex); + const publicInputsConcatenated = proofWithPublicInputs.slice(0, splitIndex); const proof = proofWithPublicInputs.slice(splitIndex); + const publicInputs = deflattenPublicInputs(publicInputsConcatenated, this.acirCircuit.abi); return { proof, publicInputs }; } @@ -179,8 +181,11 @@ export class BarretenbergBackend implements Backend { } function reconstructProofWithPublicInputs(proofData: ProofData): Uint8Array { + // Flatten publicInputs + const publicInputsConcatenated = flattenPublicInputsAsArray(proofData.publicInputs); + // Concatenate publicInputs and proof - const proofWithPublicInputs = Uint8Array.from([...proofData.publicInputs, ...proofData.proof]); + const proofWithPublicInputs = Uint8Array.from([...publicInputsConcatenated, ...proofData.proof]); return proofWithPublicInputs; } diff --git a/tooling/noir_js_types/src/types.ts b/tooling/noir_js_types/src/types.ts index e7c16f8d454..b997d92425d 100644 --- a/tooling/noir_js_types/src/types.ts +++ b/tooling/noir_js_types/src/types.ts @@ -45,7 +45,7 @@ export interface Backend { * */ export type ProofData = { /** @description Public inputs of a proof */ - publicInputs: Uint8Array; + publicInputs: WitnessMap; /** @description An byte array representing the proof */ proof: Uint8Array; }; From 9ec2e0711d65fc5befd0af8eab68a08968e1fa55 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 17:35:01 +0000 Subject: [PATCH 30/67] fix: possible workaround for the hidden public inputs issue --- .../onchain_recursive_verification.test.ts | 7 ++----- .../noir_js_backend_barretenberg/src/index.ts | 7 ++++--- .../src/public_inputs.ts | 19 +++++++++++-------- tooling/noir_js_types/src/types.ts | 4 +++- 4 files changed, 20 insertions(+), 17 deletions(-) diff --git a/compiler/integration-tests/test/node/onchain_recursive_verification.test.ts b/compiler/integration-tests/test/node/onchain_recursive_verification.test.ts index 6c20d44882b..7a25669d22a 100644 --- a/compiler/integration-tests/test/node/onchain_recursive_verification.test.ts +++ b/compiler/integration-tests/test/node/onchain_recursive_verification.test.ts @@ -12,7 +12,7 @@ import { PathToFileSourceMap, } from '@noir-lang/noir_wasm'; import { Noir } from '@noir-lang/noir_js'; -import { BarretenbergBackend, flattenPublicInputs } from '@noir-lang/backend_barretenberg'; +import { BarretenbergBackend } from '@noir-lang/backend_barretenberg'; import { Field, InputMap } from '@noir-lang/noirc_abi'; compilerLogLevel('INFO'); @@ -71,10 +71,7 @@ it(`smart contract can verify a recursive proof`, async () => { const contract = await ethers.deployContract('contracts/recursion.sol:UltraVerifier', []); - const result = await contract.verify.staticCall( - recursion_proof.proof, - flattenPublicInputs(recursion_proof.publicInputs), - ); + const result = await contract.verify.staticCall(recursion_proof.proof, recursion_proof.publicInputs); expect(result).to.be.true; }); diff --git a/tooling/noir_js_backend_barretenberg/src/index.ts b/tooling/noir_js_backend_barretenberg/src/index.ts index 94c728ec69c..bad0ede1e35 100644 --- a/tooling/noir_js_backend_barretenberg/src/index.ts +++ b/tooling/noir_js_backend_barretenberg/src/index.ts @@ -3,7 +3,7 @@ import { decompressSync as gunzip } from 'fflate'; import { acirToUint8Array } from './serialize.js'; import { Backend, CompiledCircuit, ProofData } from '@noir-lang/types'; import { BackendOptions } from './types.js'; -import { deflattenPublicInputs, flattenPublicInputsAsArray } from './public_inputs.js'; +import { deflattenPublicInputs, flattenPublicInputsAsArray, publicInputsToWitnessMap } from './public_inputs.js'; export { flattenPublicInputs } from './public_inputs.js'; @@ -95,9 +95,10 @@ export class BarretenbergBackend implements Backend { const publicInputsConcatenated = proofWithPublicInputs.slice(0, splitIndex); const proof = proofWithPublicInputs.slice(splitIndex); - const publicInputs = deflattenPublicInputs(publicInputsConcatenated, this.acirCircuit.abi); + const publicInputs = deflattenPublicInputs(publicInputsConcatenated); + const publicInputsMap = publicInputsToWitnessMap(publicInputs, this.acirCircuit.abi); - return { proof, publicInputs }; + return { proof, publicInputs, publicInputsMap }; } // Generates artifacts that will be passed to a circuit that will verify this proof. diff --git a/tooling/noir_js_backend_barretenberg/src/public_inputs.ts b/tooling/noir_js_backend_barretenberg/src/public_inputs.ts index 37bc5b13012..eb2ceb66199 100644 --- a/tooling/noir_js_backend_barretenberg/src/public_inputs.ts +++ b/tooling/noir_js_backend_barretenberg/src/public_inputs.ts @@ -6,13 +6,12 @@ export function flattenPublicInputs(publicInputs: WitnessMap): string[] { return flattenedPublicInputs; } -export function flattenPublicInputsAsArray(publicInputs: WitnessMap): Uint8Array { - const flatPublicInputs = flattenPublicInputs(publicInputs); - const flattenedPublicInputs = flatPublicInputs.map(hexToUint8Array); +export function flattenPublicInputsAsArray(publicInputs: string[]): Uint8Array { + const flattenedPublicInputs = publicInputs.map(hexToUint8Array); return flattenUint8Arrays(flattenedPublicInputs); } -export function deflattenPublicInputs(flattenedPublicInputs: Uint8Array, abi: Abi): WitnessMap { +export function deflattenPublicInputs(flattenedPublicInputs: Uint8Array): string[] { const publicInputSize = 32; const chunkedFlattenedPublicInputs: Uint8Array[] = []; @@ -21,6 +20,10 @@ export function deflattenPublicInputs(flattenedPublicInputs: Uint8Array, abi: Ab chunkedFlattenedPublicInputs.push(publicInput); } + return chunkedFlattenedPublicInputs.map(uint8ArrayToHex); +} + +export function publicInputsToWitnessMap(publicInputs: string[], abi: Abi): WitnessMap { const return_value_witnesses = abi.return_witnesses; const public_parameters = abi.parameters.filter((param) => param.visibility === 'public'); const public_parameter_witnesses: number[] = public_parameters.flatMap((param) => @@ -35,13 +38,13 @@ export function deflattenPublicInputs(flattenedPublicInputs: Uint8Array, abi: Ab (a, b) => a - b, ); - const publicInputs: WitnessMap = new Map(); + const witnessMap: WitnessMap = new Map(); public_input_witnesses.forEach((witness_index, index) => { - const witness_value = uint8ArrayToHex(chunkedFlattenedPublicInputs[index]); - publicInputs.set(witness_index, witness_value); + const witness_value = publicInputs[index]; + witnessMap.set(witness_index, witness_value); }); - return publicInputs; + return witnessMap; } function flattenUint8Arrays(arrays: Uint8Array[]): Uint8Array { diff --git a/tooling/noir_js_types/src/types.ts b/tooling/noir_js_types/src/types.ts index b997d92425d..53be86e19db 100644 --- a/tooling/noir_js_types/src/types.ts +++ b/tooling/noir_js_types/src/types.ts @@ -45,7 +45,9 @@ export interface Backend { * */ export type ProofData = { /** @description Public inputs of a proof */ - publicInputs: WitnessMap; + publicInputs: string[]; + /** @description The public inputs as a witness map */ + publicInputsMap: WitnessMap; /** @description An byte array representing the proof */ proof: Uint8Array; }; From ee2e6c0a9d066d8e57b5e815eda6e17510a40ba5 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 17:35:54 +0000 Subject: [PATCH 31/67] test: fix test --- .../test/node/smart_contract_verifier.test.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/compiler/integration-tests/test/node/smart_contract_verifier.test.ts b/compiler/integration-tests/test/node/smart_contract_verifier.test.ts index 5b3d0e2d337..a93a2fc1508 100644 --- a/compiler/integration-tests/test/node/smart_contract_verifier.test.ts +++ b/compiler/integration-tests/test/node/smart_contract_verifier.test.ts @@ -7,7 +7,7 @@ import toml from 'toml'; import { PathToFileSourceMap, compile, init_log_level as compilerLogLevel } from '@noir-lang/noir_wasm'; import { Noir } from '@noir-lang/noir_js'; -import { BarretenbergBackend, flattenPublicInputs } from '@noir-lang/backend_barretenberg'; +import { BarretenbergBackend } from '@noir-lang/backend_barretenberg'; compilerLogLevel('INFO'); @@ -61,7 +61,7 @@ test_cases.forEach((testInfo) => { const contract = await ethers.deployContract(testInfo.compiled, []); - const result = await contract.verify(proofData.proof, flattenPublicInputs(proofData.publicInputs)); + const result = await contract.verify(proofData.proof, proofData.publicInputs); expect(result).to.be.true; }); From 742e9405ce7a293dcceaf6258f1a87b1aeb6c092 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 17:52:22 +0000 Subject: [PATCH 32/67] test: fix noir_js_backend_bb test --- tooling/noir_js_backend_barretenberg/src/index.ts | 2 -- .../src/public_inputs.ts | 12 ++++++------ .../test/public_input_deflattening.test.ts | 13 +++++++++---- 3 files changed, 15 insertions(+), 12 deletions(-) diff --git a/tooling/noir_js_backend_barretenberg/src/index.ts b/tooling/noir_js_backend_barretenberg/src/index.ts index bad0ede1e35..7be1ac485f2 100644 --- a/tooling/noir_js_backend_barretenberg/src/index.ts +++ b/tooling/noir_js_backend_barretenberg/src/index.ts @@ -5,8 +5,6 @@ import { Backend, CompiledCircuit, ProofData } from '@noir-lang/types'; import { BackendOptions } from './types.js'; import { deflattenPublicInputs, flattenPublicInputsAsArray, publicInputsToWitnessMap } from './public_inputs.js'; -export { flattenPublicInputs } from './public_inputs.js'; - // This is the number of bytes in a UltraPlonk proof // minus the public inputs. const numBytesInProofWithoutPublicInputs: number = 2144; diff --git a/tooling/noir_js_backend_barretenberg/src/public_inputs.ts b/tooling/noir_js_backend_barretenberg/src/public_inputs.ts index eb2ceb66199..75ee0de6800 100644 --- a/tooling/noir_js_backend_barretenberg/src/public_inputs.ts +++ b/tooling/noir_js_backend_barretenberg/src/public_inputs.ts @@ -1,11 +1,5 @@ import { Abi, WitnessMap } from '@noir-lang/types'; -export function flattenPublicInputs(publicInputs: WitnessMap): string[] { - const publicInputIndices = [...publicInputs.keys()].sort((a, b) => a - b); - const flattenedPublicInputs = publicInputIndices.map((index) => publicInputs.get(index) as string); - return flattenedPublicInputs; -} - export function flattenPublicInputsAsArray(publicInputs: string[]): Uint8Array { const flattenedPublicInputs = publicInputs.map(hexToUint8Array); return flattenUint8Arrays(flattenedPublicInputs); @@ -23,6 +17,12 @@ export function deflattenPublicInputs(flattenedPublicInputs: Uint8Array): string return chunkedFlattenedPublicInputs.map(uint8ArrayToHex); } +export function witnessMapToPublicInputs(publicInputs: WitnessMap): string[] { + const publicInputIndices = [...publicInputs.keys()].sort((a, b) => a - b); + const flattenedPublicInputs = publicInputIndices.map((index) => publicInputs.get(index) as string); + return flattenedPublicInputs; +} + export function publicInputsToWitnessMap(publicInputs: string[], abi: Abi): WitnessMap { const return_value_witnesses = abi.return_witnesses; const public_parameters = abi.parameters.filter((param) => param.visibility === 'public'); diff --git a/tooling/noir_js_backend_barretenberg/test/public_input_deflattening.test.ts b/tooling/noir_js_backend_barretenberg/test/public_input_deflattening.test.ts index dab1c56436a..2093dc83063 100644 --- a/tooling/noir_js_backend_barretenberg/test/public_input_deflattening.test.ts +++ b/tooling/noir_js_backend_barretenberg/test/public_input_deflattening.test.ts @@ -1,6 +1,11 @@ import { Abi } from '@noir-lang/types'; import { expect } from 'chai'; -import { flattenPublicInputsAsArray, deflattenPublicInputs, flattenPublicInputs } from '../src/public_inputs.js'; +import { + flattenPublicInputsAsArray, + deflattenPublicInputs, + witnessMapToPublicInputs, + publicInputsToWitnessMap, +} from '../src/public_inputs.js'; const abi: Abi = { parameters: [ @@ -69,7 +74,7 @@ it('flattens a witness map in order of its witness indices', async () => { ]), ); - const flattened_public_inputs = flattenPublicInputs(witness_map); + const flattened_public_inputs = witnessMapToPublicInputs(witness_map); expect(flattened_public_inputs).to.be.deep.eq([ '0x0000000000000000000000000000000000000000000000000000000000000002', '0x000000000000000000000000000000000000000000000000000000000000000b', @@ -89,8 +94,8 @@ it('recovers the original witness map when deflattening a public input array', a ]), ); - const flattened_public_inputs = flattenPublicInputsAsArray(witness_map); - const deflattened_public_inputs = deflattenPublicInputs(flattened_public_inputs, abi); + const flattened_public_inputs = witnessMapToPublicInputs(witness_map); + const deflattened_public_inputs = publicInputsToWitnessMap(flattened_public_inputs, abi); expect(deflattened_public_inputs).to.be.deep.eq(witness_map); }); From 61c2b9b354109391a905ec0d193a08fdcfe8cb07 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 17:59:51 +0000 Subject: [PATCH 33/67] fix: output public inputs vector + function to recover a witness map --- tooling/noir_js_backend_barretenberg/src/index.ts | 6 +++--- tooling/noir_js_types/src/types.ts | 4 +--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/tooling/noir_js_backend_barretenberg/src/index.ts b/tooling/noir_js_backend_barretenberg/src/index.ts index 7be1ac485f2..6e619fd59cf 100644 --- a/tooling/noir_js_backend_barretenberg/src/index.ts +++ b/tooling/noir_js_backend_barretenberg/src/index.ts @@ -3,8 +3,9 @@ import { decompressSync as gunzip } from 'fflate'; import { acirToUint8Array } from './serialize.js'; import { Backend, CompiledCircuit, ProofData } from '@noir-lang/types'; import { BackendOptions } from './types.js'; -import { deflattenPublicInputs, flattenPublicInputsAsArray, publicInputsToWitnessMap } from './public_inputs.js'; +import { deflattenPublicInputs, flattenPublicInputsAsArray } from './public_inputs.js'; +export { publicInputsToWitnessMap } from './public_inputs.js'; // This is the number of bytes in a UltraPlonk proof // minus the public inputs. const numBytesInProofWithoutPublicInputs: number = 2144; @@ -94,9 +95,8 @@ export class BarretenbergBackend implements Backend { const publicInputsConcatenated = proofWithPublicInputs.slice(0, splitIndex); const proof = proofWithPublicInputs.slice(splitIndex); const publicInputs = deflattenPublicInputs(publicInputsConcatenated); - const publicInputsMap = publicInputsToWitnessMap(publicInputs, this.acirCircuit.abi); - return { proof, publicInputs, publicInputsMap }; + return { proof, publicInputs }; } // Generates artifacts that will be passed to a circuit that will verify this proof. diff --git a/tooling/noir_js_types/src/types.ts b/tooling/noir_js_types/src/types.ts index 53be86e19db..ee4921bd606 100644 --- a/tooling/noir_js_types/src/types.ts +++ b/tooling/noir_js_types/src/types.ts @@ -1,4 +1,4 @@ -import { Abi, WitnessMap } from '@noir-lang/noirc_abi'; +import { Abi } from '@noir-lang/noirc_abi'; export { Abi, WitnessMap } from '@noir-lang/noirc_abi'; @@ -46,8 +46,6 @@ export interface Backend { export type ProofData = { /** @description Public inputs of a proof */ publicInputs: string[]; - /** @description The public inputs as a witness map */ - publicInputsMap: WitnessMap; /** @description An byte array representing the proof */ proof: Uint8Array; }; From 114aa6f90f147fe69ff424e881463a65df26c4e6 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 9 Jan 2024 18:00:55 +0000 Subject: [PATCH 34/67] chore: fix formatting --- .../test/public_input_deflattening.test.ts | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/tooling/noir_js_backend_barretenberg/test/public_input_deflattening.test.ts b/tooling/noir_js_backend_barretenberg/test/public_input_deflattening.test.ts index 2093dc83063..079a1ad268b 100644 --- a/tooling/noir_js_backend_barretenberg/test/public_input_deflattening.test.ts +++ b/tooling/noir_js_backend_barretenberg/test/public_input_deflattening.test.ts @@ -1,11 +1,6 @@ import { Abi } from '@noir-lang/types'; import { expect } from 'chai'; -import { - flattenPublicInputsAsArray, - deflattenPublicInputs, - witnessMapToPublicInputs, - publicInputsToWitnessMap, -} from '../src/public_inputs.js'; +import { witnessMapToPublicInputs, publicInputsToWitnessMap } from '../src/public_inputs.js'; const abi: Abi = { parameters: [ From 564635446ce65e4529e17a6b57c7f352eacb9037 Mon Sep 17 00:00:00 2001 From: ludamad Date: Thu, 11 Jan 2024 17:14:53 -0500 Subject: [PATCH 35/67] chore: git subrepo commit (merge) noir (#3955) subrepo: subdir: "noir" merged: "6bdab5c1e4" upstream: origin: "https://github.com/noir-lang/noir" branch: "aztec-packages" commit: "75c83348e6" git-subrepo: version: "0.4.6" origin: "https://github.com/ingydotnet/git-subrepo" commit: "110b9eb" --------- Co-authored-by: ludamad Co-authored-by: Tom French <15848336+TomAFrench@users.noreply.github.com> --- acvm-repo/acir/codegen/acir.cpp | 286 +++++++++++++++++- .../acir/src/circuit/black_box_functions.rs | 8 + .../opcodes/black_box_function_call.rs | 24 +- .../acvm/src/compiler/transformers/mod.rs | 8 + acvm-repo/acvm/src/pwg/blackbox/mod.rs | 6 + acvm-repo/blackbox_solver/src/lib.rs | 12 + acvm-repo/bn254_blackbox_solver/src/lib.rs | 18 ++ acvm-repo/brillig/src/black_box.rs | 12 + acvm-repo/brillig_vm/src/black_box.rs | 27 +- acvm-repo/brillig_vm/src/lib.rs | 16 + aztec_macros/src/lib.rs | 31 +- bootstrap_cache.sh | 10 + .../brillig/brillig_gen/brillig_black_box.rs | 52 +++- .../src/brillig/brillig_ir/debug_show.rs | 23 ++ .../src/ssa/acir_gen/acir_ir/acir_variable.rs | 22 ++ .../ssa/acir_gen/acir_ir/generated_acir.rs | 22 +- .../src/ssa/ir/instruction/call.rs | 4 +- .../src/ssa/opt/constant_folding.rs | 2 +- compiler/noirc_frontend/src/node_interner.rs | 1 + compiler/wasm/.gitignore | 1 + compiler/wasm/package.json | 5 +- .../NoirJS/backend_barretenberg/index.md | 9 +- .../type-aliases/ProofData.md | 2 +- .../NoirJS/noir_js/type-aliases/ProofData.md | 2 +- test_programs/.gitignore | 1 + .../brillig_blake3/Nargo.toml | 7 + .../brillig_blake3/Prover.toml | 37 +++ .../brillig_blake3/src/main.nr | 6 + tooling/backend_interface/src/cli/info.rs | 6 - tooling/lsp/src/requests/goto_definition.rs | 22 ++ tooling/lsp/src/solver.rs | 18 ++ yarn.lock | 42 +++ 32 files changed, 716 insertions(+), 26 deletions(-) create mode 100755 bootstrap_cache.sh create mode 100644 test_programs/execution_success/brillig_blake3/Nargo.toml create mode 100644 test_programs/execution_success/brillig_blake3/Prover.toml create mode 100644 test_programs/execution_success/brillig_blake3/src/main.nr diff --git a/acvm-repo/acir/codegen/acir.cpp b/acvm-repo/acir/codegen/acir.cpp index 2b217c7e93d..7d9d293a776 100644 --- a/acvm-repo/acir/codegen/acir.cpp +++ b/acvm-repo/acir/codegen/acir.cpp @@ -145,6 +145,28 @@ namespace Circuit { static FixedBaseScalarMul bincodeDeserialize(std::vector); }; + struct EmbeddedCurveAdd { + Circuit::FunctionInput input1_x; + Circuit::FunctionInput input1_y; + Circuit::FunctionInput input2_x; + Circuit::FunctionInput input2_y; + std::array outputs; + + friend bool operator==(const EmbeddedCurveAdd&, const EmbeddedCurveAdd&); + std::vector bincodeSerialize() const; + static EmbeddedCurveAdd bincodeDeserialize(std::vector); + }; + + struct EmbeddedCurveDouble { + Circuit::FunctionInput input_x; + Circuit::FunctionInput input_y; + std::array outputs; + + friend bool operator==(const EmbeddedCurveDouble&, const EmbeddedCurveDouble&); + std::vector bincodeSerialize() const; + static EmbeddedCurveDouble bincodeDeserialize(std::vector); + }; + struct Keccak256 { std::vector inputs; std::vector outputs; @@ -184,7 +206,7 @@ namespace Circuit { static RecursiveAggregation bincodeDeserialize(std::vector); }; - std::variant value; + std::variant value; friend bool operator==(const BlackBoxFuncCall&, const BlackBoxFuncCall&); std::vector bincodeSerialize() const; @@ -406,6 +428,15 @@ namespace Circuit { static Blake2s bincodeDeserialize(std::vector); }; + struct Blake3 { + Circuit::HeapVector message; + Circuit::HeapArray output; + + friend bool operator==(const Blake3&, const Blake3&); + std::vector bincodeSerialize() const; + static Blake3 bincodeDeserialize(std::vector); + }; + struct Keccak256 { Circuit::HeapVector message; Circuit::HeapArray output; @@ -481,7 +512,29 @@ namespace Circuit { static FixedBaseScalarMul bincodeDeserialize(std::vector); }; - std::variant value; + struct EmbeddedCurveAdd { + Circuit::RegisterIndex input1_x; + Circuit::RegisterIndex input1_y; + Circuit::RegisterIndex input2_x; + Circuit::RegisterIndex input2_y; + Circuit::HeapArray result; + + friend bool operator==(const EmbeddedCurveAdd&, const EmbeddedCurveAdd&); + std::vector bincodeSerialize() const; + static EmbeddedCurveAdd bincodeDeserialize(std::vector); + }; + + struct EmbeddedCurveDouble { + Circuit::RegisterIndex input1_x; + Circuit::RegisterIndex input1_y; + Circuit::HeapArray result; + + friend bool operator==(const EmbeddedCurveDouble&, const EmbeddedCurveDouble&); + std::vector bincodeSerialize() const; + static EmbeddedCurveDouble bincodeDeserialize(std::vector); + }; + + std::variant value; friend bool operator==(const BlackBoxOp&, const BlackBoxOp&); std::vector bincodeSerialize() const; @@ -2160,6 +2213,100 @@ Circuit::BlackBoxFuncCall::FixedBaseScalarMul serde::Deserializable BlackBoxFuncCall::EmbeddedCurveAdd::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxFuncCall::EmbeddedCurveAdd BlackBoxFuncCall::EmbeddedCurveAdd::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::EmbeddedCurveAdd &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.input1_x, serializer); + serde::Serializable::serialize(obj.input1_y, serializer); + serde::Serializable::serialize(obj.input2_x, serializer); + serde::Serializable::serialize(obj.input2_y, serializer); + serde::Serializable::serialize(obj.outputs, serializer); +} + +template <> +template +Circuit::BlackBoxFuncCall::EmbeddedCurveAdd serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxFuncCall::EmbeddedCurveAdd obj; + obj.input1_x = serde::Deserializable::deserialize(deserializer); + obj.input1_y = serde::Deserializable::deserialize(deserializer); + obj.input2_x = serde::Deserializable::deserialize(deserializer); + obj.input2_y = serde::Deserializable::deserialize(deserializer); + obj.outputs = serde::Deserializable::deserialize(deserializer); + return obj; +} + +namespace Circuit { + + inline bool operator==(const BlackBoxFuncCall::EmbeddedCurveDouble &lhs, const BlackBoxFuncCall::EmbeddedCurveDouble &rhs) { + if (!(lhs.input_x == rhs.input_x)) { return false; } + if (!(lhs.input_y == rhs.input_y)) { return false; } + if (!(lhs.outputs == rhs.outputs)) { return false; } + return true; + } + + inline std::vector BlackBoxFuncCall::EmbeddedCurveDouble::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxFuncCall::EmbeddedCurveDouble BlackBoxFuncCall::EmbeddedCurveDouble::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::EmbeddedCurveDouble &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.input_x, serializer); + serde::Serializable::serialize(obj.input_y, serializer); + serde::Serializable::serialize(obj.outputs, serializer); +} + +template <> +template +Circuit::BlackBoxFuncCall::EmbeddedCurveDouble serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxFuncCall::EmbeddedCurveDouble obj; + obj.input_x = serde::Deserializable::deserialize(deserializer); + obj.input_y = serde::Deserializable::deserialize(deserializer); + obj.outputs = serde::Deserializable::deserialize(deserializer); + return obj; +} + namespace Circuit { inline bool operator==(const BlackBoxFuncCall::Keccak256 &lhs, const BlackBoxFuncCall::Keccak256 &rhs) { @@ -2457,6 +2604,47 @@ Circuit::BlackBoxOp::Blake2s serde::Deserializable return obj; } +namespace Circuit { + + inline bool operator==(const BlackBoxOp::Blake3 &lhs, const BlackBoxOp::Blake3 &rhs) { + if (!(lhs.message == rhs.message)) { return false; } + if (!(lhs.output == rhs.output)) { return false; } + return true; + } + + inline std::vector BlackBoxOp::Blake3::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxOp::Blake3 BlackBoxOp::Blake3::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxOp::Blake3 &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.message, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxOp::Blake3 serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxOp::Blake3 obj; + obj.message = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + namespace Circuit { inline bool operator==(const BlackBoxOp::Keccak256 &lhs, const BlackBoxOp::Keccak256 &rhs) { @@ -2780,6 +2968,100 @@ Circuit::BlackBoxOp::FixedBaseScalarMul serde::Deserializable BlackBoxOp::EmbeddedCurveAdd::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxOp::EmbeddedCurveAdd BlackBoxOp::EmbeddedCurveAdd::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxOp::EmbeddedCurveAdd &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.input1_x, serializer); + serde::Serializable::serialize(obj.input1_y, serializer); + serde::Serializable::serialize(obj.input2_x, serializer); + serde::Serializable::serialize(obj.input2_y, serializer); + serde::Serializable::serialize(obj.result, serializer); +} + +template <> +template +Circuit::BlackBoxOp::EmbeddedCurveAdd serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxOp::EmbeddedCurveAdd obj; + obj.input1_x = serde::Deserializable::deserialize(deserializer); + obj.input1_y = serde::Deserializable::deserialize(deserializer); + obj.input2_x = serde::Deserializable::deserialize(deserializer); + obj.input2_y = serde::Deserializable::deserialize(deserializer); + obj.result = serde::Deserializable::deserialize(deserializer); + return obj; +} + +namespace Circuit { + + inline bool operator==(const BlackBoxOp::EmbeddedCurveDouble &lhs, const BlackBoxOp::EmbeddedCurveDouble &rhs) { + if (!(lhs.input1_x == rhs.input1_x)) { return false; } + if (!(lhs.input1_y == rhs.input1_y)) { return false; } + if (!(lhs.result == rhs.result)) { return false; } + return true; + } + + inline std::vector BlackBoxOp::EmbeddedCurveDouble::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxOp::EmbeddedCurveDouble BlackBoxOp::EmbeddedCurveDouble::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxOp::EmbeddedCurveDouble &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.input1_x, serializer); + serde::Serializable::serialize(obj.input1_y, serializer); + serde::Serializable::serialize(obj.result, serializer); +} + +template <> +template +Circuit::BlackBoxOp::EmbeddedCurveDouble serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxOp::EmbeddedCurveDouble obj; + obj.input1_x = serde::Deserializable::deserialize(deserializer); + obj.input1_y = serde::Deserializable::deserialize(deserializer); + obj.result = serde::Deserializable::deserialize(deserializer); + return obj; +} + namespace Circuit { inline bool operator==(const BlockId &lhs, const BlockId &rhs) { diff --git a/acvm-repo/acir/src/circuit/black_box_functions.rs b/acvm-repo/acir/src/circuit/black_box_functions.rs index 445da50ac81..0dcfb3bc9f1 100644 --- a/acvm-repo/acir/src/circuit/black_box_functions.rs +++ b/acvm-repo/acir/src/circuit/black_box_functions.rs @@ -45,6 +45,10 @@ pub enum BlackBoxFunc { /// Compute a recursive aggregation object when verifying a proof inside another circuit. /// This outputted aggregation object will then be either checked in a top-level verifier or aggregated upon again. RecursiveAggregation, + /// Addition over the embedded curve on which [`FieldElement`][acir_field::FieldElement] is defined. + EmbeddedCurveAdd, + /// Point doubling over the embedded curve on which [`FieldElement`][acir_field::FieldElement] is defined. + EmbeddedCurveDouble } impl std::fmt::Display for BlackBoxFunc { @@ -64,6 +68,8 @@ impl BlackBoxFunc { BlackBoxFunc::PedersenHash => "pedersen_hash", BlackBoxFunc::EcdsaSecp256k1 => "ecdsa_secp256k1", BlackBoxFunc::FixedBaseScalarMul => "fixed_base_scalar_mul", + BlackBoxFunc::EmbeddedCurveAdd => "ec_add", + BlackBoxFunc::EmbeddedCurveDouble => "ec_double", BlackBoxFunc::AND => "and", BlackBoxFunc::XOR => "xor", BlackBoxFunc::RANGE => "range", @@ -84,6 +90,8 @@ impl BlackBoxFunc { "ecdsa_secp256k1" => Some(BlackBoxFunc::EcdsaSecp256k1), "ecdsa_secp256r1" => Some(BlackBoxFunc::EcdsaSecp256r1), "fixed_base_scalar_mul" => Some(BlackBoxFunc::FixedBaseScalarMul), + "ec_add" => Some(BlackBoxFunc::EmbeddedCurveAdd), + "ec_double" => Some(BlackBoxFunc::EmbeddedCurveDouble), "and" => Some(BlackBoxFunc::AND), "xor" => Some(BlackBoxFunc::XOR), "range" => Some(BlackBoxFunc::RANGE), diff --git a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs index 6e4d7fdd660..7ee4e2498a5 100644 --- a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs +++ b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs @@ -79,6 +79,18 @@ pub enum BlackBoxFuncCall { high: FunctionInput, outputs: (Witness, Witness), }, + EmbeddedCurveAdd { + input1_x: FunctionInput, + input1_y: FunctionInput, + input2_x: FunctionInput, + input2_y: FunctionInput, + outputs: (Witness, Witness), + }, + EmbeddedCurveDouble { + input_x: FunctionInput, + input_y: FunctionInput, + outputs: (Witness, Witness), + }, Keccak256 { inputs: Vec, outputs: Vec, @@ -125,6 +137,8 @@ impl BlackBoxFuncCall { BlackBoxFuncCall::EcdsaSecp256k1 { .. } => BlackBoxFunc::EcdsaSecp256k1, BlackBoxFuncCall::EcdsaSecp256r1 { .. } => BlackBoxFunc::EcdsaSecp256r1, BlackBoxFuncCall::FixedBaseScalarMul { .. } => BlackBoxFunc::FixedBaseScalarMul, + BlackBoxFuncCall::EmbeddedCurveAdd { .. } => BlackBoxFunc::EmbeddedCurveAdd, + BlackBoxFuncCall::EmbeddedCurveDouble { .. } => BlackBoxFunc::EmbeddedCurveDouble, BlackBoxFuncCall::Keccak256 { .. } => BlackBoxFunc::Keccak256, BlackBoxFuncCall::Keccak256VariableLength { .. } => BlackBoxFunc::Keccak256, BlackBoxFuncCall::Keccakf1600 { .. } => BlackBoxFunc::Keccakf1600, @@ -149,6 +163,12 @@ impl BlackBoxFuncCall { vec![*lhs, *rhs] } BlackBoxFuncCall::FixedBaseScalarMul { low, high, .. } => vec![*low, *high], + BlackBoxFuncCall::EmbeddedCurveAdd { + input1_x, input1_y, input2_x, input2_y, .. + } => vec![*input1_x, *input1_y, *input2_x, *input2_y], + BlackBoxFuncCall::EmbeddedCurveDouble { input_x, input_y, .. } => { + vec![*input_x, *input_y] + } BlackBoxFuncCall::RANGE { input } => vec![*input], BlackBoxFuncCall::SchnorrVerify { public_key_x, @@ -237,7 +257,9 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::PedersenHash { output, .. } | BlackBoxFuncCall::EcdsaSecp256r1 { output, .. } => vec![*output], BlackBoxFuncCall::FixedBaseScalarMul { outputs, .. } - | BlackBoxFuncCall::PedersenCommitment { outputs, .. } => vec![outputs.0, outputs.1], + | BlackBoxFuncCall::PedersenCommitment { outputs, .. } + | BlackBoxFuncCall::EmbeddedCurveAdd { outputs, .. } + | BlackBoxFuncCall::EmbeddedCurveDouble { outputs, .. } => vec![outputs.0, outputs.1], BlackBoxFuncCall::RANGE { .. } | BlackBoxFuncCall::RecursiveAggregation { .. } => { vec![] } diff --git a/acvm-repo/acvm/src/compiler/transformers/mod.rs b/acvm-repo/acvm/src/compiler/transformers/mod.rs index d26b3f8bbf3..99f1ca23b5b 100644 --- a/acvm-repo/acvm/src/compiler/transformers/mod.rs +++ b/acvm-repo/acvm/src/compiler/transformers/mod.rs @@ -123,6 +123,14 @@ pub(super) fn transform_internal( outputs, .. } + | acir::circuit::opcodes::BlackBoxFuncCall::EmbeddedCurveAdd { + outputs, + .. + } + | acir::circuit::opcodes::BlackBoxFuncCall::EmbeddedCurveDouble { + outputs, + .. + } | acir::circuit::opcodes::BlackBoxFuncCall::PedersenCommitment { outputs, .. diff --git a/acvm-repo/acvm/src/pwg/blackbox/mod.rs b/acvm-repo/acvm/src/pwg/blackbox/mod.rs index c18a97733b8..ca355b6045d 100644 --- a/acvm-repo/acvm/src/pwg/blackbox/mod.rs +++ b/acvm-repo/acvm/src/pwg/blackbox/mod.rs @@ -177,6 +177,12 @@ pub(crate) fn solve( BlackBoxFuncCall::FixedBaseScalarMul { low, high, outputs } => { fixed_base_scalar_mul(backend, initial_witness, *low, *high, *outputs) } + BlackBoxFuncCall::EmbeddedCurveAdd { .. } => { + todo!(); + } + BlackBoxFuncCall::EmbeddedCurveDouble { .. } => { + todo!(); + } // Recursive aggregation will be entirely handled by the backend and is not solved by the ACVM BlackBoxFuncCall::RecursiveAggregation { .. } => Ok(()), } diff --git a/acvm-repo/blackbox_solver/src/lib.rs b/acvm-repo/blackbox_solver/src/lib.rs index 9518854de8e..e11b9316fdd 100644 --- a/acvm-repo/blackbox_solver/src/lib.rs +++ b/acvm-repo/blackbox_solver/src/lib.rs @@ -47,6 +47,18 @@ pub trait BlackBoxFunctionSolver { low: &FieldElement, high: &FieldElement, ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError>; + fn ec_add( + &self, + input1_x: &FieldElement, + input1_y: &FieldElement, + input2_x: &FieldElement, + input2_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError>; + fn ec_double( + &self, + input_x: &FieldElement, + input_x: &FieldElement, + ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError>; } pub fn sha256(inputs: &[u8]) -> Result<[u8; 32], BlackBoxResolutionError> { diff --git a/acvm-repo/bn254_blackbox_solver/src/lib.rs b/acvm-repo/bn254_blackbox_solver/src/lib.rs index e315c4650be..92c45e93dea 100644 --- a/acvm-repo/bn254_blackbox_solver/src/lib.rs +++ b/acvm-repo/bn254_blackbox_solver/src/lib.rs @@ -87,4 +87,22 @@ impl BlackBoxFunctionSolver for Bn254BlackBoxSolver { ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { fixed_base_scalar_mul(low, high) } + + fn ec_add( + &self, + _input1_x: &FieldElement, + _input1_y: &FieldElement, + _input2_x: &FieldElement, + _input2_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { + todo!(); + } + + fn ec_double( + &self, + _input_x: &FieldElement, + _input_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { + todo!(); + } } diff --git a/acvm-repo/brillig/src/black_box.rs b/acvm-repo/brillig/src/black_box.rs index 41e54ab2705..2286539e4c1 100644 --- a/acvm-repo/brillig/src/black_box.rs +++ b/acvm-repo/brillig/src/black_box.rs @@ -9,6 +9,8 @@ pub enum BlackBoxOp { Sha256 { message: HeapVector, output: HeapArray }, /// Calculates the Blake2s hash of the inputs. Blake2s { message: HeapVector, output: HeapArray }, + /// Calculates the Blake3 hash of the inputs. + Blake3 { message: HeapVector, output: HeapArray }, /// Calculates the Keccak256 hash of the inputs. Keccak256 { message: HeapVector, output: HeapArray }, /// Verifies a ECDSA signature over the secp256k1 curve. @@ -41,4 +43,14 @@ pub enum BlackBoxOp { PedersenHash { inputs: HeapVector, domain_separator: RegisterIndex, output: RegisterIndex }, /// Performs scalar multiplication over the embedded curve. FixedBaseScalarMul { low: RegisterIndex, high: RegisterIndex, result: HeapArray }, + /// Performs addtion over the embedded curve. + EmbeddedCurveAdd { + input1_x: RegisterIndex, + input1_y: RegisterIndex, + input2_x: RegisterIndex, + input2_y: RegisterIndex, + result: HeapArray, + }, + /// Performs point doubling over the embedded curve. + EmbeddedCurveDouble { input1_x: RegisterIndex, input1_y: RegisterIndex, result: HeapArray }, } diff --git a/acvm-repo/brillig_vm/src/black_box.rs b/acvm-repo/brillig_vm/src/black_box.rs index 94feb23e1a6..a6e904c2902 100644 --- a/acvm-repo/brillig_vm/src/black_box.rs +++ b/acvm-repo/brillig_vm/src/black_box.rs @@ -1,7 +1,7 @@ use acir::brillig::{BlackBoxOp, HeapArray, HeapVector, Value}; use acir::{BlackBoxFunc, FieldElement}; use acvm_blackbox_solver::{ - blake2s, ecdsa_secp256k1_verify, ecdsa_secp256r1_verify, keccak256, sha256, + blake2s, blake3, ecdsa_secp256k1_verify, ecdsa_secp256r1_verify, keccak256, sha256, BlackBoxFunctionSolver, BlackBoxResolutionError, }; @@ -58,6 +58,12 @@ pub(crate) fn evaluate_black_box( memory.write_slice(registers.get(output.pointer).to_usize(), &to_value_vec(&bytes)); Ok(()) } + BlackBoxOp::Blake3 { message, output } => { + let message = to_u8_vec(read_heap_vector(memory, registers, message)); + let bytes = blake3(message.as_slice())?; + memory.write_slice(registers.get(output.pointer).to_usize(), &to_value_vec(&bytes)); + Ok(()) + } BlackBoxOp::Keccak256 { message, output } => { let message = to_u8_vec(read_heap_vector(memory, registers, message)); let bytes = keccak256(message.as_slice())?; @@ -136,6 +142,22 @@ pub(crate) fn evaluate_black_box( memory.write_slice(registers.get(result.pointer).to_usize(), &[x.into(), y.into()]); Ok(()) } + BlackBoxOp::EmbeddedCurveAdd { input1_x, input1_y, input2_x, input2_y, result } => { + let input1_x = registers.get(*input1_x).to_field(); + let input1_y = registers.get(*input1_y).to_field(); + let input2_x = registers.get(*input2_x).to_field(); + let input2_y = registers.get(*input2_y).to_field(); + let (x, y) = solver.ec_add(&input1_x, &input1_y, &input2_x, &input2_y)?; + memory.write_slice(registers.get(result.pointer).to_usize(), &[x.into(), y.into()]); + Ok(()) + } + BlackBoxOp::EmbeddedCurveDouble { input1_x, input1_y, result } => { + let input1_x = registers.get(*input1_x).to_field(); + let input1_y = registers.get(*input1_y).to_field(); + let (x, y) = solver.ec_double(&input1_x, &input1_y)?; + memory.write_slice(registers.get(result.pointer).to_usize(), &[x.into(), y.into()]); + Ok(()) + } BlackBoxOp::PedersenCommitment { inputs, domain_separator, output } => { let inputs: Vec = read_heap_vector(memory, registers, inputs).iter().map(|x| x.to_field()).collect(); @@ -171,6 +193,7 @@ fn black_box_function_from_op(op: &BlackBoxOp) -> BlackBoxFunc { match op { BlackBoxOp::Sha256 { .. } => BlackBoxFunc::SHA256, BlackBoxOp::Blake2s { .. } => BlackBoxFunc::Blake2s, + BlackBoxOp::Blake3 { .. } => BlackBoxFunc::Blake3, BlackBoxOp::Keccak256 { .. } => BlackBoxFunc::Keccak256, BlackBoxOp::EcdsaSecp256k1 { .. } => BlackBoxFunc::EcdsaSecp256k1, BlackBoxOp::EcdsaSecp256r1 { .. } => BlackBoxFunc::EcdsaSecp256r1, @@ -178,6 +201,8 @@ fn black_box_function_from_op(op: &BlackBoxOp) -> BlackBoxFunc { BlackBoxOp::PedersenCommitment { .. } => BlackBoxFunc::PedersenCommitment, BlackBoxOp::PedersenHash { .. } => BlackBoxFunc::PedersenHash, BlackBoxOp::FixedBaseScalarMul { .. } => BlackBoxFunc::FixedBaseScalarMul, + BlackBoxOp::EmbeddedCurveAdd { .. } => BlackBoxFunc::EmbeddedCurveAdd, + BlackBoxOp::EmbeddedCurveDouble { .. } => BlackBoxFunc::EmbeddedCurveDouble, } } diff --git a/acvm-repo/brillig_vm/src/lib.rs b/acvm-repo/brillig_vm/src/lib.rs index 482b9b36d77..df4c8135bce 100644 --- a/acvm-repo/brillig_vm/src/lib.rs +++ b/acvm-repo/brillig_vm/src/lib.rs @@ -451,6 +451,22 @@ impl BlackBoxFunctionSolver for DummyBlackBoxSolver { ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { Ok((4_u128.into(), 5_u128.into())) } + fn ec_add( + &self, + _input1_x: &FieldElement, + _input1_y: &FieldElement, + _input2_x: &FieldElement, + _input2_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { + Ok((5_u128.into(), 6_u128.into())) + } + fn ec_double( + &self, + _input1_x: &FieldElement, + _input1_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { + Ok((7_u128.into(), 8_u128.into())) + } } #[cfg(test)] diff --git a/aztec_macros/src/lib.rs b/aztec_macros/src/lib.rs index 24f0f5a71b6..8026673b680 100644 --- a/aztec_macros/src/lib.rs +++ b/aztec_macros/src/lib.rs @@ -620,7 +620,21 @@ fn create_context(ty: &str, params: &[Param]) -> Vec { UnresolvedTypeData::Integer(..) | UnresolvedTypeData::Bool => { add_cast_to_hasher(identifier) } - _ => unreachable!("[Aztec Noir] Provided parameter type is not supported"), + UnresolvedTypeData::String(..) => { + let (var_bytes, id) = str_to_bytes(identifier); + injected_expressions.push(var_bytes); + add_array_to_hasher( + &id, + &UnresolvedType { + typ: UnresolvedTypeData::Integer(Signedness::Unsigned, 32), + span: None, + }, + ) + } + _ => panic!( + "[Aztec Noir] Provided parameter type: {:?} is not supported", + unresolved_type + ), }; injected_expressions.push(expression); } @@ -909,6 +923,21 @@ fn add_struct_to_hasher(identifier: &Ident) -> Statement { ))) } +fn str_to_bytes(identifier: &Ident) -> (Statement, Ident) { + // let identifier_as_bytes = identifier.as_bytes(); + let var = variable_ident(identifier.clone()); + let contents = if let ExpressionKind::Variable(p) = &var.kind { + p.segments.first().cloned().unwrap_or_else(|| panic!("No segments")).0.contents + } else { + panic!("Unexpected identifier type") + }; + let bytes_name = format!("{}_bytes", contents); + let var_bytes = assignment(&bytes_name, method_call(var, "as_bytes", vec![])); + let id = Ident::new(bytes_name, Span::default()); + + (var_bytes, id) +} + fn create_loop_over(var: Expression, loop_body: Vec) -> Statement { // If this is an array of primitive types (integers / fields) we can add them each to the hasher // casted to a field diff --git a/bootstrap_cache.sh b/bootstrap_cache.sh new file mode 100755 index 00000000000..6e411a161cc --- /dev/null +++ b/bootstrap_cache.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash +set -eu + +cd "$(dirname "$0")" +source ../build-system/scripts/setup_env '' '' mainframe_$USER > /dev/null + +echo -e "\033[1mRetrieving noir packages from remote cache...\033[0m" +extract_repo noir-packages /usr/src/noir/packages ./noir +echo -e "\033[1mRetrieving nargo from remote cache...\033[0m" +extract_repo noir /usr/src/noir/target/release ./noir/target diff --git a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs index a6d3220fa85..5a5f9694534 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs @@ -41,6 +41,19 @@ pub(crate) fn convert_black_box_call( unreachable!("ICE: Blake2s expects one array argument and one array result") } } + BlackBoxFunc::Blake3 => { + if let ([message], [BrilligVariable::BrilligArray(result_array)]) = + (function_arguments, function_results) + { + let message_vector = convert_array_or_vector(brillig_context, message, bb_func); + brillig_context.black_box_op_instruction(BlackBoxOp::Blake3 { + message: message_vector.to_heap_vector(), + output: result_array.to_heap_array(), + }); + } else { + unreachable!("ICE: Blake3 expects one array argument and one array result") + } + } BlackBoxFunc::Keccak256 => { if let ( [message, BrilligVariable::Simple(array_size)], @@ -169,6 +182,42 @@ pub(crate) fn convert_black_box_call( ) } } + BlackBoxFunc::EmbeddedCurveAdd => { + if let ( + [BrilligVariable::Simple(input1_x), BrilligVariable::Simple(input1_y), BrilligVariable::Simple(input2_x), BrilligVariable::Simple(input2_y)], + [BrilligVariable::BrilligArray(result_array)], + ) = (function_arguments, function_results) + { + brillig_context.black_box_op_instruction(BlackBoxOp::EmbeddedCurveAdd { + input1_x: *input1_x, + input1_y: *input1_y, + input2_x: *input2_x, + input2_y: *input2_y, + result: result_array.to_heap_array(), + }); + } else { + unreachable!( + "ICE: EmbeddedCurveAdd expects four register arguments and one array result" + ) + } + } + BlackBoxFunc::EmbeddedCurveDouble => { + if let ( + [BrilligVariable::Simple(input1_x), BrilligVariable::Simple(input1_y)], + [BrilligVariable::BrilligArray(result_array)], + ) = (function_arguments, function_results) + { + brillig_context.black_box_op_instruction(BlackBoxOp::EmbeddedCurveDouble { + input1_x: *input1_x, + input1_y: *input1_y, + result: result_array.to_heap_array(), + }); + } else { + unreachable!( + "ICE: EmbeddedCurveAdd expects two register arguments and one array result" + ) + } + } BlackBoxFunc::AND => { unreachable!("ICE: `BlackBoxFunc::AND` calls should be transformed into a `BinaryOp`") } @@ -181,9 +230,6 @@ pub(crate) fn convert_black_box_call( BlackBoxFunc::RecursiveAggregation => unimplemented!( "ICE: `BlackBoxFunc::RecursiveAggregation` is not implemented by the Brillig VM" ), - BlackBoxFunc::Blake3 => { - unimplemented!("ICE: `BlackBoxFunc::Blake3` is not implemented by the Brillig VM") - } BlackBoxFunc::Keccakf1600 => { unimplemented!("ICE: `BlackBoxFunc::Keccakf1600` is not implemented by the Brillig VM") } diff --git a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs index 74b24b280cd..66c6b3b0249 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs @@ -353,6 +353,9 @@ impl DebugShow { BlackBoxOp::Blake2s { message, output } => { debug_println!(self.enable_debug_trace, " BLAKE2S {} -> {}", message, output); } + BlackBoxOp::Blake3 { message, output } => { + debug_println!(self.enable_debug_trace, " BLAKE3 {} -> {}", message, output); + } BlackBoxOp::EcdsaSecp256k1 { hashed_msg, public_key_x, @@ -396,6 +399,26 @@ impl DebugShow { result ); } + BlackBoxOp::EmbeddedCurveAdd { input1_x, input1_y, input2_x, input2_y, result } => { + debug_println!( + self.enable_debug_trace, + " EMBEDDED_CURVE_ADD ({} {}) ({} {}) -> {}", + input1_x, + input1_y, + input2_x, + input2_y, + result + ); + } + BlackBoxOp::EmbeddedCurveDouble { input1_x, input1_y, result } => { + debug_println!( + self.enable_debug_trace, + " EMBEDDED_CURVE_DOUBLE ({} {}) -> {}", + input1_x, + input1_y, + result + ); + } BlackBoxOp::PedersenCommitment { inputs, domain_separator, output } => { debug_println!( self.enable_debug_trace, diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/acir_variable.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/acir_variable.rs index ddafc0bb570..f8b8579eb66 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/acir_variable.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/acir_variable.rs @@ -1749,6 +1749,28 @@ fn execute_brillig( "FixedBaseScalarMul is not supported".to_string(), )) } + fn ec_add( + &self, + _input1_x: &FieldElement, + _input1_y: &FieldElement, + _input2_x: &FieldElement, + _input2_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { + Err(BlackBoxResolutionError::Failed( + BlackBoxFunc::EmbeddedCurveAdd, + "EcAdd is not supported".to_string(), + )) + } + fn ec_double( + &self, + _input_x: &FieldElement, + _input_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { + Err(BlackBoxResolutionError::Failed( + BlackBoxFunc::EmbeddedCurveDouble, + "EcDouble is not supported".to_string(), + )) + } } // Set input values diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs index 2506af8c8c8..336e88da48a 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs @@ -205,6 +205,18 @@ impl GeneratedAcir { high: inputs[1][0], outputs: (outputs[0], outputs[1]), }, + BlackBoxFunc::EmbeddedCurveAdd => BlackBoxFuncCall::EmbeddedCurveAdd { + input1_x: inputs[0][0], + input1_y: inputs[1][0], + input2_x: inputs[2][0], + input2_y: inputs[3][0], + outputs: (outputs[0], outputs[1]), + }, + BlackBoxFunc::EmbeddedCurveDouble => BlackBoxFuncCall::EmbeddedCurveDouble { + input_x: inputs[0][0], + input_y: inputs[1][0], + outputs: (outputs[0], outputs[1]), + }, BlackBoxFunc::Keccak256 => { let var_message_size = match inputs.to_vec().pop() { Some(var_message_size) => var_message_size[0], @@ -579,6 +591,10 @@ fn black_box_func_expected_input_size(name: BlackBoxFunc) -> Option { BlackBoxFunc::FixedBaseScalarMul => Some(2), // Recursive aggregation has a variable number of inputs BlackBoxFunc::RecursiveAggregation => None, + // Addition over the embedded curve: input are coordinates (x1,y1) and (x2,y2) of the Grumpkin points + BlackBoxFunc::EmbeddedCurveAdd => Some(4), + // Doubling over the embedded curve: input is (x,y) coordinate of the point. + BlackBoxFunc::EmbeddedCurveDouble => Some(2), } } @@ -606,9 +622,11 @@ fn black_box_expected_output_size(name: BlackBoxFunc) -> Option { BlackBoxFunc::SchnorrVerify | BlackBoxFunc::EcdsaSecp256k1 | BlackBoxFunc::EcdsaSecp256r1 => Some(1), - // Output of fixed based scalar mul over the embedded curve + // Output of operations over the embedded curve // will be 2 field elements representing the point. - BlackBoxFunc::FixedBaseScalarMul => Some(2), + BlackBoxFunc::FixedBaseScalarMul + | BlackBoxFunc::EmbeddedCurveAdd + | BlackBoxFunc::EmbeddedCurveDouble => Some(2), // Recursive aggregation has a variable number of outputs BlackBoxFunc::RecursiveAggregation => None, } diff --git a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs index 146a4a8f124..86e855b2cc0 100644 --- a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs +++ b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs @@ -424,7 +424,9 @@ fn simplify_black_box_func( BlackBoxFunc::FixedBaseScalarMul | BlackBoxFunc::SchnorrVerify | BlackBoxFunc::PedersenCommitment - | BlackBoxFunc::PedersenHash => { + | BlackBoxFunc::PedersenHash + | BlackBoxFunc::EmbeddedCurveAdd + | BlackBoxFunc::EmbeddedCurveDouble => { // Currently unsolvable here as we rely on an implementation in the backend. SimplifyResult::None } diff --git a/compiler/noirc_evaluator/src/ssa/opt/constant_folding.rs b/compiler/noirc_evaluator/src/ssa/opt/constant_folding.rs index addaee3ba8d..62e91dfa9c8 100644 --- a/compiler/noirc_evaluator/src/ssa/opt/constant_folding.rs +++ b/compiler/noirc_evaluator/src/ssa/opt/constant_folding.rs @@ -187,7 +187,7 @@ mod test { instruction::{Binary, BinaryOp, Instruction, TerminatorInstruction}, map::Id, types::Type, - value::{Value, ValueId}, + value::Value, }, }; diff --git a/compiler/noirc_frontend/src/node_interner.rs b/compiler/noirc_frontend/src/node_interner.rs index e30f2019f35..6ad9a82dbf6 100644 --- a/compiler/noirc_frontend/src/node_interner.rs +++ b/compiler/noirc_frontend/src/node_interner.rs @@ -1121,6 +1121,7 @@ impl NodeInterner { } /// Adds a trait implementation to the list of known implementations. + #[tracing::instrument(skip(self))] pub fn add_trait_implementation( &mut self, object_type: Type, diff --git a/compiler/wasm/.gitignore b/compiler/wasm/.gitignore index f9d4af3fe3b..2c992f6c0b2 100644 --- a/compiler/wasm/.gitignore +++ b/compiler/wasm/.gitignore @@ -1,3 +1,4 @@ noir-script/target dist build + diff --git a/compiler/wasm/package.json b/compiler/wasm/package.json index 1235a748d13..4a71d8aa77d 100644 --- a/compiler/wasm/package.json +++ b/compiler/wasm/package.json @@ -9,9 +9,10 @@ "types": "./dist/types/src/index.d.cts", "exports": { "node": "./dist/node/main.js", - "default": "./dist/web/main.mjs", "import": "./dist/web/main.mjs", - "require": "./dist/node/main.js" + "require": "./dist/node/main.js", + "types": "./dist/types/src/index.d.cts", + "default": "./dist/web/main.mjs" }, "files": [ "dist", diff --git a/docs/docs/reference/NoirJS/backend_barretenberg/index.md b/docs/docs/reference/NoirJS/backend_barretenberg/index.md index bfbecb52864..e32501acb71 100644 --- a/docs/docs/reference/NoirJS/backend_barretenberg/index.md +++ b/docs/docs/reference/NoirJS/backend_barretenberg/index.md @@ -24,21 +24,22 @@ ## Functions -### flattenPublicInputs() +### publicInputsToWitnessMap() ```ts -flattenPublicInputs(publicInputs): string[] +publicInputsToWitnessMap(publicInputs, abi): WitnessMap ``` #### Parameters | Parameter | Type | | :------ | :------ | -| `publicInputs` | `WitnessMap` | +| `publicInputs` | `string`[] | +| `abi` | `Abi` | #### Returns -`string`[] +`WitnessMap` *** diff --git a/docs/docs/reference/NoirJS/backend_barretenberg/type-aliases/ProofData.md b/docs/docs/reference/NoirJS/backend_barretenberg/type-aliases/ProofData.md index 3eb360a78f1..05cebbc4e94 100644 --- a/docs/docs/reference/NoirJS/backend_barretenberg/type-aliases/ProofData.md +++ b/docs/docs/reference/NoirJS/backend_barretenberg/type-aliases/ProofData.md @@ -13,7 +13,7 @@ The representation of a proof | Member | Type | Description | | :------ | :------ | :------ | | `proof` | `Uint8Array` | **Description**

An byte array representing the proof | -| `publicInputs` | `WitnessMap` | **Description**

Public inputs of a proof | +| `publicInputs` | `string`[] | **Description**

Public inputs of a proof | *** diff --git a/docs/docs/reference/NoirJS/noir_js/type-aliases/ProofData.md b/docs/docs/reference/NoirJS/noir_js/type-aliases/ProofData.md index 3eb360a78f1..05cebbc4e94 100644 --- a/docs/docs/reference/NoirJS/noir_js/type-aliases/ProofData.md +++ b/docs/docs/reference/NoirJS/noir_js/type-aliases/ProofData.md @@ -13,7 +13,7 @@ The representation of a proof | Member | Type | Description | | :------ | :------ | :------ | | `proof` | `Uint8Array` | **Description**

An byte array representing the proof | -| `publicInputs` | `WitnessMap` | **Description**

Public inputs of a proof | +| `publicInputs` | `string`[] | **Description**

Public inputs of a proof | *** diff --git a/test_programs/.gitignore b/test_programs/.gitignore index 01a3426160c..a229df6197f 100644 --- a/test_programs/.gitignore +++ b/test_programs/.gitignore @@ -1 +1,2 @@ acir_artifacts +execution_success/**/crs \ No newline at end of file diff --git a/test_programs/execution_success/brillig_blake3/Nargo.toml b/test_programs/execution_success/brillig_blake3/Nargo.toml new file mode 100644 index 00000000000..879476dbdcf --- /dev/null +++ b/test_programs/execution_success/brillig_blake3/Nargo.toml @@ -0,0 +1,7 @@ +[package] +name = "brillig_blake3" +type = "bin" +authors = [""] +compiler_version = ">=0.22.0" + +[dependencies] diff --git a/test_programs/execution_success/brillig_blake3/Prover.toml b/test_programs/execution_success/brillig_blake3/Prover.toml new file mode 100644 index 00000000000..c807701479b --- /dev/null +++ b/test_programs/execution_success/brillig_blake3/Prover.toml @@ -0,0 +1,37 @@ +# hello as bytes +# https://connor4312.github.io/blake3/index.html +x = [104, 101, 108, 108, 111] +result = [ + 0xea, + 0x8f, + 0x16, + 0x3d, + 0xb3, + 0x86, + 0x82, + 0x92, + 0x5e, + 0x44, + 0x91, + 0xc5, + 0xe5, + 0x8d, + 0x4b, + 0xb3, + 0x50, + 0x6e, + 0xf8, + 0xc1, + 0x4e, + 0xb7, + 0x8a, + 0x86, + 0xe9, + 0x08, + 0xc5, + 0x62, + 0x4a, + 0x67, + 0x20, + 0x0f, +] diff --git a/test_programs/execution_success/brillig_blake3/src/main.nr b/test_programs/execution_success/brillig_blake3/src/main.nr new file mode 100644 index 00000000000..05a5b31f936 --- /dev/null +++ b/test_programs/execution_success/brillig_blake3/src/main.nr @@ -0,0 +1,6 @@ +use dep::std; + +unconstrained fn main(x: [u8; 5], result: [u8; 32]) { + let digest = std::hash::blake3(x); + assert(digest == result); +} diff --git a/tooling/backend_interface/src/cli/info.rs b/tooling/backend_interface/src/cli/info.rs index 81b811f0e32..934351dd517 100644 --- a/tooling/backend_interface/src/cli/info.rs +++ b/tooling/backend_interface/src/cli/info.rs @@ -13,12 +13,6 @@ pub(crate) struct InfoCommand { #[derive(Deserialize)] struct InfoResponse { language: LanguageResponse, - #[allow(dead_code)] - #[deprecated(note = "This field is deprecated and will be removed in the future")] - opcodes_supported: Vec, - #[allow(dead_code)] - #[deprecated(note = "This field is deprecated and will be removed in the future")] - black_box_functions_supported: Vec, } #[derive(Deserialize)] diff --git a/tooling/lsp/src/requests/goto_definition.rs b/tooling/lsp/src/requests/goto_definition.rs index 6d44761de94..f339cdfdb2f 100644 --- a/tooling/lsp/src/requests/goto_definition.rs +++ b/tooling/lsp/src/requests/goto_definition.rs @@ -137,3 +137,25 @@ mod goto_definition_tests { assert!(&response.is_some()); } } + +#[cfg(test)] +mod character_to_line_offset_tests { + use super::*; + + #[test] + fn test_character_to_line_offset() { + let line = "Hello, dark!"; + let character = 8; + + let result = character_to_line_offset(line, character).unwrap(); + assert_eq!(result, 8); + + // In the case of a multi-byte character, the offset should be the byte index of the character + // byte offset for 8 character (黑) is expected to be 10 + let line = "Hello, 黑!"; + let character = 8; + + let result = character_to_line_offset(line, character).unwrap(); + assert_eq!(result, 10); + } +} diff --git a/tooling/lsp/src/solver.rs b/tooling/lsp/src/solver.rs index 090f71d63b4..5d95c88e49b 100644 --- a/tooling/lsp/src/solver.rs +++ b/tooling/lsp/src/solver.rs @@ -39,6 +39,24 @@ impl BlackBoxFunctionSolver for WrapperSolver { ) -> Result { self.0.pedersen_hash(inputs, domain_separator) } + + fn ec_add( + &self, + input1_x: &acvm::FieldElement, + input1_y: &acvm::FieldElement, + input2_x: &acvm::FieldElement, + input2_y: &acvm::FieldElement, + ) -> Result<(acvm::FieldElement, acvm::FieldElement), acvm::BlackBoxResolutionError> { + self.0.ec_add(input1_x, input1_y, input2_x, input2_y) + } + + fn ec_double( + &self, + input_x: &acvm::FieldElement, + input_y: &acvm::FieldElement, + ) -> Result<(acvm::FieldElement, acvm::FieldElement), acvm::BlackBoxResolutionError> { + self.0.ec_double(input_x, input_y) + } } // We also have a mocked implementation of the `BlackBoxFunctionSolver` trait for use in tests diff --git a/yarn.lock b/yarn.lock index f4e0ce7df36..1a0fc6d828f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -11520,6 +11520,18 @@ __metadata: languageName: node linkType: hard +<<<<<<< HEAD +"fast-fifo@npm:^1.1.0, fast-fifo@npm:^1.2.0": + version: 1.3.2 + resolution: "fast-fifo@npm:1.3.2" + checksum: 6bfcba3e4df5af7be3332703b69a7898a8ed7020837ec4395bb341bd96cc3a6d86c3f6071dd98da289618cf2234c70d84b2a6f09a33dd6f988b1ff60d8e54275 + languageName: node + linkType: hard + +"fast-glob@npm:^3.2.11, fast-glob@npm:^3.2.12, fast-glob@npm:^3.2.9, fast-glob@npm:^3.3.0": +||||||| a3366d645 +"fast-glob@npm:^3.2.11, fast-glob@npm:^3.2.12, fast-glob@npm:^3.2.9, fast-glob@npm:^3.3.0": +======= "fast-equals@npm:^5.0.1": version: 5.0.1 resolution: "fast-equals@npm:5.0.1" @@ -11535,6 +11547,7 @@ __metadata: linkType: hard "fast-glob@npm:^3.2.11, fast-glob@npm:^3.2.12, fast-glob@npm:^3.2.9, fast-glob@npm:^3.3.0, fast-glob@npm:^3.3.2": +>>>>>>> refs/subrepo/noir/fetch version: 3.3.2 resolution: "fast-glob@npm:3.3.2" dependencies: @@ -12133,6 +12146,18 @@ __metadata: languageName: node linkType: hard +<<<<<<< HEAD +"fwd-stream@npm:^1.0.4": + version: 1.0.4 + resolution: "fwd-stream@npm:1.0.4" + dependencies: + readable-stream: ~1.0.26-4 + checksum: db4dcf68f214b3fabd6cd9658630dfd1d7ed8d43f7f45408027a90220cd75276e782d1e958821775d7a3a4a83034778e75a097bdc7002c758e8896f76213c65d + languageName: node + linkType: hard + +||||||| a3366d645 +======= "fwd-stream@npm:^1.0.4": version: 1.0.4 resolution: "fwd-stream@npm:1.0.4" @@ -12149,6 +12174,7 @@ __metadata: languageName: node linkType: hard +>>>>>>> refs/subrepo/noir/fetch "gensync@npm:^1.0.0-beta.1, gensync@npm:^1.0.0-beta.2": version: 1.0.0-beta.2 resolution: "gensync@npm:1.0.0-beta.2" @@ -13365,6 +13391,21 @@ __metadata: languageName: node linkType: hard +<<<<<<< HEAD +"import-local@npm:^3.0.2": + version: 3.1.0 + resolution: "import-local@npm:3.1.0" + dependencies: + pkg-dir: ^4.2.0 + resolve-cwd: ^3.0.0 + bin: + import-local-fixture: fixtures/cli.js + checksum: bfcdb63b5e3c0e245e347f3107564035b128a414c4da1172a20dc67db2504e05ede4ac2eee1252359f78b0bfd7b19ef180aec427c2fce6493ae782d73a04cddd + languageName: node + linkType: hard + +||||||| a3366d645 +======= "import-local@npm:^3.0.2": version: 3.1.0 resolution: "import-local@npm:3.1.0" @@ -13384,6 +13425,7 @@ __metadata: languageName: node linkType: hard +>>>>>>> refs/subrepo/noir/fetch "imurmurhash@npm:^0.1.4": version: 0.1.4 resolution: "imurmurhash@npm:0.1.4" From 7c357e4561aeccfd0b144b279ba9d1a05314006c Mon Sep 17 00:00:00 2001 From: Tom French <15848336+TomAFrench@users.noreply.github.com> Date: Thu, 11 Jan 2024 22:57:19 +0000 Subject: [PATCH 36/67] feat!: implement keccakf1600 in brillig (#3914) --- acvm-repo/acir/codegen/acir.cpp | 52 ++++++++++++++++++- acvm-repo/acvm/src/pwg/blackbox/mod.rs | 4 +- acvm-repo/brillig/src/black_box.rs | 2 + acvm-repo/brillig_vm/src/black_box.rs | 19 ++++++- .../brillig/brillig_gen/brillig_black_box.rs | 17 ++++-- .../src/brillig/brillig_ir/debug_show.rs | 3 ++ 6 files changed, 89 insertions(+), 8 deletions(-) diff --git a/acvm-repo/acir/codegen/acir.cpp b/acvm-repo/acir/codegen/acir.cpp index 7d9d293a776..30f6e756337 100644 --- a/acvm-repo/acir/codegen/acir.cpp +++ b/acvm-repo/acir/codegen/acir.cpp @@ -446,6 +446,15 @@ namespace Circuit { static Keccak256 bincodeDeserialize(std::vector); }; + struct Keccakf1600 { + Circuit::HeapVector message; + Circuit::HeapArray output; + + friend bool operator==(const Keccakf1600&, const Keccakf1600&); + std::vector bincodeSerialize() const; + static Keccakf1600 bincodeDeserialize(std::vector); + }; + struct EcdsaSecp256k1 { Circuit::HeapVector hashed_msg; Circuit::HeapArray public_key_x; @@ -534,7 +543,7 @@ namespace Circuit { static EmbeddedCurveDouble bincodeDeserialize(std::vector); }; - std::variant value; + std::variant value; friend bool operator==(const BlackBoxOp&, const BlackBoxOp&); std::vector bincodeSerialize() const; @@ -2686,6 +2695,47 @@ Circuit::BlackBoxOp::Keccak256 serde::Deserializable BlackBoxOp::Keccakf1600::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxOp::Keccakf1600 BlackBoxOp::Keccakf1600::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxOp::Keccakf1600 &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.message, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxOp::Keccakf1600 serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxOp::Keccakf1600 obj; + obj.message = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + namespace Circuit { inline bool operator==(const BlackBoxOp::EcdsaSecp256k1 &lhs, const BlackBoxOp::EcdsaSecp256k1 &rhs) { diff --git a/acvm-repo/acvm/src/pwg/blackbox/mod.rs b/acvm-repo/acvm/src/pwg/blackbox/mod.rs index ca355b6045d..5eea234885c 100644 --- a/acvm-repo/acvm/src/pwg/blackbox/mod.rs +++ b/acvm-repo/acvm/src/pwg/blackbox/mod.rs @@ -119,8 +119,8 @@ pub(crate) fn solve( let lane = witness_assignment.try_to_u64(); state[i] = lane.unwrap(); } - let state = keccakf1600(state)?; - for (output_witness, value) in outputs.iter().zip(state.into_iter()) { + let output_state = keccakf1600(state)?; + for (output_witness, value) in outputs.iter().zip(output_state.into_iter()) { insert_value(output_witness, FieldElement::from(value as u128), initial_witness)?; } Ok(()) diff --git a/acvm-repo/brillig/src/black_box.rs b/acvm-repo/brillig/src/black_box.rs index 2286539e4c1..e63da276a7f 100644 --- a/acvm-repo/brillig/src/black_box.rs +++ b/acvm-repo/brillig/src/black_box.rs @@ -13,6 +13,8 @@ pub enum BlackBoxOp { Blake3 { message: HeapVector, output: HeapArray }, /// Calculates the Keccak256 hash of the inputs. Keccak256 { message: HeapVector, output: HeapArray }, + /// Keccak Permutation function of 1600 width + Keccakf1600 { message: HeapVector, output: HeapArray }, /// Verifies a ECDSA signature over the secp256k1 curve. EcdsaSecp256k1 { hashed_msg: HeapVector, diff --git a/acvm-repo/brillig_vm/src/black_box.rs b/acvm-repo/brillig_vm/src/black_box.rs index a6e904c2902..463038509e1 100644 --- a/acvm-repo/brillig_vm/src/black_box.rs +++ b/acvm-repo/brillig_vm/src/black_box.rs @@ -1,8 +1,8 @@ use acir::brillig::{BlackBoxOp, HeapArray, HeapVector, Value}; use acir::{BlackBoxFunc, FieldElement}; use acvm_blackbox_solver::{ - blake2s, blake3, ecdsa_secp256k1_verify, ecdsa_secp256r1_verify, keccak256, sha256, - BlackBoxFunctionSolver, BlackBoxResolutionError, + blake2s, blake3, ecdsa_secp256k1_verify, ecdsa_secp256r1_verify, keccak256, keccakf1600, + sha256, BlackBoxFunctionSolver, BlackBoxResolutionError, }; use crate::{Memory, Registers}; @@ -70,6 +70,20 @@ pub(crate) fn evaluate_black_box( memory.write_slice(registers.get(output.pointer).to_usize(), &to_value_vec(&bytes)); Ok(()) } + BlackBoxOp::Keccakf1600 { message, output } => { + let state_vec: Vec = read_heap_vector(memory, registers, message) + .iter() + .map(|value| value.to_field().try_to_u64().unwrap()) + .collect(); + let state: [u64; 25] = state_vec.try_into().unwrap(); + + let new_state = keccakf1600(state)?; + + let new_state: Vec = + new_state.into_iter().map(|x| Value::from(x as usize)).collect(); + memory.write_slice(registers.get(output.pointer).to_usize(), &new_state); + Ok(()) + } BlackBoxOp::EcdsaSecp256k1 { hashed_msg, public_key_x, @@ -195,6 +209,7 @@ fn black_box_function_from_op(op: &BlackBoxOp) -> BlackBoxFunc { BlackBoxOp::Blake2s { .. } => BlackBoxFunc::Blake2s, BlackBoxOp::Blake3 { .. } => BlackBoxFunc::Blake3, BlackBoxOp::Keccak256 { .. } => BlackBoxFunc::Keccak256, + BlackBoxOp::Keccakf1600 { .. } => BlackBoxFunc::Keccakf1600, BlackBoxOp::EcdsaSecp256k1 { .. } => BlackBoxFunc::EcdsaSecp256k1, BlackBoxOp::EcdsaSecp256r1 { .. } => BlackBoxFunc::EcdsaSecp256r1, BlackBoxOp::SchnorrVerify { .. } => BlackBoxFunc::SchnorrVerify, diff --git a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs index 5a5f9694534..c081806f4a7 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs @@ -71,6 +71,20 @@ pub(crate) fn convert_black_box_call( unreachable!("ICE: Keccak256 expects message, message size and result array") } } + BlackBoxFunc::Keccakf1600 => { + if let ([message], [BrilligVariable::BrilligArray(result_array)]) = + (function_arguments, function_results) + { + let state_vector = convert_array_or_vector(brillig_context, message, bb_func); + + brillig_context.black_box_op_instruction(BlackBoxOp::Keccakf1600 { + message: state_vector.to_heap_vector(), + output: result_array.to_heap_array(), + }); + } else { + unreachable!("ICE: Keccakf1600 expects one array argument and one array result") + } + } BlackBoxFunc::EcdsaSecp256k1 => { if let ( [BrilligVariable::BrilligArray(public_key_x), BrilligVariable::BrilligArray(public_key_y), BrilligVariable::BrilligArray(signature), message], @@ -230,9 +244,6 @@ pub(crate) fn convert_black_box_call( BlackBoxFunc::RecursiveAggregation => unimplemented!( "ICE: `BlackBoxFunc::RecursiveAggregation` is not implemented by the Brillig VM" ), - BlackBoxFunc::Keccakf1600 => { - unimplemented!("ICE: `BlackBoxFunc::Keccakf1600` is not implemented by the Brillig VM") - } } } diff --git a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs index 66c6b3b0249..dc8c6b6694c 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs @@ -350,6 +350,9 @@ impl DebugShow { BlackBoxOp::Keccak256 { message, output } => { debug_println!(self.enable_debug_trace, " KECCAK256 {} -> {}", message, output); } + BlackBoxOp::Keccakf1600 { message, output } => { + debug_println!(self.enable_debug_trace, " KECCAKF1600 {} -> {}", message, output); + } BlackBoxOp::Blake2s { message, output } => { debug_println!(self.enable_debug_trace, " BLAKE2S {} -> {}", message, output); } From b5a1eb5a7de08d01dcdc9cfba0502078d7f763be Mon Sep 17 00:00:00 2001 From: Gregorio Juliana Date: Fri, 12 Jan 2024 11:44:32 +0100 Subject: [PATCH 37/67] chore!: define key type in maps (#3841) Closes https://github.com/AztecProtocol/aztec-packages/issues/2787 Unfortunately key type with a `ToField` trait binding is only defined in the `.at` method, due to this blocker: https://github.com/noir-lang/noir/issues/3954 --- tooling/nargo_fmt/tests/expected/contract.nr | 4 ++-- tooling/nargo_fmt/tests/input/contract.nr | 17 +++++++++++++---- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/tooling/nargo_fmt/tests/expected/contract.nr b/tooling/nargo_fmt/tests/expected/contract.nr index 0313da832a8..cd53add10a0 100644 --- a/tooling/nargo_fmt/tests/expected/contract.nr +++ b/tooling/nargo_fmt/tests/expected/contract.nr @@ -20,8 +20,8 @@ contract Benchmarking { }; struct Storage { - notes: Map>, - balances: Map>, + notes: Map>, + balances: Map>, } impl Storage { diff --git a/tooling/nargo_fmt/tests/input/contract.nr b/tooling/nargo_fmt/tests/input/contract.nr index 58ae0e909a1..7aa688fef68 100644 --- a/tooling/nargo_fmt/tests/input/contract.nr +++ b/tooling/nargo_fmt/tests/input/contract.nr @@ -20,8 +20,8 @@ contract Benchmarking { }; struct Storage { - notes: Map>, - balances: Map>, + notes: Map>, + balances: Map>, } impl Storage { @@ -58,7 +58,11 @@ contract Benchmarking { fn increment_balance(owner: Field, value: Field) { let current = storage.balances.at(owner).read(); storage.balances.at(owner).write(current + value); - let _callStackItem1 = context.call_public_function(context.this_address(), FunctionSelector::from_signature("broadcast(Field)"), [owner]); + let _callStackItem1 = context.call_public_function( + context.this_address(), + FunctionSelector::from_signature("broadcast(Field)"), + [owner] + ); } // Est ultricies integer quis auctor elit sed. In nibh mauris cursus mattis molestie a iaculis. @@ -67,7 +71,12 @@ contract Benchmarking { emit_unencrypted_log(&mut context, storage.balances.at(owner).read()); } - unconstrained fn compute_note_hash_and_nullifier(contract_address: AztecAddress, nonce: Field, storage_slot: Field, preimage: [Field; VALUE_NOTE_LEN]) -> [Field; 4] { + unconstrained fn compute_note_hash_and_nullifier( + contract_address: AztecAddress, + nonce: Field, + storage_slot: Field, + preimage: [Field; VALUE_NOTE_LEN] + ) -> [Field; 4] { let note_header = NoteHeader::new(contract_address, nonce, storage_slot); note_utils::compute_note_hash_and_nullifier(ValueNoteMethods, note_header, preimage) } From 5162b33c7cf2e942e2f25a90938c8b9b014b448a Mon Sep 17 00:00:00 2001 From: Tom French <15848336+TomAFrench@users.noreply.github.com> Date: Fri, 12 Jan 2024 11:28:59 +0000 Subject: [PATCH 38/67] chore: fix rust tests (#3963) A bunch of the tests in rust are broken as the trait implementations for the EC operations were removed --- .../acir/src/circuit/black_box_functions.rs | 2 +- .../acvm/src/compiler/transformers/mod.rs | 3 +- acvm-repo/acvm/tests/solver.rs | 18 ++++++++ .../noirc_evaluator/src/brillig/brillig_ir.rs | 18 ++++++++ .../ssa/acir_gen/acir_ir/generated_acir.rs | 4 +- .../src/ssa/ir/instruction/call.rs | 2 +- .../src/ssa/opt/constant_folding.rs | 2 +- tooling/debugger/src/context.rs | 18 ++++++++ tooling/lsp/src/requests/goto_definition.rs | 22 ---------- tooling/lsp/src/solver.rs | 18 ++++++++ yarn.lock | 42 ------------------- 11 files changed, 78 insertions(+), 71 deletions(-) diff --git a/acvm-repo/acir/src/circuit/black_box_functions.rs b/acvm-repo/acir/src/circuit/black_box_functions.rs index 0dcfb3bc9f1..d1f5560313b 100644 --- a/acvm-repo/acir/src/circuit/black_box_functions.rs +++ b/acvm-repo/acir/src/circuit/black_box_functions.rs @@ -48,7 +48,7 @@ pub enum BlackBoxFunc { /// Addition over the embedded curve on which [`FieldElement`][acir_field::FieldElement] is defined. EmbeddedCurveAdd, /// Point doubling over the embedded curve on which [`FieldElement`][acir_field::FieldElement] is defined. - EmbeddedCurveDouble + EmbeddedCurveDouble, } impl std::fmt::Display for BlackBoxFunc { diff --git a/acvm-repo/acvm/src/compiler/transformers/mod.rs b/acvm-repo/acvm/src/compiler/transformers/mod.rs index 99f1ca23b5b..f8351364eb1 100644 --- a/acvm-repo/acvm/src/compiler/transformers/mod.rs +++ b/acvm-repo/acvm/src/compiler/transformers/mod.rs @@ -124,8 +124,7 @@ pub(super) fn transform_internal( .. } | acir::circuit::opcodes::BlackBoxFuncCall::EmbeddedCurveAdd { - outputs, - .. + outputs, .. } | acir::circuit::opcodes::BlackBoxFuncCall::EmbeddedCurveDouble { outputs, diff --git a/acvm-repo/acvm/tests/solver.rs b/acvm-repo/acvm/tests/solver.rs index b4011a994a5..a592aaad14f 100644 --- a/acvm-repo/acvm/tests/solver.rs +++ b/acvm-repo/acvm/tests/solver.rs @@ -50,6 +50,24 @@ impl BlackBoxFunctionSolver for StubbedBackend { ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { panic!("Path not trodden by this test") } + + fn ec_add( + &self, + _input1_x: &FieldElement, + _input1_y: &FieldElement, + _input2_x: &FieldElement, + _input2_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { + panic!("Path not trodden by this test") + } + + fn ec_double( + &self, + _input_x: &FieldElement, + _input_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { + panic!("Path not trodden by this test") + } } // Reenable these test cases once we move the brillig implementation of inversion down into the acvm stdlib. diff --git a/compiler/noirc_evaluator/src/brillig/brillig_ir.rs b/compiler/noirc_evaluator/src/brillig/brillig_ir.rs index 3c4e77b09ec..db3cd501ca0 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_ir.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_ir.rs @@ -1086,6 +1086,24 @@ pub(crate) mod tests { ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { Ok((4_u128.into(), 5_u128.into())) } + + fn ec_add( + &self, + _input1_x: &FieldElement, + _input1_y: &FieldElement, + _input2_x: &FieldElement, + _input2_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { + panic!("Path not trodden by this test") + } + + fn ec_double( + &self, + _input_x: &FieldElement, + _input_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { + panic!("Path not trodden by this test") + } } pub(crate) fn create_context() -> BrilligContext { diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs index 336e88da48a..623810d1bfe 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs @@ -591,7 +591,7 @@ fn black_box_func_expected_input_size(name: BlackBoxFunc) -> Option { BlackBoxFunc::FixedBaseScalarMul => Some(2), // Recursive aggregation has a variable number of inputs BlackBoxFunc::RecursiveAggregation => None, - // Addition over the embedded curve: input are coordinates (x1,y1) and (x2,y2) of the Grumpkin points + // Addition over the embedded curve: input are coordinates (x1,y1) and (x2,y2) of the Grumpkin points BlackBoxFunc::EmbeddedCurveAdd => Some(4), // Doubling over the embedded curve: input is (x,y) coordinate of the point. BlackBoxFunc::EmbeddedCurveDouble => Some(2), @@ -624,7 +624,7 @@ fn black_box_expected_output_size(name: BlackBoxFunc) -> Option { | BlackBoxFunc::EcdsaSecp256r1 => Some(1), // Output of operations over the embedded curve // will be 2 field elements representing the point. - BlackBoxFunc::FixedBaseScalarMul + BlackBoxFunc::FixedBaseScalarMul | BlackBoxFunc::EmbeddedCurveAdd | BlackBoxFunc::EmbeddedCurveDouble => Some(2), // Recursive aggregation has a variable number of outputs diff --git a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs index 86e855b2cc0..ac8239f97ac 100644 --- a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs +++ b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs @@ -424,7 +424,7 @@ fn simplify_black_box_func( BlackBoxFunc::FixedBaseScalarMul | BlackBoxFunc::SchnorrVerify | BlackBoxFunc::PedersenCommitment - | BlackBoxFunc::PedersenHash + | BlackBoxFunc::PedersenHash | BlackBoxFunc::EmbeddedCurveAdd | BlackBoxFunc::EmbeddedCurveDouble => { // Currently unsolvable here as we rely on an implementation in the backend. diff --git a/compiler/noirc_evaluator/src/ssa/opt/constant_folding.rs b/compiler/noirc_evaluator/src/ssa/opt/constant_folding.rs index 62e91dfa9c8..addaee3ba8d 100644 --- a/compiler/noirc_evaluator/src/ssa/opt/constant_folding.rs +++ b/compiler/noirc_evaluator/src/ssa/opt/constant_folding.rs @@ -187,7 +187,7 @@ mod test { instruction::{Binary, BinaryOp, Instruction, TerminatorInstruction}, map::Id, types::Type, - value::Value, + value::{Value, ValueId}, }, }; diff --git a/tooling/debugger/src/context.rs b/tooling/debugger/src/context.rs index 74224ce3795..8f6520864db 100644 --- a/tooling/debugger/src/context.rs +++ b/tooling/debugger/src/context.rs @@ -483,6 +483,24 @@ mod tests { ) -> Result<(FieldElement, FieldElement), acvm::BlackBoxResolutionError> { unimplemented!(); } + + fn ec_add( + &self, + _input1_x: &FieldElement, + _input1_y: &FieldElement, + _input2_x: &FieldElement, + _input2_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), acvm::BlackBoxResolutionError> { + unimplemented!(); + } + + fn ec_double( + &self, + _input_x: &FieldElement, + _input_y: &FieldElement, + ) -> Result<(FieldElement, FieldElement), acvm::BlackBoxResolutionError> { + unimplemented!(); + } } #[test] diff --git a/tooling/lsp/src/requests/goto_definition.rs b/tooling/lsp/src/requests/goto_definition.rs index f339cdfdb2f..6d44761de94 100644 --- a/tooling/lsp/src/requests/goto_definition.rs +++ b/tooling/lsp/src/requests/goto_definition.rs @@ -137,25 +137,3 @@ mod goto_definition_tests { assert!(&response.is_some()); } } - -#[cfg(test)] -mod character_to_line_offset_tests { - use super::*; - - #[test] - fn test_character_to_line_offset() { - let line = "Hello, dark!"; - let character = 8; - - let result = character_to_line_offset(line, character).unwrap(); - assert_eq!(result, 8); - - // In the case of a multi-byte character, the offset should be the byte index of the character - // byte offset for 8 character (黑) is expected to be 10 - let line = "Hello, 黑!"; - let character = 8; - - let result = character_to_line_offset(line, character).unwrap(); - assert_eq!(result, 10); - } -} diff --git a/tooling/lsp/src/solver.rs b/tooling/lsp/src/solver.rs index 5d95c88e49b..8c2ea54fe59 100644 --- a/tooling/lsp/src/solver.rs +++ b/tooling/lsp/src/solver.rs @@ -99,4 +99,22 @@ impl BlackBoxFunctionSolver for MockBackend { ) -> Result { unimplemented!() } + + fn ec_add( + &self, + _input1_x: &acvm::FieldElement, + _input1_y: &acvm::FieldElement, + _input2_x: &acvm::FieldElement, + _input2_y: &acvm::FieldElement, + ) -> Result<(acvm::FieldElement, acvm::FieldElement), acvm::BlackBoxResolutionError> { + unimplemented!(); + } + + fn ec_double( + &self, + _input_x: &acvm::FieldElement, + _input_y: &acvm::FieldElement, + ) -> Result<(acvm::FieldElement, acvm::FieldElement), acvm::BlackBoxResolutionError> { + unimplemented!(); + } } diff --git a/yarn.lock b/yarn.lock index 1a0fc6d828f..f4e0ce7df36 100644 --- a/yarn.lock +++ b/yarn.lock @@ -11520,18 +11520,6 @@ __metadata: languageName: node linkType: hard -<<<<<<< HEAD -"fast-fifo@npm:^1.1.0, fast-fifo@npm:^1.2.0": - version: 1.3.2 - resolution: "fast-fifo@npm:1.3.2" - checksum: 6bfcba3e4df5af7be3332703b69a7898a8ed7020837ec4395bb341bd96cc3a6d86c3f6071dd98da289618cf2234c70d84b2a6f09a33dd6f988b1ff60d8e54275 - languageName: node - linkType: hard - -"fast-glob@npm:^3.2.11, fast-glob@npm:^3.2.12, fast-glob@npm:^3.2.9, fast-glob@npm:^3.3.0": -||||||| a3366d645 -"fast-glob@npm:^3.2.11, fast-glob@npm:^3.2.12, fast-glob@npm:^3.2.9, fast-glob@npm:^3.3.0": -======= "fast-equals@npm:^5.0.1": version: 5.0.1 resolution: "fast-equals@npm:5.0.1" @@ -11547,7 +11535,6 @@ __metadata: linkType: hard "fast-glob@npm:^3.2.11, fast-glob@npm:^3.2.12, fast-glob@npm:^3.2.9, fast-glob@npm:^3.3.0, fast-glob@npm:^3.3.2": ->>>>>>> refs/subrepo/noir/fetch version: 3.3.2 resolution: "fast-glob@npm:3.3.2" dependencies: @@ -12146,18 +12133,6 @@ __metadata: languageName: node linkType: hard -<<<<<<< HEAD -"fwd-stream@npm:^1.0.4": - version: 1.0.4 - resolution: "fwd-stream@npm:1.0.4" - dependencies: - readable-stream: ~1.0.26-4 - checksum: db4dcf68f214b3fabd6cd9658630dfd1d7ed8d43f7f45408027a90220cd75276e782d1e958821775d7a3a4a83034778e75a097bdc7002c758e8896f76213c65d - languageName: node - linkType: hard - -||||||| a3366d645 -======= "fwd-stream@npm:^1.0.4": version: 1.0.4 resolution: "fwd-stream@npm:1.0.4" @@ -12174,7 +12149,6 @@ __metadata: languageName: node linkType: hard ->>>>>>> refs/subrepo/noir/fetch "gensync@npm:^1.0.0-beta.1, gensync@npm:^1.0.0-beta.2": version: 1.0.0-beta.2 resolution: "gensync@npm:1.0.0-beta.2" @@ -13391,21 +13365,6 @@ __metadata: languageName: node linkType: hard -<<<<<<< HEAD -"import-local@npm:^3.0.2": - version: 3.1.0 - resolution: "import-local@npm:3.1.0" - dependencies: - pkg-dir: ^4.2.0 - resolve-cwd: ^3.0.0 - bin: - import-local-fixture: fixtures/cli.js - checksum: bfcdb63b5e3c0e245e347f3107564035b128a414c4da1172a20dc67db2504e05ede4ac2eee1252359f78b0bfd7b19ef180aec427c2fce6493ae782d73a04cddd - languageName: node - linkType: hard - -||||||| a3366d645 -======= "import-local@npm:^3.0.2": version: 3.1.0 resolution: "import-local@npm:3.1.0" @@ -13425,7 +13384,6 @@ __metadata: languageName: node linkType: hard ->>>>>>> refs/subrepo/noir/fetch "imurmurhash@npm:^0.1.4": version: 0.1.4 resolution: "imurmurhash@npm:0.1.4" From 55aa96f905c3c3f59b817713d8cc111f161382b9 Mon Sep 17 00:00:00 2001 From: Tom French Date: Fri, 12 Jan 2024 11:48:22 +0000 Subject: [PATCH 39/67] chore: fix formatter tests --- tooling/nargo_fmt/tests/expected/contract.nr | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tooling/nargo_fmt/tests/expected/contract.nr b/tooling/nargo_fmt/tests/expected/contract.nr index cd53add10a0..7aa688fef68 100644 --- a/tooling/nargo_fmt/tests/expected/contract.nr +++ b/tooling/nargo_fmt/tests/expected/contract.nr @@ -20,8 +20,8 @@ contract Benchmarking { }; struct Storage { - notes: Map>, - balances: Map>, + notes: Map>, + balances: Map>, } impl Storage { From 563c7041fd95f22fe76dc4dee75188fc4b3d8381 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lvaro=20Rodr=C3=ADguez?= Date: Fri, 12 Jan 2024 16:20:00 +0100 Subject: [PATCH 40/67] feat: Update noir (#3979) subrepo: subdir: "noir" merged: "945587396" upstream: origin: "https://github.com/noir-lang/noir" branch: "aztec-packages" commit: "d7c4c669c" git-subrepo: version: "0.4.6" origin: "???" commit: "???" --- acvm-repo/brillig/src/black_box.rs | 2 +- aztec_macros/src/lib.rs | 6 ++---- scripts/bootstrap_packages.sh | 2 +- scripts/test_js_packages.sh | 4 ++-- tooling/nargo_fmt/tests/expected/contract.nr | 2 +- tooling/nargo_fmt/tests/input/contract.nr | 2 +- 6 files changed, 8 insertions(+), 10 deletions(-) diff --git a/acvm-repo/brillig/src/black_box.rs b/acvm-repo/brillig/src/black_box.rs index e63da276a7f..c007e78b785 100644 --- a/acvm-repo/brillig/src/black_box.rs +++ b/acvm-repo/brillig/src/black_box.rs @@ -45,7 +45,7 @@ pub enum BlackBoxOp { PedersenHash { inputs: HeapVector, domain_separator: RegisterIndex, output: RegisterIndex }, /// Performs scalar multiplication over the embedded curve. FixedBaseScalarMul { low: RegisterIndex, high: RegisterIndex, result: HeapArray }, - /// Performs addtion over the embedded curve. + /// Performs addition over the embedded curve. EmbeddedCurveAdd { input1_x: RegisterIndex, input1_y: RegisterIndex, diff --git a/aztec_macros/src/lib.rs b/aztec_macros/src/lib.rs index 8026673b680..5ac48a8e8e4 100644 --- a/aztec_macros/src/lib.rs +++ b/aztec_macros/src/lib.rs @@ -483,12 +483,11 @@ const SIGNATURE_PLACEHOLDER: &str = "SIGNATURE_PLACEHOLDER"; /// Generates the impl for an event selector /// -/// TODO(https://github.com/AztecProtocol/aztec-packages/issues/3590): Make this point to aztec-nr once the issue is fixed. /// Inserts the following code: /// ```noir /// impl SomeStruct { /// fn selector() -> FunctionSelector { -/// protocol_types::abis::function_selector::FunctionSelector::from_signature("SIGNATURE_PLACEHOLDER") +/// aztec::protocol_types::abis::function_selector::FunctionSelector::from_signature("SIGNATURE_PLACEHOLDER") /// } /// } /// ``` @@ -499,9 +498,8 @@ const SIGNATURE_PLACEHOLDER: &str = "SIGNATURE_PLACEHOLDER"; fn generate_selector_impl(structure: &NoirStruct) -> TypeImpl { let struct_type = make_type(UnresolvedTypeData::Named(path(structure.name.clone()), vec![])); - // TODO(https://github.com/AztecProtocol/aztec-packages/issues/3590): Make this point to aztec-nr once the issue is fixed. let selector_path = - chained_path!("protocol_types", "abis", "function_selector", "FunctionSelector"); + chained_path!("aztec", "protocol_types", "abis", "function_selector", "FunctionSelector"); let mut from_signature_path = selector_path.clone(); from_signature_path.segments.push(ident("from_signature")); diff --git a/scripts/bootstrap_packages.sh b/scripts/bootstrap_packages.sh index df4ee5b3aed..18c34b9cfb7 100755 --- a/scripts/bootstrap_packages.sh +++ b/scripts/bootstrap_packages.sh @@ -14,7 +14,7 @@ else export GIT_COMMIT=$(git rev-parse --verify HEAD) fi -yarn +yarn --immutable yarn build # We create a folder called packages, that contains each package as it would be published to npm, named correctly. diff --git a/scripts/test_js_packages.sh b/scripts/test_js_packages.sh index a5ec5b92a70..cf4fd81326d 100755 --- a/scripts/test_js_packages.sh +++ b/scripts/test_js_packages.sh @@ -17,10 +17,10 @@ fi cargo build --release export PATH="${PATH}:/usr/src/noir/target/release/" -yarn +yarn --immutable yarn build npx playwright install npx playwright install-deps ./scripts/test.sh -yarn test \ No newline at end of file +yarn test diff --git a/tooling/nargo_fmt/tests/expected/contract.nr b/tooling/nargo_fmt/tests/expected/contract.nr index 7aa688fef68..2e3f4d7c8c4 100644 --- a/tooling/nargo_fmt/tests/expected/contract.nr +++ b/tooling/nargo_fmt/tests/expected/contract.nr @@ -3,7 +3,7 @@ // Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. // Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. contract Benchmarking { - use dep::protocol_types::abis::function_selector::FunctionSelector; + use dep::aztec::protocol_types::abis::function_selector::FunctionSelector; use dep::value_note::{ utils::{increment, decrement}, diff --git a/tooling/nargo_fmt/tests/input/contract.nr b/tooling/nargo_fmt/tests/input/contract.nr index 7aa688fef68..2e3f4d7c8c4 100644 --- a/tooling/nargo_fmt/tests/input/contract.nr +++ b/tooling/nargo_fmt/tests/input/contract.nr @@ -3,7 +3,7 @@ // Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. // Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. contract Benchmarking { - use dep::protocol_types::abis::function_selector::FunctionSelector; + use dep::aztec::protocol_types::abis::function_selector::FunctionSelector; use dep::value_note::{ utils::{increment, decrement}, From 2d921081ad535bc2005ce8aa78b60772431c299d Mon Sep 17 00:00:00 2001 From: Tom French <15848336+TomAFrench@users.noreply.github.com> Date: Mon, 15 Jan 2024 19:17:29 +0000 Subject: [PATCH 41/67] chore: sync noir (#4025) subrepo: subdir: "noir" merged: "0f38b229f" upstream: origin: "https://github.com/noir-lang/noir" branch: "aztec-packages" commit: "0f38b229f" git-subrepo: version: "0.4.6" origin: "https://github.com/ingydotnet/git-subrepo" commit: "110b9eb" Co-authored-by: kevaundray --- Cargo.lock | 1 - acvm-repo/acir/codegen/acir.cpp | 114 +----------------- acvm-repo/acir/src/circuit/directives.rs | 12 -- acvm-repo/acir/src/circuit/opcodes.rs | 19 +-- acvm-repo/acvm/Cargo.toml | 1 - .../acvm/src/compiler/transformers/mod.rs | 4 - acvm-repo/acvm/src/pwg/directives/mod.rs | 67 +--------- 7 files changed, 3 insertions(+), 215 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 438d74b1b2d..1088bb63004 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -44,7 +44,6 @@ dependencies = [ "brillig_vm", "indexmap 1.9.3", "num-bigint", - "num-traits", "paste", "proptest", "rand 0.8.5", diff --git a/acvm-repo/acir/codegen/acir.cpp b/acvm-repo/acir/codegen/acir.cpp index 30f6e756337..9b74a8ea631 100644 --- a/acvm-repo/acir/codegen/acir.cpp +++ b/acvm-repo/acir/codegen/acir.cpp @@ -765,28 +765,8 @@ namespace Circuit { static Brillig bincodeDeserialize(std::vector); }; - struct QuotientDirective { - Circuit::Expression a; - Circuit::Expression b; - Circuit::Witness q; - Circuit::Witness r; - std::optional predicate; - - friend bool operator==(const QuotientDirective&, const QuotientDirective&); - std::vector bincodeSerialize() const; - static QuotientDirective bincodeDeserialize(std::vector); - }; - struct Directive { - struct Quotient { - Circuit::QuotientDirective value; - - friend bool operator==(const Quotient&, const Quotient&); - std::vector bincodeSerialize() const; - static Quotient bincodeDeserialize(std::vector); - }; - struct ToLeRadix { Circuit::Expression a; std::vector b; @@ -808,7 +788,7 @@ namespace Circuit { static PermutationSort bincodeDeserialize(std::vector); }; - std::variant value; + std::variant value; friend bool operator==(const Directive&, const Directive&); std::vector bincodeSerialize() const; @@ -4188,44 +4168,6 @@ Circuit::Directive serde::Deserializable::deserialize(Deseri return obj; } -namespace Circuit { - - inline bool operator==(const Directive::Quotient &lhs, const Directive::Quotient &rhs) { - if (!(lhs.value == rhs.value)) { return false; } - return true; - } - - inline std::vector Directive::Quotient::bincodeSerialize() const { - auto serializer = serde::BincodeSerializer(); - serde::Serializable::serialize(*this, serializer); - return std::move(serializer).bytes(); - } - - inline Directive::Quotient Directive::Quotient::bincodeDeserialize(std::vector input) { - auto deserializer = serde::BincodeDeserializer(input); - auto value = serde::Deserializable::deserialize(deserializer); - if (deserializer.get_buffer_offset() < input.size()) { - throw serde::deserialization_error("Some input bytes were not read"); - } - return value; - } - -} // end of namespace Circuit - -template <> -template -void serde::Serializable::serialize(const Circuit::Directive::Quotient &obj, Serializer &serializer) { - serde::Serializable::serialize(obj.value, serializer); -} - -template <> -template -Circuit::Directive::Quotient serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::Directive::Quotient obj; - obj.value = serde::Deserializable::deserialize(deserializer); - return obj; -} - namespace Circuit { inline bool operator==(const Directive::ToLeRadix &lhs, const Directive::ToLeRadix &rhs) { @@ -4990,60 +4932,6 @@ Circuit::PublicInputs serde::Deserializable::deserialize( return obj; } -namespace Circuit { - - inline bool operator==(const QuotientDirective &lhs, const QuotientDirective &rhs) { - if (!(lhs.a == rhs.a)) { return false; } - if (!(lhs.b == rhs.b)) { return false; } - if (!(lhs.q == rhs.q)) { return false; } - if (!(lhs.r == rhs.r)) { return false; } - if (!(lhs.predicate == rhs.predicate)) { return false; } - return true; - } - - inline std::vector QuotientDirective::bincodeSerialize() const { - auto serializer = serde::BincodeSerializer(); - serde::Serializable::serialize(*this, serializer); - return std::move(serializer).bytes(); - } - - inline QuotientDirective QuotientDirective::bincodeDeserialize(std::vector input) { - auto deserializer = serde::BincodeDeserializer(input); - auto value = serde::Deserializable::deserialize(deserializer); - if (deserializer.get_buffer_offset() < input.size()) { - throw serde::deserialization_error("Some input bytes were not read"); - } - return value; - } - -} // end of namespace Circuit - -template <> -template -void serde::Serializable::serialize(const Circuit::QuotientDirective &obj, Serializer &serializer) { - serializer.increase_container_depth(); - serde::Serializable::serialize(obj.a, serializer); - serde::Serializable::serialize(obj.b, serializer); - serde::Serializable::serialize(obj.q, serializer); - serde::Serializable::serialize(obj.r, serializer); - serde::Serializable::serialize(obj.predicate, serializer); - serializer.decrease_container_depth(); -} - -template <> -template -Circuit::QuotientDirective serde::Deserializable::deserialize(Deserializer &deserializer) { - deserializer.increase_container_depth(); - Circuit::QuotientDirective obj; - obj.a = serde::Deserializable::deserialize(deserializer); - obj.b = serde::Deserializable::deserialize(deserializer); - obj.q = serde::Deserializable::deserialize(deserializer); - obj.r = serde::Deserializable::deserialize(deserializer); - obj.predicate = serde::Deserializable::deserialize(deserializer); - deserializer.decrease_container_depth(); - return obj; -} - namespace Circuit { inline bool operator==(const RegisterIndex &lhs, const RegisterIndex &rhs) { diff --git a/acvm-repo/acir/src/circuit/directives.rs b/acvm-repo/acir/src/circuit/directives.rs index c3a5b055f19..2486f4cfb83 100644 --- a/acvm-repo/acir/src/circuit/directives.rs +++ b/acvm-repo/acir/src/circuit/directives.rs @@ -1,23 +1,11 @@ use crate::native_types::{Expression, Witness}; use serde::{Deserialize, Serialize}; -#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)] -pub struct QuotientDirective { - pub a: Expression, - pub b: Expression, - pub q: Witness, - pub r: Witness, - pub predicate: Option, -} - #[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)] /// Directives do not apply any constraints. /// You can think of them as opcodes that allow one to use non-determinism /// In the future, this can be replaced with asm non-determinism blocks pub enum Directive { - //Performs euclidean division of a / b (as integers) and stores the quotient in q and the rest in r - Quotient(QuotientDirective), - //decomposition of a: a=\sum b[i]*radix^i where b is an array of witnesses < radix in little endian form ToLeRadix { a: Expression, diff --git a/acvm-repo/acir/src/circuit/opcodes.rs b/acvm-repo/acir/src/circuit/opcodes.rs index ac5ea0b8a69..5aab9d4d472 100644 --- a/acvm-repo/acir/src/circuit/opcodes.rs +++ b/acvm-repo/acir/src/circuit/opcodes.rs @@ -1,7 +1,4 @@ -use super::{ - brillig::Brillig, - directives::{Directive, QuotientDirective}, -}; +use super::{brillig::Brillig, directives::Directive}; use crate::native_types::{Expression, Witness}; use serde::{Deserialize, Serialize}; @@ -48,21 +45,7 @@ impl std::fmt::Display for Opcode { write!(f, " ]") } - Opcode::Directive(Directive::Quotient(QuotientDirective { a, b, q, r, predicate })) => { - write!(f, "DIR::QUOTIENT ")?; - if let Some(pred) = predicate { - writeln!(f, "PREDICATE = {pred}")?; - } - write!( - f, - "(out : _{}, (_{}, {}), _{})", - a, - q.witness_index(), - b, - r.witness_index() - ) - } Opcode::BlackBoxFuncCall(g) => write!(f, "{g}"), Opcode::Directive(Directive::ToLeRadix { a, b, radix: _ }) => { write!(f, "DIR::TORADIX ")?; diff --git a/acvm-repo/acvm/Cargo.toml b/acvm-repo/acvm/Cargo.toml index f5819d6fa34..be2391a3216 100644 --- a/acvm-repo/acvm/Cargo.toml +++ b/acvm-repo/acvm/Cargo.toml @@ -14,7 +14,6 @@ repository.workspace = true [dependencies] num-bigint.workspace = true -num-traits.workspace = true thiserror.workspace = true tracing.workspace = true diff --git a/acvm-repo/acvm/src/compiler/transformers/mod.rs b/acvm-repo/acvm/src/compiler/transformers/mod.rs index f8351364eb1..306ea1b7c12 100644 --- a/acvm-repo/acvm/src/compiler/transformers/mod.rs +++ b/acvm-repo/acvm/src/compiler/transformers/mod.rs @@ -150,10 +150,6 @@ pub(super) fn transform_internal( } Opcode::Directive(ref directive) => { match directive { - Directive::Quotient(quotient_directive) => { - transformer.mark_solvable(quotient_directive.q); - transformer.mark_solvable(quotient_directive.r); - } Directive::ToLeRadix { b, .. } => { for witness in b { transformer.mark_solvable(*witness); diff --git a/acvm-repo/acvm/src/pwg/directives/mod.rs b/acvm-repo/acvm/src/pwg/directives/mod.rs index cfc458dd611..4605168d98b 100644 --- a/acvm-repo/acvm/src/pwg/directives/mod.rs +++ b/acvm-repo/acvm/src/pwg/directives/mod.rs @@ -1,12 +1,7 @@ use std::cmp::Ordering; -use acir::{ - circuit::directives::{Directive, QuotientDirective}, - native_types::WitnessMap, - FieldElement, -}; +use acir::{circuit::directives::Directive, native_types::WitnessMap, FieldElement}; use num_bigint::BigUint; -use num_traits::Zero; use crate::OpcodeResolutionError; @@ -25,38 +20,6 @@ pub(super) fn solve_directives( directive: &Directive, ) -> Result<(), OpcodeResolutionError> { match directive { - Directive::Quotient(QuotientDirective { a, b, q, r, predicate }) => { - let val_a = get_value(a, initial_witness)?; - let val_b = get_value(b, initial_witness)?; - let int_a = BigUint::from_bytes_be(&val_a.to_be_bytes()); - let int_b = BigUint::from_bytes_be(&val_b.to_be_bytes()); - - // If the predicate is `None`, then we simply return the value 1 - // If the predicate is `Some` but we cannot find a value, then we return unresolved - let pred_value = match predicate { - Some(pred) => get_value(pred, initial_witness)?, - None => FieldElement::one(), - }; - - let (int_r, int_q) = if pred_value.is_zero() || int_b.is_zero() { - (BigUint::zero(), BigUint::zero()) - } else { - (&int_a % &int_b, &int_a / &int_b) - }; - - insert_value( - q, - FieldElement::from_be_bytes_reduce(&int_q.to_bytes_be()), - initial_witness, - )?; - insert_value( - r, - FieldElement::from_be_bytes_reduce(&int_r.to_bytes_be()), - initial_witness, - )?; - - Ok(()) - } Directive::ToLeRadix { a, b, radix } => { let value_a = get_value(a, initial_witness)?; let big_integer = BigUint::from_bytes_be(&value_a.to_be_bytes()); @@ -120,31 +83,3 @@ pub(super) fn solve_directives( } } } - -#[cfg(test)] -mod tests { - use acir::{ - circuit::directives::{Directive, QuotientDirective}, - native_types::{Expression, Witness, WitnessMap}, - FieldElement, - }; - - use super::solve_directives; - - #[test] - fn divisor_is_zero() { - let quotient_directive = QuotientDirective { - a: Expression::zero(), - b: Expression::zero(), - q: Witness(0), - r: Witness(0), - predicate: Some(Expression::one()), - }; - - let mut witness_map = WitnessMap::new(); - witness_map.insert(Witness(0), FieldElement::zero()); - - solve_directives(&mut witness_map, &Directive::Quotient(quotient_directive)) - .expect("expected 0/0 to return 0"); - } -} From 001b8e0af0ab69cc4a2884630f596730e5b1c946 Mon Sep 17 00:00:00 2001 From: Tom French <15848336+TomAFrench@users.noreply.github.com> Date: Mon, 15 Jan 2024 21:12:19 +0000 Subject: [PATCH 42/67] chore: replace `AztecU128` with `U128` (#3951) --- noir_stdlib/src/uint128.nr | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/noir_stdlib/src/uint128.nr b/noir_stdlib/src/uint128.nr index 03f3e9ab074..c8c6217de90 100644 --- a/noir_stdlib/src/uint128.nr +++ b/noir_stdlib/src/uint128.nr @@ -42,6 +42,17 @@ impl U128 { } } + pub fn to_be_bytes(self: Self) -> [u8; 16] { + let lo = self.lo.to_be_bytes(8); + let hi = self.hi.to_be_bytes(8); + let mut bytes = [0;16]; + for i in 0..8 { + bytes[i] = hi[i]; + bytes[i+8] = lo[i]; + } + bytes + } + pub fn to_le_bytes(self: Self) -> [u8; 16] { let lo = self.lo.to_le_bytes(8); let hi = self.hi.to_le_bytes(8); From 5e512557c7561f8d1fc64955276657f3bca66f9b Mon Sep 17 00:00:00 2001 From: ludamad Date: Mon, 15 Jan 2024 18:35:06 -0500 Subject: [PATCH 43/67] fix: dont spam logs with yarn install (#4027) This output was getting cut off in the noir-packages ci job. This standardizes what was already in yarn-project --- .yarnrc.yml | 3 +++ docs/.yarnrc.yml | 3 +++ 2 files changed, 6 insertions(+) diff --git a/.yarnrc.yml b/.yarnrc.yml index fd534a48781..6d27afaac27 100644 --- a/.yarnrc.yml +++ b/.yarnrc.yml @@ -7,3 +7,6 @@ plugins: spec: "@yarnpkg/plugin-workspace-tools" yarnPath: .yarn/releases/yarn-3.6.3.cjs +logFilters: + - code: YN0013 + level: discard diff --git a/docs/.yarnrc.yml b/docs/.yarnrc.yml index 3186f3f0795..f703d01801b 100644 --- a/docs/.yarnrc.yml +++ b/docs/.yarnrc.yml @@ -1 +1,4 @@ nodeLinker: node-modules +logFilters: + - code: YN0013 + level: discard From 45165d10a63bb9254549c5eeefddccd5dd0efb17 Mon Sep 17 00:00:00 2001 From: Maxim Vezenov Date: Tue, 16 Jan 2024 16:09:15 +0000 Subject: [PATCH 44/67] fix: Start witness of ACIR generated by Noir start at zero not one (#3961) Resolves https://github.com/noir-lang/noir/issues/130 Only partially resovles https://github.com/AztecProtocol/barretenberg/issues/816. There is some places like in `serialize_arithmetic_gate` where we assume that the `zero_idx == 0`. --------- Co-authored-by: ledwards2225 Co-authored-by: ledwards2225 <98505400+ledwards2225@users.noreply.github.com> Co-authored-by: Tom French Co-authored-by: kevaundray --- compiler/noirc_evaluator/src/ssa.rs | 2 +- .../src/ssa/acir_gen/acir_ir/generated_acir.rs | 17 ++++++++++++----- .../noirc_evaluator/src/ssa/acir_gen/mod.rs | 2 +- 3 files changed, 14 insertions(+), 7 deletions(-) diff --git a/compiler/noirc_evaluator/src/ssa.rs b/compiler/noirc_evaluator/src/ssa.rs index deffe84baea..f11c077d49a 100644 --- a/compiler/noirc_evaluator/src/ssa.rs +++ b/compiler/noirc_evaluator/src/ssa.rs @@ -93,8 +93,8 @@ pub fn create_circuit( let mut generated_acir = optimize_into_acir(program, enable_ssa_logging, enable_brillig_logging)?; let opcodes = generated_acir.take_opcodes(); + let current_witness_index = generated_acir.current_witness_index().0; let GeneratedAcir { - current_witness_index, return_witnesses, locations, input_witnesses, diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs index 623810d1bfe..73f30054cce 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs @@ -28,9 +28,12 @@ use num_bigint::BigUint; /// The output of the Acir-gen pass pub(crate) struct GeneratedAcir { /// The next witness index that may be declared. - /// + /// If witness index is `None` then we have not yet created a witness + /// and thus next witness index that be declared is zero. + /// This field is private should only ever be accessed through its getter and setter. + /// /// Equivalent to acvm::acir::circuit::Circuit's field of the same name. - pub(crate) current_witness_index: u32, + current_witness_index: Option, /// The opcodes of which the compiled ACIR will comprise. opcodes: Vec, @@ -60,7 +63,7 @@ pub(crate) struct GeneratedAcir { impl GeneratedAcir { /// Returns the current witness index. pub(crate) fn current_witness_index(&self) -> Witness { - Witness(self.current_witness_index) + Witness(self.current_witness_index.unwrap_or(0)) } /// Adds a new opcode into ACIR. @@ -78,8 +81,12 @@ impl GeneratedAcir { /// Updates the witness index counter and returns /// the next witness index. pub(crate) fn next_witness_index(&mut self) -> Witness { - self.current_witness_index += 1; - Witness(self.current_witness_index) + if let Some(current_index) = self.current_witness_index { + self.current_witness_index.replace(current_index + 1); + } else { + self.current_witness_index = Some(0); + } + Witness(self.current_witness_index.expect("ICE: current_witness_index should exist")) } /// Converts [`Expression`] `expr` into a [`Witness`]. diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/mod.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/mod.rs index e65e71b045d..c0e3ed1ff66 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/mod.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/mod.rs @@ -294,7 +294,7 @@ impl Context { dfg: &DataFlowGraph, ) -> Result, RuntimeError> { // The first witness (if any) is the next one - let start_witness = self.acir_context.current_witness_index().0 + 1; + let start_witness = self.acir_context.current_witness_index().0; for param_id in params { let typ = dfg.type_of_value(*param_id); let value = self.convert_ssa_block_param(&typ)?; From 49805534e400c40d08086b1d15b00fad4c3b37d3 Mon Sep 17 00:00:00 2001 From: Tom French Date: Tue, 16 Jan 2024 16:17:46 +0000 Subject: [PATCH 45/67] chore: bump `bb` version to 0.18.0 --- tooling/bb_abstraction_leaks/build.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tooling/bb_abstraction_leaks/build.rs b/tooling/bb_abstraction_leaks/build.rs index 965a57747f9..47d7fff7929 100644 --- a/tooling/bb_abstraction_leaks/build.rs +++ b/tooling/bb_abstraction_leaks/build.rs @@ -10,7 +10,7 @@ use const_format::formatcp; const USERNAME: &str = "AztecProtocol"; const REPO: &str = "aztec-packages"; -const VERSION: &str = "0.17.0"; +const VERSION: &str = "0.18.0"; const TAG: &str = formatcp!("aztec-packages-v{}", VERSION); const API_URL: &str = From 4300ce231c62852540b880f1bfecb30fe7d95249 Mon Sep 17 00:00:00 2001 From: Tom French Date: Tue, 16 Jan 2024 16:21:11 +0000 Subject: [PATCH 46/67] chore: cargo fmt --- .../noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs index 73f30054cce..efc64c5286e 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs @@ -31,7 +31,7 @@ pub(crate) struct GeneratedAcir { /// If witness index is `None` then we have not yet created a witness /// and thus next witness index that be declared is zero. /// This field is private should only ever be accessed through its getter and setter. - /// + /// /// Equivalent to acvm::acir::circuit::Circuit's field of the same name. current_witness_index: Option, From a4b6635fca3749d463ac0a77ee4cfbdc48f7cfd4 Mon Sep 17 00:00:00 2001 From: Tom French <15848336+TomAFrench@users.noreply.github.com> Date: Tue, 16 Jan 2024 19:27:22 +0000 Subject: [PATCH 47/67] chore: sync from noir repo (#4047) subrepo: subdir: "noir" merged: "9995d2ba2" upstream: origin: "https://github.com/noir-lang/noir" branch: "aztec-packages" commit: "9995d2ba2" git-subrepo: version: "0.4.6" origin: "https://github.com/ingydotnet/git-subrepo" commit: "110b9eb" --- Dockerfile.packages | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/Dockerfile.packages b/Dockerfile.packages index 17eb0bcd648..f40670c19e4 100644 --- a/Dockerfile.packages +++ b/Dockerfile.packages @@ -2,14 +2,15 @@ FROM rust:alpine3.17 RUN apk update \ && apk upgrade \ && apk add --no-cache \ - build-base \ - pkgconfig \ - openssl-dev \ - npm \ - yarn \ - bash \ - jq \ - git + build-base \ + pkgconfig \ + openssl-dev \ + npm \ + yarn \ + bash \ + jq \ + git \ + curl WORKDIR /usr/src/noir COPY . . @@ -18,4 +19,4 @@ RUN ./scripts/bootstrap_packages.sh FROM scratch COPY --from=0 /usr/src/noir/packages /usr/src/noir/packages # For some unknown reason, on alpine only, we need this to exist. -COPY --from=0 /usr/src/noir/node_modules/@noir-lang /usr/src/noir/node_modules/@noir-lang \ No newline at end of file +COPY --from=0 /usr/src/noir/node_modules/@noir-lang /usr/src/noir/node_modules/@noir-lang From e6d3e7303746b9ec63fcb892c1f38d4e9bf1e360 Mon Sep 17 00:00:00 2001 From: Tom French Date: Wed, 17 Jan 2024 11:07:05 +0000 Subject: [PATCH 48/67] chore: bump version --- tooling/bb_abstraction_leaks/build.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tooling/bb_abstraction_leaks/build.rs b/tooling/bb_abstraction_leaks/build.rs index 47d7fff7929..18413f87793 100644 --- a/tooling/bb_abstraction_leaks/build.rs +++ b/tooling/bb_abstraction_leaks/build.rs @@ -10,7 +10,7 @@ use const_format::formatcp; const USERNAME: &str = "AztecProtocol"; const REPO: &str = "aztec-packages"; -const VERSION: &str = "0.18.0"; +const VERSION: &str = "0.19.0"; const TAG: &str = formatcp!("aztec-packages-v{}", VERSION); const API_URL: &str = From 3541dd02ca0f284f166e8f3c0be41385e62751f3 Mon Sep 17 00:00:00 2001 From: Tom French Date: Wed, 17 Jan 2024 12:20:10 +0000 Subject: [PATCH 49/67] chore: bump bb.js --- tooling/noir_js_backend_barretenberg/package.json | 2 +- yarn.lock | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/tooling/noir_js_backend_barretenberg/package.json b/tooling/noir_js_backend_barretenberg/package.json index 1688db1ab2d..e22ea2ff49d 100644 --- a/tooling/noir_js_backend_barretenberg/package.json +++ b/tooling/noir_js_backend_barretenberg/package.json @@ -42,7 +42,7 @@ "lint": "NODE_NO_WARNINGS=1 eslint . --ext .ts --ignore-path ./.eslintignore --max-warnings 0" }, "dependencies": { - "@aztec/bb.js": "0.17.0", + "@aztec/bb.js": "0.19.0", "@noir-lang/types": "workspace:*", "fflate": "^0.8.0" }, diff --git a/yarn.lock b/yarn.lock index ea141531601..03e8058cc21 100644 --- a/yarn.lock +++ b/yarn.lock @@ -221,9 +221,9 @@ __metadata: languageName: node linkType: hard -"@aztec/bb.js@npm:0.17.0": - version: 0.17.0 - resolution: "@aztec/bb.js@npm:0.17.0" +"@aztec/bb.js@npm:0.19.0": + version: 0.19.0 + resolution: "@aztec/bb.js@npm:0.19.0" dependencies: comlink: ^4.4.1 commander: ^10.0.1 @@ -231,7 +231,7 @@ __metadata: tslib: ^2.4.0 bin: bb.js: dest/node/main.js - checksum: 459838076e4db7e6ca17f95acbd5c83028ea3b5c21e016a1561cec065a95d20e8d65906ad63e44e071556bc331070ceda6d48c058f5accdb76b3c6daab8ef1a5 + checksum: c78c22c3b8c43e0010a43145f973489aa7da9fcf0b8527884107f1f34ac3ca5f5d4ab087d74ce50cb75d6dbaef88bfc693e23745282faa30b81dc78481c65874 languageName: node linkType: hard @@ -4403,7 +4403,7 @@ __metadata: version: 0.0.0-use.local resolution: "@noir-lang/backend_barretenberg@workspace:tooling/noir_js_backend_barretenberg" dependencies: - "@aztec/bb.js": 0.17.0 + "@aztec/bb.js": 0.19.0 "@noir-lang/types": "workspace:*" "@types/node": ^20.6.2 "@types/prettier": ^3 From 0858aa4c437286eb9ffce1de569dd40f7cdddafa Mon Sep 17 00:00:00 2001 From: Santiago Palladino Date: Wed, 17 Jan 2024 11:36:30 -0300 Subject: [PATCH 50/67] feat!: Unify ABIs between nargo and yarn-project (#3989) Changes the output of `nargo` and `noir-wasm` to generate a single artifact that includes debug information. Compiled contracts now have a `file_map` at the root of the artifact, and a `debug_symbols` within each function. For consistency, compiled programs also have `file_map` and `debug_symbols`. Debug symbols are compressed and base64-encoded, as they were by the former `noir-compiler` postprocessing. The `debug` json artifact is no longer emitted. Removes all code related to generating `yarn-project`-specific ABIs from noir compiler. Instead, `types` now exposes a `loadContractArtifact` that renames fields as needed (and use camel instead of snake case), and is required when loading a noir contract artifact. Autogenerated types run this automatically. Since we are no longer post-processing artifacts, the `noir-contracts` project shape is changed. JSON files live in the `target` folder where nargo outputs them (this is not configurable), and are loaded by the autogenerated typescript interfaces from there. As part of the refactor, moves functions for getting functions debug info out of `acir-simulator` and into `types`. **Breaking change**: This removes the need to run `codegen` for using a compiled contract. However, when creating a new contract object from aztec.js, a dev needs to call `loadContractArtifact`. **Future changes**: Type information for a compilation artifact is now spread all over the place, and duplicated in more than one place. There are types defined within rust code in Noir as `[wasm_bindgen(typescript_custom_section)]`, others defined within typescript code in the `noir_wasm` package, others in `foundation`, and others in `types`. We should unify it in a single place. Fixes https://github.com/AztecProtocol/aztec-packages/issues/3812 Supersedes #3906 Noir subrepo has been pushed to https://github.com/noir-lang/noir/pull/4035 to run the Noir CI --- Cargo.lock | 8 +- Cargo.toml | 1 + acvm-repo/acir/Cargo.toml | 2 +- compiler/noirc_errors/Cargo.toml | 5 +- compiler/noirc_errors/src/debug_info.rs | 48 ++++++++++- compiler/wasm/Cargo.toml | 1 + compiler/wasm/package.json | 5 ++ compiler/wasm/src/compile.rs | 68 ++++++---------- compiler/wasm/src/index.cts | 3 +- compiler/wasm/src/index.mts | 3 +- compiler/wasm/src/noir/debug.ts | 6 ++ compiler/wasm/src/types/noir_artifact.ts | 53 +++++------- .../browser/compile_with_deps.test.ts | 41 +++++----- .../compiler/node/compile_with_deps.test.ts | 22 ++--- .../compiler/shared/compile_with_deps.test.ts | 80 ++++++++++++++++++ tooling/nargo/src/artifacts/contract.rs | 29 ++++++- tooling/nargo/src/artifacts/program.rs | 30 +++++++ tooling/nargo_cli/src/cli/compile_cmd.rs | 81 +++---------------- tooling/nargo_cli/src/cli/fs/program.rs | 24 +----- yarn.lock | 16 ++++ 20 files changed, 316 insertions(+), 210 deletions(-) create mode 100644 compiler/wasm/src/noir/debug.ts create mode 100644 compiler/wasm/test/compiler/shared/compile_with_deps.test.ts diff --git a/Cargo.lock b/Cargo.lock index 1088bb63004..79f1934059f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1663,9 +1663,9 @@ dependencies = [ [[package]] name = "flate2" -version = "1.0.26" +version = "1.0.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b9429470923de8e8cbd4d2dc513535400b4b3fef0319fb5c4e1f520a7bef743" +checksum = "46303f565772937ffe1d394a4fac6f411c6013172fadde9dcdb1e147a086940e" dependencies = [ "crc32fast", "miniz_oxide", @@ -2870,6 +2870,7 @@ dependencies = [ "nargo", "noirc_driver", "noirc_errors", + "noirc_evaluator", "noirc_frontend", "rust-embed", "serde", @@ -2937,11 +2938,14 @@ name = "noirc_errors" version = "0.22.0" dependencies = [ "acvm", + "base64 0.21.2", "chumsky", "codespan", "codespan-reporting", + "flate2", "fm", "serde", + "serde_json", "serde_with", "tracing", ] diff --git a/Cargo.toml b/Cargo.toml index 05139934c62..f0fc7249efc 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -123,6 +123,7 @@ num-traits = "0.2" similar-asserts = "1.5.0" tempfile = "3.6.0" jsonrpc = { version = "0.16.0", features = ["minreq_http"] } +flate2 = "1.0.24" tracing = "0.1.40" tracing-web = "0.1.3" diff --git a/acvm-repo/acir/Cargo.toml b/acvm-repo/acir/Cargo.toml index a0877120a58..b44c64dd838 100644 --- a/acvm-repo/acir/Cargo.toml +++ b/acvm-repo/acir/Cargo.toml @@ -17,7 +17,7 @@ acir_field.workspace = true brillig.workspace = true serde.workspace = true thiserror.workspace = true -flate2 = "1.0.24" +flate2.workspace = true bincode.workspace = true base64.workspace = true diff --git a/compiler/noirc_errors/Cargo.toml b/compiler/noirc_errors/Cargo.toml index 02e97b2c670..935137ba2fc 100644 --- a/compiler/noirc_errors/Cargo.toml +++ b/compiler/noirc_errors/Cargo.toml @@ -15,4 +15,7 @@ fm.workspace = true chumsky.workspace = true serde.workspace = true serde_with = "3.2.0" -tracing.workspace = true \ No newline at end of file +tracing.workspace = true +flate2.workspace = true +serde_json.workspace = true +base64.workspace = true \ No newline at end of file diff --git a/compiler/noirc_errors/src/debug_info.rs b/compiler/noirc_errors/src/debug_info.rs index ee40ced19bf..ffca8fbf2e1 100644 --- a/compiler/noirc_errors/src/debug_info.rs +++ b/compiler/noirc_errors/src/debug_info.rs @@ -1,14 +1,24 @@ use acvm::acir::circuit::OpcodeLocation; use acvm::compiler::AcirTransformationMap; +use base64::Engine; +use flate2::read::DeflateDecoder; +use flate2::write::DeflateEncoder; +use flate2::Compression; +use serde::Deserializer; +use serde::Serializer; use serde_with::serde_as; use serde_with::DisplayFromStr; use std::collections::BTreeMap; use std::collections::HashMap; +use std::io::Read; +use std::io::Write; use std::mem; use crate::Location; -use serde::{Deserialize, Serialize}; +use serde::{ + de::Error as DeserializationError, ser::Error as SerializationError, Deserialize, Serialize, +}; #[serde_as] #[derive(Default, Debug, Clone, Deserialize, Serialize)] @@ -86,4 +96,40 @@ impl DebugInfo { counted_opcodes } + + pub fn serialize_compressed_base64_json( + debug_info: &DebugInfo, + s: S, + ) -> Result + where + S: Serializer, + { + let json_str = serde_json::to_string(debug_info).map_err(S::Error::custom)?; + + let mut encoder = DeflateEncoder::new(Vec::new(), Compression::default()); + encoder.write_all(json_str.as_bytes()).map_err(S::Error::custom)?; + let compressed_data = encoder.finish().map_err(S::Error::custom)?; + + let encoded_b64 = base64::prelude::BASE64_STANDARD.encode(compressed_data); + s.serialize_str(&encoded_b64) + } + + pub fn deserialize_compressed_base64_json<'de, D>( + deserializer: D, + ) -> Result + where + D: Deserializer<'de>, + { + let encoded_b64: String = Deserialize::deserialize(deserializer)?; + + let compressed_data = + base64::prelude::BASE64_STANDARD.decode(encoded_b64).map_err(D::Error::custom)?; + + let mut decoder = DeflateDecoder::new(&compressed_data[..]); + let mut decompressed_data = Vec::new(); + decoder.read_to_end(&mut decompressed_data).map_err(D::Error::custom)?; + + let json_str = String::from_utf8(decompressed_data).map_err(D::Error::custom)?; + serde_json::from_str(&json_str).map_err(D::Error::custom) + } } diff --git a/compiler/wasm/Cargo.toml b/compiler/wasm/Cargo.toml index 7af26269106..a20efeeed8a 100644 --- a/compiler/wasm/Cargo.toml +++ b/compiler/wasm/Cargo.toml @@ -18,6 +18,7 @@ nargo.workspace = true noirc_driver.workspace = true noirc_frontend.workspace = true noirc_errors.workspace = true +noirc_evaluator.workspace = true wasm-bindgen.workspace = true serde.workspace = true js-sys.workspace = true diff --git a/compiler/wasm/package.json b/compiler/wasm/package.json index a8abf26a7e2..412e9c82f9a 100644 --- a/compiler/wasm/package.json +++ b/compiler/wasm/package.json @@ -34,6 +34,7 @@ "test": "yarn test:build_fixtures && yarn test:node && yarn test:browser", "test:build_fixtures": "./scripts/build-fixtures.sh", "test:browser": "web-test-runner", + "test:browser:docker": "docker run --rm -v $(cd ../.. && pwd):/usr/src/noir -w /usr/src/noir/compiler/wasm mcr.microsoft.com/playwright:v1.40.0-jammy yarn test:browser", "test:node": "NODE_NO_WARNINGS=1 mocha --config ./.mocharc.json", "clean": "rm -rf ./build ./target ./dist public/fixtures/simple/target public/fixtures/with-deps/target", "nightly:version": "jq --arg new_version \"-$(git rev-parse --short HEAD)$1\" '.version = .version + $new_version' package.json > package-tmp.json && mv package-tmp.json package.json", @@ -49,6 +50,7 @@ "@types/mocha": "^10.0.6", "@types/mocha-each": "^2", "@types/node": "^20.10.5", + "@types/pako": "^2", "@types/path-browserify": "^1", "@types/readable-stream": "^4", "@types/sinon": "^17", @@ -76,5 +78,8 @@ "url": "^0.11.3", "webpack": "^5.49.0", "webpack-cli": "^4.7.2" + }, + "dependencies": { + "pako": "^2.1.0" } } diff --git a/compiler/wasm/src/compile.rs b/compiler/wasm/src/compile.rs index 151dde2eea6..351f9ae8a86 100644 --- a/compiler/wasm/src/compile.rs +++ b/compiler/wasm/src/compile.rs @@ -3,7 +3,6 @@ use gloo_utils::format::JsValueSerdeExt; use js_sys::{JsString, Object}; use nargo::artifacts::{ contract::{ContractArtifact, ContractFunctionArtifact}, - debug::DebugArtifact, program::ProgramArtifact, }; use noirc_driver::{ @@ -11,6 +10,7 @@ use noirc_driver::{ prepare_dependency, CompileOptions, CompiledContract, CompiledProgram, NOIR_ARTIFACT_VERSION_STRING, }; +use noirc_evaluator::errors::SsaReport; use noirc_frontend::{ graph::{CrateId, CrateName}, hir::Context, @@ -28,35 +28,30 @@ export type DependencyGraph = { library_dependencies: Readonly>; } -export type CompiledContract = { +export type ContractArtifact = { noir_version: string; name: string; functions: Array; events: Array; + file_map: Record; }; -export type CompiledProgram = { +export type ProgramArtifact = { noir_version: string; + hash: number; abi: any; bytecode: string; + debug_symbols: any; + file_map: Record; } -export type DebugArtifact = { - debug_symbols: Array; - file_map: Record; - warnings: Array; -}; +type WarningsCompileResult = { warnings: Array; }; -export type CompileResult = ( - | { - contract: CompiledContract; - debug: DebugArtifact; - } - | { - program: CompiledProgram; - debug: DebugArtifact; - } -); +export type ContractCompileResult = { contract: CompiledContract; } & WarningsCompileResult; + +export type ProgramCompileResult = { program: CompiledProgram; } & WarningsCompileResult; + +export type CompileResult = ContractCompileResult | ProgramCompileResult; "#; #[wasm_bindgen] @@ -76,38 +71,36 @@ extern "C" { impl JsCompileResult { const CONTRACT_PROP: &'static str = "contract"; const PROGRAM_PROP: &'static str = "program"; - const DEBUG_PROP: &'static str = "debug"; + const WARNINGS_PROP: &'static str = "warnings"; pub fn new(resp: CompileResult) -> JsCompileResult { let obj = JsCompileResult::constructor(); match resp { - CompileResult::Contract { contract, debug } => { + CompileResult::Contract { contract, warnings } => { js_sys::Reflect::set( &obj, &JsString::from(JsCompileResult::CONTRACT_PROP), &::from_serde(&contract).unwrap(), ) .unwrap(); - js_sys::Reflect::set( &obj, - &JsString::from(JsCompileResult::DEBUG_PROP), - &::from_serde(&debug).unwrap(), + &JsString::from(JsCompileResult::WARNINGS_PROP), + &::from_serde(&warnings).unwrap(), ) .unwrap(); } - CompileResult::Program { program, debug } => { + CompileResult::Program { program, warnings } => { js_sys::Reflect::set( &obj, &JsString::from(JsCompileResult::PROGRAM_PROP), &::from_serde(&program).unwrap(), ) .unwrap(); - js_sys::Reflect::set( &obj, - &JsString::from(JsCompileResult::DEBUG_PROP), - &::from_serde(&debug).unwrap(), + &JsString::from(JsCompileResult::WARNINGS_PROP), + &::from_serde(&warnings).unwrap(), ) .unwrap(); } @@ -148,8 +141,8 @@ impl PathToFileSourceMap { } pub enum CompileResult { - Contract { contract: ContractArtifact, debug: DebugArtifact }, - Program { program: ProgramArtifact, debug: DebugArtifact }, + Contract { contract: ContractArtifact, warnings: Vec }, + Program { program: ProgramArtifact, warnings: Vec }, } #[wasm_bindgen] @@ -273,21 +266,11 @@ fn add_noir_lib(context: &mut Context, library_name: &CrateName) -> CrateId { } pub(crate) fn generate_program_artifact(program: CompiledProgram) -> CompileResult { - let debug_artifact = DebugArtifact { - debug_symbols: vec![program.debug.clone()], - file_map: program.file_map.clone(), - warnings: program.warnings.clone(), - }; - - CompileResult::Program { program: program.into(), debug: debug_artifact } + let warnings = program.warnings.clone(); + CompileResult::Program { program: program.into(), warnings } } pub(crate) fn generate_contract_artifact(contract: CompiledContract) -> CompileResult { - let debug_artifact = DebugArtifact { - debug_symbols: contract.functions.iter().map(|function| function.debug.clone()).collect(), - file_map: contract.file_map, - warnings: contract.warnings, - }; let functions = contract.functions.into_iter().map(ContractFunctionArtifact::from).collect(); let contract_artifact = ContractArtifact { @@ -295,9 +278,10 @@ pub(crate) fn generate_contract_artifact(contract: CompiledContract) -> CompileR name: contract.name, functions, events: contract.events, + file_map: contract.file_map, }; - CompileResult::Contract { contract: contract_artifact, debug: debug_artifact } + CompileResult::Contract { contract: contract_artifact, warnings: contract.warnings } } #[cfg(test)] diff --git a/compiler/wasm/src/index.cts b/compiler/wasm/src/index.cts index 31d169e8268..14687e615df 100644 --- a/compiler/wasm/src/index.cts +++ b/compiler/wasm/src/index.cts @@ -3,6 +3,7 @@ import { createNodejsFileManager } from './noir/file-manager/nodejs-file-manager import { NoirWasmCompiler } from './noir/noir-wasm-compiler'; import { LogData, LogFn } from './utils'; import { CompilationResult } from './types/noir_artifact'; +import { inflateDebugSymbols } from './noir/debug'; async function compile( fileManager: FileManager, @@ -46,4 +47,4 @@ async function compile( const createFileManager = createNodejsFileManager; -export { compile, createFileManager, CompilationResult }; +export { compile, createFileManager, inflateDebugSymbols, CompilationResult }; diff --git a/compiler/wasm/src/index.mts b/compiler/wasm/src/index.mts index 6340e2dc37a..8774a7857ef 100644 --- a/compiler/wasm/src/index.mts +++ b/compiler/wasm/src/index.mts @@ -3,6 +3,7 @@ import { createNodejsFileManager } from './noir/file-manager/nodejs-file-manager import { NoirWasmCompiler } from './noir/noir-wasm-compiler'; import { LogData, LogFn } from './utils'; import { CompilationResult } from './types/noir_artifact'; +import { inflateDebugSymbols } from './noir/debug'; async function compile( fileManager: FileManager, @@ -48,4 +49,4 @@ async function compile( const createFileManager = createNodejsFileManager; -export { compile, createFileManager, CompilationResult }; +export { compile, createFileManager, inflateDebugSymbols, CompilationResult }; diff --git a/compiler/wasm/src/noir/debug.ts b/compiler/wasm/src/noir/debug.ts new file mode 100644 index 00000000000..7a65f4b68c2 --- /dev/null +++ b/compiler/wasm/src/noir/debug.ts @@ -0,0 +1,6 @@ +import { inflate } from 'pako'; + +/** Decompresses and decodes the debug symbols */ +export function inflateDebugSymbols(debugSymbols: string) { + return JSON.parse(inflate(Buffer.from(debugSymbols, 'base64'), { to: 'string', raw: true })); +} diff --git a/compiler/wasm/src/types/noir_artifact.ts b/compiler/wasm/src/types/noir_artifact.ts index f2147cfbeda..715877e335f 100644 --- a/compiler/wasm/src/types/noir_artifact.ts +++ b/compiler/wasm/src/types/noir_artifact.ts @@ -49,36 +49,40 @@ export interface NoirFunctionEntry { abi: Abi; /** The bytecode of the function in base64. */ bytecode: string; + /** The debug information, compressed and base64 encoded. */ + debug_symbols: string; } /** * The compilation result of an Noir contract. */ -export interface CompiledContract { +export interface ContractArtifact { /** The name of the contract. */ name: string; - /** Compilation backend. */ - backend: string; + /** Version of noir used for the build. */ + noir_version: string; /** The functions of the contract. */ functions: NoirFunctionEntry[]; /** The events of the contract */ events: EventAbi[]; + /** The map of file ID to the source code and path of the file. */ + file_map: DebugFileMap; } /** * The compilation result of an Noir contract. */ -export interface CompiledCircuit { +export interface ProgramArtifact { /** The hash of the circuit. */ hash?: number; - /** Compilation backend. */ - backend: string; - /** - * The ABI of the function. - */ + /** * The ABI of the function. */ abi: Abi; /** The bytecode of the circuit in base64. */ bytecode: string; + /** The debug information, compressed and base64 encoded. */ + debug_symbols: string; + /** The map of file ID to the source code and path of the file. */ + file_map: DebugFileMap; } /** @@ -142,19 +146,8 @@ export type DebugFileMap = Record< } >; -/** - * The debug metadata of an Noir contract. - */ -export interface DebugMetadata { - /** - * The debug information for each function. - */ - debug_symbols: DebugInfo[]; - /** - * The map of file ID to the source code and path of the file. - */ - file_map: DebugFileMap; -} +/** Compilation warning */ +export type Warning = unknown; /** * The compilation artifacts of a given contract. @@ -163,12 +156,10 @@ export interface ContractCompilationArtifacts { /** * The compiled contract. */ - contract: CompiledContract; + contract: ContractArtifact; - /** - * The artifact that contains the debug metadata about the contract. - */ - debug?: DebugMetadata; + /** Compilation warnings. */ + warnings: Warning[]; } /** @@ -182,12 +173,10 @@ export interface ProgramCompilationArtifacts { /** * The compiled contract. */ - program: CompiledCircuit; + program: ProgramArtifact; - /** - * The artifact that contains the debug metadata about the contract. - */ - debug?: DebugMetadata; + /** Compilation warnings. */ + warnings: Warning[]; } /** diff --git a/compiler/wasm/test/compiler/browser/compile_with_deps.test.ts b/compiler/wasm/test/compiler/browser/compile_with_deps.test.ts index 3580779ff1d..0d1e22e288f 100644 --- a/compiler/wasm/test/compiler/browser/compile_with_deps.test.ts +++ b/compiler/wasm/test/compiler/browser/compile_with_deps.test.ts @@ -2,7 +2,8 @@ import { getPaths } from '../../shared'; import { expect } from '@esm-bundle/chai'; import { compile, createFileManager } from '@noir-lang/noir_wasm'; -import { CompiledContract } from '../../../src/types/noir_artifact'; +import { ContractArtifact } from '../../../src/types/noir_artifact'; +import { shouldCompileIdentically } from '../shared/compile_with_deps.test'; const paths = getPaths('.'); @@ -21,24 +22,22 @@ async function getPrecompiledSource(path: string): Promise { return JSON.parse(compiledData); } -describe('noir-compiler', () => { - it('both nargo and noir_wasm should compile identically', async () => { - const { contractExpectedArtifact } = paths; - const fm = createFileManager('/'); - const files = Object.values(paths).filter((fileOrDir) => /^\.?\/.*\..*$/.test(fileOrDir)); - for (const path of files) { - console.log(path); - await fm.writeFile(path, (await getFile(path)).body as ReadableStream); - } - const nargoArtifact = (await getPrecompiledSource(contractExpectedArtifact)) as CompiledContract; - nargoArtifact.functions.sort((a, b) => a.name.localeCompare(b.name)); - const noirWasmArtifact = await compile(fm, '/fixtures/noir-contract'); - if (!('contract' in noirWasmArtifact)) { - throw new Error('Compilation failed'); - } - const noirWasmContract = noirWasmArtifact.contract; - expect(noirWasmContract).not.to.be.undefined; - noirWasmContract.functions.sort((a, b) => a.name.localeCompare(b.name)); - expect(nargoArtifact).to.deep.eq(noirWasmContract); - }).timeout(60 * 20e3); +describe('noir-compiler/browser', () => { + shouldCompileIdentically( + async () => { + const { contractExpectedArtifact } = paths; + const fm = createFileManager('/'); + const files = Object.values(paths).filter((fileOrDir) => /^\.?\/.*\..*$/.test(fileOrDir)); + for (const path of files) { + console.log(path); + await fm.writeFile(path, (await getFile(path)).body as ReadableStream); + } + const nargoArtifact = (await getPrecompiledSource(contractExpectedArtifact)) as ContractArtifact; + const noirWasmArtifact = await compile(fm, '/fixtures/noir-contract'); + + return { nargoArtifact, noirWasmArtifact }; + }, + expect, + 60 * 20e3, + ); }); diff --git a/compiler/wasm/test/compiler/node/compile_with_deps.test.ts b/compiler/wasm/test/compiler/node/compile_with_deps.test.ts index 546ec03c183..2a402dc9d02 100644 --- a/compiler/wasm/test/compiler/node/compile_with_deps.test.ts +++ b/compiler/wasm/test/compiler/node/compile_with_deps.test.ts @@ -2,25 +2,19 @@ import { join, resolve } from 'path'; import { getPaths } from '../../shared'; import { expect } from 'chai'; -import { readFile } from 'fs/promises'; import { compile, createFileManager } from '@noir-lang/noir_wasm'; -import { CompiledContract } from '../../../src/types/noir_artifact'; +import { readFile } from 'fs/promises'; +import { ContractArtifact } from '../../../src/types/noir_artifact'; +import { shouldCompileIdentically } from '../shared/compile_with_deps.test'; const basePath = resolve(join(__dirname, '../../')); const { contractProjectPath, contractExpectedArtifact } = getPaths(basePath); -describe('noir-compiler', () => { - it('both nargo and noir_wasm should compile identically', async () => { +describe('noir-compiler/node', () => { + shouldCompileIdentically(async () => { const fm = createFileManager(contractProjectPath); - const nargoArtifact = JSON.parse((await readFile(contractExpectedArtifact)).toString()) as CompiledContract; - nargoArtifact.functions.sort((a, b) => a.name.localeCompare(b.name)); + const nargoArtifact = JSON.parse((await readFile(contractExpectedArtifact)).toString()) as ContractArtifact; const noirWasmArtifact = await compile(fm); - if (!('contract' in noirWasmArtifact)) { - throw new Error('Compilation failed'); - } - const noirWasmContract = noirWasmArtifact.contract; - expect(noirWasmContract).not.to.be.undefined; - noirWasmContract.functions.sort((a, b) => a.name.localeCompare(b.name)); - expect(nargoArtifact).to.deep.eq(noirWasmContract); - }); + return { nargoArtifact, noirWasmArtifact }; + }, expect); }); diff --git a/compiler/wasm/test/compiler/shared/compile_with_deps.test.ts b/compiler/wasm/test/compiler/shared/compile_with_deps.test.ts new file mode 100644 index 00000000000..0960cba0665 --- /dev/null +++ b/compiler/wasm/test/compiler/shared/compile_with_deps.test.ts @@ -0,0 +1,80 @@ +import { CompilationResult, inflateDebugSymbols } from '@noir-lang/noir_wasm'; +import { type expect as Expect } from 'chai'; +import { + ContractArtifact, + ContractCompilationArtifacts, + DebugFileMap, + DebugInfo, + NoirFunctionEntry, +} from '../../../src/types/noir_artifact'; + +export function shouldCompileIdentically( + compileFn: () => Promise<{ nargoArtifact: ContractArtifact; noirWasmArtifact: CompilationResult }>, + expect: typeof Expect, + timeout = 5000, +) { + it('both nargo and noir_wasm should compile identically', async () => { + // Compile! + const { nargoArtifact, noirWasmArtifact } = await compileFn(); + + // Prepare nargo artifact + const [nargoDebugInfos, nargoFileMap] = deleteDebugMetadata(nargoArtifact); + normalizeVersion(nargoArtifact); + + // Prepare noir-wasm artifact + const noirWasmContract = (noirWasmArtifact as ContractCompilationArtifacts).contract; + expect(noirWasmContract).not.to.be.undefined; + const [noirWasmDebugInfos, norWasmFileMap] = deleteDebugMetadata(noirWasmContract); + normalizeVersion(noirWasmContract); + + // We first compare both contracts without considering debug info + expect(nargoArtifact).to.deep.eq(noirWasmContract); + + // Compare the file maps, ignoring keys, since those depend in the order in which files are visited, + // which may change depending on the file manager implementation. Also ignores paths, since the base + // path is reported differently between nargo and noir-wasm. + expect(getSources(nargoFileMap)).to.have.members(getSources(norWasmFileMap)); + + // Compare the debug symbol information, ignoring the actual ids used for file identifiers. + // Debug symbol info looks like the following, what we need is to ignore the 'file' identifiers + // {"locations":{"0":[{"span":{"start":141,"end":156},"file":39},{"span":{"start":38,"end":76},"file":38},{"span":{"start":824,"end":862},"file":23}]}} + expect(nargoDebugInfos).to.deep.eq(noirWasmDebugInfos); + }).timeout(timeout); +} + +/** Remove commit identifier from version, which may not match depending on cached nargo and noir-wasm */ +function normalizeVersion(contract: ContractArtifact) { + contract.noir_version = contract.noir_version.replace(/\+.+$/, ''); +} + +/** Extracts the debug symbols from all functions, decodes them, removes their file identifiers, and deletes them from the artifact. */ +function extractDebugInfos(fns: NoirFunctionEntry[]) { + return fns.map((fn) => { + const debugSymbols = inflateDebugSymbols(fn.debug_symbols); + delete (fn as Partial).debug_symbols; + clearFileIdentifiers(debugSymbols); + return debugSymbols; + }); +} + +/** Deletes all debug info from a contract and returns it. */ +function deleteDebugMetadata(contract: ContractArtifact) { + contract.functions.sort((a, b) => a.name.localeCompare(b.name)); + const fileMap = contract.file_map; + delete (contract as Partial).file_map; + return [extractDebugInfos(contract.functions), fileMap]; +} + +/** Clears file identifiers from a set of debug symbols. */ +function clearFileIdentifiers(debugSymbols: DebugInfo) { + for (const loc of Object.values(debugSymbols.locations)) { + for (const span of loc) { + span.file = 0; + } + } +} + +/** Returns list of sources from file map, dropping paths along the way, since they don't match depending on the file manager. */ +function getSources(fileMap: DebugFileMap) { + return Object.values(fileMap).map((file) => file.source); +} diff --git a/tooling/nargo/src/artifacts/contract.rs b/tooling/nargo/src/artifacts/contract.rs index 04699126762..d928b09fcb9 100644 --- a/tooling/nargo/src/artifacts/contract.rs +++ b/tooling/nargo/src/artifacts/contract.rs @@ -1,8 +1,14 @@ use acvm::acir::circuit::Circuit; use noirc_abi::{Abi, ContractEvent}; -use noirc_driver::{ContractFunction, ContractFunctionType}; +use noirc_driver::{CompiledContract, ContractFunction, ContractFunctionType}; use serde::{Deserialize, Serialize}; +use noirc_driver::DebugFile; +use noirc_errors::debug_info::DebugInfo; +use std::collections::BTreeMap; + +use fm::FileId; + #[derive(Serialize, Deserialize)] pub struct ContractArtifact { /// Version of noir used to compile this contract @@ -13,6 +19,20 @@ pub struct ContractArtifact { pub functions: Vec, /// All the events defined inside the contract scope. pub events: Vec, + /// Map of file Id to the source code so locations in debug info can be mapped to source code they point to. + pub file_map: BTreeMap, +} + +impl From for ContractArtifact { + fn from(contract: CompiledContract) -> Self { + ContractArtifact { + noir_version: contract.noir_version, + name: contract.name, + functions: contract.functions.into_iter().map(ContractFunctionArtifact::from).collect(), + events: contract.events, + file_map: contract.file_map, + } + } } /// Each function in the contract will be compiled as a separate noir program. @@ -34,6 +54,12 @@ pub struct ContractFunctionArtifact { deserialize_with = "Circuit::deserialize_circuit_base64" )] pub bytecode: Circuit, + + #[serde( + serialize_with = "DebugInfo::serialize_compressed_base64_json", + deserialize_with = "DebugInfo::deserialize_compressed_base64_json" + )] + pub debug_symbols: DebugInfo, } impl From for ContractFunctionArtifact { @@ -44,6 +70,7 @@ impl From for ContractFunctionArtifact { is_internal: func.is_internal, abi: func.abi, bytecode: func.bytecode, + debug_symbols: func.debug, } } } diff --git a/tooling/nargo/src/artifacts/program.rs b/tooling/nargo/src/artifacts/program.rs index 96e63e6fe50..d8dc42ec214 100644 --- a/tooling/nargo/src/artifacts/program.rs +++ b/tooling/nargo/src/artifacts/program.rs @@ -1,6 +1,11 @@ +use std::collections::BTreeMap; + use acvm::acir::circuit::Circuit; +use fm::FileId; use noirc_abi::Abi; use noirc_driver::CompiledProgram; +use noirc_driver::DebugFile; +use noirc_errors::debug_info::DebugInfo; use serde::{Deserialize, Serialize}; #[derive(Serialize, Deserialize, Debug)] @@ -20,6 +25,15 @@ pub struct ProgramArtifact { deserialize_with = "Circuit::deserialize_circuit_base64" )] pub bytecode: Circuit, + + #[serde( + serialize_with = "DebugInfo::serialize_compressed_base64_json", + deserialize_with = "DebugInfo::deserialize_compressed_base64_json" + )] + pub debug_symbols: DebugInfo, + + /// Map of file Id to the source code so locations in debug info can be mapped to source code they point to. + pub file_map: BTreeMap, } impl From for ProgramArtifact { @@ -29,6 +43,22 @@ impl From for ProgramArtifact { abi: program.abi, noir_version: program.noir_version, bytecode: program.circuit, + debug_symbols: program.debug, + file_map: program.file_map, + } + } +} + +impl From for CompiledProgram { + fn from(program: ProgramArtifact) -> Self { + CompiledProgram { + hash: program.hash, + abi: program.abi, + noir_version: program.noir_version, + circuit: program.bytecode, + debug: program.debug_symbols, + file_map: program.file_map, + warnings: vec![], } } } diff --git a/tooling/nargo_cli/src/cli/compile_cmd.rs b/tooling/nargo_cli/src/cli/compile_cmd.rs index 8bc35080fd7..9e739f5c818 100644 --- a/tooling/nargo_cli/src/cli/compile_cmd.rs +++ b/tooling/nargo_cli/src/cli/compile_cmd.rs @@ -1,10 +1,8 @@ use std::path::Path; use acvm::ExpressionWidth; + use fm::FileManager; -use iter_extended::vecmap; -use nargo::artifacts::contract::{ContractArtifact, ContractFunctionArtifact}; -use nargo::artifacts::debug::DebugArtifact; use nargo::artifacts::program::ProgramArtifact; use nargo::errors::CompileError; use nargo::insert_all_files_for_workspace_into_file_manager; @@ -15,6 +13,7 @@ use nargo_toml::{get_package_manifest, resolve_workspace_from_toml, PackageSelec use noirc_driver::file_manager_with_stdlib; use noirc_driver::NOIR_ARTIFACT_VERSION_STRING; use noirc_driver::{CompilationResult, CompileOptions, CompiledContract, CompiledProgram}; + use noirc_frontend::graph::CrateName; use clap::Args; @@ -23,10 +22,7 @@ use crate::backends::Backend; use crate::errors::CliError; use super::fs::program::only_acir; -use super::fs::program::{ - read_debug_artifact_from_file, read_program_from_file, save_contract_to_file, - save_debug_artifact_to_file, save_program_to_file, -}; +use super::fs::program::{read_program_from_file, save_contract_to_file, save_program_to_file}; use super::NargoConfig; use rayon::prelude::*; @@ -170,28 +166,11 @@ fn compile_program( let (mut context, crate_id) = prepare_package(file_manager, package); let program_artifact_path = workspace.package_build_path(package); - let mut debug_artifact_path = program_artifact_path.clone(); - debug_artifact_path.set_file_name(format!("debug_{}.json", package.name)); - let cached_program = if let (Ok(program_artifact), Ok(mut debug_artifact)) = ( - read_program_from_file(program_artifact_path), - read_debug_artifact_from_file(debug_artifact_path), - ) { - if program_artifact.noir_version == NOIR_ARTIFACT_VERSION_STRING { - Some(CompiledProgram { - hash: program_artifact.hash, - circuit: program_artifact.bytecode, - abi: program_artifact.abi, - noir_version: program_artifact.noir_version, - debug: debug_artifact.debug_symbols.remove(0), - file_map: debug_artifact.file_map, - warnings: debug_artifact.warnings, - }) - } else { - None - } - } else { - None - }; + let cached_program: Option = + read_program_from_file(program_artifact_path) + .ok() + .filter(|p| p.noir_version == NOIR_ARTIFACT_VERSION_STRING) + .map(|p| p.into()); let (program, warnings) = noirc_driver::compile_main(&mut context, crate_id, compile_options, cached_program)?; @@ -236,51 +215,13 @@ pub(super) fn save_program( } else { save_program_to_file(&program_artifact, &package.name, circuit_dir); } - - let debug_artifact = DebugArtifact { - debug_symbols: vec![program.debug], - file_map: program.file_map, - warnings: program.warnings, - }; - let circuit_name: String = (&package.name).into(); - save_debug_artifact_to_file(&debug_artifact, &circuit_name, circuit_dir); } fn save_contract(contract: CompiledContract, package: &Package, circuit_dir: &Path) { - // TODO(#1389): I wonder if it is incorrect for nargo-core to know anything about contracts. - // As can be seen here, It seems like a leaky abstraction where ContractFunctions (essentially CompiledPrograms) - // are compiled via nargo-core and then the ContractArtifact is constructed here. - // This is due to EACH function needing it's own CRS, PKey, and VKey from the backend. - let debug_artifact = DebugArtifact { - debug_symbols: contract.functions.iter().map(|function| function.debug.clone()).collect(), - file_map: contract.file_map, - warnings: contract.warnings, - }; - - let functions = vecmap(contract.functions, |func| ContractFunctionArtifact { - name: func.name, - function_type: func.function_type, - is_internal: func.is_internal, - abi: func.abi, - bytecode: func.bytecode, - }); - - let contract_artifact = ContractArtifact { - noir_version: contract.noir_version, - name: contract.name, - functions, - events: contract.events, - }; - + let contract_name = contract.name.clone(); save_contract_to_file( - &contract_artifact, - &format!("{}-{}", package.name, contract_artifact.name), - circuit_dir, - ); - - save_debug_artifact_to_file( - &debug_artifact, - &format!("{}-{}", package.name, contract_artifact.name), + &contract.into(), + &format!("{}-{}", package.name, contract_name), circuit_dir, ); } diff --git a/tooling/nargo_cli/src/cli/fs/program.rs b/tooling/nargo_cli/src/cli/fs/program.rs index 1d2f012736e..1fb57ae6685 100644 --- a/tooling/nargo_cli/src/cli/fs/program.rs +++ b/tooling/nargo_cli/src/cli/fs/program.rs @@ -1,9 +1,7 @@ use std::path::{Path, PathBuf}; use acvm::acir::circuit::Circuit; -use nargo::artifacts::{ - contract::ContractArtifact, debug::DebugArtifact, program::ProgramArtifact, -}; +use nargo::artifacts::{contract::ContractArtifact, program::ProgramArtifact}; use noirc_frontend::graph::CrateName; use crate::errors::FilesystemError; @@ -40,15 +38,6 @@ pub(crate) fn save_contract_to_file>( save_build_artifact_to_file(compiled_contract, circuit_name, circuit_dir) } -pub(crate) fn save_debug_artifact_to_file>( - debug_artifact: &DebugArtifact, - circuit_name: &str, - circuit_dir: P, -) -> PathBuf { - let artifact_name = format!("debug_{circuit_name}"); - save_build_artifact_to_file(debug_artifact, &artifact_name, circuit_dir) -} - fn save_build_artifact_to_file, T: ?Sized + serde::Serialize>( build_artifact: &T, artifact_name: &str, @@ -74,14 +63,3 @@ pub(crate) fn read_program_from_file>( Ok(program) } - -pub(crate) fn read_debug_artifact_from_file>( - debug_artifact_path: P, -) -> Result { - let input_string = std::fs::read(&debug_artifact_path) - .map_err(|_| FilesystemError::PathNotValid(debug_artifact_path.as_ref().into()))?; - let program = serde_json::from_slice(&input_string) - .map_err(|err| FilesystemError::ProgramSerializationError(err.to_string()))?; - - Ok(program) -} diff --git a/yarn.lock b/yarn.lock index ea141531601..86a3d2242a0 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4478,6 +4478,7 @@ __metadata: "@types/mocha": ^10.0.6 "@types/mocha-each": ^2 "@types/node": ^20.10.5 + "@types/pako": ^2 "@types/path-browserify": ^1 "@types/readable-stream": ^4 "@types/sinon": ^17 @@ -4494,6 +4495,7 @@ __metadata: memfs: ^4.6.0 mocha: ^10.2.0 mocha-each: ^2.0.1 + pako: ^2.1.0 path-browserify: ^1.0.1 process: ^0.11.10 readable-stream: ^4.4.2 @@ -6096,6 +6098,13 @@ __metadata: languageName: node linkType: hard +"@types/pako@npm:^2": + version: 2.0.3 + resolution: "@types/pako@npm:2.0.3" + checksum: 0746dd5d29eccf5b2e6cceb3ccb093851219e78bd2e2e20d25757e247987139e061e5d4ba37cb5295493f06e3c683c74f8876011cd8a3f3748a09244fbc841d9 + languageName: node + linkType: hard + "@types/parse-json@npm:^4.0.0": version: 4.0.2 resolution: "@types/parse-json@npm:4.0.2" @@ -16897,6 +16906,13 @@ __metadata: languageName: node linkType: hard +"pako@npm:^2.1.0": + version: 2.1.0 + resolution: "pako@npm:2.1.0" + checksum: 71666548644c9a4d056bcaba849ca6fd7242c6cf1af0646d3346f3079a1c7f4a66ffec6f7369ee0dc88f61926c10d6ab05da3e1fca44b83551839e89edd75a3e + languageName: node + linkType: hard + "param-case@npm:^3.0.4": version: 3.0.4 resolution: "param-case@npm:3.0.4" From 5a1b2bbd3e2e5e133deacb021cc4ba7587c14b8b Mon Sep 17 00:00:00 2001 From: Santiago Palladino Date: Wed, 17 Jan 2024 12:12:29 -0300 Subject: [PATCH 51/67] fix: Nargo destination path in bootstrap cache (#4103) The destination path when copying nargo from the CI cache in bootstrap_cache was wrong, it was getting copied to `~/monorepo/noir/noir/target/release` (note the double `noir`). --- bootstrap_cache.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bootstrap_cache.sh b/bootstrap_cache.sh index 6e411a161cc..ac919f3ca65 100755 --- a/bootstrap_cache.sh +++ b/bootstrap_cache.sh @@ -5,6 +5,6 @@ cd "$(dirname "$0")" source ../build-system/scripts/setup_env '' '' mainframe_$USER > /dev/null echo -e "\033[1mRetrieving noir packages from remote cache...\033[0m" -extract_repo noir-packages /usr/src/noir/packages ./noir +extract_repo noir-packages /usr/src/noir/packages ./ echo -e "\033[1mRetrieving nargo from remote cache...\033[0m" -extract_repo noir /usr/src/noir/target/release ./noir/target +extract_repo noir /usr/src/noir/target/release ./target/ From 13f93d523342daf478e08e8ccc0f00962c7fbe05 Mon Sep 17 00:00:00 2001 From: James Zaki Date: Wed, 17 Jan 2024 19:25:36 +0000 Subject: [PATCH 52/67] chore: Fixes many broken urls (#4109) --- README.md | 2 +- tooling/nargo_cli/tests/hello_world.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 038ce5691cd..771c3f1c74d 100644 --- a/README.md +++ b/README.md @@ -58,7 +58,7 @@ This crate's minimum supported rustc version is 1.71.1. ## Working on this project -This project uses [Nix](https://nixos.org/) and [direnv](https://direnv.net/) to streamline the development experience. Please follow [our guidelines](https://noir-lang.org/docs/dev/getting_started/installation/other_install_methods#option-3-compile-from-source) to setup your environment for working on the project. +This project uses [Nix](https://nixos.org/) and [direnv](https://direnv.net/) to streamline the development experience. Please follow [our guidelines](https://noir-lang.org/docs/getting_started/installation/other_install_methods#option-3-compile-from-source) to setup your environment for working on the project. ### Building against a different local/remote version of Barretenberg diff --git a/tooling/nargo_cli/tests/hello_world.rs b/tooling/nargo_cli/tests/hello_world.rs index bc7022d1567..9fcb0c873e1 100644 --- a/tooling/nargo_cli/tests/hello_world.rs +++ b/tooling/nargo_cli/tests/hello_world.rs @@ -1,5 +1,5 @@ //! This integration test aims to mirror the steps taken by a new user using Nargo for the first time. -//! It then follows the steps published at https://noir-lang.org/getting_started/hello_world.html +//! It then follows the steps published at https://noir-lang.org/docs/getting_started/create_a_project //! Any modifications to the commands run here MUST be documented in the noir-lang book. use assert_cmd::prelude::*; From 40c2dc3a2e021b72ac233898cb4614bfcd229d86 Mon Sep 17 00:00:00 2001 From: Tom French Date: Thu, 18 Jan 2024 01:18:48 +0000 Subject: [PATCH 53/67] chore: formatting fix --- tooling/nargo_cli/src/cli/compile_cmd.rs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tooling/nargo_cli/src/cli/compile_cmd.rs b/tooling/nargo_cli/src/cli/compile_cmd.rs index 9e739f5c818..2dc9b5d5900 100644 --- a/tooling/nargo_cli/src/cli/compile_cmd.rs +++ b/tooling/nargo_cli/src/cli/compile_cmd.rs @@ -166,8 +166,7 @@ fn compile_program( let (mut context, crate_id) = prepare_package(file_manager, package); let program_artifact_path = workspace.package_build_path(package); - let cached_program: Option = - read_program_from_file(program_artifact_path) + let cached_program: Option = read_program_from_file(program_artifact_path) .ok() .filter(|p| p.noir_version == NOIR_ARTIFACT_VERSION_STRING) .map(|p| p.into()); From 7dba0a18ad83e74f8114c6ca594ad10e5e334704 Mon Sep 17 00:00:00 2001 From: guipublic <47281315+guipublic@users.noreply.github.com> Date: Wed, 24 Jan 2024 13:11:21 +0100 Subject: [PATCH 54/67] feat!: Add big int opcodes (without implementation) (#4050) Adds the biginteger opcode skeleton https://github.com/noir-lang/noir/issues/4040 The PR adds ACIR opcodes for bigint operations. It does not provide any implantation of the opcodes, neither in BB, in the solver or in Brillig. --------- Co-authored-by: kevaundray --- acvm-repo/acir/codegen/acir.cpp | 644 +++++++++++++++++- .../acir/src/circuit/black_box_functions.rs | 25 + .../opcodes/black_box_function_call.rs | 56 +- .../acvm/src/compiler/transformers/mod.rs | 12 +- acvm-repo/acvm/src/pwg/blackbox/mod.rs | 6 + acvm-repo/brillig/src/black_box.rs | 79 ++- acvm-repo/brillig_vm/src/black_box.rs | 12 + .../brillig/brillig_gen/brillig_black_box.rs | 101 +++ .../src/brillig/brillig_ir/debug_show.rs | 53 ++ .../ssa/acir_gen/acir_ir/generated_acir.rs | 62 ++ .../src/ssa/ir/instruction/call.rs | 9 +- 11 files changed, 1040 insertions(+), 19 deletions(-) diff --git a/acvm-repo/acir/codegen/acir.cpp b/acvm-repo/acir/codegen/acir.cpp index 9b74a8ea631..07bcd5f9f97 100644 --- a/acvm-repo/acir/codegen/acir.cpp +++ b/acvm-repo/acir/codegen/acir.cpp @@ -206,7 +206,66 @@ namespace Circuit { static RecursiveAggregation bincodeDeserialize(std::vector); }; - std::variant value; + struct BigIntAdd { + uint32_t lhs; + uint32_t rhs; + uint32_t output; + + friend bool operator==(const BigIntAdd&, const BigIntAdd&); + std::vector bincodeSerialize() const; + static BigIntAdd bincodeDeserialize(std::vector); + }; + + struct BigIntNeg { + uint32_t lhs; + uint32_t rhs; + uint32_t output; + + friend bool operator==(const BigIntNeg&, const BigIntNeg&); + std::vector bincodeSerialize() const; + static BigIntNeg bincodeDeserialize(std::vector); + }; + + struct BigIntMul { + uint32_t lhs; + uint32_t rhs; + uint32_t output; + + friend bool operator==(const BigIntMul&, const BigIntMul&); + std::vector bincodeSerialize() const; + static BigIntMul bincodeDeserialize(std::vector); + }; + + struct BigIntDiv { + uint32_t lhs; + uint32_t rhs; + uint32_t output; + + friend bool operator==(const BigIntDiv&, const BigIntDiv&); + std::vector bincodeSerialize() const; + static BigIntDiv bincodeDeserialize(std::vector); + }; + + struct BigIntFromLeBytes { + std::vector inputs; + std::vector modulus; + uint32_t output; + + friend bool operator==(const BigIntFromLeBytes&, const BigIntFromLeBytes&); + std::vector bincodeSerialize() const; + static BigIntFromLeBytes bincodeDeserialize(std::vector); + }; + + struct BigIntToLeBytes { + uint32_t input; + std::vector outputs; + + friend bool operator==(const BigIntToLeBytes&, const BigIntToLeBytes&); + std::vector bincodeSerialize() const; + static BigIntToLeBytes bincodeDeserialize(std::vector); + }; + + std::variant value; friend bool operator==(const BlackBoxFuncCall&, const BlackBoxFuncCall&); std::vector bincodeSerialize() const; @@ -543,7 +602,66 @@ namespace Circuit { static EmbeddedCurveDouble bincodeDeserialize(std::vector); }; - std::variant value; + struct BigIntAdd { + Circuit::RegisterIndex lhs; + Circuit::RegisterIndex rhs; + Circuit::RegisterIndex output; + + friend bool operator==(const BigIntAdd&, const BigIntAdd&); + std::vector bincodeSerialize() const; + static BigIntAdd bincodeDeserialize(std::vector); + }; + + struct BigIntNeg { + Circuit::RegisterIndex lhs; + Circuit::RegisterIndex rhs; + Circuit::RegisterIndex output; + + friend bool operator==(const BigIntNeg&, const BigIntNeg&); + std::vector bincodeSerialize() const; + static BigIntNeg bincodeDeserialize(std::vector); + }; + + struct BigIntMul { + Circuit::RegisterIndex lhs; + Circuit::RegisterIndex rhs; + Circuit::RegisterIndex output; + + friend bool operator==(const BigIntMul&, const BigIntMul&); + std::vector bincodeSerialize() const; + static BigIntMul bincodeDeserialize(std::vector); + }; + + struct BigIntDiv { + Circuit::RegisterIndex lhs; + Circuit::RegisterIndex rhs; + Circuit::RegisterIndex output; + + friend bool operator==(const BigIntDiv&, const BigIntDiv&); + std::vector bincodeSerialize() const; + static BigIntDiv bincodeDeserialize(std::vector); + }; + + struct BigIntFromLeBytes { + Circuit::HeapVector inputs; + Circuit::HeapVector modulus; + Circuit::RegisterIndex output; + + friend bool operator==(const BigIntFromLeBytes&, const BigIntFromLeBytes&); + std::vector bincodeSerialize() const; + static BigIntFromLeBytes bincodeDeserialize(std::vector); + }; + + struct BigIntToLeBytes { + Circuit::RegisterIndex input; + Circuit::HeapVector output; + + friend bool operator==(const BigIntToLeBytes&, const BigIntToLeBytes&); + std::vector bincodeSerialize() const; + static BigIntToLeBytes bincodeDeserialize(std::vector); + }; + + std::variant value; friend bool operator==(const BlackBoxOp&, const BlackBoxOp&); std::vector bincodeSerialize() const; @@ -2469,6 +2587,267 @@ Circuit::BlackBoxFuncCall::RecursiveAggregation serde::Deserializable BlackBoxFuncCall::BigIntAdd::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxFuncCall::BigIntAdd BlackBoxFuncCall::BigIntAdd::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::BigIntAdd &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.lhs, serializer); + serde::Serializable::serialize(obj.rhs, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxFuncCall::BigIntAdd serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxFuncCall::BigIntAdd obj; + obj.lhs = serde::Deserializable::deserialize(deserializer); + obj.rhs = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + +namespace Circuit { + + inline bool operator==(const BlackBoxFuncCall::BigIntNeg &lhs, const BlackBoxFuncCall::BigIntNeg &rhs) { + if (!(lhs.lhs == rhs.lhs)) { return false; } + if (!(lhs.rhs == rhs.rhs)) { return false; } + if (!(lhs.output == rhs.output)) { return false; } + return true; + } + + inline std::vector BlackBoxFuncCall::BigIntNeg::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxFuncCall::BigIntNeg BlackBoxFuncCall::BigIntNeg::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::BigIntNeg &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.lhs, serializer); + serde::Serializable::serialize(obj.rhs, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxFuncCall::BigIntNeg serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxFuncCall::BigIntNeg obj; + obj.lhs = serde::Deserializable::deserialize(deserializer); + obj.rhs = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + +namespace Circuit { + + inline bool operator==(const BlackBoxFuncCall::BigIntMul &lhs, const BlackBoxFuncCall::BigIntMul &rhs) { + if (!(lhs.lhs == rhs.lhs)) { return false; } + if (!(lhs.rhs == rhs.rhs)) { return false; } + if (!(lhs.output == rhs.output)) { return false; } + return true; + } + + inline std::vector BlackBoxFuncCall::BigIntMul::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxFuncCall::BigIntMul BlackBoxFuncCall::BigIntMul::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::BigIntMul &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.lhs, serializer); + serde::Serializable::serialize(obj.rhs, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxFuncCall::BigIntMul serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxFuncCall::BigIntMul obj; + obj.lhs = serde::Deserializable::deserialize(deserializer); + obj.rhs = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + +namespace Circuit { + + inline bool operator==(const BlackBoxFuncCall::BigIntDiv &lhs, const BlackBoxFuncCall::BigIntDiv &rhs) { + if (!(lhs.lhs == rhs.lhs)) { return false; } + if (!(lhs.rhs == rhs.rhs)) { return false; } + if (!(lhs.output == rhs.output)) { return false; } + return true; + } + + inline std::vector BlackBoxFuncCall::BigIntDiv::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxFuncCall::BigIntDiv BlackBoxFuncCall::BigIntDiv::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::BigIntDiv &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.lhs, serializer); + serde::Serializable::serialize(obj.rhs, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxFuncCall::BigIntDiv serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxFuncCall::BigIntDiv obj; + obj.lhs = serde::Deserializable::deserialize(deserializer); + obj.rhs = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + +namespace Circuit { + + inline bool operator==(const BlackBoxFuncCall::BigIntFromLeBytes &lhs, const BlackBoxFuncCall::BigIntFromLeBytes &rhs) { + if (!(lhs.inputs == rhs.inputs)) { return false; } + if (!(lhs.modulus == rhs.modulus)) { return false; } + if (!(lhs.output == rhs.output)) { return false; } + return true; + } + + inline std::vector BlackBoxFuncCall::BigIntFromLeBytes::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxFuncCall::BigIntFromLeBytes BlackBoxFuncCall::BigIntFromLeBytes::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::BigIntFromLeBytes &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.inputs, serializer); + serde::Serializable::serialize(obj.modulus, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxFuncCall::BigIntFromLeBytes serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxFuncCall::BigIntFromLeBytes obj; + obj.inputs = serde::Deserializable::deserialize(deserializer); + obj.modulus = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + +namespace Circuit { + + inline bool operator==(const BlackBoxFuncCall::BigIntToLeBytes &lhs, const BlackBoxFuncCall::BigIntToLeBytes &rhs) { + if (!(lhs.input == rhs.input)) { return false; } + if (!(lhs.outputs == rhs.outputs)) { return false; } + return true; + } + + inline std::vector BlackBoxFuncCall::BigIntToLeBytes::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxFuncCall::BigIntToLeBytes BlackBoxFuncCall::BigIntToLeBytes::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::BigIntToLeBytes &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.input, serializer); + serde::Serializable::serialize(obj.outputs, serializer); +} + +template <> +template +Circuit::BlackBoxFuncCall::BigIntToLeBytes serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxFuncCall::BigIntToLeBytes obj; + obj.input = serde::Deserializable::deserialize(deserializer); + obj.outputs = serde::Deserializable::deserialize(deserializer); + return obj; +} + namespace Circuit { inline bool operator==(const BlackBoxOp &lhs, const BlackBoxOp &rhs) { @@ -3092,6 +3471,267 @@ Circuit::BlackBoxOp::EmbeddedCurveDouble serde::Deserializable BlackBoxOp::BigIntAdd::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxOp::BigIntAdd BlackBoxOp::BigIntAdd::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntAdd &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.lhs, serializer); + serde::Serializable::serialize(obj.rhs, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxOp::BigIntAdd serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxOp::BigIntAdd obj; + obj.lhs = serde::Deserializable::deserialize(deserializer); + obj.rhs = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + +namespace Circuit { + + inline bool operator==(const BlackBoxOp::BigIntNeg &lhs, const BlackBoxOp::BigIntNeg &rhs) { + if (!(lhs.lhs == rhs.lhs)) { return false; } + if (!(lhs.rhs == rhs.rhs)) { return false; } + if (!(lhs.output == rhs.output)) { return false; } + return true; + } + + inline std::vector BlackBoxOp::BigIntNeg::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxOp::BigIntNeg BlackBoxOp::BigIntNeg::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntNeg &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.lhs, serializer); + serde::Serializable::serialize(obj.rhs, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxOp::BigIntNeg serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxOp::BigIntNeg obj; + obj.lhs = serde::Deserializable::deserialize(deserializer); + obj.rhs = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + +namespace Circuit { + + inline bool operator==(const BlackBoxOp::BigIntMul &lhs, const BlackBoxOp::BigIntMul &rhs) { + if (!(lhs.lhs == rhs.lhs)) { return false; } + if (!(lhs.rhs == rhs.rhs)) { return false; } + if (!(lhs.output == rhs.output)) { return false; } + return true; + } + + inline std::vector BlackBoxOp::BigIntMul::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxOp::BigIntMul BlackBoxOp::BigIntMul::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntMul &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.lhs, serializer); + serde::Serializable::serialize(obj.rhs, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxOp::BigIntMul serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxOp::BigIntMul obj; + obj.lhs = serde::Deserializable::deserialize(deserializer); + obj.rhs = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + +namespace Circuit { + + inline bool operator==(const BlackBoxOp::BigIntDiv &lhs, const BlackBoxOp::BigIntDiv &rhs) { + if (!(lhs.lhs == rhs.lhs)) { return false; } + if (!(lhs.rhs == rhs.rhs)) { return false; } + if (!(lhs.output == rhs.output)) { return false; } + return true; + } + + inline std::vector BlackBoxOp::BigIntDiv::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxOp::BigIntDiv BlackBoxOp::BigIntDiv::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntDiv &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.lhs, serializer); + serde::Serializable::serialize(obj.rhs, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxOp::BigIntDiv serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxOp::BigIntDiv obj; + obj.lhs = serde::Deserializable::deserialize(deserializer); + obj.rhs = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + +namespace Circuit { + + inline bool operator==(const BlackBoxOp::BigIntFromLeBytes &lhs, const BlackBoxOp::BigIntFromLeBytes &rhs) { + if (!(lhs.inputs == rhs.inputs)) { return false; } + if (!(lhs.modulus == rhs.modulus)) { return false; } + if (!(lhs.output == rhs.output)) { return false; } + return true; + } + + inline std::vector BlackBoxOp::BigIntFromLeBytes::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxOp::BigIntFromLeBytes BlackBoxOp::BigIntFromLeBytes::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntFromLeBytes &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.inputs, serializer); + serde::Serializable::serialize(obj.modulus, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxOp::BigIntFromLeBytes serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxOp::BigIntFromLeBytes obj; + obj.inputs = serde::Deserializable::deserialize(deserializer); + obj.modulus = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + +namespace Circuit { + + inline bool operator==(const BlackBoxOp::BigIntToLeBytes &lhs, const BlackBoxOp::BigIntToLeBytes &rhs) { + if (!(lhs.input == rhs.input)) { return false; } + if (!(lhs.output == rhs.output)) { return false; } + return true; + } + + inline std::vector BlackBoxOp::BigIntToLeBytes::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxOp::BigIntToLeBytes BlackBoxOp::BigIntToLeBytes::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntToLeBytes &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.input, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxOp::BigIntToLeBytes serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxOp::BigIntToLeBytes obj; + obj.input = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + namespace Circuit { inline bool operator==(const BlockId &lhs, const BlockId &rhs) { diff --git a/acvm-repo/acir/src/circuit/black_box_functions.rs b/acvm-repo/acir/src/circuit/black_box_functions.rs index d1f5560313b..41b8923a8c9 100644 --- a/acvm-repo/acir/src/circuit/black_box_functions.rs +++ b/acvm-repo/acir/src/circuit/black_box_functions.rs @@ -49,6 +49,18 @@ pub enum BlackBoxFunc { EmbeddedCurveAdd, /// Point doubling over the embedded curve on which [`FieldElement`][acir_field::FieldElement] is defined. EmbeddedCurveDouble, + /// BigInt addition + BigIntAdd, + /// BigInt subtraction + BigIntNeg, + /// BigInt multiplication + BigIntMul, + /// BigInt division + BigIntDiv, + /// BigInt from le bytes + BigIntFromLeBytes, + /// BigInt to le bytes + BigIntToLeBytes, } impl std::fmt::Display for BlackBoxFunc { @@ -77,8 +89,15 @@ impl BlackBoxFunc { BlackBoxFunc::Keccakf1600 => "keccakf1600", BlackBoxFunc::RecursiveAggregation => "recursive_aggregation", BlackBoxFunc::EcdsaSecp256r1 => "ecdsa_secp256r1", + BlackBoxFunc::BigIntAdd => "bigint_add", + BlackBoxFunc::BigIntNeg => "bigint_neg", + BlackBoxFunc::BigIntMul => "bigint_mul", + BlackBoxFunc::BigIntDiv => "bigint_div", + BlackBoxFunc::BigIntFromLeBytes => "bigint_from_le_bytes", + BlackBoxFunc::BigIntToLeBytes => "bigint_to_le_bytes", } } + pub fn lookup(op_name: &str) -> Option { match op_name { "sha256" => Some(BlackBoxFunc::SHA256), @@ -98,6 +117,12 @@ impl BlackBoxFunc { "keccak256" => Some(BlackBoxFunc::Keccak256), "keccakf1600" => Some(BlackBoxFunc::Keccakf1600), "recursive_aggregation" => Some(BlackBoxFunc::RecursiveAggregation), + "bigint_add" => Some(BlackBoxFunc::BigIntAdd), + "bigint_neg" => Some(BlackBoxFunc::BigIntNeg), + "bigint_mul" => Some(BlackBoxFunc::BigIntMul), + "bigint_div" => Some(BlackBoxFunc::BigIntDiv), + "bigint_from_le_bytes" => Some(BlackBoxFunc::BigIntFromLeBytes), + "bigint_to_le_bytes" => Some(BlackBoxFunc::BigIntToLeBytes), _ => None, } } diff --git a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs index 7ee4e2498a5..1fdc0265377 100644 --- a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs +++ b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs @@ -120,6 +120,35 @@ pub enum BlackBoxFuncCall { /// key provided to the circuit matches the key produced by the circuit creator key_hash: FunctionInput, }, + BigIntAdd { + lhs: u32, + rhs: u32, + output: u32, + }, + BigIntNeg { + lhs: u32, + rhs: u32, + output: u32, + }, + BigIntMul { + lhs: u32, + rhs: u32, + output: u32, + }, + BigIntDiv { + lhs: u32, + rhs: u32, + output: u32, + }, + BigIntFromLeBytes { + inputs: Vec, + modulus: Vec, + output: u32, + }, + BigIntToLeBytes { + input: u32, + outputs: Vec, + }, } impl BlackBoxFuncCall { @@ -143,6 +172,12 @@ impl BlackBoxFuncCall { BlackBoxFuncCall::Keccak256VariableLength { .. } => BlackBoxFunc::Keccak256, BlackBoxFuncCall::Keccakf1600 { .. } => BlackBoxFunc::Keccakf1600, BlackBoxFuncCall::RecursiveAggregation { .. } => BlackBoxFunc::RecursiveAggregation, + BlackBoxFuncCall::BigIntAdd { .. } => BlackBoxFunc::BigIntAdd, + BlackBoxFuncCall::BigIntNeg { .. } => BlackBoxFunc::BigIntNeg, + BlackBoxFuncCall::BigIntMul { .. } => BlackBoxFunc::BigIntMul, + BlackBoxFuncCall::BigIntDiv { .. } => BlackBoxFunc::BigIntDiv, + BlackBoxFuncCall::BigIntFromLeBytes { .. } => BlackBoxFunc::BigIntFromLeBytes, + &BlackBoxFuncCall::BigIntToLeBytes { .. } => BlackBoxFunc::BigIntToLeBytes, } } @@ -158,10 +193,16 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::Keccak256 { inputs, .. } | BlackBoxFuncCall::Keccakf1600 { inputs, .. } | BlackBoxFuncCall::PedersenCommitment { inputs, .. } - | BlackBoxFuncCall::PedersenHash { inputs, .. } => inputs.to_vec(), + | BlackBoxFuncCall::PedersenHash { inputs, .. } + | BlackBoxFuncCall::BigIntFromLeBytes { inputs, .. } => inputs.to_vec(), BlackBoxFuncCall::AND { lhs, rhs, .. } | BlackBoxFuncCall::XOR { lhs, rhs, .. } => { vec![*lhs, *rhs] } + BlackBoxFuncCall::BigIntAdd { .. } + | BlackBoxFuncCall::BigIntNeg { .. } + | BlackBoxFuncCall::BigIntMul { .. } + | BlackBoxFuncCall::BigIntDiv { .. } + | BlackBoxFuncCall::BigIntToLeBytes { .. } => Vec::new(), BlackBoxFuncCall::FixedBaseScalarMul { low, high, .. } => vec![*low, *high], BlackBoxFuncCall::EmbeddedCurveAdd { input1_x, input1_y, input2_x, input2_y, .. @@ -249,7 +290,8 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::Blake2s { outputs, .. } | BlackBoxFuncCall::Blake3 { outputs, .. } | BlackBoxFuncCall::Keccak256 { outputs, .. } - | BlackBoxFuncCall::Keccakf1600 { outputs, .. } => outputs.to_vec(), + | BlackBoxFuncCall::Keccakf1600 { outputs, .. } + | BlackBoxFuncCall::Keccak256VariableLength { outputs, .. } => outputs.to_vec(), BlackBoxFuncCall::AND { output, .. } | BlackBoxFuncCall::XOR { output, .. } | BlackBoxFuncCall::SchnorrVerify { output, .. } @@ -260,10 +302,16 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::PedersenCommitment { outputs, .. } | BlackBoxFuncCall::EmbeddedCurveAdd { outputs, .. } | BlackBoxFuncCall::EmbeddedCurveDouble { outputs, .. } => vec![outputs.0, outputs.1], - BlackBoxFuncCall::RANGE { .. } | BlackBoxFuncCall::RecursiveAggregation { .. } => { + BlackBoxFuncCall::RANGE { .. } + | BlackBoxFuncCall::RecursiveAggregation { .. } + | BlackBoxFuncCall::BigIntFromLeBytes { .. } + | BlackBoxFuncCall::BigIntAdd { .. } + | BlackBoxFuncCall::BigIntNeg { .. } + | BlackBoxFuncCall::BigIntMul { .. } + | BlackBoxFuncCall::BigIntDiv { .. } => { vec![] } - BlackBoxFuncCall::Keccak256VariableLength { outputs, .. } => outputs.to_vec(), + BlackBoxFuncCall::BigIntToLeBytes { outputs, .. } => outputs.to_vec(), } } } diff --git a/acvm-repo/acvm/src/compiler/transformers/mod.rs b/acvm-repo/acvm/src/compiler/transformers/mod.rs index 306ea1b7c12..effe1128d36 100644 --- a/acvm-repo/acvm/src/compiler/transformers/mod.rs +++ b/acvm-repo/acvm/src/compiler/transformers/mod.rs @@ -105,7 +105,12 @@ pub(super) fn transform_internal( transformer.mark_solvable(*output); } acir::circuit::opcodes::BlackBoxFuncCall::RANGE { .. } - | acir::circuit::opcodes::BlackBoxFuncCall::RecursiveAggregation { .. } => (), + | acir::circuit::opcodes::BlackBoxFuncCall::RecursiveAggregation { .. } + | acir::circuit::opcodes::BlackBoxFuncCall::BigIntFromLeBytes { .. } + | acir::circuit::opcodes::BlackBoxFuncCall::BigIntAdd { .. } + | acir::circuit::opcodes::BlackBoxFuncCall::BigIntNeg { .. } + | acir::circuit::opcodes::BlackBoxFuncCall::BigIntMul { .. } + | acir::circuit::opcodes::BlackBoxFuncCall::BigIntDiv { .. } => (), acir::circuit::opcodes::BlackBoxFuncCall::SHA256 { outputs, .. } | acir::circuit::opcodes::BlackBoxFuncCall::Keccak256 { outputs, .. } | acir::circuit::opcodes::BlackBoxFuncCall::Keccak256VariableLength { @@ -114,7 +119,10 @@ pub(super) fn transform_internal( } | acir::circuit::opcodes::BlackBoxFuncCall::Keccakf1600 { outputs, .. } | acir::circuit::opcodes::BlackBoxFuncCall::Blake2s { outputs, .. } - | acir::circuit::opcodes::BlackBoxFuncCall::Blake3 { outputs, .. } => { + | acir::circuit::opcodes::BlackBoxFuncCall::Blake3 { outputs, .. } + | acir::circuit::opcodes::BlackBoxFuncCall::BigIntToLeBytes { + outputs, .. + } => { for witness in outputs { transformer.mark_solvable(*witness); } diff --git a/acvm-repo/acvm/src/pwg/blackbox/mod.rs b/acvm-repo/acvm/src/pwg/blackbox/mod.rs index 5eea234885c..a56b24b86f3 100644 --- a/acvm-repo/acvm/src/pwg/blackbox/mod.rs +++ b/acvm-repo/acvm/src/pwg/blackbox/mod.rs @@ -185,5 +185,11 @@ pub(crate) fn solve( } // Recursive aggregation will be entirely handled by the backend and is not solved by the ACVM BlackBoxFuncCall::RecursiveAggregation { .. } => Ok(()), + BlackBoxFuncCall::BigIntAdd { .. } => todo!(), + BlackBoxFuncCall::BigIntNeg { .. } => todo!(), + BlackBoxFuncCall::BigIntMul { .. } => todo!(), + BlackBoxFuncCall::BigIntDiv { .. } => todo!(), + BlackBoxFuncCall::BigIntFromLeBytes { .. } => todo!(), + BlackBoxFuncCall::BigIntToLeBytes { .. } => todo!(), } } diff --git a/acvm-repo/brillig/src/black_box.rs b/acvm-repo/brillig/src/black_box.rs index c007e78b785..5893758ce9e 100644 --- a/acvm-repo/brillig/src/black_box.rs +++ b/acvm-repo/brillig/src/black_box.rs @@ -6,15 +6,30 @@ use serde::{Deserialize, Serialize}; #[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)] pub enum BlackBoxOp { /// Calculates the SHA256 hash of the inputs. - Sha256 { message: HeapVector, output: HeapArray }, + Sha256 { + message: HeapVector, + output: HeapArray, + }, /// Calculates the Blake2s hash of the inputs. - Blake2s { message: HeapVector, output: HeapArray }, + Blake2s { + message: HeapVector, + output: HeapArray, + }, /// Calculates the Blake3 hash of the inputs. - Blake3 { message: HeapVector, output: HeapArray }, + Blake3 { + message: HeapVector, + output: HeapArray, + }, /// Calculates the Keccak256 hash of the inputs. - Keccak256 { message: HeapVector, output: HeapArray }, + Keccak256 { + message: HeapVector, + output: HeapArray, + }, /// Keccak Permutation function of 1600 width - Keccakf1600 { message: HeapVector, output: HeapArray }, + Keccakf1600 { + message: HeapVector, + output: HeapArray, + }, /// Verifies a ECDSA signature over the secp256k1 curve. EcdsaSecp256k1 { hashed_msg: HeapVector, @@ -40,11 +55,23 @@ pub enum BlackBoxOp { result: RegisterIndex, }, /// Calculates a Pedersen commitment to the inputs. - PedersenCommitment { inputs: HeapVector, domain_separator: RegisterIndex, output: HeapArray }, + PedersenCommitment { + inputs: HeapVector, + domain_separator: RegisterIndex, + output: HeapArray, + }, /// Calculates a Pedersen hash to the inputs. - PedersenHash { inputs: HeapVector, domain_separator: RegisterIndex, output: RegisterIndex }, + PedersenHash { + inputs: HeapVector, + domain_separator: RegisterIndex, + output: RegisterIndex, + }, /// Performs scalar multiplication over the embedded curve. - FixedBaseScalarMul { low: RegisterIndex, high: RegisterIndex, result: HeapArray }, + FixedBaseScalarMul { + low: RegisterIndex, + high: RegisterIndex, + result: HeapArray, + }, /// Performs addition over the embedded curve. EmbeddedCurveAdd { input1_x: RegisterIndex, @@ -54,5 +81,39 @@ pub enum BlackBoxOp { result: HeapArray, }, /// Performs point doubling over the embedded curve. - EmbeddedCurveDouble { input1_x: RegisterIndex, input1_y: RegisterIndex, result: HeapArray }, + EmbeddedCurveDouble { + input1_x: RegisterIndex, + input1_y: RegisterIndex, + result: HeapArray, + }, + + BigIntAdd { + lhs: RegisterIndex, + rhs: RegisterIndex, + output: RegisterIndex, + }, + BigIntNeg { + lhs: RegisterIndex, + rhs: RegisterIndex, + output: RegisterIndex, + }, + BigIntMul { + lhs: RegisterIndex, + rhs: RegisterIndex, + output: RegisterIndex, + }, + BigIntDiv { + lhs: RegisterIndex, + rhs: RegisterIndex, + output: RegisterIndex, + }, + BigIntFromLeBytes { + inputs: HeapVector, + modulus: HeapVector, + output: RegisterIndex, + }, + BigIntToLeBytes { + input: RegisterIndex, + output: HeapVector, + }, } diff --git a/acvm-repo/brillig_vm/src/black_box.rs b/acvm-repo/brillig_vm/src/black_box.rs index 463038509e1..edbebb61ece 100644 --- a/acvm-repo/brillig_vm/src/black_box.rs +++ b/acvm-repo/brillig_vm/src/black_box.rs @@ -200,6 +200,12 @@ pub(crate) fn evaluate_black_box( registers.set(*output, hash.into()); Ok(()) } + BlackBoxOp::BigIntAdd { .. } => todo!(), + BlackBoxOp::BigIntNeg { .. } => todo!(), + BlackBoxOp::BigIntMul { .. } => todo!(), + BlackBoxOp::BigIntDiv { .. } => todo!(), + BlackBoxOp::BigIntFromLeBytes { .. } => todo!(), + BlackBoxOp::BigIntToLeBytes { .. } => todo!(), } } @@ -218,6 +224,12 @@ fn black_box_function_from_op(op: &BlackBoxOp) -> BlackBoxFunc { BlackBoxOp::FixedBaseScalarMul { .. } => BlackBoxFunc::FixedBaseScalarMul, BlackBoxOp::EmbeddedCurveAdd { .. } => BlackBoxFunc::EmbeddedCurveAdd, BlackBoxOp::EmbeddedCurveDouble { .. } => BlackBoxFunc::EmbeddedCurveDouble, + BlackBoxOp::BigIntAdd { .. } => BlackBoxFunc::BigIntAdd, + BlackBoxOp::BigIntNeg { .. } => BlackBoxFunc::BigIntNeg, + BlackBoxOp::BigIntMul { .. } => BlackBoxFunc::BigIntMul, + BlackBoxOp::BigIntDiv { .. } => BlackBoxFunc::BigIntDiv, + BlackBoxOp::BigIntFromLeBytes { .. } => BlackBoxFunc::BigIntFromLeBytes, + BlackBoxOp::BigIntToLeBytes { .. } => BlackBoxFunc::BigIntToLeBytes, } } diff --git a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs index c081806f4a7..c7b6f39279b 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs @@ -244,6 +244,107 @@ pub(crate) fn convert_black_box_call( BlackBoxFunc::RecursiveAggregation => unimplemented!( "ICE: `BlackBoxFunc::RecursiveAggregation` is not implemented by the Brillig VM" ), + BlackBoxFunc::BigIntAdd => { + if let ( + [BrilligVariable::Simple(lhs), BrilligVariable::Simple(rhs)], + [BrilligVariable::Simple(output)], + ) = (function_arguments, function_results) + { + brillig_context.black_box_op_instruction(BlackBoxOp::BigIntAdd { + lhs: *lhs, + rhs: *rhs, + output: *output, + }); + } else { + unreachable!( + "ICE: EmbeddedCurveAdd expects two register arguments and one array result" + ) + } + } + BlackBoxFunc::BigIntNeg => { + if let ( + [BrilligVariable::Simple(lhs), BrilligVariable::Simple(rhs)], + [BrilligVariable::Simple(output)], + ) = (function_arguments, function_results) + { + brillig_context.black_box_op_instruction(BlackBoxOp::BigIntNeg { + lhs: *lhs, + rhs: *rhs, + output: *output, + }); + } else { + unreachable!( + "ICE: EmbeddedCurveAdd expects two register arguments and one array result" + ) + } + } + BlackBoxFunc::BigIntMul => { + if let ( + [BrilligVariable::Simple(lhs), BrilligVariable::Simple(rhs)], + [BrilligVariable::Simple(output)], + ) = (function_arguments, function_results) + { + brillig_context.black_box_op_instruction(BlackBoxOp::BigIntMul { + lhs: *lhs, + rhs: *rhs, + output: *output, + }); + } else { + unreachable!( + "ICE: EmbeddedCurveAdd expects two register arguments and one array result" + ) + } + } + BlackBoxFunc::BigIntDiv => { + if let ( + [BrilligVariable::Simple(lhs), BrilligVariable::Simple(rhs)], + [BrilligVariable::Simple(output)], + ) = (function_arguments, function_results) + { + brillig_context.black_box_op_instruction(BlackBoxOp::BigIntDiv { + lhs: *lhs, + rhs: *rhs, + output: *output, + }); + } else { + unreachable!( + "ICE: EmbeddedCurveAdd expects two register arguments and one array result" + ) + } + } + BlackBoxFunc::BigIntFromLeBytes => { + if let ([inputs, modulus], [BrilligVariable::Simple(output)]) = + (function_arguments, function_results) + { + let inputs_vector = convert_array_or_vector(brillig_context, inputs, bb_func); + let modulus_vector = convert_array_or_vector(brillig_context, modulus, bb_func); + brillig_context.black_box_op_instruction(BlackBoxOp::BigIntFromLeBytes { + inputs: inputs_vector.to_heap_vector(), + modulus: modulus_vector.to_heap_vector(), + output: *output, + }); + } else { + unreachable!( + "ICE: EmbeddedCurveAdd expects two register arguments and one array result" + ) + } + } + BlackBoxFunc::BigIntToLeBytes => { + if let ( + [BrilligVariable::Simple(input)], + [BrilligVariable::BrilligVector(result_vector)], + ) = (function_arguments, function_results) + { + brillig_context.black_box_op_instruction(BlackBoxOp::BigIntToLeBytes { + input: *input, + output: result_vector.to_heap_vector(), + }); + } else { + unreachable!( + "ICE: EmbeddedCurveAdd expects two register arguments and one array result" + ) + } + } } } diff --git a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs index dc8c6b6694c..5709b0a1aa2 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs @@ -457,6 +457,59 @@ impl DebugShow { result ); } + BlackBoxOp::BigIntAdd { lhs, rhs, output } => { + debug_println!( + self.enable_debug_trace, + " BIGINT_ADD {} {} -> {}", + lhs, + rhs, + output + ); + } + BlackBoxOp::BigIntNeg { lhs, rhs, output } => { + debug_println!( + self.enable_debug_trace, + " BIGINT_NEG {} {} -> {}", + lhs, + rhs, + output + ); + } + BlackBoxOp::BigIntMul { lhs, rhs, output } => { + debug_println!( + self.enable_debug_trace, + " BIGINT_MUL {} {} -> {}", + lhs, + rhs, + output + ); + } + BlackBoxOp::BigIntDiv { lhs, rhs, output } => { + debug_println!( + self.enable_debug_trace, + " BIGINT_DIV {} {} -> {}", + lhs, + rhs, + output + ); + } + BlackBoxOp::BigIntFromLeBytes { inputs, modulus, output } => { + debug_println!( + self.enable_debug_trace, + " BIGINT_FROM_LE_BYTES {} {} -> {}", + inputs, + modulus, + output + ); + } + BlackBoxOp::BigIntToLeBytes { input, output } => { + debug_println!( + self.enable_debug_trace, + " BIGINT_TO_LE_BYTES {} -> {}", + input, + output + ); + } } } diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs index efc64c5286e..4572cf1dd08 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs @@ -251,6 +251,34 @@ impl GeneratedAcir { public_inputs: inputs[2].clone(), key_hash: inputs[3][0], }, + BlackBoxFunc::BigIntAdd => BlackBoxFuncCall::BigIntAdd { + lhs: constants[0].to_u128() as u32, + rhs: constants[1].to_u128() as u32, + output: constants[2].to_u128() as u32, + }, + BlackBoxFunc::BigIntNeg => BlackBoxFuncCall::BigIntNeg { + lhs: constants[0].to_u128() as u32, + rhs: constants[1].to_u128() as u32, + output: constants[2].to_u128() as u32, + }, + BlackBoxFunc::BigIntMul => BlackBoxFuncCall::BigIntMul { + lhs: constants[0].to_u128() as u32, + rhs: constants[1].to_u128() as u32, + output: constants[2].to_u128() as u32, + }, + BlackBoxFunc::BigIntDiv => BlackBoxFuncCall::BigIntDiv { + lhs: constants[0].to_u128() as u32, + rhs: constants[1].to_u128() as u32, + output: constants[2].to_u128() as u32, + }, + BlackBoxFunc::BigIntFromLeBytes => BlackBoxFuncCall::BigIntFromLeBytes { + inputs: inputs[0].clone(), + modulus: vecmap(constants, |c| c.to_u128() as u8), + output: todo!(), + }, + BlackBoxFunc::BigIntToLeBytes => { + BlackBoxFuncCall::BigIntToLeBytes { input: constants[0].to_u128() as u32, outputs } + } }; self.push_opcode(AcirOpcode::BlackBoxFuncCall(black_box_func_call)); @@ -573,6 +601,7 @@ fn black_box_func_expected_input_size(name: BlackBoxFunc) -> Option { match name { // Bitwise opcodes will take in 2 parameters BlackBoxFunc::AND | BlackBoxFunc::XOR => Some(2), + // All of the hash/cipher methods will take in a // variable number of inputs. BlackBoxFunc::Keccak256 @@ -593,15 +622,30 @@ fn black_box_func_expected_input_size(name: BlackBoxFunc) -> Option { BlackBoxFunc::SchnorrVerify | BlackBoxFunc::EcdsaSecp256k1 | BlackBoxFunc::EcdsaSecp256r1 => None, + // Inputs for fixed based scalar multiplication // is the low and high limbs of the scalar BlackBoxFunc::FixedBaseScalarMul => Some(2), + // Recursive aggregation has a variable number of inputs BlackBoxFunc::RecursiveAggregation => None, + // Addition over the embedded curve: input are coordinates (x1,y1) and (x2,y2) of the Grumpkin points BlackBoxFunc::EmbeddedCurveAdd => Some(4), + // Doubling over the embedded curve: input is (x,y) coordinate of the point. BlackBoxFunc::EmbeddedCurveDouble => Some(2), + + // Big integer operations take in 2 inputs + BlackBoxFunc::BigIntAdd + | BlackBoxFunc::BigIntNeg + | BlackBoxFunc::BigIntMul + | BlackBoxFunc::BigIntDiv => Some(2), + + // FromLeBytes takes a variable array of bytes as input + BlackBoxFunc::BigIntFromLeBytes => None, + // ToLeBytes takes a single big integer as input + BlackBoxFunc::BigIntToLeBytes => Some(1), } } @@ -612,28 +656,46 @@ fn black_box_expected_output_size(name: BlackBoxFunc) -> Option { // Bitwise opcodes will return 1 parameter which is the output // or the operation. BlackBoxFunc::AND | BlackBoxFunc::XOR => Some(1), + // 32 byte hash algorithms BlackBoxFunc::Keccak256 | BlackBoxFunc::SHA256 | BlackBoxFunc::Blake2s | BlackBoxFunc::Blake3 => Some(32), + BlackBoxFunc::Keccakf1600 => Some(25), + // Pedersen commitment returns a point BlackBoxFunc::PedersenCommitment => Some(2), + // Pedersen hash returns a field BlackBoxFunc::PedersenHash => Some(1), + // Can only apply a range constraint to one // witness at a time. BlackBoxFunc::RANGE => Some(0), + // Signature verification algorithms will return a boolean BlackBoxFunc::SchnorrVerify | BlackBoxFunc::EcdsaSecp256k1 | BlackBoxFunc::EcdsaSecp256r1 => Some(1), + // Output of operations over the embedded curve // will be 2 field elements representing the point. BlackBoxFunc::FixedBaseScalarMul | BlackBoxFunc::EmbeddedCurveAdd | BlackBoxFunc::EmbeddedCurveDouble => Some(2), + + // Big integer operations return a big integer + BlackBoxFunc::BigIntAdd + | BlackBoxFunc::BigIntNeg + | BlackBoxFunc::BigIntMul + | BlackBoxFunc::BigIntDiv + | BlackBoxFunc::BigIntFromLeBytes => Some(1), + + // ToLeBytes returns a variable array of bytes + BlackBoxFunc::BigIntToLeBytes => None, + // Recursive aggregation has a variable number of outputs BlackBoxFunc::RecursiveAggregation => None, } diff --git a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs index d1991abab37..ff9dc4f345e 100644 --- a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs +++ b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs @@ -434,8 +434,13 @@ fn simplify_black_box_func( // Currently unsolvable here as we rely on an implementation in the backend. SimplifyResult::None } - - BlackBoxFunc::RecursiveAggregation => SimplifyResult::None, + BlackBoxFunc::BigIntAdd + | BlackBoxFunc::BigIntNeg + | BlackBoxFunc::BigIntMul + | BlackBoxFunc::BigIntDiv + | BlackBoxFunc::RecursiveAggregation + | BlackBoxFunc::BigIntFromLeBytes + | BlackBoxFunc::BigIntToLeBytes => SimplifyResult::None, BlackBoxFunc::AND => { unreachable!("ICE: `BlackBoxFunc::AND` calls should be transformed into a `BinaryOp`") From 914403de346ece6118c46abe0403d881fafd4d9b Mon Sep 17 00:00:00 2001 From: guipublic <47281315+guipublic@users.noreply.github.com> Date: Thu, 25 Jan 2024 12:23:01 +0100 Subject: [PATCH 55/67] feat: implement bigint in Noir, using bigint opcodes (#4198) This PR enables big integers in Noir using the bigint opcodes. It does not implement bigints in ACVM which is required to solve the opcodes. It also does not implement bigints opcodes in Barretenberg, which is required to generate the constraints. However it provides a BigInt structure in the stdlib so you can write code like this in Noir, which will be compiled into ACIR using the bigint opcodes. ``` let a = bigint::BigInt::from_le_bytes([3], [23]); let b = bigint::BigInt::from_le_bytes([5], [23]); let c = a+b; let bytes = c.to_le_bytes(); std::println(bytes[0]); ``` I did not add a test yet because ACMV solver is not yet implemented. --------- Co-authored-by: kevaundray --- compiler/noirc_evaluator/src/errors.rs | 5 +- .../src/ssa/acir_gen/acir_ir.rs | 1 + .../src/ssa/acir_gen/acir_ir/acir_variable.rs | 109 +++++++++++++++++- .../src/ssa/acir_gen/acir_ir/big_int.rs | 57 +++++++++ .../ssa/acir_gen/acir_ir/generated_acir.rs | 53 ++++----- .../noirc_evaluator/src/ssa/acir_gen/mod.rs | 29 ++++- noir_stdlib/src/bigint.nr | 54 +++++++++ noir_stdlib/src/lib.nr | 1 + 8 files changed, 271 insertions(+), 38 deletions(-) create mode 100644 compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/big_int.rs create mode 100644 noir_stdlib/src/bigint.nr diff --git a/compiler/noirc_evaluator/src/errors.rs b/compiler/noirc_evaluator/src/errors.rs index d7229c0adc5..b7e89c7b213 100644 --- a/compiler/noirc_evaluator/src/errors.rs +++ b/compiler/noirc_evaluator/src/errors.rs @@ -44,6 +44,8 @@ pub enum RuntimeError { AssertConstantFailed { call_stack: CallStack }, #[error("Nested slices are not supported")] NestedSlice { call_stack: CallStack }, + #[error("Big Integer modulus do no match")] + BigIntModulus { call_stack: CallStack }, } // We avoid showing the actual lhs and rhs since most of the time they are just 0 @@ -132,7 +134,8 @@ impl RuntimeError { | RuntimeError::AssertConstantFailed { call_stack } | RuntimeError::IntegerOutOfBounds { call_stack, .. } | RuntimeError::UnsupportedIntegerSize { call_stack, .. } - | RuntimeError::NestedSlice { call_stack, .. } => call_stack, + | RuntimeError::NestedSlice { call_stack, .. } + | RuntimeError::BigIntModulus { call_stack, .. } => call_stack, } } } diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir.rs index 96800b22ad0..1ddbae0f339 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir.rs @@ -1,3 +1,4 @@ pub(crate) mod acir_variable; +pub(crate) mod big_int; pub(crate) mod generated_acir; pub(crate) mod sort; diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/acir_variable.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/acir_variable.rs index cf7c6151110..d1c1e56f5a3 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/acir_variable.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/acir_variable.rs @@ -1,3 +1,4 @@ +use super::big_int::BigIntContext; use super::generated_acir::GeneratedAcir; use crate::brillig::brillig_gen::brillig_directive; use crate::brillig::brillig_ir::artifact::GeneratedBrillig; @@ -107,6 +108,9 @@ pub(crate) struct AcirContext { /// then the `acir_ir` will be populated to assert this /// addition. acir_ir: GeneratedAcir, + + /// The BigIntContext, used to generate identifiers for BigIntegers + big_int_ctx: BigIntContext, } impl AcirContext { @@ -1140,10 +1144,10 @@ impl AcirContext { &mut self, name: BlackBoxFunc, mut inputs: Vec, - output_count: usize, + mut output_count: usize, ) -> Result, RuntimeError> { // Separate out any arguments that should be constants - let constants = match name { + let (constant_inputs, constant_outputs) = match name { BlackBoxFunc::PedersenCommitment | BlackBoxFunc::PedersenHash => { // The last argument of pedersen is the domain separator, which must be a constant let domain_var = match inputs.pop() { @@ -1167,23 +1171,116 @@ impl AcirContext { } }; - vec![domain_constant] + (vec![domain_constant], Vec::new()) + } + BlackBoxFunc::BigIntAdd + | BlackBoxFunc::BigIntNeg + | BlackBoxFunc::BigIntMul + | BlackBoxFunc::BigIntDiv => { + assert_eq!(inputs.len(), 4, "ICE - bigint operation requires 4 inputs"); + let const_inputs = vecmap(inputs, |i| { + let var = i.into_var()?; + match self.vars[&var].as_constant() { + Some(const_var) => Ok(const_var), + None => Err(RuntimeError::InternalError(InternalError::NotAConstant { + name: "big integer".to_string(), + call_stack: self.get_call_stack(), + })), + } + }); + inputs = Vec::new(); + output_count = 0; + let mut field_inputs = Vec::new(); + for i in const_inputs { + field_inputs.push(i?); + } + if field_inputs[1] != field_inputs[3] { + return Err(RuntimeError::BigIntModulus { call_stack: self.get_call_stack() }); + } + + let result_id = self.big_int_ctx.new_big_int(field_inputs[1]); + ( + vec![field_inputs[0], field_inputs[2]], + vec![result_id.bigint_id(), result_id.modulus_id()], + ) + } + BlackBoxFunc::BigIntToLeBytes => { + let const_inputs = vecmap(inputs, |i| { + let var = i.into_var()?; + match self.vars[&var].as_constant() { + Some(const_var) => Ok(const_var), + None => Err(RuntimeError::InternalError(InternalError::NotAConstant { + name: "big integer".to_string(), + call_stack: self.get_call_stack(), + })), + } + }); + inputs = Vec::new(); + let mut field_inputs = Vec::new(); + for i in const_inputs { + field_inputs.push(i?); + } + let modulus = self.big_int_ctx.modulus(field_inputs[0]); + let bytes_len = ((modulus - BigUint::from(1_u32)).bits() - 1) / 8 + 1; + output_count = bytes_len as usize; + (field_inputs, vec![FieldElement::from(bytes_len as u128)]) + } + BlackBoxFunc::BigIntFromLeBytes => { + let invalid_input = "ICE - bigint operation requires 2 inputs"; + assert_eq!(inputs.len(), 2, "{invalid_input}"); + let mut modulus = Vec::new(); + match inputs.pop().expect(invalid_input) { + AcirValue::Array(values) => { + for value in values { + modulus.push(self.vars[&value.into_var()?].as_constant().ok_or( + RuntimeError::InternalError(InternalError::NotAConstant { + name: "big integer".to_string(), + call_stack: self.get_call_stack(), + }), + )?); + } + } + _ => { + return Err(RuntimeError::InternalError(InternalError::MissingArg { + name: "big_int_from_le_bytes".to_owned(), + arg: "modulus".to_owned(), + call_stack: self.get_call_stack(), + })); + } + } + let big_modulus = BigUint::from_bytes_le(&vecmap(&modulus, |b| b.to_u128() as u8)); + output_count = 0; + + let modulus_id = self.big_int_ctx.get_or_insert_modulus(big_modulus); + let result_id = + self.big_int_ctx.new_big_int(FieldElement::from(modulus_id as u128)); + (modulus, vec![result_id.bigint_id(), result_id.modulus_id()]) } - _ => vec![], + _ => (vec![], vec![]), }; // Convert `AcirVar` to `FunctionInput` let inputs = self.prepare_inputs_for_black_box_func_call(inputs)?; // Call Black box with `FunctionInput` - let outputs = self.acir_ir.call_black_box(name, &inputs, constants, output_count)?; + let mut results = vecmap(&constant_outputs, |c| self.add_constant(*c)); + let outputs = self.acir_ir.call_black_box( + name, + &inputs, + constant_inputs, + constant_outputs, + output_count, + )?; // Convert `Witness` values which are now constrained to be the output of the // black box function call into `AcirVar`s. // // We do not apply range information on the output of the black box function. // See issue #1439 - Ok(vecmap(&outputs, |witness_index| self.add_data(AcirVarData::Witness(*witness_index)))) + results.extend(vecmap(&outputs, |witness_index| { + self.add_data(AcirVarData::Witness(*witness_index)) + })); + Ok(results) } /// Black box function calls expect their inputs to be in a specific data structure (FunctionInput). diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/big_int.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/big_int.rs new file mode 100644 index 00000000000..c21188a8dbc --- /dev/null +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/big_int.rs @@ -0,0 +1,57 @@ +use acvm::FieldElement; +use num_bigint::BigUint; + +/// Represents a bigint value in the form (id, modulus) where +/// id is the identifier of the big integer number, and +/// modulus is the identifier of the big integer size +#[derive(Default, Clone, Copy, Debug)] +pub(crate) struct BigIntId { + pub(crate) bigint_id: u32, + pub(crate) modulus_id: u32, +} + +impl BigIntId { + pub(crate) fn bigint_id(&self) -> FieldElement { + FieldElement::from(self.bigint_id as u128) + } + + pub(crate) fn modulus_id(&self) -> FieldElement { + FieldElement::from(self.modulus_id as u128) + } +} + +/// BigIntContext is used to generate identifiers for big integers and their modulus +#[derive(Default, Debug)] +pub(crate) struct BigIntContext { + modulus: Vec, + big_integers: Vec, +} + +impl BigIntContext { + /// Creates a new BigIntId for the given modulus identifier and returns it. + pub(crate) fn new_big_int(&mut self, modulus_id: FieldElement) -> BigIntId { + let id = self.big_integers.len() as u32; + let result = BigIntId { bigint_id: id, modulus_id: modulus_id.to_u128() as u32 }; + self.big_integers.push(result); + result + } + + /// Returns the modulus corresponding to the given modulus index + pub(crate) fn modulus(&self, idx: FieldElement) -> BigUint { + self.modulus[idx.to_u128() as usize].clone() + } + + /// Returns the BigIntId corresponding to the given identifier + pub(crate) fn get(&self, id: FieldElement) -> BigIntId { + self.big_integers[id.to_u128() as usize] + } + + /// Adds a modulus to the context (if it is not already present) + pub(crate) fn get_or_insert_modulus(&mut self, modulus: BigUint) -> u32 { + if let Some(pos) = self.modulus.iter().position(|x| x == &modulus) { + return pos as u32; + } + self.modulus.push(modulus); + (self.modulus.len() - 1) as u32 + } +} diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs index 4572cf1dd08..ac0981acfda 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs @@ -138,7 +138,8 @@ impl GeneratedAcir { &mut self, func_name: BlackBoxFunc, inputs: &[Vec], - constants: Vec, + constant_inputs: Vec, + constant_outputs: Vec, output_count: usize, ) -> Result, InternalError> { let input_count = inputs.iter().fold(0usize, |sum, val| sum + val.len()); @@ -176,12 +177,12 @@ impl GeneratedAcir { BlackBoxFunc::PedersenCommitment => BlackBoxFuncCall::PedersenCommitment { inputs: inputs[0].clone(), outputs: (outputs[0], outputs[1]), - domain_separator: constants[0].to_u128() as u32, + domain_separator: constant_inputs[0].to_u128() as u32, }, BlackBoxFunc::PedersenHash => BlackBoxFuncCall::PedersenHash { inputs: inputs[0].clone(), output: outputs[0], - domain_separator: constants[0].to_u128() as u32, + domain_separator: constant_inputs[0].to_u128() as u32, }, BlackBoxFunc::EcdsaSecp256k1 => { BlackBoxFuncCall::EcdsaSecp256k1 { @@ -252,33 +253,34 @@ impl GeneratedAcir { key_hash: inputs[3][0], }, BlackBoxFunc::BigIntAdd => BlackBoxFuncCall::BigIntAdd { - lhs: constants[0].to_u128() as u32, - rhs: constants[1].to_u128() as u32, - output: constants[2].to_u128() as u32, + lhs: constant_inputs[0].to_u128() as u32, + rhs: constant_inputs[1].to_u128() as u32, + output: constant_outputs[0].to_u128() as u32, }, BlackBoxFunc::BigIntNeg => BlackBoxFuncCall::BigIntNeg { - lhs: constants[0].to_u128() as u32, - rhs: constants[1].to_u128() as u32, - output: constants[2].to_u128() as u32, + lhs: constant_inputs[0].to_u128() as u32, + rhs: constant_inputs[1].to_u128() as u32, + output: constant_outputs[0].to_u128() as u32, }, BlackBoxFunc::BigIntMul => BlackBoxFuncCall::BigIntMul { - lhs: constants[0].to_u128() as u32, - rhs: constants[1].to_u128() as u32, - output: constants[2].to_u128() as u32, + lhs: constant_inputs[0].to_u128() as u32, + rhs: constant_inputs[1].to_u128() as u32, + output: constant_outputs[0].to_u128() as u32, }, BlackBoxFunc::BigIntDiv => BlackBoxFuncCall::BigIntDiv { - lhs: constants[0].to_u128() as u32, - rhs: constants[1].to_u128() as u32, - output: constants[2].to_u128() as u32, + lhs: constant_inputs[0].to_u128() as u32, + rhs: constant_inputs[1].to_u128() as u32, + output: constant_outputs[0].to_u128() as u32, }, BlackBoxFunc::BigIntFromLeBytes => BlackBoxFuncCall::BigIntFromLeBytes { inputs: inputs[0].clone(), - modulus: vecmap(constants, |c| c.to_u128() as u8), - output: todo!(), + modulus: vecmap(constant_inputs, |c| c.to_u128() as u8), + output: constant_outputs[0].to_u128() as u32, + }, + BlackBoxFunc::BigIntToLeBytes => BlackBoxFuncCall::BigIntToLeBytes { + input: constant_inputs[0].to_u128() as u32, + outputs, }, - BlackBoxFunc::BigIntToLeBytes => { - BlackBoxFuncCall::BigIntToLeBytes { input: constants[0].to_u128() as u32, outputs } - } }; self.push_opcode(AcirOpcode::BlackBoxFuncCall(black_box_func_call)); @@ -636,16 +638,15 @@ fn black_box_func_expected_input_size(name: BlackBoxFunc) -> Option { // Doubling over the embedded curve: input is (x,y) coordinate of the point. BlackBoxFunc::EmbeddedCurveDouble => Some(2), - // Big integer operations take in 2 inputs + // Big integer operations take in 0 inputs. They use constants for their inputs. BlackBoxFunc::BigIntAdd | BlackBoxFunc::BigIntNeg | BlackBoxFunc::BigIntMul - | BlackBoxFunc::BigIntDiv => Some(2), + | BlackBoxFunc::BigIntDiv + | BlackBoxFunc::BigIntToLeBytes => Some(0), // FromLeBytes takes a variable array of bytes as input BlackBoxFunc::BigIntFromLeBytes => None, - // ToLeBytes takes a single big integer as input - BlackBoxFunc::BigIntToLeBytes => Some(1), } } @@ -691,7 +692,7 @@ fn black_box_expected_output_size(name: BlackBoxFunc) -> Option { | BlackBoxFunc::BigIntNeg | BlackBoxFunc::BigIntMul | BlackBoxFunc::BigIntDiv - | BlackBoxFunc::BigIntFromLeBytes => Some(1), + | BlackBoxFunc::BigIntFromLeBytes => Some(0), // ToLeBytes returns a variable array of bytes BlackBoxFunc::BigIntToLeBytes => None, @@ -752,5 +753,5 @@ fn intrinsics_check_outputs(name: BlackBoxFunc, output_count: usize) { None => return, }; - assert_eq!(expected_num_outputs,output_count,"Tried to call black box function {name} with {output_count} inputs, but this function's definition requires {expected_num_outputs} inputs"); + assert_eq!(expected_num_outputs,output_count,"Tried to call black box function {name} with {output_count} outputs, but this function's definition requires {expected_num_outputs} outputs"); } diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/mod.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/mod.rs index d832b8d0fbb..120c5bf25df 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/mod.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/mod.rs @@ -1541,7 +1541,7 @@ impl Context { let vars = self.acir_context.black_box_function(black_box, inputs, output_count)?; - Ok(Self::convert_vars_to_values(vars, dfg, result_ids)) + Ok(self.convert_vars_to_values(vars, dfg, result_ids)) } Intrinsic::ApplyRangeConstraint => { unreachable!("ICE: `Intrinsic::ApplyRangeConstraint` calls should be transformed into an `Instruction::RangeCheck`"); @@ -1588,7 +1588,7 @@ impl Context { .sort(input_vars, bit_size, self.current_side_effects_enabled_var) .expect("Could not sort"); - Ok(Self::convert_vars_to_values(out_vars, dfg, result_ids)) + Ok(self.convert_vars_to_values(out_vars, dfg, result_ids)) } Intrinsic::ArrayLen => { let len = match self.convert_value(arguments[0], dfg) { @@ -2101,16 +2101,35 @@ impl Context { /// Convert a Vec into a Vec using the given result ids. /// If the type of a result id is an array, several acir vars are collected into /// a single AcirValue::Array of the same length. + /// If the type of a result id is a slice, the slice length must precede it and we can + /// convert to an AcirValue::Array when the length is known (constant). fn convert_vars_to_values( + &self, vars: Vec, dfg: &DataFlowGraph, result_ids: &[ValueId], ) -> Vec { let mut vars = vars.into_iter(); - vecmap(result_ids, |result| { + let mut values: Vec = Vec::new(); + for result in result_ids { let result_type = dfg.type_of_value(*result); - Self::convert_var_type_to_values(&result_type, &mut vars) - }) + if let Type::Slice(elements_type) = result_type { + let error = "ICE - cannot get slice length when converting slice to AcirValue"; + let len = values.last().expect(error).borrow_var().expect(error); + let len = self.acir_context.constant(len).to_u128(); + let mut element_values = im::Vector::new(); + for _ in 0..len { + for element_type in elements_type.iter() { + let element = Self::convert_var_type_to_values(element_type, &mut vars); + element_values.push_back(element); + } + } + values.push(AcirValue::Array(element_values)); + } else { + values.push(Self::convert_var_type_to_values(&result_type, &mut vars)); + } + } + values } /// Recursive helper for convert_vars_to_values. diff --git a/noir_stdlib/src/bigint.nr b/noir_stdlib/src/bigint.nr new file mode 100644 index 00000000000..f3ecfba8343 --- /dev/null +++ b/noir_stdlib/src/bigint.nr @@ -0,0 +1,54 @@ + +use crate::ops::{Add, Sub, Mul, Div, Rem,}; + +struct BigInt { + pointer: u32, + modulus: u32, +} + +impl BigInt { + #[builtin(bigint_add)] + pub fn bigint_add(self, other: BigInt) -> BigInt { + } + #[builtin(bigint_neg)] + pub fn bigint_neg(self, other: BigInt) -> BigInt { + } + #[builtin(bigint_mul)] + pub fn bigint_mul(self, other: BigInt) -> BigInt { + } + #[builtin(bigint_div)] + pub fn bigint_div(self, other: BigInt) -> BigInt { + } + #[builtin(bigint_from_le_bytes)] + pub fn from_le_bytes(bytes: [u8], modulus: [u8]) -> BigInt {} + #[builtin(bigint_to_le_bytes)] + pub fn to_le_bytes(self) -> [u8] {} +} + +impl Add for BigInt { + fn add(self: Self, other: BigInt) -> BigInt { + self.bigint_add(other) + } +} +impl Sub for BigInt { + fn sub(self: Self, other: BigInt) -> BigInt { + self.bigint_neg(other) + } +} +impl Mul for BigInt { + fn mul(self: Self, other: BigInt) -> BigInt { + self.bigint_mul(other) + } +} +impl Div for BigInt { + fn div(self: Self, other: BigInt) -> BigInt { + self.bigint_div(other) + } +} +impl Rem for BigInt { + fn rem(self: Self, other: BigInt) -> BigInt { + let quotient = self.bigint_div(other); + self.bigint_neg(quotient.bigint_mul(other)) + } +} + diff --git a/noir_stdlib/src/lib.nr b/noir_stdlib/src/lib.nr index 23a7c71ff45..c7e808c1029 100644 --- a/noir_stdlib/src/lib.nr +++ b/noir_stdlib/src/lib.nr @@ -24,6 +24,7 @@ mod ops; mod default; mod prelude; mod uint128; +mod bigint; // Oracle calls are required to be wrapped in an unconstrained function // Thus, the only argument to the `println` oracle is expected to always be an ident From 9debf5c0d16caac658e851dc024e92f7dd72adcb Mon Sep 17 00:00:00 2001 From: guipublic <47281315+guipublic@users.noreply.github.com> Date: Thu, 25 Jan 2024 14:09:05 +0100 Subject: [PATCH 56/67] feat: Implement Embedded EC add and double opcodes (#3982) This PR resolves the following points from the issue https://github.com/noir-lang/noir/issues/3983: - Add ACVM solvers for ECADD and ECDOUBLE - Generate circuits for ECADD and ECDOUBLE in BB/dsl - Add unit test in BB/DSL for these new opcodes - Add integration test in Noir demonstrating the use of the opcodes --- .../acir/src/circuit/black_box_functions.rs | 8 ++--- .../src/pwg/blackbox/fixed_base_scalar_mul.rs | 31 +++++++++++++++++++ acvm-repo/acvm/src/pwg/blackbox/mod.rs | 17 +++++++--- .../src/fixed_base_scalar_mul.rs | 20 ++++++++++++ acvm-repo/bn254_blackbox_solver/src/lib.rs | 18 +++++------ noir_stdlib/src/scalar_mul.nr | 12 +++++++ .../execution_success/scalar_mul/src/main.nr | 14 +++++++++ 7 files changed, 103 insertions(+), 17 deletions(-) diff --git a/acvm-repo/acir/src/circuit/black_box_functions.rs b/acvm-repo/acir/src/circuit/black_box_functions.rs index 41b8923a8c9..83c1a27bb88 100644 --- a/acvm-repo/acir/src/circuit/black_box_functions.rs +++ b/acvm-repo/acir/src/circuit/black_box_functions.rs @@ -80,8 +80,8 @@ impl BlackBoxFunc { BlackBoxFunc::PedersenHash => "pedersen_hash", BlackBoxFunc::EcdsaSecp256k1 => "ecdsa_secp256k1", BlackBoxFunc::FixedBaseScalarMul => "fixed_base_scalar_mul", - BlackBoxFunc::EmbeddedCurveAdd => "ec_add", - BlackBoxFunc::EmbeddedCurveDouble => "ec_double", + BlackBoxFunc::EmbeddedCurveAdd => "embedded_curve_add", + BlackBoxFunc::EmbeddedCurveDouble => "embedded_curve_double", BlackBoxFunc::AND => "and", BlackBoxFunc::XOR => "xor", BlackBoxFunc::RANGE => "range", @@ -109,8 +109,8 @@ impl BlackBoxFunc { "ecdsa_secp256k1" => Some(BlackBoxFunc::EcdsaSecp256k1), "ecdsa_secp256r1" => Some(BlackBoxFunc::EcdsaSecp256r1), "fixed_base_scalar_mul" => Some(BlackBoxFunc::FixedBaseScalarMul), - "ec_add" => Some(BlackBoxFunc::EmbeddedCurveAdd), - "ec_double" => Some(BlackBoxFunc::EmbeddedCurveDouble), + "embedded_curve_add" => Some(BlackBoxFunc::EmbeddedCurveAdd), + "embedded_curve_double" => Some(BlackBoxFunc::EmbeddedCurveDouble), "and" => Some(BlackBoxFunc::AND), "xor" => Some(BlackBoxFunc::XOR), "range" => Some(BlackBoxFunc::RANGE), diff --git a/acvm-repo/acvm/src/pwg/blackbox/fixed_base_scalar_mul.rs b/acvm-repo/acvm/src/pwg/blackbox/fixed_base_scalar_mul.rs index 582ed56584b..2bf16419232 100644 --- a/acvm-repo/acvm/src/pwg/blackbox/fixed_base_scalar_mul.rs +++ b/acvm-repo/acvm/src/pwg/blackbox/fixed_base_scalar_mul.rs @@ -23,3 +23,34 @@ pub(super) fn fixed_base_scalar_mul( Ok(()) } + +pub(super) fn embedded_curve_double( + backend: &impl BlackBoxFunctionSolver, + initial_witness: &mut WitnessMap, + input_x: FunctionInput, + input_y: FunctionInput, + outputs: (Witness, Witness), +) -> Result<(), OpcodeResolutionError> { + embedded_curve_add(backend, initial_witness, input_x, input_y, input_x, input_y, outputs) +} + +pub(super) fn embedded_curve_add( + backend: &impl BlackBoxFunctionSolver, + initial_witness: &mut WitnessMap, + input1_x: FunctionInput, + input1_y: FunctionInput, + input2_x: FunctionInput, + input2_y: FunctionInput, + outputs: (Witness, Witness), +) -> Result<(), OpcodeResolutionError> { + let input1_x = witness_to_value(initial_witness, input1_x.witness)?; + let input1_y = witness_to_value(initial_witness, input1_y.witness)?; + let input2_x = witness_to_value(initial_witness, input2_x.witness)?; + let input2_y = witness_to_value(initial_witness, input2_y.witness)?; + let (res_x, res_y) = backend.ec_add(input1_x, input1_y, input2_x, input2_y)?; + + insert_value(&outputs.0, res_x, initial_witness)?; + insert_value(&outputs.1, res_y, initial_witness)?; + + Ok(()) +} diff --git a/acvm-repo/acvm/src/pwg/blackbox/mod.rs b/acvm-repo/acvm/src/pwg/blackbox/mod.rs index a56b24b86f3..99eff68dd23 100644 --- a/acvm-repo/acvm/src/pwg/blackbox/mod.rs +++ b/acvm-repo/acvm/src/pwg/blackbox/mod.rs @@ -18,6 +18,7 @@ mod range; mod signature; use fixed_base_scalar_mul::fixed_base_scalar_mul; +use fixed_base_scalar_mul::{embedded_curve_add, embedded_curve_double}; // Hash functions should eventually be exposed for external consumers. use hash::solve_generic_256_hash_opcode; use logic::{and, xor}; @@ -177,11 +178,19 @@ pub(crate) fn solve( BlackBoxFuncCall::FixedBaseScalarMul { low, high, outputs } => { fixed_base_scalar_mul(backend, initial_witness, *low, *high, *outputs) } - BlackBoxFuncCall::EmbeddedCurveAdd { .. } => { - todo!(); + BlackBoxFuncCall::EmbeddedCurveAdd { input1_x, input1_y, input2_x, input2_y, outputs } => { + embedded_curve_add( + backend, + initial_witness, + *input1_x, + *input1_y, + *input2_x, + *input2_y, + *outputs, + ) } - BlackBoxFuncCall::EmbeddedCurveDouble { .. } => { - todo!(); + BlackBoxFuncCall::EmbeddedCurveDouble { input_x, input_y, outputs } => { + embedded_curve_double(backend, initial_witness, *input_x, *input_y, *outputs) } // Recursive aggregation will be entirely handled by the backend and is not solved by the ACVM BlackBoxFuncCall::RecursiveAggregation { .. } => Ok(()), diff --git a/acvm-repo/bn254_blackbox_solver/src/fixed_base_scalar_mul.rs b/acvm-repo/bn254_blackbox_solver/src/fixed_base_scalar_mul.rs index 7f004de0fe9..5e68c7d4030 100644 --- a/acvm-repo/bn254_blackbox_solver/src/fixed_base_scalar_mul.rs +++ b/acvm-repo/bn254_blackbox_solver/src/fixed_base_scalar_mul.rs @@ -47,6 +47,26 @@ pub fn fixed_base_scalar_mul( } } +pub fn embedded_curve_add( + input1_x: FieldElement, + input1_y: FieldElement, + input2_x: FieldElement, + input2_y: FieldElement, +) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { + let mut point1 = grumpkin::SWAffine::new(input1_x.into_repr(), input1_y.into_repr()); + let point2 = grumpkin::SWAffine::new(input2_x.into_repr(), input2_y.into_repr()); + let res = point1 + point2; + point1 = res.into(); + if let Some((res_x, res_y)) = point1.xy() { + Ok((FieldElement::from_repr(*res_x), FieldElement::from_repr(*res_y))) + } else { + Err(BlackBoxResolutionError::Failed( + BlackBoxFunc::EmbeddedCurveAdd, + "Point is not on curve".to_string(), + )) + } +} + #[cfg(test)] mod grumpkin_fixed_base_scalar_mul { use ark_ff::BigInteger; diff --git a/acvm-repo/bn254_blackbox_solver/src/lib.rs b/acvm-repo/bn254_blackbox_solver/src/lib.rs index 92c45e93dea..f4b866b5882 100644 --- a/acvm-repo/bn254_blackbox_solver/src/lib.rs +++ b/acvm-repo/bn254_blackbox_solver/src/lib.rs @@ -8,7 +8,7 @@ use acvm_blackbox_solver::{BlackBoxFunctionSolver, BlackBoxResolutionError}; mod fixed_base_scalar_mul; mod wasm; -pub use fixed_base_scalar_mul::fixed_base_scalar_mul; +pub use fixed_base_scalar_mul::{embedded_curve_add, fixed_base_scalar_mul}; use wasm::Barretenberg; use self::wasm::{Pedersen, SchnorrSig}; @@ -90,19 +90,19 @@ impl BlackBoxFunctionSolver for Bn254BlackBoxSolver { fn ec_add( &self, - _input1_x: &FieldElement, - _input1_y: &FieldElement, - _input2_x: &FieldElement, - _input2_y: &FieldElement, + input1_x: &FieldElement, + input1_y: &FieldElement, + input2_x: &FieldElement, + input2_y: &FieldElement, ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { - todo!(); + embedded_curve_add(*input1_x, *input1_y, *input2_x, *input2_y) } fn ec_double( &self, - _input_x: &FieldElement, - _input_y: &FieldElement, + input_x: &FieldElement, + input_y: &FieldElement, ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { - todo!(); + embedded_curve_add(*input_x, *input_y, *input_x, *input_y) } } diff --git a/noir_stdlib/src/scalar_mul.nr b/noir_stdlib/src/scalar_mul.nr index 37cd935cdb9..e1d0ff4d453 100644 --- a/noir_stdlib/src/scalar_mul.nr +++ b/noir_stdlib/src/scalar_mul.nr @@ -1,3 +1,8 @@ +struct EmbeddedCurvePoint { + x: Field, + y: Field, +} + // Computes a fixed base scalar multiplication over the embedded curve. // For bn254, We have Grumpkin and Baby JubJub. // For bls12-381, we have JubJub and Bandersnatch. @@ -6,3 +11,10 @@ // underlying proof system. #[foreign(fixed_base_scalar_mul)] pub fn fixed_base_embedded_curve(_low: Field, _high: Field) -> [Field; 2] {} + + +#[foreign(embedded_curve_add)] +pub fn embedded_curve_add(_point1: EmbeddedCurvePoint, _point2: EmbeddedCurvePoint) -> EmbeddedCurvePoint {} + +#[foreign(embedded_curve_double)] +pub fn embedded_curve_double(_point: EmbeddedCurvePoint) -> EmbeddedCurvePoint {} diff --git a/test_programs/execution_success/scalar_mul/src/main.nr b/test_programs/execution_success/scalar_mul/src/main.nr index 2ddf22cf71e..a88754da5d3 100644 --- a/test_programs/execution_success/scalar_mul/src/main.nr +++ b/test_programs/execution_success/scalar_mul/src/main.nr @@ -20,4 +20,18 @@ fn main( let res = std::scalar_mul::fixed_base_embedded_curve(priv_key, 0); assert(res[0] == pub_x); assert(res[1] == pub_y); + let pub_point= std::scalar_mul::EmbeddedCurvePoint { + x: pub_x, + y: pub_y + }; + let g1_y = 17631683881184975370165255887551781615748388533673675138860; + let g1= std::scalar_mul::EmbeddedCurvePoint { + x: 1, + y: g1_y + }; + + let res = std::scalar_mul::embedded_curve_double(pub_point); + let double = std::scalar_mul::embedded_curve_add(g1,g1 ); + + assert(double.x == res.x); } From af203d606b41c5fa8efaa915f75c9238639c9b21 Mon Sep 17 00:00:00 2001 From: guipublic <47281315+guipublic@users.noreply.github.com> Date: Thu, 25 Jan 2024 18:07:20 +0100 Subject: [PATCH 57/67] feat!: remove ec_double opcode (#4210) Remove the ec_double ACIR opcode since we can use EC addition with itself to double a point. --- acvm-repo/acir/codegen/acir.cpp | 112 +----------------- .../acir/src/circuit/black_box_functions.rs | 4 - .../opcodes/black_box_function_call.rs | 12 +- .../acvm/src/compiler/transformers/mod.rs | 4 - .../src/pwg/blackbox/fixed_base_scalar_mul.rs | 10 -- acvm-repo/acvm/src/pwg/blackbox/mod.rs | 6 +- .../src/curve_specific_solver.rs | 12 -- acvm-repo/bn254_blackbox_solver/src/lib.rs | 8 -- acvm-repo/brillig/src/black_box.rs | 7 -- acvm-repo/brillig_vm/src/black_box.rs | 8 -- acvm-repo/brillig_vm/src/lib.rs | 7 -- .../brillig/brillig_gen/brillig_black_box.rs | 17 --- .../noirc_evaluator/src/brillig/brillig_ir.rs | 8 -- .../src/brillig/brillig_ir/debug_show.rs | 9 -- .../ssa/acir_gen/acir_ir/generated_acir.rs | 12 +- .../src/ssa/ir/instruction/call.rs | 3 +- noir_stdlib/src/scalar_mul.nr | 5 +- tooling/lsp/src/solver.rs | 8 -- 18 files changed, 9 insertions(+), 243 deletions(-) diff --git a/acvm-repo/acir/codegen/acir.cpp b/acvm-repo/acir/codegen/acir.cpp index 07bcd5f9f97..554e4909574 100644 --- a/acvm-repo/acir/codegen/acir.cpp +++ b/acvm-repo/acir/codegen/acir.cpp @@ -157,16 +157,6 @@ namespace Circuit { static EmbeddedCurveAdd bincodeDeserialize(std::vector); }; - struct EmbeddedCurveDouble { - Circuit::FunctionInput input_x; - Circuit::FunctionInput input_y; - std::array outputs; - - friend bool operator==(const EmbeddedCurveDouble&, const EmbeddedCurveDouble&); - std::vector bincodeSerialize() const; - static EmbeddedCurveDouble bincodeDeserialize(std::vector); - }; - struct Keccak256 { std::vector inputs; std::vector outputs; @@ -265,7 +255,7 @@ namespace Circuit { static BigIntToLeBytes bincodeDeserialize(std::vector); }; - std::variant value; + std::variant value; friend bool operator==(const BlackBoxFuncCall&, const BlackBoxFuncCall&); std::vector bincodeSerialize() const; @@ -592,16 +582,6 @@ namespace Circuit { static EmbeddedCurveAdd bincodeDeserialize(std::vector); }; - struct EmbeddedCurveDouble { - Circuit::RegisterIndex input1_x; - Circuit::RegisterIndex input1_y; - Circuit::HeapArray result; - - friend bool operator==(const EmbeddedCurveDouble&, const EmbeddedCurveDouble&); - std::vector bincodeSerialize() const; - static EmbeddedCurveDouble bincodeDeserialize(std::vector); - }; - struct BigIntAdd { Circuit::RegisterIndex lhs; Circuit::RegisterIndex rhs; @@ -661,7 +641,7 @@ namespace Circuit { static BigIntToLeBytes bincodeDeserialize(std::vector); }; - std::variant value; + std::variant value; friend bool operator==(const BlackBoxOp&, const BlackBoxOp&); std::vector bincodeSerialize() const; @@ -2370,50 +2350,6 @@ Circuit::BlackBoxFuncCall::EmbeddedCurveAdd serde::Deserializable BlackBoxFuncCall::EmbeddedCurveDouble::bincodeSerialize() const { - auto serializer = serde::BincodeSerializer(); - serde::Serializable::serialize(*this, serializer); - return std::move(serializer).bytes(); - } - - inline BlackBoxFuncCall::EmbeddedCurveDouble BlackBoxFuncCall::EmbeddedCurveDouble::bincodeDeserialize(std::vector input) { - auto deserializer = serde::BincodeDeserializer(input); - auto value = serde::Deserializable::deserialize(deserializer); - if (deserializer.get_buffer_offset() < input.size()) { - throw serde::deserialization_error("Some input bytes were not read"); - } - return value; - } - -} // end of namespace Circuit - -template <> -template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::EmbeddedCurveDouble &obj, Serializer &serializer) { - serde::Serializable::serialize(obj.input_x, serializer); - serde::Serializable::serialize(obj.input_y, serializer); - serde::Serializable::serialize(obj.outputs, serializer); -} - -template <> -template -Circuit::BlackBoxFuncCall::EmbeddedCurveDouble serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::EmbeddedCurveDouble obj; - obj.input_x = serde::Deserializable::deserialize(deserializer); - obj.input_y = serde::Deserializable::deserialize(deserializer); - obj.outputs = serde::Deserializable::deserialize(deserializer); - return obj; -} - namespace Circuit { inline bool operator==(const BlackBoxFuncCall::Keccak256 &lhs, const BlackBoxFuncCall::Keccak256 &rhs) { @@ -3427,50 +3363,6 @@ Circuit::BlackBoxOp::EmbeddedCurveAdd serde::Deserializable BlackBoxOp::EmbeddedCurveDouble::bincodeSerialize() const { - auto serializer = serde::BincodeSerializer(); - serde::Serializable::serialize(*this, serializer); - return std::move(serializer).bytes(); - } - - inline BlackBoxOp::EmbeddedCurveDouble BlackBoxOp::EmbeddedCurveDouble::bincodeDeserialize(std::vector input) { - auto deserializer = serde::BincodeDeserializer(input); - auto value = serde::Deserializable::deserialize(deserializer); - if (deserializer.get_buffer_offset() < input.size()) { - throw serde::deserialization_error("Some input bytes were not read"); - } - return value; - } - -} // end of namespace Circuit - -template <> -template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::EmbeddedCurveDouble &obj, Serializer &serializer) { - serde::Serializable::serialize(obj.input1_x, serializer); - serde::Serializable::serialize(obj.input1_y, serializer); - serde::Serializable::serialize(obj.result, serializer); -} - -template <> -template -Circuit::BlackBoxOp::EmbeddedCurveDouble serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::EmbeddedCurveDouble obj; - obj.input1_x = serde::Deserializable::deserialize(deserializer); - obj.input1_y = serde::Deserializable::deserialize(deserializer); - obj.result = serde::Deserializable::deserialize(deserializer); - return obj; -} - namespace Circuit { inline bool operator==(const BlackBoxOp::BigIntAdd &lhs, const BlackBoxOp::BigIntAdd &rhs) { diff --git a/acvm-repo/acir/src/circuit/black_box_functions.rs b/acvm-repo/acir/src/circuit/black_box_functions.rs index 83c1a27bb88..1944771963b 100644 --- a/acvm-repo/acir/src/circuit/black_box_functions.rs +++ b/acvm-repo/acir/src/circuit/black_box_functions.rs @@ -47,8 +47,6 @@ pub enum BlackBoxFunc { RecursiveAggregation, /// Addition over the embedded curve on which [`FieldElement`][acir_field::FieldElement] is defined. EmbeddedCurveAdd, - /// Point doubling over the embedded curve on which [`FieldElement`][acir_field::FieldElement] is defined. - EmbeddedCurveDouble, /// BigInt addition BigIntAdd, /// BigInt subtraction @@ -81,7 +79,6 @@ impl BlackBoxFunc { BlackBoxFunc::EcdsaSecp256k1 => "ecdsa_secp256k1", BlackBoxFunc::FixedBaseScalarMul => "fixed_base_scalar_mul", BlackBoxFunc::EmbeddedCurveAdd => "embedded_curve_add", - BlackBoxFunc::EmbeddedCurveDouble => "embedded_curve_double", BlackBoxFunc::AND => "and", BlackBoxFunc::XOR => "xor", BlackBoxFunc::RANGE => "range", @@ -110,7 +107,6 @@ impl BlackBoxFunc { "ecdsa_secp256r1" => Some(BlackBoxFunc::EcdsaSecp256r1), "fixed_base_scalar_mul" => Some(BlackBoxFunc::FixedBaseScalarMul), "embedded_curve_add" => Some(BlackBoxFunc::EmbeddedCurveAdd), - "embedded_curve_double" => Some(BlackBoxFunc::EmbeddedCurveDouble), "and" => Some(BlackBoxFunc::AND), "xor" => Some(BlackBoxFunc::XOR), "range" => Some(BlackBoxFunc::RANGE), diff --git a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs index 1fdc0265377..760a2fcbd78 100644 --- a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs +++ b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs @@ -86,11 +86,6 @@ pub enum BlackBoxFuncCall { input2_y: FunctionInput, outputs: (Witness, Witness), }, - EmbeddedCurveDouble { - input_x: FunctionInput, - input_y: FunctionInput, - outputs: (Witness, Witness), - }, Keccak256 { inputs: Vec, outputs: Vec, @@ -167,7 +162,6 @@ impl BlackBoxFuncCall { BlackBoxFuncCall::EcdsaSecp256r1 { .. } => BlackBoxFunc::EcdsaSecp256r1, BlackBoxFuncCall::FixedBaseScalarMul { .. } => BlackBoxFunc::FixedBaseScalarMul, BlackBoxFuncCall::EmbeddedCurveAdd { .. } => BlackBoxFunc::EmbeddedCurveAdd, - BlackBoxFuncCall::EmbeddedCurveDouble { .. } => BlackBoxFunc::EmbeddedCurveDouble, BlackBoxFuncCall::Keccak256 { .. } => BlackBoxFunc::Keccak256, BlackBoxFuncCall::Keccak256VariableLength { .. } => BlackBoxFunc::Keccak256, BlackBoxFuncCall::Keccakf1600 { .. } => BlackBoxFunc::Keccakf1600, @@ -207,9 +201,6 @@ impl BlackBoxFuncCall { BlackBoxFuncCall::EmbeddedCurveAdd { input1_x, input1_y, input2_x, input2_y, .. } => vec![*input1_x, *input1_y, *input2_x, *input2_y], - BlackBoxFuncCall::EmbeddedCurveDouble { input_x, input_y, .. } => { - vec![*input_x, *input_y] - } BlackBoxFuncCall::RANGE { input } => vec![*input], BlackBoxFuncCall::SchnorrVerify { public_key_x, @@ -300,8 +291,7 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::EcdsaSecp256r1 { output, .. } => vec![*output], BlackBoxFuncCall::FixedBaseScalarMul { outputs, .. } | BlackBoxFuncCall::PedersenCommitment { outputs, .. } - | BlackBoxFuncCall::EmbeddedCurveAdd { outputs, .. } - | BlackBoxFuncCall::EmbeddedCurveDouble { outputs, .. } => vec![outputs.0, outputs.1], + | BlackBoxFuncCall::EmbeddedCurveAdd { outputs, .. } => vec![outputs.0, outputs.1], BlackBoxFuncCall::RANGE { .. } | BlackBoxFuncCall::RecursiveAggregation { .. } | BlackBoxFuncCall::BigIntFromLeBytes { .. } diff --git a/acvm-repo/acvm/src/compiler/transformers/mod.rs b/acvm-repo/acvm/src/compiler/transformers/mod.rs index effe1128d36..01badbdf914 100644 --- a/acvm-repo/acvm/src/compiler/transformers/mod.rs +++ b/acvm-repo/acvm/src/compiler/transformers/mod.rs @@ -134,10 +134,6 @@ pub(super) fn transform_internal( | acir::circuit::opcodes::BlackBoxFuncCall::EmbeddedCurveAdd { outputs, .. } - | acir::circuit::opcodes::BlackBoxFuncCall::EmbeddedCurveDouble { - outputs, - .. - } | acir::circuit::opcodes::BlackBoxFuncCall::PedersenCommitment { outputs, .. diff --git a/acvm-repo/acvm/src/pwg/blackbox/fixed_base_scalar_mul.rs b/acvm-repo/acvm/src/pwg/blackbox/fixed_base_scalar_mul.rs index 2bf16419232..c5bfd1d5646 100644 --- a/acvm-repo/acvm/src/pwg/blackbox/fixed_base_scalar_mul.rs +++ b/acvm-repo/acvm/src/pwg/blackbox/fixed_base_scalar_mul.rs @@ -24,16 +24,6 @@ pub(super) fn fixed_base_scalar_mul( Ok(()) } -pub(super) fn embedded_curve_double( - backend: &impl BlackBoxFunctionSolver, - initial_witness: &mut WitnessMap, - input_x: FunctionInput, - input_y: FunctionInput, - outputs: (Witness, Witness), -) -> Result<(), OpcodeResolutionError> { - embedded_curve_add(backend, initial_witness, input_x, input_y, input_x, input_y, outputs) -} - pub(super) fn embedded_curve_add( backend: &impl BlackBoxFunctionSolver, initial_witness: &mut WitnessMap, diff --git a/acvm-repo/acvm/src/pwg/blackbox/mod.rs b/acvm-repo/acvm/src/pwg/blackbox/mod.rs index 99eff68dd23..34fd442f1eb 100644 --- a/acvm-repo/acvm/src/pwg/blackbox/mod.rs +++ b/acvm-repo/acvm/src/pwg/blackbox/mod.rs @@ -17,8 +17,7 @@ mod pedersen; mod range; mod signature; -use fixed_base_scalar_mul::fixed_base_scalar_mul; -use fixed_base_scalar_mul::{embedded_curve_add, embedded_curve_double}; +use fixed_base_scalar_mul::{embedded_curve_add, fixed_base_scalar_mul}; // Hash functions should eventually be exposed for external consumers. use hash::solve_generic_256_hash_opcode; use logic::{and, xor}; @@ -189,9 +188,6 @@ pub(crate) fn solve( *outputs, ) } - BlackBoxFuncCall::EmbeddedCurveDouble { input_x, input_y, outputs } => { - embedded_curve_double(backend, initial_witness, *input_x, *input_y, *outputs) - } // Recursive aggregation will be entirely handled by the backend and is not solved by the ACVM BlackBoxFuncCall::RecursiveAggregation { .. } => Ok(()), BlackBoxFuncCall::BigIntAdd { .. } => todo!(), diff --git a/acvm-repo/blackbox_solver/src/curve_specific_solver.rs b/acvm-repo/blackbox_solver/src/curve_specific_solver.rs index 82941e91d61..2234710dec0 100644 --- a/acvm-repo/blackbox_solver/src/curve_specific_solver.rs +++ b/acvm-repo/blackbox_solver/src/curve_specific_solver.rs @@ -36,11 +36,6 @@ pub trait BlackBoxFunctionSolver { input2_x: &FieldElement, input2_y: &FieldElement, ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError>; - fn ec_double( - &self, - input_x: &FieldElement, - input_x: &FieldElement, - ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError>; } pub struct StubbedBlackBoxSolver; @@ -94,11 +89,4 @@ impl BlackBoxFunctionSolver for StubbedBlackBoxSolver { ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { Err(Self::fail(BlackBoxFunc::EmbeddedCurveAdd)) } - fn ec_double( - &self, - _input_x: &FieldElement, - _input_y: &FieldElement, - ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { - Err(Self::fail(BlackBoxFunc::EmbeddedCurveDouble)) - } } diff --git a/acvm-repo/bn254_blackbox_solver/src/lib.rs b/acvm-repo/bn254_blackbox_solver/src/lib.rs index f4b866b5882..13aa956f9e1 100644 --- a/acvm-repo/bn254_blackbox_solver/src/lib.rs +++ b/acvm-repo/bn254_blackbox_solver/src/lib.rs @@ -97,12 +97,4 @@ impl BlackBoxFunctionSolver for Bn254BlackBoxSolver { ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { embedded_curve_add(*input1_x, *input1_y, *input2_x, *input2_y) } - - fn ec_double( - &self, - input_x: &FieldElement, - input_y: &FieldElement, - ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { - embedded_curve_add(*input_x, *input_y, *input_x, *input_y) - } } diff --git a/acvm-repo/brillig/src/black_box.rs b/acvm-repo/brillig/src/black_box.rs index 5893758ce9e..309c1c741f3 100644 --- a/acvm-repo/brillig/src/black_box.rs +++ b/acvm-repo/brillig/src/black_box.rs @@ -80,13 +80,6 @@ pub enum BlackBoxOp { input2_y: RegisterIndex, result: HeapArray, }, - /// Performs point doubling over the embedded curve. - EmbeddedCurveDouble { - input1_x: RegisterIndex, - input1_y: RegisterIndex, - result: HeapArray, - }, - BigIntAdd { lhs: RegisterIndex, rhs: RegisterIndex, diff --git a/acvm-repo/brillig_vm/src/black_box.rs b/acvm-repo/brillig_vm/src/black_box.rs index edbebb61ece..9a8e851a7af 100644 --- a/acvm-repo/brillig_vm/src/black_box.rs +++ b/acvm-repo/brillig_vm/src/black_box.rs @@ -165,13 +165,6 @@ pub(crate) fn evaluate_black_box( memory.write_slice(registers.get(result.pointer).to_usize(), &[x.into(), y.into()]); Ok(()) } - BlackBoxOp::EmbeddedCurveDouble { input1_x, input1_y, result } => { - let input1_x = registers.get(*input1_x).to_field(); - let input1_y = registers.get(*input1_y).to_field(); - let (x, y) = solver.ec_double(&input1_x, &input1_y)?; - memory.write_slice(registers.get(result.pointer).to_usize(), &[x.into(), y.into()]); - Ok(()) - } BlackBoxOp::PedersenCommitment { inputs, domain_separator, output } => { let inputs: Vec = read_heap_vector(memory, registers, inputs).iter().map(|x| x.to_field()).collect(); @@ -223,7 +216,6 @@ fn black_box_function_from_op(op: &BlackBoxOp) -> BlackBoxFunc { BlackBoxOp::PedersenHash { .. } => BlackBoxFunc::PedersenHash, BlackBoxOp::FixedBaseScalarMul { .. } => BlackBoxFunc::FixedBaseScalarMul, BlackBoxOp::EmbeddedCurveAdd { .. } => BlackBoxFunc::EmbeddedCurveAdd, - BlackBoxOp::EmbeddedCurveDouble { .. } => BlackBoxFunc::EmbeddedCurveDouble, BlackBoxOp::BigIntAdd { .. } => BlackBoxFunc::BigIntAdd, BlackBoxOp::BigIntNeg { .. } => BlackBoxFunc::BigIntNeg, BlackBoxOp::BigIntMul { .. } => BlackBoxFunc::BigIntMul, diff --git a/acvm-repo/brillig_vm/src/lib.rs b/acvm-repo/brillig_vm/src/lib.rs index df4c8135bce..cb957295819 100644 --- a/acvm-repo/brillig_vm/src/lib.rs +++ b/acvm-repo/brillig_vm/src/lib.rs @@ -460,13 +460,6 @@ impl BlackBoxFunctionSolver for DummyBlackBoxSolver { ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { Ok((5_u128.into(), 6_u128.into())) } - fn ec_double( - &self, - _input1_x: &FieldElement, - _input1_y: &FieldElement, - ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { - Ok((7_u128.into(), 8_u128.into())) - } } #[cfg(test)] diff --git a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs index c7b6f39279b..de59fd26873 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs @@ -215,23 +215,6 @@ pub(crate) fn convert_black_box_call( ) } } - BlackBoxFunc::EmbeddedCurveDouble => { - if let ( - [BrilligVariable::Simple(input1_x), BrilligVariable::Simple(input1_y)], - [BrilligVariable::BrilligArray(result_array)], - ) = (function_arguments, function_results) - { - brillig_context.black_box_op_instruction(BlackBoxOp::EmbeddedCurveDouble { - input1_x: *input1_x, - input1_y: *input1_y, - result: result_array.to_heap_array(), - }); - } else { - unreachable!( - "ICE: EmbeddedCurveAdd expects two register arguments and one array result" - ) - } - } BlackBoxFunc::AND => { unreachable!("ICE: `BlackBoxFunc::AND` calls should be transformed into a `BinaryOp`") } diff --git a/compiler/noirc_evaluator/src/brillig/brillig_ir.rs b/compiler/noirc_evaluator/src/brillig/brillig_ir.rs index db3cd501ca0..3e6c3d4d7de 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_ir.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_ir.rs @@ -1096,14 +1096,6 @@ pub(crate) mod tests { ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { panic!("Path not trodden by this test") } - - fn ec_double( - &self, - _input_x: &FieldElement, - _input_y: &FieldElement, - ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> { - panic!("Path not trodden by this test") - } } pub(crate) fn create_context() -> BrilligContext { diff --git a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs index 5709b0a1aa2..0e81e3d07ec 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs @@ -413,15 +413,6 @@ impl DebugShow { result ); } - BlackBoxOp::EmbeddedCurveDouble { input1_x, input1_y, result } => { - debug_println!( - self.enable_debug_trace, - " EMBEDDED_CURVE_DOUBLE ({} {}) -> {}", - input1_x, - input1_y, - result - ); - } BlackBoxOp::PedersenCommitment { inputs, domain_separator, output } => { debug_println!( self.enable_debug_trace, diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs index ac0981acfda..27c5d06cda2 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs @@ -220,11 +220,6 @@ impl GeneratedAcir { input2_y: inputs[3][0], outputs: (outputs[0], outputs[1]), }, - BlackBoxFunc::EmbeddedCurveDouble => BlackBoxFuncCall::EmbeddedCurveDouble { - input_x: inputs[0][0], - input_y: inputs[1][0], - outputs: (outputs[0], outputs[1]), - }, BlackBoxFunc::Keccak256 => { let var_message_size = match inputs.to_vec().pop() { Some(var_message_size) => var_message_size[0], @@ -635,9 +630,6 @@ fn black_box_func_expected_input_size(name: BlackBoxFunc) -> Option { // Addition over the embedded curve: input are coordinates (x1,y1) and (x2,y2) of the Grumpkin points BlackBoxFunc::EmbeddedCurveAdd => Some(4), - // Doubling over the embedded curve: input is (x,y) coordinate of the point. - BlackBoxFunc::EmbeddedCurveDouble => Some(2), - // Big integer operations take in 0 inputs. They use constants for their inputs. BlackBoxFunc::BigIntAdd | BlackBoxFunc::BigIntNeg @@ -683,9 +675,7 @@ fn black_box_expected_output_size(name: BlackBoxFunc) -> Option { // Output of operations over the embedded curve // will be 2 field elements representing the point. - BlackBoxFunc::FixedBaseScalarMul - | BlackBoxFunc::EmbeddedCurveAdd - | BlackBoxFunc::EmbeddedCurveDouble => Some(2), + BlackBoxFunc::FixedBaseScalarMul | BlackBoxFunc::EmbeddedCurveAdd => Some(2), // Big integer operations return a big integer BlackBoxFunc::BigIntAdd diff --git a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs index ff9dc4f345e..1da376e1f2d 100644 --- a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs +++ b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs @@ -429,8 +429,7 @@ fn simplify_black_box_func( | BlackBoxFunc::SchnorrVerify | BlackBoxFunc::PedersenCommitment | BlackBoxFunc::PedersenHash - | BlackBoxFunc::EmbeddedCurveAdd - | BlackBoxFunc::EmbeddedCurveDouble => { + | BlackBoxFunc::EmbeddedCurveAdd => { // Currently unsolvable here as we rely on an implementation in the backend. SimplifyResult::None } diff --git a/noir_stdlib/src/scalar_mul.nr b/noir_stdlib/src/scalar_mul.nr index e1d0ff4d453..2f852628dbb 100644 --- a/noir_stdlib/src/scalar_mul.nr +++ b/noir_stdlib/src/scalar_mul.nr @@ -16,5 +16,6 @@ pub fn fixed_base_embedded_curve(_low: Field, _high: Field) -> [Field; 2] {} #[foreign(embedded_curve_add)] pub fn embedded_curve_add(_point1: EmbeddedCurvePoint, _point2: EmbeddedCurvePoint) -> EmbeddedCurvePoint {} -#[foreign(embedded_curve_double)] -pub fn embedded_curve_double(_point: EmbeddedCurvePoint) -> EmbeddedCurvePoint {} +pub fn embedded_curve_double(point: EmbeddedCurvePoint) -> EmbeddedCurvePoint { + embedded_curve_add(point, point) +} diff --git a/tooling/lsp/src/solver.rs b/tooling/lsp/src/solver.rs index 6217b7ad71f..f001cebaa4d 100644 --- a/tooling/lsp/src/solver.rs +++ b/tooling/lsp/src/solver.rs @@ -49,12 +49,4 @@ impl BlackBoxFunctionSolver for WrapperSolver { ) -> Result<(acvm::FieldElement, acvm::FieldElement), acvm::BlackBoxResolutionError> { self.0.ec_add(input1_x, input1_y, input2_x, input2_y) } - - fn ec_double( - &self, - input_x: &acvm::FieldElement, - input_y: &acvm::FieldElement, - ) -> Result<(acvm::FieldElement, acvm::FieldElement), acvm::BlackBoxResolutionError> { - self.0.ec_double(input_x, input_y) - } } From 435d04193bc0243f19d52dd63c61f3bd955ff437 Mon Sep 17 00:00:00 2001 From: guipublic <47281315+guipublic@users.noreply.github.com> Date: Thu, 25 Jan 2024 19:09:49 +0100 Subject: [PATCH 58/67] feat!: add opcode for poseidon2 permutation (#4214) Related to issue: https://github.com/noir-lang/noir/issues/4037 The PR adds the opcode to ACIR and updates BB and Noir accordingly. Furthermore you can use it via a foreign function in the stdlib. This will generate the proper ACIR opcode but the solver will not be able to solve it and BB will skip it. --- acvm-repo/acir/codegen/acir.cpp | 112 +++++++++++++++++- .../acir/src/circuit/black_box_functions.rs | 4 + .../opcodes/black_box_function_call.rs | 20 +++- .../acvm/src/compiler/transformers/mod.rs | 4 + acvm-repo/acvm/src/pwg/blackbox/mod.rs | 1 + acvm-repo/brillig/src/black_box.rs | 5 + acvm-repo/brillig_vm/src/black_box.rs | 2 + .../brillig/brillig_gen/brillig_black_box.rs | 16 +++ .../src/brillig/brillig_ir/debug_show.rs | 9 ++ .../src/ssa/acir_gen/acir_ir/acir_variable.rs | 26 +++- .../ssa/acir_gen/acir_ir/generated_acir.rs | 9 ++ .../src/ssa/ir/instruction/call.rs | 2 +- noir_stdlib/src/hash.nr | 2 + 13 files changed, 205 insertions(+), 7 deletions(-) diff --git a/acvm-repo/acir/codegen/acir.cpp b/acvm-repo/acir/codegen/acir.cpp index 554e4909574..487bb33a6b2 100644 --- a/acvm-repo/acir/codegen/acir.cpp +++ b/acvm-repo/acir/codegen/acir.cpp @@ -255,7 +255,17 @@ namespace Circuit { static BigIntToLeBytes bincodeDeserialize(std::vector); }; - std::variant value; + struct Poseidon2Permutation { + std::vector inputs; + std::vector outputs; + uint32_t len; + + friend bool operator==(const Poseidon2Permutation&, const Poseidon2Permutation&); + std::vector bincodeSerialize() const; + static Poseidon2Permutation bincodeDeserialize(std::vector); + }; + + std::variant value; friend bool operator==(const BlackBoxFuncCall&, const BlackBoxFuncCall&); std::vector bincodeSerialize() const; @@ -641,7 +651,17 @@ namespace Circuit { static BigIntToLeBytes bincodeDeserialize(std::vector); }; - std::variant value; + struct Poseidon2Permutation { + Circuit::HeapVector message; + Circuit::HeapArray output; + Circuit::RegisterIndex len; + + friend bool operator==(const Poseidon2Permutation&, const Poseidon2Permutation&); + std::vector bincodeSerialize() const; + static Poseidon2Permutation bincodeDeserialize(std::vector); + }; + + std::variant value; friend bool operator==(const BlackBoxOp&, const BlackBoxOp&); std::vector bincodeSerialize() const; @@ -2784,6 +2804,50 @@ Circuit::BlackBoxFuncCall::BigIntToLeBytes serde::Deserializable BlackBoxFuncCall::Poseidon2Permutation::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxFuncCall::Poseidon2Permutation BlackBoxFuncCall::Poseidon2Permutation::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Poseidon2Permutation &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.inputs, serializer); + serde::Serializable::serialize(obj.outputs, serializer); + serde::Serializable::serialize(obj.len, serializer); +} + +template <> +template +Circuit::BlackBoxFuncCall::Poseidon2Permutation serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxFuncCall::Poseidon2Permutation obj; + obj.inputs = serde::Deserializable::deserialize(deserializer); + obj.outputs = serde::Deserializable::deserialize(deserializer); + obj.len = serde::Deserializable::deserialize(deserializer); + return obj; +} + namespace Circuit { inline bool operator==(const BlackBoxOp &lhs, const BlackBoxOp &rhs) { @@ -3624,6 +3688,50 @@ Circuit::BlackBoxOp::BigIntToLeBytes serde::Deserializable BlackBoxOp::Poseidon2Permutation::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxOp::Poseidon2Permutation BlackBoxOp::Poseidon2Permutation::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxOp::Poseidon2Permutation &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.message, serializer); + serde::Serializable::serialize(obj.output, serializer); + serde::Serializable::serialize(obj.len, serializer); +} + +template <> +template +Circuit::BlackBoxOp::Poseidon2Permutation serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxOp::Poseidon2Permutation obj; + obj.message = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + obj.len = serde::Deserializable::deserialize(deserializer); + return obj; +} + namespace Circuit { inline bool operator==(const BlockId &lhs, const BlockId &rhs) { diff --git a/acvm-repo/acir/src/circuit/black_box_functions.rs b/acvm-repo/acir/src/circuit/black_box_functions.rs index 1944771963b..358722900ba 100644 --- a/acvm-repo/acir/src/circuit/black_box_functions.rs +++ b/acvm-repo/acir/src/circuit/black_box_functions.rs @@ -59,6 +59,8 @@ pub enum BlackBoxFunc { BigIntFromLeBytes, /// BigInt to le bytes BigIntToLeBytes, + /// Permutation function of Poseidon2 + Poseidon2Permutation, } impl std::fmt::Display for BlackBoxFunc { @@ -92,6 +94,7 @@ impl BlackBoxFunc { BlackBoxFunc::BigIntDiv => "bigint_div", BlackBoxFunc::BigIntFromLeBytes => "bigint_from_le_bytes", BlackBoxFunc::BigIntToLeBytes => "bigint_to_le_bytes", + BlackBoxFunc::Poseidon2Permutation => "poseidon2_permutation", } } @@ -119,6 +122,7 @@ impl BlackBoxFunc { "bigint_div" => Some(BlackBoxFunc::BigIntDiv), "bigint_from_le_bytes" => Some(BlackBoxFunc::BigIntFromLeBytes), "bigint_to_le_bytes" => Some(BlackBoxFunc::BigIntToLeBytes), + "poseidon2_permutation" => Some(BlackBoxFunc::Poseidon2Permutation), _ => None, } } diff --git a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs index 760a2fcbd78..110a524f746 100644 --- a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs +++ b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs @@ -144,6 +144,17 @@ pub enum BlackBoxFuncCall { input: u32, outputs: Vec, }, + /// Applies the Poseidon2 permutation function to the given state, + /// outputting the permuted state. + Poseidon2Permutation { + /// Input state for the permutation of Poseidon2 + inputs: Vec, + /// Permuted state + outputs: Vec, + /// State length (in number of field elements) + /// It is the length of inputs and outputs vectors + len: u32, + }, } impl BlackBoxFuncCall { @@ -171,7 +182,8 @@ impl BlackBoxFuncCall { BlackBoxFuncCall::BigIntMul { .. } => BlackBoxFunc::BigIntMul, BlackBoxFuncCall::BigIntDiv { .. } => BlackBoxFunc::BigIntDiv, BlackBoxFuncCall::BigIntFromLeBytes { .. } => BlackBoxFunc::BigIntFromLeBytes, - &BlackBoxFuncCall::BigIntToLeBytes { .. } => BlackBoxFunc::BigIntToLeBytes, + BlackBoxFuncCall::BigIntToLeBytes { .. } => BlackBoxFunc::BigIntToLeBytes, + BlackBoxFuncCall::Poseidon2Permutation { .. } => BlackBoxFunc::Poseidon2Permutation, } } @@ -188,7 +200,8 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::Keccakf1600 { inputs, .. } | BlackBoxFuncCall::PedersenCommitment { inputs, .. } | BlackBoxFuncCall::PedersenHash { inputs, .. } - | BlackBoxFuncCall::BigIntFromLeBytes { inputs, .. } => inputs.to_vec(), + | BlackBoxFuncCall::BigIntFromLeBytes { inputs, .. } + | BlackBoxFuncCall::Poseidon2Permutation { inputs, .. } => inputs.to_vec(), BlackBoxFuncCall::AND { lhs, rhs, .. } | BlackBoxFuncCall::XOR { lhs, rhs, .. } => { vec![*lhs, *rhs] } @@ -282,7 +295,8 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::Blake3 { outputs, .. } | BlackBoxFuncCall::Keccak256 { outputs, .. } | BlackBoxFuncCall::Keccakf1600 { outputs, .. } - | BlackBoxFuncCall::Keccak256VariableLength { outputs, .. } => outputs.to_vec(), + | BlackBoxFuncCall::Keccak256VariableLength { outputs, .. } + | BlackBoxFuncCall::Poseidon2Permutation { outputs, .. } => outputs.to_vec(), BlackBoxFuncCall::AND { output, .. } | BlackBoxFuncCall::XOR { output, .. } | BlackBoxFuncCall::SchnorrVerify { output, .. } diff --git a/acvm-repo/acvm/src/compiler/transformers/mod.rs b/acvm-repo/acvm/src/compiler/transformers/mod.rs index 01badbdf914..246eeadc095 100644 --- a/acvm-repo/acvm/src/compiler/transformers/mod.rs +++ b/acvm-repo/acvm/src/compiler/transformers/mod.rs @@ -122,6 +122,10 @@ pub(super) fn transform_internal( | acir::circuit::opcodes::BlackBoxFuncCall::Blake3 { outputs, .. } | acir::circuit::opcodes::BlackBoxFuncCall::BigIntToLeBytes { outputs, .. + } + | acir::circuit::opcodes::BlackBoxFuncCall::Poseidon2Permutation { + outputs, + .. } => { for witness in outputs { transformer.mark_solvable(*witness); diff --git a/acvm-repo/acvm/src/pwg/blackbox/mod.rs b/acvm-repo/acvm/src/pwg/blackbox/mod.rs index 34fd442f1eb..3baf99710ad 100644 --- a/acvm-repo/acvm/src/pwg/blackbox/mod.rs +++ b/acvm-repo/acvm/src/pwg/blackbox/mod.rs @@ -196,5 +196,6 @@ pub(crate) fn solve( BlackBoxFuncCall::BigIntDiv { .. } => todo!(), BlackBoxFuncCall::BigIntFromLeBytes { .. } => todo!(), BlackBoxFuncCall::BigIntToLeBytes { .. } => todo!(), + BlackBoxFuncCall::Poseidon2Permutation { .. } => todo!(), } } diff --git a/acvm-repo/brillig/src/black_box.rs b/acvm-repo/brillig/src/black_box.rs index 309c1c741f3..f5f5c53803e 100644 --- a/acvm-repo/brillig/src/black_box.rs +++ b/acvm-repo/brillig/src/black_box.rs @@ -109,4 +109,9 @@ pub enum BlackBoxOp { input: RegisterIndex, output: HeapVector, }, + Poseidon2Permutation { + message: HeapVector, + output: HeapArray, + len: RegisterIndex, + }, } diff --git a/acvm-repo/brillig_vm/src/black_box.rs b/acvm-repo/brillig_vm/src/black_box.rs index 9a8e851a7af..9935005a5ea 100644 --- a/acvm-repo/brillig_vm/src/black_box.rs +++ b/acvm-repo/brillig_vm/src/black_box.rs @@ -199,6 +199,7 @@ pub(crate) fn evaluate_black_box( BlackBoxOp::BigIntDiv { .. } => todo!(), BlackBoxOp::BigIntFromLeBytes { .. } => todo!(), BlackBoxOp::BigIntToLeBytes { .. } => todo!(), + BlackBoxOp::Poseidon2Permutation { .. } => todo!(), } } @@ -222,6 +223,7 @@ fn black_box_function_from_op(op: &BlackBoxOp) -> BlackBoxFunc { BlackBoxOp::BigIntDiv { .. } => BlackBoxFunc::BigIntDiv, BlackBoxOp::BigIntFromLeBytes { .. } => BlackBoxFunc::BigIntFromLeBytes, BlackBoxOp::BigIntToLeBytes { .. } => BlackBoxFunc::BigIntToLeBytes, + BlackBoxOp::Poseidon2Permutation { .. } => BlackBoxFunc::Poseidon2Permutation, } } diff --git a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs index de59fd26873..62a1cef50a1 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs @@ -328,6 +328,22 @@ pub(crate) fn convert_black_box_call( ) } } + BlackBoxFunc::Poseidon2Permutation => { + if let ( + [message, BrilligVariable::Simple(state_len)], + [BrilligVariable::BrilligArray(result_array)], + ) = (function_arguments, function_results) + { + let message_vector = convert_array_or_vector(brillig_context, message, bb_func); + brillig_context.black_box_op_instruction(BlackBoxOp::Poseidon2Permutation { + message: message_vector.to_heap_vector(), + output: result_array.to_heap_array(), + len: *state_len, + }); + } else { + unreachable!("ICE: SHA256 expects one array argument and one array result") + } + } } } diff --git a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs index 0e81e3d07ec..b36081d5e3e 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs @@ -501,6 +501,15 @@ impl DebugShow { output ); } + BlackBoxOp::Poseidon2Permutation { message, output, len } => { + debug_println!( + self.enable_debug_trace, + " POSEIDON2_PERMUTATION {} {} -> {}", + message, + len, + output + ); + } } } diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/acir_variable.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/acir_variable.rs index d1c1e56f5a3..1ac5f3d8e49 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/acir_variable.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/acir_variable.rs @@ -1173,6 +1173,31 @@ impl AcirContext { (vec![domain_constant], Vec::new()) } + BlackBoxFunc::Poseidon2Permutation => { + // The last argument is the state length, which must be a constant + let state_len = match inputs.pop() { + Some(state_len) => state_len.into_var()?, + None => { + return Err(RuntimeError::InternalError(InternalError::MissingArg { + name: "poseidon_2_permutation call".to_string(), + arg: "length".to_string(), + call_stack: self.get_call_stack(), + })) + } + }; + + let state_len = match self.vars[&state_len].as_constant() { + Some(state_len) => state_len, + None => { + return Err(RuntimeError::InternalError(InternalError::NotAConstant { + name: "length".to_string(), + call_stack: self.get_call_stack(), + })) + } + }; + + (vec![state_len], Vec::new()) + } BlackBoxFunc::BigIntAdd | BlackBoxFunc::BigIntNeg | BlackBoxFunc::BigIntMul @@ -1261,7 +1286,6 @@ impl AcirContext { // Convert `AcirVar` to `FunctionInput` let inputs = self.prepare_inputs_for_black_box_func_call(inputs)?; - // Call Black box with `FunctionInput` let mut results = vecmap(&constant_outputs, |c| self.add_constant(*c)); let outputs = self.acir_ir.call_black_box( diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs index 27c5d06cda2..1730a1f6a20 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs @@ -276,6 +276,11 @@ impl GeneratedAcir { input: constant_inputs[0].to_u128() as u32, outputs, }, + BlackBoxFunc::Poseidon2Permutation => BlackBoxFuncCall::Poseidon2Permutation { + inputs: inputs[0].clone(), + outputs, + len: constant_inputs[0].to_u128() as u32, + }, }; self.push_opcode(AcirOpcode::BlackBoxFuncCall(black_box_func_call)); @@ -609,6 +614,8 @@ fn black_box_func_expected_input_size(name: BlackBoxFunc) -> Option { | BlackBoxFunc::PedersenHash => None, BlackBoxFunc::Keccakf1600 => Some(25), + // The permutation takes a fixed number of inputs, but the inputs length depends on the proving system implementation. + BlackBoxFunc::Poseidon2Permutation => None, // Can only apply a range constraint to one // witness at a time. @@ -657,6 +664,8 @@ fn black_box_expected_output_size(name: BlackBoxFunc) -> Option { | BlackBoxFunc::Blake3 => Some(32), BlackBoxFunc::Keccakf1600 => Some(25), + // The permutation returns a fixed number of outputs, equals to the inputs length which depends on the proving system implementation. + BlackBoxFunc::Poseidon2Permutation => None, // Pedersen commitment returns a point BlackBoxFunc::PedersenCommitment => Some(2), diff --git a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs index 1da376e1f2d..eab839d9569 100644 --- a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs +++ b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs @@ -417,7 +417,7 @@ fn simplify_black_box_func( _ => SimplifyResult::None, } } - + BlackBoxFunc::Poseidon2Permutation => SimplifyResult::None, //TODO(Guillaume) BlackBoxFunc::EcdsaSecp256k1 => { simplify_signature(dfg, arguments, acvm::blackbox_solver::ecdsa_secp256k1_verify) } diff --git a/noir_stdlib/src/hash.nr b/noir_stdlib/src/hash.nr index 5933209d9bc..d53729f423f 100644 --- a/noir_stdlib/src/hash.nr +++ b/noir_stdlib/src/hash.nr @@ -51,3 +51,5 @@ pub fn hash_to_field(_input: [Field; N]) -> Field { #[foreign(keccak256)] pub fn keccak256(_input: [u8; N], _message_size: u32) -> [u8; 32] {} +#[foreign(poseidon2_permutation)] +pub fn poseidon2_permutation(_input: [u8; N], _state_length: u32) -> [u8; N] {} From e470b94de7f3a0db4999a4b57d6e97298505415c Mon Sep 17 00:00:00 2001 From: ludamad Date: Thu, 25 Jan 2024 14:44:13 -0500 Subject: [PATCH 59/67] refactor: delete C++ PK circuits (#4219) This is no longer used. We still hold value in referencing the code, BUT this is best done in historical commits. As it no longer builds, and we don't intend to maintain it, it is best to not mislead people by including it now. --------- Co-authored-by: ludamad --- tooling/backend_interface/src/cli/mod.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tooling/backend_interface/src/cli/mod.rs b/tooling/backend_interface/src/cli/mod.rs index 3ea65f28103..b4dec859839 100644 --- a/tooling/backend_interface/src/cli/mod.rs +++ b/tooling/backend_interface/src/cli/mod.rs @@ -1,4 +1,4 @@ -// Reference: https://github.com/AztecProtocol/aztec-packages/blob/master/circuits/cpp/barretenberg/cpp/src/barretenberg/bb/main.cpp +// Reference: https://github.com/AztecProtocol/aztec-packages/blob/master/barretenberg/cpp/src/barretenberg/bb/main.cpp mod contract; mod gates; From 2c463bc1a8a9791e1f352e398156c5c03bf89959 Mon Sep 17 00:00:00 2001 From: guipublic <47281315+guipublic@users.noreply.github.com> Date: Fri, 26 Jan 2024 14:38:45 +0100 Subject: [PATCH 60/67] feat!: add opcode for sha256 compression function (#4229) The opcode will allow SHA256 implementation in Noir with support to variable length input, while keeping BB native performance. The PR includes usage of the function in stdlib, but does not include implementation of the function. It should be added in a future PR for ACVM, BB, Brillig and Noir (for constant folding). --- acvm-repo/acir/codegen/acir.cpp | 112 +++++++++++++++++- .../acir/src/circuit/black_box_functions.rs | 5 + .../opcodes/black_box_function_call.rs | 22 +++- .../acvm/src/compiler/transformers/mod.rs | 3 + acvm-repo/acvm/src/pwg/blackbox/mod.rs | 1 + acvm-repo/brillig/src/black_box.rs | 5 + acvm-repo/brillig_vm/src/black_box.rs | 2 + .../brillig/brillig_gen/brillig_black_box.rs | 17 ++- .../src/brillig/brillig_ir/debug_show.rs | 9 ++ .../ssa/acir_gen/acir_ir/generated_acir.rs | 8 ++ .../src/ssa/ir/instruction/call.rs | 1 + noir_stdlib/src/hash.nr | 3 + 12 files changed, 183 insertions(+), 5 deletions(-) diff --git a/acvm-repo/acir/codegen/acir.cpp b/acvm-repo/acir/codegen/acir.cpp index 487bb33a6b2..0f94e91ab10 100644 --- a/acvm-repo/acir/codegen/acir.cpp +++ b/acvm-repo/acir/codegen/acir.cpp @@ -265,7 +265,17 @@ namespace Circuit { static Poseidon2Permutation bincodeDeserialize(std::vector); }; - std::variant value; + struct Sha256Compression { + std::vector inputs; + std::vector hash_values; + std::vector outputs; + + friend bool operator==(const Sha256Compression&, const Sha256Compression&); + std::vector bincodeSerialize() const; + static Sha256Compression bincodeDeserialize(std::vector); + }; + + std::variant value; friend bool operator==(const BlackBoxFuncCall&, const BlackBoxFuncCall&); std::vector bincodeSerialize() const; @@ -661,7 +671,17 @@ namespace Circuit { static Poseidon2Permutation bincodeDeserialize(std::vector); }; - std::variant value; + struct Sha256Compression { + Circuit::HeapVector input; + Circuit::HeapVector hash_values; + Circuit::HeapArray output; + + friend bool operator==(const Sha256Compression&, const Sha256Compression&); + std::vector bincodeSerialize() const; + static Sha256Compression bincodeDeserialize(std::vector); + }; + + std::variant value; friend bool operator==(const BlackBoxOp&, const BlackBoxOp&); std::vector bincodeSerialize() const; @@ -2848,6 +2868,50 @@ Circuit::BlackBoxFuncCall::Poseidon2Permutation serde::Deserializable BlackBoxFuncCall::Sha256Compression::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxFuncCall::Sha256Compression BlackBoxFuncCall::Sha256Compression::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Sha256Compression &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.inputs, serializer); + serde::Serializable::serialize(obj.hash_values, serializer); + serde::Serializable::serialize(obj.outputs, serializer); +} + +template <> +template +Circuit::BlackBoxFuncCall::Sha256Compression serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxFuncCall::Sha256Compression obj; + obj.inputs = serde::Deserializable::deserialize(deserializer); + obj.hash_values = serde::Deserializable::deserialize(deserializer); + obj.outputs = serde::Deserializable::deserialize(deserializer); + return obj; +} + namespace Circuit { inline bool operator==(const BlackBoxOp &lhs, const BlackBoxOp &rhs) { @@ -3732,6 +3796,50 @@ Circuit::BlackBoxOp::Poseidon2Permutation serde::Deserializable BlackBoxOp::Sha256Compression::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline BlackBoxOp::Sha256Compression BlackBoxOp::Sha256Compression::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Circuit + +template <> +template +void serde::Serializable::serialize(const Circuit::BlackBoxOp::Sha256Compression &obj, Serializer &serializer) { + serde::Serializable::serialize(obj.input, serializer); + serde::Serializable::serialize(obj.hash_values, serializer); + serde::Serializable::serialize(obj.output, serializer); +} + +template <> +template +Circuit::BlackBoxOp::Sha256Compression serde::Deserializable::deserialize(Deserializer &deserializer) { + Circuit::BlackBoxOp::Sha256Compression obj; + obj.input = serde::Deserializable::deserialize(deserializer); + obj.hash_values = serde::Deserializable::deserialize(deserializer); + obj.output = serde::Deserializable::deserialize(deserializer); + return obj; +} + namespace Circuit { inline bool operator==(const BlockId &lhs, const BlockId &rhs) { diff --git a/acvm-repo/acir/src/circuit/black_box_functions.rs b/acvm-repo/acir/src/circuit/black_box_functions.rs index 358722900ba..97b4759d350 100644 --- a/acvm-repo/acir/src/circuit/black_box_functions.rs +++ b/acvm-repo/acir/src/circuit/black_box_functions.rs @@ -61,6 +61,8 @@ pub enum BlackBoxFunc { BigIntToLeBytes, /// Permutation function of Poseidon2 Poseidon2Permutation, + /// SHA256 compression function + Sha256Compression, } impl std::fmt::Display for BlackBoxFunc { @@ -95,6 +97,7 @@ impl BlackBoxFunc { BlackBoxFunc::BigIntFromLeBytes => "bigint_from_le_bytes", BlackBoxFunc::BigIntToLeBytes => "bigint_to_le_bytes", BlackBoxFunc::Poseidon2Permutation => "poseidon2_permutation", + BlackBoxFunc::Sha256Compression => "sha256_compression", } } @@ -123,9 +126,11 @@ impl BlackBoxFunc { "bigint_from_le_bytes" => Some(BlackBoxFunc::BigIntFromLeBytes), "bigint_to_le_bytes" => Some(BlackBoxFunc::BigIntToLeBytes), "poseidon2_permutation" => Some(BlackBoxFunc::Poseidon2Permutation), + "sha256_compression" => Some(BlackBoxFunc::Sha256Compression), _ => None, } } + pub fn is_valid_black_box_func_name(op_name: &str) -> bool { BlackBoxFunc::lookup(op_name).is_some() } diff --git a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs index 110a524f746..ba4964c8912 100644 --- a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs +++ b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs @@ -155,6 +155,21 @@ pub enum BlackBoxFuncCall { /// It is the length of inputs and outputs vectors len: u32, }, + /// Applies the SHA-256 compression function to the input message + /// + /// # Arguments + /// + /// * `inputs` - input message block + /// * `hash_values` - state from the previous compression + /// * `outputs` - result of the input compressed into 256 bits + Sha256Compression { + /// 512 bits of the input message, represented by 16 u32s + inputs: Vec, + /// Vector of 8 u32s used to compress the input + hash_values: Vec, + /// Output of the compression, represented by 8 u32s + outputs: Vec, + }, } impl BlackBoxFuncCall { @@ -184,6 +199,7 @@ impl BlackBoxFuncCall { BlackBoxFuncCall::BigIntFromLeBytes { .. } => BlackBoxFunc::BigIntFromLeBytes, BlackBoxFuncCall::BigIntToLeBytes { .. } => BlackBoxFunc::BigIntToLeBytes, BlackBoxFuncCall::Poseidon2Permutation { .. } => BlackBoxFunc::Poseidon2Permutation, + BlackBoxFuncCall::Sha256Compression { .. } => BlackBoxFunc::Sha256Compression, } } @@ -201,7 +217,8 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::PedersenCommitment { inputs, .. } | BlackBoxFuncCall::PedersenHash { inputs, .. } | BlackBoxFuncCall::BigIntFromLeBytes { inputs, .. } - | BlackBoxFuncCall::Poseidon2Permutation { inputs, .. } => inputs.to_vec(), + | BlackBoxFuncCall::Poseidon2Permutation { inputs, .. } + | BlackBoxFuncCall::Sha256Compression { inputs, .. } => inputs.to_vec(), BlackBoxFuncCall::AND { lhs, rhs, .. } | BlackBoxFuncCall::XOR { lhs, rhs, .. } => { vec![*lhs, *rhs] } @@ -296,7 +313,8 @@ impl BlackBoxFuncCall { | BlackBoxFuncCall::Keccak256 { outputs, .. } | BlackBoxFuncCall::Keccakf1600 { outputs, .. } | BlackBoxFuncCall::Keccak256VariableLength { outputs, .. } - | BlackBoxFuncCall::Poseidon2Permutation { outputs, .. } => outputs.to_vec(), + | BlackBoxFuncCall::Poseidon2Permutation { outputs, .. } + | BlackBoxFuncCall::Sha256Compression { outputs, .. } => outputs.to_vec(), BlackBoxFuncCall::AND { output, .. } | BlackBoxFuncCall::XOR { output, .. } | BlackBoxFuncCall::SchnorrVerify { output, .. } diff --git a/acvm-repo/acvm/src/compiler/transformers/mod.rs b/acvm-repo/acvm/src/compiler/transformers/mod.rs index 246eeadc095..970eb9390bb 100644 --- a/acvm-repo/acvm/src/compiler/transformers/mod.rs +++ b/acvm-repo/acvm/src/compiler/transformers/mod.rs @@ -126,6 +126,9 @@ pub(super) fn transform_internal( | acir::circuit::opcodes::BlackBoxFuncCall::Poseidon2Permutation { outputs, .. + } + | acir::circuit::opcodes::BlackBoxFuncCall::Sha256Compression { + outputs, .. } => { for witness in outputs { transformer.mark_solvable(*witness); diff --git a/acvm-repo/acvm/src/pwg/blackbox/mod.rs b/acvm-repo/acvm/src/pwg/blackbox/mod.rs index 3baf99710ad..0f026cd274a 100644 --- a/acvm-repo/acvm/src/pwg/blackbox/mod.rs +++ b/acvm-repo/acvm/src/pwg/blackbox/mod.rs @@ -197,5 +197,6 @@ pub(crate) fn solve( BlackBoxFuncCall::BigIntFromLeBytes { .. } => todo!(), BlackBoxFuncCall::BigIntToLeBytes { .. } => todo!(), BlackBoxFuncCall::Poseidon2Permutation { .. } => todo!(), + BlackBoxFuncCall::Sha256Compression { .. } => todo!(), } } diff --git a/acvm-repo/brillig/src/black_box.rs b/acvm-repo/brillig/src/black_box.rs index f5f5c53803e..22fac6f3ba3 100644 --- a/acvm-repo/brillig/src/black_box.rs +++ b/acvm-repo/brillig/src/black_box.rs @@ -114,4 +114,9 @@ pub enum BlackBoxOp { output: HeapArray, len: RegisterIndex, }, + Sha256Compression { + input: HeapVector, + hash_values: HeapVector, + output: HeapArray, + }, } diff --git a/acvm-repo/brillig_vm/src/black_box.rs b/acvm-repo/brillig_vm/src/black_box.rs index 9935005a5ea..e9c25200c47 100644 --- a/acvm-repo/brillig_vm/src/black_box.rs +++ b/acvm-repo/brillig_vm/src/black_box.rs @@ -200,6 +200,7 @@ pub(crate) fn evaluate_black_box( BlackBoxOp::BigIntFromLeBytes { .. } => todo!(), BlackBoxOp::BigIntToLeBytes { .. } => todo!(), BlackBoxOp::Poseidon2Permutation { .. } => todo!(), + BlackBoxOp::Sha256Compression { .. } => todo!(), } } @@ -224,6 +225,7 @@ fn black_box_function_from_op(op: &BlackBoxOp) -> BlackBoxFunc { BlackBoxOp::BigIntFromLeBytes { .. } => BlackBoxFunc::BigIntFromLeBytes, BlackBoxOp::BigIntToLeBytes { .. } => BlackBoxFunc::BigIntToLeBytes, BlackBoxOp::Poseidon2Permutation { .. } => BlackBoxFunc::Poseidon2Permutation, + BlackBoxOp::Sha256Compression { .. } => BlackBoxFunc::Sha256Compression, } } diff --git a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs index 62a1cef50a1..96d80cb8131 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_black_box.rs @@ -341,7 +341,22 @@ pub(crate) fn convert_black_box_call( len: *state_len, }); } else { - unreachable!("ICE: SHA256 expects one array argument and one array result") + unreachable!("ICE: Poseidon2Permutation expects one array argument, a length and one array result") + } + } + BlackBoxFunc::Sha256Compression => { + if let ([message, hash_values], [BrilligVariable::BrilligArray(result_array)]) = + (function_arguments, function_results) + { + let message_vector = convert_array_or_vector(brillig_context, message, bb_func); + let hash_vector = convert_array_or_vector(brillig_context, hash_values, bb_func); + brillig_context.black_box_op_instruction(BlackBoxOp::Sha256Compression { + input: message_vector.to_heap_vector(), + hash_values: hash_vector.to_heap_vector(), + output: result_array.to_heap_array(), + }); + } else { + unreachable!("ICE: Sha256Compression expects two array argument, one array result") } } } diff --git a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs index b36081d5e3e..a8563dc9efe 100644 --- a/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs +++ b/compiler/noirc_evaluator/src/brillig/brillig_ir/debug_show.rs @@ -510,6 +510,15 @@ impl DebugShow { output ); } + BlackBoxOp::Sha256Compression { input, hash_values, output } => { + debug_println!( + self.enable_debug_trace, + " SHA256COMPRESSION {} {} -> {}", + input, + hash_values, + output + ); + } } } diff --git a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs index 1730a1f6a20..b86fc4eeb5f 100644 --- a/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs +++ b/compiler/noirc_evaluator/src/ssa/acir_gen/acir_ir/generated_acir.rs @@ -281,6 +281,11 @@ impl GeneratedAcir { outputs, len: constant_inputs[0].to_u128() as u32, }, + BlackBoxFunc::Sha256Compression => BlackBoxFuncCall::Sha256Compression { + inputs: inputs[0].clone(), + hash_values: inputs[1].clone(), + outputs, + }, }; self.push_opcode(AcirOpcode::BlackBoxFuncCall(black_box_func_call)); @@ -617,6 +622,8 @@ fn black_box_func_expected_input_size(name: BlackBoxFunc) -> Option { // The permutation takes a fixed number of inputs, but the inputs length depends on the proving system implementation. BlackBoxFunc::Poseidon2Permutation => None, + // SHA256 compression requires 16 u32s as input message and 8 u32s for the hash state. + BlackBoxFunc::Sha256Compression => Some(24), // Can only apply a range constraint to one // witness at a time. BlackBoxFunc::RANGE => Some(1), @@ -667,6 +674,7 @@ fn black_box_expected_output_size(name: BlackBoxFunc) -> Option { // The permutation returns a fixed number of outputs, equals to the inputs length which depends on the proving system implementation. BlackBoxFunc::Poseidon2Permutation => None, + BlackBoxFunc::Sha256Compression => Some(8), // Pedersen commitment returns a point BlackBoxFunc::PedersenCommitment => Some(2), diff --git a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs index eab839d9569..0178ae9dba1 100644 --- a/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs +++ b/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs @@ -452,6 +452,7 @@ fn simplify_black_box_func( "ICE: `BlackBoxFunc::RANGE` calls should be transformed into a `Instruction::Cast`" ) } + BlackBoxFunc::Sha256Compression => SimplifyResult::None, //TODO(Guillaume) } } diff --git a/noir_stdlib/src/hash.nr b/noir_stdlib/src/hash.nr index d53729f423f..c82d7722ca8 100644 --- a/noir_stdlib/src/hash.nr +++ b/noir_stdlib/src/hash.nr @@ -53,3 +53,6 @@ pub fn keccak256(_input: [u8; N], _message_size: u32) -> [u8; 32] {} #[foreign(poseidon2_permutation)] pub fn poseidon2_permutation(_input: [u8; N], _state_length: u32) -> [u8; N] {} + +#[foreign(sha256_compression)] +pub fn sha256_compression(_input: [u32; 16], _state: [u32; 8]) -> [u32; 8] {} From 14d491ba0b66995bab9d31015f86971e7b27975a Mon Sep 17 00:00:00 2001 From: Tom French <15848336+TomAFrench@users.noreply.github.com> Date: Mon, 29 Jan 2024 12:51:38 +0000 Subject: [PATCH 61/67] Update noir_stdlib/src/scalar_mul.nr --- noir_stdlib/src/scalar_mul.nr | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/noir_stdlib/src/scalar_mul.nr b/noir_stdlib/src/scalar_mul.nr index fef2398222f..29c15e9e212 100644 --- a/noir_stdlib/src/scalar_mul.nr +++ b/noir_stdlib/src/scalar_mul.nr @@ -11,7 +11,12 @@ struct EmbeddedCurvePoint { // underlying proof system. #[foreign(fixed_base_scalar_mul)] // docs:start:fixed_base_embedded_curve -pub fn fixed_base_embedded_curve(_low: Field, _high: Field) -> [Field; 2] {} +pub fn fixed_base_embedded_curve( + _low: Field, + _high: Field +) -> [Field; 2] +// docs:end:fixed_base_embedded_curve +{} // docs:end:fixed_base_embedded_curve #[foreign(embedded_curve_add)] From 7b50fd955bc45654594a6d0db791eb9b20cd326d Mon Sep 17 00:00:00 2001 From: Tom French <15848336+TomAFrench@users.noreply.github.com> Date: Mon, 29 Jan 2024 12:51:57 +0000 Subject: [PATCH 62/67] Update noir_stdlib/src/scalar_mul.nr --- noir_stdlib/src/scalar_mul.nr | 1 - 1 file changed, 1 deletion(-) diff --git a/noir_stdlib/src/scalar_mul.nr b/noir_stdlib/src/scalar_mul.nr index 29c15e9e212..f6a39e8e15e 100644 --- a/noir_stdlib/src/scalar_mul.nr +++ b/noir_stdlib/src/scalar_mul.nr @@ -17,7 +17,6 @@ pub fn fixed_base_embedded_curve( ) -> [Field; 2] // docs:end:fixed_base_embedded_curve {} -// docs:end:fixed_base_embedded_curve #[foreign(embedded_curve_add)] pub fn embedded_curve_add(_point1: EmbeddedCurvePoint, _point2: EmbeddedCurvePoint) -> EmbeddedCurvePoint {} From 68c05f62a48077a814b00468ee2b2c3c40dafd5e Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 30 Jan 2024 13:50:52 +0000 Subject: [PATCH 63/67] chore: update bb with latest release --- tooling/bb_abstraction_leaks/build.rs | 2 +- tooling/noir_js_backend_barretenberg/package.json | 2 +- yarn.lock | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/tooling/bb_abstraction_leaks/build.rs b/tooling/bb_abstraction_leaks/build.rs index 18413f87793..6197f52cb4b 100644 --- a/tooling/bb_abstraction_leaks/build.rs +++ b/tooling/bb_abstraction_leaks/build.rs @@ -10,7 +10,7 @@ use const_format::formatcp; const USERNAME: &str = "AztecProtocol"; const REPO: &str = "aztec-packages"; -const VERSION: &str = "0.19.0"; +const VERSION: &str = "0.21.0"; const TAG: &str = formatcp!("aztec-packages-v{}", VERSION); const API_URL: &str = diff --git a/tooling/noir_js_backend_barretenberg/package.json b/tooling/noir_js_backend_barretenberg/package.json index cd2a6354ac4..a0123883efd 100644 --- a/tooling/noir_js_backend_barretenberg/package.json +++ b/tooling/noir_js_backend_barretenberg/package.json @@ -42,7 +42,7 @@ "lint": "NODE_NO_WARNINGS=1 eslint . --ext .ts --ignore-path ./.eslintignore --max-warnings 0" }, "dependencies": { - "@aztec/bb.js": "0.19.0", + "@aztec/bb.js": "0.21.0", "@noir-lang/types": "workspace:*", "fflate": "^0.8.0" }, diff --git a/yarn.lock b/yarn.lock index db3f493bc62..743068f1907 100644 --- a/yarn.lock +++ b/yarn.lock @@ -235,9 +235,9 @@ __metadata: languageName: node linkType: hard -"@aztec/bb.js@npm:0.19.0": - version: 0.19.0 - resolution: "@aztec/bb.js@npm:0.19.0" +"@aztec/bb.js@npm:0.21.0": + version: 0.21.0 + resolution: "@aztec/bb.js@npm:0.21.0" dependencies: comlink: ^4.4.1 commander: ^10.0.1 @@ -245,7 +245,7 @@ __metadata: tslib: ^2.4.0 bin: bb.js: dest/node/main.js - checksum: c78c22c3b8c43e0010a43145f973489aa7da9fcf0b8527884107f1f34ac3ca5f5d4ab087d74ce50cb75d6dbaef88bfc693e23745282faa30b81dc78481c65874 + checksum: a0fb97476f52025f3c31b7a5e890966ac375ed47c5cfd3434f5c3e4265af3c7566a162f37d6c56f394f44bfe4ba67e5002b7c5998ecc4f6abe70e04f5b8abe34 languageName: node linkType: hard @@ -4435,7 +4435,7 @@ __metadata: version: 0.0.0-use.local resolution: "@noir-lang/backend_barretenberg@workspace:tooling/noir_js_backend_barretenberg" dependencies: - "@aztec/bb.js": 0.19.0 + "@aztec/bb.js": 0.21.0 "@noir-lang/types": "workspace:*" "@types/node": ^20.6.2 "@types/prettier": ^3 From 6bc71073e4387a6bc59d52611d19a1b08c790398 Mon Sep 17 00:00:00 2001 From: Tom French Date: Tue, 30 Jan 2024 14:16:06 +0000 Subject: [PATCH 64/67] chore: disable stdlib functions for unimplemented functionality --- noir_stdlib/src/lib.nr | 2 +- noir_stdlib/src/scalar_mul.nr | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/noir_stdlib/src/lib.nr b/noir_stdlib/src/lib.nr index b7c7833277a..90aff3c312b 100644 --- a/noir_stdlib/src/lib.nr +++ b/noir_stdlib/src/lib.nr @@ -25,7 +25,7 @@ mod ops; mod default; mod prelude; mod uint128; -mod bigint; +// mod bigint; // Oracle calls are required to be wrapped in an unconstrained function // Thus, the only argument to the `println` oracle is expected to always be an ident diff --git a/noir_stdlib/src/scalar_mul.nr b/noir_stdlib/src/scalar_mul.nr index f6a39e8e15e..43f169712fc 100644 --- a/noir_stdlib/src/scalar_mul.nr +++ b/noir_stdlib/src/scalar_mul.nr @@ -18,9 +18,9 @@ pub fn fixed_base_embedded_curve( // docs:end:fixed_base_embedded_curve {} -#[foreign(embedded_curve_add)] -pub fn embedded_curve_add(_point1: EmbeddedCurvePoint, _point2: EmbeddedCurvePoint) -> EmbeddedCurvePoint {} +// #[foreign(embedded_curve_add)] +// pub fn embedded_curve_add(_point1: EmbeddedCurvePoint, _point2: EmbeddedCurvePoint) -> EmbeddedCurvePoint {} -pub fn embedded_curve_double(point: EmbeddedCurvePoint) -> EmbeddedCurvePoint { - embedded_curve_add(point, point) -} +// pub fn embedded_curve_double(point: EmbeddedCurvePoint) -> EmbeddedCurvePoint { +// embedded_curve_add(point, point) +// } From 1e43b329b48c8e8fbffe8daf61ccc8efd1612c17 Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 30 Jan 2024 14:18:15 +0000 Subject: [PATCH 65/67] fix: underscore prefix unused vars --- noir_stdlib/src/bigint.nr | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/noir_stdlib/src/bigint.nr b/noir_stdlib/src/bigint.nr index f3ecfba8343..14790f69241 100644 --- a/noir_stdlib/src/bigint.nr +++ b/noir_stdlib/src/bigint.nr @@ -1,4 +1,3 @@ - use crate::ops::{Add, Sub, Mul, Div, Rem,}; struct BigInt { @@ -8,21 +7,21 @@ struct BigInt { impl BigInt { #[builtin(bigint_add)] - pub fn bigint_add(self, other: BigInt) -> BigInt { + pub fn bigint_add(_self: Self, _other: BigInt) -> BigInt { } #[builtin(bigint_neg)] - pub fn bigint_neg(self, other: BigInt) -> BigInt { + pub fn bigint_neg(_self: Self, _other: BigInt) -> BigInt { } #[builtin(bigint_mul)] - pub fn bigint_mul(self, other: BigInt) -> BigInt { + pub fn bigint_mul(_self: Self, _other: BigInt) -> BigInt { } #[builtin(bigint_div)] - pub fn bigint_div(self, other: BigInt) -> BigInt { + pub fn bigint_div(_self: Self, _other: BigInt) -> BigInt { } #[builtin(bigint_from_le_bytes)] - pub fn from_le_bytes(bytes: [u8], modulus: [u8]) -> BigInt {} + pub fn from_le_bytes(_bytes: [u8], _modulus: [u8]) -> BigInt {} #[builtin(bigint_to_le_bytes)] - pub fn to_le_bytes(self) -> [u8] {} + pub fn to_le_bytes(_self: Self) -> [u8] {} } impl Add for BigInt { From 5503531fb6ee9eb09e2aac5a96c828342636633d Mon Sep 17 00:00:00 2001 From: Tom French Date: Tue, 30 Jan 2024 14:19:00 +0000 Subject: [PATCH 66/67] feat: implement `Add` and `double` method on `EmbeddedCurvePoint` --- noir_stdlib/src/scalar_mul.nr | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/noir_stdlib/src/scalar_mul.nr b/noir_stdlib/src/scalar_mul.nr index 43f169712fc..0e84b4f66fc 100644 --- a/noir_stdlib/src/scalar_mul.nr +++ b/noir_stdlib/src/scalar_mul.nr @@ -1,8 +1,22 @@ +use crate::ops::Add; + struct EmbeddedCurvePoint { x: Field, y: Field, } +impl EmbeddedCurvePoint { + fn double(self) -> EmbeddedCurvePoint { + embedded_curve_add(self, self) + } +} + +impl Add for EmbeddedCurvePoint { + fn add(self, other: EmbeddedCurvePoint) -> EmbeddedCurvePoint { + embedded_curve_add(self, other) + } +} + // Computes a fixed base scalar multiplication over the embedded curve. // For bn254, We have Grumpkin and Baby JubJub. // For bls12-381, we have JubJub and Bandersnatch. @@ -18,9 +32,5 @@ pub fn fixed_base_embedded_curve( // docs:end:fixed_base_embedded_curve {} -// #[foreign(embedded_curve_add)] -// pub fn embedded_curve_add(_point1: EmbeddedCurvePoint, _point2: EmbeddedCurvePoint) -> EmbeddedCurvePoint {} - -// pub fn embedded_curve_double(point: EmbeddedCurvePoint) -> EmbeddedCurvePoint { -// embedded_curve_add(point, point) -// } +#[foreign(embedded_curve_add)] +fn embedded_curve_add(_point1: EmbeddedCurvePoint, _point2: EmbeddedCurvePoint) -> EmbeddedCurvePoint {} From 2badd023eab159b7892bd507897bedb360bebebe Mon Sep 17 00:00:00 2001 From: sirasistant Date: Tue, 30 Jan 2024 14:38:30 +0000 Subject: [PATCH 67/67] fix: use new add and double methods --- .../execution_success/scalar_mul/src/main.nr | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/test_programs/execution_success/scalar_mul/src/main.nr b/test_programs/execution_success/scalar_mul/src/main.nr index a88754da5d3..e20f47907db 100644 --- a/test_programs/execution_success/scalar_mul/src/main.nr +++ b/test_programs/execution_success/scalar_mul/src/main.nr @@ -20,18 +20,12 @@ fn main( let res = std::scalar_mul::fixed_base_embedded_curve(priv_key, 0); assert(res[0] == pub_x); assert(res[1] == pub_y); - let pub_point= std::scalar_mul::EmbeddedCurvePoint { - x: pub_x, - y: pub_y - }; + let pub_point= std::scalar_mul::EmbeddedCurvePoint { x: pub_x, y: pub_y }; let g1_y = 17631683881184975370165255887551781615748388533673675138860; - let g1= std::scalar_mul::EmbeddedCurvePoint { - x: 1, - y: g1_y - }; + let g1= std::scalar_mul::EmbeddedCurvePoint { x: 1, y: g1_y }; - let res = std::scalar_mul::embedded_curve_double(pub_point); - let double = std::scalar_mul::embedded_curve_add(g1,g1 ); + let res = pub_point.double(); + let double = g1.add(g1); assert(double.x == res.x); }