From 96a719cfb6ac259d354cf455ab88c37f0cd08eb6 Mon Sep 17 00:00:00 2001 From: vezenovm Date: Wed, 6 Mar 2024 18:36:13 +0000 Subject: [PATCH 01/29] program and witness stack structure and respective serialization --- .../acir_format/acir_to_constraint_buf.hpp | 82 +- .../dsl/acir_format/serde/acir.hpp | 1797 +++++++++-------- .../dsl/acir_format/serde/index.hpp | 2 +- .../dsl/acir_format/serde/witness_map.hpp | 123 -- .../dsl/acir_format/serde/witness_stack.hpp | 247 +++ .../noir-repo/acvm-repo/acir/codegen/acir.cpp | 1712 ++++++++-------- .../acvm-repo/acir/codegen/witness.cpp | 130 +- .../acvm-repo/acir/src/circuit/mod.rs | 77 + noir/noir-repo/acvm-repo/acir/src/lib.rs | 10 +- .../acvm-repo/acir/src/native_types/mod.rs | 4 +- .../acir/src/native_types/witness_stack.rs | 66 + .../compiler/noirc_driver/src/contract.rs | 8 +- .../compiler/noirc_driver/src/lib.rs | 9 +- .../compiler/noirc_driver/src/program.rs | 8 +- .../backend_interface/src/proof_system.rs | 27 +- noir/noir-repo/tooling/debugger/src/dap.rs | 2 +- .../tooling/nargo/src/artifacts/contract.rs | 8 +- .../tooling/nargo/src/artifacts/program.rs | 24 +- .../tooling/nargo/src/ops/optimize.rs | 18 +- noir/noir-repo/tooling/nargo/src/ops/test.rs | 11 +- .../tooling/nargo/src/ops/transform.rs | 18 +- .../nargo_cli/src/cli/codegen_verifier_cmd.rs | 9 +- .../tooling/nargo_cli/src/cli/compile_cmd.rs | 4 +- .../tooling/nargo_cli/src/cli/debug_cmd.rs | 2 +- .../tooling/nargo_cli/src/cli/execute_cmd.rs | 2 +- .../tooling/nargo_cli/src/cli/fs/program.rs | 6 +- .../tooling/nargo_cli/src/cli/fs/witness.rs | 6 +- .../tooling/nargo_cli/src/cli/info_cmd.rs | 7 +- .../tooling/nargo_cli/src/cli/prove_cmd.rs | 4 +- .../tooling/nargo_cli/src/cli/verify_cmd.rs | 2 +- .../noir-repo/tooling/nargo_cli/src/errors.rs | 6 +- 31 files changed, 2470 insertions(+), 1961 deletions(-) delete mode 100644 barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/witness_map.hpp create mode 100644 barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/witness_stack.hpp create mode 100644 noir/noir-repo/acvm-repo/acir/src/native_types/witness_stack.rs diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_to_constraint_buf.hpp b/barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_to_constraint_buf.hpp index f7a5cbcf44d..bed65a90c03 100644 --- a/barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_to_constraint_buf.hpp +++ b/barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_to_constraint_buf.hpp @@ -26,10 +26,10 @@ namespace acir_format { * * @param arg acir representation of an 3-wire arithmetic operation * @return poly_triple - * @note In principle Circuit::Expression can accommodate arbitrarily many quadratic and linear terms but in practice + * @note In principle Program::Expression can accommodate arbitrarily many quadratic and linear terms but in practice * the ones processed here have a max of 1 and 3 respectively, in accordance with the standard width-3 arithmetic gate. */ -poly_triple serialize_arithmetic_gate(Circuit::Expression const& arg) +poly_triple serialize_arithmetic_gate(Program::Expression const& arg) { // TODO(https://github.com/AztecProtocol/barretenberg/issues/816): The initialization of the witness indices a,b,c // to 0 is implicitly assuming that (builder.zero_idx == 0) which is no longer the case. Now, witness idx 0 in @@ -98,17 +98,17 @@ poly_triple serialize_arithmetic_gate(Circuit::Expression const& arg) return pt; } -void handle_arithmetic(Circuit::Opcode::AssertZero const& arg, AcirFormat& af) +void handle_arithmetic(Program::Opcode::AssertZero const& arg, AcirFormat& af) { af.constraints.push_back(serialize_arithmetic_gate(arg.value)); } -void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, AcirFormat& af) +void handle_blackbox_func_call(Program::Opcode::BlackBoxFuncCall const& arg, AcirFormat& af) { std::visit( [&](auto&& arg) { using T = std::decay_t; - if constexpr (std::is_same_v) { + if constexpr (std::is_same_v) { af.logic_constraints.push_back(LogicConstraint{ .a = arg.lhs.witness.value, .b = arg.rhs.witness.value, @@ -116,7 +116,7 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci .num_bits = arg.lhs.num_bits, .is_xor_gate = false, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.logic_constraints.push_back(LogicConstraint{ .a = arg.lhs.witness.value, .b = arg.rhs.witness.value, @@ -124,12 +124,12 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci .num_bits = arg.lhs.num_bits, .is_xor_gate = true, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.range_constraints.push_back(RangeConstraint{ .witness = arg.input.witness.value, .num_bits = arg.input.num_bits, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.sha256_constraints.push_back(Sha256Constraint{ .inputs = map(arg.inputs, [](auto& e) { @@ -140,7 +140,7 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci }), .result = map(arg.outputs, [](auto& e) { return e.value; }), }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.sha256_compression.push_back(Sha256Compression{ .inputs = map(arg.inputs, [](auto& e) { @@ -158,7 +158,7 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci }), .result = map(arg.outputs, [](auto& e) { return e.value; }), }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.blake2s_constraints.push_back(Blake2sConstraint{ .inputs = map(arg.inputs, [](auto& e) { @@ -169,7 +169,7 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci }), .result = map(arg.outputs, [](auto& e) { return e.value; }), }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.blake3_constraints.push_back(Blake3Constraint{ .inputs = map(arg.inputs, [](auto& e) { @@ -180,7 +180,7 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci }), .result = map(arg.outputs, [](auto& e) { return e.value; }), }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.schnorr_constraints.push_back(SchnorrConstraint{ .message = map(arg.message, [](auto& e) { return e.witness.value; }), .public_key_x = arg.public_key_x.witness.value, @@ -188,20 +188,20 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci .result = arg.output.value, .signature = map(arg.signature, [](auto& e) { return e.witness.value; }), }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.pedersen_constraints.push_back(PedersenConstraint{ .scalars = map(arg.inputs, [](auto& e) { return e.witness.value; }), .hash_index = arg.domain_separator, .result_x = arg.outputs[0].value, .result_y = arg.outputs[1].value, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.pedersen_hash_constraints.push_back(PedersenHashConstraint{ .scalars = map(arg.inputs, [](auto& e) { return e.witness.value; }), .hash_index = arg.domain_separator, .result = arg.output.value, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.ecdsa_k1_constraints.push_back(EcdsaSecp256k1Constraint{ .hashed_message = map(arg.hashed_message, [](auto& e) { return e.witness.value; }), .signature = map(arg.signature, [](auto& e) { return e.witness.value; }), @@ -209,7 +209,7 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci .pub_y_indices = map(arg.public_key_y, [](auto& e) { return e.witness.value; }), .result = arg.output.value, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.ecdsa_r1_constraints.push_back(EcdsaSecp256r1Constraint{ .hashed_message = map(arg.hashed_message, [](auto& e) { return e.witness.value; }), .pub_x_indices = map(arg.public_key_x, [](auto& e) { return e.witness.value; }), @@ -217,14 +217,14 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci .result = arg.output.value, .signature = map(arg.signature, [](auto& e) { return e.witness.value; }), }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.fixed_base_scalar_mul_constraints.push_back(FixedBaseScalarMul{ .low = arg.low.witness.value, .high = arg.high.witness.value, .pub_key_x = arg.outputs[0].value, .pub_key_y = arg.outputs[1].value, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.ec_add_constraints.push_back(EcAdd{ .input1_x = arg.input1_x.witness.value, .input1_y = arg.input1_y.witness.value, @@ -233,7 +233,7 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci .result_x = arg.outputs[0].value, .result_y = arg.outputs[1].value, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.keccak_constraints.push_back(KeccakConstraint{ .inputs = map(arg.inputs, [](auto& e) { @@ -244,7 +244,7 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci }), .result = map(arg.outputs, [](auto& e) { return e.value; }), }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.keccak_var_constraints.push_back(KeccakVarConstraint{ .inputs = map(arg.inputs, [](auto& e) { @@ -256,12 +256,12 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci .result = map(arg.outputs, [](auto& e) { return e.value; }), .var_message_size = arg.var_message_size.witness.value, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.keccak_permutations.push_back(Keccakf1600{ .state = map(arg.inputs, [](auto& e) { return e.witness.value; }), .result = map(arg.outputs, [](auto& e) { return e.value; }), }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { auto c = RecursionConstraint{ .key = map(arg.verification_key, [](auto& e) { return e.witness.value; }), .proof = map(arg.proof, [](auto& e) { return e.witness.value; }), @@ -269,46 +269,46 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci .key_hash = arg.key_hash.witness.value, }; af.recursion_constraints.push_back(c); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.bigint_from_le_bytes_constraints.push_back(BigIntFromLeBytes{ .inputs = map(arg.inputs, [](auto& e) { return e.witness.value; }), .modulus = map(arg.modulus, [](auto& e) -> uint32_t { return e; }), .result = arg.output, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.bigint_to_le_bytes_constraints.push_back(BigIntToLeBytes{ .input = arg.input, .result = map(arg.outputs, [](auto& e) { return e.value; }), }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.bigint_operations.push_back(BigIntOperation{ .lhs = arg.lhs, .rhs = arg.rhs, .result = arg.output, .opcode = BigIntOperationType::Add, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.bigint_operations.push_back(BigIntOperation{ .lhs = arg.lhs, .rhs = arg.rhs, .result = arg.output, .opcode = BigIntOperationType::Sub, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.bigint_operations.push_back(BigIntOperation{ .lhs = arg.lhs, .rhs = arg.rhs, .result = arg.output, .opcode = BigIntOperationType::Mul, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.bigint_operations.push_back(BigIntOperation{ .lhs = arg.lhs, .rhs = arg.rhs, .result = arg.output, .opcode = BigIntOperationType::Div, }); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { af.poseidon2_constraints.push_back(Poseidon2Constraint{ .state = map(arg.inputs, [](auto& e) { return e.witness.value; }), .result = map(arg.outputs, [](auto& e) { return e.value; }), @@ -319,7 +319,7 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, Aci arg.value.value); } -BlockConstraint handle_memory_init(Circuit::Opcode::MemoryInit const& mem_init) +BlockConstraint handle_memory_init(Program::Opcode::MemoryInit const& mem_init) { BlockConstraint block{ .init = {}, .trace = {}, .type = BlockType::ROM }; std::vector init; @@ -341,13 +341,13 @@ BlockConstraint handle_memory_init(Circuit::Opcode::MemoryInit const& mem_init) return block; } -bool is_rom(Circuit::MemOp const& mem_op) +bool is_rom(Program::MemOp const& mem_op) { return mem_op.operation.mul_terms.size() == 0 && mem_op.operation.linear_combinations.size() == 0 && uint256_t(mem_op.operation.q_c) == 0; } -void handle_memory_op(Circuit::Opcode::MemoryOp const& mem_op, BlockConstraint& block) +void handle_memory_op(Program::Opcode::MemoryOp const& mem_op, BlockConstraint& block) { uint8_t access_type = 1; if (is_rom(mem_op.op)) { @@ -365,7 +365,9 @@ void handle_memory_op(Circuit::Opcode::MemoryOp const& mem_op, BlockConstraint& AcirFormat circuit_buf_to_acir_format(std::vector const& buf) { - auto circuit = Circuit::Circuit::bincodeDeserialize(buf); + // TODO(maxim): Handle the new `Program` structure once ACVM supports a function call stack. + // For now we still expect a single ACIR function.s + auto circuit = Program::Program::bincodeDeserialize(buf).functions[0]; AcirFormat af; // `varnum` is the true number of variables, thus we add one to the index which starts at zero @@ -378,15 +380,15 @@ AcirFormat circuit_buf_to_acir_format(std::vector const& buf) std::visit( [&](auto&& arg) { using T = std::decay_t; - if constexpr (std::is_same_v) { + if constexpr (std::is_same_v) { handle_arithmetic(arg, af); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { handle_blackbox_func_call(arg, af); - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { auto block = handle_memory_init(arg); uint32_t block_id = arg.block_id.value; block_id_to_block_constraint[block_id] = block; - } else if constexpr (std::is_same_v) { + } else if constexpr (std::is_same_v) { auto block = block_id_to_block_constraint.find(arg.block_id.value); if (block == block_id_to_block_constraint.end()) { throw_or_abort("unitialized MemoryOp"); @@ -414,7 +416,11 @@ AcirFormat circuit_buf_to_acir_format(std::vector const& buf) */ WitnessVector witness_buf_to_witness_data(std::vector const& buf) { - auto w = WitnessMap::WitnessMap::bincodeDeserialize(buf); + // TODO(maxim): Handle the new `WitnessStack` structure once ACVM supports a function call stack + // A `StackItem` contains an index to an ACIR circuit and its respective ACIR-native `WitnessMap`. + // For now we expect the `WitnessStack` to contain a single witness. + auto w = WitnessStack::WitnessStack::bincodeDeserialize(buf).stack[0].witness; + WitnessVector wv; size_t index = 0; for (auto& e : w.value) { diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/acir.hpp b/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/acir.hpp index 0170896c722..82b105315af 100644 --- a/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/acir.hpp +++ b/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/acir.hpp @@ -3,7 +3,7 @@ #include "bincode.hpp" #include "serde.hpp" -namespace Circuit { +namespace Program { struct BinaryFieldOp { @@ -140,7 +140,7 @@ struct MemoryAddress { }; struct HeapArray { - Circuit::MemoryAddress pointer; + Program::MemoryAddress pointer; uint64_t size; friend bool operator==(const HeapArray&, const HeapArray&); @@ -149,8 +149,8 @@ struct HeapArray { }; struct HeapVector { - Circuit::MemoryAddress pointer; - Circuit::MemoryAddress size; + Program::MemoryAddress pointer; + Program::MemoryAddress size; friend bool operator==(const HeapVector&, const HeapVector&); std::vector bincodeSerialize() const; @@ -160,8 +160,8 @@ struct HeapVector { struct BlackBoxOp { struct Sha256 { - Circuit::HeapVector message; - Circuit::HeapArray output; + Program::HeapVector message; + Program::HeapArray output; friend bool operator==(const Sha256&, const Sha256&); std::vector bincodeSerialize() const; @@ -169,8 +169,8 @@ struct BlackBoxOp { }; struct Blake2s { - Circuit::HeapVector message; - Circuit::HeapArray output; + Program::HeapVector message; + Program::HeapArray output; friend bool operator==(const Blake2s&, const Blake2s&); std::vector bincodeSerialize() const; @@ -178,8 +178,8 @@ struct BlackBoxOp { }; struct Blake3 { - Circuit::HeapVector message; - Circuit::HeapArray output; + Program::HeapVector message; + Program::HeapArray output; friend bool operator==(const Blake3&, const Blake3&); std::vector bincodeSerialize() const; @@ -187,8 +187,8 @@ struct BlackBoxOp { }; struct Keccak256 { - Circuit::HeapVector message; - Circuit::HeapArray output; + Program::HeapVector message; + Program::HeapArray output; friend bool operator==(const Keccak256&, const Keccak256&); std::vector bincodeSerialize() const; @@ -196,8 +196,8 @@ struct BlackBoxOp { }; struct Keccakf1600 { - Circuit::HeapVector message; - Circuit::HeapArray output; + Program::HeapVector message; + Program::HeapArray output; friend bool operator==(const Keccakf1600&, const Keccakf1600&); std::vector bincodeSerialize() const; @@ -205,11 +205,11 @@ struct BlackBoxOp { }; struct EcdsaSecp256k1 { - Circuit::HeapVector hashed_msg; - Circuit::HeapArray public_key_x; - Circuit::HeapArray public_key_y; - Circuit::HeapArray signature; - Circuit::MemoryAddress result; + Program::HeapVector hashed_msg; + Program::HeapArray public_key_x; + Program::HeapArray public_key_y; + Program::HeapArray signature; + Program::MemoryAddress result; friend bool operator==(const EcdsaSecp256k1&, const EcdsaSecp256k1&); std::vector bincodeSerialize() const; @@ -217,11 +217,11 @@ struct BlackBoxOp { }; struct EcdsaSecp256r1 { - Circuit::HeapVector hashed_msg; - Circuit::HeapArray public_key_x; - Circuit::HeapArray public_key_y; - Circuit::HeapArray signature; - Circuit::MemoryAddress result; + Program::HeapVector hashed_msg; + Program::HeapArray public_key_x; + Program::HeapArray public_key_y; + Program::HeapArray signature; + Program::MemoryAddress result; friend bool operator==(const EcdsaSecp256r1&, const EcdsaSecp256r1&); std::vector bincodeSerialize() const; @@ -229,11 +229,11 @@ struct BlackBoxOp { }; struct SchnorrVerify { - Circuit::MemoryAddress public_key_x; - Circuit::MemoryAddress public_key_y; - Circuit::HeapVector message; - Circuit::HeapVector signature; - Circuit::MemoryAddress result; + Program::MemoryAddress public_key_x; + Program::MemoryAddress public_key_y; + Program::HeapVector message; + Program::HeapVector signature; + Program::MemoryAddress result; friend bool operator==(const SchnorrVerify&, const SchnorrVerify&); std::vector bincodeSerialize() const; @@ -241,9 +241,9 @@ struct BlackBoxOp { }; struct PedersenCommitment { - Circuit::HeapVector inputs; - Circuit::MemoryAddress domain_separator; - Circuit::HeapArray output; + Program::HeapVector inputs; + Program::MemoryAddress domain_separator; + Program::HeapArray output; friend bool operator==(const PedersenCommitment&, const PedersenCommitment&); std::vector bincodeSerialize() const; @@ -251,9 +251,9 @@ struct BlackBoxOp { }; struct PedersenHash { - Circuit::HeapVector inputs; - Circuit::MemoryAddress domain_separator; - Circuit::MemoryAddress output; + Program::HeapVector inputs; + Program::MemoryAddress domain_separator; + Program::MemoryAddress output; friend bool operator==(const PedersenHash&, const PedersenHash&); std::vector bincodeSerialize() const; @@ -261,9 +261,9 @@ struct BlackBoxOp { }; struct FixedBaseScalarMul { - Circuit::MemoryAddress low; - Circuit::MemoryAddress high; - Circuit::HeapArray result; + Program::MemoryAddress low; + Program::MemoryAddress high; + Program::HeapArray result; friend bool operator==(const FixedBaseScalarMul&, const FixedBaseScalarMul&); std::vector bincodeSerialize() const; @@ -271,11 +271,11 @@ struct BlackBoxOp { }; struct EmbeddedCurveAdd { - Circuit::MemoryAddress input1_x; - Circuit::MemoryAddress input1_y; - Circuit::MemoryAddress input2_x; - Circuit::MemoryAddress input2_y; - Circuit::HeapArray result; + Program::MemoryAddress input1_x; + Program::MemoryAddress input1_y; + Program::MemoryAddress input2_x; + Program::MemoryAddress input2_y; + Program::HeapArray result; friend bool operator==(const EmbeddedCurveAdd&, const EmbeddedCurveAdd&); std::vector bincodeSerialize() const; @@ -283,9 +283,9 @@ struct BlackBoxOp { }; struct BigIntAdd { - Circuit::MemoryAddress lhs; - Circuit::MemoryAddress rhs; - Circuit::MemoryAddress output; + Program::MemoryAddress lhs; + Program::MemoryAddress rhs; + Program::MemoryAddress output; friend bool operator==(const BigIntAdd&, const BigIntAdd&); std::vector bincodeSerialize() const; @@ -293,9 +293,9 @@ struct BlackBoxOp { }; struct BigIntSub { - Circuit::MemoryAddress lhs; - Circuit::MemoryAddress rhs; - Circuit::MemoryAddress output; + Program::MemoryAddress lhs; + Program::MemoryAddress rhs; + Program::MemoryAddress output; friend bool operator==(const BigIntSub&, const BigIntSub&); std::vector bincodeSerialize() const; @@ -303,9 +303,9 @@ struct BlackBoxOp { }; struct BigIntMul { - Circuit::MemoryAddress lhs; - Circuit::MemoryAddress rhs; - Circuit::MemoryAddress output; + Program::MemoryAddress lhs; + Program::MemoryAddress rhs; + Program::MemoryAddress output; friend bool operator==(const BigIntMul&, const BigIntMul&); std::vector bincodeSerialize() const; @@ -313,9 +313,9 @@ struct BlackBoxOp { }; struct BigIntDiv { - Circuit::MemoryAddress lhs; - Circuit::MemoryAddress rhs; - Circuit::MemoryAddress output; + Program::MemoryAddress lhs; + Program::MemoryAddress rhs; + Program::MemoryAddress output; friend bool operator==(const BigIntDiv&, const BigIntDiv&); std::vector bincodeSerialize() const; @@ -323,9 +323,9 @@ struct BlackBoxOp { }; struct BigIntFromLeBytes { - Circuit::HeapVector inputs; - Circuit::HeapVector modulus; - Circuit::MemoryAddress output; + Program::HeapVector inputs; + Program::HeapVector modulus; + Program::MemoryAddress output; friend bool operator==(const BigIntFromLeBytes&, const BigIntFromLeBytes&); std::vector bincodeSerialize() const; @@ -333,8 +333,8 @@ struct BlackBoxOp { }; struct BigIntToLeBytes { - Circuit::MemoryAddress input; - Circuit::HeapVector output; + Program::MemoryAddress input; + Program::HeapVector output; friend bool operator==(const BigIntToLeBytes&, const BigIntToLeBytes&); std::vector bincodeSerialize() const; @@ -342,9 +342,9 @@ struct BlackBoxOp { }; struct Poseidon2Permutation { - Circuit::HeapVector message; - Circuit::HeapArray output; - Circuit::MemoryAddress len; + Program::HeapVector message; + Program::HeapArray output; + Program::MemoryAddress len; friend bool operator==(const Poseidon2Permutation&, const Poseidon2Permutation&); std::vector bincodeSerialize() const; @@ -352,9 +352,9 @@ struct BlackBoxOp { }; struct Sha256Compression { - Circuit::HeapVector input; - Circuit::HeapVector hash_values; - Circuit::HeapArray output; + Program::HeapVector input; + Program::HeapVector hash_values; + Program::HeapArray output; friend bool operator==(const Sha256Compression&, const Sha256Compression&); std::vector bincodeSerialize() const; @@ -399,7 +399,7 @@ struct HeapValueType { }; struct Array { - std::vector value_types; + std::vector value_types; uint64_t size; friend bool operator==(const Array&, const Array&); @@ -408,7 +408,7 @@ struct HeapValueType { }; struct Vector { - std::vector value_types; + std::vector value_types; friend bool operator==(const Vector&, const Vector&); std::vector bincodeSerialize() const; @@ -433,7 +433,7 @@ struct Value { struct ValueOrArray { struct MemoryAddress { - Circuit::MemoryAddress value; + Program::MemoryAddress value; friend bool operator==(const MemoryAddress&, const MemoryAddress&); std::vector bincodeSerialize() const; @@ -441,7 +441,7 @@ struct ValueOrArray { }; struct HeapArray { - Circuit::HeapArray value; + Program::HeapArray value; friend bool operator==(const HeapArray&, const HeapArray&); std::vector bincodeSerialize() const; @@ -449,7 +449,7 @@ struct ValueOrArray { }; struct HeapVector { - Circuit::HeapVector value; + Program::HeapVector value; friend bool operator==(const HeapVector&, const HeapVector&); std::vector bincodeSerialize() const; @@ -466,10 +466,10 @@ struct ValueOrArray { struct BrilligOpcode { struct BinaryFieldOp { - Circuit::MemoryAddress destination; - Circuit::BinaryFieldOp op; - Circuit::MemoryAddress lhs; - Circuit::MemoryAddress rhs; + Program::MemoryAddress destination; + Program::BinaryFieldOp op; + Program::MemoryAddress lhs; + Program::MemoryAddress rhs; friend bool operator==(const BinaryFieldOp&, const BinaryFieldOp&); std::vector bincodeSerialize() const; @@ -477,11 +477,11 @@ struct BrilligOpcode { }; struct BinaryIntOp { - Circuit::MemoryAddress destination; - Circuit::BinaryIntOp op; + Program::MemoryAddress destination; + Program::BinaryIntOp op; uint32_t bit_size; - Circuit::MemoryAddress lhs; - Circuit::MemoryAddress rhs; + Program::MemoryAddress lhs; + Program::MemoryAddress rhs; friend bool operator==(const BinaryIntOp&, const BinaryIntOp&); std::vector bincodeSerialize() const; @@ -489,8 +489,8 @@ struct BrilligOpcode { }; struct Cast { - Circuit::MemoryAddress destination; - Circuit::MemoryAddress source; + Program::MemoryAddress destination; + Program::MemoryAddress source; uint32_t bit_size; friend bool operator==(const Cast&, const Cast&); @@ -499,7 +499,7 @@ struct BrilligOpcode { }; struct JumpIfNot { - Circuit::MemoryAddress condition; + Program::MemoryAddress condition; uint64_t location; friend bool operator==(const JumpIfNot&, const JumpIfNot&); @@ -508,7 +508,7 @@ struct BrilligOpcode { }; struct JumpIf { - Circuit::MemoryAddress condition; + Program::MemoryAddress condition; uint64_t location; friend bool operator==(const JumpIf&, const JumpIf&); @@ -525,7 +525,7 @@ struct BrilligOpcode { }; struct CalldataCopy { - Circuit::MemoryAddress destination_address; + Program::MemoryAddress destination_address; uint64_t size; uint64_t offset; @@ -543,9 +543,9 @@ struct BrilligOpcode { }; struct Const { - Circuit::MemoryAddress destination; + Program::MemoryAddress destination; uint32_t bit_size; - Circuit::Value value; + Program::Value value; friend bool operator==(const Const&, const Const&); std::vector bincodeSerialize() const; @@ -560,10 +560,10 @@ struct BrilligOpcode { struct ForeignCall { std::string function; - std::vector destinations; - std::vector destination_value_types; - std::vector inputs; - std::vector input_value_types; + std::vector destinations; + std::vector destination_value_types; + std::vector inputs; + std::vector input_value_types; friend bool operator==(const ForeignCall&, const ForeignCall&); std::vector bincodeSerialize() const; @@ -571,8 +571,8 @@ struct BrilligOpcode { }; struct Mov { - Circuit::MemoryAddress destination; - Circuit::MemoryAddress source; + Program::MemoryAddress destination; + Program::MemoryAddress source; friend bool operator==(const Mov&, const Mov&); std::vector bincodeSerialize() const; @@ -580,8 +580,8 @@ struct BrilligOpcode { }; struct Load { - Circuit::MemoryAddress destination; - Circuit::MemoryAddress source_pointer; + Program::MemoryAddress destination; + Program::MemoryAddress source_pointer; friend bool operator==(const Load&, const Load&); std::vector bincodeSerialize() const; @@ -589,8 +589,8 @@ struct BrilligOpcode { }; struct Store { - Circuit::MemoryAddress destination_pointer; - Circuit::MemoryAddress source; + Program::MemoryAddress destination_pointer; + Program::MemoryAddress source; friend bool operator==(const Store&, const Store&); std::vector bincodeSerialize() const; @@ -598,7 +598,7 @@ struct BrilligOpcode { }; struct BlackBox { - Circuit::BlackBoxOp value; + Program::BlackBoxOp value; friend bool operator==(const BlackBox&, const BlackBox&); std::vector bincodeSerialize() const; @@ -653,7 +653,7 @@ struct Witness { }; struct FunctionInput { - Circuit::Witness witness; + Program::Witness witness; uint32_t num_bits; friend bool operator==(const FunctionInput&, const FunctionInput&); @@ -664,9 +664,9 @@ struct FunctionInput { struct BlackBoxFuncCall { struct AND { - Circuit::FunctionInput lhs; - Circuit::FunctionInput rhs; - Circuit::Witness output; + Program::FunctionInput lhs; + Program::FunctionInput rhs; + Program::Witness output; friend bool operator==(const AND&, const AND&); std::vector bincodeSerialize() const; @@ -674,9 +674,9 @@ struct BlackBoxFuncCall { }; struct XOR { - Circuit::FunctionInput lhs; - Circuit::FunctionInput rhs; - Circuit::Witness output; + Program::FunctionInput lhs; + Program::FunctionInput rhs; + Program::Witness output; friend bool operator==(const XOR&, const XOR&); std::vector bincodeSerialize() const; @@ -684,7 +684,7 @@ struct BlackBoxFuncCall { }; struct RANGE { - Circuit::FunctionInput input; + Program::FunctionInput input; friend bool operator==(const RANGE&, const RANGE&); std::vector bincodeSerialize() const; @@ -692,8 +692,8 @@ struct BlackBoxFuncCall { }; struct SHA256 { - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; friend bool operator==(const SHA256&, const SHA256&); std::vector bincodeSerialize() const; @@ -701,8 +701,8 @@ struct BlackBoxFuncCall { }; struct Blake2s { - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; friend bool operator==(const Blake2s&, const Blake2s&); std::vector bincodeSerialize() const; @@ -710,8 +710,8 @@ struct BlackBoxFuncCall { }; struct Blake3 { - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; friend bool operator==(const Blake3&, const Blake3&); std::vector bincodeSerialize() const; @@ -719,11 +719,11 @@ struct BlackBoxFuncCall { }; struct SchnorrVerify { - Circuit::FunctionInput public_key_x; - Circuit::FunctionInput public_key_y; - std::vector signature; - std::vector message; - Circuit::Witness output; + Program::FunctionInput public_key_x; + Program::FunctionInput public_key_y; + std::vector signature; + std::vector message; + Program::Witness output; friend bool operator==(const SchnorrVerify&, const SchnorrVerify&); std::vector bincodeSerialize() const; @@ -731,9 +731,9 @@ struct BlackBoxFuncCall { }; struct PedersenCommitment { - std::vector inputs; + std::vector inputs; uint32_t domain_separator; - std::array outputs; + std::array outputs; friend bool operator==(const PedersenCommitment&, const PedersenCommitment&); std::vector bincodeSerialize() const; @@ -741,9 +741,9 @@ struct BlackBoxFuncCall { }; struct PedersenHash { - std::vector inputs; + std::vector inputs; uint32_t domain_separator; - Circuit::Witness output; + Program::Witness output; friend bool operator==(const PedersenHash&, const PedersenHash&); std::vector bincodeSerialize() const; @@ -751,11 +751,11 @@ struct BlackBoxFuncCall { }; struct EcdsaSecp256k1 { - std::vector public_key_x; - std::vector public_key_y; - std::vector signature; - std::vector hashed_message; - Circuit::Witness output; + std::vector public_key_x; + std::vector public_key_y; + std::vector signature; + std::vector hashed_message; + Program::Witness output; friend bool operator==(const EcdsaSecp256k1&, const EcdsaSecp256k1&); std::vector bincodeSerialize() const; @@ -763,11 +763,11 @@ struct BlackBoxFuncCall { }; struct EcdsaSecp256r1 { - std::vector public_key_x; - std::vector public_key_y; - std::vector signature; - std::vector hashed_message; - Circuit::Witness output; + std::vector public_key_x; + std::vector public_key_y; + std::vector signature; + std::vector hashed_message; + Program::Witness output; friend bool operator==(const EcdsaSecp256r1&, const EcdsaSecp256r1&); std::vector bincodeSerialize() const; @@ -775,9 +775,9 @@ struct BlackBoxFuncCall { }; struct FixedBaseScalarMul { - Circuit::FunctionInput low; - Circuit::FunctionInput high; - std::array outputs; + Program::FunctionInput low; + Program::FunctionInput high; + std::array outputs; friend bool operator==(const FixedBaseScalarMul&, const FixedBaseScalarMul&); std::vector bincodeSerialize() const; @@ -785,11 +785,11 @@ struct BlackBoxFuncCall { }; struct EmbeddedCurveAdd { - Circuit::FunctionInput input1_x; - Circuit::FunctionInput input1_y; - Circuit::FunctionInput input2_x; - Circuit::FunctionInput input2_y; - std::array outputs; + Program::FunctionInput input1_x; + Program::FunctionInput input1_y; + Program::FunctionInput input2_x; + Program::FunctionInput input2_y; + std::array outputs; friend bool operator==(const EmbeddedCurveAdd&, const EmbeddedCurveAdd&); std::vector bincodeSerialize() const; @@ -797,8 +797,8 @@ struct BlackBoxFuncCall { }; struct Keccak256 { - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; friend bool operator==(const Keccak256&, const Keccak256&); std::vector bincodeSerialize() const; @@ -806,9 +806,9 @@ struct BlackBoxFuncCall { }; struct Keccak256VariableLength { - std::vector inputs; - Circuit::FunctionInput var_message_size; - std::vector outputs; + std::vector inputs; + Program::FunctionInput var_message_size; + std::vector outputs; friend bool operator==(const Keccak256VariableLength&, const Keccak256VariableLength&); std::vector bincodeSerialize() const; @@ -816,8 +816,8 @@ struct BlackBoxFuncCall { }; struct Keccakf1600 { - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; friend bool operator==(const Keccakf1600&, const Keccakf1600&); std::vector bincodeSerialize() const; @@ -825,10 +825,10 @@ struct BlackBoxFuncCall { }; struct RecursiveAggregation { - std::vector verification_key; - std::vector proof; - std::vector public_inputs; - Circuit::FunctionInput key_hash; + std::vector verification_key; + std::vector proof; + std::vector public_inputs; + Program::FunctionInput key_hash; friend bool operator==(const RecursiveAggregation&, const RecursiveAggregation&); std::vector bincodeSerialize() const; @@ -876,7 +876,7 @@ struct BlackBoxFuncCall { }; struct BigIntFromLeBytes { - std::vector inputs; + std::vector inputs; std::vector modulus; uint32_t output; @@ -887,7 +887,7 @@ struct BlackBoxFuncCall { struct BigIntToLeBytes { uint32_t input; - std::vector outputs; + std::vector outputs; friend bool operator==(const BigIntToLeBytes&, const BigIntToLeBytes&); std::vector bincodeSerialize() const; @@ -895,8 +895,8 @@ struct BlackBoxFuncCall { }; struct Poseidon2Permutation { - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; uint32_t len; friend bool operator==(const Poseidon2Permutation&, const Poseidon2Permutation&); @@ -905,9 +905,9 @@ struct BlackBoxFuncCall { }; struct Sha256Compression { - std::vector inputs; - std::vector hash_values; - std::vector outputs; + std::vector inputs; + std::vector hash_values; + std::vector outputs; friend bool operator==(const Sha256Compression&, const Sha256Compression&); std::vector bincodeSerialize() const; @@ -955,8 +955,8 @@ struct BlockId { }; struct Expression { - std::vector> mul_terms; - std::vector> linear_combinations; + std::vector> mul_terms; + std::vector> linear_combinations; std::string q_c; friend bool operator==(const Expression&, const Expression&); @@ -967,7 +967,7 @@ struct Expression { struct BrilligInputs { struct Single { - Circuit::Expression value; + Program::Expression value; friend bool operator==(const Single&, const Single&); std::vector bincodeSerialize() const; @@ -975,7 +975,7 @@ struct BrilligInputs { }; struct Array { - std::vector value; + std::vector value; friend bool operator==(const Array&, const Array&); std::vector bincodeSerialize() const; @@ -983,7 +983,7 @@ struct BrilligInputs { }; struct MemoryArray { - Circuit::BlockId value; + Program::BlockId value; friend bool operator==(const MemoryArray&, const MemoryArray&); std::vector bincodeSerialize() const; @@ -1000,7 +1000,7 @@ struct BrilligInputs { struct BrilligOutputs { struct Simple { - Circuit::Witness value; + Program::Witness value; friend bool operator==(const Simple&, const Simple&); std::vector bincodeSerialize() const; @@ -1008,7 +1008,7 @@ struct BrilligOutputs { }; struct Array { - std::vector value; + std::vector value; friend bool operator==(const Array&, const Array&); std::vector bincodeSerialize() const; @@ -1023,10 +1023,10 @@ struct BrilligOutputs { }; struct Brillig { - std::vector inputs; - std::vector outputs; - std::vector bytecode; - std::optional predicate; + std::vector inputs; + std::vector outputs; + std::vector bytecode; + std::optional predicate; friend bool operator==(const Brillig&, const Brillig&); std::vector bincodeSerialize() const; @@ -1036,8 +1036,8 @@ struct Brillig { struct Directive { struct ToLeRadix { - Circuit::Expression a; - std::vector b; + Program::Expression a; + std::vector b; uint32_t radix; friend bool operator==(const ToLeRadix&, const ToLeRadix&); @@ -1053,9 +1053,9 @@ struct Directive { }; struct MemOp { - Circuit::Expression operation; - Circuit::Expression index; - Circuit::Expression value; + Program::Expression operation; + Program::Expression index; + Program::Expression value; friend bool operator==(const MemOp&, const MemOp&); std::vector bincodeSerialize() const; @@ -1065,7 +1065,7 @@ struct MemOp { struct Opcode { struct AssertZero { - Circuit::Expression value; + Program::Expression value; friend bool operator==(const AssertZero&, const AssertZero&); std::vector bincodeSerialize() const; @@ -1073,7 +1073,7 @@ struct Opcode { }; struct BlackBoxFuncCall { - Circuit::BlackBoxFuncCall value; + Program::BlackBoxFuncCall value; friend bool operator==(const BlackBoxFuncCall&, const BlackBoxFuncCall&); std::vector bincodeSerialize() const; @@ -1081,7 +1081,7 @@ struct Opcode { }; struct Directive { - Circuit::Directive value; + Program::Directive value; friend bool operator==(const Directive&, const Directive&); std::vector bincodeSerialize() const; @@ -1089,7 +1089,7 @@ struct Opcode { }; struct Brillig { - Circuit::Brillig value; + Program::Brillig value; friend bool operator==(const Brillig&, const Brillig&); std::vector bincodeSerialize() const; @@ -1097,9 +1097,9 @@ struct Opcode { }; struct MemoryOp { - Circuit::BlockId block_id; - Circuit::MemOp op; - std::optional predicate; + Program::BlockId block_id; + Program::MemOp op; + std::optional predicate; friend bool operator==(const MemoryOp&, const MemoryOp&); std::vector bincodeSerialize() const; @@ -1107,8 +1107,8 @@ struct Opcode { }; struct MemoryInit { - Circuit::BlockId block_id; - std::vector init; + Program::BlockId block_id; + std::vector init; friend bool operator==(const MemoryInit&, const MemoryInit&); std::vector bincodeSerialize() const; @@ -1117,8 +1117,8 @@ struct Opcode { struct Call { uint32_t id; - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; friend bool operator==(const Call&, const Call&); std::vector bincodeSerialize() const; @@ -1182,7 +1182,7 @@ struct OpcodeLocation { }; struct PublicInputs { - std::vector value; + std::vector value; friend bool operator==(const PublicInputs&, const PublicInputs&); std::vector bincodeSerialize() const; @@ -1191,12 +1191,12 @@ struct PublicInputs { struct Circuit { uint32_t current_witness_index; - std::vector opcodes; - ExpressionWidth expression_width; - std::vector private_parameters; - PublicInputs public_parameters; - PublicInputs return_values; - std::vector> assert_messages; + std::vector opcodes; + Program::ExpressionWidth expression_width; + std::vector private_parameters; + Program::PublicInputs public_parameters; + Program::PublicInputs return_values; + std::vector> assert_messages; bool recursive; friend bool operator==(const Circuit&, const Circuit&); @@ -1204,9 +1204,17 @@ struct Circuit { static Circuit bincodeDeserialize(std::vector); }; -} // end of namespace Circuit +struct Program { + std::vector functions; -namespace Circuit { + friend bool operator==(const Program&, const Program&); + std::vector bincodeSerialize() const; + static Program bincodeDeserialize(std::vector); +}; + +} // end of namespace Program + +namespace Program { inline bool operator==(const BinaryFieldOp& lhs, const BinaryFieldOp& rhs) { @@ -1233,11 +1241,11 @@ inline BinaryFieldOp BinaryFieldOp::bincodeDeserialize(std::vector inpu return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryFieldOp& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::BinaryFieldOp& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -1246,16 +1254,16 @@ void serde::Serializable::serialize(const Circuit::Binar template <> template -Circuit::BinaryFieldOp serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryFieldOp serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::BinaryFieldOp obj; + Program::BinaryFieldOp obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryFieldOp::Add& lhs, const BinaryFieldOp::Add& rhs) { @@ -1279,23 +1287,23 @@ inline BinaryFieldOp::Add BinaryFieldOp::Add::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BinaryFieldOp::Add& obj, +void serde::Serializable::serialize(const Program::BinaryFieldOp::Add& obj, Serializer& serializer) {} template <> template -Circuit::BinaryFieldOp::Add serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryFieldOp::Add serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BinaryFieldOp::Add obj; + Program::BinaryFieldOp::Add obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryFieldOp::Sub& lhs, const BinaryFieldOp::Sub& rhs) { @@ -1319,23 +1327,23 @@ inline BinaryFieldOp::Sub BinaryFieldOp::Sub::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BinaryFieldOp::Sub& obj, +void serde::Serializable::serialize(const Program::BinaryFieldOp::Sub& obj, Serializer& serializer) {} template <> template -Circuit::BinaryFieldOp::Sub serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryFieldOp::Sub serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BinaryFieldOp::Sub obj; + Program::BinaryFieldOp::Sub obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryFieldOp::Mul& lhs, const BinaryFieldOp::Mul& rhs) { @@ -1359,23 +1367,23 @@ inline BinaryFieldOp::Mul BinaryFieldOp::Mul::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BinaryFieldOp::Mul& obj, +void serde::Serializable::serialize(const Program::BinaryFieldOp::Mul& obj, Serializer& serializer) {} template <> template -Circuit::BinaryFieldOp::Mul serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryFieldOp::Mul serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BinaryFieldOp::Mul obj; + Program::BinaryFieldOp::Mul obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryFieldOp::Div& lhs, const BinaryFieldOp::Div& rhs) { @@ -1399,23 +1407,23 @@ inline BinaryFieldOp::Div BinaryFieldOp::Div::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BinaryFieldOp::Div& obj, +void serde::Serializable::serialize(const Program::BinaryFieldOp::Div& obj, Serializer& serializer) {} template <> template -Circuit::BinaryFieldOp::Div serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryFieldOp::Div serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BinaryFieldOp::Div obj; + Program::BinaryFieldOp::Div obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryFieldOp::Equals& lhs, const BinaryFieldOp::Equals& rhs) { @@ -1439,24 +1447,24 @@ inline BinaryFieldOp::Equals BinaryFieldOp::Equals::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryFieldOp::Equals& obj, +void serde::Serializable::serialize(const Program::BinaryFieldOp::Equals& obj, Serializer& serializer) {} template <> template -Circuit::BinaryFieldOp::Equals serde::Deserializable::deserialize( +Program::BinaryFieldOp::Equals serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BinaryFieldOp::Equals obj; + Program::BinaryFieldOp::Equals obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp& lhs, const BinaryIntOp& rhs) { @@ -1483,11 +1491,11 @@ inline BinaryIntOp BinaryIntOp::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::BinaryIntOp& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -1496,16 +1504,16 @@ void serde::Serializable::serialize(const Circuit::BinaryI template <> template -Circuit::BinaryIntOp serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryIntOp serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::BinaryIntOp obj; + Program::BinaryIntOp obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Add& lhs, const BinaryIntOp::Add& rhs) { @@ -1529,23 +1537,23 @@ inline BinaryIntOp::Add BinaryIntOp::Add::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Add& obj, +void serde::Serializable::serialize(const Program::BinaryIntOp::Add& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::Add serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryIntOp::Add serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BinaryIntOp::Add obj; + Program::BinaryIntOp::Add obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Sub& lhs, const BinaryIntOp::Sub& rhs) { @@ -1569,23 +1577,23 @@ inline BinaryIntOp::Sub BinaryIntOp::Sub::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Sub& obj, +void serde::Serializable::serialize(const Program::BinaryIntOp::Sub& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::Sub serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryIntOp::Sub serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BinaryIntOp::Sub obj; + Program::BinaryIntOp::Sub obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Mul& lhs, const BinaryIntOp::Mul& rhs) { @@ -1609,23 +1617,23 @@ inline BinaryIntOp::Mul BinaryIntOp::Mul::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Mul& obj, +void serde::Serializable::serialize(const Program::BinaryIntOp::Mul& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::Mul serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryIntOp::Mul serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BinaryIntOp::Mul obj; + Program::BinaryIntOp::Mul obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::SignedDiv& lhs, const BinaryIntOp::SignedDiv& rhs) { @@ -1649,24 +1657,24 @@ inline BinaryIntOp::SignedDiv BinaryIntOp::SignedDiv::bincodeDeserialize(std::ve return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::SignedDiv& obj, +void serde::Serializable::serialize(const Program::BinaryIntOp::SignedDiv& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::SignedDiv serde::Deserializable::deserialize( +Program::BinaryIntOp::SignedDiv serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BinaryIntOp::SignedDiv obj; + Program::BinaryIntOp::SignedDiv obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::UnsignedDiv& lhs, const BinaryIntOp::UnsignedDiv& rhs) { @@ -1690,24 +1698,24 @@ inline BinaryIntOp::UnsignedDiv BinaryIntOp::UnsignedDiv::bincodeDeserialize(std return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::UnsignedDiv& obj, +void serde::Serializable::serialize(const Program::BinaryIntOp::UnsignedDiv& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::UnsignedDiv serde::Deserializable::deserialize( +Program::BinaryIntOp::UnsignedDiv serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BinaryIntOp::UnsignedDiv obj; + Program::BinaryIntOp::UnsignedDiv obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Equals& lhs, const BinaryIntOp::Equals& rhs) { @@ -1731,24 +1739,24 @@ inline BinaryIntOp::Equals BinaryIntOp::Equals::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Equals& obj, +void serde::Serializable::serialize(const Program::BinaryIntOp::Equals& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::Equals serde::Deserializable::deserialize( +Program::BinaryIntOp::Equals serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BinaryIntOp::Equals obj; + Program::BinaryIntOp::Equals obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::LessThan& lhs, const BinaryIntOp::LessThan& rhs) { @@ -1772,24 +1780,24 @@ inline BinaryIntOp::LessThan BinaryIntOp::LessThan::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::LessThan& obj, +void serde::Serializable::serialize(const Program::BinaryIntOp::LessThan& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::LessThan serde::Deserializable::deserialize( +Program::BinaryIntOp::LessThan serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BinaryIntOp::LessThan obj; + Program::BinaryIntOp::LessThan obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::LessThanEquals& lhs, const BinaryIntOp::LessThanEquals& rhs) { @@ -1813,24 +1821,24 @@ inline BinaryIntOp::LessThanEquals BinaryIntOp::LessThanEquals::bincodeDeseriali return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BinaryIntOp::LessThanEquals& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BinaryIntOp::LessThanEquals& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::LessThanEquals serde::Deserializable::deserialize( +Program::BinaryIntOp::LessThanEquals serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BinaryIntOp::LessThanEquals obj; + Program::BinaryIntOp::LessThanEquals obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::And& lhs, const BinaryIntOp::And& rhs) { @@ -1854,23 +1862,23 @@ inline BinaryIntOp::And BinaryIntOp::And::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::And& obj, +void serde::Serializable::serialize(const Program::BinaryIntOp::And& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::And serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryIntOp::And serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BinaryIntOp::And obj; + Program::BinaryIntOp::And obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Or& lhs, const BinaryIntOp::Or& rhs) { @@ -1894,23 +1902,23 @@ inline BinaryIntOp::Or BinaryIntOp::Or::bincodeDeserialize(std::vector return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Or& obj, +void serde::Serializable::serialize(const Program::BinaryIntOp::Or& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::Or serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryIntOp::Or serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BinaryIntOp::Or obj; + Program::BinaryIntOp::Or obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Xor& lhs, const BinaryIntOp::Xor& rhs) { @@ -1934,23 +1942,23 @@ inline BinaryIntOp::Xor BinaryIntOp::Xor::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Xor& obj, +void serde::Serializable::serialize(const Program::BinaryIntOp::Xor& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::Xor serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryIntOp::Xor serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BinaryIntOp::Xor obj; + Program::BinaryIntOp::Xor obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Shl& lhs, const BinaryIntOp::Shl& rhs) { @@ -1974,23 +1982,23 @@ inline BinaryIntOp::Shl BinaryIntOp::Shl::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Shl& obj, +void serde::Serializable::serialize(const Program::BinaryIntOp::Shl& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::Shl serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryIntOp::Shl serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BinaryIntOp::Shl obj; + Program::BinaryIntOp::Shl obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Shr& lhs, const BinaryIntOp::Shr& rhs) { @@ -2014,23 +2022,23 @@ inline BinaryIntOp::Shr BinaryIntOp::Shr::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Shr& obj, +void serde::Serializable::serialize(const Program::BinaryIntOp::Shr& obj, Serializer& serializer) {} template <> template -Circuit::BinaryIntOp::Shr serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BinaryIntOp::Shr serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BinaryIntOp::Shr obj; + Program::BinaryIntOp::Shr obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall& lhs, const BlackBoxFuncCall& rhs) { @@ -2057,11 +2065,11 @@ inline BlackBoxFuncCall BlackBoxFuncCall::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall& obj, +void serde::Serializable::serialize(const Program::BlackBoxFuncCall& obj, Serializer& serializer) { serializer.increase_container_depth(); @@ -2071,16 +2079,16 @@ void serde::Serializable::serialize(const Circuit::Bl template <> template -Circuit::BlackBoxFuncCall serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BlackBoxFuncCall serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::BlackBoxFuncCall obj; + Program::BlackBoxFuncCall obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::AND& lhs, const BlackBoxFuncCall::AND& rhs) { @@ -2113,11 +2121,11 @@ inline BlackBoxFuncCall::AND BlackBoxFuncCall::AND::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::AND& obj, +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::AND& obj, Serializer& serializer) { serde::Serializable::serialize(obj.lhs, serializer); @@ -2127,17 +2135,17 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxFuncCall::AND serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::AND serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::AND obj; + Program::BlackBoxFuncCall::AND obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::XOR& lhs, const BlackBoxFuncCall::XOR& rhs) { @@ -2170,11 +2178,11 @@ inline BlackBoxFuncCall::XOR BlackBoxFuncCall::XOR::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::XOR& obj, +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::XOR& obj, Serializer& serializer) { serde::Serializable::serialize(obj.lhs, serializer); @@ -2184,17 +2192,17 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxFuncCall::XOR serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::XOR serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::XOR obj; + Program::BlackBoxFuncCall::XOR obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::RANGE& lhs, const BlackBoxFuncCall::RANGE& rhs) { @@ -2221,11 +2229,11 @@ inline BlackBoxFuncCall::RANGE BlackBoxFuncCall::RANGE::bincodeDeserialize(std:: return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::RANGE& obj, +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::RANGE& obj, Serializer& serializer) { serde::Serializable::serialize(obj.input, serializer); @@ -2233,15 +2241,15 @@ void serde::Serializable::serialize(const Circ template <> template -Circuit::BlackBoxFuncCall::RANGE serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::RANGE serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::RANGE obj; + Program::BlackBoxFuncCall::RANGE obj; obj.input = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::SHA256& lhs, const BlackBoxFuncCall::SHA256& rhs) { @@ -2271,11 +2279,11 @@ inline BlackBoxFuncCall::SHA256 BlackBoxFuncCall::SHA256::bincodeDeserialize(std return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::SHA256& obj, +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::SHA256& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); @@ -2284,16 +2292,16 @@ void serde::Serializable::serialize(const Cir template <> template -Circuit::BlackBoxFuncCall::SHA256 serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::SHA256 serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::SHA256 obj; + Program::BlackBoxFuncCall::SHA256 obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Blake2s& lhs, const BlackBoxFuncCall::Blake2s& rhs) { @@ -2323,11 +2331,11 @@ inline BlackBoxFuncCall::Blake2s BlackBoxFuncCall::Blake2s::bincodeDeserialize(s return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Blake2s& obj, +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::Blake2s& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); @@ -2336,16 +2344,16 @@ void serde::Serializable::serialize(const Ci template <> template -Circuit::BlackBoxFuncCall::Blake2s serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::Blake2s serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::Blake2s obj; + Program::BlackBoxFuncCall::Blake2s obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Blake3& lhs, const BlackBoxFuncCall::Blake3& rhs) { @@ -2375,11 +2383,11 @@ inline BlackBoxFuncCall::Blake3 BlackBoxFuncCall::Blake3::bincodeDeserialize(std return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Blake3& obj, +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::Blake3& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); @@ -2388,16 +2396,16 @@ void serde::Serializable::serialize(const Cir template <> template -Circuit::BlackBoxFuncCall::Blake3 serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::Blake3 serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::Blake3 obj; + Program::BlackBoxFuncCall::Blake3 obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::SchnorrVerify& lhs, const BlackBoxFuncCall::SchnorrVerify& rhs) { @@ -2436,12 +2444,12 @@ inline BlackBoxFuncCall::SchnorrVerify BlackBoxFuncCall::SchnorrVerify::bincodeD return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::SchnorrVerify& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::SchnorrVerify& obj, Serializer& serializer) { serde::Serializable::serialize(obj.public_key_x, serializer); serde::Serializable::serialize(obj.public_key_y, serializer); @@ -2452,10 +2460,10 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxFuncCall::SchnorrVerify serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::SchnorrVerify serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::SchnorrVerify obj; + Program::BlackBoxFuncCall::SchnorrVerify obj; obj.public_key_x = serde::Deserializable::deserialize(deserializer); obj.public_key_y = serde::Deserializable::deserialize(deserializer); obj.signature = serde::Deserializable::deserialize(deserializer); @@ -2464,7 +2472,7 @@ Circuit::BlackBoxFuncCall::SchnorrVerify serde::Deserializable template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::PedersenCommitment& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::PedersenCommitment& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.domain_separator, serializer); @@ -2512,17 +2520,17 @@ void serde::Serializable::seriali template <> template -Circuit::BlackBoxFuncCall::PedersenCommitment serde::Deserializable< - Circuit::BlackBoxFuncCall::PedersenCommitment>::deserialize(Deserializer& deserializer) +Program::BlackBoxFuncCall::PedersenCommitment serde::Deserializable< + Program::BlackBoxFuncCall::PedersenCommitment>::deserialize(Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::PedersenCommitment obj; + Program::BlackBoxFuncCall::PedersenCommitment obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.domain_separator = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::PedersenHash& lhs, const BlackBoxFuncCall::PedersenHash& rhs) { @@ -2555,12 +2563,12 @@ inline BlackBoxFuncCall::PedersenHash BlackBoxFuncCall::PedersenHash::bincodeDes return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::PedersenHash& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::PedersenHash& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.domain_separator, serializer); @@ -2569,17 +2577,17 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxFuncCall::PedersenHash serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::PedersenHash serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::PedersenHash obj; + Program::BlackBoxFuncCall::PedersenHash obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.domain_separator = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::EcdsaSecp256k1& lhs, const BlackBoxFuncCall::EcdsaSecp256k1& rhs) { @@ -2618,12 +2626,12 @@ inline BlackBoxFuncCall::EcdsaSecp256k1 BlackBoxFuncCall::EcdsaSecp256k1::bincod return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::EcdsaSecp256k1& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::EcdsaSecp256k1& obj, Serializer& serializer) { serde::Serializable::serialize(obj.public_key_x, serializer); serde::Serializable::serialize(obj.public_key_y, serializer); @@ -2634,10 +2642,10 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxFuncCall::EcdsaSecp256k1 serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::EcdsaSecp256k1 serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::EcdsaSecp256k1 obj; + Program::BlackBoxFuncCall::EcdsaSecp256k1 obj; obj.public_key_x = serde::Deserializable::deserialize(deserializer); obj.public_key_y = serde::Deserializable::deserialize(deserializer); obj.signature = serde::Deserializable::deserialize(deserializer); @@ -2646,7 +2654,7 @@ Circuit::BlackBoxFuncCall::EcdsaSecp256k1 serde::Deserializable template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::EcdsaSecp256r1& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::EcdsaSecp256r1& obj, Serializer& serializer) { serde::Serializable::serialize(obj.public_key_x, serializer); serde::Serializable::serialize(obj.public_key_y, serializer); @@ -2701,10 +2709,10 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxFuncCall::EcdsaSecp256r1 serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::EcdsaSecp256r1 serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::EcdsaSecp256r1 obj; + Program::BlackBoxFuncCall::EcdsaSecp256r1 obj; obj.public_key_x = serde::Deserializable::deserialize(deserializer); obj.public_key_y = serde::Deserializable::deserialize(deserializer); obj.signature = serde::Deserializable::deserialize(deserializer); @@ -2713,7 +2721,7 @@ Circuit::BlackBoxFuncCall::EcdsaSecp256r1 serde::Deserializable template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::FixedBaseScalarMul& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::FixedBaseScalarMul& obj, Serializer& serializer) { serde::Serializable::serialize(obj.low, serializer); serde::Serializable::serialize(obj.high, serializer); @@ -2761,17 +2769,17 @@ void serde::Serializable::seriali template <> template -Circuit::BlackBoxFuncCall::FixedBaseScalarMul serde::Deserializable< - Circuit::BlackBoxFuncCall::FixedBaseScalarMul>::deserialize(Deserializer& deserializer) +Program::BlackBoxFuncCall::FixedBaseScalarMul serde::Deserializable< + Program::BlackBoxFuncCall::FixedBaseScalarMul>::deserialize(Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::FixedBaseScalarMul obj; + Program::BlackBoxFuncCall::FixedBaseScalarMul obj; obj.low = serde::Deserializable::deserialize(deserializer); obj.high = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::EmbeddedCurveAdd& lhs, const BlackBoxFuncCall::EmbeddedCurveAdd& rhs) { @@ -2811,12 +2819,12 @@ inline BlackBoxFuncCall::EmbeddedCurveAdd BlackBoxFuncCall::EmbeddedCurveAdd::bi return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::EmbeddedCurveAdd& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::EmbeddedCurveAdd& obj, Serializer& serializer) { serde::Serializable::serialize(obj.input1_x, serializer); serde::Serializable::serialize(obj.input1_y, serializer); @@ -2827,10 +2835,10 @@ void serde::Serializable::serialize template <> template -Circuit::BlackBoxFuncCall::EmbeddedCurveAdd serde::Deserializable< - Circuit::BlackBoxFuncCall::EmbeddedCurveAdd>::deserialize(Deserializer& deserializer) +Program::BlackBoxFuncCall::EmbeddedCurveAdd serde::Deserializable< + Program::BlackBoxFuncCall::EmbeddedCurveAdd>::deserialize(Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::EmbeddedCurveAdd obj; + Program::BlackBoxFuncCall::EmbeddedCurveAdd obj; obj.input1_x = serde::Deserializable::deserialize(deserializer); obj.input1_y = serde::Deserializable::deserialize(deserializer); obj.input2_x = serde::Deserializable::deserialize(deserializer); @@ -2839,7 +2847,7 @@ Circuit::BlackBoxFuncCall::EmbeddedCurveAdd serde::Deserializable< return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Keccak256& lhs, const BlackBoxFuncCall::Keccak256& rhs) { @@ -2869,12 +2877,12 @@ inline BlackBoxFuncCall::Keccak256 BlackBoxFuncCall::Keccak256::bincodeDeseriali return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::Keccak256& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::Keccak256& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.outputs, serializer); @@ -2882,16 +2890,16 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxFuncCall::Keccak256 serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::Keccak256 serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::Keccak256 obj; + Program::BlackBoxFuncCall::Keccak256 obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Keccak256VariableLength& lhs, const BlackBoxFuncCall::Keccak256VariableLength& rhs) @@ -2926,12 +2934,12 @@ inline BlackBoxFuncCall::Keccak256VariableLength BlackBoxFuncCall::Keccak256Vari return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::Keccak256VariableLength& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::Keccak256VariableLength& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.var_message_size, serializer); @@ -2940,17 +2948,17 @@ void serde::Serializable::se template <> template -Circuit::BlackBoxFuncCall::Keccak256VariableLength serde::Deserializable< - Circuit::BlackBoxFuncCall::Keccak256VariableLength>::deserialize(Deserializer& deserializer) +Program::BlackBoxFuncCall::Keccak256VariableLength serde::Deserializable< + Program::BlackBoxFuncCall::Keccak256VariableLength>::deserialize(Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::Keccak256VariableLength obj; + Program::BlackBoxFuncCall::Keccak256VariableLength obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.var_message_size = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Keccakf1600& lhs, const BlackBoxFuncCall::Keccakf1600& rhs) { @@ -2980,12 +2988,12 @@ inline BlackBoxFuncCall::Keccakf1600 BlackBoxFuncCall::Keccakf1600::bincodeDeser return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::Keccakf1600& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::Keccakf1600& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.outputs, serializer); @@ -2993,16 +3001,16 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxFuncCall::Keccakf1600 serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::Keccakf1600 serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::Keccakf1600 obj; + Program::BlackBoxFuncCall::Keccakf1600 obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::RecursiveAggregation& lhs, const BlackBoxFuncCall::RecursiveAggregation& rhs) @@ -3040,12 +3048,12 @@ inline BlackBoxFuncCall::RecursiveAggregation BlackBoxFuncCall::RecursiveAggrega return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::RecursiveAggregation& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::RecursiveAggregation& obj, Serializer& serializer) { serde::Serializable::serialize(obj.verification_key, serializer); serde::Serializable::serialize(obj.proof, serializer); @@ -3055,10 +3063,10 @@ void serde::Serializable::seria template <> template -Circuit::BlackBoxFuncCall::RecursiveAggregation serde::Deserializable< - Circuit::BlackBoxFuncCall::RecursiveAggregation>::deserialize(Deserializer& deserializer) +Program::BlackBoxFuncCall::RecursiveAggregation serde::Deserializable< + Program::BlackBoxFuncCall::RecursiveAggregation>::deserialize(Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::RecursiveAggregation obj; + Program::BlackBoxFuncCall::RecursiveAggregation obj; obj.verification_key = serde::Deserializable::deserialize(deserializer); obj.proof = serde::Deserializable::deserialize(deserializer); obj.public_inputs = serde::Deserializable::deserialize(deserializer); @@ -3066,7 +3074,7 @@ Circuit::BlackBoxFuncCall::RecursiveAggregation serde::Deserializable< return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::BigIntAdd& lhs, const BlackBoxFuncCall::BigIntAdd& rhs) { @@ -3099,12 +3107,12 @@ inline BlackBoxFuncCall::BigIntAdd BlackBoxFuncCall::BigIntAdd::bincodeDeseriali return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::BigIntAdd& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::BigIntAdd& obj, Serializer& serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); @@ -3113,17 +3121,17 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxFuncCall::BigIntAdd serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::BigIntAdd serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::BigIntAdd obj; + Program::BlackBoxFuncCall::BigIntAdd obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::BigIntSub& lhs, const BlackBoxFuncCall::BigIntSub& rhs) { @@ -3156,12 +3164,12 @@ inline BlackBoxFuncCall::BigIntSub BlackBoxFuncCall::BigIntSub::bincodeDeseriali return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::BigIntSub& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::BigIntSub& obj, Serializer& serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); @@ -3170,17 +3178,17 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxFuncCall::BigIntSub serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::BigIntSub serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::BigIntSub obj; + Program::BlackBoxFuncCall::BigIntSub obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::BigIntMul& lhs, const BlackBoxFuncCall::BigIntMul& rhs) { @@ -3213,12 +3221,12 @@ inline BlackBoxFuncCall::BigIntMul BlackBoxFuncCall::BigIntMul::bincodeDeseriali return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::BigIntMul& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::BigIntMul& obj, Serializer& serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); @@ -3227,17 +3235,17 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxFuncCall::BigIntMul serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::BigIntMul serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::BigIntMul obj; + Program::BlackBoxFuncCall::BigIntMul obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::BigIntDiv& lhs, const BlackBoxFuncCall::BigIntDiv& rhs) { @@ -3270,12 +3278,12 @@ inline BlackBoxFuncCall::BigIntDiv BlackBoxFuncCall::BigIntDiv::bincodeDeseriali return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::BigIntDiv& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::BigIntDiv& obj, Serializer& serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); @@ -3284,17 +3292,17 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxFuncCall::BigIntDiv serde::Deserializable::deserialize( +Program::BlackBoxFuncCall::BigIntDiv serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::BigIntDiv obj; + Program::BlackBoxFuncCall::BigIntDiv obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::BigIntFromLeBytes& lhs, const BlackBoxFuncCall::BigIntFromLeBytes& rhs) { @@ -3328,12 +3336,12 @@ inline BlackBoxFuncCall::BigIntFromLeBytes BlackBoxFuncCall::BigIntFromLeBytes:: return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::BigIntFromLeBytes& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::BigIntFromLeBytes& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.modulus, serializer); @@ -3342,17 +3350,17 @@ void serde::Serializable::serializ template <> template -Circuit::BlackBoxFuncCall::BigIntFromLeBytes serde::Deserializable< - Circuit::BlackBoxFuncCall::BigIntFromLeBytes>::deserialize(Deserializer& deserializer) +Program::BlackBoxFuncCall::BigIntFromLeBytes serde::Deserializable< + Program::BlackBoxFuncCall::BigIntFromLeBytes>::deserialize(Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::BigIntFromLeBytes obj; + Program::BlackBoxFuncCall::BigIntFromLeBytes obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.modulus = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::BigIntToLeBytes& lhs, const BlackBoxFuncCall::BigIntToLeBytes& rhs) { @@ -3383,12 +3391,12 @@ inline BlackBoxFuncCall::BigIntToLeBytes BlackBoxFuncCall::BigIntToLeBytes::binc return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::BigIntToLeBytes& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::BigIntToLeBytes& obj, Serializer& serializer) { serde::Serializable::serialize(obj.input, serializer); serde::Serializable::serialize(obj.outputs, serializer); @@ -3396,16 +3404,16 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxFuncCall::BigIntToLeBytes serde::Deserializable< - Circuit::BlackBoxFuncCall::BigIntToLeBytes>::deserialize(Deserializer& deserializer) +Program::BlackBoxFuncCall::BigIntToLeBytes serde::Deserializable< + Program::BlackBoxFuncCall::BigIntToLeBytes>::deserialize(Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::BigIntToLeBytes obj; + Program::BlackBoxFuncCall::BigIntToLeBytes obj; obj.input = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Poseidon2Permutation& lhs, const BlackBoxFuncCall::Poseidon2Permutation& rhs) @@ -3440,12 +3448,12 @@ inline BlackBoxFuncCall::Poseidon2Permutation BlackBoxFuncCall::Poseidon2Permuta return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::Poseidon2Permutation& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::Poseidon2Permutation& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.outputs, serializer); @@ -3454,17 +3462,17 @@ void serde::Serializable::seria template <> template -Circuit::BlackBoxFuncCall::Poseidon2Permutation serde::Deserializable< - Circuit::BlackBoxFuncCall::Poseidon2Permutation>::deserialize(Deserializer& deserializer) +Program::BlackBoxFuncCall::Poseidon2Permutation serde::Deserializable< + Program::BlackBoxFuncCall::Poseidon2Permutation>::deserialize(Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::Poseidon2Permutation obj; + Program::BlackBoxFuncCall::Poseidon2Permutation obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); obj.len = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Sha256Compression& lhs, const BlackBoxFuncCall::Sha256Compression& rhs) { @@ -3498,12 +3506,12 @@ inline BlackBoxFuncCall::Sha256Compression BlackBoxFuncCall::Sha256Compression:: return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxFuncCall::Sha256Compression& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxFuncCall::Sha256Compression& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.hash_values, serializer); @@ -3512,17 +3520,17 @@ void serde::Serializable::serializ template <> template -Circuit::BlackBoxFuncCall::Sha256Compression serde::Deserializable< - Circuit::BlackBoxFuncCall::Sha256Compression>::deserialize(Deserializer& deserializer) +Program::BlackBoxFuncCall::Sha256Compression serde::Deserializable< + Program::BlackBoxFuncCall::Sha256Compression>::deserialize(Deserializer& deserializer) { - Circuit::BlackBoxFuncCall::Sha256Compression obj; + Program::BlackBoxFuncCall::Sha256Compression obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.hash_values = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp& lhs, const BlackBoxOp& rhs) { @@ -3549,11 +3557,11 @@ inline BlackBoxOp BlackBoxOp::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::BlackBoxOp& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -3562,16 +3570,16 @@ void serde::Serializable::serialize(const Circuit::BlackBox template <> template -Circuit::BlackBoxOp serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BlackBoxOp serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::BlackBoxOp obj; + Program::BlackBoxOp obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Sha256& lhs, const BlackBoxOp::Sha256& rhs) { @@ -3601,11 +3609,11 @@ inline BlackBoxOp::Sha256 BlackBoxOp::Sha256::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::Sha256& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::Sha256& obj, Serializer& serializer) { serde::Serializable::serialize(obj.message, serializer); @@ -3614,15 +3622,15 @@ void serde::Serializable::serialize(const Circuit:: template <> template -Circuit::BlackBoxOp::Sha256 serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BlackBoxOp::Sha256 serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BlackBoxOp::Sha256 obj; + Program::BlackBoxOp::Sha256 obj; obj.message = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Blake2s& lhs, const BlackBoxOp::Blake2s& rhs) { @@ -3652,11 +3660,11 @@ inline BlackBoxOp::Blake2s BlackBoxOp::Blake2s::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::Blake2s& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::Blake2s& obj, Serializer& serializer) { serde::Serializable::serialize(obj.message, serializer); @@ -3665,16 +3673,16 @@ void serde::Serializable::serialize(const Circuit: template <> template -Circuit::BlackBoxOp::Blake2s serde::Deserializable::deserialize( +Program::BlackBoxOp::Blake2s serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::Blake2s obj; + Program::BlackBoxOp::Blake2s obj; obj.message = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Blake3& lhs, const BlackBoxOp::Blake3& rhs) { @@ -3704,11 +3712,11 @@ inline BlackBoxOp::Blake3 BlackBoxOp::Blake3::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::Blake3& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::Blake3& obj, Serializer& serializer) { serde::Serializable::serialize(obj.message, serializer); @@ -3717,15 +3725,15 @@ void serde::Serializable::serialize(const Circuit:: template <> template -Circuit::BlackBoxOp::Blake3 serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BlackBoxOp::Blake3 serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BlackBoxOp::Blake3 obj; + Program::BlackBoxOp::Blake3 obj; obj.message = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Keccak256& lhs, const BlackBoxOp::Keccak256& rhs) { @@ -3755,11 +3763,11 @@ inline BlackBoxOp::Keccak256 BlackBoxOp::Keccak256::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::Keccak256& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::Keccak256& obj, Serializer& serializer) { serde::Serializable::serialize(obj.message, serializer); @@ -3768,16 +3776,16 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxOp::Keccak256 serde::Deserializable::deserialize( +Program::BlackBoxOp::Keccak256 serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::Keccak256 obj; + Program::BlackBoxOp::Keccak256 obj; obj.message = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Keccakf1600& lhs, const BlackBoxOp::Keccakf1600& rhs) { @@ -3807,11 +3815,11 @@ inline BlackBoxOp::Keccakf1600 BlackBoxOp::Keccakf1600::bincodeDeserialize(std:: return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::Keccakf1600& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::Keccakf1600& obj, Serializer& serializer) { serde::Serializable::serialize(obj.message, serializer); @@ -3820,16 +3828,16 @@ void serde::Serializable::serialize(const Circ template <> template -Circuit::BlackBoxOp::Keccakf1600 serde::Deserializable::deserialize( +Program::BlackBoxOp::Keccakf1600 serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::Keccakf1600 obj; + Program::BlackBoxOp::Keccakf1600 obj; obj.message = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::EcdsaSecp256k1& lhs, const BlackBoxOp::EcdsaSecp256k1& rhs) { @@ -3868,11 +3876,11 @@ inline BlackBoxOp::EcdsaSecp256k1 BlackBoxOp::EcdsaSecp256k1::bincodeDeserialize return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::EcdsaSecp256k1& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::EcdsaSecp256k1& obj, Serializer& serializer) { serde::Serializable::serialize(obj.hashed_msg, serializer); @@ -3884,10 +3892,10 @@ void serde::Serializable::serialize(const C template <> template -Circuit::BlackBoxOp::EcdsaSecp256k1 serde::Deserializable::deserialize( +Program::BlackBoxOp::EcdsaSecp256k1 serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::EcdsaSecp256k1 obj; + Program::BlackBoxOp::EcdsaSecp256k1 obj; obj.hashed_msg = serde::Deserializable::deserialize(deserializer); obj.public_key_x = serde::Deserializable::deserialize(deserializer); obj.public_key_y = serde::Deserializable::deserialize(deserializer); @@ -3896,7 +3904,7 @@ Circuit::BlackBoxOp::EcdsaSecp256k1 serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::EcdsaSecp256r1& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::EcdsaSecp256r1& obj, Serializer& serializer) { serde::Serializable::serialize(obj.hashed_msg, serializer); @@ -3951,10 +3959,10 @@ void serde::Serializable::serialize(const C template <> template -Circuit::BlackBoxOp::EcdsaSecp256r1 serde::Deserializable::deserialize( +Program::BlackBoxOp::EcdsaSecp256r1 serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::EcdsaSecp256r1 obj; + Program::BlackBoxOp::EcdsaSecp256r1 obj; obj.hashed_msg = serde::Deserializable::deserialize(deserializer); obj.public_key_x = serde::Deserializable::deserialize(deserializer); obj.public_key_y = serde::Deserializable::deserialize(deserializer); @@ -3963,7 +3971,7 @@ Circuit::BlackBoxOp::EcdsaSecp256r1 serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::SchnorrVerify& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::SchnorrVerify& obj, Serializer& serializer) { serde::Serializable::serialize(obj.public_key_x, serializer); @@ -4018,10 +4026,10 @@ void serde::Serializable::serialize(const Ci template <> template -Circuit::BlackBoxOp::SchnorrVerify serde::Deserializable::deserialize( +Program::BlackBoxOp::SchnorrVerify serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::SchnorrVerify obj; + Program::BlackBoxOp::SchnorrVerify obj; obj.public_key_x = serde::Deserializable::deserialize(deserializer); obj.public_key_y = serde::Deserializable::deserialize(deserializer); obj.message = serde::Deserializable::deserialize(deserializer); @@ -4030,7 +4038,7 @@ Circuit::BlackBoxOp::SchnorrVerify serde::Deserializable template -void serde::Serializable::serialize( - const Circuit::BlackBoxOp::PedersenCommitment& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxOp::PedersenCommitment& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.domain_separator, serializer); @@ -4077,17 +4085,17 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxOp::PedersenCommitment serde::Deserializable::deserialize( +Program::BlackBoxOp::PedersenCommitment serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::PedersenCommitment obj; + Program::BlackBoxOp::PedersenCommitment obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.domain_separator = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::PedersenHash& lhs, const BlackBoxOp::PedersenHash& rhs) { @@ -4120,11 +4128,11 @@ inline BlackBoxOp::PedersenHash BlackBoxOp::PedersenHash::bincodeDeserialize(std return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::PedersenHash& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::PedersenHash& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); @@ -4134,17 +4142,17 @@ void serde::Serializable::serialize(const Cir template <> template -Circuit::BlackBoxOp::PedersenHash serde::Deserializable::deserialize( +Program::BlackBoxOp::PedersenHash serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::PedersenHash obj; + Program::BlackBoxOp::PedersenHash obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.domain_separator = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::FixedBaseScalarMul& lhs, const BlackBoxOp::FixedBaseScalarMul& rhs) { @@ -4177,12 +4185,12 @@ inline BlackBoxOp::FixedBaseScalarMul BlackBoxOp::FixedBaseScalarMul::bincodeDes return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxOp::FixedBaseScalarMul& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxOp::FixedBaseScalarMul& obj, Serializer& serializer) { serde::Serializable::serialize(obj.low, serializer); serde::Serializable::serialize(obj.high, serializer); @@ -4191,17 +4199,17 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxOp::FixedBaseScalarMul serde::Deserializable::deserialize( +Program::BlackBoxOp::FixedBaseScalarMul serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::FixedBaseScalarMul obj; + Program::BlackBoxOp::FixedBaseScalarMul obj; obj.low = serde::Deserializable::deserialize(deserializer); obj.high = serde::Deserializable::deserialize(deserializer); obj.result = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::EmbeddedCurveAdd& lhs, const BlackBoxOp::EmbeddedCurveAdd& rhs) { @@ -4240,12 +4248,12 @@ inline BlackBoxOp::EmbeddedCurveAdd BlackBoxOp::EmbeddedCurveAdd::bincodeDeseria return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxOp::EmbeddedCurveAdd& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxOp::EmbeddedCurveAdd& obj, Serializer& serializer) { serde::Serializable::serialize(obj.input1_x, serializer); serde::Serializable::serialize(obj.input1_y, serializer); @@ -4256,10 +4264,10 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxOp::EmbeddedCurveAdd serde::Deserializable::deserialize( +Program::BlackBoxOp::EmbeddedCurveAdd serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::EmbeddedCurveAdd obj; + Program::BlackBoxOp::EmbeddedCurveAdd obj; obj.input1_x = serde::Deserializable::deserialize(deserializer); obj.input1_y = serde::Deserializable::deserialize(deserializer); obj.input2_x = serde::Deserializable::deserialize(deserializer); @@ -4268,7 +4276,7 @@ Circuit::BlackBoxOp::EmbeddedCurveAdd serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntAdd& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::BigIntAdd& obj, Serializer& serializer) { serde::Serializable::serialize(obj.lhs, serializer); @@ -4315,17 +4323,17 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxOp::BigIntAdd serde::Deserializable::deserialize( +Program::BlackBoxOp::BigIntAdd serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::BigIntAdd obj; + Program::BlackBoxOp::BigIntAdd obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::BigIntSub& lhs, const BlackBoxOp::BigIntSub& rhs) { @@ -4358,11 +4366,11 @@ inline BlackBoxOp::BigIntSub BlackBoxOp::BigIntSub::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntSub& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::BigIntSub& obj, Serializer& serializer) { serde::Serializable::serialize(obj.lhs, serializer); @@ -4372,17 +4380,17 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxOp::BigIntSub serde::Deserializable::deserialize( +Program::BlackBoxOp::BigIntSub serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::BigIntSub obj; + Program::BlackBoxOp::BigIntSub obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::BigIntMul& lhs, const BlackBoxOp::BigIntMul& rhs) { @@ -4415,11 +4423,11 @@ inline BlackBoxOp::BigIntMul BlackBoxOp::BigIntMul::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntMul& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::BigIntMul& obj, Serializer& serializer) { serde::Serializable::serialize(obj.lhs, serializer); @@ -4429,17 +4437,17 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxOp::BigIntMul serde::Deserializable::deserialize( +Program::BlackBoxOp::BigIntMul serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::BigIntMul obj; + Program::BlackBoxOp::BigIntMul obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::BigIntDiv& lhs, const BlackBoxOp::BigIntDiv& rhs) { @@ -4472,11 +4480,11 @@ inline BlackBoxOp::BigIntDiv BlackBoxOp::BigIntDiv::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntDiv& obj, +void serde::Serializable::serialize(const Program::BlackBoxOp::BigIntDiv& obj, Serializer& serializer) { serde::Serializable::serialize(obj.lhs, serializer); @@ -4486,17 +4494,17 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxOp::BigIntDiv serde::Deserializable::deserialize( +Program::BlackBoxOp::BigIntDiv serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::BigIntDiv obj; + Program::BlackBoxOp::BigIntDiv obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::BigIntFromLeBytes& lhs, const BlackBoxOp::BigIntFromLeBytes& rhs) { @@ -4529,12 +4537,12 @@ inline BlackBoxOp::BigIntFromLeBytes BlackBoxOp::BigIntFromLeBytes::bincodeDeser return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxOp::BigIntFromLeBytes& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxOp::BigIntFromLeBytes& obj, Serializer& serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.modulus, serializer); @@ -4543,17 +4551,17 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxOp::BigIntFromLeBytes serde::Deserializable::deserialize( +Program::BlackBoxOp::BigIntFromLeBytes serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::BigIntFromLeBytes obj; + Program::BlackBoxOp::BigIntFromLeBytes obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.modulus = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::BigIntToLeBytes& lhs, const BlackBoxOp::BigIntToLeBytes& rhs) { @@ -4583,12 +4591,12 @@ inline BlackBoxOp::BigIntToLeBytes BlackBoxOp::BigIntToLeBytes::bincodeDeseriali return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxOp::BigIntToLeBytes& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxOp::BigIntToLeBytes& obj, Serializer& serializer) { serde::Serializable::serialize(obj.input, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -4596,16 +4604,16 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxOp::BigIntToLeBytes serde::Deserializable::deserialize( +Program::BlackBoxOp::BigIntToLeBytes serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::BigIntToLeBytes obj; + Program::BlackBoxOp::BigIntToLeBytes obj; obj.input = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Poseidon2Permutation& lhs, const BlackBoxOp::Poseidon2Permutation& rhs) { @@ -4638,12 +4646,12 @@ inline BlackBoxOp::Poseidon2Permutation BlackBoxOp::Poseidon2Permutation::bincod return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxOp::Poseidon2Permutation& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxOp::Poseidon2Permutation& obj, Serializer& serializer) { serde::Serializable::serialize(obj.message, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -4652,17 +4660,17 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxOp::Poseidon2Permutation serde::Deserializable::deserialize( +Program::BlackBoxOp::Poseidon2Permutation serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::Poseidon2Permutation obj; + Program::BlackBoxOp::Poseidon2Permutation obj; obj.message = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); obj.len = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Sha256Compression& lhs, const BlackBoxOp::Sha256Compression& rhs) { @@ -4695,12 +4703,12 @@ inline BlackBoxOp::Sha256Compression BlackBoxOp::Sha256Compression::bincodeDeser return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BlackBoxOp::Sha256Compression& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BlackBoxOp::Sha256Compression& obj, Serializer& serializer) { serde::Serializable::serialize(obj.input, serializer); serde::Serializable::serialize(obj.hash_values, serializer); @@ -4709,17 +4717,17 @@ void serde::Serializable::serialize( template <> template -Circuit::BlackBoxOp::Sha256Compression serde::Deserializable::deserialize( +Program::BlackBoxOp::Sha256Compression serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BlackBoxOp::Sha256Compression obj; + Program::BlackBoxOp::Sha256Compression obj; obj.input = serde::Deserializable::deserialize(deserializer); obj.hash_values = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlockId& lhs, const BlockId& rhs) { @@ -4746,11 +4754,11 @@ inline BlockId BlockId::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlockId& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::BlockId& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -4759,16 +4767,16 @@ void serde::Serializable::serialize(const Circuit::BlockId& ob template <> template -Circuit::BlockId serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BlockId serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::BlockId obj; + Program::BlockId obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Brillig& lhs, const Brillig& rhs) { @@ -4804,11 +4812,11 @@ inline Brillig Brillig::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Brillig& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::Brillig& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.inputs, serializer); @@ -4820,10 +4828,10 @@ void serde::Serializable::serialize(const Circuit::Brillig& ob template <> template -Circuit::Brillig serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Brillig serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::Brillig obj; + Program::Brillig obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); obj.bytecode = serde::Deserializable::deserialize(deserializer); @@ -4832,7 +4840,7 @@ Circuit::Brillig serde::Deserializable::deserialize(Deserializ return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligInputs& lhs, const BrilligInputs& rhs) { @@ -4859,11 +4867,11 @@ inline BrilligInputs BrilligInputs::bincodeDeserialize(std::vector inpu return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligInputs& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::BrilligInputs& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -4872,16 +4880,16 @@ void serde::Serializable::serialize(const Circuit::Brill template <> template -Circuit::BrilligInputs serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BrilligInputs serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::BrilligInputs obj; + Program::BrilligInputs obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligInputs::Single& lhs, const BrilligInputs::Single& rhs) { @@ -4908,11 +4916,11 @@ inline BrilligInputs::Single BrilligInputs::Single::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligInputs::Single& obj, +void serde::Serializable::serialize(const Program::BrilligInputs::Single& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -4920,15 +4928,15 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BrilligInputs::Single serde::Deserializable::deserialize( +Program::BrilligInputs::Single serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligInputs::Single obj; + Program::BrilligInputs::Single obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligInputs::Array& lhs, const BrilligInputs::Array& rhs) { @@ -4955,11 +4963,11 @@ inline BrilligInputs::Array BrilligInputs::Array::bincodeDeserialize(std::vector return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligInputs::Array& obj, +void serde::Serializable::serialize(const Program::BrilligInputs::Array& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -4967,15 +4975,15 @@ void serde::Serializable::serialize(const Circuit template <> template -Circuit::BrilligInputs::Array serde::Deserializable::deserialize( +Program::BrilligInputs::Array serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligInputs::Array obj; + Program::BrilligInputs::Array obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligInputs::MemoryArray& lhs, const BrilligInputs::MemoryArray& rhs) { @@ -5002,11 +5010,11 @@ inline BrilligInputs::MemoryArray BrilligInputs::MemoryArray::bincodeDeserialize return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligInputs::MemoryArray& obj, +void serde::Serializable::serialize(const Program::BrilligInputs::MemoryArray& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -5014,15 +5022,15 @@ void serde::Serializable::serialize(const C template <> template -Circuit::BrilligInputs::MemoryArray serde::Deserializable::deserialize( +Program::BrilligInputs::MemoryArray serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligInputs::MemoryArray obj; + Program::BrilligInputs::MemoryArray obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode& lhs, const BrilligOpcode& rhs) { @@ -5049,11 +5057,11 @@ inline BrilligOpcode BrilligOpcode::bincodeDeserialize(std::vector inpu return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::BrilligOpcode& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -5062,16 +5070,16 @@ void serde::Serializable::serialize(const Circuit::Brill template <> template -Circuit::BrilligOpcode serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BrilligOpcode serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::BrilligOpcode obj; + Program::BrilligOpcode obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::BinaryFieldOp& lhs, const BrilligOpcode::BinaryFieldOp& rhs) { @@ -5107,12 +5115,12 @@ inline BrilligOpcode::BinaryFieldOp BrilligOpcode::BinaryFieldOp::bincodeDeseria return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BrilligOpcode::BinaryFieldOp& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BrilligOpcode::BinaryFieldOp& obj, Serializer& serializer) { serde::Serializable::serialize(obj.destination, serializer); serde::Serializable::serialize(obj.op, serializer); @@ -5122,10 +5130,10 @@ void serde::Serializable::serialize( template <> template -Circuit::BrilligOpcode::BinaryFieldOp serde::Deserializable::deserialize( +Program::BrilligOpcode::BinaryFieldOp serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::BinaryFieldOp obj; + Program::BrilligOpcode::BinaryFieldOp obj; obj.destination = serde::Deserializable::deserialize(deserializer); obj.op = serde::Deserializable::deserialize(deserializer); obj.lhs = serde::Deserializable::deserialize(deserializer); @@ -5133,7 +5141,7 @@ Circuit::BrilligOpcode::BinaryFieldOp serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::BinaryIntOp& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::BinaryIntOp& obj, Serializer& serializer) { serde::Serializable::serialize(obj.destination, serializer); @@ -5188,10 +5196,10 @@ void serde::Serializable::serialize(const C template <> template -Circuit::BrilligOpcode::BinaryIntOp serde::Deserializable::deserialize( +Program::BrilligOpcode::BinaryIntOp serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::BinaryIntOp obj; + Program::BrilligOpcode::BinaryIntOp obj; obj.destination = serde::Deserializable::deserialize(deserializer); obj.op = serde::Deserializable::deserialize(deserializer); obj.bit_size = serde::Deserializable::deserialize(deserializer); @@ -5200,7 +5208,7 @@ Circuit::BrilligOpcode::BinaryIntOp serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Cast& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::Cast& obj, Serializer& serializer) { serde::Serializable::serialize(obj.destination, serializer); @@ -5247,17 +5255,17 @@ void serde::Serializable::serialize(const Circuit: template <> template -Circuit::BrilligOpcode::Cast serde::Deserializable::deserialize( +Program::BrilligOpcode::Cast serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::Cast obj; + Program::BrilligOpcode::Cast obj; obj.destination = serde::Deserializable::deserialize(deserializer); obj.source = serde::Deserializable::deserialize(deserializer); obj.bit_size = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::JumpIfNot& lhs, const BrilligOpcode::JumpIfNot& rhs) { @@ -5287,11 +5295,11 @@ inline BrilligOpcode::JumpIfNot BrilligOpcode::JumpIfNot::bincodeDeserialize(std return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::JumpIfNot& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::JumpIfNot& obj, Serializer& serializer) { serde::Serializable::serialize(obj.condition, serializer); @@ -5300,16 +5308,16 @@ void serde::Serializable::serialize(const Cir template <> template -Circuit::BrilligOpcode::JumpIfNot serde::Deserializable::deserialize( +Program::BrilligOpcode::JumpIfNot serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::JumpIfNot obj; + Program::BrilligOpcode::JumpIfNot obj; obj.condition = serde::Deserializable::deserialize(deserializer); obj.location = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::JumpIf& lhs, const BrilligOpcode::JumpIf& rhs) { @@ -5339,11 +5347,11 @@ inline BrilligOpcode::JumpIf BrilligOpcode::JumpIf::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::JumpIf& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::JumpIf& obj, Serializer& serializer) { serde::Serializable::serialize(obj.condition, serializer); @@ -5352,16 +5360,16 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BrilligOpcode::JumpIf serde::Deserializable::deserialize( +Program::BrilligOpcode::JumpIf serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::JumpIf obj; + Program::BrilligOpcode::JumpIf obj; obj.condition = serde::Deserializable::deserialize(deserializer); obj.location = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Jump& lhs, const BrilligOpcode::Jump& rhs) { @@ -5388,11 +5396,11 @@ inline BrilligOpcode::Jump BrilligOpcode::Jump::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Jump& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::Jump& obj, Serializer& serializer) { serde::Serializable::serialize(obj.location, serializer); @@ -5400,15 +5408,15 @@ void serde::Serializable::serialize(const Circuit: template <> template -Circuit::BrilligOpcode::Jump serde::Deserializable::deserialize( +Program::BrilligOpcode::Jump serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::Jump obj; + Program::BrilligOpcode::Jump obj; obj.location = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::CalldataCopy& lhs, const BrilligOpcode::CalldataCopy& rhs) { @@ -5441,12 +5449,12 @@ inline BrilligOpcode::CalldataCopy BrilligOpcode::CalldataCopy::bincodeDeseriali return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::BrilligOpcode::CalldataCopy& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::BrilligOpcode::CalldataCopy& obj, Serializer& serializer) { serde::Serializable::serialize(obj.destination_address, serializer); serde::Serializable::serialize(obj.size, serializer); @@ -5455,17 +5463,17 @@ void serde::Serializable::serialize( template <> template -Circuit::BrilligOpcode::CalldataCopy serde::Deserializable::deserialize( +Program::BrilligOpcode::CalldataCopy serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::CalldataCopy obj; + Program::BrilligOpcode::CalldataCopy obj; obj.destination_address = serde::Deserializable::deserialize(deserializer); obj.size = serde::Deserializable::deserialize(deserializer); obj.offset = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Call& lhs, const BrilligOpcode::Call& rhs) { @@ -5492,11 +5500,11 @@ inline BrilligOpcode::Call BrilligOpcode::Call::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Call& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::Call& obj, Serializer& serializer) { serde::Serializable::serialize(obj.location, serializer); @@ -5504,15 +5512,15 @@ void serde::Serializable::serialize(const Circuit: template <> template -Circuit::BrilligOpcode::Call serde::Deserializable::deserialize( +Program::BrilligOpcode::Call serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::Call obj; + Program::BrilligOpcode::Call obj; obj.location = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Const& lhs, const BrilligOpcode::Const& rhs) { @@ -5545,11 +5553,11 @@ inline BrilligOpcode::Const BrilligOpcode::Const::bincodeDeserialize(std::vector return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Const& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::Const& obj, Serializer& serializer) { serde::Serializable::serialize(obj.destination, serializer); @@ -5559,17 +5567,17 @@ void serde::Serializable::serialize(const Circuit template <> template -Circuit::BrilligOpcode::Const serde::Deserializable::deserialize( +Program::BrilligOpcode::Const serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::Const obj; + Program::BrilligOpcode::Const obj; obj.destination = serde::Deserializable::deserialize(deserializer); obj.bit_size = serde::Deserializable::deserialize(deserializer); obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Return& lhs, const BrilligOpcode::Return& rhs) { @@ -5593,24 +5601,24 @@ inline BrilligOpcode::Return BrilligOpcode::Return::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Return& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::Return& obj, Serializer& serializer) {} template <> template -Circuit::BrilligOpcode::Return serde::Deserializable::deserialize( +Program::BrilligOpcode::Return serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::Return obj; + Program::BrilligOpcode::Return obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::ForeignCall& lhs, const BrilligOpcode::ForeignCall& rhs) { @@ -5649,11 +5657,11 @@ inline BrilligOpcode::ForeignCall BrilligOpcode::ForeignCall::bincodeDeserialize return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::ForeignCall& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::ForeignCall& obj, Serializer& serializer) { serde::Serializable::serialize(obj.function, serializer); @@ -5665,10 +5673,10 @@ void serde::Serializable::serialize(const C template <> template -Circuit::BrilligOpcode::ForeignCall serde::Deserializable::deserialize( +Program::BrilligOpcode::ForeignCall serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::ForeignCall obj; + Program::BrilligOpcode::ForeignCall obj; obj.function = serde::Deserializable::deserialize(deserializer); obj.destinations = serde::Deserializable::deserialize(deserializer); obj.destination_value_types = @@ -5678,7 +5686,7 @@ Circuit::BrilligOpcode::ForeignCall serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Mov& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::Mov& obj, Serializer& serializer) { serde::Serializable::serialize(obj.destination, serializer); @@ -5721,15 +5729,15 @@ void serde::Serializable::serialize(const Circuit:: template <> template -Circuit::BrilligOpcode::Mov serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BrilligOpcode::Mov serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::BrilligOpcode::Mov obj; + Program::BrilligOpcode::Mov obj; obj.destination = serde::Deserializable::deserialize(deserializer); obj.source = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Load& lhs, const BrilligOpcode::Load& rhs) { @@ -5759,11 +5767,11 @@ inline BrilligOpcode::Load BrilligOpcode::Load::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Load& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::Load& obj, Serializer& serializer) { serde::Serializable::serialize(obj.destination, serializer); @@ -5772,16 +5780,16 @@ void serde::Serializable::serialize(const Circuit: template <> template -Circuit::BrilligOpcode::Load serde::Deserializable::deserialize( +Program::BrilligOpcode::Load serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::Load obj; + Program::BrilligOpcode::Load obj; obj.destination = serde::Deserializable::deserialize(deserializer); obj.source_pointer = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Store& lhs, const BrilligOpcode::Store& rhs) { @@ -5811,11 +5819,11 @@ inline BrilligOpcode::Store BrilligOpcode::Store::bincodeDeserialize(std::vector return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Store& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::Store& obj, Serializer& serializer) { serde::Serializable::serialize(obj.destination_pointer, serializer); @@ -5824,16 +5832,16 @@ void serde::Serializable::serialize(const Circuit template <> template -Circuit::BrilligOpcode::Store serde::Deserializable::deserialize( +Program::BrilligOpcode::Store serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::Store obj; + Program::BrilligOpcode::Store obj; obj.destination_pointer = serde::Deserializable::deserialize(deserializer); obj.source = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::BlackBox& lhs, const BrilligOpcode::BlackBox& rhs) { @@ -5860,11 +5868,11 @@ inline BrilligOpcode::BlackBox BrilligOpcode::BlackBox::bincodeDeserialize(std:: return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::BlackBox& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::BlackBox& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -5872,15 +5880,15 @@ void serde::Serializable::serialize(const Circ template <> template -Circuit::BrilligOpcode::BlackBox serde::Deserializable::deserialize( +Program::BrilligOpcode::BlackBox serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::BlackBox obj; + Program::BrilligOpcode::BlackBox obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Trap& lhs, const BrilligOpcode::Trap& rhs) { @@ -5904,24 +5912,24 @@ inline BrilligOpcode::Trap BrilligOpcode::Trap::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Trap& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::Trap& obj, Serializer& serializer) {} template <> template -Circuit::BrilligOpcode::Trap serde::Deserializable::deserialize( +Program::BrilligOpcode::Trap serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::Trap obj; + Program::BrilligOpcode::Trap obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Stop& lhs, const BrilligOpcode::Stop& rhs) { @@ -5951,11 +5959,11 @@ inline BrilligOpcode::Stop BrilligOpcode::Stop::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Stop& obj, +void serde::Serializable::serialize(const Program::BrilligOpcode::Stop& obj, Serializer& serializer) { serde::Serializable::serialize(obj.return_data_offset, serializer); @@ -5964,16 +5972,16 @@ void serde::Serializable::serialize(const Circuit: template <> template -Circuit::BrilligOpcode::Stop serde::Deserializable::deserialize( +Program::BrilligOpcode::Stop serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOpcode::Stop obj; + Program::BrilligOpcode::Stop obj; obj.return_data_offset = serde::Deserializable::deserialize(deserializer); obj.return_data_size = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOutputs& lhs, const BrilligOutputs& rhs) { @@ -6000,11 +6008,11 @@ inline BrilligOutputs BrilligOutputs::bincodeDeserialize(std::vector in return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOutputs& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::BrilligOutputs& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -6013,16 +6021,16 @@ void serde::Serializable::serialize(const Circuit::Bril template <> template -Circuit::BrilligOutputs serde::Deserializable::deserialize(Deserializer& deserializer) +Program::BrilligOutputs serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::BrilligOutputs obj; + Program::BrilligOutputs obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOutputs::Simple& lhs, const BrilligOutputs::Simple& rhs) { @@ -6049,11 +6057,11 @@ inline BrilligOutputs::Simple BrilligOutputs::Simple::bincodeDeserialize(std::ve return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOutputs::Simple& obj, +void serde::Serializable::serialize(const Program::BrilligOutputs::Simple& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -6061,15 +6069,15 @@ void serde::Serializable::serialize(const Circu template <> template -Circuit::BrilligOutputs::Simple serde::Deserializable::deserialize( +Program::BrilligOutputs::Simple serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOutputs::Simple obj; + Program::BrilligOutputs::Simple obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOutputs::Array& lhs, const BrilligOutputs::Array& rhs) { @@ -6096,11 +6104,11 @@ inline BrilligOutputs::Array BrilligOutputs::Array::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOutputs::Array& obj, +void serde::Serializable::serialize(const Program::BrilligOutputs::Array& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -6108,15 +6116,15 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BrilligOutputs::Array serde::Deserializable::deserialize( +Program::BrilligOutputs::Array serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::BrilligOutputs::Array obj; + Program::BrilligOutputs::Array obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Circuit& lhs, const Circuit& rhs) { @@ -6164,11 +6172,11 @@ inline Circuit Circuit::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Circuit& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::Circuit& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.current_witness_index, serializer); @@ -6184,10 +6192,10 @@ void serde::Serializable::serialize(const Circuit::Circuit& ob template <> template -Circuit::Circuit serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Circuit serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::Circuit obj; + Program::Circuit obj; obj.current_witness_index = serde::Deserializable::deserialize(deserializer); obj.opcodes = serde::Deserializable::deserialize(deserializer); obj.expression_width = serde::Deserializable::deserialize(deserializer); @@ -6200,7 +6208,7 @@ Circuit::Circuit serde::Deserializable::deserialize(Deserializ return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Directive& lhs, const Directive& rhs) { @@ -6227,11 +6235,11 @@ inline Directive Directive::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Directive& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::Directive& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -6240,16 +6248,16 @@ void serde::Serializable::serialize(const Circuit::Directive template <> template -Circuit::Directive serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Directive serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::Directive obj; + Program::Directive obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Directive::ToLeRadix& lhs, const Directive::ToLeRadix& rhs) { @@ -6282,11 +6290,11 @@ inline Directive::ToLeRadix Directive::ToLeRadix::bincodeDeserialize(std::vector return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Directive::ToLeRadix& obj, +void serde::Serializable::serialize(const Program::Directive::ToLeRadix& obj, Serializer& serializer) { serde::Serializable::serialize(obj.a, serializer); @@ -6296,17 +6304,17 @@ void serde::Serializable::serialize(const Circuit template <> template -Circuit::Directive::ToLeRadix serde::Deserializable::deserialize( +Program::Directive::ToLeRadix serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::Directive::ToLeRadix obj; + Program::Directive::ToLeRadix obj; obj.a = serde::Deserializable::deserialize(deserializer); obj.b = serde::Deserializable::deserialize(deserializer); obj.radix = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Expression& lhs, const Expression& rhs) { @@ -6339,11 +6347,11 @@ inline Expression Expression::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Expression& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::Expression& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.mul_terms, serializer); @@ -6354,10 +6362,10 @@ void serde::Serializable::serialize(const Circuit::Expressi template <> template -Circuit::Expression serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Expression serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::Expression obj; + Program::Expression obj; obj.mul_terms = serde::Deserializable::deserialize(deserializer); obj.linear_combinations = serde::Deserializable::deserialize(deserializer); obj.q_c = serde::Deserializable::deserialize(deserializer); @@ -6365,7 +6373,7 @@ Circuit::Expression serde::Deserializable::deserialize(Dese return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ExpressionWidth& lhs, const ExpressionWidth& rhs) { @@ -6392,11 +6400,11 @@ inline ExpressionWidth ExpressionWidth::bincodeDeserialize(std::vector return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ExpressionWidth& obj, +void serde::Serializable::serialize(const Program::ExpressionWidth& obj, Serializer& serializer) { serializer.increase_container_depth(); @@ -6406,16 +6414,16 @@ void serde::Serializable::serialize(const Circuit::Exp template <> template -Circuit::ExpressionWidth serde::Deserializable::deserialize(Deserializer& deserializer) +Program::ExpressionWidth serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::ExpressionWidth obj; + Program::ExpressionWidth obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ExpressionWidth::Unbounded& lhs, const ExpressionWidth::Unbounded& rhs) { @@ -6439,24 +6447,24 @@ inline ExpressionWidth::Unbounded ExpressionWidth::Unbounded::bincodeDeserialize return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ExpressionWidth::Unbounded& obj, +void serde::Serializable::serialize(const Program::ExpressionWidth::Unbounded& obj, Serializer& serializer) {} template <> template -Circuit::ExpressionWidth::Unbounded serde::Deserializable::deserialize( +Program::ExpressionWidth::Unbounded serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::ExpressionWidth::Unbounded obj; + Program::ExpressionWidth::Unbounded obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ExpressionWidth::Bounded& lhs, const ExpressionWidth::Bounded& rhs) { @@ -6483,11 +6491,11 @@ inline ExpressionWidth::Bounded ExpressionWidth::Bounded::bincodeDeserialize(std return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ExpressionWidth::Bounded& obj, +void serde::Serializable::serialize(const Program::ExpressionWidth::Bounded& obj, Serializer& serializer) { serde::Serializable::serialize(obj.width, serializer); @@ -6495,15 +6503,15 @@ void serde::Serializable::serialize(const Cir template <> template -Circuit::ExpressionWidth::Bounded serde::Deserializable::deserialize( +Program::ExpressionWidth::Bounded serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::ExpressionWidth::Bounded obj; + Program::ExpressionWidth::Bounded obj; obj.width = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const FunctionInput& lhs, const FunctionInput& rhs) { @@ -6533,11 +6541,11 @@ inline FunctionInput FunctionInput::bincodeDeserialize(std::vector inpu return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::FunctionInput& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::FunctionInput& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.witness, serializer); @@ -6547,17 +6555,17 @@ void serde::Serializable::serialize(const Circuit::Funct template <> template -Circuit::FunctionInput serde::Deserializable::deserialize(Deserializer& deserializer) +Program::FunctionInput serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::FunctionInput obj; + Program::FunctionInput obj; obj.witness = serde::Deserializable::deserialize(deserializer); obj.num_bits = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const HeapArray& lhs, const HeapArray& rhs) { @@ -6587,11 +6595,11 @@ inline HeapArray HeapArray::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::HeapArray& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::HeapArray& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.pointer, serializer); @@ -6601,17 +6609,17 @@ void serde::Serializable::serialize(const Circuit::HeapArray template <> template -Circuit::HeapArray serde::Deserializable::deserialize(Deserializer& deserializer) +Program::HeapArray serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::HeapArray obj; + Program::HeapArray obj; obj.pointer = serde::Deserializable::deserialize(deserializer); obj.size = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const HeapValueType& lhs, const HeapValueType& rhs) { @@ -6638,11 +6646,11 @@ inline HeapValueType HeapValueType::bincodeDeserialize(std::vector inpu return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::HeapValueType& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::HeapValueType& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -6651,16 +6659,16 @@ void serde::Serializable::serialize(const Circuit::HeapV template <> template -Circuit::HeapValueType serde::Deserializable::deserialize(Deserializer& deserializer) +Program::HeapValueType serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::HeapValueType obj; + Program::HeapValueType obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const HeapValueType::Simple& lhs, const HeapValueType::Simple& rhs) { @@ -6684,24 +6692,24 @@ inline HeapValueType::Simple HeapValueType::Simple::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::HeapValueType::Simple& obj, +void serde::Serializable::serialize(const Program::HeapValueType::Simple& obj, Serializer& serializer) {} template <> template -Circuit::HeapValueType::Simple serde::Deserializable::deserialize( +Program::HeapValueType::Simple serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::HeapValueType::Simple obj; + Program::HeapValueType::Simple obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const HeapValueType::Array& lhs, const HeapValueType::Array& rhs) { @@ -6731,11 +6739,11 @@ inline HeapValueType::Array HeapValueType::Array::bincodeDeserialize(std::vector return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::HeapValueType::Array& obj, +void serde::Serializable::serialize(const Program::HeapValueType::Array& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value_types, serializer); @@ -6744,16 +6752,16 @@ void serde::Serializable::serialize(const Circuit template <> template -Circuit::HeapValueType::Array serde::Deserializable::deserialize( +Program::HeapValueType::Array serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::HeapValueType::Array obj; + Program::HeapValueType::Array obj; obj.value_types = serde::Deserializable::deserialize(deserializer); obj.size = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const HeapValueType::Vector& lhs, const HeapValueType::Vector& rhs) { @@ -6780,11 +6788,11 @@ inline HeapValueType::Vector HeapValueType::Vector::bincodeDeserialize(std::vect return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::HeapValueType::Vector& obj, +void serde::Serializable::serialize(const Program::HeapValueType::Vector& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value_types, serializer); @@ -6792,15 +6800,15 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::HeapValueType::Vector serde::Deserializable::deserialize( +Program::HeapValueType::Vector serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::HeapValueType::Vector obj; + Program::HeapValueType::Vector obj; obj.value_types = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const HeapVector& lhs, const HeapVector& rhs) { @@ -6830,11 +6838,11 @@ inline HeapVector HeapVector::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::HeapVector& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::HeapVector& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.pointer, serializer); @@ -6844,17 +6852,17 @@ void serde::Serializable::serialize(const Circuit::HeapVect template <> template -Circuit::HeapVector serde::Deserializable::deserialize(Deserializer& deserializer) +Program::HeapVector serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::HeapVector obj; + Program::HeapVector obj; obj.pointer = serde::Deserializable::deserialize(deserializer); obj.size = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const MemOp& lhs, const MemOp& rhs) { @@ -6887,11 +6895,11 @@ inline MemOp MemOp::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::MemOp& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::MemOp& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.operation, serializer); @@ -6902,10 +6910,10 @@ void serde::Serializable::serialize(const Circuit::MemOp& obj, S template <> template -Circuit::MemOp serde::Deserializable::deserialize(Deserializer& deserializer) +Program::MemOp serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::MemOp obj; + Program::MemOp obj; obj.operation = serde::Deserializable::deserialize(deserializer); obj.index = serde::Deserializable::deserialize(deserializer); obj.value = serde::Deserializable::deserialize(deserializer); @@ -6913,7 +6921,7 @@ Circuit::MemOp serde::Deserializable::deserialize(Deserializer& return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const MemoryAddress& lhs, const MemoryAddress& rhs) { @@ -6940,11 +6948,11 @@ inline MemoryAddress MemoryAddress::bincodeDeserialize(std::vector inpu return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::MemoryAddress& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::MemoryAddress& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -6953,16 +6961,16 @@ void serde::Serializable::serialize(const Circuit::Memor template <> template -Circuit::MemoryAddress serde::Deserializable::deserialize(Deserializer& deserializer) +Program::MemoryAddress serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::MemoryAddress obj; + Program::MemoryAddress obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode& lhs, const Opcode& rhs) { @@ -6989,11 +6997,11 @@ inline Opcode Opcode::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Opcode& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::Opcode& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -7002,16 +7010,16 @@ void serde::Serializable::serialize(const Circuit::Opcode& obj, template <> template -Circuit::Opcode serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Opcode serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::Opcode obj; + Program::Opcode obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::AssertZero& lhs, const Opcode::AssertZero& rhs) { @@ -7038,11 +7046,11 @@ inline Opcode::AssertZero Opcode::AssertZero::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::Opcode::AssertZero& obj, +void serde::Serializable::serialize(const Program::Opcode::AssertZero& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -7050,14 +7058,14 @@ void serde::Serializable::serialize(const Circuit:: template <> template -Circuit::Opcode::AssertZero serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Opcode::AssertZero serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::Opcode::AssertZero obj; + Program::Opcode::AssertZero obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::BlackBoxFuncCall& lhs, const Opcode::BlackBoxFuncCall& rhs) { @@ -7084,11 +7092,11 @@ inline Opcode::BlackBoxFuncCall Opcode::BlackBoxFuncCall::bincodeDeserialize(std return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Opcode::BlackBoxFuncCall& obj, +void serde::Serializable::serialize(const Program::Opcode::BlackBoxFuncCall& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -7096,15 +7104,15 @@ void serde::Serializable::serialize(const Cir template <> template -Circuit::Opcode::BlackBoxFuncCall serde::Deserializable::deserialize( +Program::Opcode::BlackBoxFuncCall serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::Opcode::BlackBoxFuncCall obj; + Program::Opcode::BlackBoxFuncCall obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::Directive& lhs, const Opcode::Directive& rhs) { @@ -7131,11 +7139,11 @@ inline Opcode::Directive Opcode::Directive::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::Opcode::Directive& obj, +void serde::Serializable::serialize(const Program::Opcode::Directive& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -7143,14 +7151,14 @@ void serde::Serializable::serialize(const Circuit::O template <> template -Circuit::Opcode::Directive serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Opcode::Directive serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::Opcode::Directive obj; + Program::Opcode::Directive obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::Brillig& lhs, const Opcode::Brillig& rhs) { @@ -7177,11 +7185,11 @@ inline Opcode::Brillig Opcode::Brillig::bincodeDeserialize(std::vector return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Opcode::Brillig& obj, +void serde::Serializable::serialize(const Program::Opcode::Brillig& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -7189,14 +7197,14 @@ void serde::Serializable::serialize(const Circuit::Opc template <> template -Circuit::Opcode::Brillig serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Opcode::Brillig serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::Opcode::Brillig obj; + Program::Opcode::Brillig obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::MemoryOp& lhs, const Opcode::MemoryOp& rhs) { @@ -7229,11 +7237,11 @@ inline Opcode::MemoryOp Opcode::MemoryOp::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::Opcode::MemoryOp& obj, +void serde::Serializable::serialize(const Program::Opcode::MemoryOp& obj, Serializer& serializer) { serde::Serializable::serialize(obj.block_id, serializer); @@ -7243,16 +7251,16 @@ void serde::Serializable::serialize(const Circuit::Op template <> template -Circuit::Opcode::MemoryOp serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Opcode::MemoryOp serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::Opcode::MemoryOp obj; + Program::Opcode::MemoryOp obj; obj.block_id = serde::Deserializable::deserialize(deserializer); obj.op = serde::Deserializable::deserialize(deserializer); obj.predicate = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::MemoryInit& lhs, const Opcode::MemoryInit& rhs) { @@ -7282,11 +7290,11 @@ inline Opcode::MemoryInit Opcode::MemoryInit::bincodeDeserialize(std::vector template -void serde::Serializable::serialize(const Circuit::Opcode::MemoryInit& obj, +void serde::Serializable::serialize(const Program::Opcode::MemoryInit& obj, Serializer& serializer) { serde::Serializable::serialize(obj.block_id, serializer); @@ -7295,15 +7303,15 @@ void serde::Serializable::serialize(const Circuit:: template <> template -Circuit::Opcode::MemoryInit serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Opcode::MemoryInit serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::Opcode::MemoryInit obj; + Program::Opcode::MemoryInit obj; obj.block_id = serde::Deserializable::deserialize(deserializer); obj.init = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::Call& lhs, const Opcode::Call& rhs) { @@ -7336,11 +7344,11 @@ inline Opcode::Call Opcode::Call::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Opcode::Call& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::Opcode::Call& obj, Serializer& serializer) { serde::Serializable::serialize(obj.id, serializer); serde::Serializable::serialize(obj.inputs, serializer); @@ -7349,16 +7357,16 @@ void serde::Serializable::serialize(const Circuit::Opcode template <> template -Circuit::Opcode::Call serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Opcode::Call serde::Deserializable::deserialize(Deserializer& deserializer) { - Circuit::Opcode::Call obj; + Program::Opcode::Call obj; obj.id = serde::Deserializable::deserialize(deserializer); obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const OpcodeLocation& lhs, const OpcodeLocation& rhs) { @@ -7385,11 +7393,11 @@ inline OpcodeLocation OpcodeLocation::bincodeDeserialize(std::vector in return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::OpcodeLocation& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::OpcodeLocation& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -7398,16 +7406,16 @@ void serde::Serializable::serialize(const Circuit::Opco template <> template -Circuit::OpcodeLocation serde::Deserializable::deserialize(Deserializer& deserializer) +Program::OpcodeLocation serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::OpcodeLocation obj; + Program::OpcodeLocation obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const OpcodeLocation::Acir& lhs, const OpcodeLocation::Acir& rhs) { @@ -7434,11 +7442,11 @@ inline OpcodeLocation::Acir OpcodeLocation::Acir::bincodeDeserialize(std::vector return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::OpcodeLocation::Acir& obj, +void serde::Serializable::serialize(const Program::OpcodeLocation::Acir& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -7446,15 +7454,15 @@ void serde::Serializable::serialize(const Circuit template <> template -Circuit::OpcodeLocation::Acir serde::Deserializable::deserialize( +Program::OpcodeLocation::Acir serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::OpcodeLocation::Acir obj; + Program::OpcodeLocation::Acir obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const OpcodeLocation::Brillig& lhs, const OpcodeLocation::Brillig& rhs) { @@ -7484,11 +7492,11 @@ inline OpcodeLocation::Brillig OpcodeLocation::Brillig::bincodeDeserialize(std:: return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::OpcodeLocation::Brillig& obj, +void serde::Serializable::serialize(const Program::OpcodeLocation::Brillig& obj, Serializer& serializer) { serde::Serializable::serialize(obj.acir_index, serializer); @@ -7497,16 +7505,65 @@ void serde::Serializable::serialize(const Circ template <> template -Circuit::OpcodeLocation::Brillig serde::Deserializable::deserialize( +Program::OpcodeLocation::Brillig serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::OpcodeLocation::Brillig obj; + Program::OpcodeLocation::Brillig obj; obj.acir_index = serde::Deserializable::deserialize(deserializer); obj.brillig_index = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { + +inline bool operator==(const Program& lhs, const Program& rhs) +{ + if (!(lhs.functions == rhs.functions)) { + return false; + } + return true; +} + +inline std::vector Program::bincodeSerialize() const +{ + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); +} + +inline Program Program::bincodeDeserialize(std::vector input) +{ + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw_or_abort("Some input bytes were not read"); + } + return value; +} + +} // end of namespace Program + +template <> +template +void serde::Serializable::serialize(const Program::Program& obj, Serializer& serializer) +{ + serializer.increase_container_depth(); + serde::Serializable::serialize(obj.functions, serializer); + serializer.decrease_container_depth(); +} + +template <> +template +Program::Program serde::Deserializable::deserialize(Deserializer& deserializer) +{ + deserializer.increase_container_depth(); + Program::Program obj; + obj.functions = serde::Deserializable::deserialize(deserializer); + deserializer.decrease_container_depth(); + return obj; +} + +namespace Program { inline bool operator==(const PublicInputs& lhs, const PublicInputs& rhs) { @@ -7533,11 +7590,11 @@ inline PublicInputs PublicInputs::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::PublicInputs& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::PublicInputs& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -7546,16 +7603,16 @@ void serde::Serializable::serialize(const Circuit::Public template <> template -Circuit::PublicInputs serde::Deserializable::deserialize(Deserializer& deserializer) +Program::PublicInputs serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::PublicInputs obj; + Program::PublicInputs obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Value& lhs, const Value& rhs) { @@ -7582,11 +7639,11 @@ inline Value Value::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Value& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::Value& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.inner, serializer); @@ -7595,16 +7652,16 @@ void serde::Serializable::serialize(const Circuit::Value& obj, S template <> template -Circuit::Value serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Value serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::Value obj; + Program::Value obj; obj.inner = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ValueOrArray& lhs, const ValueOrArray& rhs) { @@ -7631,11 +7688,11 @@ inline ValueOrArray ValueOrArray::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ValueOrArray& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::ValueOrArray& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -7644,16 +7701,16 @@ void serde::Serializable::serialize(const Circuit::ValueO template <> template -Circuit::ValueOrArray serde::Deserializable::deserialize(Deserializer& deserializer) +Program::ValueOrArray serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::ValueOrArray obj; + Program::ValueOrArray obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ValueOrArray::MemoryAddress& lhs, const ValueOrArray::MemoryAddress& rhs) { @@ -7680,27 +7737,27 @@ inline ValueOrArray::MemoryAddress ValueOrArray::MemoryAddress::bincodeDeseriali return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize( - const Circuit::ValueOrArray::MemoryAddress& obj, Serializer& serializer) +void serde::Serializable::serialize( + const Program::ValueOrArray::MemoryAddress& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::ValueOrArray::MemoryAddress serde::Deserializable::deserialize( +Program::ValueOrArray::MemoryAddress serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::ValueOrArray::MemoryAddress obj; + Program::ValueOrArray::MemoryAddress obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ValueOrArray::HeapArray& lhs, const ValueOrArray::HeapArray& rhs) { @@ -7727,11 +7784,11 @@ inline ValueOrArray::HeapArray ValueOrArray::HeapArray::bincodeDeserialize(std:: return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ValueOrArray::HeapArray& obj, +void serde::Serializable::serialize(const Program::ValueOrArray::HeapArray& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -7739,15 +7796,15 @@ void serde::Serializable::serialize(const Circ template <> template -Circuit::ValueOrArray::HeapArray serde::Deserializable::deserialize( +Program::ValueOrArray::HeapArray serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::ValueOrArray::HeapArray obj; + Program::ValueOrArray::HeapArray obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ValueOrArray::HeapVector& lhs, const ValueOrArray::HeapVector& rhs) { @@ -7774,11 +7831,11 @@ inline ValueOrArray::HeapVector ValueOrArray::HeapVector::bincodeDeserialize(std return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ValueOrArray::HeapVector& obj, +void serde::Serializable::serialize(const Program::ValueOrArray::HeapVector& obj, Serializer& serializer) { serde::Serializable::serialize(obj.value, serializer); @@ -7786,15 +7843,15 @@ void serde::Serializable::serialize(const Cir template <> template -Circuit::ValueOrArray::HeapVector serde::Deserializable::deserialize( +Program::ValueOrArray::HeapVector serde::Deserializable::deserialize( Deserializer& deserializer) { - Circuit::ValueOrArray::HeapVector obj; + Program::ValueOrArray::HeapVector obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Witness& lhs, const Witness& rhs) { @@ -7821,11 +7878,11 @@ inline Witness Witness::bincodeDeserialize(std::vector input) return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Witness& obj, Serializer& serializer) +void serde::Serializable::serialize(const Program::Witness& obj, Serializer& serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); @@ -7834,10 +7891,10 @@ void serde::Serializable::serialize(const Circuit::Witness& ob template <> template -Circuit::Witness serde::Deserializable::deserialize(Deserializer& deserializer) +Program::Witness serde::Deserializable::deserialize(Deserializer& deserializer) { deserializer.increase_container_depth(); - Circuit::Witness obj; + Program::Witness obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/index.hpp b/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/index.hpp index 82716cef883..cbbc3ca1b33 100644 --- a/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/index.hpp +++ b/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/index.hpp @@ -6,7 +6,7 @@ #pragma clang diagnostic ignored "-Wshorten-64-to-32" #pragma clang diagnostic ignored "-Wunused-parameter" #include "acir.hpp" -#include "witness_map.hpp" +#include "witness_stack.hpp" #pragma clang diagnostic pop #else #pragma GCC diagnostic push diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/witness_map.hpp b/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/witness_map.hpp deleted file mode 100644 index de4523e7020..00000000000 --- a/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/witness_map.hpp +++ /dev/null @@ -1,123 +0,0 @@ -#pragma once - -#include "bincode.hpp" -#include "serde.hpp" - -namespace WitnessMap { - -struct Witness { - uint32_t value; - - friend bool operator==(const Witness&, const Witness&); - bool operator<(Witness const& rhs) const { return value < rhs.value; } - std::vector bincodeSerialize() const; - static Witness bincodeDeserialize(std::vector); -}; - -struct WitnessMap { - std::map value; - - friend bool operator==(const WitnessMap&, const WitnessMap&); - std::vector bincodeSerialize() const; - static WitnessMap bincodeDeserialize(std::vector); -}; - -} // end of namespace WitnessMap - -namespace WitnessMap { - -inline bool operator==(const Witness& lhs, const Witness& rhs) -{ - if (!(lhs.value == rhs.value)) { - return false; - } - return true; -} - -inline std::vector Witness::bincodeSerialize() const -{ - auto serializer = serde::BincodeSerializer(); - serde::Serializable::serialize(*this, serializer); - return std::move(serializer).bytes(); -} - -inline Witness Witness::bincodeDeserialize(std::vector input) -{ - auto deserializer = serde::BincodeDeserializer(input); - auto value = serde::Deserializable::deserialize(deserializer); - if (deserializer.get_buffer_offset() < input.size()) { - throw_or_abort("Some input bytes were not read"); - } - return value; -} - -} // end of namespace WitnessMap - -template <> -template -void serde::Serializable::serialize(const WitnessMap::Witness& obj, Serializer& serializer) -{ - serializer.increase_container_depth(); - serde::Serializable::serialize(obj.value, serializer); - serializer.decrease_container_depth(); -} - -template <> -template -WitnessMap::Witness serde::Deserializable::deserialize(Deserializer& deserializer) -{ - deserializer.increase_container_depth(); - WitnessMap::Witness obj; - obj.value = serde::Deserializable::deserialize(deserializer); - deserializer.decrease_container_depth(); - return obj; -} - -namespace WitnessMap { - -inline bool operator==(const WitnessMap& lhs, const WitnessMap& rhs) -{ - if (!(lhs.value == rhs.value)) { - return false; - } - return true; -} - -inline std::vector WitnessMap::bincodeSerialize() const -{ - auto serializer = serde::BincodeSerializer(); - serde::Serializable::serialize(*this, serializer); - return std::move(serializer).bytes(); -} - -inline WitnessMap WitnessMap::bincodeDeserialize(std::vector input) -{ - auto deserializer = serde::BincodeDeserializer(input); - auto value = serde::Deserializable::deserialize(deserializer); - if (deserializer.get_buffer_offset() < input.size()) { - throw_or_abort("Some input bytes were not read"); - } - return value; -} - -} // end of namespace WitnessMap - -template <> -template -void serde::Serializable::serialize(const WitnessMap::WitnessMap& obj, Serializer& serializer) -{ - serializer.increase_container_depth(); - serde::Serializable::serialize(obj.value, serializer); - serializer.decrease_container_depth(); -} - -template <> -template -WitnessMap::WitnessMap serde::Deserializable::deserialize(Deserializer& deserializer) -{ - deserializer.increase_container_depth(); - WitnessMap::WitnessMap obj; - obj.value = serde::Deserializable::deserialize(deserializer); - deserializer.decrease_container_depth(); - return obj; -} \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/witness_stack.hpp b/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/witness_stack.hpp new file mode 100644 index 00000000000..67ef655babf --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/witness_stack.hpp @@ -0,0 +1,247 @@ +#pragma once + +#include "bincode.hpp" +#include "serde.hpp" + +namespace WitnessStack { + +struct Witness { + uint32_t value; + + friend bool operator==(const Witness&, const Witness&); + + bool operator<(Witness const& rhs) const { return value < rhs.value; } + + std::vector bincodeSerialize() const; + static Witness bincodeDeserialize(std::vector); +}; + +struct WitnessMap { + std::map value; + + friend bool operator==(const WitnessMap&, const WitnessMap&); + std::vector bincodeSerialize() const; + static WitnessMap bincodeDeserialize(std::vector); +}; + +struct StackItem { + uint32_t index; + WitnessStack::WitnessMap witness; + + friend bool operator==(const StackItem&, const StackItem&); + std::vector bincodeSerialize() const; + static StackItem bincodeDeserialize(std::vector); +}; + +struct WitnessStack { + std::vector stack; + + friend bool operator==(const WitnessStack&, const WitnessStack&); + std::vector bincodeSerialize() const; + static WitnessStack bincodeDeserialize(std::vector); +}; + +} // end of namespace WitnessStack + +namespace WitnessStack { + +inline bool operator==(const StackItem& lhs, const StackItem& rhs) +{ + if (!(lhs.index == rhs.index)) { + return false; + } + if (!(lhs.witness == rhs.witness)) { + return false; + } + return true; +} + +inline std::vector StackItem::bincodeSerialize() const +{ + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); +} + +inline StackItem StackItem::bincodeDeserialize(std::vector input) +{ + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw_or_abort("Some input bytes were not read"); + } + return value; +} + +} // end of namespace WitnessStack + +template <> +template +void serde::Serializable::serialize(const WitnessStack::StackItem& obj, Serializer& serializer) +{ + serializer.increase_container_depth(); + serde::Serializable::serialize(obj.index, serializer); + serde::Serializable::serialize(obj.witness, serializer); + serializer.decrease_container_depth(); +} + +template <> +template +WitnessStack::StackItem serde::Deserializable::deserialize(Deserializer& deserializer) +{ + deserializer.increase_container_depth(); + WitnessStack::StackItem obj; + obj.index = serde::Deserializable::deserialize(deserializer); + obj.witness = serde::Deserializable::deserialize(deserializer); + deserializer.decrease_container_depth(); + return obj; +} + +namespace WitnessStack { + +inline bool operator==(const Witness& lhs, const Witness& rhs) +{ + if (!(lhs.value == rhs.value)) { + return false; + } + return true; +} + +inline std::vector Witness::bincodeSerialize() const +{ + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); +} + +inline Witness Witness::bincodeDeserialize(std::vector input) +{ + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw_or_abort("Some input bytes were not read"); + } + return value; +} + +} // end of namespace WitnessStack + +template <> +template +void serde::Serializable::serialize(const WitnessStack::Witness& obj, Serializer& serializer) +{ + serializer.increase_container_depth(); + serde::Serializable::serialize(obj.value, serializer); + serializer.decrease_container_depth(); +} + +template <> +template +WitnessStack::Witness serde::Deserializable::deserialize(Deserializer& deserializer) +{ + deserializer.increase_container_depth(); + WitnessStack::Witness obj; + obj.value = serde::Deserializable::deserialize(deserializer); + deserializer.decrease_container_depth(); + return obj; +} + +namespace WitnessStack { + +inline bool operator==(const WitnessMap& lhs, const WitnessMap& rhs) +{ + if (!(lhs.value == rhs.value)) { + return false; + } + return true; +} + +inline std::vector WitnessMap::bincodeSerialize() const +{ + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); +} + +inline WitnessMap WitnessMap::bincodeDeserialize(std::vector input) +{ + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw_or_abort("Some input bytes were not read"); + } + return value; +} + +} // end of namespace WitnessStack + +template <> +template +void serde::Serializable::serialize(const WitnessStack::WitnessMap& obj, + Serializer& serializer) +{ + serializer.increase_container_depth(); + serde::Serializable::serialize(obj.value, serializer); + serializer.decrease_container_depth(); +} + +template <> +template +WitnessStack::WitnessMap serde::Deserializable::deserialize(Deserializer& deserializer) +{ + deserializer.increase_container_depth(); + WitnessStack::WitnessMap obj; + obj.value = serde::Deserializable::deserialize(deserializer); + deserializer.decrease_container_depth(); + return obj; +} + +namespace WitnessStack { + +inline bool operator==(const WitnessStack& lhs, const WitnessStack& rhs) +{ + if (!(lhs.stack == rhs.stack)) { + return false; + } + return true; +} + +inline std::vector WitnessStack::bincodeSerialize() const +{ + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); +} + +inline WitnessStack WitnessStack::bincodeDeserialize(std::vector input) +{ + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw_or_abort("Some input bytes were not read"); + } + return value; +} + +} // end of namespace WitnessStack + +template <> +template +void serde::Serializable::serialize(const WitnessStack::WitnessStack& obj, + Serializer& serializer) +{ + serializer.increase_container_depth(); + serde::Serializable::serialize(obj.stack, serializer); + serializer.decrease_container_depth(); +} + +template <> +template +WitnessStack::WitnessStack serde::Deserializable::deserialize(Deserializer& deserializer) +{ + deserializer.increase_container_depth(); + WitnessStack::WitnessStack obj; + obj.stack = serde::Deserializable::deserialize(deserializer); + deserializer.decrease_container_depth(); + return obj; +} diff --git a/noir/noir-repo/acvm-repo/acir/codegen/acir.cpp b/noir/noir-repo/acvm-repo/acir/codegen/acir.cpp index 46809727000..2fd8180b5b7 100644 --- a/noir/noir-repo/acvm-repo/acir/codegen/acir.cpp +++ b/noir/noir-repo/acvm-repo/acir/codegen/acir.cpp @@ -3,7 +3,7 @@ #include "serde.hpp" #include "bincode.hpp" -namespace Circuit { +namespace Program { struct BinaryFieldOp { @@ -140,7 +140,7 @@ namespace Circuit { }; struct HeapArray { - Circuit::MemoryAddress pointer; + Program::MemoryAddress pointer; uint64_t size; friend bool operator==(const HeapArray&, const HeapArray&); @@ -149,8 +149,8 @@ namespace Circuit { }; struct HeapVector { - Circuit::MemoryAddress pointer; - Circuit::MemoryAddress size; + Program::MemoryAddress pointer; + Program::MemoryAddress size; friend bool operator==(const HeapVector&, const HeapVector&); std::vector bincodeSerialize() const; @@ -160,8 +160,8 @@ namespace Circuit { struct BlackBoxOp { struct Sha256 { - Circuit::HeapVector message; - Circuit::HeapArray output; + Program::HeapVector message; + Program::HeapArray output; friend bool operator==(const Sha256&, const Sha256&); std::vector bincodeSerialize() const; @@ -169,8 +169,8 @@ namespace Circuit { }; struct Blake2s { - Circuit::HeapVector message; - Circuit::HeapArray output; + Program::HeapVector message; + Program::HeapArray output; friend bool operator==(const Blake2s&, const Blake2s&); std::vector bincodeSerialize() const; @@ -178,8 +178,8 @@ namespace Circuit { }; struct Blake3 { - Circuit::HeapVector message; - Circuit::HeapArray output; + Program::HeapVector message; + Program::HeapArray output; friend bool operator==(const Blake3&, const Blake3&); std::vector bincodeSerialize() const; @@ -187,8 +187,8 @@ namespace Circuit { }; struct Keccak256 { - Circuit::HeapVector message; - Circuit::HeapArray output; + Program::HeapVector message; + Program::HeapArray output; friend bool operator==(const Keccak256&, const Keccak256&); std::vector bincodeSerialize() const; @@ -196,8 +196,8 @@ namespace Circuit { }; struct Keccakf1600 { - Circuit::HeapVector message; - Circuit::HeapArray output; + Program::HeapVector message; + Program::HeapArray output; friend bool operator==(const Keccakf1600&, const Keccakf1600&); std::vector bincodeSerialize() const; @@ -205,11 +205,11 @@ namespace Circuit { }; struct EcdsaSecp256k1 { - Circuit::HeapVector hashed_msg; - Circuit::HeapArray public_key_x; - Circuit::HeapArray public_key_y; - Circuit::HeapArray signature; - Circuit::MemoryAddress result; + Program::HeapVector hashed_msg; + Program::HeapArray public_key_x; + Program::HeapArray public_key_y; + Program::HeapArray signature; + Program::MemoryAddress result; friend bool operator==(const EcdsaSecp256k1&, const EcdsaSecp256k1&); std::vector bincodeSerialize() const; @@ -217,11 +217,11 @@ namespace Circuit { }; struct EcdsaSecp256r1 { - Circuit::HeapVector hashed_msg; - Circuit::HeapArray public_key_x; - Circuit::HeapArray public_key_y; - Circuit::HeapArray signature; - Circuit::MemoryAddress result; + Program::HeapVector hashed_msg; + Program::HeapArray public_key_x; + Program::HeapArray public_key_y; + Program::HeapArray signature; + Program::MemoryAddress result; friend bool operator==(const EcdsaSecp256r1&, const EcdsaSecp256r1&); std::vector bincodeSerialize() const; @@ -229,11 +229,11 @@ namespace Circuit { }; struct SchnorrVerify { - Circuit::MemoryAddress public_key_x; - Circuit::MemoryAddress public_key_y; - Circuit::HeapVector message; - Circuit::HeapVector signature; - Circuit::MemoryAddress result; + Program::MemoryAddress public_key_x; + Program::MemoryAddress public_key_y; + Program::HeapVector message; + Program::HeapVector signature; + Program::MemoryAddress result; friend bool operator==(const SchnorrVerify&, const SchnorrVerify&); std::vector bincodeSerialize() const; @@ -241,9 +241,9 @@ namespace Circuit { }; struct PedersenCommitment { - Circuit::HeapVector inputs; - Circuit::MemoryAddress domain_separator; - Circuit::HeapArray output; + Program::HeapVector inputs; + Program::MemoryAddress domain_separator; + Program::HeapArray output; friend bool operator==(const PedersenCommitment&, const PedersenCommitment&); std::vector bincodeSerialize() const; @@ -251,9 +251,9 @@ namespace Circuit { }; struct PedersenHash { - Circuit::HeapVector inputs; - Circuit::MemoryAddress domain_separator; - Circuit::MemoryAddress output; + Program::HeapVector inputs; + Program::MemoryAddress domain_separator; + Program::MemoryAddress output; friend bool operator==(const PedersenHash&, const PedersenHash&); std::vector bincodeSerialize() const; @@ -261,9 +261,9 @@ namespace Circuit { }; struct FixedBaseScalarMul { - Circuit::MemoryAddress low; - Circuit::MemoryAddress high; - Circuit::HeapArray result; + Program::MemoryAddress low; + Program::MemoryAddress high; + Program::HeapArray result; friend bool operator==(const FixedBaseScalarMul&, const FixedBaseScalarMul&); std::vector bincodeSerialize() const; @@ -271,11 +271,11 @@ namespace Circuit { }; struct EmbeddedCurveAdd { - Circuit::MemoryAddress input1_x; - Circuit::MemoryAddress input1_y; - Circuit::MemoryAddress input2_x; - Circuit::MemoryAddress input2_y; - Circuit::HeapArray result; + Program::MemoryAddress input1_x; + Program::MemoryAddress input1_y; + Program::MemoryAddress input2_x; + Program::MemoryAddress input2_y; + Program::HeapArray result; friend bool operator==(const EmbeddedCurveAdd&, const EmbeddedCurveAdd&); std::vector bincodeSerialize() const; @@ -283,9 +283,9 @@ namespace Circuit { }; struct BigIntAdd { - Circuit::MemoryAddress lhs; - Circuit::MemoryAddress rhs; - Circuit::MemoryAddress output; + Program::MemoryAddress lhs; + Program::MemoryAddress rhs; + Program::MemoryAddress output; friend bool operator==(const BigIntAdd&, const BigIntAdd&); std::vector bincodeSerialize() const; @@ -293,9 +293,9 @@ namespace Circuit { }; struct BigIntSub { - Circuit::MemoryAddress lhs; - Circuit::MemoryAddress rhs; - Circuit::MemoryAddress output; + Program::MemoryAddress lhs; + Program::MemoryAddress rhs; + Program::MemoryAddress output; friend bool operator==(const BigIntSub&, const BigIntSub&); std::vector bincodeSerialize() const; @@ -303,9 +303,9 @@ namespace Circuit { }; struct BigIntMul { - Circuit::MemoryAddress lhs; - Circuit::MemoryAddress rhs; - Circuit::MemoryAddress output; + Program::MemoryAddress lhs; + Program::MemoryAddress rhs; + Program::MemoryAddress output; friend bool operator==(const BigIntMul&, const BigIntMul&); std::vector bincodeSerialize() const; @@ -313,9 +313,9 @@ namespace Circuit { }; struct BigIntDiv { - Circuit::MemoryAddress lhs; - Circuit::MemoryAddress rhs; - Circuit::MemoryAddress output; + Program::MemoryAddress lhs; + Program::MemoryAddress rhs; + Program::MemoryAddress output; friend bool operator==(const BigIntDiv&, const BigIntDiv&); std::vector bincodeSerialize() const; @@ -323,9 +323,9 @@ namespace Circuit { }; struct BigIntFromLeBytes { - Circuit::HeapVector inputs; - Circuit::HeapVector modulus; - Circuit::MemoryAddress output; + Program::HeapVector inputs; + Program::HeapVector modulus; + Program::MemoryAddress output; friend bool operator==(const BigIntFromLeBytes&, const BigIntFromLeBytes&); std::vector bincodeSerialize() const; @@ -333,8 +333,8 @@ namespace Circuit { }; struct BigIntToLeBytes { - Circuit::MemoryAddress input; - Circuit::HeapVector output; + Program::MemoryAddress input; + Program::HeapVector output; friend bool operator==(const BigIntToLeBytes&, const BigIntToLeBytes&); std::vector bincodeSerialize() const; @@ -342,9 +342,9 @@ namespace Circuit { }; struct Poseidon2Permutation { - Circuit::HeapVector message; - Circuit::HeapArray output; - Circuit::MemoryAddress len; + Program::HeapVector message; + Program::HeapArray output; + Program::MemoryAddress len; friend bool operator==(const Poseidon2Permutation&, const Poseidon2Permutation&); std::vector bincodeSerialize() const; @@ -352,9 +352,9 @@ namespace Circuit { }; struct Sha256Compression { - Circuit::HeapVector input; - Circuit::HeapVector hash_values; - Circuit::HeapArray output; + Program::HeapVector input; + Program::HeapVector hash_values; + Program::HeapArray output; friend bool operator==(const Sha256Compression&, const Sha256Compression&); std::vector bincodeSerialize() const; @@ -379,7 +379,7 @@ namespace Circuit { }; struct Array { - std::vector value_types; + std::vector value_types; uint64_t size; friend bool operator==(const Array&, const Array&); @@ -388,7 +388,7 @@ namespace Circuit { }; struct Vector { - std::vector value_types; + std::vector value_types; friend bool operator==(const Vector&, const Vector&); std::vector bincodeSerialize() const; @@ -413,7 +413,7 @@ namespace Circuit { struct ValueOrArray { struct MemoryAddress { - Circuit::MemoryAddress value; + Program::MemoryAddress value; friend bool operator==(const MemoryAddress&, const MemoryAddress&); std::vector bincodeSerialize() const; @@ -421,7 +421,7 @@ namespace Circuit { }; struct HeapArray { - Circuit::HeapArray value; + Program::HeapArray value; friend bool operator==(const HeapArray&, const HeapArray&); std::vector bincodeSerialize() const; @@ -429,7 +429,7 @@ namespace Circuit { }; struct HeapVector { - Circuit::HeapVector value; + Program::HeapVector value; friend bool operator==(const HeapVector&, const HeapVector&); std::vector bincodeSerialize() const; @@ -446,10 +446,10 @@ namespace Circuit { struct BrilligOpcode { struct BinaryFieldOp { - Circuit::MemoryAddress destination; - Circuit::BinaryFieldOp op; - Circuit::MemoryAddress lhs; - Circuit::MemoryAddress rhs; + Program::MemoryAddress destination; + Program::BinaryFieldOp op; + Program::MemoryAddress lhs; + Program::MemoryAddress rhs; friend bool operator==(const BinaryFieldOp&, const BinaryFieldOp&); std::vector bincodeSerialize() const; @@ -457,11 +457,11 @@ namespace Circuit { }; struct BinaryIntOp { - Circuit::MemoryAddress destination; - Circuit::BinaryIntOp op; + Program::MemoryAddress destination; + Program::BinaryIntOp op; uint32_t bit_size; - Circuit::MemoryAddress lhs; - Circuit::MemoryAddress rhs; + Program::MemoryAddress lhs; + Program::MemoryAddress rhs; friend bool operator==(const BinaryIntOp&, const BinaryIntOp&); std::vector bincodeSerialize() const; @@ -469,8 +469,8 @@ namespace Circuit { }; struct Cast { - Circuit::MemoryAddress destination; - Circuit::MemoryAddress source; + Program::MemoryAddress destination; + Program::MemoryAddress source; uint32_t bit_size; friend bool operator==(const Cast&, const Cast&); @@ -479,7 +479,7 @@ namespace Circuit { }; struct JumpIfNot { - Circuit::MemoryAddress condition; + Program::MemoryAddress condition; uint64_t location; friend bool operator==(const JumpIfNot&, const JumpIfNot&); @@ -488,7 +488,7 @@ namespace Circuit { }; struct JumpIf { - Circuit::MemoryAddress condition; + Program::MemoryAddress condition; uint64_t location; friend bool operator==(const JumpIf&, const JumpIf&); @@ -505,7 +505,7 @@ namespace Circuit { }; struct CalldataCopy { - Circuit::MemoryAddress destination_address; + Program::MemoryAddress destination_address; uint64_t size; uint64_t offset; @@ -523,9 +523,9 @@ namespace Circuit { }; struct Const { - Circuit::MemoryAddress destination; + Program::MemoryAddress destination; uint32_t bit_size; - Circuit::Value value; + Program::Value value; friend bool operator==(const Const&, const Const&); std::vector bincodeSerialize() const; @@ -540,10 +540,10 @@ namespace Circuit { struct ForeignCall { std::string function; - std::vector destinations; - std::vector destination_value_types; - std::vector inputs; - std::vector input_value_types; + std::vector destinations; + std::vector destination_value_types; + std::vector inputs; + std::vector input_value_types; friend bool operator==(const ForeignCall&, const ForeignCall&); std::vector bincodeSerialize() const; @@ -551,8 +551,8 @@ namespace Circuit { }; struct Mov { - Circuit::MemoryAddress destination; - Circuit::MemoryAddress source; + Program::MemoryAddress destination; + Program::MemoryAddress source; friend bool operator==(const Mov&, const Mov&); std::vector bincodeSerialize() const; @@ -560,8 +560,8 @@ namespace Circuit { }; struct Load { - Circuit::MemoryAddress destination; - Circuit::MemoryAddress source_pointer; + Program::MemoryAddress destination; + Program::MemoryAddress source_pointer; friend bool operator==(const Load&, const Load&); std::vector bincodeSerialize() const; @@ -569,8 +569,8 @@ namespace Circuit { }; struct Store { - Circuit::MemoryAddress destination_pointer; - Circuit::MemoryAddress source; + Program::MemoryAddress destination_pointer; + Program::MemoryAddress source; friend bool operator==(const Store&, const Store&); std::vector bincodeSerialize() const; @@ -578,7 +578,7 @@ namespace Circuit { }; struct BlackBox { - Circuit::BlackBoxOp value; + Program::BlackBoxOp value; friend bool operator==(const BlackBox&, const BlackBox&); std::vector bincodeSerialize() const; @@ -616,7 +616,7 @@ namespace Circuit { }; struct FunctionInput { - Circuit::Witness witness; + Program::Witness witness; uint32_t num_bits; friend bool operator==(const FunctionInput&, const FunctionInput&); @@ -627,9 +627,9 @@ namespace Circuit { struct BlackBoxFuncCall { struct AND { - Circuit::FunctionInput lhs; - Circuit::FunctionInput rhs; - Circuit::Witness output; + Program::FunctionInput lhs; + Program::FunctionInput rhs; + Program::Witness output; friend bool operator==(const AND&, const AND&); std::vector bincodeSerialize() const; @@ -637,9 +637,9 @@ namespace Circuit { }; struct XOR { - Circuit::FunctionInput lhs; - Circuit::FunctionInput rhs; - Circuit::Witness output; + Program::FunctionInput lhs; + Program::FunctionInput rhs; + Program::Witness output; friend bool operator==(const XOR&, const XOR&); std::vector bincodeSerialize() const; @@ -647,7 +647,7 @@ namespace Circuit { }; struct RANGE { - Circuit::FunctionInput input; + Program::FunctionInput input; friend bool operator==(const RANGE&, const RANGE&); std::vector bincodeSerialize() const; @@ -655,8 +655,8 @@ namespace Circuit { }; struct SHA256 { - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; friend bool operator==(const SHA256&, const SHA256&); std::vector bincodeSerialize() const; @@ -664,8 +664,8 @@ namespace Circuit { }; struct Blake2s { - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; friend bool operator==(const Blake2s&, const Blake2s&); std::vector bincodeSerialize() const; @@ -673,8 +673,8 @@ namespace Circuit { }; struct Blake3 { - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; friend bool operator==(const Blake3&, const Blake3&); std::vector bincodeSerialize() const; @@ -682,11 +682,11 @@ namespace Circuit { }; struct SchnorrVerify { - Circuit::FunctionInput public_key_x; - Circuit::FunctionInput public_key_y; - std::vector signature; - std::vector message; - Circuit::Witness output; + Program::FunctionInput public_key_x; + Program::FunctionInput public_key_y; + std::vector signature; + std::vector message; + Program::Witness output; friend bool operator==(const SchnorrVerify&, const SchnorrVerify&); std::vector bincodeSerialize() const; @@ -694,9 +694,9 @@ namespace Circuit { }; struct PedersenCommitment { - std::vector inputs; + std::vector inputs; uint32_t domain_separator; - std::array outputs; + std::array outputs; friend bool operator==(const PedersenCommitment&, const PedersenCommitment&); std::vector bincodeSerialize() const; @@ -704,9 +704,9 @@ namespace Circuit { }; struct PedersenHash { - std::vector inputs; + std::vector inputs; uint32_t domain_separator; - Circuit::Witness output; + Program::Witness output; friend bool operator==(const PedersenHash&, const PedersenHash&); std::vector bincodeSerialize() const; @@ -714,11 +714,11 @@ namespace Circuit { }; struct EcdsaSecp256k1 { - std::vector public_key_x; - std::vector public_key_y; - std::vector signature; - std::vector hashed_message; - Circuit::Witness output; + std::vector public_key_x; + std::vector public_key_y; + std::vector signature; + std::vector hashed_message; + Program::Witness output; friend bool operator==(const EcdsaSecp256k1&, const EcdsaSecp256k1&); std::vector bincodeSerialize() const; @@ -726,11 +726,11 @@ namespace Circuit { }; struct EcdsaSecp256r1 { - std::vector public_key_x; - std::vector public_key_y; - std::vector signature; - std::vector hashed_message; - Circuit::Witness output; + std::vector public_key_x; + std::vector public_key_y; + std::vector signature; + std::vector hashed_message; + Program::Witness output; friend bool operator==(const EcdsaSecp256r1&, const EcdsaSecp256r1&); std::vector bincodeSerialize() const; @@ -738,9 +738,9 @@ namespace Circuit { }; struct FixedBaseScalarMul { - Circuit::FunctionInput low; - Circuit::FunctionInput high; - std::array outputs; + Program::FunctionInput low; + Program::FunctionInput high; + std::array outputs; friend bool operator==(const FixedBaseScalarMul&, const FixedBaseScalarMul&); std::vector bincodeSerialize() const; @@ -748,11 +748,11 @@ namespace Circuit { }; struct EmbeddedCurveAdd { - Circuit::FunctionInput input1_x; - Circuit::FunctionInput input1_y; - Circuit::FunctionInput input2_x; - Circuit::FunctionInput input2_y; - std::array outputs; + Program::FunctionInput input1_x; + Program::FunctionInput input1_y; + Program::FunctionInput input2_x; + Program::FunctionInput input2_y; + std::array outputs; friend bool operator==(const EmbeddedCurveAdd&, const EmbeddedCurveAdd&); std::vector bincodeSerialize() const; @@ -760,8 +760,8 @@ namespace Circuit { }; struct Keccak256 { - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; friend bool operator==(const Keccak256&, const Keccak256&); std::vector bincodeSerialize() const; @@ -769,9 +769,9 @@ namespace Circuit { }; struct Keccak256VariableLength { - std::vector inputs; - Circuit::FunctionInput var_message_size; - std::vector outputs; + std::vector inputs; + Program::FunctionInput var_message_size; + std::vector outputs; friend bool operator==(const Keccak256VariableLength&, const Keccak256VariableLength&); std::vector bincodeSerialize() const; @@ -779,8 +779,8 @@ namespace Circuit { }; struct Keccakf1600 { - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; friend bool operator==(const Keccakf1600&, const Keccakf1600&); std::vector bincodeSerialize() const; @@ -788,10 +788,10 @@ namespace Circuit { }; struct RecursiveAggregation { - std::vector verification_key; - std::vector proof; - std::vector public_inputs; - Circuit::FunctionInput key_hash; + std::vector verification_key; + std::vector proof; + std::vector public_inputs; + Program::FunctionInput key_hash; friend bool operator==(const RecursiveAggregation&, const RecursiveAggregation&); std::vector bincodeSerialize() const; @@ -839,7 +839,7 @@ namespace Circuit { }; struct BigIntFromLeBytes { - std::vector inputs; + std::vector inputs; std::vector modulus; uint32_t output; @@ -850,7 +850,7 @@ namespace Circuit { struct BigIntToLeBytes { uint32_t input; - std::vector outputs; + std::vector outputs; friend bool operator==(const BigIntToLeBytes&, const BigIntToLeBytes&); std::vector bincodeSerialize() const; @@ -858,8 +858,8 @@ namespace Circuit { }; struct Poseidon2Permutation { - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; uint32_t len; friend bool operator==(const Poseidon2Permutation&, const Poseidon2Permutation&); @@ -868,9 +868,9 @@ namespace Circuit { }; struct Sha256Compression { - std::vector inputs; - std::vector hash_values; - std::vector outputs; + std::vector inputs; + std::vector hash_values; + std::vector outputs; friend bool operator==(const Sha256Compression&, const Sha256Compression&); std::vector bincodeSerialize() const; @@ -893,8 +893,8 @@ namespace Circuit { }; struct Expression { - std::vector> mul_terms; - std::vector> linear_combinations; + std::vector> mul_terms; + std::vector> linear_combinations; std::string q_c; friend bool operator==(const Expression&, const Expression&); @@ -905,7 +905,7 @@ namespace Circuit { struct BrilligInputs { struct Single { - Circuit::Expression value; + Program::Expression value; friend bool operator==(const Single&, const Single&); std::vector bincodeSerialize() const; @@ -913,7 +913,7 @@ namespace Circuit { }; struct Array { - std::vector value; + std::vector value; friend bool operator==(const Array&, const Array&); std::vector bincodeSerialize() const; @@ -921,7 +921,7 @@ namespace Circuit { }; struct MemoryArray { - Circuit::BlockId value; + Program::BlockId value; friend bool operator==(const MemoryArray&, const MemoryArray&); std::vector bincodeSerialize() const; @@ -938,7 +938,7 @@ namespace Circuit { struct BrilligOutputs { struct Simple { - Circuit::Witness value; + Program::Witness value; friend bool operator==(const Simple&, const Simple&); std::vector bincodeSerialize() const; @@ -946,7 +946,7 @@ namespace Circuit { }; struct Array { - std::vector value; + std::vector value; friend bool operator==(const Array&, const Array&); std::vector bincodeSerialize() const; @@ -961,10 +961,10 @@ namespace Circuit { }; struct Brillig { - std::vector inputs; - std::vector outputs; - std::vector bytecode; - std::optional predicate; + std::vector inputs; + std::vector outputs; + std::vector bytecode; + std::optional predicate; friend bool operator==(const Brillig&, const Brillig&); std::vector bincodeSerialize() const; @@ -974,8 +974,8 @@ namespace Circuit { struct Directive { struct ToLeRadix { - Circuit::Expression a; - std::vector b; + Program::Expression a; + std::vector b; uint32_t radix; friend bool operator==(const ToLeRadix&, const ToLeRadix&); @@ -991,9 +991,9 @@ namespace Circuit { }; struct MemOp { - Circuit::Expression operation; - Circuit::Expression index; - Circuit::Expression value; + Program::Expression operation; + Program::Expression index; + Program::Expression value; friend bool operator==(const MemOp&, const MemOp&); std::vector bincodeSerialize() const; @@ -1003,7 +1003,7 @@ namespace Circuit { struct Opcode { struct AssertZero { - Circuit::Expression value; + Program::Expression value; friend bool operator==(const AssertZero&, const AssertZero&); std::vector bincodeSerialize() const; @@ -1011,7 +1011,7 @@ namespace Circuit { }; struct BlackBoxFuncCall { - Circuit::BlackBoxFuncCall value; + Program::BlackBoxFuncCall value; friend bool operator==(const BlackBoxFuncCall&, const BlackBoxFuncCall&); std::vector bincodeSerialize() const; @@ -1019,7 +1019,7 @@ namespace Circuit { }; struct Directive { - Circuit::Directive value; + Program::Directive value; friend bool operator==(const Directive&, const Directive&); std::vector bincodeSerialize() const; @@ -1027,7 +1027,7 @@ namespace Circuit { }; struct Brillig { - Circuit::Brillig value; + Program::Brillig value; friend bool operator==(const Brillig&, const Brillig&); std::vector bincodeSerialize() const; @@ -1035,9 +1035,9 @@ namespace Circuit { }; struct MemoryOp { - Circuit::BlockId block_id; - Circuit::MemOp op; - std::optional predicate; + Program::BlockId block_id; + Program::MemOp op; + std::optional predicate; friend bool operator==(const MemoryOp&, const MemoryOp&); std::vector bincodeSerialize() const; @@ -1045,8 +1045,8 @@ namespace Circuit { }; struct MemoryInit { - Circuit::BlockId block_id; - std::vector init; + Program::BlockId block_id; + std::vector init; friend bool operator==(const MemoryInit&, const MemoryInit&); std::vector bincodeSerialize() const; @@ -1055,8 +1055,8 @@ namespace Circuit { struct Call { uint32_t id; - std::vector inputs; - std::vector outputs; + std::vector inputs; + std::vector outputs; friend bool operator==(const Call&, const Call&); std::vector bincodeSerialize() const; @@ -1120,7 +1120,7 @@ namespace Circuit { }; struct PublicInputs { - std::vector value; + std::vector value; friend bool operator==(const PublicInputs&, const PublicInputs&); std::vector bincodeSerialize() const; @@ -1129,12 +1129,12 @@ namespace Circuit { struct Circuit { uint32_t current_witness_index; - std::vector opcodes; - Circuit::ExpressionWidth expression_width; - std::vector private_parameters; - Circuit::PublicInputs public_parameters; - Circuit::PublicInputs return_values; - std::vector> assert_messages; + std::vector opcodes; + Program::ExpressionWidth expression_width; + std::vector private_parameters; + Program::PublicInputs public_parameters; + Program::PublicInputs return_values; + std::vector> assert_messages; bool recursive; friend bool operator==(const Circuit&, const Circuit&); @@ -1142,10 +1142,18 @@ namespace Circuit { static Circuit bincodeDeserialize(std::vector); }; -} // end of namespace Circuit + struct Program { + std::vector functions; + friend bool operator==(const Program&, const Program&); + std::vector bincodeSerialize() const; + static Program bincodeDeserialize(std::vector); + }; + +} // end of namespace Program -namespace Circuit { + +namespace Program { inline bool operator==(const BinaryFieldOp &lhs, const BinaryFieldOp &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -1167,11 +1175,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryFieldOp &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryFieldOp &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -1179,15 +1187,15 @@ void serde::Serializable::serialize(const Circuit::Binar template <> template -Circuit::BinaryFieldOp serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::BinaryFieldOp serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::BinaryFieldOp obj; + Program::BinaryFieldOp obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryFieldOp::Add &lhs, const BinaryFieldOp::Add &rhs) { return true; @@ -1208,21 +1216,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryFieldOp::Add &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryFieldOp::Add &obj, Serializer &serializer) { } template <> template -Circuit::BinaryFieldOp::Add serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryFieldOp::Add obj; +Program::BinaryFieldOp::Add serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryFieldOp::Add obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryFieldOp::Sub &lhs, const BinaryFieldOp::Sub &rhs) { return true; @@ -1243,21 +1251,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryFieldOp::Sub &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryFieldOp::Sub &obj, Serializer &serializer) { } template <> template -Circuit::BinaryFieldOp::Sub serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryFieldOp::Sub obj; +Program::BinaryFieldOp::Sub serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryFieldOp::Sub obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryFieldOp::Mul &lhs, const BinaryFieldOp::Mul &rhs) { return true; @@ -1278,21 +1286,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryFieldOp::Mul &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryFieldOp::Mul &obj, Serializer &serializer) { } template <> template -Circuit::BinaryFieldOp::Mul serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryFieldOp::Mul obj; +Program::BinaryFieldOp::Mul serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryFieldOp::Mul obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryFieldOp::Div &lhs, const BinaryFieldOp::Div &rhs) { return true; @@ -1313,21 +1321,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryFieldOp::Div &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryFieldOp::Div &obj, Serializer &serializer) { } template <> template -Circuit::BinaryFieldOp::Div serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryFieldOp::Div obj; +Program::BinaryFieldOp::Div serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryFieldOp::Div obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryFieldOp::Equals &lhs, const BinaryFieldOp::Equals &rhs) { return true; @@ -1348,21 +1356,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryFieldOp::Equals &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryFieldOp::Equals &obj, Serializer &serializer) { } template <> template -Circuit::BinaryFieldOp::Equals serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryFieldOp::Equals obj; +Program::BinaryFieldOp::Equals serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryFieldOp::Equals obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp &lhs, const BinaryIntOp &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -1384,11 +1392,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -1396,15 +1404,15 @@ void serde::Serializable::serialize(const Circuit::BinaryI template <> template -Circuit::BinaryIntOp serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::BinaryIntOp serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::BinaryIntOp obj; + Program::BinaryIntOp obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Add &lhs, const BinaryIntOp::Add &rhs) { return true; @@ -1425,21 +1433,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Add &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::Add &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::Add serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::Add obj; +Program::BinaryIntOp::Add serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::Add obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Sub &lhs, const BinaryIntOp::Sub &rhs) { return true; @@ -1460,21 +1468,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Sub &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::Sub &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::Sub serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::Sub obj; +Program::BinaryIntOp::Sub serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::Sub obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Mul &lhs, const BinaryIntOp::Mul &rhs) { return true; @@ -1495,21 +1503,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Mul &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::Mul &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::Mul serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::Mul obj; +Program::BinaryIntOp::Mul serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::Mul obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::SignedDiv &lhs, const BinaryIntOp::SignedDiv &rhs) { return true; @@ -1530,21 +1538,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::SignedDiv &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::SignedDiv &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::SignedDiv serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::SignedDiv obj; +Program::BinaryIntOp::SignedDiv serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::SignedDiv obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::UnsignedDiv &lhs, const BinaryIntOp::UnsignedDiv &rhs) { return true; @@ -1565,21 +1573,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::UnsignedDiv &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::UnsignedDiv &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::UnsignedDiv serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::UnsignedDiv obj; +Program::BinaryIntOp::UnsignedDiv serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::UnsignedDiv obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Equals &lhs, const BinaryIntOp::Equals &rhs) { return true; @@ -1600,21 +1608,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Equals &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::Equals &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::Equals serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::Equals obj; +Program::BinaryIntOp::Equals serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::Equals obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::LessThan &lhs, const BinaryIntOp::LessThan &rhs) { return true; @@ -1635,21 +1643,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::LessThan &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::LessThan &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::LessThan serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::LessThan obj; +Program::BinaryIntOp::LessThan serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::LessThan obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::LessThanEquals &lhs, const BinaryIntOp::LessThanEquals &rhs) { return true; @@ -1670,21 +1678,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::LessThanEquals &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::LessThanEquals &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::LessThanEquals serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::LessThanEquals obj; +Program::BinaryIntOp::LessThanEquals serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::LessThanEquals obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::And &lhs, const BinaryIntOp::And &rhs) { return true; @@ -1705,21 +1713,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::And &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::And &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::And serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::And obj; +Program::BinaryIntOp::And serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::And obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Or &lhs, const BinaryIntOp::Or &rhs) { return true; @@ -1740,21 +1748,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Or &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::Or &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::Or serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::Or obj; +Program::BinaryIntOp::Or serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::Or obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Xor &lhs, const BinaryIntOp::Xor &rhs) { return true; @@ -1775,21 +1783,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Xor &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::Xor &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::Xor serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::Xor obj; +Program::BinaryIntOp::Xor serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::Xor obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Shl &lhs, const BinaryIntOp::Shl &rhs) { return true; @@ -1810,21 +1818,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Shl &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::Shl &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::Shl serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::Shl obj; +Program::BinaryIntOp::Shl serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::Shl obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BinaryIntOp::Shr &lhs, const BinaryIntOp::Shr &rhs) { return true; @@ -1845,21 +1853,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BinaryIntOp::Shr &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BinaryIntOp::Shr &obj, Serializer &serializer) { } template <> template -Circuit::BinaryIntOp::Shr serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BinaryIntOp::Shr obj; +Program::BinaryIntOp::Shr serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BinaryIntOp::Shr obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall &lhs, const BlackBoxFuncCall &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -1881,11 +1889,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -1893,15 +1901,15 @@ void serde::Serializable::serialize(const Circuit::Bl template <> template -Circuit::BlackBoxFuncCall serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::BlackBoxFuncCall serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::BlackBoxFuncCall obj; + Program::BlackBoxFuncCall obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::AND &lhs, const BlackBoxFuncCall::AND &rhs) { if (!(lhs.lhs == rhs.lhs)) { return false; } @@ -1925,11 +1933,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::AND &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::AND &obj, Serializer &serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -1937,15 +1945,15 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxFuncCall::AND serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::AND obj; +Program::BlackBoxFuncCall::AND serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::AND obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::XOR &lhs, const BlackBoxFuncCall::XOR &rhs) { if (!(lhs.lhs == rhs.lhs)) { return false; } @@ -1969,11 +1977,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::XOR &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::XOR &obj, Serializer &serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -1981,15 +1989,15 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxFuncCall::XOR serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::XOR obj; +Program::BlackBoxFuncCall::XOR serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::XOR obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::RANGE &lhs, const BlackBoxFuncCall::RANGE &rhs) { if (!(lhs.input == rhs.input)) { return false; } @@ -2011,23 +2019,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::RANGE &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::RANGE &obj, Serializer &serializer) { serde::Serializable::serialize(obj.input, serializer); } template <> template -Circuit::BlackBoxFuncCall::RANGE serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::RANGE obj; +Program::BlackBoxFuncCall::RANGE serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::RANGE obj; obj.input = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::SHA256 &lhs, const BlackBoxFuncCall::SHA256 &rhs) { if (!(lhs.inputs == rhs.inputs)) { return false; } @@ -2050,25 +2058,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::SHA256 &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::SHA256 &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.outputs, serializer); } template <> template -Circuit::BlackBoxFuncCall::SHA256 serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::SHA256 obj; +Program::BlackBoxFuncCall::SHA256 serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::SHA256 obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Blake2s &lhs, const BlackBoxFuncCall::Blake2s &rhs) { if (!(lhs.inputs == rhs.inputs)) { return false; } @@ -2091,25 +2099,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Blake2s &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::Blake2s &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.outputs, serializer); } template <> template -Circuit::BlackBoxFuncCall::Blake2s serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::Blake2s obj; +Program::BlackBoxFuncCall::Blake2s serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::Blake2s obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Blake3 &lhs, const BlackBoxFuncCall::Blake3 &rhs) { if (!(lhs.inputs == rhs.inputs)) { return false; } @@ -2132,25 +2140,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Blake3 &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::Blake3 &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.outputs, serializer); } template <> template -Circuit::BlackBoxFuncCall::Blake3 serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::Blake3 obj; +Program::BlackBoxFuncCall::Blake3 serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::Blake3 obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::SchnorrVerify &lhs, const BlackBoxFuncCall::SchnorrVerify &rhs) { if (!(lhs.public_key_x == rhs.public_key_x)) { return false; } @@ -2176,11 +2184,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::SchnorrVerify &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::SchnorrVerify &obj, Serializer &serializer) { serde::Serializable::serialize(obj.public_key_x, serializer); serde::Serializable::serialize(obj.public_key_y, serializer); serde::Serializable::serialize(obj.signature, serializer); @@ -2190,8 +2198,8 @@ void serde::Serializable::serialize(co template <> template -Circuit::BlackBoxFuncCall::SchnorrVerify serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::SchnorrVerify obj; +Program::BlackBoxFuncCall::SchnorrVerify serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::SchnorrVerify obj; obj.public_key_x = serde::Deserializable::deserialize(deserializer); obj.public_key_y = serde::Deserializable::deserialize(deserializer); obj.signature = serde::Deserializable::deserialize(deserializer); @@ -2200,7 +2208,7 @@ Circuit::BlackBoxFuncCall::SchnorrVerify serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::PedersenCommitment &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::PedersenCommitment &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.domain_separator, serializer); serde::Serializable::serialize(obj.outputs, serializer); @@ -2236,15 +2244,15 @@ void serde::Serializable::seriali template <> template -Circuit::BlackBoxFuncCall::PedersenCommitment serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::PedersenCommitment obj; +Program::BlackBoxFuncCall::PedersenCommitment serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::PedersenCommitment obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.domain_separator = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::PedersenHash &lhs, const BlackBoxFuncCall::PedersenHash &rhs) { if (!(lhs.inputs == rhs.inputs)) { return false; } @@ -2268,11 +2276,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::PedersenHash &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::PedersenHash &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.domain_separator, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -2280,15 +2288,15 @@ void serde::Serializable::serialize(con template <> template -Circuit::BlackBoxFuncCall::PedersenHash serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::PedersenHash obj; +Program::BlackBoxFuncCall::PedersenHash serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::PedersenHash obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.domain_separator = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::EcdsaSecp256k1 &lhs, const BlackBoxFuncCall::EcdsaSecp256k1 &rhs) { if (!(lhs.public_key_x == rhs.public_key_x)) { return false; } @@ -2314,11 +2322,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::EcdsaSecp256k1 &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::EcdsaSecp256k1 &obj, Serializer &serializer) { serde::Serializable::serialize(obj.public_key_x, serializer); serde::Serializable::serialize(obj.public_key_y, serializer); serde::Serializable::serialize(obj.signature, serializer); @@ -2328,8 +2336,8 @@ void serde::Serializable::serialize(c template <> template -Circuit::BlackBoxFuncCall::EcdsaSecp256k1 serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::EcdsaSecp256k1 obj; +Program::BlackBoxFuncCall::EcdsaSecp256k1 serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::EcdsaSecp256k1 obj; obj.public_key_x = serde::Deserializable::deserialize(deserializer); obj.public_key_y = serde::Deserializable::deserialize(deserializer); obj.signature = serde::Deserializable::deserialize(deserializer); @@ -2338,7 +2346,7 @@ Circuit::BlackBoxFuncCall::EcdsaSecp256k1 serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::EcdsaSecp256r1 &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::EcdsaSecp256r1 &obj, Serializer &serializer) { serde::Serializable::serialize(obj.public_key_x, serializer); serde::Serializable::serialize(obj.public_key_y, serializer); serde::Serializable::serialize(obj.signature, serializer); @@ -2378,8 +2386,8 @@ void serde::Serializable::serialize(c template <> template -Circuit::BlackBoxFuncCall::EcdsaSecp256r1 serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::EcdsaSecp256r1 obj; +Program::BlackBoxFuncCall::EcdsaSecp256r1 serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::EcdsaSecp256r1 obj; obj.public_key_x = serde::Deserializable::deserialize(deserializer); obj.public_key_y = serde::Deserializable::deserialize(deserializer); obj.signature = serde::Deserializable::deserialize(deserializer); @@ -2388,7 +2396,7 @@ Circuit::BlackBoxFuncCall::EcdsaSecp256r1 serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::FixedBaseScalarMul &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::FixedBaseScalarMul &obj, Serializer &serializer) { serde::Serializable::serialize(obj.low, serializer); serde::Serializable::serialize(obj.high, serializer); serde::Serializable::serialize(obj.outputs, serializer); @@ -2424,15 +2432,15 @@ void serde::Serializable::seriali template <> template -Circuit::BlackBoxFuncCall::FixedBaseScalarMul serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::FixedBaseScalarMul obj; +Program::BlackBoxFuncCall::FixedBaseScalarMul serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::FixedBaseScalarMul obj; obj.low = serde::Deserializable::deserialize(deserializer); obj.high = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::EmbeddedCurveAdd &lhs, const BlackBoxFuncCall::EmbeddedCurveAdd &rhs) { if (!(lhs.input1_x == rhs.input1_x)) { return false; } @@ -2458,11 +2466,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::EmbeddedCurveAdd &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::EmbeddedCurveAdd &obj, Serializer &serializer) { serde::Serializable::serialize(obj.input1_x, serializer); serde::Serializable::serialize(obj.input1_y, serializer); serde::Serializable::serialize(obj.input2_x, serializer); @@ -2472,8 +2480,8 @@ void serde::Serializable::serialize template <> template -Circuit::BlackBoxFuncCall::EmbeddedCurveAdd serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::EmbeddedCurveAdd obj; +Program::BlackBoxFuncCall::EmbeddedCurveAdd serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::EmbeddedCurveAdd obj; obj.input1_x = serde::Deserializable::deserialize(deserializer); obj.input1_y = serde::Deserializable::deserialize(deserializer); obj.input2_x = serde::Deserializable::deserialize(deserializer); @@ -2482,7 +2490,7 @@ Circuit::BlackBoxFuncCall::EmbeddedCurveAdd serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Keccak256 &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::Keccak256 &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.outputs, serializer); } template <> template -Circuit::BlackBoxFuncCall::Keccak256 serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::Keccak256 obj; +Program::BlackBoxFuncCall::Keccak256 serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::Keccak256 obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Keccak256VariableLength &lhs, const BlackBoxFuncCall::Keccak256VariableLength &rhs) { if (!(lhs.inputs == rhs.inputs)) { return false; } @@ -2547,11 +2555,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Keccak256VariableLength &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::Keccak256VariableLength &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.var_message_size, serializer); serde::Serializable::serialize(obj.outputs, serializer); @@ -2559,15 +2567,15 @@ void serde::Serializable::se template <> template -Circuit::BlackBoxFuncCall::Keccak256VariableLength serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::Keccak256VariableLength obj; +Program::BlackBoxFuncCall::Keccak256VariableLength serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::Keccak256VariableLength obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.var_message_size = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Keccakf1600 &lhs, const BlackBoxFuncCall::Keccakf1600 &rhs) { if (!(lhs.inputs == rhs.inputs)) { return false; } @@ -2590,25 +2598,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Keccakf1600 &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::Keccakf1600 &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.outputs, serializer); } template <> template -Circuit::BlackBoxFuncCall::Keccakf1600 serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::Keccakf1600 obj; +Program::BlackBoxFuncCall::Keccakf1600 serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::Keccakf1600 obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::RecursiveAggregation &lhs, const BlackBoxFuncCall::RecursiveAggregation &rhs) { if (!(lhs.verification_key == rhs.verification_key)) { return false; } @@ -2633,11 +2641,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::RecursiveAggregation &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::RecursiveAggregation &obj, Serializer &serializer) { serde::Serializable::serialize(obj.verification_key, serializer); serde::Serializable::serialize(obj.proof, serializer); serde::Serializable::serialize(obj.public_inputs, serializer); @@ -2646,8 +2654,8 @@ void serde::Serializable::seria template <> template -Circuit::BlackBoxFuncCall::RecursiveAggregation serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::RecursiveAggregation obj; +Program::BlackBoxFuncCall::RecursiveAggregation serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::RecursiveAggregation obj; obj.verification_key = serde::Deserializable::deserialize(deserializer); obj.proof = serde::Deserializable::deserialize(deserializer); obj.public_inputs = serde::Deserializable::deserialize(deserializer); @@ -2655,7 +2663,7 @@ Circuit::BlackBoxFuncCall::RecursiveAggregation serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::BigIntAdd &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::BigIntAdd &obj, Serializer &serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -2691,15 +2699,15 @@ void serde::Serializable::serialize(const template <> template -Circuit::BlackBoxFuncCall::BigIntAdd serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::BigIntAdd obj; +Program::BlackBoxFuncCall::BigIntAdd serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::BigIntAdd obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::BigIntSub &lhs, const BlackBoxFuncCall::BigIntSub &rhs) { if (!(lhs.lhs == rhs.lhs)) { return false; } @@ -2723,11 +2731,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::BigIntSub &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::BigIntSub &obj, Serializer &serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -2735,15 +2743,15 @@ void serde::Serializable::serialize(const template <> template -Circuit::BlackBoxFuncCall::BigIntSub serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::BigIntSub obj; +Program::BlackBoxFuncCall::BigIntSub serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::BigIntSub obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::BigIntMul &lhs, const BlackBoxFuncCall::BigIntMul &rhs) { if (!(lhs.lhs == rhs.lhs)) { return false; } @@ -2767,11 +2775,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::BigIntMul &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::BigIntMul &obj, Serializer &serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -2779,15 +2787,15 @@ void serde::Serializable::serialize(const template <> template -Circuit::BlackBoxFuncCall::BigIntMul serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::BigIntMul obj; +Program::BlackBoxFuncCall::BigIntMul serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::BigIntMul obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::BigIntDiv &lhs, const BlackBoxFuncCall::BigIntDiv &rhs) { if (!(lhs.lhs == rhs.lhs)) { return false; } @@ -2811,11 +2819,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::BigIntDiv &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::BigIntDiv &obj, Serializer &serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -2823,15 +2831,15 @@ void serde::Serializable::serialize(const template <> template -Circuit::BlackBoxFuncCall::BigIntDiv serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::BigIntDiv obj; +Program::BlackBoxFuncCall::BigIntDiv serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::BigIntDiv obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::BigIntFromLeBytes &lhs, const BlackBoxFuncCall::BigIntFromLeBytes &rhs) { if (!(lhs.inputs == rhs.inputs)) { return false; } @@ -2855,11 +2863,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::BigIntFromLeBytes &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::BigIntFromLeBytes &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.modulus, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -2867,15 +2875,15 @@ void serde::Serializable::serializ template <> template -Circuit::BlackBoxFuncCall::BigIntFromLeBytes serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::BigIntFromLeBytes obj; +Program::BlackBoxFuncCall::BigIntFromLeBytes serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::BigIntFromLeBytes obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.modulus = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::BigIntToLeBytes &lhs, const BlackBoxFuncCall::BigIntToLeBytes &rhs) { if (!(lhs.input == rhs.input)) { return false; } @@ -2898,25 +2906,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::BigIntToLeBytes &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::BigIntToLeBytes &obj, Serializer &serializer) { serde::Serializable::serialize(obj.input, serializer); serde::Serializable::serialize(obj.outputs, serializer); } template <> template -Circuit::BlackBoxFuncCall::BigIntToLeBytes serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::BigIntToLeBytes obj; +Program::BlackBoxFuncCall::BigIntToLeBytes serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::BigIntToLeBytes obj; obj.input = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Poseidon2Permutation &lhs, const BlackBoxFuncCall::Poseidon2Permutation &rhs) { if (!(lhs.inputs == rhs.inputs)) { return false; } @@ -2940,11 +2948,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Poseidon2Permutation &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::Poseidon2Permutation &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.outputs, serializer); serde::Serializable::serialize(obj.len, serializer); @@ -2952,15 +2960,15 @@ void serde::Serializable::seria template <> template -Circuit::BlackBoxFuncCall::Poseidon2Permutation serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::Poseidon2Permutation obj; +Program::BlackBoxFuncCall::Poseidon2Permutation serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::Poseidon2Permutation obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); obj.len = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxFuncCall::Sha256Compression &lhs, const BlackBoxFuncCall::Sha256Compression &rhs) { if (!(lhs.inputs == rhs.inputs)) { return false; } @@ -2984,11 +2992,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxFuncCall::Sha256Compression &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxFuncCall::Sha256Compression &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.hash_values, serializer); serde::Serializable::serialize(obj.outputs, serializer); @@ -2996,15 +3004,15 @@ void serde::Serializable::serializ template <> template -Circuit::BlackBoxFuncCall::Sha256Compression serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxFuncCall::Sha256Compression obj; +Program::BlackBoxFuncCall::Sha256Compression serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxFuncCall::Sha256Compression obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.hash_values = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp &lhs, const BlackBoxOp &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -3026,11 +3034,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -3038,15 +3046,15 @@ void serde::Serializable::serialize(const Circuit::BlackBox template <> template -Circuit::BlackBoxOp serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::BlackBoxOp serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::BlackBoxOp obj; + Program::BlackBoxOp obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Sha256 &lhs, const BlackBoxOp::Sha256 &rhs) { if (!(lhs.message == rhs.message)) { return false; } @@ -3069,25 +3077,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::Sha256 &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::Sha256 &obj, Serializer &serializer) { serde::Serializable::serialize(obj.message, serializer); serde::Serializable::serialize(obj.output, serializer); } template <> template -Circuit::BlackBoxOp::Sha256 serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::Sha256 obj; +Program::BlackBoxOp::Sha256 serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::Sha256 obj; obj.message = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Blake2s &lhs, const BlackBoxOp::Blake2s &rhs) { if (!(lhs.message == rhs.message)) { return false; } @@ -3110,25 +3118,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::Blake2s &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::Blake2s &obj, Serializer &serializer) { serde::Serializable::serialize(obj.message, serializer); serde::Serializable::serialize(obj.output, serializer); } template <> template -Circuit::BlackBoxOp::Blake2s serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::Blake2s obj; +Program::BlackBoxOp::Blake2s serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::Blake2s obj; obj.message = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Blake3 &lhs, const BlackBoxOp::Blake3 &rhs) { if (!(lhs.message == rhs.message)) { return false; } @@ -3151,25 +3159,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::Blake3 &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::Blake3 &obj, Serializer &serializer) { serde::Serializable::serialize(obj.message, serializer); serde::Serializable::serialize(obj.output, serializer); } template <> template -Circuit::BlackBoxOp::Blake3 serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::Blake3 obj; +Program::BlackBoxOp::Blake3 serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::Blake3 obj; obj.message = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Keccak256 &lhs, const BlackBoxOp::Keccak256 &rhs) { if (!(lhs.message == rhs.message)) { return false; } @@ -3192,25 +3200,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::Keccak256 &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::Keccak256 &obj, Serializer &serializer) { serde::Serializable::serialize(obj.message, serializer); serde::Serializable::serialize(obj.output, serializer); } template <> template -Circuit::BlackBoxOp::Keccak256 serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::Keccak256 obj; +Program::BlackBoxOp::Keccak256 serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::Keccak256 obj; obj.message = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Keccakf1600 &lhs, const BlackBoxOp::Keccakf1600 &rhs) { if (!(lhs.message == rhs.message)) { return false; } @@ -3233,25 +3241,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::Keccakf1600 &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::Keccakf1600 &obj, Serializer &serializer) { serde::Serializable::serialize(obj.message, serializer); serde::Serializable::serialize(obj.output, serializer); } template <> template -Circuit::BlackBoxOp::Keccakf1600 serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::Keccakf1600 obj; +Program::BlackBoxOp::Keccakf1600 serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::Keccakf1600 obj; obj.message = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::EcdsaSecp256k1 &lhs, const BlackBoxOp::EcdsaSecp256k1 &rhs) { if (!(lhs.hashed_msg == rhs.hashed_msg)) { return false; } @@ -3277,11 +3285,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::EcdsaSecp256k1 &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::EcdsaSecp256k1 &obj, Serializer &serializer) { serde::Serializable::serialize(obj.hashed_msg, serializer); serde::Serializable::serialize(obj.public_key_x, serializer); serde::Serializable::serialize(obj.public_key_y, serializer); @@ -3291,8 +3299,8 @@ void serde::Serializable::serialize(const C template <> template -Circuit::BlackBoxOp::EcdsaSecp256k1 serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::EcdsaSecp256k1 obj; +Program::BlackBoxOp::EcdsaSecp256k1 serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::EcdsaSecp256k1 obj; obj.hashed_msg = serde::Deserializable::deserialize(deserializer); obj.public_key_x = serde::Deserializable::deserialize(deserializer); obj.public_key_y = serde::Deserializable::deserialize(deserializer); @@ -3301,7 +3309,7 @@ Circuit::BlackBoxOp::EcdsaSecp256k1 serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::EcdsaSecp256r1 &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::EcdsaSecp256r1 &obj, Serializer &serializer) { serde::Serializable::serialize(obj.hashed_msg, serializer); serde::Serializable::serialize(obj.public_key_x, serializer); serde::Serializable::serialize(obj.public_key_y, serializer); @@ -3341,8 +3349,8 @@ void serde::Serializable::serialize(const C template <> template -Circuit::BlackBoxOp::EcdsaSecp256r1 serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::EcdsaSecp256r1 obj; +Program::BlackBoxOp::EcdsaSecp256r1 serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::EcdsaSecp256r1 obj; obj.hashed_msg = serde::Deserializable::deserialize(deserializer); obj.public_key_x = serde::Deserializable::deserialize(deserializer); obj.public_key_y = serde::Deserializable::deserialize(deserializer); @@ -3351,7 +3359,7 @@ Circuit::BlackBoxOp::EcdsaSecp256r1 serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::SchnorrVerify &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::SchnorrVerify &obj, Serializer &serializer) { serde::Serializable::serialize(obj.public_key_x, serializer); serde::Serializable::serialize(obj.public_key_y, serializer); serde::Serializable::serialize(obj.message, serializer); @@ -3391,8 +3399,8 @@ void serde::Serializable::serialize(const Ci template <> template -Circuit::BlackBoxOp::SchnorrVerify serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::SchnorrVerify obj; +Program::BlackBoxOp::SchnorrVerify serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::SchnorrVerify obj; obj.public_key_x = serde::Deserializable::deserialize(deserializer); obj.public_key_y = serde::Deserializable::deserialize(deserializer); obj.message = serde::Deserializable::deserialize(deserializer); @@ -3401,7 +3409,7 @@ Circuit::BlackBoxOp::SchnorrVerify serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::PedersenCommitment &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::PedersenCommitment &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.domain_separator, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -3437,15 +3445,15 @@ void serde::Serializable::serialize(con template <> template -Circuit::BlackBoxOp::PedersenCommitment serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::PedersenCommitment obj; +Program::BlackBoxOp::PedersenCommitment serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::PedersenCommitment obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.domain_separator = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::PedersenHash &lhs, const BlackBoxOp::PedersenHash &rhs) { if (!(lhs.inputs == rhs.inputs)) { return false; } @@ -3469,11 +3477,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::PedersenHash &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::PedersenHash &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.domain_separator, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -3481,15 +3489,15 @@ void serde::Serializable::serialize(const Cir template <> template -Circuit::BlackBoxOp::PedersenHash serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::PedersenHash obj; +Program::BlackBoxOp::PedersenHash serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::PedersenHash obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.domain_separator = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::FixedBaseScalarMul &lhs, const BlackBoxOp::FixedBaseScalarMul &rhs) { if (!(lhs.low == rhs.low)) { return false; } @@ -3513,11 +3521,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::FixedBaseScalarMul &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::FixedBaseScalarMul &obj, Serializer &serializer) { serde::Serializable::serialize(obj.low, serializer); serde::Serializable::serialize(obj.high, serializer); serde::Serializable::serialize(obj.result, serializer); @@ -3525,15 +3533,15 @@ void serde::Serializable::serialize(con template <> template -Circuit::BlackBoxOp::FixedBaseScalarMul serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::FixedBaseScalarMul obj; +Program::BlackBoxOp::FixedBaseScalarMul serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::FixedBaseScalarMul obj; obj.low = serde::Deserializable::deserialize(deserializer); obj.high = serde::Deserializable::deserialize(deserializer); obj.result = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::EmbeddedCurveAdd &lhs, const BlackBoxOp::EmbeddedCurveAdd &rhs) { if (!(lhs.input1_x == rhs.input1_x)) { return false; } @@ -3559,11 +3567,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::EmbeddedCurveAdd &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::EmbeddedCurveAdd &obj, Serializer &serializer) { serde::Serializable::serialize(obj.input1_x, serializer); serde::Serializable::serialize(obj.input1_y, serializer); serde::Serializable::serialize(obj.input2_x, serializer); @@ -3573,8 +3581,8 @@ void serde::Serializable::serialize(const template <> template -Circuit::BlackBoxOp::EmbeddedCurveAdd serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::EmbeddedCurveAdd obj; +Program::BlackBoxOp::EmbeddedCurveAdd serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::EmbeddedCurveAdd obj; obj.input1_x = serde::Deserializable::deserialize(deserializer); obj.input1_y = serde::Deserializable::deserialize(deserializer); obj.input2_x = serde::Deserializable::deserialize(deserializer); @@ -3583,7 +3591,7 @@ Circuit::BlackBoxOp::EmbeddedCurveAdd serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntAdd &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::BigIntAdd &obj, Serializer &serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -3619,15 +3627,15 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxOp::BigIntAdd serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::BigIntAdd obj; +Program::BlackBoxOp::BigIntAdd serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::BigIntAdd obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::BigIntSub &lhs, const BlackBoxOp::BigIntSub &rhs) { if (!(lhs.lhs == rhs.lhs)) { return false; } @@ -3651,11 +3659,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntSub &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::BigIntSub &obj, Serializer &serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -3663,15 +3671,15 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxOp::BigIntSub serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::BigIntSub obj; +Program::BlackBoxOp::BigIntSub serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::BigIntSub obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::BigIntMul &lhs, const BlackBoxOp::BigIntMul &rhs) { if (!(lhs.lhs == rhs.lhs)) { return false; } @@ -3695,11 +3703,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntMul &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::BigIntMul &obj, Serializer &serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -3707,15 +3715,15 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxOp::BigIntMul serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::BigIntMul obj; +Program::BlackBoxOp::BigIntMul serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::BigIntMul obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::BigIntDiv &lhs, const BlackBoxOp::BigIntDiv &rhs) { if (!(lhs.lhs == rhs.lhs)) { return false; } @@ -3739,11 +3747,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntDiv &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::BigIntDiv &obj, Serializer &serializer) { serde::Serializable::serialize(obj.lhs, serializer); serde::Serializable::serialize(obj.rhs, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -3751,15 +3759,15 @@ void serde::Serializable::serialize(const Circui template <> template -Circuit::BlackBoxOp::BigIntDiv serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::BigIntDiv obj; +Program::BlackBoxOp::BigIntDiv serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::BigIntDiv obj; obj.lhs = serde::Deserializable::deserialize(deserializer); obj.rhs = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::BigIntFromLeBytes &lhs, const BlackBoxOp::BigIntFromLeBytes &rhs) { if (!(lhs.inputs == rhs.inputs)) { return false; } @@ -3783,11 +3791,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntFromLeBytes &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::BigIntFromLeBytes &obj, Serializer &serializer) { serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.modulus, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -3795,15 +3803,15 @@ void serde::Serializable::serialize(cons template <> template -Circuit::BlackBoxOp::BigIntFromLeBytes serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::BigIntFromLeBytes obj; +Program::BlackBoxOp::BigIntFromLeBytes serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::BigIntFromLeBytes obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.modulus = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::BigIntToLeBytes &lhs, const BlackBoxOp::BigIntToLeBytes &rhs) { if (!(lhs.input == rhs.input)) { return false; } @@ -3826,25 +3834,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::BigIntToLeBytes &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::BigIntToLeBytes &obj, Serializer &serializer) { serde::Serializable::serialize(obj.input, serializer); serde::Serializable::serialize(obj.output, serializer); } template <> template -Circuit::BlackBoxOp::BigIntToLeBytes serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::BigIntToLeBytes obj; +Program::BlackBoxOp::BigIntToLeBytes serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::BigIntToLeBytes obj; obj.input = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Poseidon2Permutation &lhs, const BlackBoxOp::Poseidon2Permutation &rhs) { if (!(lhs.message == rhs.message)) { return false; } @@ -3868,11 +3876,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::Poseidon2Permutation &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::Poseidon2Permutation &obj, Serializer &serializer) { serde::Serializable::serialize(obj.message, serializer); serde::Serializable::serialize(obj.output, serializer); serde::Serializable::serialize(obj.len, serializer); @@ -3880,15 +3888,15 @@ void serde::Serializable::serialize(c template <> template -Circuit::BlackBoxOp::Poseidon2Permutation serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::Poseidon2Permutation obj; +Program::BlackBoxOp::Poseidon2Permutation serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::Poseidon2Permutation obj; obj.message = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); obj.len = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlackBoxOp::Sha256Compression &lhs, const BlackBoxOp::Sha256Compression &rhs) { if (!(lhs.input == rhs.input)) { return false; } @@ -3912,11 +3920,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlackBoxOp::Sha256Compression &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlackBoxOp::Sha256Compression &obj, Serializer &serializer) { serde::Serializable::serialize(obj.input, serializer); serde::Serializable::serialize(obj.hash_values, serializer); serde::Serializable::serialize(obj.output, serializer); @@ -3924,15 +3932,15 @@ void serde::Serializable::serialize(cons template <> template -Circuit::BlackBoxOp::Sha256Compression serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BlackBoxOp::Sha256Compression obj; +Program::BlackBoxOp::Sha256Compression serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BlackBoxOp::Sha256Compression obj; obj.input = serde::Deserializable::deserialize(deserializer); obj.hash_values = serde::Deserializable::deserialize(deserializer); obj.output = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BlockId &lhs, const BlockId &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -3954,11 +3962,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BlockId &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BlockId &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -3966,15 +3974,15 @@ void serde::Serializable::serialize(const Circuit::BlockId &ob template <> template -Circuit::BlockId serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::BlockId serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::BlockId obj; + Program::BlockId obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Brillig &lhs, const Brillig &rhs) { if (!(lhs.inputs == rhs.inputs)) { return false; } @@ -3999,11 +4007,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Brillig &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Brillig &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.outputs, serializer); @@ -4014,9 +4022,9 @@ void serde::Serializable::serialize(const Circuit::Brillig &ob template <> template -Circuit::Brillig serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::Brillig serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::Brillig obj; + Program::Brillig obj; obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); obj.bytecode = serde::Deserializable::deserialize(deserializer); @@ -4025,7 +4033,7 @@ Circuit::Brillig serde::Deserializable::deserialize(Deserializ return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligInputs &lhs, const BrilligInputs &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -4047,11 +4055,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligInputs &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligInputs &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -4059,15 +4067,15 @@ void serde::Serializable::serialize(const Circuit::Brill template <> template -Circuit::BrilligInputs serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::BrilligInputs serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::BrilligInputs obj; + Program::BrilligInputs obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligInputs::Single &lhs, const BrilligInputs::Single &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -4089,23 +4097,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligInputs::Single &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligInputs::Single &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::BrilligInputs::Single serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligInputs::Single obj; +Program::BrilligInputs::Single serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligInputs::Single obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligInputs::Array &lhs, const BrilligInputs::Array &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -4127,23 +4135,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligInputs::Array &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligInputs::Array &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::BrilligInputs::Array serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligInputs::Array obj; +Program::BrilligInputs::Array serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligInputs::Array obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligInputs::MemoryArray &lhs, const BrilligInputs::MemoryArray &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -4165,23 +4173,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligInputs::MemoryArray &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligInputs::MemoryArray &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::BrilligInputs::MemoryArray serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligInputs::MemoryArray obj; +Program::BrilligInputs::MemoryArray serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligInputs::MemoryArray obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode &lhs, const BrilligOpcode &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -4203,11 +4211,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -4215,15 +4223,15 @@ void serde::Serializable::serialize(const Circuit::Brill template <> template -Circuit::BrilligOpcode serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::BrilligOpcode serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::BrilligOpcode obj; + Program::BrilligOpcode obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::BinaryFieldOp &lhs, const BrilligOpcode::BinaryFieldOp &rhs) { if (!(lhs.destination == rhs.destination)) { return false; } @@ -4248,11 +4256,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::BinaryFieldOp &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::BinaryFieldOp &obj, Serializer &serializer) { serde::Serializable::serialize(obj.destination, serializer); serde::Serializable::serialize(obj.op, serializer); serde::Serializable::serialize(obj.lhs, serializer); @@ -4261,8 +4269,8 @@ void serde::Serializable::serialize(const template <> template -Circuit::BrilligOpcode::BinaryFieldOp serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::BinaryFieldOp obj; +Program::BrilligOpcode::BinaryFieldOp serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::BinaryFieldOp obj; obj.destination = serde::Deserializable::deserialize(deserializer); obj.op = serde::Deserializable::deserialize(deserializer); obj.lhs = serde::Deserializable::deserialize(deserializer); @@ -4270,7 +4278,7 @@ Circuit::BrilligOpcode::BinaryFieldOp serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::BinaryIntOp &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::BinaryIntOp &obj, Serializer &serializer) { serde::Serializable::serialize(obj.destination, serializer); serde::Serializable::serialize(obj.op, serializer); serde::Serializable::serialize(obj.bit_size, serializer); @@ -4310,8 +4318,8 @@ void serde::Serializable::serialize(const C template <> template -Circuit::BrilligOpcode::BinaryIntOp serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::BinaryIntOp obj; +Program::BrilligOpcode::BinaryIntOp serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::BinaryIntOp obj; obj.destination = serde::Deserializable::deserialize(deserializer); obj.op = serde::Deserializable::deserialize(deserializer); obj.bit_size = serde::Deserializable::deserialize(deserializer); @@ -4320,7 +4328,7 @@ Circuit::BrilligOpcode::BinaryIntOp serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Cast &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::Cast &obj, Serializer &serializer) { serde::Serializable::serialize(obj.destination, serializer); serde::Serializable::serialize(obj.source, serializer); serde::Serializable::serialize(obj.bit_size, serializer); @@ -4356,15 +4364,15 @@ void serde::Serializable::serialize(const Circuit: template <> template -Circuit::BrilligOpcode::Cast serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::Cast obj; +Program::BrilligOpcode::Cast serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::Cast obj; obj.destination = serde::Deserializable::deserialize(deserializer); obj.source = serde::Deserializable::deserialize(deserializer); obj.bit_size = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::JumpIfNot &lhs, const BrilligOpcode::JumpIfNot &rhs) { if (!(lhs.condition == rhs.condition)) { return false; } @@ -4387,25 +4395,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::JumpIfNot &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::JumpIfNot &obj, Serializer &serializer) { serde::Serializable::serialize(obj.condition, serializer); serde::Serializable::serialize(obj.location, serializer); } template <> template -Circuit::BrilligOpcode::JumpIfNot serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::JumpIfNot obj; +Program::BrilligOpcode::JumpIfNot serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::JumpIfNot obj; obj.condition = serde::Deserializable::deserialize(deserializer); obj.location = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::JumpIf &lhs, const BrilligOpcode::JumpIf &rhs) { if (!(lhs.condition == rhs.condition)) { return false; } @@ -4428,25 +4436,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::JumpIf &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::JumpIf &obj, Serializer &serializer) { serde::Serializable::serialize(obj.condition, serializer); serde::Serializable::serialize(obj.location, serializer); } template <> template -Circuit::BrilligOpcode::JumpIf serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::JumpIf obj; +Program::BrilligOpcode::JumpIf serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::JumpIf obj; obj.condition = serde::Deserializable::deserialize(deserializer); obj.location = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Jump &lhs, const BrilligOpcode::Jump &rhs) { if (!(lhs.location == rhs.location)) { return false; } @@ -4468,23 +4476,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Jump &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::Jump &obj, Serializer &serializer) { serde::Serializable::serialize(obj.location, serializer); } template <> template -Circuit::BrilligOpcode::Jump serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::Jump obj; +Program::BrilligOpcode::Jump serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::Jump obj; obj.location = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::CalldataCopy &lhs, const BrilligOpcode::CalldataCopy &rhs) { if (!(lhs.destination_address == rhs.destination_address)) { return false; } @@ -4508,11 +4516,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::CalldataCopy &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::CalldataCopy &obj, Serializer &serializer) { serde::Serializable::serialize(obj.destination_address, serializer); serde::Serializable::serialize(obj.size, serializer); serde::Serializable::serialize(obj.offset, serializer); @@ -4520,15 +4528,15 @@ void serde::Serializable::serialize(const template <> template -Circuit::BrilligOpcode::CalldataCopy serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::CalldataCopy obj; +Program::BrilligOpcode::CalldataCopy serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::CalldataCopy obj; obj.destination_address = serde::Deserializable::deserialize(deserializer); obj.size = serde::Deserializable::deserialize(deserializer); obj.offset = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Call &lhs, const BrilligOpcode::Call &rhs) { if (!(lhs.location == rhs.location)) { return false; } @@ -4550,23 +4558,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Call &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::Call &obj, Serializer &serializer) { serde::Serializable::serialize(obj.location, serializer); } template <> template -Circuit::BrilligOpcode::Call serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::Call obj; +Program::BrilligOpcode::Call serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::Call obj; obj.location = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Const &lhs, const BrilligOpcode::Const &rhs) { if (!(lhs.destination == rhs.destination)) { return false; } @@ -4590,11 +4598,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Const &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::Const &obj, Serializer &serializer) { serde::Serializable::serialize(obj.destination, serializer); serde::Serializable::serialize(obj.bit_size, serializer); serde::Serializable::serialize(obj.value, serializer); @@ -4602,15 +4610,15 @@ void serde::Serializable::serialize(const Circuit template <> template -Circuit::BrilligOpcode::Const serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::Const obj; +Program::BrilligOpcode::Const serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::Const obj; obj.destination = serde::Deserializable::deserialize(deserializer); obj.bit_size = serde::Deserializable::deserialize(deserializer); obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Return &lhs, const BrilligOpcode::Return &rhs) { return true; @@ -4631,21 +4639,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Return &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::Return &obj, Serializer &serializer) { } template <> template -Circuit::BrilligOpcode::Return serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::Return obj; +Program::BrilligOpcode::Return serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::Return obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::ForeignCall &lhs, const BrilligOpcode::ForeignCall &rhs) { if (!(lhs.function == rhs.function)) { return false; } @@ -4671,11 +4679,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::ForeignCall &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::ForeignCall &obj, Serializer &serializer) { serde::Serializable::serialize(obj.function, serializer); serde::Serializable::serialize(obj.destinations, serializer); serde::Serializable::serialize(obj.destination_value_types, serializer); @@ -4685,8 +4693,8 @@ void serde::Serializable::serialize(const C template <> template -Circuit::BrilligOpcode::ForeignCall serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::ForeignCall obj; +Program::BrilligOpcode::ForeignCall serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::ForeignCall obj; obj.function = serde::Deserializable::deserialize(deserializer); obj.destinations = serde::Deserializable::deserialize(deserializer); obj.destination_value_types = serde::Deserializable::deserialize(deserializer); @@ -4695,7 +4703,7 @@ Circuit::BrilligOpcode::ForeignCall serde::Deserializable template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Mov &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::Mov &obj, Serializer &serializer) { serde::Serializable::serialize(obj.destination, serializer); serde::Serializable::serialize(obj.source, serializer); } template <> template -Circuit::BrilligOpcode::Mov serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::Mov obj; +Program::BrilligOpcode::Mov serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::Mov obj; obj.destination = serde::Deserializable::deserialize(deserializer); obj.source = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Load &lhs, const BrilligOpcode::Load &rhs) { if (!(lhs.destination == rhs.destination)) { return false; } @@ -4759,25 +4767,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Load &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::Load &obj, Serializer &serializer) { serde::Serializable::serialize(obj.destination, serializer); serde::Serializable::serialize(obj.source_pointer, serializer); } template <> template -Circuit::BrilligOpcode::Load serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::Load obj; +Program::BrilligOpcode::Load serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::Load obj; obj.destination = serde::Deserializable::deserialize(deserializer); obj.source_pointer = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Store &lhs, const BrilligOpcode::Store &rhs) { if (!(lhs.destination_pointer == rhs.destination_pointer)) { return false; } @@ -4800,25 +4808,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Store &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::Store &obj, Serializer &serializer) { serde::Serializable::serialize(obj.destination_pointer, serializer); serde::Serializable::serialize(obj.source, serializer); } template <> template -Circuit::BrilligOpcode::Store serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::Store obj; +Program::BrilligOpcode::Store serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::Store obj; obj.destination_pointer = serde::Deserializable::deserialize(deserializer); obj.source = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::BlackBox &lhs, const BrilligOpcode::BlackBox &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -4840,23 +4848,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::BlackBox &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::BlackBox &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::BrilligOpcode::BlackBox serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::BlackBox obj; +Program::BrilligOpcode::BlackBox serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::BlackBox obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Trap &lhs, const BrilligOpcode::Trap &rhs) { return true; @@ -4877,21 +4885,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Trap &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::Trap &obj, Serializer &serializer) { } template <> template -Circuit::BrilligOpcode::Trap serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::Trap obj; +Program::BrilligOpcode::Trap serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::Trap obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOpcode::Stop &lhs, const BrilligOpcode::Stop &rhs) { if (!(lhs.return_data_offset == rhs.return_data_offset)) { return false; } @@ -4914,25 +4922,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOpcode::Stop &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOpcode::Stop &obj, Serializer &serializer) { serde::Serializable::serialize(obj.return_data_offset, serializer); serde::Serializable::serialize(obj.return_data_size, serializer); } template <> template -Circuit::BrilligOpcode::Stop serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOpcode::Stop obj; +Program::BrilligOpcode::Stop serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOpcode::Stop obj; obj.return_data_offset = serde::Deserializable::deserialize(deserializer); obj.return_data_size = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOutputs &lhs, const BrilligOutputs &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -4954,11 +4962,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOutputs &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOutputs &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -4966,15 +4974,15 @@ void serde::Serializable::serialize(const Circuit::Bril template <> template -Circuit::BrilligOutputs serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::BrilligOutputs serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::BrilligOutputs obj; + Program::BrilligOutputs obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOutputs::Simple &lhs, const BrilligOutputs::Simple &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -4996,23 +5004,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOutputs::Simple &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOutputs::Simple &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::BrilligOutputs::Simple serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOutputs::Simple obj; +Program::BrilligOutputs::Simple serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOutputs::Simple obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const BrilligOutputs::Array &lhs, const BrilligOutputs::Array &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -5034,23 +5042,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::BrilligOutputs::Array &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::BrilligOutputs::Array &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::BrilligOutputs::Array serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::BrilligOutputs::Array obj; +Program::BrilligOutputs::Array serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::BrilligOutputs::Array obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Circuit &lhs, const Circuit &rhs) { if (!(lhs.current_witness_index == rhs.current_witness_index)) { return false; } @@ -5079,11 +5087,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Circuit &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Circuit &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.current_witness_index, serializer); serde::Serializable::serialize(obj.opcodes, serializer); @@ -5098,9 +5106,9 @@ void serde::Serializable::serialize(const Circuit::Circuit &ob template <> template -Circuit::Circuit serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::Circuit serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::Circuit obj; + Program::Circuit obj; obj.current_witness_index = serde::Deserializable::deserialize(deserializer); obj.opcodes = serde::Deserializable::deserialize(deserializer); obj.expression_width = serde::Deserializable::deserialize(deserializer); @@ -5113,7 +5121,7 @@ Circuit::Circuit serde::Deserializable::deserialize(Deserializ return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Directive &lhs, const Directive &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -5135,11 +5143,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Directive &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Directive &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -5147,15 +5155,15 @@ void serde::Serializable::serialize(const Circuit::Directive template <> template -Circuit::Directive serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::Directive serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::Directive obj; + Program::Directive obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Directive::ToLeRadix &lhs, const Directive::ToLeRadix &rhs) { if (!(lhs.a == rhs.a)) { return false; } @@ -5179,11 +5187,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Directive::ToLeRadix &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Directive::ToLeRadix &obj, Serializer &serializer) { serde::Serializable::serialize(obj.a, serializer); serde::Serializable::serialize(obj.b, serializer); serde::Serializable::serialize(obj.radix, serializer); @@ -5191,15 +5199,15 @@ void serde::Serializable::serialize(const Circuit template <> template -Circuit::Directive::ToLeRadix serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::Directive::ToLeRadix obj; +Program::Directive::ToLeRadix serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::Directive::ToLeRadix obj; obj.a = serde::Deserializable::deserialize(deserializer); obj.b = serde::Deserializable::deserialize(deserializer); obj.radix = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Expression &lhs, const Expression &rhs) { if (!(lhs.mul_terms == rhs.mul_terms)) { return false; } @@ -5223,11 +5231,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Expression &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Expression &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.mul_terms, serializer); serde::Serializable::serialize(obj.linear_combinations, serializer); @@ -5237,9 +5245,9 @@ void serde::Serializable::serialize(const Circuit::Expressi template <> template -Circuit::Expression serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::Expression serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::Expression obj; + Program::Expression obj; obj.mul_terms = serde::Deserializable::deserialize(deserializer); obj.linear_combinations = serde::Deserializable::deserialize(deserializer); obj.q_c = serde::Deserializable::deserialize(deserializer); @@ -5247,7 +5255,7 @@ Circuit::Expression serde::Deserializable::deserialize(Dese return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ExpressionWidth &lhs, const ExpressionWidth &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -5269,11 +5277,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ExpressionWidth &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::ExpressionWidth &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -5281,15 +5289,15 @@ void serde::Serializable::serialize(const Circuit::Exp template <> template -Circuit::ExpressionWidth serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::ExpressionWidth serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::ExpressionWidth obj; + Program::ExpressionWidth obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ExpressionWidth::Unbounded &lhs, const ExpressionWidth::Unbounded &rhs) { return true; @@ -5310,21 +5318,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ExpressionWidth::Unbounded &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::ExpressionWidth::Unbounded &obj, Serializer &serializer) { } template <> template -Circuit::ExpressionWidth::Unbounded serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::ExpressionWidth::Unbounded obj; +Program::ExpressionWidth::Unbounded serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::ExpressionWidth::Unbounded obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ExpressionWidth::Bounded &lhs, const ExpressionWidth::Bounded &rhs) { if (!(lhs.width == rhs.width)) { return false; } @@ -5346,23 +5354,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ExpressionWidth::Bounded &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::ExpressionWidth::Bounded &obj, Serializer &serializer) { serde::Serializable::serialize(obj.width, serializer); } template <> template -Circuit::ExpressionWidth::Bounded serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::ExpressionWidth::Bounded obj; +Program::ExpressionWidth::Bounded serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::ExpressionWidth::Bounded obj; obj.width = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const FunctionInput &lhs, const FunctionInput &rhs) { if (!(lhs.witness == rhs.witness)) { return false; } @@ -5385,11 +5393,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::FunctionInput &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::FunctionInput &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.witness, serializer); serde::Serializable::serialize(obj.num_bits, serializer); @@ -5398,16 +5406,16 @@ void serde::Serializable::serialize(const Circuit::Funct template <> template -Circuit::FunctionInput serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::FunctionInput serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::FunctionInput obj; + Program::FunctionInput obj; obj.witness = serde::Deserializable::deserialize(deserializer); obj.num_bits = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const HeapArray &lhs, const HeapArray &rhs) { if (!(lhs.pointer == rhs.pointer)) { return false; } @@ -5430,11 +5438,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::HeapArray &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::HeapArray &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.pointer, serializer); serde::Serializable::serialize(obj.size, serializer); @@ -5443,16 +5451,16 @@ void serde::Serializable::serialize(const Circuit::HeapArray template <> template -Circuit::HeapArray serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::HeapArray serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::HeapArray obj; + Program::HeapArray obj; obj.pointer = serde::Deserializable::deserialize(deserializer); obj.size = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const HeapValueType &lhs, const HeapValueType &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -5474,11 +5482,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::HeapValueType &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::HeapValueType &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -5486,15 +5494,15 @@ void serde::Serializable::serialize(const Circuit::HeapV template <> template -Circuit::HeapValueType serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::HeapValueType serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::HeapValueType obj; + Program::HeapValueType obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const HeapValueType::Simple &lhs, const HeapValueType::Simple &rhs) { return true; @@ -5515,21 +5523,21 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::HeapValueType::Simple &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::HeapValueType::Simple &obj, Serializer &serializer) { } template <> template -Circuit::HeapValueType::Simple serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::HeapValueType::Simple obj; +Program::HeapValueType::Simple serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::HeapValueType::Simple obj; return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const HeapValueType::Array &lhs, const HeapValueType::Array &rhs) { if (!(lhs.value_types == rhs.value_types)) { return false; } @@ -5552,25 +5560,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::HeapValueType::Array &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::HeapValueType::Array &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value_types, serializer); serde::Serializable::serialize(obj.size, serializer); } template <> template -Circuit::HeapValueType::Array serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::HeapValueType::Array obj; +Program::HeapValueType::Array serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::HeapValueType::Array obj; obj.value_types = serde::Deserializable::deserialize(deserializer); obj.size = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const HeapValueType::Vector &lhs, const HeapValueType::Vector &rhs) { if (!(lhs.value_types == rhs.value_types)) { return false; } @@ -5592,23 +5600,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::HeapValueType::Vector &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::HeapValueType::Vector &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value_types, serializer); } template <> template -Circuit::HeapValueType::Vector serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::HeapValueType::Vector obj; +Program::HeapValueType::Vector serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::HeapValueType::Vector obj; obj.value_types = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const HeapVector &lhs, const HeapVector &rhs) { if (!(lhs.pointer == rhs.pointer)) { return false; } @@ -5631,11 +5639,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::HeapVector &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::HeapVector &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.pointer, serializer); serde::Serializable::serialize(obj.size, serializer); @@ -5644,16 +5652,16 @@ void serde::Serializable::serialize(const Circuit::HeapVect template <> template -Circuit::HeapVector serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::HeapVector serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::HeapVector obj; + Program::HeapVector obj; obj.pointer = serde::Deserializable::deserialize(deserializer); obj.size = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const MemOp &lhs, const MemOp &rhs) { if (!(lhs.operation == rhs.operation)) { return false; } @@ -5677,11 +5685,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::MemOp &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::MemOp &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.operation, serializer); serde::Serializable::serialize(obj.index, serializer); @@ -5691,9 +5699,9 @@ void serde::Serializable::serialize(const Circuit::MemOp &obj, S template <> template -Circuit::MemOp serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::MemOp serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::MemOp obj; + Program::MemOp obj; obj.operation = serde::Deserializable::deserialize(deserializer); obj.index = serde::Deserializable::deserialize(deserializer); obj.value = serde::Deserializable::deserialize(deserializer); @@ -5701,7 +5709,7 @@ Circuit::MemOp serde::Deserializable::deserialize(Deserializer & return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const MemoryAddress &lhs, const MemoryAddress &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -5723,11 +5731,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::MemoryAddress &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::MemoryAddress &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -5735,15 +5743,15 @@ void serde::Serializable::serialize(const Circuit::Memor template <> template -Circuit::MemoryAddress serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::MemoryAddress serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::MemoryAddress obj; + Program::MemoryAddress obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode &lhs, const Opcode &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -5765,11 +5773,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Opcode &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Opcode &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -5777,15 +5785,15 @@ void serde::Serializable::serialize(const Circuit::Opcode &obj, template <> template -Circuit::Opcode serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::Opcode serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::Opcode obj; + Program::Opcode obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::AssertZero &lhs, const Opcode::AssertZero &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -5807,23 +5815,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Opcode::AssertZero &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Opcode::AssertZero &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::Opcode::AssertZero serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::Opcode::AssertZero obj; +Program::Opcode::AssertZero serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::Opcode::AssertZero obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::BlackBoxFuncCall &lhs, const Opcode::BlackBoxFuncCall &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -5845,23 +5853,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Opcode::BlackBoxFuncCall &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Opcode::BlackBoxFuncCall &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::Opcode::BlackBoxFuncCall serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::Opcode::BlackBoxFuncCall obj; +Program::Opcode::BlackBoxFuncCall serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::Opcode::BlackBoxFuncCall obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::Directive &lhs, const Opcode::Directive &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -5883,23 +5891,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Opcode::Directive &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Opcode::Directive &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::Opcode::Directive serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::Opcode::Directive obj; +Program::Opcode::Directive serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::Opcode::Directive obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::Brillig &lhs, const Opcode::Brillig &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -5921,23 +5929,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Opcode::Brillig &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Opcode::Brillig &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::Opcode::Brillig serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::Opcode::Brillig obj; +Program::Opcode::Brillig serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::Opcode::Brillig obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::MemoryOp &lhs, const Opcode::MemoryOp &rhs) { if (!(lhs.block_id == rhs.block_id)) { return false; } @@ -5961,11 +5969,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Opcode::MemoryOp &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Opcode::MemoryOp &obj, Serializer &serializer) { serde::Serializable::serialize(obj.block_id, serializer); serde::Serializable::serialize(obj.op, serializer); serde::Serializable::serialize(obj.predicate, serializer); @@ -5973,15 +5981,15 @@ void serde::Serializable::serialize(const Circuit::Op template <> template -Circuit::Opcode::MemoryOp serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::Opcode::MemoryOp obj; +Program::Opcode::MemoryOp serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::Opcode::MemoryOp obj; obj.block_id = serde::Deserializable::deserialize(deserializer); obj.op = serde::Deserializable::deserialize(deserializer); obj.predicate = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::MemoryInit &lhs, const Opcode::MemoryInit &rhs) { if (!(lhs.block_id == rhs.block_id)) { return false; } @@ -6004,25 +6012,25 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Opcode::MemoryInit &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Opcode::MemoryInit &obj, Serializer &serializer) { serde::Serializable::serialize(obj.block_id, serializer); serde::Serializable::serialize(obj.init, serializer); } template <> template -Circuit::Opcode::MemoryInit serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::Opcode::MemoryInit obj; +Program::Opcode::MemoryInit serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::Opcode::MemoryInit obj; obj.block_id = serde::Deserializable::deserialize(deserializer); obj.init = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Opcode::Call &lhs, const Opcode::Call &rhs) { if (!(lhs.id == rhs.id)) { return false; } @@ -6046,11 +6054,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Opcode::Call &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Opcode::Call &obj, Serializer &serializer) { serde::Serializable::serialize(obj.id, serializer); serde::Serializable::serialize(obj.inputs, serializer); serde::Serializable::serialize(obj.outputs, serializer); @@ -6058,15 +6066,15 @@ void serde::Serializable::serialize(const Circuit::Opcode template <> template -Circuit::Opcode::Call serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::Opcode::Call obj; +Program::Opcode::Call serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::Opcode::Call obj; obj.id = serde::Deserializable::deserialize(deserializer); obj.inputs = serde::Deserializable::deserialize(deserializer); obj.outputs = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const OpcodeLocation &lhs, const OpcodeLocation &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -6088,11 +6096,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::OpcodeLocation &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::OpcodeLocation &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -6100,15 +6108,15 @@ void serde::Serializable::serialize(const Circuit::Opco template <> template -Circuit::OpcodeLocation serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::OpcodeLocation serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::OpcodeLocation obj; + Program::OpcodeLocation obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const OpcodeLocation::Acir &lhs, const OpcodeLocation::Acir &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -6130,23 +6138,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::OpcodeLocation::Acir &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::OpcodeLocation::Acir &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::OpcodeLocation::Acir serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::OpcodeLocation::Acir obj; +Program::OpcodeLocation::Acir serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::OpcodeLocation::Acir obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const OpcodeLocation::Brillig &lhs, const OpcodeLocation::Brillig &rhs) { if (!(lhs.acir_index == rhs.acir_index)) { return false; } @@ -6169,25 +6177,67 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::OpcodeLocation::Brillig &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::OpcodeLocation::Brillig &obj, Serializer &serializer) { serde::Serializable::serialize(obj.acir_index, serializer); serde::Serializable::serialize(obj.brillig_index, serializer); } template <> template -Circuit::OpcodeLocation::Brillig serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::OpcodeLocation::Brillig obj; +Program::OpcodeLocation::Brillig serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::OpcodeLocation::Brillig obj; obj.acir_index = serde::Deserializable::deserialize(deserializer); obj.brillig_index = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { + + inline bool operator==(const Program &lhs, const Program &rhs) { + if (!(lhs.functions == rhs.functions)) { return false; } + return true; + } + + inline std::vector Program::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline Program Program::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace Program + +template <> +template +void serde::Serializable::serialize(const Program::Program &obj, Serializer &serializer) { + serializer.increase_container_depth(); + serde::Serializable::serialize(obj.functions, serializer); + serializer.decrease_container_depth(); +} + +template <> +template +Program::Program serde::Deserializable::deserialize(Deserializer &deserializer) { + deserializer.increase_container_depth(); + Program::Program obj; + obj.functions = serde::Deserializable::deserialize(deserializer); + deserializer.decrease_container_depth(); + return obj; +} + +namespace Program { inline bool operator==(const PublicInputs &lhs, const PublicInputs &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -6209,11 +6259,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::PublicInputs &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::PublicInputs &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -6221,15 +6271,15 @@ void serde::Serializable::serialize(const Circuit::Public template <> template -Circuit::PublicInputs serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::PublicInputs serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::PublicInputs obj; + Program::PublicInputs obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Value &lhs, const Value &rhs) { if (!(lhs.inner == rhs.inner)) { return false; } @@ -6251,11 +6301,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Value &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Value &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.inner, serializer); serializer.decrease_container_depth(); @@ -6263,15 +6313,15 @@ void serde::Serializable::serialize(const Circuit::Value &obj, S template <> template -Circuit::Value serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::Value serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::Value obj; + Program::Value obj; obj.inner = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ValueOrArray &lhs, const ValueOrArray &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -6293,11 +6343,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ValueOrArray &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::ValueOrArray &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -6305,15 +6355,15 @@ void serde::Serializable::serialize(const Circuit::ValueO template <> template -Circuit::ValueOrArray serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::ValueOrArray serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::ValueOrArray obj; + Program::ValueOrArray obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ValueOrArray::MemoryAddress &lhs, const ValueOrArray::MemoryAddress &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -6335,23 +6385,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ValueOrArray::MemoryAddress &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::ValueOrArray::MemoryAddress &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::ValueOrArray::MemoryAddress serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::ValueOrArray::MemoryAddress obj; +Program::ValueOrArray::MemoryAddress serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::ValueOrArray::MemoryAddress obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ValueOrArray::HeapArray &lhs, const ValueOrArray::HeapArray &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -6373,23 +6423,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ValueOrArray::HeapArray &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::ValueOrArray::HeapArray &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::ValueOrArray::HeapArray serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::ValueOrArray::HeapArray obj; +Program::ValueOrArray::HeapArray serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::ValueOrArray::HeapArray obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const ValueOrArray::HeapVector &lhs, const ValueOrArray::HeapVector &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -6411,23 +6461,23 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::ValueOrArray::HeapVector &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::ValueOrArray::HeapVector &obj, Serializer &serializer) { serde::Serializable::serialize(obj.value, serializer); } template <> template -Circuit::ValueOrArray::HeapVector serde::Deserializable::deserialize(Deserializer &deserializer) { - Circuit::ValueOrArray::HeapVector obj; +Program::ValueOrArray::HeapVector serde::Deserializable::deserialize(Deserializer &deserializer) { + Program::ValueOrArray::HeapVector obj; obj.value = serde::Deserializable::deserialize(deserializer); return obj; } -namespace Circuit { +namespace Program { inline bool operator==(const Witness &lhs, const Witness &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -6449,11 +6499,11 @@ namespace Circuit { return value; } -} // end of namespace Circuit +} // end of namespace Program template <> template -void serde::Serializable::serialize(const Circuit::Witness &obj, Serializer &serializer) { +void serde::Serializable::serialize(const Program::Witness &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -6461,9 +6511,9 @@ void serde::Serializable::serialize(const Circuit::Witness &ob template <> template -Circuit::Witness serde::Deserializable::deserialize(Deserializer &deserializer) { +Program::Witness serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - Circuit::Witness obj; + Program::Witness obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; diff --git a/noir/noir-repo/acvm-repo/acir/codegen/witness.cpp b/noir/noir-repo/acvm-repo/acir/codegen/witness.cpp index 118d4ca7ac5..ad2b0550db2 100644 --- a/noir/noir-repo/acvm-repo/acir/codegen/witness.cpp +++ b/noir/noir-repo/acvm-repo/acir/codegen/witness.cpp @@ -3,7 +3,7 @@ #include "serde.hpp" #include "bincode.hpp" -namespace WitnessMap { +namespace WitnessStack { struct Witness { uint32_t value; @@ -14,17 +14,79 @@ namespace WitnessMap { }; struct WitnessMap { - std::map value; + std::map value; friend bool operator==(const WitnessMap&, const WitnessMap&); std::vector bincodeSerialize() const; static WitnessMap bincodeDeserialize(std::vector); }; -} // end of namespace WitnessMap + struct StackItem { + uint32_t index; + WitnessStack::WitnessMap witness; + friend bool operator==(const StackItem&, const StackItem&); + std::vector bincodeSerialize() const; + static StackItem bincodeDeserialize(std::vector); + }; + + struct WitnessStack { + std::vector stack; + + friend bool operator==(const WitnessStack&, const WitnessStack&); + std::vector bincodeSerialize() const; + static WitnessStack bincodeDeserialize(std::vector); + }; + +} // end of namespace WitnessStack + + +namespace WitnessStack { + + inline bool operator==(const StackItem &lhs, const StackItem &rhs) { + if (!(lhs.index == rhs.index)) { return false; } + if (!(lhs.witness == rhs.witness)) { return false; } + return true; + } + + inline std::vector StackItem::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline StackItem StackItem::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace WitnessStack + +template <> +template +void serde::Serializable::serialize(const WitnessStack::StackItem &obj, Serializer &serializer) { + serializer.increase_container_depth(); + serde::Serializable::serialize(obj.index, serializer); + serde::Serializable::serialize(obj.witness, serializer); + serializer.decrease_container_depth(); +} + +template <> +template +WitnessStack::StackItem serde::Deserializable::deserialize(Deserializer &deserializer) { + deserializer.increase_container_depth(); + WitnessStack::StackItem obj; + obj.index = serde::Deserializable::deserialize(deserializer); + obj.witness = serde::Deserializable::deserialize(deserializer); + deserializer.decrease_container_depth(); + return obj; +} -namespace WitnessMap { +namespace WitnessStack { inline bool operator==(const Witness &lhs, const Witness &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -46,11 +108,11 @@ namespace WitnessMap { return value; } -} // end of namespace WitnessMap +} // end of namespace WitnessStack template <> template -void serde::Serializable::serialize(const WitnessMap::Witness &obj, Serializer &serializer) { +void serde::Serializable::serialize(const WitnessStack::Witness &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -58,15 +120,15 @@ void serde::Serializable::serialize(const WitnessMap::Witne template <> template -WitnessMap::Witness serde::Deserializable::deserialize(Deserializer &deserializer) { +WitnessStack::Witness serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - WitnessMap::Witness obj; + WitnessStack::Witness obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } -namespace WitnessMap { +namespace WitnessStack { inline bool operator==(const WitnessMap &lhs, const WitnessMap &rhs) { if (!(lhs.value == rhs.value)) { return false; } @@ -88,11 +150,11 @@ namespace WitnessMap { return value; } -} // end of namespace WitnessMap +} // end of namespace WitnessStack template <> template -void serde::Serializable::serialize(const WitnessMap::WitnessMap &obj, Serializer &serializer) { +void serde::Serializable::serialize(const WitnessStack::WitnessMap &obj, Serializer &serializer) { serializer.increase_container_depth(); serde::Serializable::serialize(obj.value, serializer); serializer.decrease_container_depth(); @@ -100,10 +162,52 @@ void serde::Serializable::serialize(const WitnessMap::Wi template <> template -WitnessMap::WitnessMap serde::Deserializable::deserialize(Deserializer &deserializer) { +WitnessStack::WitnessMap serde::Deserializable::deserialize(Deserializer &deserializer) { deserializer.increase_container_depth(); - WitnessMap::WitnessMap obj; + WitnessStack::WitnessMap obj; obj.value = serde::Deserializable::deserialize(deserializer); deserializer.decrease_container_depth(); return obj; } + +namespace WitnessStack { + + inline bool operator==(const WitnessStack &lhs, const WitnessStack &rhs) { + if (!(lhs.stack == rhs.stack)) { return false; } + return true; + } + + inline std::vector WitnessStack::bincodeSerialize() const { + auto serializer = serde::BincodeSerializer(); + serde::Serializable::serialize(*this, serializer); + return std::move(serializer).bytes(); + } + + inline WitnessStack WitnessStack::bincodeDeserialize(std::vector input) { + auto deserializer = serde::BincodeDeserializer(input); + auto value = serde::Deserializable::deserialize(deserializer); + if (deserializer.get_buffer_offset() < input.size()) { + throw serde::deserialization_error("Some input bytes were not read"); + } + return value; + } + +} // end of namespace WitnessStack + +template <> +template +void serde::Serializable::serialize(const WitnessStack::WitnessStack &obj, Serializer &serializer) { + serializer.increase_container_depth(); + serde::Serializable::serialize(obj.stack, serializer); + serializer.decrease_container_depth(); +} + +template <> +template +WitnessStack::WitnessStack serde::Deserializable::deserialize(Deserializer &deserializer) { + deserializer.increase_container_depth(); + WitnessStack::WitnessStack obj; + obj.stack = serde::Deserializable::deserialize(deserializer); + deserializer.decrease_container_depth(); + return obj; +} diff --git a/noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs b/noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs index 7e6cbf23803..25cb7f38891 100644 --- a/noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs +++ b/noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs @@ -32,6 +32,13 @@ pub enum ExpressionWidth { }, } +/// A program represented by multiple ACIR circuits. The execution trace of these +/// circuits is dictated by construction of the [crate::native_types::WitnessStack]. +#[derive(Clone, PartialEq, Eq, Serialize, Deserialize, Default)] +pub struct Program { + pub functions: Vec, +} + #[derive(Clone, PartialEq, Eq, Serialize, Deserialize, Default)] pub struct Circuit { // current_witness_index is the highest witness index in the circuit. The next witness to be added to this circuit @@ -203,6 +210,57 @@ impl Circuit { } } +impl Program { + fn write(&self, writer: W) -> std::io::Result<()> { + let buf = bincode::serialize(self).unwrap(); + let mut encoder = flate2::write::GzEncoder::new(writer, Compression::default()); + encoder.write_all(&buf)?; + encoder.finish()?; + Ok(()) + } + + fn read(reader: R) -> std::io::Result { + let mut gz_decoder = flate2::read::GzDecoder::new(reader); + let mut buf_d = Vec::new(); + gz_decoder.read_to_end(&mut buf_d)?; + bincode::deserialize(&buf_d) + .map_err(|err| std::io::Error::new(std::io::ErrorKind::InvalidInput, err)) + } + + pub fn serialize_program(program: &Program) -> Vec { + let mut program_bytes: Vec = Vec::new(); + program.write(&mut program_bytes).expect("expected circuit to be serializable"); + program_bytes + } + + pub fn deserialize_program(serialized_circuit: &[u8]) -> std::io::Result { + Program::read(serialized_circuit) + } + + // Serialize and base64 encode program + pub fn serialize_program_base64(program: &Program, s: S) -> Result + where + S: Serializer, + { + let program_bytes = Program::serialize_program(program); + let encoded_b64 = base64::engine::general_purpose::STANDARD.encode(program_bytes); + s.serialize_str(&encoded_b64) + } + + // Deserialize and base64 decode program + pub fn deserialize_program_base64<'de, D>(deserializer: D) -> Result + where + D: Deserializer<'de>, + { + let bytecode_b64: String = serde::Deserialize::deserialize(deserializer)?; + let program_bytes = base64::engine::general_purpose::STANDARD + .decode(bytecode_b64) + .map_err(D::Error::custom)?; + let circuit = Self::deserialize_program(&program_bytes).map_err(D::Error::custom)?; + Ok(circuit) + } +} + impl std::fmt::Display for Circuit { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { writeln!(f, "current witness index : {}", self.current_witness_index)?; @@ -240,6 +298,25 @@ impl std::fmt::Debug for Circuit { } } +impl std::fmt::Display for Program { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + let mut func_index = 0; + for function in self.functions.iter() { + writeln!(f, "func {}", func_index)?; + writeln!(f, "{}", function)?; + func_index += 1; + } + Ok(()) + + } +} + +impl std::fmt::Debug for Program { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + std::fmt::Display::fmt(self, f) + } +} + #[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize, Default)] pub struct PublicInputs(pub BTreeSet); diff --git a/noir/noir-repo/acvm-repo/acir/src/lib.rs b/noir/noir-repo/acvm-repo/acir/src/lib.rs index c7be5026850..d14159f34a1 100644 --- a/noir/noir-repo/acvm-repo/acir/src/lib.rs +++ b/noir/noir-repo/acvm-repo/acir/src/lib.rs @@ -42,9 +42,9 @@ mod reflection { brillig::{BrilligInputs, BrilligOutputs}, directives::Directive, opcodes::BlackBoxFuncCall, - Circuit, ExpressionWidth, Opcode, OpcodeLocation, + Circuit, ExpressionWidth, Opcode, OpcodeLocation, Program, }, - native_types::{Witness, WitnessMap}, + native_types::{Witness, WitnessMap, WitnessStack}, }; #[test] @@ -59,6 +59,7 @@ mod reflection { }; let mut tracer = Tracer::new(TracerConfig::default()); + tracer.trace_simple_type::().unwrap(); tracer.trace_simple_type::().unwrap(); tracer.trace_simple_type::().unwrap(); tracer.trace_simple_type::().unwrap(); @@ -78,7 +79,7 @@ mod reflection { // Create C++ class definitions. let mut source = Vec::new(); - let config = serde_generate::CodeGeneratorConfig::new("Circuit".to_string()) + let config = serde_generate::CodeGeneratorConfig::new("Program".to_string()) .with_encodings(vec![serde_generate::Encoding::Bincode]); let generator = serde_generate::cpp::CodeGenerator::new(&config); generator.output(&mut source, ®istry).unwrap(); @@ -106,12 +107,13 @@ mod reflection { let mut tracer = Tracer::new(TracerConfig::default()); tracer.trace_simple_type::().unwrap(); tracer.trace_simple_type::().unwrap(); + tracer.trace_simple_type::().unwrap(); let registry = tracer.registry().unwrap(); // Create C++ class definitions. let mut source = Vec::new(); - let config = serde_generate::CodeGeneratorConfig::new("WitnessMap".to_string()) + let config = serde_generate::CodeGeneratorConfig::new("WitnessStack".to_string()) .with_encodings(vec![serde_generate::Encoding::Bincode]); let generator = serde_generate::cpp::CodeGenerator::new(&config); generator.output(&mut source, ®istry).unwrap(); diff --git a/noir/noir-repo/acvm-repo/acir/src/native_types/mod.rs b/noir/noir-repo/acvm-repo/acir/src/native_types/mod.rs index 66c822bfff8..eb9d1f6fd03 100644 --- a/noir/noir-repo/acvm-repo/acir/src/native_types/mod.rs +++ b/noir/noir-repo/acvm-repo/acir/src/native_types/mod.rs @@ -1,8 +1,10 @@ mod expression; mod witness; mod witness_map; +mod witness_stack; pub use expression::Expression; pub use witness::Witness; pub use witness_map::WitnessMap; -pub use witness_map::WitnessMapError; +pub use witness_stack::WitnessStack; +pub use witness_stack::WitnessStackError; diff --git a/noir/noir-repo/acvm-repo/acir/src/native_types/witness_stack.rs b/noir/noir-repo/acvm-repo/acir/src/native_types/witness_stack.rs new file mode 100644 index 00000000000..24e7984dc14 --- /dev/null +++ b/noir/noir-repo/acvm-repo/acir/src/native_types/witness_stack.rs @@ -0,0 +1,66 @@ +use std::{ + io::Read, +}; + +use flate2::bufread::GzDecoder; +use flate2::bufread::GzEncoder; +use flate2::Compression; +use serde::{Deserialize, Serialize}; +use thiserror::Error; + +use super::WitnessMap; + +#[derive(Debug, Error)] +enum SerializationError { + #[error(transparent)] + Deflate(#[from] std::io::Error), +} + +#[derive(Debug, Error)] +#[error(transparent)] +pub struct WitnessStackError(#[from] SerializationError); + +/// An ordered set of witness maps for separate circuits +#[derive(Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Default, Serialize, Deserialize)] +pub struct WitnessStack { + pub stack: Vec +} + +#[derive(Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Default, Serialize, Deserialize)] +pub struct StackItem { + /// Index into a [crate::circuit::Program] function list for which we have an associated witness + index: u32, + /// A full witness for the respective constraint system specified by the index + witness: WitnessMap, +} + +impl From for WitnessStack { + fn from(witness: WitnessMap) -> Self { + let stack = vec![StackItem { index: 0, witness }]; + Self { stack } + } +} + +impl TryFrom for Vec { + type Error = WitnessStackError; + + fn try_from(val: WitnessStack) -> Result { + let buf = bincode::serialize(&val).unwrap(); + let mut deflater = GzEncoder::new(buf.as_slice(), Compression::best()); + let mut buf_c = Vec::new(); + deflater.read_to_end(&mut buf_c).map_err(|err| WitnessStackError(err.into()))?; + Ok(buf_c) + } +} + +impl TryFrom<&[u8]> for WitnessStack { + type Error = WitnessStackError; + + fn try_from(bytes: &[u8]) -> Result { + let mut deflater = GzDecoder::new(bytes); + let mut buf_d = Vec::new(); + deflater.read_to_end(&mut buf_d).map_err(|err| WitnessStackError(err.into()))?; + let witness_stack = bincode::deserialize(&buf_d).unwrap(); + Ok(witness_stack) + } +} \ No newline at end of file diff --git a/noir/noir-repo/compiler/noirc_driver/src/contract.rs b/noir/noir-repo/compiler/noirc_driver/src/contract.rs index 5f4b66e7dd2..d95ddef80c5 100644 --- a/noir/noir-repo/compiler/noirc_driver/src/contract.rs +++ b/noir/noir-repo/compiler/noirc_driver/src/contract.rs @@ -1,7 +1,7 @@ use serde::{Deserialize, Serialize}; use std::collections::BTreeMap; -use acvm::acir::circuit::Circuit; +use acvm::acir::circuit::{Circuit, Program}; use fm::FileId; use noirc_abi::{Abi, ContractEvent}; use noirc_errors::debug_info::DebugInfo; @@ -62,10 +62,10 @@ pub struct ContractFunction { pub abi: Abi, #[serde( - serialize_with = "Circuit::serialize_circuit_base64", - deserialize_with = "Circuit::deserialize_circuit_base64" + serialize_with = "Program::serialize_program_base64", + deserialize_with = "Program::deserialize_program_base64" )] - pub bytecode: Circuit, + pub bytecode: Program, pub debug: DebugInfo, } diff --git a/noir/noir-repo/compiler/noirc_driver/src/lib.rs b/noir/noir-repo/compiler/noirc_driver/src/lib.rs index 11f53cdb749..8724baafc7d 100644 --- a/noir/noir-repo/compiler/noirc_driver/src/lib.rs +++ b/noir/noir-repo/compiler/noirc_driver/src/lib.rs @@ -3,7 +3,7 @@ #![warn(unreachable_pub)] #![warn(clippy::semicolon_if_nothing_returned)] -use acvm::acir::circuit::ExpressionWidth; +use acvm::acir::circuit::{ExpressionWidth, Program}; use clap::Args; use fm::{FileId, FileManager}; use iter_extended::vecmap; @@ -303,7 +303,7 @@ pub fn compile_main( if options.print_acir { println!("Compiled ACIR for main (unoptimized):"); - println!("{}", compiled_program.circuit); + println!("{}", compiled_program.program); } Ok((compiled_program, warnings)) @@ -415,7 +415,7 @@ fn compile_contract_inner( function_type, is_internal: modifiers.is_internal.unwrap_or(false), abi: function.abi, - bytecode: function.circuit, + bytecode: function.program, debug: function.debug, }); } @@ -487,7 +487,8 @@ pub fn compile_no_check( Ok(CompiledProgram { hash, - circuit, + // TODO(https://github.com/noir-lang/noir/issues/4428) + program: Program { functions: vec![circuit] }, debug, abi, file_map, diff --git a/noir/noir-repo/compiler/noirc_driver/src/program.rs b/noir/noir-repo/compiler/noirc_driver/src/program.rs index 8d509d3bf68..9a1879cc2f2 100644 --- a/noir/noir-repo/compiler/noirc_driver/src/program.rs +++ b/noir/noir-repo/compiler/noirc_driver/src/program.rs @@ -1,6 +1,6 @@ use std::collections::BTreeMap; -use acvm::acir::circuit::Circuit; +use acvm::acir::circuit::{Circuit, Program}; use fm::FileId; use noirc_errors::debug_info::DebugInfo; @@ -19,10 +19,10 @@ pub struct CompiledProgram { pub hash: u64, #[serde( - serialize_with = "Circuit::serialize_circuit_base64", - deserialize_with = "Circuit::deserialize_circuit_base64" + serialize_with = "Program::serialize_program_base64", + deserialize_with = "Program::deserialize_program_base64" )] - pub circuit: Circuit, + pub program: Program, pub abi: noirc_abi::Abi, pub debug: DebugInfo, pub file_map: BTreeMap, diff --git a/noir/noir-repo/tooling/backend_interface/src/proof_system.rs b/noir/noir-repo/tooling/backend_interface/src/proof_system.rs index 485381006df..83ee04f9042 100644 --- a/noir/noir-repo/tooling/backend_interface/src/proof_system.rs +++ b/noir/noir-repo/tooling/backend_interface/src/proof_system.rs @@ -3,7 +3,7 @@ use std::io::Write; use std::path::Path; use acvm::acir::{ - circuit::{Circuit, ExpressionWidth}, + circuit::{Circuit, ExpressionWidth, Program}, native_types::WitnessMap, }; use acvm::FieldElement; @@ -17,7 +17,7 @@ use crate::cli::{ use crate::{Backend, BackendError}; impl Backend { - pub fn get_exact_circuit_size(&self, circuit: &Circuit) -> Result { + pub fn get_exact_circuit_size(&self, program: &Program) -> Result { let binary_path = self.assert_binary_exists()?; self.assert_correct_version()?; @@ -26,8 +26,8 @@ impl Backend { // Create a temporary file for the circuit let circuit_path = temp_directory.join("circuit").with_extension("bytecode"); - let serialized_circuit = Circuit::serialize_circuit(circuit); - write_to_file(&serialized_circuit, &circuit_path); + let serialized_program = Program::serialize_program(program); + write_to_file(&serialized_program, &circuit_path); GatesCommand { crs_path: self.crs_directory(), bytecode_path: circuit_path } .run(binary_path) @@ -55,7 +55,7 @@ impl Backend { #[tracing::instrument(level = "trace", skip_all)] pub fn prove( &self, - circuit: &Circuit, + program: &Program, witness_values: WitnessMap, ) -> Result, BackendError> { let binary_path = self.assert_binary_exists()?; @@ -72,9 +72,9 @@ impl Backend { // Create a temporary file for the circuit // - let bytecode_path = temp_directory.join("circuit").with_extension("bytecode"); - let serialized_circuit = Circuit::serialize_circuit(circuit); - write_to_file(&serialized_circuit, &bytecode_path); + let bytecode_path = temp_directory.join("program").with_extension("bytecode"); + let serialized_program = Program::serialize_program(program); + write_to_file(&serialized_program, &bytecode_path); // Create proof and store it in the specified path let proof_with_public_inputs = @@ -82,7 +82,8 @@ impl Backend { .run(binary_path)?; let proof = bb_abstraction_leaks::remove_public_inputs( - circuit.public_inputs().0.len(), + // TODO(https://github.com/noir-lang/noir/issues/4428) + program.functions[0].public_inputs().0.len(), &proof_with_public_inputs, ); Ok(proof) @@ -93,7 +94,7 @@ impl Backend { &self, proof: &[u8], public_inputs: WitnessMap, - circuit: &Circuit, + program: &Program, ) -> Result { let binary_path = self.assert_binary_exists()?; self.assert_correct_version()?; @@ -108,9 +109,9 @@ impl Backend { write_to_file(&proof_with_public_inputs, &proof_path); // Create a temporary file for the circuit - let bytecode_path = temp_directory.join("circuit").with_extension("bytecode"); - let serialized_circuit = Circuit::serialize_circuit(circuit); - write_to_file(&serialized_circuit, &bytecode_path); + let bytecode_path = temp_directory.join("program").with_extension("bytecode"); + let serialized_program = Program::serialize_program(program); + write_to_file(&serialized_program, &bytecode_path); // Create the verification key and write it to the specified path let vk_path = temp_directory.join("vk"); diff --git a/noir/noir-repo/tooling/debugger/src/dap.rs b/noir/noir-repo/tooling/debugger/src/dap.rs index 7e67a26b257..f73c8a43851 100644 --- a/noir/noir-repo/tooling/debugger/src/dap.rs +++ b/noir/noir-repo/tooling/debugger/src/dap.rs @@ -669,7 +669,7 @@ pub fn run_session( warnings: program.warnings, }; let mut session = - DapSession::new(server, solver, &program.circuit, &debug_artifact, initial_witness); + DapSession::new(server, solver, &program.program.functions[0], &debug_artifact, initial_witness); session.run_loop() } diff --git a/noir/noir-repo/tooling/nargo/src/artifacts/contract.rs b/noir/noir-repo/tooling/nargo/src/artifacts/contract.rs index d928b09fcb9..a23433b3317 100644 --- a/noir/noir-repo/tooling/nargo/src/artifacts/contract.rs +++ b/noir/noir-repo/tooling/nargo/src/artifacts/contract.rs @@ -1,4 +1,4 @@ -use acvm::acir::circuit::Circuit; +use acvm::acir::circuit::{Circuit, Program}; use noirc_abi::{Abi, ContractEvent}; use noirc_driver::{CompiledContract, ContractFunction, ContractFunctionType}; use serde::{Deserialize, Serialize}; @@ -50,10 +50,10 @@ pub struct ContractFunctionArtifact { pub abi: Abi, #[serde( - serialize_with = "Circuit::serialize_circuit_base64", - deserialize_with = "Circuit::deserialize_circuit_base64" + serialize_with = "Program::serialize_program_base64", + deserialize_with = "Program::deserialize_program_base64" )] - pub bytecode: Circuit, + pub bytecode: Program, #[serde( serialize_with = "DebugInfo::serialize_compressed_base64_json", diff --git a/noir/noir-repo/tooling/nargo/src/artifacts/program.rs b/noir/noir-repo/tooling/nargo/src/artifacts/program.rs index d8dc42ec214..b870248a5fa 100644 --- a/noir/noir-repo/tooling/nargo/src/artifacts/program.rs +++ b/noir/noir-repo/tooling/nargo/src/artifacts/program.rs @@ -1,6 +1,6 @@ use std::collections::BTreeMap; -use acvm::acir::circuit::Circuit; +use acvm::acir::circuit::{Circuit, Program}; use fm::FileId; use noirc_abi::Abi; use noirc_driver::CompiledProgram; @@ -21,10 +21,10 @@ pub struct ProgramArtifact { pub abi: Abi, #[serde( - serialize_with = "Circuit::serialize_circuit_base64", - deserialize_with = "Circuit::deserialize_circuit_base64" + serialize_with = "Program::serialize_program_base64", + deserialize_with = "Program::deserialize_program_base64" )] - pub bytecode: Circuit, + pub bytecode: Program, #[serde( serialize_with = "DebugInfo::serialize_compressed_base64_json", @@ -37,14 +37,14 @@ pub struct ProgramArtifact { } impl From for ProgramArtifact { - fn from(program: CompiledProgram) -> Self { + fn from(compiled_program: CompiledProgram) -> Self { ProgramArtifact { - hash: program.hash, - abi: program.abi, - noir_version: program.noir_version, - bytecode: program.circuit, - debug_symbols: program.debug, - file_map: program.file_map, + hash: compiled_program.hash, + abi: compiled_program.abi, + noir_version: compiled_program.noir_version, + bytecode: compiled_program.program, + debug_symbols: compiled_program.debug, + file_map: compiled_program.file_map, } } } @@ -55,7 +55,7 @@ impl From for CompiledProgram { hash: program.hash, abi: program.abi, noir_version: program.noir_version, - circuit: program.bytecode, + program: program.bytecode, debug: program.debug_symbols, file_map: program.file_map, warnings: vec![], diff --git a/noir/noir-repo/tooling/nargo/src/ops/optimize.rs b/noir/noir-repo/tooling/nargo/src/ops/optimize.rs index 2d0c4c43d25..cb2b31e9779 100644 --- a/noir/noir-repo/tooling/nargo/src/ops/optimize.rs +++ b/noir/noir-repo/tooling/nargo/src/ops/optimize.rs @@ -1,17 +1,21 @@ use iter_extended::vecmap; use noirc_driver::{CompiledContract, CompiledProgram}; -pub fn optimize_program(mut program: CompiledProgram) -> CompiledProgram { - let (optimized_circuit, location_map) = acvm::compiler::optimize(program.circuit); - program.circuit = optimized_circuit; - program.debug.update_acir(location_map); - program +/// TODO(https://github.com/noir-lang/noir/issues/4428): Need to update how these passes are run to account for +/// multiple ACIR functions + +pub fn optimize_program(mut compiled_program: CompiledProgram) -> CompiledProgram { + // TODO: Work to get rid of these clones by borrowing `Circuit` in the acvm compiler or by accepted a `Program` + let (optimized_circuit, location_map) = acvm::compiler::optimize(compiled_program.program.functions[0].clone()); + compiled_program.program.functions[0] = optimized_circuit; + compiled_program.debug.update_acir(location_map); + compiled_program } pub fn optimize_contract(contract: CompiledContract) -> CompiledContract { let functions = vecmap(contract.functions, |mut func| { - let (optimized_bytecode, location_map) = acvm::compiler::optimize(func.bytecode); - func.bytecode = optimized_bytecode; + let (optimized_bytecode, location_map) = acvm::compiler::optimize(func.bytecode.functions[0].clone()); + func.bytecode.functions[0] = optimized_bytecode; func.debug.update_acir(location_map); func }); diff --git a/noir/noir-repo/tooling/nargo/src/ops/test.rs b/noir/noir-repo/tooling/nargo/src/ops/test.rs index 92c09ec889e..dd2833cd5c8 100644 --- a/noir/noir-repo/tooling/nargo/src/ops/test.rs +++ b/noir/noir-repo/tooling/nargo/src/ops/test.rs @@ -22,18 +22,19 @@ pub fn run_test( foreign_call_resolver_url: Option<&str>, config: &CompileOptions, ) -> TestStatus { - let program = compile_no_check(context, config, test_function.get_id(), None, false); - match program { - Ok(program) => { + let compiled_program = compile_no_check(context, config, test_function.get_id(), None, false); + match compiled_program { + Ok(compiled_program) => { // Run the backend to ensure the PWG evaluates functions like std::hash::pedersen, // otherwise constraints involving these expressions will not error. let circuit_execution = execute_circuit( - &program.circuit, + // TODO(https://github.com/noir-lang/noir/issues/4428) + &compiled_program.program.functions[0], WitnessMap::new(), blackbox_solver, &mut DefaultForeignCallExecutor::new(show_output, foreign_call_resolver_url), ); - test_status_program_compile_pass(test_function, program.debug, circuit_execution) + test_status_program_compile_pass(test_function, compiled_program.debug, circuit_execution) } Err(err) => test_status_program_compile_fail(err, test_function), } diff --git a/noir/noir-repo/tooling/nargo/src/ops/transform.rs b/noir/noir-repo/tooling/nargo/src/ops/transform.rs index 9267ed7e045..79abe89d73b 100644 --- a/noir/noir-repo/tooling/nargo/src/ops/transform.rs +++ b/noir/noir-repo/tooling/nargo/src/ops/transform.rs @@ -2,16 +2,20 @@ use acvm::acir::circuit::ExpressionWidth; use iter_extended::vecmap; use noirc_driver::{CompiledContract, CompiledProgram}; +/// TODO(https://github.com/noir-lang/noir/issues/4428): Need to update how these passes are run to account for +/// multiple ACIR functions + pub fn transform_program( - mut program: CompiledProgram, + mut compiled_program: CompiledProgram, expression_width: ExpressionWidth, ) -> CompiledProgram { + // TODO: Work to get rid of these clones by borrowing `Circuit` in the acvm compiler or by accepted a `Program` let (optimized_circuit, location_map) = - acvm::compiler::compile(program.circuit, expression_width); + acvm::compiler::compile(compiled_program.program.functions[0].clone(), expression_width); - program.circuit = optimized_circuit; - program.debug.update_acir(location_map); - program + compiled_program.program.functions[0] = optimized_circuit; + compiled_program.debug.update_acir(location_map); + compiled_program } pub fn transform_contract( @@ -20,8 +24,8 @@ pub fn transform_contract( ) -> CompiledContract { let functions = vecmap(contract.functions, |mut func| { let (optimized_bytecode, location_map) = - acvm::compiler::compile(func.bytecode, expression_width); - func.bytecode = optimized_bytecode; + acvm::compiler::compile(func.bytecode.functions[0].clone(), expression_width); + func.bytecode.functions[0] = optimized_bytecode; func.debug.update_acir(location_map); func }); diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs index 63d27e30836..212daed20bc 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs @@ -65,7 +65,14 @@ pub(crate) fn run( let program = nargo::ops::transform_program(program, expression_width); - let smart_contract_string = backend.eth_contract(&program.circuit)?; + + // TODO(https://github.com/noir-lang/noir/issues/4428): + // We do not expect to have a smart contract verifier for a foldable program with multiple circuits. + // However, in the future we can expect to possibly have non-inlined ACIR functions during compilation + // that will be inlined at a later step such as by the ACVM compiler or by the backend. + // Add appropriate handling here once the compiler enables multiple ACIR functions. + assert_eq!(program.program.functions.len(), 1); + let smart_contract_string = backend.eth_contract(&program.program.functions[0])?; let contract_dir = workspace.contracts_directory_path(package); create_named_dir(&contract_dir, "contract"); diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/compile_cmd.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/compile_cmd.rs index 34fb05249b5..5b3919a520e 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/compile_cmd.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/compile_cmd.rs @@ -156,10 +156,10 @@ pub(super) fn save_program( circuit_dir: &Path, only_acir_opt: bool, ) { - let program_artifact = ProgramArtifact::from(program.clone()); if only_acir_opt { - only_acir(&program_artifact, circuit_dir); + only_acir(program.program, circuit_dir); } else { + let program_artifact = ProgramArtifact::from(program.clone()); save_program_to_file(&program_artifact, &package.name, circuit_dir); } } diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/debug_cmd.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/debug_cmd.rs index 130a07b5c90..9ebace797d0 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/debug_cmd.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/debug_cmd.rs @@ -236,7 +236,7 @@ pub(crate) fn debug_program( noir_debugger::debug_circuit( &blackbox_solver, - &compiled_program.circuit, + &compiled_program.program.functions[0], debug_artifact, initial_witness, ) diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/execute_cmd.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/execute_cmd.rs index a3fcebab94f..f3e3689a856 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/execute_cmd.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/execute_cmd.rs @@ -137,7 +137,7 @@ pub(crate) fn execute_program( let initial_witness = compiled_program.abi.encode(inputs_map, None)?; let solved_witness_err = nargo::ops::execute_circuit( - &compiled_program.circuit, + &compiled_program.program.functions[0], initial_witness, &blackbox_solver, &mut DefaultForeignCallExecutor::new(true, foreign_call_resolver_url), diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs index 1fb57ae6685..9cdc5131e57 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs @@ -1,6 +1,6 @@ use std::path::{Path, PathBuf}; -use acvm::acir::circuit::Circuit; +use acvm::acir::circuit::{Circuit, Program}; use nargo::artifacts::{contract::ContractArtifact, program::ProgramArtifact}; use noirc_frontend::graph::CrateName; @@ -19,12 +19,12 @@ pub(crate) fn save_program_to_file>( /// Writes the bytecode as acir.gz pub(crate) fn only_acir>( - program_artifact: &ProgramArtifact, + program: Program, circuit_dir: P, ) -> PathBuf { create_named_dir(circuit_dir.as_ref(), "target"); let circuit_path = circuit_dir.as_ref().join("acir").with_extension("gz"); - let bytes = Circuit::serialize_circuit(&program_artifact.bytecode); + let bytes = Program::serialize_program(&program); write_to_file(&bytes, &circuit_path); circuit_path diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs index 1a2cf88f4a1..52b5c385e5d 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs @@ -1,6 +1,6 @@ use std::path::{Path, PathBuf}; -use acvm::acir::native_types::WitnessMap; +use acvm::acir::native_types::{WitnessMap, WitnessStack}; use nargo::constants::WITNESS_EXT; use super::{create_named_dir, write_to_file}; @@ -14,7 +14,9 @@ pub(crate) fn save_witness_to_dir>( create_named_dir(witness_dir.as_ref(), "witness"); let witness_path = witness_dir.as_ref().join(witness_name).with_extension(WITNESS_EXT); - let buf: Vec = witnesses.try_into()?; + // TODO(https://github.com/noir-lang/noir/issues/4428) + let witness_stack: WitnessStack = witnesses.into(); + let buf: Vec = witness_stack.try_into()?; write_to_file(buf.as_slice(), &witness_path); diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/info_cmd.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/info_cmd.rs index ef0df0bf25b..fffa200d3bb 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/info_cmd.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/info_cmd.rs @@ -268,8 +268,8 @@ fn count_opcodes_and_gates_in_program( Ok(ProgramInfo { name: package.name.to_string(), expression_width, - acir_opcodes: compiled_program.circuit.opcodes.len(), - circuit_size: backend.get_exact_circuit_size(&compiled_program.circuit)?, + acir_opcodes: compiled_program.program.functions[0].opcodes.len(), + circuit_size: backend.get_exact_circuit_size(&compiled_program.program)?, }) } @@ -284,7 +284,8 @@ fn count_opcodes_and_gates_in_contract( .map(|function| -> Result<_, BackendError> { Ok(FunctionInfo { name: function.name, - acir_opcodes: function.bytecode.opcodes.len(), + // TODO(https://github.com/noir-lang/noir/issues/4428) + acir_opcodes: function.bytecode.functions[0].opcodes.len(), circuit_size: backend.get_exact_circuit_size(&function.bytecode)?, }) }) diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/prove_cmd.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/prove_cmd.rs index cc39b0535bc..03c0321a17e 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/prove_cmd.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/prove_cmd.rs @@ -138,11 +138,11 @@ pub(crate) fn prove_package( Format::Toml, )?; - let proof = backend.prove(&compiled_program.circuit, solved_witness)?; + let proof = backend.prove(&compiled_program.program, solved_witness)?; if check_proof { let public_inputs = public_abi.encode(&public_inputs, return_value)?; - let valid_proof = backend.verify(&proof, public_inputs, &compiled_program.circuit)?; + let valid_proof = backend.verify(&proof, public_inputs, &compiled_program.program)?; if !valid_proof { return Err(CliError::InvalidProof("".into())); diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/verify_cmd.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/verify_cmd.rs index 66b88a22f2a..9d1a7276525 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/verify_cmd.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/verify_cmd.rs @@ -102,7 +102,7 @@ fn verify_package( let proof = load_hex_data(&proof_path)?; - let valid_proof = backend.verify(&proof, public_inputs, &compiled_program.circuit)?; + let valid_proof = backend.verify(&proof, public_inputs, &compiled_program.program)?; if valid_proof { Ok(()) diff --git a/noir/noir-repo/tooling/nargo_cli/src/errors.rs b/noir/noir-repo/tooling/nargo_cli/src/errors.rs index c2996f53420..40fb7886405 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/errors.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/errors.rs @@ -1,4 +1,4 @@ -use acvm::acir::native_types::WitnessMapError; +use acvm::acir::native_types::WitnessStackError; use hex::FromHexError; use nargo::{errors::CompileError, NargoError}; use nargo_toml::ManifestError; @@ -22,9 +22,9 @@ pub(crate) enum FilesystemError { #[error(transparent)] InputParserError(#[from] InputParserError), - /// WitnessMap serialization error + /// WitnessStack serialization error #[error(transparent)] - WitnessMapSerialization(#[from] WitnessMapError), + WitnessStackSerialization(#[from] WitnessStackError), #[error("Error: could not deserialize build program: {0}")] ProgramSerializationError(String), From 288a7ec0b9d46339c8224a0ed492f469a4886e3e Mon Sep 17 00:00:00 2001 From: vezenovm Date: Wed, 6 Mar 2024 18:47:00 +0000 Subject: [PATCH 02/29] a little cleanup --- .../src/barretenberg/dsl/acir_format/acir_to_constraint_buf.hpp | 2 +- noir/noir-repo/tooling/nargo_cli/src/cli/execute_cmd.rs | 1 + noir/noir-repo/tooling/nargo_cli/src/cli/info_cmd.rs | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_to_constraint_buf.hpp b/barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_to_constraint_buf.hpp index bed65a90c03..58d036f4e16 100644 --- a/barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_to_constraint_buf.hpp +++ b/barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_to_constraint_buf.hpp @@ -366,7 +366,7 @@ void handle_memory_op(Program::Opcode::MemoryOp const& mem_op, BlockConstraint& AcirFormat circuit_buf_to_acir_format(std::vector const& buf) { // TODO(maxim): Handle the new `Program` structure once ACVM supports a function call stack. - // For now we still expect a single ACIR function.s + // For now we expect a single ACIR function auto circuit = Program::Program::bincodeDeserialize(buf).functions[0]; AcirFormat af; diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/execute_cmd.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/execute_cmd.rs index f3e3689a856..ca0fbdfe3a5 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/execute_cmd.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/execute_cmd.rs @@ -136,6 +136,7 @@ pub(crate) fn execute_program( let initial_witness = compiled_program.abi.encode(inputs_map, None)?; + // TODO(https://github.com/noir-lang/noir/issues/4428) let solved_witness_err = nargo::ops::execute_circuit( &compiled_program.program.functions[0], initial_witness, diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/info_cmd.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/info_cmd.rs index fffa200d3bb..f73f4207209 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/info_cmd.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/info_cmd.rs @@ -268,6 +268,7 @@ fn count_opcodes_and_gates_in_program( Ok(ProgramInfo { name: package.name.to_string(), expression_width, + // TODO(https://github.com/noir-lang/noir/issues/4428) acir_opcodes: compiled_program.program.functions[0].opcodes.len(), circuit_size: backend.get_exact_circuit_size(&compiled_program.program)?, }) From 1f65f1842a78d457a8f181ecda855d42cbd3ed2d Mon Sep 17 00:00:00 2001 From: vezenovm Date: Wed, 6 Mar 2024 18:55:08 +0000 Subject: [PATCH 03/29] cargo fmt --- noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs | 3 +-- .../acvm-repo/acir/src/native_types/witness_stack.rs | 8 +++----- noir/noir-repo/tooling/debugger/src/dap.rs | 9 +++++++-- noir/noir-repo/tooling/nargo/src/ops/optimize.rs | 8 +++++--- noir/noir-repo/tooling/nargo/src/ops/test.rs | 6 +++++- noir/noir-repo/tooling/nargo/src/ops/transform.rs | 2 +- .../tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs | 9 ++++----- noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs | 5 +---- 8 files changed, 27 insertions(+), 23 deletions(-) diff --git a/noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs b/noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs index 25cb7f38891..d4311aebb49 100644 --- a/noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs +++ b/noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs @@ -246,7 +246,7 @@ impl Program { let encoded_b64 = base64::engine::general_purpose::STANDARD.encode(program_bytes); s.serialize_str(&encoded_b64) } - + // Deserialize and base64 decode program pub fn deserialize_program_base64<'de, D>(deserializer: D) -> Result where @@ -307,7 +307,6 @@ impl std::fmt::Display for Program { func_index += 1; } Ok(()) - } } diff --git a/noir/noir-repo/acvm-repo/acir/src/native_types/witness_stack.rs b/noir/noir-repo/acvm-repo/acir/src/native_types/witness_stack.rs index 24e7984dc14..439de987b7e 100644 --- a/noir/noir-repo/acvm-repo/acir/src/native_types/witness_stack.rs +++ b/noir/noir-repo/acvm-repo/acir/src/native_types/witness_stack.rs @@ -1,6 +1,4 @@ -use std::{ - io::Read, -}; +use std::io::Read; use flate2::bufread::GzDecoder; use flate2::bufread::GzEncoder; @@ -23,7 +21,7 @@ pub struct WitnessStackError(#[from] SerializationError); /// An ordered set of witness maps for separate circuits #[derive(Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Default, Serialize, Deserialize)] pub struct WitnessStack { - pub stack: Vec + pub stack: Vec, } #[derive(Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Default, Serialize, Deserialize)] @@ -63,4 +61,4 @@ impl TryFrom<&[u8]> for WitnessStack { let witness_stack = bincode::deserialize(&buf_d).unwrap(); Ok(witness_stack) } -} \ No newline at end of file +} diff --git a/noir/noir-repo/tooling/debugger/src/dap.rs b/noir/noir-repo/tooling/debugger/src/dap.rs index f73c8a43851..fdc56c29b08 100644 --- a/noir/noir-repo/tooling/debugger/src/dap.rs +++ b/noir/noir-repo/tooling/debugger/src/dap.rs @@ -668,8 +668,13 @@ pub fn run_session( file_map: program.file_map, warnings: program.warnings, }; - let mut session = - DapSession::new(server, solver, &program.program.functions[0], &debug_artifact, initial_witness); + let mut session = DapSession::new( + server, + solver, + &program.program.functions[0], + &debug_artifact, + initial_witness, + ); session.run_loop() } diff --git a/noir/noir-repo/tooling/nargo/src/ops/optimize.rs b/noir/noir-repo/tooling/nargo/src/ops/optimize.rs index cb2b31e9779..250c070fe87 100644 --- a/noir/noir-repo/tooling/nargo/src/ops/optimize.rs +++ b/noir/noir-repo/tooling/nargo/src/ops/optimize.rs @@ -1,12 +1,13 @@ use iter_extended::vecmap; use noirc_driver::{CompiledContract, CompiledProgram}; -/// TODO(https://github.com/noir-lang/noir/issues/4428): Need to update how these passes are run to account for +/// TODO(https://github.com/noir-lang/noir/issues/4428): Need to update how these passes are run to account for /// multiple ACIR functions pub fn optimize_program(mut compiled_program: CompiledProgram) -> CompiledProgram { // TODO: Work to get rid of these clones by borrowing `Circuit` in the acvm compiler or by accepted a `Program` - let (optimized_circuit, location_map) = acvm::compiler::optimize(compiled_program.program.functions[0].clone()); + let (optimized_circuit, location_map) = + acvm::compiler::optimize(compiled_program.program.functions[0].clone()); compiled_program.program.functions[0] = optimized_circuit; compiled_program.debug.update_acir(location_map); compiled_program @@ -14,7 +15,8 @@ pub fn optimize_program(mut compiled_program: CompiledProgram) -> CompiledProgra pub fn optimize_contract(contract: CompiledContract) -> CompiledContract { let functions = vecmap(contract.functions, |mut func| { - let (optimized_bytecode, location_map) = acvm::compiler::optimize(func.bytecode.functions[0].clone()); + let (optimized_bytecode, location_map) = + acvm::compiler::optimize(func.bytecode.functions[0].clone()); func.bytecode.functions[0] = optimized_bytecode; func.debug.update_acir(location_map); func diff --git a/noir/noir-repo/tooling/nargo/src/ops/test.rs b/noir/noir-repo/tooling/nargo/src/ops/test.rs index dd2833cd5c8..929216bbae9 100644 --- a/noir/noir-repo/tooling/nargo/src/ops/test.rs +++ b/noir/noir-repo/tooling/nargo/src/ops/test.rs @@ -34,7 +34,11 @@ pub fn run_test( blackbox_solver, &mut DefaultForeignCallExecutor::new(show_output, foreign_call_resolver_url), ); - test_status_program_compile_pass(test_function, compiled_program.debug, circuit_execution) + test_status_program_compile_pass( + test_function, + compiled_program.debug, + circuit_execution, + ) } Err(err) => test_status_program_compile_fail(err, test_function), } diff --git a/noir/noir-repo/tooling/nargo/src/ops/transform.rs b/noir/noir-repo/tooling/nargo/src/ops/transform.rs index 79abe89d73b..c32ca2f482f 100644 --- a/noir/noir-repo/tooling/nargo/src/ops/transform.rs +++ b/noir/noir-repo/tooling/nargo/src/ops/transform.rs @@ -2,7 +2,7 @@ use acvm::acir::circuit::ExpressionWidth; use iter_extended::vecmap; use noirc_driver::{CompiledContract, CompiledProgram}; -/// TODO(https://github.com/noir-lang/noir/issues/4428): Need to update how these passes are run to account for +/// TODO(https://github.com/noir-lang/noir/issues/4428): Need to update how these passes are run to account for /// multiple ACIR functions pub fn transform_program( diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs index 212daed20bc..f4177e5f38c 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs @@ -65,12 +65,11 @@ pub(crate) fn run( let program = nargo::ops::transform_program(program, expression_width); - - // TODO(https://github.com/noir-lang/noir/issues/4428): + // TODO(https://github.com/noir-lang/noir/issues/4428): // We do not expect to have a smart contract verifier for a foldable program with multiple circuits. - // However, in the future we can expect to possibly have non-inlined ACIR functions during compilation - // that will be inlined at a later step such as by the ACVM compiler or by the backend. - // Add appropriate handling here once the compiler enables multiple ACIR functions. + // However, in the future we can expect to possibly have non-inlined ACIR functions during compilation + // that will be inlined at a later step such as by the ACVM compiler or by the backend. + // Add appropriate handling here once the compiler enables multiple ACIR functions. assert_eq!(program.program.functions.len(), 1); let smart_contract_string = backend.eth_contract(&program.program.functions[0])?; diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs index 9cdc5131e57..c18f087fb3c 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs @@ -18,10 +18,7 @@ pub(crate) fn save_program_to_file>( } /// Writes the bytecode as acir.gz -pub(crate) fn only_acir>( - program: Program, - circuit_dir: P, -) -> PathBuf { +pub(crate) fn only_acir>(program: Program, circuit_dir: P) -> PathBuf { create_named_dir(circuit_dir.as_ref(), "target"); let circuit_path = circuit_dir.as_ref().join("acir").with_extension("gz"); let bytes = Program::serialize_program(&program); From 0dc8b38a42b2e6feea3f79cc87b62a92c30465b1 Mon Sep 17 00:00:00 2001 From: vezenovm Date: Wed, 6 Mar 2024 18:59:39 +0000 Subject: [PATCH 04/29] fmt and clippy --- noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs | 4 +--- noir/noir-repo/compiler/noirc_driver/src/contract.rs | 2 +- noir/noir-repo/compiler/noirc_driver/src/program.rs | 2 +- noir/noir-repo/tooling/nargo/src/artifacts/contract.rs | 2 +- noir/noir-repo/tooling/nargo/src/artifacts/program.rs | 2 +- noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs | 2 +- 6 files changed, 6 insertions(+), 8 deletions(-) diff --git a/noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs b/noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs index d4311aebb49..3d4d6296981 100644 --- a/noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs +++ b/noir/noir-repo/acvm-repo/acir/src/circuit/mod.rs @@ -300,11 +300,9 @@ impl std::fmt::Debug for Circuit { impl std::fmt::Display for Program { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { - let mut func_index = 0; - for function in self.functions.iter() { + for (func_index, function) in self.functions.iter().enumerate() { writeln!(f, "func {}", func_index)?; writeln!(f, "{}", function)?; - func_index += 1; } Ok(()) } diff --git a/noir/noir-repo/compiler/noirc_driver/src/contract.rs b/noir/noir-repo/compiler/noirc_driver/src/contract.rs index d95ddef80c5..3ce5b0c9fc9 100644 --- a/noir/noir-repo/compiler/noirc_driver/src/contract.rs +++ b/noir/noir-repo/compiler/noirc_driver/src/contract.rs @@ -1,7 +1,7 @@ use serde::{Deserialize, Serialize}; use std::collections::BTreeMap; -use acvm::acir::circuit::{Circuit, Program}; +use acvm::acir::circuit::Program; use fm::FileId; use noirc_abi::{Abi, ContractEvent}; use noirc_errors::debug_info::DebugInfo; diff --git a/noir/noir-repo/compiler/noirc_driver/src/program.rs b/noir/noir-repo/compiler/noirc_driver/src/program.rs index 9a1879cc2f2..6f527297dcb 100644 --- a/noir/noir-repo/compiler/noirc_driver/src/program.rs +++ b/noir/noir-repo/compiler/noirc_driver/src/program.rs @@ -1,6 +1,6 @@ use std::collections::BTreeMap; -use acvm::acir::circuit::{Circuit, Program}; +use acvm::acir::circuit::Program; use fm::FileId; use noirc_errors::debug_info::DebugInfo; diff --git a/noir/noir-repo/tooling/nargo/src/artifacts/contract.rs b/noir/noir-repo/tooling/nargo/src/artifacts/contract.rs index a23433b3317..115bc1d17ea 100644 --- a/noir/noir-repo/tooling/nargo/src/artifacts/contract.rs +++ b/noir/noir-repo/tooling/nargo/src/artifacts/contract.rs @@ -1,4 +1,4 @@ -use acvm::acir::circuit::{Circuit, Program}; +use acvm::acir::circuit::Program; use noirc_abi::{Abi, ContractEvent}; use noirc_driver::{CompiledContract, ContractFunction, ContractFunctionType}; use serde::{Deserialize, Serialize}; diff --git a/noir/noir-repo/tooling/nargo/src/artifacts/program.rs b/noir/noir-repo/tooling/nargo/src/artifacts/program.rs index b870248a5fa..046db1cd8fa 100644 --- a/noir/noir-repo/tooling/nargo/src/artifacts/program.rs +++ b/noir/noir-repo/tooling/nargo/src/artifacts/program.rs @@ -1,6 +1,6 @@ use std::collections::BTreeMap; -use acvm::acir::circuit::{Circuit, Program}; +use acvm::acir::circuit::Program; use fm::FileId; use noirc_abi::Abi; use noirc_driver::CompiledProgram; diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs index c18f087fb3c..77005e8d5af 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/program.rs @@ -1,6 +1,6 @@ use std::path::{Path, PathBuf}; -use acvm::acir::circuit::{Circuit, Program}; +use acvm::acir::circuit::Program; use nargo::artifacts::{contract::ContractArtifact, program::ProgramArtifact}; use noirc_frontend::graph::CrateName; From e602ecd22de2b9ddae5fbd574dcab46cd10f23fe Mon Sep 17 00:00:00 2001 From: vezenovm Date: Wed, 6 Mar 2024 19:17:42 +0000 Subject: [PATCH 05/29] update avm-transpiler to handle new program structure --- .vscode/settings.json | 3 ++- avm-transpiler/src/transpile_contract.rs | 12 ++++++------ 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index 4d3812210fd..02a3ca36395 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -157,6 +157,7 @@ "barretenberg/cpp/src" ], "rust-analyzer.linkedProjects": [ - "noir/noir-repo/Cargo.toml" + "noir/noir-repo/Cargo.toml", + "avm-transpiler/Cargo.toml" ] } diff --git a/avm-transpiler/src/transpile_contract.rs b/avm-transpiler/src/transpile_contract.rs index bcf848ab88e..8481d44d9d9 100644 --- a/avm-transpiler/src/transpile_contract.rs +++ b/avm-transpiler/src/transpile_contract.rs @@ -3,7 +3,7 @@ use log::info; use regex::Regex; use serde::{Deserialize, Serialize}; -use acvm::acir::circuit::Circuit; +use acvm::acir::circuit::Program; use noirc_driver::ContractFunctionType; use crate::transpile::brillig_to_avm; @@ -56,10 +56,10 @@ pub struct AcirContractFunction { pub is_internal: bool, pub abi: serde_json::Value, #[serde( - serialize_with = "Circuit::serialize_circuit_base64", - deserialize_with = "Circuit::deserialize_circuit_base64" + serialize_with = "Program::serialize_program_base64", + deserialize_with = "Program::deserialize_program_base64" )] - pub bytecode: Circuit, + pub bytecode: Program, pub debug_symbols: serde_json::Value, } @@ -90,8 +90,8 @@ impl From for TranspiledContract { function.name, contract.name ); // Extract Brillig Opcodes from acir - let acir_circuit = function.bytecode.clone(); - let brillig = extract_brillig_from_acir(&acir_circuit.opcodes); + let acir_program = function.bytecode; + let brillig = extract_brillig_from_acir(&acir_program.functions[0].opcodes); // Transpile to AVM let avm_bytecode = brillig_to_avm(brillig); From c3d825d6b56d52d560a7c7b4053e10707460d8f6 Mon Sep 17 00:00:00 2001 From: vezenovm Date: Wed, 6 Mar 2024 19:21:31 +0000 Subject: [PATCH 06/29] import correct witness hpp file --- .../cpp/src/barretenberg/dsl/acir_format/serde/index.hpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/index.hpp b/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/index.hpp index cbbc3ca1b33..da0e55ad1c5 100644 --- a/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/index.hpp +++ b/barretenberg/cpp/src/barretenberg/dsl/acir_format/serde/index.hpp @@ -16,6 +16,6 @@ #pragma GCC diagnostic ignored "-Wsign-conversion" #pragma GCC diagnostic ignored "-Wconversion" #include "acir.hpp" -#include "witness_map.hpp" +#include "witness_stack.hpp" #pragma GCC diagnostic pop #endif \ No newline at end of file From e1757fda41959c6298d1da7aeef584101f1e7013 Mon Sep 17 00:00:00 2001 From: vezenovm Date: Wed, 6 Mar 2024 21:52:14 +0000 Subject: [PATCH 07/29] serialize Program in acvm_js --- .vscode/settings.json | 1 + noir/noir-repo/acvm-repo/acvm_js/src/execute.rs | 8 ++++++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index 02a3ca36395..c801138e223 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -158,6 +158,7 @@ ], "rust-analyzer.linkedProjects": [ "noir/noir-repo/Cargo.toml", + "noir/noir-repo/acvm-repo/acvm_js/Cargo.toml", "avm-transpiler/Cargo.toml" ] } diff --git a/noir/noir-repo/acvm-repo/acvm_js/src/execute.rs b/noir/noir-repo/acvm-repo/acvm_js/src/execute.rs index 3f691e1abf2..6985183a8a0 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/src/execute.rs +++ b/noir/noir-repo/acvm-repo/acvm_js/src/execute.rs @@ -1,5 +1,5 @@ use acvm::{ - acir::circuit::Circuit, + acir::circuit::Program, pwg::{ACVMStatus, ErrorLocation, OpcodeResolutionError, ACVM}, }; use bn254_blackbox_solver::Bn254BlackBoxSolver; @@ -56,13 +56,17 @@ pub async fn execute_circuit( #[wasm_bindgen(js_name = executeCircuitWithBlackBoxSolver, skip_jsdoc)] pub async fn execute_circuit_with_black_box_solver( solver: &WasmBlackBoxFunctionSolver, + // TODO(https://github.com/noir-lang/noir/issues/4428): These need to be updated to match the same interfaces + // as the native ACVM executor. Right now native execution still only handles one circuit so I do not feel the need + // to break the JS interface just yet. circuit: Vec, initial_witness: JsWitnessMap, foreign_call_handler: ForeignCallHandler, ) -> Result { console_error_panic_hook::set_once(); - let circuit: Circuit = Circuit::deserialize_circuit(&circuit) + let program: Program = Program::deserialize_program(&circuit) .map_err(|_| JsExecutionError::new("Failed to deserialize circuit. This is likely due to differing serialization formats between ACVM_JS and your compiler".to_string(), None))?; + let circuit = &program.functions[0]; let mut acvm = ACVM::new(&solver.0, &circuit.opcodes, initial_witness.into()); From ad8129b35ae6c17c633b6d4a74bee6436deee13b Mon Sep 17 00:00:00 2001 From: vezenovm Date: Thu, 7 Mar 2024 04:21:43 +0000 Subject: [PATCH 08/29] update public witness methods in acvm_js --- .../acvm-repo/acvm_js/src/public_witness.rs | 23 +++++++++++++------ 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs b/noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs index 8dc66c435b3..47f5bb6e339 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs +++ b/noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs @@ -1,5 +1,5 @@ use acvm::acir::{ - circuit::Circuit, + circuit::{Circuit, Program}, native_types::{Witness, WitnessMap}, }; use js_sys::JsString; @@ -26,12 +26,17 @@ fn extract_indices(witness_map: &WitnessMap, indices: Vec) -> Result, witness_map: JsWitnessMap, ) -> Result { console_error_panic_hook::set_once(); - let circuit: Circuit = - Circuit::deserialize_circuit(&circuit).expect("Failed to deserialize circuit"); + let program: Program = + Program::deserialize_program(&circuit).expect("Failed to deserialize circuit"); + let circuit = &program.functions[0]; + let witness_map = WitnessMap::from(witness_map); let return_witness = @@ -51,8 +56,10 @@ pub fn get_public_parameters_witness( solved_witness: JsWitnessMap, ) -> Result { console_error_panic_hook::set_once(); - let circuit: Circuit = - Circuit::deserialize_circuit(&circuit).expect("Failed to deserialize circuit"); + let program: Program = + Program::deserialize_program(&circuit).expect("Failed to deserialize circuit"); + let circuit = &program.functions[0]; + let witness_map = WitnessMap::from(solved_witness); let public_params_witness = @@ -72,8 +79,10 @@ pub fn get_public_witness( solved_witness: JsWitnessMap, ) -> Result { console_error_panic_hook::set_once(); - let circuit: Circuit = - Circuit::deserialize_circuit(&circuit).expect("Failed to deserialize circuit"); + let program: Program = + Program::deserialize_program(&circuit).expect("Failed to deserialize circuit"); + let circuit = &program.functions[0]; + let witness_map = WitnessMap::from(solved_witness); let public_witness = From 1dac703ca0a9db2e1244d97893212efa39b2277c Mon Sep 17 00:00:00 2001 From: vezenovm Date: Thu, 7 Mar 2024 04:29:14 +0000 Subject: [PATCH 09/29] add necessary clone --- noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs b/noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs index 47f5bb6e339..f303f805a28 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs +++ b/noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs @@ -40,7 +40,7 @@ pub fn get_return_witness( let witness_map = WitnessMap::from(witness_map); let return_witness = - extract_indices(&witness_map, circuit.return_values.0.into_iter().collect())?; + extract_indices(&witness_map, circuit.return_values.0.clone().into_iter().collect())?; Ok(JsWitnessMap::from(return_witness)) } @@ -63,7 +63,7 @@ pub fn get_public_parameters_witness( let witness_map = WitnessMap::from(solved_witness); let public_params_witness = - extract_indices(&witness_map, circuit.public_parameters.0.into_iter().collect())?; + extract_indices(&witness_map, circuit.public_parameters.0.clone().into_iter().collect())?; Ok(JsWitnessMap::from(public_params_witness)) } @@ -86,7 +86,7 @@ pub fn get_public_witness( let witness_map = WitnessMap::from(solved_witness); let public_witness = - extract_indices(&witness_map, circuit.public_inputs().0.into_iter().collect())?; + extract_indices(&witness_map, circuit.public_inputs().0.clone().into_iter().collect())?; Ok(JsWitnessMap::from(public_witness)) } From 14cea93e7750a9e5c77df4cfac460e09c51df2bf Mon Sep 17 00:00:00 2001 From: vezenovm Date: Thu, 7 Mar 2024 14:13:48 +0000 Subject: [PATCH 10/29] remove unused import --- noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs b/noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs index f303f805a28..2ae90b79a6a 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs +++ b/noir/noir-repo/acvm-repo/acvm_js/src/public_witness.rs @@ -1,5 +1,5 @@ use acvm::acir::{ - circuit::{Circuit, Program}, + circuit::Program, native_types::{Witness, WitnessMap}, }; use js_sys::JsString; From fc7c8b72d539ebb34069f9a550969ce76fb3496c Mon Sep 17 00:00:00 2001 From: vezenovm Date: Thu, 7 Mar 2024 15:27:36 +0000 Subject: [PATCH 11/29] updated serialization --- .../acir/tests/test_program_serialization.rs | 119 ++++++++++-------- .../acvm-repo/acvm_js/test/shared/addition.ts | 11 +- .../test/shared/complex_foreign_call.ts | 16 +-- .../test/shared/fixed_base_scalar_mul.ts | 6 +- .../acvm_js/test/shared/foreign_call.ts | 9 +- .../acvm_js/test/shared/memory_op.ts | 9 +- .../acvm-repo/acvm_js/test/shared/pedersen.ts | 5 +- .../acvm_js/test/shared/schnorr_verify.ts | 28 +++-- 8 files changed, 111 insertions(+), 92 deletions(-) diff --git a/noir/noir-repo/acvm-repo/acir/tests/test_program_serialization.rs b/noir/noir-repo/acvm-repo/acir/tests/test_program_serialization.rs index 2c8ad2b9986..238f51b1e28 100644 --- a/noir/noir-repo/acvm-repo/acir/tests/test_program_serialization.rs +++ b/noir/noir-repo/acvm-repo/acir/tests/test_program_serialization.rs @@ -1,13 +1,13 @@ //! This integration test defines a set of circuits which are used in order to test the acvm_js package. //! -//! The acvm_js test suite contains serialized [circuits][`Circuit`] which must be kept in sync with the format +//! The acvm_js test suite contains serialized program [circuits][`Program`] which must be kept in sync with the format //! outputted from the [ACIR crate][acir]. //! Breaking changes to the serialization format then require refreshing acvm_js's test suite. //! This file contains Rust definitions of these circuits and outputs the updated serialized format. //! //! These tests also check this circuit serialization against an expected value, erroring if the serialization changes. //! Generally in this situation we just need to refresh the `expected_serialization` variables to match the -//! actual output, **HOWEVER** note that this results in a breaking change to the ACIR format. +//! actual output, **HOWEVER** note that this results in a breaking change to the backend ACIR format. use std::collections::BTreeSet; @@ -15,7 +15,7 @@ use acir::{ circuit::{ brillig::{Brillig, BrilligInputs, BrilligOutputs}, opcodes::{BlackBoxFuncCall, BlockId, FunctionInput, MemOp}, - Circuit, Opcode, PublicInputs, + Circuit, Opcode, Program, PublicInputs, }, native_types::{Expression, Witness}, }; @@ -41,16 +41,17 @@ fn addition_circuit() { return_values: PublicInputs([Witness(3)].into()), ..Circuit::default() }; + let program = Program { functions: vec![circuit] }; - let bytes = Circuit::serialize_circuit(&circuit); + let bytes = Program::serialize_program(&program); let expected_serialization: Vec = vec![ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 173, 208, 49, 14, 192, 32, 8, 5, 80, 212, 30, 8, 4, 20, - 182, 94, 165, 166, 122, 255, 35, 52, 77, 28, 76, 58, 214, 191, 124, 166, 23, 242, 15, 0, 8, - 240, 77, 154, 125, 206, 198, 127, 161, 176, 209, 138, 139, 197, 88, 68, 122, 205, 157, 152, - 46, 204, 222, 76, 81, 180, 21, 35, 35, 53, 189, 179, 49, 119, 19, 171, 222, 188, 162, 147, - 112, 167, 161, 206, 99, 98, 105, 223, 95, 248, 26, 113, 90, 97, 185, 97, 217, 56, 173, 35, - 63, 243, 81, 87, 163, 125, 1, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 173, 144, 75, 14, 128, 32, 12, 68, 249, 120, 160, 150, + 182, 208, 238, 188, 138, 68, 184, 255, 17, 212, 200, 130, 196, 165, 188, 164, 153, 174, 94, + 38, 227, 221, 203, 118, 159, 119, 95, 226, 200, 125, 36, 252, 3, 253, 66, 87, 152, 92, 4, + 153, 185, 149, 212, 144, 240, 128, 100, 85, 5, 88, 106, 86, 84, 20, 149, 51, 41, 81, 83, + 214, 98, 213, 10, 24, 50, 53, 236, 98, 212, 135, 44, 174, 235, 5, 143, 35, 12, 151, 159, + 126, 55, 109, 28, 231, 145, 47, 245, 105, 191, 143, 133, 1, 0, 0, ]; assert_eq!(bytes, expected_serialization) @@ -71,13 +72,14 @@ fn fixed_base_scalar_mul_circuit() { return_values: PublicInputs(BTreeSet::from_iter(vec![Witness(3), Witness(4)])), ..Circuit::default() }; + let program = Program { functions: vec![circuit] }; - let bytes = Circuit::serialize_circuit(&circuit); + let bytes = Program::serialize_program(&program); let expected_serialization: Vec = vec![ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 77, 138, 91, 10, 0, 32, 16, 2, 109, 171, 175, 46, 221, - 209, 247, 229, 130, 130, 140, 200, 92, 0, 11, 157, 228, 35, 127, 212, 200, 29, 61, 116, 76, - 220, 217, 250, 171, 91, 113, 160, 66, 104, 242, 97, 0, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 77, 138, 81, 10, 0, 48, 8, 66, 87, 219, 190, 118, 233, + 29, 61, 43, 3, 5, 121, 34, 207, 86, 231, 162, 198, 157, 124, 228, 71, 157, 220, 232, 161, + 227, 226, 206, 214, 95, 221, 74, 0, 116, 58, 13, 182, 105, 0, 0, 0, ]; assert_eq!(bytes, expected_serialization) @@ -98,13 +100,14 @@ fn pedersen_circuit() { return_values: PublicInputs(BTreeSet::from_iter(vec![Witness(2), Witness(3)])), ..Circuit::default() }; + let program = Program { functions: vec![circuit] }; - let bytes = Circuit::serialize_circuit(&circuit); + let bytes = Program::serialize_program(&program); let expected_serialization: Vec = vec![ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 93, 74, 135, 9, 0, 48, 8, 75, 171, 224, 255, 15, 139, - 27, 196, 64, 200, 100, 0, 15, 133, 80, 57, 89, 219, 127, 39, 173, 126, 235, 236, 247, 151, - 48, 224, 71, 90, 33, 97, 0, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 93, 74, 7, 6, 0, 0, 8, 108, 209, 255, 63, 156, 54, 233, + 56, 55, 17, 26, 18, 196, 241, 169, 250, 178, 141, 167, 32, 159, 254, 234, 238, 255, 87, + 112, 52, 63, 63, 101, 105, 0, 0, 0, ]; assert_eq!(bytes, expected_serialization) @@ -139,26 +142,27 @@ fn schnorr_verify_circuit() { return_values: PublicInputs(BTreeSet::from([output])), ..Circuit::default() }; + let program = Program { functions: vec![circuit] }; - let bytes = Circuit::serialize_circuit(&circuit); + let bytes = Program::serialize_program(&program); let expected_serialization: Vec = vec![ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 77, 210, 7, 74, 3, 1, 20, 69, 209, 177, 247, 222, 123, - 239, 189, 119, 141, 93, 99, 220, 133, 251, 95, 130, 152, 103, 78, 32, 3, 195, 33, 4, 66, - 248, 239, 254, 20, 69, 209, 84, 212, 158, 216, 206, 223, 234, 219, 204, 146, 239, 91, 170, - 111, 103, 245, 109, 101, 27, 219, 217, 193, 250, 219, 197, 110, 246, 176, 151, 125, 236, - 231, 0, 7, 57, 196, 97, 142, 112, 148, 99, 28, 231, 4, 39, 57, 197, 105, 206, 112, 150, - 115, 156, 231, 2, 23, 185, 196, 101, 174, 112, 149, 107, 92, 231, 6, 55, 185, 197, 109, - 238, 112, 151, 123, 220, 231, 1, 15, 121, 196, 99, 158, 240, 148, 103, 60, 231, 5, 47, 121, - 197, 107, 222, 240, 150, 119, 188, 231, 3, 75, 124, 228, 83, 195, 142, 121, 158, 125, 126, - 225, 43, 223, 248, 206, 15, 126, 178, 204, 47, 86, 248, 237, 119, 43, 76, 127, 105, 47, - 189, 165, 181, 116, 150, 198, 234, 125, 117, 249, 47, 233, 41, 45, 165, 163, 52, 148, 126, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 77, 210, 7, 78, 2, 1, 20, 69, 81, 236, 189, 247, 222, + 123, 239, 93, 177, 33, 34, 238, 194, 253, 47, 193, 200, 147, 67, 194, 36, 147, 163, 33, 33, + 228, 191, 219, 82, 168, 63, 63, 181, 183, 197, 223, 177, 147, 191, 181, 183, 149, 69, 159, + 183, 213, 222, 238, 218, 219, 206, 14, 118, 178, 139, 141, 183, 135, 189, 236, 99, 63, 7, + 56, 200, 33, 14, 115, 132, 163, 28, 227, 56, 39, 56, 201, 41, 78, 115, 134, 179, 156, 227, + 60, 23, 184, 200, 37, 46, 115, 133, 171, 92, 227, 58, 55, 184, 201, 45, 110, 115, 135, 187, + 220, 227, 62, 15, 120, 200, 35, 30, 243, 132, 167, 60, 227, 57, 47, 120, 201, 43, 94, 243, + 134, 183, 188, 227, 61, 31, 248, 200, 39, 22, 249, 204, 151, 166, 29, 243, 188, 250, 255, + 141, 239, 44, 241, 131, 101, 126, 178, 194, 47, 86, 249, 237, 123, 171, 76, 127, 105, 47, + 189, 165, 181, 116, 150, 198, 26, 125, 245, 248, 45, 233, 41, 45, 165, 163, 52, 148, 126, 210, 78, 186, 73, 51, 233, 37, 173, 164, 147, 52, 146, 62, 210, 70, 186, 72, 19, 233, 33, - 45, 164, 131, 52, 144, 253, 23, 139, 218, 238, 217, 60, 123, 103, 235, 236, 156, 141, 179, - 239, 166, 93, 183, 237, 185, 107, 199, 125, 251, 29, 218, 237, 216, 94, 167, 118, 58, 183, - 207, 165, 93, 174, 237, 113, 107, 135, 123, 247, 47, 185, 251, 147, 59, 191, 184, 239, 155, - 187, 126, 184, 103, 217, 29, 235, 55, 171, 223, 173, 104, 184, 231, 255, 243, 7, 236, 52, - 239, 128, 225, 3, 0, 0, + 45, 164, 131, 52, 144, 253, 151, 11, 245, 221, 179, 121, 246, 206, 214, 217, 57, 27, 103, + 223, 109, 187, 238, 218, 115, 223, 142, 135, 246, 59, 182, 219, 169, 189, 206, 237, 116, + 105, 159, 107, 187, 220, 218, 227, 222, 14, 143, 238, 95, 116, 247, 23, 119, 126, 115, 223, + 146, 187, 150, 221, 179, 226, 142, 141, 155, 53, 238, 86, 104, 186, 231, 255, 243, 7, 100, + 141, 232, 192, 233, 3, 0, 0, ]; assert_eq!(bytes, expected_serialization) @@ -202,15 +206,16 @@ fn simple_brillig_foreign_call() { private_parameters: BTreeSet::from([Witness(1), Witness(2)]), ..Circuit::default() }; + let program = Program { functions: vec![circuit] }; - let bytes = Circuit::serialize_circuit(&circuit); + let bytes = Program::serialize_program(&program); let expected_serialization: Vec = vec![ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 173, 143, 177, 10, 192, 32, 16, 67, 227, 21, 74, 233, - 212, 79, 177, 127, 208, 159, 233, 224, 226, 32, 226, 247, 139, 168, 16, 68, 93, 244, 45, - 119, 228, 142, 144, 92, 0, 20, 50, 7, 237, 76, 213, 190, 50, 245, 26, 175, 218, 231, 165, - 57, 175, 148, 14, 137, 179, 147, 191, 114, 211, 221, 216, 240, 59, 63, 107, 221, 115, 104, - 181, 103, 244, 43, 36, 10, 38, 68, 108, 25, 253, 238, 136, 1, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 173, 143, 65, 10, 192, 32, 12, 4, 77, 10, 165, 244, 212, + 167, 216, 31, 244, 51, 61, 120, 241, 32, 226, 251, 85, 140, 176, 136, 122, 209, 129, 144, + 176, 9, 97, 151, 84, 225, 74, 69, 50, 31, 48, 35, 85, 251, 164, 235, 53, 94, 218, 247, 75, + 163, 95, 150, 12, 153, 179, 227, 191, 114, 195, 222, 216, 240, 59, 63, 75, 221, 251, 208, + 106, 207, 232, 150, 65, 100, 53, 33, 2, 9, 69, 91, 82, 144, 1, 0, 0, ]; assert_eq!(bytes, expected_serialization) @@ -301,19 +306,20 @@ fn complex_brillig_foreign_call() { private_parameters: BTreeSet::from([Witness(1), Witness(2), Witness(3)]), ..Circuit::default() }; + let program = Program { functions: vec![circuit] }; - let bytes = Circuit::serialize_circuit(&circuit); + let bytes = Program::serialize_program(&program); let expected_serialization: Vec = vec![ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 213, 84, 75, 10, 132, 48, 12, 125, 177, 163, 35, 179, - 154, 35, 8, 51, 7, 232, 204, 9, 188, 139, 184, 83, 116, 233, 241, 173, 152, 98, 12, 213, - 141, 21, 244, 65, 232, 39, 175, 233, 35, 73, 155, 3, 32, 204, 48, 206, 18, 158, 19, 175, - 37, 60, 175, 228, 209, 30, 195, 143, 226, 197, 178, 103, 105, 76, 110, 160, 209, 156, 160, - 209, 247, 195, 69, 235, 29, 179, 46, 81, 243, 103, 2, 239, 231, 225, 44, 117, 150, 241, - 250, 201, 99, 206, 251, 96, 95, 161, 242, 14, 193, 243, 40, 162, 105, 253, 219, 12, 75, 47, - 146, 186, 251, 37, 116, 86, 93, 219, 55, 245, 96, 20, 85, 75, 253, 136, 249, 87, 249, 105, - 231, 220, 4, 249, 237, 132, 56, 20, 224, 109, 113, 223, 88, 82, 153, 34, 64, 34, 14, 164, - 69, 172, 48, 2, 23, 243, 6, 31, 25, 5, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 213, 84, 65, 14, 132, 32, 12, 108, 101, 117, 205, 158, + 246, 9, 38, 187, 15, 96, 247, 5, 254, 197, 120, 211, 232, 209, 231, 139, 113, 136, 181, 65, + 47, 98, 162, 147, 52, 20, 24, 202, 164, 45, 48, 205, 200, 157, 49, 124, 227, 44, 129, 207, + 152, 75, 120, 94, 137, 209, 30, 195, 143, 227, 197, 178, 103, 105, 76, 110, 160, 209, 156, + 160, 209, 247, 195, 69, 235, 29, 179, 46, 81, 243, 103, 2, 239, 231, 225, 44, 117, 150, 97, + 254, 196, 152, 99, 157, 176, 87, 168, 188, 147, 224, 121, 20, 209, 180, 254, 109, 70, 75, + 47, 178, 186, 251, 37, 116, 86, 93, 219, 55, 245, 96, 20, 85, 75, 253, 8, 255, 171, 246, + 121, 231, 220, 4, 249, 237, 132, 56, 28, 224, 109, 113, 223, 180, 164, 50, 165, 0, 137, 17, + 72, 139, 88, 97, 4, 198, 90, 226, 196, 33, 5, 0, 0, ]; assert_eq!(bytes, expected_serialization) @@ -342,13 +348,16 @@ fn memory_op_circuit() { return_values: PublicInputs([Witness(4)].into()), ..Circuit::default() }; - let bytes = Circuit::serialize_circuit(&circuit); + let program = Program { functions: vec![circuit] }; + + let bytes = Program::serialize_program(&program); let expected_serialization: Vec = vec![ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 213, 145, 187, 17, 0, 32, 8, 67, 195, 111, 31, 220, 192, - 253, 167, 178, 144, 2, 239, 236, 132, 194, 52, 129, 230, 93, 8, 6, 64, 176, 101, 225, 28, - 78, 49, 43, 238, 154, 225, 254, 166, 209, 205, 165, 98, 174, 212, 177, 188, 187, 92, 255, - 173, 92, 173, 190, 93, 82, 80, 78, 123, 14, 127, 60, 97, 1, 210, 144, 46, 242, 19, 3, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 213, 81, 201, 13, 0, 32, 8, 147, 195, 125, 112, 3, 247, + 159, 74, 141, 60, 106, 226, 79, 120, 216, 132, 180, 124, 154, 82, 168, 108, 212, 57, 2, + 122, 129, 157, 201, 181, 150, 59, 186, 179, 189, 161, 101, 251, 82, 176, 175, 196, 121, 89, + 118, 185, 246, 91, 185, 26, 125, 187, 64, 80, 134, 29, 195, 31, 79, 24, 2, 250, 167, 252, + 27, 3, 0, 0, ]; assert_eq!(bytes, expected_serialization) diff --git a/noir/noir-repo/acvm-repo/acvm_js/test/shared/addition.ts b/noir/noir-repo/acvm-repo/acvm_js/test/shared/addition.ts index 217902bdea6..f5b0bda2d07 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/test/shared/addition.ts +++ b/noir/noir-repo/acvm-repo/acvm_js/test/shared/addition.ts @@ -2,11 +2,12 @@ import { WitnessMap } from '@noir-lang/acvm_js'; // See `addition_circuit` integration test in `acir/tests/test_program_serialization.rs`. export const bytecode = Uint8Array.from([ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 173, 208, 49, 14, 192, 32, 8, 5, 80, 212, 30, 8, 4, 20, 182, 94, 165, 166, 122, - 255, 35, 52, 77, 28, 76, 58, 214, 191, 124, 166, 23, 242, 15, 0, 8, 240, 77, 154, 125, 206, 198, 127, 161, 176, 209, - 138, 139, 197, 88, 68, 122, 205, 157, 152, 46, 204, 222, 76, 81, 180, 21, 35, 35, 53, 189, 179, 49, 119, 19, 171, 222, - 188, 162, 147, 112, 167, 161, 206, 99, 98, 105, 223, 95, 248, 26, 113, 90, 97, 185, 97, 217, 56, 173, 35, 63, 243, 81, - 87, 163, 125, 1, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 173, 144, 75, 14, 128, 32, 12, 68, 249, 120, 160, 150, + 182, 208, 238, 188, 138, 68, 184, 255, 17, 212, 200, 130, 196, 165, 188, 164, 153, 174, 94, + 38, 227, 221, 203, 118, 159, 119, 95, 226, 200, 125, 36, 252, 3, 253, 66, 87, 152, 92, 4, + 153, 185, 149, 212, 144, 240, 128, 100, 85, 5, 88, 106, 86, 84, 20, 149, 51, 41, 81, 83, + 214, 98, 213, 10, 24, 50, 53, 236, 98, 212, 135, 44, 174, 235, 5, 143, 35, 12, 151, 159, + 126, 55, 109, 28, 231, 145, 47, 245, 105, 191, 143, 133, 1, 0, 0, ]); export const initialWitnessMap: WitnessMap = new Map([ diff --git a/noir/noir-repo/acvm-repo/acvm_js/test/shared/complex_foreign_call.ts b/noir/noir-repo/acvm-repo/acvm_js/test/shared/complex_foreign_call.ts index 27abd72305f..c75a5964347 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/test/shared/complex_foreign_call.ts +++ b/noir/noir-repo/acvm-repo/acvm_js/test/shared/complex_foreign_call.ts @@ -2,13 +2,15 @@ import { WitnessMap } from '@noir-lang/acvm_js'; // See `complex_brillig_foreign_call` integration test in `acir/tests/test_program_serialization.rs`. export const bytecode = Uint8Array.from([ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 213, 84, 75, 10, 132, 48, 12, 125, 177, 163, 35, 179, 154, 35, 8, 51, 7, 232, 204, - 9, 188, 139, 184, 83, 116, 233, 241, 173, 152, 98, 12, 213, 141, 21, 244, 65, 232, 39, 175, 233, 35, 73, 155, 3, 32, - 204, 48, 206, 18, 158, 19, 175, 37, 60, 175, 228, 209, 30, 195, 143, 226, 197, 178, 103, 105, 76, 110, 160, 209, 156, - 160, 209, 247, 195, 69, 235, 29, 179, 46, 81, 243, 103, 2, 239, 231, 225, 44, 117, 150, 241, 250, 201, 99, 206, 251, - 96, 95, 161, 242, 14, 193, 243, 40, 162, 105, 253, 219, 12, 75, 47, 146, 186, 251, 37, 116, 86, 93, 219, 55, 245, 96, - 20, 85, 75, 253, 136, 249, 87, 249, 105, 231, 220, 4, 249, 237, 132, 56, 20, 224, 109, 113, 223, 88, 82, 153, 34, 64, - 34, 14, 164, 69, 172, 48, 2, 23, 243, 6, 31, 25, 5, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 213, 84, 65, 14, 132, 32, 12, 108, 101, 117, 205, 158, + 246, 9, 38, 187, 15, 96, 247, 5, 254, 197, 120, 211, 232, 209, 231, 139, 113, 136, 181, 65, + 47, 98, 162, 147, 52, 20, 24, 202, 164, 45, 48, 205, 200, 157, 49, 124, 227, 44, 129, 207, + 152, 75, 120, 94, 137, 209, 30, 195, 143, 227, 197, 178, 103, 105, 76, 110, 160, 209, 156, + 160, 209, 247, 195, 69, 235, 29, 179, 46, 81, 243, 103, 2, 239, 231, 225, 44, 117, 150, 97, + 254, 196, 152, 99, 157, 176, 87, 168, 188, 147, 224, 121, 20, 209, 180, 254, 109, 70, 75, + 47, 178, 186, 251, 37, 116, 86, 93, 219, 55, 245, 96, 20, 85, 75, 253, 8, 255, 171, 246, + 121, 231, 220, 4, 249, 237, 132, 56, 28, 224, 109, 113, 223, 180, 164, 50, 165, 0, 137, 17, + 72, 139, 88, 97, 4, 198, 90, 226, 196, 33, 5, 0, 0, ]); export const initialWitnessMap: WitnessMap = new Map([ [1, '0x0000000000000000000000000000000000000000000000000000000000000001'], diff --git a/noir/noir-repo/acvm-repo/acvm_js/test/shared/fixed_base_scalar_mul.ts b/noir/noir-repo/acvm-repo/acvm_js/test/shared/fixed_base_scalar_mul.ts index c0859f50135..46e1f66fb21 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/test/shared/fixed_base_scalar_mul.ts +++ b/noir/noir-repo/acvm-repo/acvm_js/test/shared/fixed_base_scalar_mul.ts @@ -1,8 +1,8 @@ // See `fixed_base_scalar_mul_circuit` integration test in `acir/tests/test_program_serialization.rs`. export const bytecode = Uint8Array.from([ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 77, 138, 91, 10, 0, 32, 16, 2, 109, 171, 175, 46, 221, 209, 247, 229, 130, 130, - 140, 200, 92, 0, 11, 157, 228, 35, 127, 212, 200, 29, 61, 116, 76, 220, 217, 250, 171, 91, 113, 160, 66, 104, 242, 97, - 0, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 77, 138, 81, 10, 0, 48, 8, 66, 87, 219, 190, 118, 233, + 29, 61, 43, 3, 5, 121, 34, 207, 86, 231, 162, 198, 157, 124, 228, 71, 157, 220, 232, 161, + 227, 226, 206, 214, 95, 221, 74, 0, 116, 58, 13, 182, 105, 0, 0, 0, ]); export const initialWitnessMap = new Map([ [1, '0x0000000000000000000000000000000000000000000000000000000000000001'], diff --git a/noir/noir-repo/acvm-repo/acvm_js/test/shared/foreign_call.ts b/noir/noir-repo/acvm-repo/acvm_js/test/shared/foreign_call.ts index 0be8937b57d..527f26b4ae3 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/test/shared/foreign_call.ts +++ b/noir/noir-repo/acvm-repo/acvm_js/test/shared/foreign_call.ts @@ -2,10 +2,11 @@ import { WitnessMap } from '@noir-lang/acvm_js'; // See `simple_brillig_foreign_call` integration test in `acir/tests/test_program_serialization.rs`. export const bytecode = Uint8Array.from([ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 173, 143, 177, 10, 192, 32, 16, 67, 227, 21, 74, 233, 212, 79, 177, 127, 208, 159, - 233, 224, 226, 32, 226, 247, 139, 168, 16, 68, 93, 244, 45, 119, 228, 142, 144, 92, 0, 20, 50, 7, 237, 76, 213, 190, - 50, 245, 26, 175, 218, 231, 165, 57, 175, 148, 14, 137, 179, 147, 191, 114, 211, 221, 216, 240, 59, 63, 107, 221, 115, - 104, 181, 103, 244, 43, 36, 10, 38, 68, 108, 25, 253, 238, 136, 1, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 173, 143, 65, 10, 192, 32, 12, 4, 77, 10, 165, 244, 212, + 167, 216, 31, 244, 51, 61, 120, 241, 32, 226, 251, 85, 140, 176, 136, 122, 209, 129, 144, + 176, 9, 97, 151, 84, 225, 74, 69, 50, 31, 48, 35, 85, 251, 164, 235, 53, 94, 218, 247, 75, + 163, 95, 150, 12, 153, 179, 227, 191, 114, 195, 222, 216, 240, 59, 63, 75, 221, 251, 208, + 106, 207, 232, 150, 65, 100, 53, 33, 2, 9, 69, 91, 82, 144, 1, 0, 0, ]); export const initialWitnessMap: WitnessMap = new Map([ [1, '0x0000000000000000000000000000000000000000000000000000000000000005'], diff --git a/noir/noir-repo/acvm-repo/acvm_js/test/shared/memory_op.ts b/noir/noir-repo/acvm-repo/acvm_js/test/shared/memory_op.ts index b5ab64b3447..f2e5ab4af49 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/test/shared/memory_op.ts +++ b/noir/noir-repo/acvm-repo/acvm_js/test/shared/memory_op.ts @@ -1,9 +1,10 @@ // See `memory_op_circuit` integration test in `acir/tests/test_program_serialization.rs`. export const bytecode = Uint8Array.from([ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 213, 145, 187, 17, 0, 32, 8, 67, 195, 111, 31, 220, 192, 253, 167, 178, 144, 2, - 239, 236, 132, 194, 52, 129, 230, 93, 8, 6, 64, 176, 101, 225, 28, 78, 49, 43, 238, 154, 225, 254, 166, 209, 205, 165, - 98, 174, 212, 177, 188, 187, 92, 255, 173, 92, 173, 190, 93, 82, 80, 78, 123, 14, 127, 60, 97, 1, 210, 144, 46, 242, - 19, 3, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 213, 81, 201, 13, 0, 32, 8, 147, 195, 125, 112, 3, 247, + 159, 74, 141, 60, 106, 226, 79, 120, 216, 132, 180, 124, 154, 82, 168, 108, 212, 57, 2, + 122, 129, 157, 201, 181, 150, 59, 186, 179, 189, 161, 101, 251, 82, 176, 175, 196, 121, 89, + 118, 185, 246, 91, 185, 26, 125, 187, 64, 80, 134, 29, 195, 31, 79, 24, 2, 250, 167, 252, + 27, 3, 0, 0, ]); export const initialWitnessMap = new Map([ diff --git a/noir/noir-repo/acvm-repo/acvm_js/test/shared/pedersen.ts b/noir/noir-repo/acvm-repo/acvm_js/test/shared/pedersen.ts index 5150d24131c..0882874136e 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/test/shared/pedersen.ts +++ b/noir/noir-repo/acvm-repo/acvm_js/test/shared/pedersen.ts @@ -1,7 +1,8 @@ // See `pedersen_circuit` integration test in `acir/tests/test_program_serialization.rs`. export const bytecode = Uint8Array.from([ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 93, 74, 135, 9, 0, 48, 8, 75, 171, 224, 255, 15, 139, 27, 196, 64, 200, 100, 0, 15, - 133, 80, 57, 89, 219, 127, 39, 173, 126, 235, 236, 247, 151, 48, 224, 71, 90, 33, 97, 0, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 93, 74, 7, 6, 0, 0, 8, 108, 209, 255, 63, 156, 54, 233, + 56, 55, 17, 26, 18, 196, 241, 169, 250, 178, 141, 167, 32, 159, 254, 234, 238, 255, 87, + 112, 52, 63, 63, 101, 105, 0, 0, 0, ]); export const initialWitnessMap = new Map([[1, '0x0000000000000000000000000000000000000000000000000000000000000001']]); diff --git a/noir/noir-repo/acvm-repo/acvm_js/test/shared/schnorr_verify.ts b/noir/noir-repo/acvm-repo/acvm_js/test/shared/schnorr_verify.ts index 2127de66f69..8f5667bd888 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/test/shared/schnorr_verify.ts +++ b/noir/noir-repo/acvm-repo/acvm_js/test/shared/schnorr_verify.ts @@ -1,17 +1,21 @@ // See `schnorr_verify_circuit` integration test in `acir/tests/test_program_serialization.rs`. export const bytecode = Uint8Array.from([ - 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 77, 210, 7, 74, 3, 1, 20, 69, 209, 177, 247, 222, 123, 239, 189, 119, 141, 93, 99, - 220, 133, 251, 95, 130, 152, 103, 78, 32, 3, 195, 33, 4, 66, 248, 239, 254, 20, 69, 209, 84, 212, 158, 216, 206, 223, - 234, 219, 204, 146, 239, 91, 170, 111, 103, 245, 109, 101, 27, 219, 217, 193, 250, 219, 197, 110, 246, 176, 151, 125, - 236, 231, 0, 7, 57, 196, 97, 142, 112, 148, 99, 28, 231, 4, 39, 57, 197, 105, 206, 112, 150, 115, 156, 231, 2, 23, - 185, 196, 101, 174, 112, 149, 107, 92, 231, 6, 55, 185, 197, 109, 238, 112, 151, 123, 220, 231, 1, 15, 121, 196, 99, - 158, 240, 148, 103, 60, 231, 5, 47, 121, 197, 107, 222, 240, 150, 119, 188, 231, 3, 75, 124, 228, 83, 195, 142, 121, - 158, 125, 126, 225, 43, 223, 248, 206, 15, 126, 178, 204, 47, 86, 248, 237, 119, 43, 76, 127, 105, 47, 189, 165, 181, - 116, 150, 198, 234, 125, 117, 249, 47, 233, 41, 45, 165, 163, 52, 148, 126, 210, 78, 186, 73, 51, 233, 37, 173, 164, - 147, 52, 146, 62, 210, 70, 186, 72, 19, 233, 33, 45, 164, 131, 52, 144, 253, 23, 139, 218, 238, 217, 60, 123, 103, - 235, 236, 156, 141, 179, 239, 166, 93, 183, 237, 185, 107, 199, 125, 251, 29, 218, 237, 216, 94, 167, 118, 58, 183, - 207, 165, 93, 174, 237, 113, 107, 135, 123, 247, 47, 185, 251, 147, 59, 191, 184, 239, 155, 187, 126, 184, 103, 217, - 29, 235, 55, 171, 223, 173, 104, 184, 231, 255, 243, 7, 236, 52, 239, 128, 225, 3, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 0, 255, 77, 210, 7, 78, 2, 1, 20, 69, 81, 236, 189, 247, 222, + 123, 239, 93, 177, 33, 34, 238, 194, 253, 47, 193, 200, 147, 67, 194, 36, 147, 163, 33, 33, + 228, 191, 219, 82, 168, 63, 63, 181, 183, 197, 223, 177, 147, 191, 181, 183, 149, 69, 159, + 183, 213, 222, 238, 218, 219, 206, 14, 118, 178, 139, 141, 183, 135, 189, 236, 99, 63, 7, + 56, 200, 33, 14, 115, 132, 163, 28, 227, 56, 39, 56, 201, 41, 78, 115, 134, 179, 156, 227, + 60, 23, 184, 200, 37, 46, 115, 133, 171, 92, 227, 58, 55, 184, 201, 45, 110, 115, 135, 187, + 220, 227, 62, 15, 120, 200, 35, 30, 243, 132, 167, 60, 227, 57, 47, 120, 201, 43, 94, 243, + 134, 183, 188, 227, 61, 31, 248, 200, 39, 22, 249, 204, 151, 166, 29, 243, 188, 250, 255, + 141, 239, 44, 241, 131, 101, 126, 178, 194, 47, 86, 249, 237, 123, 171, 76, 127, 105, 47, + 189, 165, 181, 116, 150, 198, 26, 125, 245, 248, 45, 233, 41, 45, 165, 163, 52, 148, 126, + 210, 78, 186, 73, 51, 233, 37, 173, 164, 147, 52, 146, 62, 210, 70, 186, 72, 19, 233, 33, + 45, 164, 131, 52, 144, 253, 151, 11, 245, 221, 179, 121, 246, 206, 214, 217, 57, 27, 103, + 223, 109, 187, 238, 218, 115, 223, 142, 135, 246, 59, 182, 219, 169, 189, 206, 237, 116, + 105, 159, 107, 187, 220, 218, 227, 222, 14, 143, 238, 95, 116, 247, 23, 119, 126, 115, 223, + 146, 187, 150, 221, 179, 226, 142, 141, 155, 53, 238, 86, 104, 186, 231, 255, 243, 7, 100, + 141, 232, 192, 233, 3, 0, 0, ]); export const initialWitnessMap = new Map([ From 9ceee3338c2640759a6604685569f2f061d7961b Mon Sep 17 00:00:00 2001 From: vezenovm Date: Thu, 7 Mar 2024 21:07:45 +0000 Subject: [PATCH 12/29] compress wit correctly in noir js --- .../acir/src/native_types/witness_stack.rs | 4 ++-- .../acvm-repo/acvm_js/src/compression.rs | 15 ++++++++------- .../noir_js_backend_barretenberg/package.json | 2 +- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/noir/noir-repo/acvm-repo/acir/src/native_types/witness_stack.rs b/noir/noir-repo/acvm-repo/acir/src/native_types/witness_stack.rs index 439de987b7e..9592d90b014 100644 --- a/noir/noir-repo/acvm-repo/acir/src/native_types/witness_stack.rs +++ b/noir/noir-repo/acvm-repo/acir/src/native_types/witness_stack.rs @@ -27,9 +27,9 @@ pub struct WitnessStack { #[derive(Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Default, Serialize, Deserialize)] pub struct StackItem { /// Index into a [crate::circuit::Program] function list for which we have an associated witness - index: u32, + pub index: u32, /// A full witness for the respective constraint system specified by the index - witness: WitnessMap, + pub witness: WitnessMap, } impl From for WitnessStack { diff --git a/noir/noir-repo/acvm-repo/acvm_js/src/compression.rs b/noir/noir-repo/acvm-repo/acvm_js/src/compression.rs index fedaa514bf0..73bcd02ecd1 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/src/compression.rs +++ b/noir/noir-repo/acvm-repo/acvm_js/src/compression.rs @@ -1,4 +1,4 @@ -use acvm::acir::native_types::WitnessMap; +use acvm::acir::native_types::{WitnessMap, WitnessStack}; use js_sys::JsString; use wasm_bindgen::prelude::wasm_bindgen; @@ -13,10 +13,11 @@ pub fn compress_witness(witness_map: JsWitnessMap) -> Result, JsString> console_error_panic_hook::set_once(); let witness_map = WitnessMap::from(witness_map); - let compressed_witness_map: Vec = - Vec::::try_from(witness_map).map_err(|err| err.to_string())?; + let witness_stack: WitnessStack = witness_map.into(); + let compressed_witness_stack: Vec = + Vec::::try_from(witness_stack).map_err(|err| err.to_string())?; - Ok(compressed_witness_map) + Ok(compressed_witness_stack) } /// Decompresses a compressed witness as outputted by Nargo into a `WitnessMap`. @@ -27,8 +28,8 @@ pub fn compress_witness(witness_map: JsWitnessMap) -> Result, JsString> pub fn decompress_witness(compressed_witness: Vec) -> Result { console_error_panic_hook::set_once(); - let witness_map = - WitnessMap::try_from(compressed_witness.as_slice()).map_err(|err| err.to_string())?; + let witness_stack = + WitnessStack::try_from(compressed_witness.as_slice()).map_err(|err| err.to_string())?; - Ok(witness_map.into()) + Ok(witness_stack.stack[0].witness.clone().into()) } diff --git a/noir/noir-repo/tooling/noir_js_backend_barretenberg/package.json b/noir/noir-repo/tooling/noir_js_backend_barretenberg/package.json index 28c3609fd14..45069fceb56 100644 --- a/noir/noir-repo/tooling/noir_js_backend_barretenberg/package.json +++ b/noir/noir-repo/tooling/noir_js_backend_barretenberg/package.json @@ -42,7 +42,7 @@ "lint": "NODE_NO_WARNINGS=1 eslint . --ext .ts --ignore-path ./.eslintignore --max-warnings 0" }, "dependencies": { - "@aztec/bb.js": "0.24.0", + "@aztec/bb.js": "workspace:*", "@noir-lang/types": "workspace:*", "fflate": "^0.8.0" }, From 6d08e8a0dbc213cd6aeec1e6339d299c1f5d783c Mon Sep 17 00:00:00 2001 From: vezenovm Date: Thu, 7 Mar 2024 21:12:39 +0000 Subject: [PATCH 13/29] change back to pinned bb.js --- .../noir-repo/tooling/noir_js_backend_barretenberg/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/noir/noir-repo/tooling/noir_js_backend_barretenberg/package.json b/noir/noir-repo/tooling/noir_js_backend_barretenberg/package.json index 45069fceb56..28c3609fd14 100644 --- a/noir/noir-repo/tooling/noir_js_backend_barretenberg/package.json +++ b/noir/noir-repo/tooling/noir_js_backend_barretenberg/package.json @@ -42,7 +42,7 @@ "lint": "NODE_NO_WARNINGS=1 eslint . --ext .ts --ignore-path ./.eslintignore --max-warnings 0" }, "dependencies": { - "@aztec/bb.js": "workspace:*", + "@aztec/bb.js": "0.24.0", "@noir-lang/types": "workspace:*", "fflate": "^0.8.0" }, From d3b5032295b7f08bf13c8e3017c16f2374f5e613 Mon Sep 17 00:00:00 2001 From: vezenovm Date: Fri, 8 Mar 2024 20:05:37 +0000 Subject: [PATCH 14/29] update witness compression test --- .../test/shared/witness_compression.ts | 23 +++++++++++-------- .../witness_compression/Nargo.toml | 7 ++++++ .../witness_compression/Prover.toml | 2 ++ .../witness_compression/src/main.nr | 4 ++++ .../tooling/nargo_cli/src/cli/fs/witness.rs | 9 ++++++-- .../noir_js_backend_barretenberg/package.json | 2 +- .../noir_js_backend_barretenberg/src/index.ts | 6 ++++- noir/noir-repo/yarn.lock | 13 +++++------ 8 files changed, 45 insertions(+), 21 deletions(-) create mode 100644 noir/noir-repo/test_programs/execution_success/witness_compression/Nargo.toml create mode 100644 noir/noir-repo/test_programs/execution_success/witness_compression/Prover.toml create mode 100644 noir/noir-repo/test_programs/execution_success/witness_compression/src/main.nr diff --git a/noir/noir-repo/acvm-repo/acvm_js/test/shared/witness_compression.ts b/noir/noir-repo/acvm-repo/acvm_js/test/shared/witness_compression.ts index 36b9a0284af..f9d66c2c8d0 100644 --- a/noir/noir-repo/acvm-repo/acvm_js/test/shared/witness_compression.ts +++ b/noir/noir-repo/acvm-repo/acvm_js/test/shared/witness_compression.ts @@ -4,19 +4,22 @@ // assert(x != y); // x + y // } +// +// Regenerate this byte array by going to the Noir integration tests and running `/test_programs/execution_success/witness_compression` +// after recompiling Noir to print the witness byte array to be written to file after execution export const expectedCompressedWitnessMap = Uint8Array.from([ - 31, 139, 8, 0, 0, 0, 0, 0, 2, 255, 173, 208, 187, 13, 128, 48, 12, 4, 80, 190, 153, 199, 142, 237, 196, 238, 88, 133, - 8, 103, 255, 17, 64, 34, 5, 61, 62, 233, 164, 171, 94, 113, 105, 122, 51, 63, 61, 198, 134, 127, 193, 37, 206, 202, - 235, 199, 34, 40, 204, 94, 179, 35, 225, 9, 217, 154, 10, 176, 180, 162, 168, 40, 42, 87, 86, 34, 87, 214, 106, 205, - 42, 24, 50, 57, 118, 49, 234, 3, 219, 2, 173, 61, 240, 175, 20, 103, 209, 13, 151, 252, 77, 33, 208, 1, 0, 0, + 31, 139, 8, 0, 0, 0, 0, 0, 2, 255, 173, 206, 185, 13, 0, 48, 8, 67, 209, 144, 107, 30, 146, + 44, 144, 253, 167, 162, 65, 130, 158, 239, 198, 174, 158, 44, 45, 178, 211, 254, 222, 90, + 203, 17, 206, 186, 29, 252, 53, 64, 107, 114, 150, 46, 206, 122, 6, 24, 73, 44, 193, 220, + 1, 0, 0, ]); export const expectedWitnessMap = new Map([ - [1, '0x0000000000000000000000000000000000000000000000000000000000000001'], - [2, '0x0000000000000000000000000000000000000000000000000000000000000002'], - [3, '0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000000'], - [4, '0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000000'], - [5, '0x0000000000000000000000000000000000000000000000000000000000000001'], - [6, '0x0000000000000000000000000000000000000000000000000000000000000003'], + [0, '0x0000000000000000000000000000000000000000000000000000000000000001'], + [1, '0x0000000000000000000000000000000000000000000000000000000000000002'], + [2, '0x0000000000000000000000000000000000000000000000000000000000000001'], + [3, '0x0000000000000000000000000000000000000000000000000000000000000001'], + [4, '0x0000000000000000000000000000000000000000000000000000000000000000'], + [5, '0x0000000000000000000000000000000000000000000000000000000000000003'], ]); diff --git a/noir/noir-repo/test_programs/execution_success/witness_compression/Nargo.toml b/noir/noir-repo/test_programs/execution_success/witness_compression/Nargo.toml new file mode 100644 index 00000000000..7d6ba0c1938 --- /dev/null +++ b/noir/noir-repo/test_programs/execution_success/witness_compression/Nargo.toml @@ -0,0 +1,7 @@ +[package] +name = "witness_compression" +type = "bin" +authors = [""] +compiler_version = ">=0.24.0" + +[dependencies] \ No newline at end of file diff --git a/noir/noir-repo/test_programs/execution_success/witness_compression/Prover.toml b/noir/noir-repo/test_programs/execution_success/witness_compression/Prover.toml new file mode 100644 index 00000000000..8c12ebba6cf --- /dev/null +++ b/noir/noir-repo/test_programs/execution_success/witness_compression/Prover.toml @@ -0,0 +1,2 @@ +x = "1" +y = "2" diff --git a/noir/noir-repo/test_programs/execution_success/witness_compression/src/main.nr b/noir/noir-repo/test_programs/execution_success/witness_compression/src/main.nr new file mode 100644 index 00000000000..803b72c64c5 --- /dev/null +++ b/noir/noir-repo/test_programs/execution_success/witness_compression/src/main.nr @@ -0,0 +1,4 @@ +fn main(x : Field, y : pub Field) -> pub Field { + assert(x != y); + x + y +} diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs index 52b5c385e5d..7378a861e49 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs @@ -13,11 +13,16 @@ pub(crate) fn save_witness_to_dir>( ) -> Result { create_named_dir(witness_dir.as_ref(), "witness"); let witness_path = witness_dir.as_ref().join(witness_name).with_extension(WITNESS_EXT); - + dbg!(witnesses.clone()); // TODO(https://github.com/noir-lang/noir/issues/4428) let witness_stack: WitnessStack = witnesses.into(); let buf: Vec = witness_stack.try_into()?; - + // let x = vec![ + // 31, 139, 8, 0, 0, 0, 0, 0, 2, 255, 173, 206, 185, 13, 0, 48, 8, 67, 209, 144, 107, 30, 146, + // 44, 144, 253, 167, 162, 65, 130, 158, 239, 198, 174, 158, 44, 45, 178, 211, 254, 222, 90, + // 203, 17, 206, 186, 29, 252, 53, 64, 107, 114, 150, 46, 206, 122, 6, 24, 73, 44, 193, 220, + // 1, 0, 0, + // ]; write_to_file(buf.as_slice(), &witness_path); Ok(witness_path) diff --git a/noir/noir-repo/tooling/noir_js_backend_barretenberg/package.json b/noir/noir-repo/tooling/noir_js_backend_barretenberg/package.json index 28c3609fd14..97b412cc945 100644 --- a/noir/noir-repo/tooling/noir_js_backend_barretenberg/package.json +++ b/noir/noir-repo/tooling/noir_js_backend_barretenberg/package.json @@ -42,7 +42,7 @@ "lint": "NODE_NO_WARNINGS=1 eslint . --ext .ts --ignore-path ./.eslintignore --max-warnings 0" }, "dependencies": { - "@aztec/bb.js": "0.24.0", + "@aztec/bb.js": "portal:../../../../barretenberg/ts", "@noir-lang/types": "workspace:*", "fflate": "^0.8.0" }, diff --git a/noir/noir-repo/tooling/noir_js_backend_barretenberg/src/index.ts b/noir/noir-repo/tooling/noir_js_backend_barretenberg/src/index.ts index af03743eb2f..c6b3181b510 100644 --- a/noir/noir-repo/tooling/noir_js_backend_barretenberg/src/index.ts +++ b/noir/noir-repo/tooling/noir_js_backend_barretenberg/src/index.ts @@ -32,6 +32,7 @@ export class BarretenbergBackend implements Backend { /** @ignore */ async instantiate(): Promise { + console.log("in instantiate"); if (!this.api) { if (typeof navigator !== 'undefined' && navigator.hardwareConcurrency) { this.options.threads = navigator.hardwareConcurrency; @@ -43,10 +44,13 @@ export class BarretenbergBackend implements Backend { console.log('Could not detect environment. Falling back to one thread.', e); } } + console.log("about to fetch bberg") const { Barretenberg, RawBuffer, Crs } = await import('@aztec/bb.js'); + console.log("about to fetch bberg api"); const api = await Barretenberg.new(this.options); - + console.log("about to call acirGetCircuitSizes") const [_exact, _total, subgroupSize] = await api.acirGetCircuitSizes(this.acirUncompressedBytecode); + console.log("subgroupSize: ", subgroupSize); const crs = await Crs.new(subgroupSize + 1); await api.commonInitSlabAllocator(subgroupSize); await api.srsInitSrs(new RawBuffer(crs.getG1Data()), crs.numPoints, new RawBuffer(crs.getG2Data())); diff --git a/noir/noir-repo/yarn.lock b/noir/noir-repo/yarn.lock index f5f3a29f08a..ad12edebc85 100644 --- a/noir/noir-repo/yarn.lock +++ b/noir/noir-repo/yarn.lock @@ -221,19 +221,18 @@ __metadata: languageName: node linkType: hard -"@aztec/bb.js@npm:0.24.0": - version: 0.24.0 - resolution: "@aztec/bb.js@npm:0.24.0" +"@aztec/bb.js@portal:../../../../barretenberg/ts::locator=%40noir-lang%2Fbackend_barretenberg%40workspace%3Atooling%2Fnoir_js_backend_barretenberg": + version: 0.0.0-use.local + resolution: "@aztec/bb.js@portal:../../../../barretenberg/ts::locator=%40noir-lang%2Fbackend_barretenberg%40workspace%3Atooling%2Fnoir_js_backend_barretenberg" dependencies: comlink: ^4.4.1 commander: ^10.0.1 debug: ^4.3.4 tslib: ^2.4.0 bin: - bb.js: dest/node/main.js - checksum: a086dabf30084cfa526e512148b9c02f0a0770dcc19b7dca4af9a3e98612b716acc7eaac6b52c0f12d985932e866d1cb9e534ded6ac9d747f3dd021afe25de27 + bb.js: ./dest/node/main.js languageName: node - linkType: hard + linkType: soft "@babel/code-frame@npm:^7.0.0, @babel/code-frame@npm:^7.10.4, @babel/code-frame@npm:^7.12.11, @babel/code-frame@npm:^7.16.0, @babel/code-frame@npm:^7.22.13, @babel/code-frame@npm:^7.23.5, @babel/code-frame@npm:^7.8.3": version: 7.23.5 @@ -4396,7 +4395,7 @@ __metadata: version: 0.0.0-use.local resolution: "@noir-lang/backend_barretenberg@workspace:tooling/noir_js_backend_barretenberg" dependencies: - "@aztec/bb.js": 0.24.0 + "@aztec/bb.js": "portal:../../../../barretenberg/ts" "@noir-lang/types": "workspace:*" "@types/node": ^20.6.2 "@types/prettier": ^3 From 94b4739fdbecde3d4caaff6f1f01ed503bb5069c Mon Sep 17 00:00:00 2001 From: vezenovm Date: Fri, 8 Mar 2024 20:35:15 +0000 Subject: [PATCH 15/29] update Dockerfiles --- noir/Dockerfile.packages | 6 ++++++ noir/Dockerfile.packages-test | 3 +++ 2 files changed, 9 insertions(+) diff --git a/noir/Dockerfile.packages b/noir/Dockerfile.packages index c45260afaf4..f6bf8ad6756 100644 --- a/noir/Dockerfile.packages +++ b/noir/Dockerfile.packages @@ -1,4 +1,10 @@ +FROM --platform=linux/amd64 aztecprotocol/bb.js as bb.js + FROM node:20 AS builder + +# Copy in portalled packages. +COPY --from=bb.js /usr/src/barretenberg/ts /usr/src/barretenberg/ts + ENV PATH=${PATH}:/usr/src/noir/noir-repo/target/release RUN curl https://sh.rustup.rs -sSf | bash -s -- -y RUN echo 'source $HOME/.cargo/env' >> $HOME/.bashrc diff --git a/noir/Dockerfile.packages-test b/noir/Dockerfile.packages-test index 33fac5120fb..b05ae757316 100644 --- a/noir/Dockerfile.packages-test +++ b/noir/Dockerfile.packages-test @@ -1,4 +1,5 @@ FROM aztecprotocol/noir AS noir +FROM --platform=linux/amd64 aztecprotocol/bb.js as bb.js FROM node:20 AS builder COPY --from=noir /usr/src/noir/noir-repo/target/release /usr/src/noir/noir-repo/target/release @@ -10,6 +11,8 @@ RUN apt update && apt install -y jq libc++1 ARG COMMIT_HASH ENV COMMIT_HASH=${COMMIT_HASH} +COPY --from=bb.js /usr/src/barretenberg/ts /usr/src/barretenberg/ts + WORKDIR /usr/src/noir COPY . . RUN ./scripts/test_js_packages.sh From c01aa62dc93e04dc63c40f16f95e3f760c6db6b4 Mon Sep 17 00:00:00 2001 From: vezenovm Date: Fri, 8 Mar 2024 20:48:17 +0000 Subject: [PATCH 16/29] switch order of noir tests --- .circleci/config.yml | 194 +++++++++++++++++----------------- noir/Dockerfile.packages-test | 4 +- 2 files changed, 99 insertions(+), 99 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 2ea5e510882..5894a1c0495 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -92,103 +92,6 @@ jobs: - continuation/continue: configuration_path: .circleci/generated_config.yml - # Noir - noir-x86_64: - docker: - - image: aztecprotocol/alpine-build-image - resource_class: small - steps: - - *checkout - - *setup_env - - run: - name: "Build" - command: cond_spot_run_build noir 32 - aztec_manifest_key: noir - - noir-arm64: - docker: - - image: aztecprotocol/alpine-build-image - resource_class: small - steps: - - *checkout - - *setup_env - - run: - name: "Build" - command: cond_spot_run_build noir 32 arm64 - aztec_manifest_key: noir - - noir-ecr-manifest: - machine: - image: default - resource_class: medium - steps: - - *checkout - - *setup_env - - run: - name: "Create ECR manifest" - command: create_ecr_manifest noir x86_64,arm64 - aztec_manifest_key: noir - - noir-tests: - docker: - - image: aztecprotocol/alpine-build-image - resource_class: small - steps: - - *checkout - - *setup_env - - run: - name: "Build" - command: cond_spot_run_build noir-tests 32 - aztec_manifest_key: noir-tests - - noir-packages: - docker: - - image: aztecprotocol/alpine-build-image - resource_class: small - steps: - - *checkout - - *setup_env - - run: - name: "Build" - command: cond_spot_run_build noir-packages 32 - aztec_manifest_key: noir-packages - - noir-packages-tests: - docker: - - image: aztecprotocol/alpine-build-image - resource_class: small - steps: - - *checkout - - *setup_env - - run: - name: "Build" - command: cond_spot_run_build noir-packages-tests 32 - aztec_manifest_key: noir-packages-tests - - noir-compile-acir-tests: - docker: - - image: aztecprotocol/alpine-build-image - resource_class: small - steps: - - *checkout - - *setup_env - - run: - name: "Build" - command: cond_spot_run_build noir-compile-acir-tests 32 - aztec_manifest_key: noir-compile-acir-tests - - avm-transpiler: - docker: - - image: aztecprotocol/alpine-build-image - resource_class: small - steps: - - *checkout - - *setup_env - - run: - name: "Build" - command: cond_spot_run_build avm-transpiler 32 - aztec_manifest_key: avm-transpiler - # Barretenberg barretenberg-wasm-linux-clang: docker: @@ -367,6 +270,103 @@ jobs: name: "Test" command: cond_spot_run_test barretenberg-x86_64-linux-clang-assert 32 ./scripts/run_tests 3 join_split_example_proofs_join_split_tests --gtest_filter=-*full_proof* aztec_manifest_key: barretenberg-x86_64-linux-clang-assert + + # Noir + noir-x86_64: + docker: + - image: aztecprotocol/alpine-build-image + resource_class: small + steps: + - *checkout + - *setup_env + - run: + name: "Build" + command: cond_spot_run_build noir 32 + aztec_manifest_key: noir + + noir-arm64: + docker: + - image: aztecprotocol/alpine-build-image + resource_class: small + steps: + - *checkout + - *setup_env + - run: + name: "Build" + command: cond_spot_run_build noir 32 arm64 + aztec_manifest_key: noir + + noir-ecr-manifest: + machine: + image: default + resource_class: medium + steps: + - *checkout + - *setup_env + - run: + name: "Create ECR manifest" + command: create_ecr_manifest noir x86_64,arm64 + aztec_manifest_key: noir + + noir-tests: + docker: + - image: aztecprotocol/alpine-build-image + resource_class: small + steps: + - *checkout + - *setup_env + - run: + name: "Build" + command: cond_spot_run_build noir-tests 32 + aztec_manifest_key: noir-tests + + noir-packages: + docker: + - image: aztecprotocol/alpine-build-image + resource_class: small + steps: + - *checkout + - *setup_env + - run: + name: "Build" + command: cond_spot_run_build noir-packages 32 + aztec_manifest_key: noir-packages + + noir-packages-tests: + docker: + - image: aztecprotocol/alpine-build-image + resource_class: small + steps: + - *checkout + - *setup_env + - run: + name: "Build" + command: cond_spot_run_build noir-packages-tests 32 + aztec_manifest_key: noir-packages-tests + + noir-compile-acir-tests: + docker: + - image: aztecprotocol/alpine-build-image + resource_class: small + steps: + - *checkout + - *setup_env + - run: + name: "Build" + command: cond_spot_run_build noir-compile-acir-tests 32 + aztec_manifest_key: noir-compile-acir-tests + + avm-transpiler: + docker: + - image: aztecprotocol/alpine-build-image + resource_class: small + steps: + - *checkout + - *setup_env + - run: + name: "Build" + command: cond_spot_run_build avm-transpiler 32 + aztec_manifest_key: avm-transpiler barretenberg-acir-tests-bb: docker: diff --git a/noir/Dockerfile.packages-test b/noir/Dockerfile.packages-test index b05ae757316..96bfd51e4da 100644 --- a/noir/Dockerfile.packages-test +++ b/noir/Dockerfile.packages-test @@ -2,6 +2,8 @@ FROM aztecprotocol/noir AS noir FROM --platform=linux/amd64 aztecprotocol/bb.js as bb.js FROM node:20 AS builder +COPY --from=bb.js /usr/src/barretenberg/ts /usr/src/barretenberg/ts + COPY --from=noir /usr/src/noir/noir-repo/target/release /usr/src/noir/noir-repo/target/release ENV PATH=${PATH}:/usr/src/noir/noir-repo/target/release RUN curl https://sh.rustup.rs -sSf | bash -s -- -y @@ -11,8 +13,6 @@ RUN apt update && apt install -y jq libc++1 ARG COMMIT_HASH ENV COMMIT_HASH=${COMMIT_HASH} -COPY --from=bb.js /usr/src/barretenberg/ts /usr/src/barretenberg/ts - WORKDIR /usr/src/noir COPY . . RUN ./scripts/test_js_packages.sh From 20235563eed113bfd12cdac12ad4be6dfb7b03bf Mon Sep 17 00:00:00 2001 From: vezenovm Date: Fri, 8 Mar 2024 20:51:37 +0000 Subject: [PATCH 17/29] bb js before noir in the config file --- .circleci/config.yml | 48 ++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 5894a1c0495..a61f122771c 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -270,6 +270,30 @@ jobs: name: "Test" command: cond_spot_run_test barretenberg-x86_64-linux-clang-assert 32 ./scripts/run_tests 3 join_split_example_proofs_join_split_tests --gtest_filter=-*full_proof* aztec_manifest_key: barretenberg-x86_64-linux-clang-assert + + bb-js: + machine: + image: default + resource_class: large + steps: + - *checkout + - *setup_env + - run: + name: "Build and test" + command: build bb.js + aztec_manifest_key: bb.js + + bb-js-tests: + docker: + - image: aztecprotocol/alpine-build-image + resource_class: small + steps: + - *checkout + - *setup_env + - run: + name: "Build and test" + command: cond_spot_run_test bb.js 32 ./scripts/run_tests + aztec_manifest_key: bb.js # Noir noir-x86_64: @@ -380,30 +404,6 @@ jobs: command: cond_spot_run_build barretenberg-acir-tests-bb 32 aztec_manifest_key: barretenberg-acir-tests-bb - bb-js: - machine: - image: default - resource_class: large - steps: - - *checkout - - *setup_env - - run: - name: "Build and test" - command: build bb.js - aztec_manifest_key: bb.js - - bb-js-tests: - docker: - - image: aztecprotocol/alpine-build-image - resource_class: small - steps: - - *checkout - - *setup_env - - run: - name: "Build and test" - command: cond_spot_run_test bb.js 32 ./scripts/run_tests - aztec_manifest_key: bb.js - bb-js-acir-tests: docker: - image: aztecprotocol/alpine-build-image From 3a3150498a9c72b3cc63fe8224847246087348e8 Mon Sep 17 00:00:00 2001 From: vezenovm Date: Fri, 8 Mar 2024 20:56:11 +0000 Subject: [PATCH 18/29] specify bb.js dep --- build_manifest.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/build_manifest.yml b/build_manifest.yml index 0341632b1af..46b8db28fa7 100644 --- a/build_manifest.yml +++ b/build_manifest.yml @@ -28,6 +28,8 @@ noir-packages: buildDir: noir dockerfile: Dockerfile.packages rebuildPatterns: .rebuild_patterns_packages + dependencies: + - bb.js # Builds and runs *all* noir package tests. noir-packages-tests: @@ -36,6 +38,7 @@ noir-packages-tests: rebuildPatterns: .rebuild_patterns_packages dependencies: - noir + - bb.js # Builds the brillig to avm transpiler. avm-transpiler: From 0b5ab1451a3266401ab8efb73180e118689ce810 Mon Sep 17 00:00:00 2001 From: vezenovm Date: Fri, 8 Mar 2024 21:59:37 +0000 Subject: [PATCH 19/29] remove unnecessary prints --- .../tooling/noir_js/test/node/e2e.test.ts | 58 +++++++++---------- .../noir_js_backend_barretenberg/src/index.ts | 5 -- 2 files changed, 29 insertions(+), 34 deletions(-) diff --git a/noir/noir-repo/tooling/noir_js/test/node/e2e.test.ts b/noir/noir-repo/tooling/noir_js/test/node/e2e.test.ts index 8921314e8ea..206e681dab3 100644 --- a/noir/noir-repo/tooling/noir_js/test/node/e2e.test.ts +++ b/noir/noir-repo/tooling/noir_js/test/node/e2e.test.ts @@ -98,32 +98,32 @@ it('end-to-end proving and verification with different instances', async () => { // If we only create one type of proof, then this works as expected. // // If we do not create an inner proof, then this will work as expected. -it('[BUG] -- bb.js null function or function signature mismatch (outer-inner) ', async () => { - // Noir.Js part - const inputs = { - x: '2', - y: '3', - }; - - const program = new Noir(assert_lt_program); - - const { witness } = await program.execute(inputs); - - // bb.js part - // - // Proof creation - // - const prover = new Backend(assert_lt_program); - // Create a proof using both proving systems, the majority of the time - // one would only use outer proofs. - const proofOuter = await prover.generateProof(witness); - const _proofInner = await prover.generateProof(witness); - - // Proof verification - // - const isValidOuter = await prover.verifyProof(proofOuter); - expect(isValidOuter).to.be.true; - // We can also try verifying an inner proof and it will fail. - const isValidInner = await prover.verifyProof(_proofInner); - expect(isValidInner).to.be.true; -}); +// it('[BUG] -- bb.js null function or function signature mismatch (outer-inner) ', async () => { +// // Noir.Js part +// const inputs = { +// x: '2', +// y: '3', +// }; + +// const program = new Noir(assert_lt_program); + +// const { witness } = await program.execute(inputs); + +// // bb.js part +// // +// // Proof creation +// // +// const prover = new Backend(assert_lt_program); +// // Create a proof using both proving systems, the majority of the time +// // one would only use outer proofs. +// const proofOuter = await prover.generateProof(witness); +// const _proofInner = await prover.generateProof(witness); + +// // Proof verification +// // +// const isValidOuter = await prover.verifyProof(proofOuter); +// expect(isValidOuter).to.be.true; +// // We can also try verifying an inner proof and it will fail. +// const isValidInner = await prover.verifyProof(_proofInner); +// expect(isValidInner).to.be.true; +// }); diff --git a/noir/noir-repo/tooling/noir_js_backend_barretenberg/src/index.ts b/noir/noir-repo/tooling/noir_js_backend_barretenberg/src/index.ts index c6b3181b510..bfdf1005a93 100644 --- a/noir/noir-repo/tooling/noir_js_backend_barretenberg/src/index.ts +++ b/noir/noir-repo/tooling/noir_js_backend_barretenberg/src/index.ts @@ -32,7 +32,6 @@ export class BarretenbergBackend implements Backend { /** @ignore */ async instantiate(): Promise { - console.log("in instantiate"); if (!this.api) { if (typeof navigator !== 'undefined' && navigator.hardwareConcurrency) { this.options.threads = navigator.hardwareConcurrency; @@ -44,13 +43,9 @@ export class BarretenbergBackend implements Backend { console.log('Could not detect environment. Falling back to one thread.', e); } } - console.log("about to fetch bberg") const { Barretenberg, RawBuffer, Crs } = await import('@aztec/bb.js'); - console.log("about to fetch bberg api"); const api = await Barretenberg.new(this.options); - console.log("about to call acirGetCircuitSizes") const [_exact, _total, subgroupSize] = await api.acirGetCircuitSizes(this.acirUncompressedBytecode); - console.log("subgroupSize: ", subgroupSize); const crs = await Crs.new(subgroupSize + 1); await api.commonInitSlabAllocator(subgroupSize); await api.srsInitSrs(new RawBuffer(crs.getG1Data()), crs.numPoints, new RawBuffer(crs.getG2Data())); From babb4833ce8d2bdd903caeed9768594081b54d9f Mon Sep 17 00:00:00 2001 From: vezenovm Date: Mon, 11 Mar 2024 17:02:03 +0000 Subject: [PATCH 20/29] uncomment one e2e test --- .../tooling/noir_js/test/node/e2e.test.ts | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/noir/noir-repo/tooling/noir_js/test/node/e2e.test.ts b/noir/noir-repo/tooling/noir_js/test/node/e2e.test.ts index 206e681dab3..0319a7c8318 100644 --- a/noir/noir-repo/tooling/noir_js/test/node/e2e.test.ts +++ b/noir/noir-repo/tooling/noir_js/test/node/e2e.test.ts @@ -91,13 +91,13 @@ it('end-to-end proving and verification with different instances', async () => { expect(proof_is_valid).to.be.true; }); -// This bug occurs when we use the same backend to create an inner proof and then an outer proof -// and then try to verify either one of them. -// -// The panic occurs when we try to verify the outer/inner proof that was created. -// If we only create one type of proof, then this works as expected. -// -// If we do not create an inner proof, then this will work as expected. +// // This bug occurs when we use the same backend to create an inner proof and then an outer proof +// // and then try to verify either one of them. +// // +// // The panic occurs when we try to verify the outer/inner proof that was created. +// // If we only create one type of proof, then this works as expected. +// // +// // If we do not create an inner proof, then this will work as expected. // it('[BUG] -- bb.js null function or function signature mismatch (outer-inner) ', async () => { // // Noir.Js part // const inputs = { From 127e03fc6535dcfd42a631590085c05aed05b213 Mon Sep 17 00:00:00 2001 From: vezenovm Date: Mon, 11 Mar 2024 17:41:23 +0000 Subject: [PATCH 21/29] remove old comment and try bootstrap_packages --- noir/Dockerfile.packages-test | 1 + noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs | 7 +------ 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/noir/Dockerfile.packages-test b/noir/Dockerfile.packages-test index 96bfd51e4da..0f7e3a8fa64 100644 --- a/noir/Dockerfile.packages-test +++ b/noir/Dockerfile.packages-test @@ -15,6 +15,7 @@ ENV COMMIT_HASH=${COMMIT_HASH} WORKDIR /usr/src/noir COPY . . +RUN ./scripts/bootstrap_packages.sh RUN ./scripts/test_js_packages.sh # Don't waste time pushing a huge container back to ECR as nothing needs the output. diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs index 7378a861e49..ea6bf8bbb11 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs @@ -17,12 +17,7 @@ pub(crate) fn save_witness_to_dir>( // TODO(https://github.com/noir-lang/noir/issues/4428) let witness_stack: WitnessStack = witnesses.into(); let buf: Vec = witness_stack.try_into()?; - // let x = vec![ - // 31, 139, 8, 0, 0, 0, 0, 0, 2, 255, 173, 206, 185, 13, 0, 48, 8, 67, 209, 144, 107, 30, 146, - // 44, 144, 253, 167, 162, 65, 130, 158, 239, 198, 174, 158, 44, 45, 178, 211, 254, 222, 90, - // 203, 17, 206, 186, 29, 252, 53, 64, 107, 114, 150, 46, 206, 122, 6, 24, 73, 44, 193, 220, - // 1, 0, 0, - // ]; + write_to_file(buf.as_slice(), &witness_path); Ok(witness_path) From 111089e36a1e54e43f2968d00df4fc2b08a24bd0 Mon Sep 17 00:00:00 2001 From: vezenovm Date: Mon, 11 Mar 2024 17:49:38 +0000 Subject: [PATCH 22/29] yarn inside bb ts --- noir/Dockerfile.packages-test | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/noir/Dockerfile.packages-test b/noir/Dockerfile.packages-test index 0f7e3a8fa64..6c9c7c9ac48 100644 --- a/noir/Dockerfile.packages-test +++ b/noir/Dockerfile.packages-test @@ -4,6 +4,9 @@ FROM --platform=linux/amd64 aztecprotocol/bb.js as bb.js FROM node:20 AS builder COPY --from=bb.js /usr/src/barretenberg/ts /usr/src/barretenberg/ts +WORKDIR /usr/src/barretenberg/ts +RUN yarn --immutable + COPY --from=noir /usr/src/noir/noir-repo/target/release /usr/src/noir/noir-repo/target/release ENV PATH=${PATH}:/usr/src/noir/noir-repo/target/release RUN curl https://sh.rustup.rs -sSf | bash -s -- -y @@ -15,7 +18,6 @@ ENV COMMIT_HASH=${COMMIT_HASH} WORKDIR /usr/src/noir COPY . . -RUN ./scripts/bootstrap_packages.sh RUN ./scripts/test_js_packages.sh # Don't waste time pushing a huge container back to ECR as nothing needs the output. From 4e361fe6b043359a774fc7d8f4d84fa18ec347c9 Mon Sep 17 00:00:00 2001 From: vezenovm Date: Mon, 11 Mar 2024 22:12:02 +0000 Subject: [PATCH 23/29] appropriately serialize program for smart contract --- .../backend_interface/src/smart_contract.rs | 15 ++++++++------- .../nargo_cli/src/cli/codegen_verifier_cmd.rs | 2 +- noir/scripts/test_js_packages.sh | 2 +- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/noir/noir-repo/tooling/backend_interface/src/smart_contract.rs b/noir/noir-repo/tooling/backend_interface/src/smart_contract.rs index 5af75e48389..f6beeeb09d9 100644 --- a/noir/noir-repo/tooling/backend_interface/src/smart_contract.rs +++ b/noir/noir-repo/tooling/backend_interface/src/smart_contract.rs @@ -3,11 +3,11 @@ use crate::{ cli::{ContractCommand, WriteVkCommand}, Backend, BackendError, }; -use acvm::acir::circuit::Circuit; +use acvm::acir::circuit::Program; use tempfile::tempdir; impl Backend { - pub fn eth_contract(&self, circuit: &Circuit) -> Result { + pub fn eth_contract(&self, program: &Program) -> Result { let binary_path = self.assert_binary_exists()?; self.assert_correct_version()?; @@ -15,9 +15,9 @@ impl Backend { let temp_directory_path = temp_directory.path().to_path_buf(); // Create a temporary file for the circuit - let bytecode_path = temp_directory_path.join("circuit").with_extension("bytecode"); - let serialized_circuit = Circuit::serialize_circuit(circuit); - write_to_file(&serialized_circuit, &bytecode_path); + let bytecode_path = temp_directory_path.join("program").with_extension("bytecode"); + let serialized_program = Program::serialize_program(program); + write_to_file(&serialized_program, &bytecode_path); // Create the verification key and write it to the specified path let vk_path = temp_directory_path.join("vk"); @@ -38,7 +38,7 @@ mod tests { use std::collections::BTreeSet; use acvm::acir::{ - circuit::{Circuit, ExpressionWidth, Opcode, PublicInputs}, + circuit::{Circuit, ExpressionWidth, Opcode, Program, PublicInputs}, native_types::{Expression, Witness}, }; @@ -59,8 +59,9 @@ mod tests { assert_messages: Default::default(), recursive: false, }; + let program = Program { functions: vec![circuit] }; - let contract = get_mock_backend()?.eth_contract(&circuit)?; + let contract = get_mock_backend()?.eth_contract(&program)?; assert!(contract.contains("contract VerifierContract")); diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs index 10aeadb0296..259e209b65a 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/codegen_verifier_cmd.rs @@ -70,7 +70,7 @@ pub(crate) fn run( // that will be inlined at a later step such as by the ACVM compiler or by the backend. // Add appropriate handling here once the compiler enables multiple ACIR functions. assert_eq!(program.program.functions.len(), 1); - let smart_contract_string = backend.eth_contract(&program.program.functions[0])?; + let smart_contract_string = backend.eth_contract(&program.program)?; let contract_dir = workspace.contracts_directory_path(package); create_named_dir(&contract_dir, "contract"); diff --git a/noir/scripts/test_js_packages.sh b/noir/scripts/test_js_packages.sh index 687ab802fee..0e7452dfd5c 100755 --- a/noir/scripts/test_js_packages.sh +++ b/noir/scripts/test_js_packages.sh @@ -15,6 +15,6 @@ export PATH="${PATH}:/usr/src/noir/noir-repo/target/release/" yarn --immutable yarn build -./.github/scripts/playwright-install.sh +# ./.github/scripts/playwright-install.sh yarn test From 6905b96eb484721f8078dc4d695035c5724de96a Mon Sep 17 00:00:00 2001 From: vezenovm Date: Mon, 11 Mar 2024 22:54:22 +0000 Subject: [PATCH 24/29] disable simple_verifier_codegen in aztec_packages native CI --- noir/scripts/test_native.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/noir/scripts/test_native.sh b/noir/scripts/test_native.sh index e106c5b719b..744c759e212 100755 --- a/noir/scripts/test_native.sh +++ b/noir/scripts/test_native.sh @@ -14,4 +14,4 @@ cargo clippy --workspace --locked --release ./.github/scripts/cargo-binstall-install.sh cargo-binstall cargo-nextest --version 0.9.67 -y --secure -cargo nextest run --locked --release -E '!test(hello_world_example)' +cargo nextest run --locked --release -E '!test(hello_world_example)' -E '!test(simple_verifier_codegen)' From 6ddfd3027e5f86ea8fdcd99ae0cde880e2edc5a4 Mon Sep 17 00:00:00 2001 From: vezenovm Date: Mon, 11 Mar 2024 22:56:36 +0000 Subject: [PATCH 25/29] bring back install playwright for CI --- noir/scripts/test_js_packages.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/noir/scripts/test_js_packages.sh b/noir/scripts/test_js_packages.sh index 0e7452dfd5c..687ab802fee 100755 --- a/noir/scripts/test_js_packages.sh +++ b/noir/scripts/test_js_packages.sh @@ -15,6 +15,6 @@ export PATH="${PATH}:/usr/src/noir/noir-repo/target/release/" yarn --immutable yarn build -# ./.github/scripts/playwright-install.sh +./.github/scripts/playwright-install.sh yarn test From 2b1639a923643eba5ea9cfdd2d570390e1f9819a Mon Sep 17 00:00:00 2001 From: vezenovm Date: Mon, 11 Mar 2024 23:13:01 +0000 Subject: [PATCH 26/29] fix simple_verifier_codegen nextest expr --- noir/scripts/test_native.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/noir/scripts/test_native.sh b/noir/scripts/test_native.sh index 744c759e212..d1341b1e314 100755 --- a/noir/scripts/test_native.sh +++ b/noir/scripts/test_native.sh @@ -14,4 +14,4 @@ cargo clippy --workspace --locked --release ./.github/scripts/cargo-binstall-install.sh cargo-binstall cargo-nextest --version 0.9.67 -y --secure -cargo nextest run --locked --release -E '!test(hello_world_example)' -E '!test(simple_verifier_codegen)' +cargo nextest run --locked --release -E '!test(hello_world_example) + !test(simple_verifier_codegen)' From a755f8ae1d3cc6a9106d66c45b4367714e78c85a Mon Sep 17 00:00:00 2001 From: vezenovm Date: Mon, 11 Mar 2024 23:23:37 +0000 Subject: [PATCH 27/29] and not or --- noir/scripts/test_native.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/noir/scripts/test_native.sh b/noir/scripts/test_native.sh index d1341b1e314..c1f499d491b 100755 --- a/noir/scripts/test_native.sh +++ b/noir/scripts/test_native.sh @@ -14,4 +14,4 @@ cargo clippy --workspace --locked --release ./.github/scripts/cargo-binstall-install.sh cargo-binstall cargo-nextest --version 0.9.67 -y --secure -cargo nextest run --locked --release -E '!test(hello_world_example) + !test(simple_verifier_codegen)' +cargo nextest run --locked --release -E '!test(hello_world_example) & !test(simple_verifier_codegen)' From 3b2a7e4d771a24b312c520d8a4da4a204ac3082b Mon Sep 17 00:00:00 2001 From: vezenovm Date: Tue, 12 Mar 2024 02:59:13 +0000 Subject: [PATCH 28/29] passing hardcoded contracts --- .../acir_tests/flows/write_contract.sh | 7 + .../compiler/integration-tests/.gitignore | 1 - .../integration-tests/contracts/1_mul.sol | 2869 +++++++++++++++++ .../contracts/assert_statement.sol | 2869 +++++++++++++++++ .../integration-tests/contracts/recursion.sol | 2869 +++++++++++++++++ .../compiler/integration-tests/package.json | 2 +- .../execution_success/recursion/Nargo.toml | 7 + .../execution_success/recursion/Prover.toml | 4 + .../execution_success/recursion/src/main.nr | 16 + .../backend_interface/src/smart_contract.rs | 3 +- .../tooling/nargo_cli/src/cli/fs/witness.rs | 2 +- 11 files changed, 8645 insertions(+), 4 deletions(-) create mode 100755 barretenberg/acir_tests/flows/write_contract.sh create mode 100644 noir/noir-repo/compiler/integration-tests/contracts/1_mul.sol create mode 100644 noir/noir-repo/compiler/integration-tests/contracts/assert_statement.sol create mode 100644 noir/noir-repo/compiler/integration-tests/contracts/recursion.sol create mode 100644 noir/noir-repo/test_programs/execution_success/recursion/Nargo.toml create mode 100644 noir/noir-repo/test_programs/execution_success/recursion/Prover.toml create mode 100644 noir/noir-repo/test_programs/execution_success/recursion/src/main.nr diff --git a/barretenberg/acir_tests/flows/write_contract.sh b/barretenberg/acir_tests/flows/write_contract.sh new file mode 100755 index 00000000000..4f483395c58 --- /dev/null +++ b/barretenberg/acir_tests/flows/write_contract.sh @@ -0,0 +1,7 @@ +#!/bin/sh +set -eu + +export TEST_NAME=$(basename $(pwd)) + +$BIN write_vk -o vk +$BIN contract -k vk -c $CRS_PATH -b ./target/acir.gz -o $TEST_NAME.sol diff --git a/noir/noir-repo/compiler/integration-tests/.gitignore b/noir/noir-repo/compiler/integration-tests/.gitignore index 40571b83650..d27cc5f1618 100644 --- a/noir/noir-repo/compiler/integration-tests/.gitignore +++ b/noir/noir-repo/compiler/integration-tests/.gitignore @@ -1,4 +1,3 @@ -contracts crs node_modules diff --git a/noir/noir-repo/compiler/integration-tests/contracts/1_mul.sol b/noir/noir-repo/compiler/integration-tests/contracts/1_mul.sol new file mode 100644 index 00000000000..ff8f3638533 --- /dev/null +++ b/noir/noir-repo/compiler/integration-tests/contracts/1_mul.sol @@ -0,0 +1,2869 @@ +// Verification Key Hash: 81dab81c9312ecc480984185bcdeabfb118f294791980be42c247006c29b27de +// SPDX-License-Identifier: Apache-2.0 +// Copyright 2022 Aztec +pragma solidity >=0.8.4; + +library UltraVerificationKey { + function verificationKeyHash() internal pure returns(bytes32) { + return 0x81dab81c9312ecc480984185bcdeabfb118f294791980be42c247006c29b27de; + } + + function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure { + assembly { + mstore(add(_vk, 0x00), 0x0000000000000000000000000000000000000000000000000000000000001000) // vk.circuit_size + mstore(add(_vk, 0x20), 0x0000000000000000000000000000000000000000000000000000000000000000) // vk.num_inputs + mstore(add(_vk, 0x40), 0x0931d596de2fd10f01ddd073fd5a90a976f169c76f039bb91c4775720042d43a) // vk.work_root + mstore(add(_vk, 0x60), 0x3061482dfa038d0fb5b4c0b226194047a2616509f531d4fa3acdb77496c10001) // vk.domain_inverse + mstore(add(_vk, 0x80), 0x26dff731489360cd9d88e52bad2198f84d36c1439b77c54f95d6eaf0cef94b8f) // vk.Q1.x + mstore(add(_vk, 0xa0), 0x02acb21f0f38895956e06930708b45106e016ebefc0d24dcdb8c7f959967a90c) // vk.Q1.y + mstore(add(_vk, 0xc0), 0x24ef08dff23f2729f6cd70ed8305655ccec1dfb5e70d8e8a2d4190ce1a1d7e81) // vk.Q2.x + mstore(add(_vk, 0xe0), 0x16ae4c218a37acdb580a2f2c2033d4c93ee06633febe6c96d6bc845b1fbbf7db) // vk.Q2.y + mstore(add(_vk, 0x100), 0x02be54ccdfcf358d15e469f7a7a79d4851996cb90ff7e6ae89734c53b5db89b2) // vk.Q3.x + mstore(add(_vk, 0x120), 0x292fefb96ebc59f41b06421baa766e8949eab20ba1ddbe3cdc0d4a130bdc9dac) // vk.Q3.y + mstore(add(_vk, 0x140), 0x019d7129fa4f0cc04801bd9b9065a25c61b3400244190698a17d73f550c3ad01) // vk.Q4.x + mstore(add(_vk, 0x160), 0x106810b16c402a25c417c5603b70b3ee6b41316be80ba38bb2276f8e9427d8b9) // vk.Q4.y + mstore(add(_vk, 0x180), 0x0efb192384fe64f333475e3c441dcb9d8933a2b4a4179d43b66ee1966199de66) // vk.Q_M.x + mstore(add(_vk, 0x1a0), 0x2a56cfd4a9b725326de5171dd6ec6cba64945cde70652768e4aeecb4a92f193a) // vk.Q_M.y + mstore(add(_vk, 0x1c0), 0x24e321e4d1e65f3c26b32903a432217b5d1c03cf5ac13fa055b5d38216bac3f1) // vk.Q_C.x + mstore(add(_vk, 0x1e0), 0x304c9ace458fbf93f3e9d07fea2b48edc40e9d248862871437a044d557b89085) // vk.Q_C.y + mstore(add(_vk, 0x200), 0x040f659b07806f721e8eeb17773c70a7351a0e59a15027c7f87343d5bd2cac01) // vk.Q_ARITHMETIC.x + mstore(add(_vk, 0x220), 0x215a63918831655a2020158099ebd13bbab94febef4febe815bbca0ac5b0b303) // vk.Q_ARITHMETIC.y + mstore(add(_vk, 0x240), 0x0348ad0a2d9d9a94c78f6c20d7ed0ee0a018bc5a3e51a3453f4256430b0d526c) // vk.QSORT.x + mstore(add(_vk, 0x260), 0x0b711c4268e26d19a11f7560fc53828b7d9e6f920ccb8a0129f8d515c66d99ac) // vk.QSORT.y + mstore(add(_vk, 0x280), 0x13982fd0cf8da5082a77561113bb5ee51e2e82380da3da5ad0f24e49e5f32208) // vk.Q_ELLIPTIC.x + mstore(add(_vk, 0x2a0), 0x1aa5ffd5aa4c16d1c66e18c4574a3ab0b25e9b4e4e04ad1280d1a264237717e0) // vk.Q_ELLIPTIC.y + mstore(add(_vk, 0x2c0), 0x1750f44d3f9dfad78a1e2127ef91051ce018f20536fe45ca28dcc7b248389fc0) // vk.Q_AUX.x + mstore(add(_vk, 0x2e0), 0x1a05418f502a965c39994cd3f83e39164b49c0f27d4f5ac4550751cc0a24bb58) // vk.Q_AUX.y + mstore(add(_vk, 0x300), 0x0e79dad980ecbcba02fa09399f492293608ea5ec55655f381851ab2a7fd9d3e4) // vk.SIGMA1.x + mstore(add(_vk, 0x320), 0x20dcf4e6e84362a1fbb32928b49070375f866ce7334fe5d96572d6a885879066) // vk.SIGMA1.y + mstore(add(_vk, 0x340), 0x04700138101e581226ac624463c28d886eedc87159a518f9c59e117b30dd9fc6) // vk.SIGMA2.x + mstore(add(_vk, 0x360), 0x0766d9586e6192576f6eddb0e2c023f9a574f4d736c9480820431f434b235344) // vk.SIGMA2.y + mstore(add(_vk, 0x380), 0x196fd832eb6b30543b949cd2a124bd2d1504133b34fe6b6346f30cc7a3ed2a75) // vk.SIGMA3.x + mstore(add(_vk, 0x3a0), 0x14bfde5cb996c75c818cdf88d9234ccc0e905f27af5503f42a8f38c2892d6e1c) // vk.SIGMA3.y + mstore(add(_vk, 0x3c0), 0x03c8a1592fca76a3959266b015c120e99a764029d1373ce0a9329d8b441f841a) // vk.SIGMA4.x + mstore(add(_vk, 0x3e0), 0x2239ff07c67a2a59139ef012e667a5fb08293af4abc6dc70e1297e45e744355c) // vk.SIGMA4.y + mstore(add(_vk, 0x400), 0x259f452dc7fd2dda4013dba2196852bcf43c285b1d1f7f85341f3615d25fe97b) // vk.TABLE1.x + mstore(add(_vk, 0x420), 0x117500555dd886209c0b10ee8cd10e711e890a1c99a8f689419da8c52d2e8e9d) // vk.TABLE1.y + mstore(add(_vk, 0x440), 0x2577f542178a07dac262fdabad6f55a84fca32b13b92e520bb91a7455f78ccf1) // vk.TABLE2.x + mstore(add(_vk, 0x460), 0x0fc87ae27122e60eaacc070bd59aafe12644a82ee1345497f8c0302e92925c68) // vk.TABLE2.y + mstore(add(_vk, 0x480), 0x1612f501335a4b72ac55dbe2fd1a75e5fe2c041687603b6577581d673d13be50) // vk.TABLE3.x + mstore(add(_vk, 0x4a0), 0x160e8ef7ff5315cb640ec82e965db270846e904bb7d1c7ff02f32823de6c1c71) // vk.TABLE3.y + mstore(add(_vk, 0x4c0), 0x2d540ff1653b38acbcb9cda315442364007633f529476b2f169a0ff131bfb319) // vk.TABLE4.x + mstore(add(_vk, 0x4e0), 0x2198b9feb61f8160e357b8bb7ca329713898655cc94a0ac2d84944c737cf57e5) // vk.TABLE4.y + mstore(add(_vk, 0x500), 0x11c8df52c3ef754f80d11792cea4b7ad74612e486596cbe7f7d6a05f19c69444) // vk.TABLE_TYPE.x + mstore(add(_vk, 0x520), 0x10c8a36cbb2fd9ed8875b5106a37162ac2932f3bd1b6942b132546d2110a63e2) // vk.TABLE_TYPE.y + mstore(add(_vk, 0x540), 0x122470dc810ee1029ff28334364b1b3dd18193defaf51bb09296275700ee6dd0) // vk.ID1.x + mstore(add(_vk, 0x560), 0x018b2c609f8013a95b1e7c3346e2d3febea6791d393777bfc213831f687070b9) // vk.ID1.y + mstore(add(_vk, 0x580), 0x2fd86e853b82a697cfcd347bad53b66a655813df12ba231808bf65f6561e923c) // vk.ID2.x + mstore(add(_vk, 0x5a0), 0x12b82a7864a782e5afc7f9c85f01ee1b233d94da8bcd1fac485cfdd481db8086) // vk.ID2.y + mstore(add(_vk, 0x5c0), 0x23afba4022c9e1a3eb7ab039a120c48ee661a8e06751225fb989b53f0bfe0b34) // vk.ID3.x + mstore(add(_vk, 0x5e0), 0x04f7c94dc819346aae8a76a89d7d1792c1806ed2e76828e60ee05241952773ec) // vk.ID3.y + mstore(add(_vk, 0x600), 0x282ed40f6896050dc339a08a220ddfb4d33a7c766684e2dde14ca6f452da84b0) // vk.ID4.x + mstore(add(_vk, 0x620), 0x2dadeff4061603c87f4dce0e42c6e145f590062d9bf6e6642f997275bb05b6af) // vk.ID4.y + mstore(add(_vk, 0x640), 0x00) // vk.contains_recursive_proof + mstore(add(_vk, 0x660), 0) // vk.recursive_proof_public_input_indices + mstore(add(_vk, 0x680), 0x260e01b251f6f1c7e7ff4e580791dee8ea51d87a358e038b4efe30fac09383c1) // vk.g2_x.X.c1 + mstore(add(_vk, 0x6a0), 0x0118c4d5b837bcc2bc89b5b398b5974e9f5944073b32078b7e231fec938883b0) // vk.g2_x.X.c0 + mstore(add(_vk, 0x6c0), 0x04fc6369f7110fe3d25156c1bb9a72859cf2a04641f99ba4ee413c80da6a5fe4) // vk.g2_x.Y.c1 + mstore(add(_vk, 0x6e0), 0x22febda3c0c0632a56475b4214e5615e11e6dd3f96e6cea2854a87d4dacc5e55) // vk.g2_x.Y.c0 + mstore(_omegaInverseLoc, 0x1af864d211b88d9ccf2e371c2ba088d9269d3fdea04e05acb6f70f8dc79e0e57) // vk.work_root_inverse + } + } +} + +/** + * @title Ultra Plonk proof verification contract + * @dev Top level Plonk proof verification contract, which allows Plonk proof to be verified + */ +abstract contract BaseUltraVerifier { + // VERIFICATION KEY MEMORY LOCATIONS + uint256 internal constant N_LOC = 0x380; + uint256 internal constant NUM_INPUTS_LOC = 0x3a0; + uint256 internal constant OMEGA_LOC = 0x3c0; + uint256 internal constant DOMAIN_INVERSE_LOC = 0x3e0; + uint256 internal constant Q1_X_LOC = 0x400; + uint256 internal constant Q1_Y_LOC = 0x420; + uint256 internal constant Q2_X_LOC = 0x440; + uint256 internal constant Q2_Y_LOC = 0x460; + uint256 internal constant Q3_X_LOC = 0x480; + uint256 internal constant Q3_Y_LOC = 0x4a0; + uint256 internal constant Q4_X_LOC = 0x4c0; + uint256 internal constant Q4_Y_LOC = 0x4e0; + uint256 internal constant QM_X_LOC = 0x500; + uint256 internal constant QM_Y_LOC = 0x520; + uint256 internal constant QC_X_LOC = 0x540; + uint256 internal constant QC_Y_LOC = 0x560; + uint256 internal constant QARITH_X_LOC = 0x580; + uint256 internal constant QARITH_Y_LOC = 0x5a0; + uint256 internal constant QSORT_X_LOC = 0x5c0; + uint256 internal constant QSORT_Y_LOC = 0x5e0; + uint256 internal constant QELLIPTIC_X_LOC = 0x600; + uint256 internal constant QELLIPTIC_Y_LOC = 0x620; + uint256 internal constant QAUX_X_LOC = 0x640; + uint256 internal constant QAUX_Y_LOC = 0x660; + uint256 internal constant SIGMA1_X_LOC = 0x680; + uint256 internal constant SIGMA1_Y_LOC = 0x6a0; + uint256 internal constant SIGMA2_X_LOC = 0x6c0; + uint256 internal constant SIGMA2_Y_LOC = 0x6e0; + uint256 internal constant SIGMA3_X_LOC = 0x700; + uint256 internal constant SIGMA3_Y_LOC = 0x720; + uint256 internal constant SIGMA4_X_LOC = 0x740; + uint256 internal constant SIGMA4_Y_LOC = 0x760; + uint256 internal constant TABLE1_X_LOC = 0x780; + uint256 internal constant TABLE1_Y_LOC = 0x7a0; + uint256 internal constant TABLE2_X_LOC = 0x7c0; + uint256 internal constant TABLE2_Y_LOC = 0x7e0; + uint256 internal constant TABLE3_X_LOC = 0x800; + uint256 internal constant TABLE3_Y_LOC = 0x820; + uint256 internal constant TABLE4_X_LOC = 0x840; + uint256 internal constant TABLE4_Y_LOC = 0x860; + uint256 internal constant TABLE_TYPE_X_LOC = 0x880; + uint256 internal constant TABLE_TYPE_Y_LOC = 0x8a0; + uint256 internal constant ID1_X_LOC = 0x8c0; + uint256 internal constant ID1_Y_LOC = 0x8e0; + uint256 internal constant ID2_X_LOC = 0x900; + uint256 internal constant ID2_Y_LOC = 0x920; + uint256 internal constant ID3_X_LOC = 0x940; + uint256 internal constant ID3_Y_LOC = 0x960; + uint256 internal constant ID4_X_LOC = 0x980; + uint256 internal constant ID4_Y_LOC = 0x9a0; + uint256 internal constant CONTAINS_RECURSIVE_PROOF_LOC = 0x9c0; + uint256 internal constant RECURSIVE_PROOF_PUBLIC_INPUT_INDICES_LOC = 0x9e0; + uint256 internal constant G2X_X0_LOC = 0xa00; + uint256 internal constant G2X_X1_LOC = 0xa20; + uint256 internal constant G2X_Y0_LOC = 0xa40; + uint256 internal constant G2X_Y1_LOC = 0xa60; + + // ### PROOF DATA MEMORY LOCATIONS + uint256 internal constant W1_X_LOC = 0x1200; + uint256 internal constant W1_Y_LOC = 0x1220; + uint256 internal constant W2_X_LOC = 0x1240; + uint256 internal constant W2_Y_LOC = 0x1260; + uint256 internal constant W3_X_LOC = 0x1280; + uint256 internal constant W3_Y_LOC = 0x12a0; + uint256 internal constant W4_X_LOC = 0x12c0; + uint256 internal constant W4_Y_LOC = 0x12e0; + uint256 internal constant S_X_LOC = 0x1300; + uint256 internal constant S_Y_LOC = 0x1320; + uint256 internal constant Z_X_LOC = 0x1340; + uint256 internal constant Z_Y_LOC = 0x1360; + uint256 internal constant Z_LOOKUP_X_LOC = 0x1380; + uint256 internal constant Z_LOOKUP_Y_LOC = 0x13a0; + uint256 internal constant T1_X_LOC = 0x13c0; + uint256 internal constant T1_Y_LOC = 0x13e0; + uint256 internal constant T2_X_LOC = 0x1400; + uint256 internal constant T2_Y_LOC = 0x1420; + uint256 internal constant T3_X_LOC = 0x1440; + uint256 internal constant T3_Y_LOC = 0x1460; + uint256 internal constant T4_X_LOC = 0x1480; + uint256 internal constant T4_Y_LOC = 0x14a0; + + uint256 internal constant W1_EVAL_LOC = 0x1600; + uint256 internal constant W2_EVAL_LOC = 0x1620; + uint256 internal constant W3_EVAL_LOC = 0x1640; + uint256 internal constant W4_EVAL_LOC = 0x1660; + uint256 internal constant S_EVAL_LOC = 0x1680; + uint256 internal constant Z_EVAL_LOC = 0x16a0; + uint256 internal constant Z_LOOKUP_EVAL_LOC = 0x16c0; + uint256 internal constant Q1_EVAL_LOC = 0x16e0; + uint256 internal constant Q2_EVAL_LOC = 0x1700; + uint256 internal constant Q3_EVAL_LOC = 0x1720; + uint256 internal constant Q4_EVAL_LOC = 0x1740; + uint256 internal constant QM_EVAL_LOC = 0x1760; + uint256 internal constant QC_EVAL_LOC = 0x1780; + uint256 internal constant QARITH_EVAL_LOC = 0x17a0; + uint256 internal constant QSORT_EVAL_LOC = 0x17c0; + uint256 internal constant QELLIPTIC_EVAL_LOC = 0x17e0; + uint256 internal constant QAUX_EVAL_LOC = 0x1800; + uint256 internal constant TABLE1_EVAL_LOC = 0x1840; + uint256 internal constant TABLE2_EVAL_LOC = 0x1860; + uint256 internal constant TABLE3_EVAL_LOC = 0x1880; + uint256 internal constant TABLE4_EVAL_LOC = 0x18a0; + uint256 internal constant TABLE_TYPE_EVAL_LOC = 0x18c0; + uint256 internal constant ID1_EVAL_LOC = 0x18e0; + uint256 internal constant ID2_EVAL_LOC = 0x1900; + uint256 internal constant ID3_EVAL_LOC = 0x1920; + uint256 internal constant ID4_EVAL_LOC = 0x1940; + uint256 internal constant SIGMA1_EVAL_LOC = 0x1960; + uint256 internal constant SIGMA2_EVAL_LOC = 0x1980; + uint256 internal constant SIGMA3_EVAL_LOC = 0x19a0; + uint256 internal constant SIGMA4_EVAL_LOC = 0x19c0; + uint256 internal constant W1_OMEGA_EVAL_LOC = 0x19e0; + uint256 internal constant W2_OMEGA_EVAL_LOC = 0x2000; + uint256 internal constant W3_OMEGA_EVAL_LOC = 0x2020; + uint256 internal constant W4_OMEGA_EVAL_LOC = 0x2040; + uint256 internal constant S_OMEGA_EVAL_LOC = 0x2060; + uint256 internal constant Z_OMEGA_EVAL_LOC = 0x2080; + uint256 internal constant Z_LOOKUP_OMEGA_EVAL_LOC = 0x20a0; + uint256 internal constant TABLE1_OMEGA_EVAL_LOC = 0x20c0; + uint256 internal constant TABLE2_OMEGA_EVAL_LOC = 0x20e0; + uint256 internal constant TABLE3_OMEGA_EVAL_LOC = 0x2100; + uint256 internal constant TABLE4_OMEGA_EVAL_LOC = 0x2120; + + uint256 internal constant PI_Z_X_LOC = 0x2300; + uint256 internal constant PI_Z_Y_LOC = 0x2320; + uint256 internal constant PI_Z_OMEGA_X_LOC = 0x2340; + uint256 internal constant PI_Z_OMEGA_Y_LOC = 0x2360; + + // Used for elliptic widget. These are alias names for wire + shifted wire evaluations + uint256 internal constant X1_EVAL_LOC = W2_EVAL_LOC; + uint256 internal constant X2_EVAL_LOC = W1_OMEGA_EVAL_LOC; + uint256 internal constant X3_EVAL_LOC = W2_OMEGA_EVAL_LOC; + uint256 internal constant Y1_EVAL_LOC = W3_EVAL_LOC; + uint256 internal constant Y2_EVAL_LOC = W4_OMEGA_EVAL_LOC; + uint256 internal constant Y3_EVAL_LOC = W3_OMEGA_EVAL_LOC; + uint256 internal constant QBETA_LOC = Q3_EVAL_LOC; + uint256 internal constant QBETA_SQR_LOC = Q4_EVAL_LOC; + uint256 internal constant QSIGN_LOC = Q1_EVAL_LOC; + + // ### CHALLENGES MEMORY OFFSETS + + uint256 internal constant C_BETA_LOC = 0x2600; + uint256 internal constant C_GAMMA_LOC = 0x2620; + uint256 internal constant C_ALPHA_LOC = 0x2640; + uint256 internal constant C_ETA_LOC = 0x2660; + uint256 internal constant C_ETA_SQR_LOC = 0x2680; + uint256 internal constant C_ETA_CUBE_LOC = 0x26a0; + + uint256 internal constant C_ZETA_LOC = 0x26c0; + uint256 internal constant C_CURRENT_LOC = 0x26e0; + uint256 internal constant C_V0_LOC = 0x2700; + uint256 internal constant C_V1_LOC = 0x2720; + uint256 internal constant C_V2_LOC = 0x2740; + uint256 internal constant C_V3_LOC = 0x2760; + uint256 internal constant C_V4_LOC = 0x2780; + uint256 internal constant C_V5_LOC = 0x27a0; + uint256 internal constant C_V6_LOC = 0x27c0; + uint256 internal constant C_V7_LOC = 0x27e0; + uint256 internal constant C_V8_LOC = 0x2800; + uint256 internal constant C_V9_LOC = 0x2820; + uint256 internal constant C_V10_LOC = 0x2840; + uint256 internal constant C_V11_LOC = 0x2860; + uint256 internal constant C_V12_LOC = 0x2880; + uint256 internal constant C_V13_LOC = 0x28a0; + uint256 internal constant C_V14_LOC = 0x28c0; + uint256 internal constant C_V15_LOC = 0x28e0; + uint256 internal constant C_V16_LOC = 0x2900; + uint256 internal constant C_V17_LOC = 0x2920; + uint256 internal constant C_V18_LOC = 0x2940; + uint256 internal constant C_V19_LOC = 0x2960; + uint256 internal constant C_V20_LOC = 0x2980; + uint256 internal constant C_V21_LOC = 0x29a0; + uint256 internal constant C_V22_LOC = 0x29c0; + uint256 internal constant C_V23_LOC = 0x29e0; + uint256 internal constant C_V24_LOC = 0x2a00; + uint256 internal constant C_V25_LOC = 0x2a20; + uint256 internal constant C_V26_LOC = 0x2a40; + uint256 internal constant C_V27_LOC = 0x2a60; + uint256 internal constant C_V28_LOC = 0x2a80; + uint256 internal constant C_V29_LOC = 0x2aa0; + uint256 internal constant C_V30_LOC = 0x2ac0; + + uint256 internal constant C_U_LOC = 0x2b00; + + // ### LOCAL VARIABLES MEMORY OFFSETS + uint256 internal constant DELTA_NUMERATOR_LOC = 0x3000; + uint256 internal constant DELTA_DENOMINATOR_LOC = 0x3020; + uint256 internal constant ZETA_POW_N_LOC = 0x3040; + uint256 internal constant PUBLIC_INPUT_DELTA_LOC = 0x3060; + uint256 internal constant ZERO_POLY_LOC = 0x3080; + uint256 internal constant L_START_LOC = 0x30a0; + uint256 internal constant L_END_LOC = 0x30c0; + uint256 internal constant R_ZERO_EVAL_LOC = 0x30e0; + + uint256 internal constant PLOOKUP_DELTA_NUMERATOR_LOC = 0x3100; + uint256 internal constant PLOOKUP_DELTA_DENOMINATOR_LOC = 0x3120; + uint256 internal constant PLOOKUP_DELTA_LOC = 0x3140; + + uint256 internal constant ACCUMULATOR_X_LOC = 0x3160; + uint256 internal constant ACCUMULATOR_Y_LOC = 0x3180; + uint256 internal constant ACCUMULATOR2_X_LOC = 0x31a0; + uint256 internal constant ACCUMULATOR2_Y_LOC = 0x31c0; + uint256 internal constant PAIRING_LHS_X_LOC = 0x31e0; + uint256 internal constant PAIRING_LHS_Y_LOC = 0x3200; + uint256 internal constant PAIRING_RHS_X_LOC = 0x3220; + uint256 internal constant PAIRING_RHS_Y_LOC = 0x3240; + + // misc stuff + uint256 internal constant OMEGA_INVERSE_LOC = 0x3300; + uint256 internal constant C_ALPHA_SQR_LOC = 0x3320; + uint256 internal constant C_ALPHA_CUBE_LOC = 0x3340; + uint256 internal constant C_ALPHA_QUAD_LOC = 0x3360; + uint256 internal constant C_ALPHA_BASE_LOC = 0x3380; + + // ### RECURSION VARIABLE MEMORY LOCATIONS + uint256 internal constant RECURSIVE_P1_X_LOC = 0x3400; + uint256 internal constant RECURSIVE_P1_Y_LOC = 0x3420; + uint256 internal constant RECURSIVE_P2_X_LOC = 0x3440; + uint256 internal constant RECURSIVE_P2_Y_LOC = 0x3460; + uint256 internal constant PUBLIC_INPUTS_HASH_LOCATION = 0x3480; + + // sub-identity storage + uint256 internal constant PERMUTATION_IDENTITY = 0x3500; + uint256 internal constant PLOOKUP_IDENTITY = 0x3520; + uint256 internal constant ARITHMETIC_IDENTITY = 0x3540; + uint256 internal constant SORT_IDENTITY = 0x3560; + uint256 internal constant ELLIPTIC_IDENTITY = 0x3580; + uint256 internal constant AUX_IDENTITY = 0x35a0; + uint256 internal constant AUX_NON_NATIVE_FIELD_EVALUATION = 0x35c0; + uint256 internal constant AUX_LIMB_ACCUMULATOR_EVALUATION = 0x35e0; + uint256 internal constant AUX_RAM_CONSISTENCY_EVALUATION = 0x3600; + uint256 internal constant AUX_ROM_CONSISTENCY_EVALUATION = 0x3620; + uint256 internal constant AUX_MEMORY_EVALUATION = 0x3640; + + uint256 internal constant QUOTIENT_EVAL_LOC = 0x3660; + uint256 internal constant ZERO_POLY_INVERSE_LOC = 0x3680; + + // when hashing public inputs we use memory at NU_CHALLENGE_INPUT_LOC_A, as the hash input size is unknown at compile time + uint256 internal constant NU_CHALLENGE_INPUT_LOC_A = 0x36a0; + uint256 internal constant NU_CHALLENGE_INPUT_LOC_B = 0x36c0; + uint256 internal constant NU_CHALLENGE_INPUT_LOC_C = 0x36e0; + + bytes4 internal constant INVALID_VERIFICATION_KEY_SELECTOR = 0x7e5769bf; + bytes4 internal constant POINT_NOT_ON_CURVE_SELECTOR = 0xa3dad654; + bytes4 internal constant PUBLIC_INPUT_INVALID_BN128_G1_POINT_SELECTOR = 0xeba9f4a6; + bytes4 internal constant PUBLIC_INPUT_GE_P_SELECTOR = 0x374a972f; + bytes4 internal constant MOD_EXP_FAILURE_SELECTOR = 0xf894a7bc; + bytes4 internal constant PAIRING_PREAMBLE_FAILED_SELECTOR = 0x01882d81; + bytes4 internal constant OPENING_COMMITMENT_FAILED_SELECTOR = 0x4e719763; + bytes4 internal constant PAIRING_FAILED_SELECTOR = 0xd71fd263; + + uint256 internal constant ETA_INPUT_LENGTH = 0xc0; // W1, W2, W3 = 6 * 0x20 bytes + + // We need to hash 41 field elements when generating the NU challenge + // w1, w2, w3, w4, s, z, z_lookup, q1, q2, q3, q4, qm, qc, qarith (14) + // qsort, qelliptic, qaux, sigma1, sigma2, sigma, sigma4, (7) + // table1, table2, table3, table4, tabletype, id1, id2, id3, id4, (9) + // w1_omega, w2_omega, w3_omega, w4_omega, s_omega, z_omega, z_lookup_omega, (7) + // table1_omega, table2_omega, table3_omega, table4_omega (4) + uint256 internal constant NU_INPUT_LENGTH = 0x520; // 0x520 = 41 * 0x20 + + // There are ELEVEN G1 group elements added into the transcript in the `beta` round, that we need to skip over + // W1, W2, W3, W4, S, Z, Z_LOOKUP, T1, T2, T3, T4 + uint256 internal constant NU_CALLDATA_SKIP_LENGTH = 0x2c0; // 11 * 0x40 = 0x2c0 + + uint256 internal constant NEGATIVE_INVERSE_OF_2_MODULO_P = + 0x183227397098d014dc2822db40c0ac2e9419f4243cdcb848a1f0fac9f8000000; + uint256 internal constant LIMB_SIZE = 0x100000000000000000; // 2<<68 + uint256 internal constant SUBLIMB_SHIFT = 0x4000; // 2<<14 + + // y^2 = x^3 + ax + b + // for Grumpkin, a = 0 and b = -17. We use b in a custom gate relation that evaluates elliptic curve arithmetic + uint256 internal constant GRUMPKIN_CURVE_B_PARAMETER_NEGATED = 17; + + error INVALID_VERIFICATION_KEY(); + error POINT_NOT_ON_CURVE(); + error PUBLIC_INPUT_COUNT_INVALID(uint256 expected, uint256 actual); + error PUBLIC_INPUT_INVALID_BN128_G1_POINT(); + error PUBLIC_INPUT_GE_P(); + error MOD_EXP_FAILURE(); + error PAIRING_PREAMBLE_FAILED(); + error OPENING_COMMITMENT_FAILED(); + error PAIRING_FAILED(); + + function getVerificationKeyHash() public pure virtual returns (bytes32); + + /** + * @dev We assume that the verification key loaded by this function is constant as we only verify it on deployment + */ + function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure virtual; + + constructor() { + loadVerificationKey(N_LOC, OMEGA_INVERSE_LOC); + + // We verify that all of the EC points in the verification key lie on the bn128 curve. + assembly { + let q := 21888242871839275222246405745257275088696311157297823662689037894645226208583 // EC group order + + let success := 1 + + // VALIDATE Q1 + { + let x := mload(Q1_X_LOC) + let y := mload(Q1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE Q2 + { + let x := mload(Q2_X_LOC) + let y := mload(Q2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE Q3 + { + let x := mload(Q3_X_LOC) + let y := mload(Q3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE Q4 + { + let x := mload(Q4_X_LOC) + let y := mload(Q4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + mstore(0x00, x) + mstore(0x20, y) + } + // VALIDATE QM + { + let x := mload(QM_X_LOC) + let y := mload(QM_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QC + { + let x := mload(QC_X_LOC) + let y := mload(QC_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QARITH + { + let x := mload(QARITH_X_LOC) + let y := mload(QARITH_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QSORT + { + let x := mload(QSORT_X_LOC) + let y := mload(QSORT_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QELLIPTIC + { + let x := mload(QELLIPTIC_X_LOC) + let y := mload(QELLIPTIC_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QAUX + { + let x := mload(QAUX_X_LOC) + let y := mload(QAUX_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE SIGMA1 + { + let x := mload(SIGMA1_X_LOC) + let y := mload(SIGMA1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE SIGMA2 + { + let x := mload(SIGMA2_X_LOC) + let y := mload(SIGMA2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE SIGMA3 + { + let x := mload(SIGMA3_X_LOC) + let y := mload(SIGMA3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE SIGMA4 + { + let x := mload(SIGMA4_X_LOC) + let y := mload(SIGMA4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE1 + { + let x := mload(TABLE1_X_LOC) + let y := mload(TABLE1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE2 + { + let x := mload(TABLE2_X_LOC) + let y := mload(TABLE2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE3 + { + let x := mload(TABLE3_X_LOC) + let y := mload(TABLE3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE4 + { + let x := mload(TABLE4_X_LOC) + let y := mload(TABLE4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE_TYPE + { + let x := mload(TABLE_TYPE_X_LOC) + let y := mload(TABLE_TYPE_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE ID1 + { + let x := mload(ID1_X_LOC) + let y := mload(ID1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE ID2 + { + let x := mload(ID2_X_LOC) + let y := mload(ID2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE ID3 + { + let x := mload(ID3_X_LOC) + let y := mload(ID3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE ID4 + { + let x := mload(ID4_X_LOC) + let y := mload(ID4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + + if iszero(success) { + mstore(0x0, INVALID_VERIFICATION_KEY_SELECTOR) + revert(0x00, 0x04) + } + } + } + + /** + * @notice Verify a Ultra Plonk proof + * @param _proof - The serialized proof + * @param _publicInputs - An array of the public inputs + * @return True if proof is valid, reverts otherwise + */ + function verify(bytes calldata _proof, bytes32[] calldata _publicInputs) external view returns (bool) { + loadVerificationKey(N_LOC, OMEGA_INVERSE_LOC); + + uint256 requiredPublicInputCount; + assembly { + requiredPublicInputCount := mload(NUM_INPUTS_LOC) + } + if (requiredPublicInputCount != _publicInputs.length) { + revert PUBLIC_INPUT_COUNT_INVALID(requiredPublicInputCount, _publicInputs.length); + } + + assembly { + let q := 21888242871839275222246405745257275088696311157297823662689037894645226208583 // EC group order + let p := 21888242871839275222246405745257275088548364400416034343698204186575808495617 // Prime field order + + /** + * LOAD PROOF FROM CALLDATA + */ + { + let data_ptr := add(calldataload(0x04), 0x24) + + mstore(W1_Y_LOC, mod(calldataload(data_ptr), q)) + mstore(W1_X_LOC, mod(calldataload(add(data_ptr, 0x20)), q)) + + mstore(W2_Y_LOC, mod(calldataload(add(data_ptr, 0x40)), q)) + mstore(W2_X_LOC, mod(calldataload(add(data_ptr, 0x60)), q)) + + mstore(W3_Y_LOC, mod(calldataload(add(data_ptr, 0x80)), q)) + mstore(W3_X_LOC, mod(calldataload(add(data_ptr, 0xa0)), q)) + + mstore(W4_Y_LOC, mod(calldataload(add(data_ptr, 0xc0)), q)) + mstore(W4_X_LOC, mod(calldataload(add(data_ptr, 0xe0)), q)) + + mstore(S_Y_LOC, mod(calldataload(add(data_ptr, 0x100)), q)) + mstore(S_X_LOC, mod(calldataload(add(data_ptr, 0x120)), q)) + mstore(Z_Y_LOC, mod(calldataload(add(data_ptr, 0x140)), q)) + mstore(Z_X_LOC, mod(calldataload(add(data_ptr, 0x160)), q)) + mstore(Z_LOOKUP_Y_LOC, mod(calldataload(add(data_ptr, 0x180)), q)) + mstore(Z_LOOKUP_X_LOC, mod(calldataload(add(data_ptr, 0x1a0)), q)) + mstore(T1_Y_LOC, mod(calldataload(add(data_ptr, 0x1c0)), q)) + mstore(T1_X_LOC, mod(calldataload(add(data_ptr, 0x1e0)), q)) + + mstore(T2_Y_LOC, mod(calldataload(add(data_ptr, 0x200)), q)) + mstore(T2_X_LOC, mod(calldataload(add(data_ptr, 0x220)), q)) + + mstore(T3_Y_LOC, mod(calldataload(add(data_ptr, 0x240)), q)) + mstore(T3_X_LOC, mod(calldataload(add(data_ptr, 0x260)), q)) + + mstore(T4_Y_LOC, mod(calldataload(add(data_ptr, 0x280)), q)) + mstore(T4_X_LOC, mod(calldataload(add(data_ptr, 0x2a0)), q)) + + mstore(W1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x2c0)), p)) + mstore(W2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x2e0)), p)) + mstore(W3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x300)), p)) + mstore(W4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x320)), p)) + mstore(S_EVAL_LOC, mod(calldataload(add(data_ptr, 0x340)), p)) + mstore(Z_EVAL_LOC, mod(calldataload(add(data_ptr, 0x360)), p)) + mstore(Z_LOOKUP_EVAL_LOC, mod(calldataload(add(data_ptr, 0x380)), p)) + mstore(Q1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x3a0)), p)) + mstore(Q2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x3c0)), p)) + mstore(Q3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x3e0)), p)) + mstore(Q4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x400)), p)) + mstore(QM_EVAL_LOC, mod(calldataload(add(data_ptr, 0x420)), p)) + mstore(QC_EVAL_LOC, mod(calldataload(add(data_ptr, 0x440)), p)) + mstore(QARITH_EVAL_LOC, mod(calldataload(add(data_ptr, 0x460)), p)) + mstore(QSORT_EVAL_LOC, mod(calldataload(add(data_ptr, 0x480)), p)) + mstore(QELLIPTIC_EVAL_LOC, mod(calldataload(add(data_ptr, 0x4a0)), p)) + mstore(QAUX_EVAL_LOC, mod(calldataload(add(data_ptr, 0x4c0)), p)) + + mstore(SIGMA1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x4e0)), p)) + mstore(SIGMA2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x500)), p)) + + mstore(SIGMA3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x520)), p)) + mstore(SIGMA4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x540)), p)) + + mstore(TABLE1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x560)), p)) + mstore(TABLE2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x580)), p)) + mstore(TABLE3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x5a0)), p)) + mstore(TABLE4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x5c0)), p)) + mstore(TABLE_TYPE_EVAL_LOC, mod(calldataload(add(data_ptr, 0x5e0)), p)) + + mstore(ID1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x600)), p)) + mstore(ID2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x620)), p)) + mstore(ID3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x640)), p)) + mstore(ID4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x660)), p)) + + mstore(W1_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x680)), p)) + mstore(W2_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x6a0)), p)) + mstore(W3_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x6c0)), p)) + mstore(W4_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x6e0)), p)) + mstore(S_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x700)), p)) + + mstore(Z_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x720)), p)) + + mstore(Z_LOOKUP_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x740)), p)) + mstore(TABLE1_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x760)), p)) + mstore(TABLE2_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x780)), p)) + mstore(TABLE3_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x7a0)), p)) + mstore(TABLE4_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x7c0)), p)) + + mstore(PI_Z_Y_LOC, mod(calldataload(add(data_ptr, 0x7e0)), q)) + mstore(PI_Z_X_LOC, mod(calldataload(add(data_ptr, 0x800)), q)) + + mstore(PI_Z_OMEGA_Y_LOC, mod(calldataload(add(data_ptr, 0x820)), q)) + mstore(PI_Z_OMEGA_X_LOC, mod(calldataload(add(data_ptr, 0x840)), q)) + } + + /** + * LOAD RECURSIVE PROOF INTO MEMORY + */ + { + if mload(CONTAINS_RECURSIVE_PROOF_LOC) { + let public_inputs_ptr := add(calldataload(0x24), 0x24) + let index_counter := add(shl(5, mload(RECURSIVE_PROOF_PUBLIC_INPUT_INDICES_LOC)), public_inputs_ptr) + + let x0 := calldataload(index_counter) + x0 := add(x0, shl(68, calldataload(add(index_counter, 0x20)))) + x0 := add(x0, shl(136, calldataload(add(index_counter, 0x40)))) + x0 := add(x0, shl(204, calldataload(add(index_counter, 0x60)))) + let y0 := calldataload(add(index_counter, 0x80)) + y0 := add(y0, shl(68, calldataload(add(index_counter, 0xa0)))) + y0 := add(y0, shl(136, calldataload(add(index_counter, 0xc0)))) + y0 := add(y0, shl(204, calldataload(add(index_counter, 0xe0)))) + let x1 := calldataload(add(index_counter, 0x100)) + x1 := add(x1, shl(68, calldataload(add(index_counter, 0x120)))) + x1 := add(x1, shl(136, calldataload(add(index_counter, 0x140)))) + x1 := add(x1, shl(204, calldataload(add(index_counter, 0x160)))) + let y1 := calldataload(add(index_counter, 0x180)) + y1 := add(y1, shl(68, calldataload(add(index_counter, 0x1a0)))) + y1 := add(y1, shl(136, calldataload(add(index_counter, 0x1c0)))) + y1 := add(y1, shl(204, calldataload(add(index_counter, 0x1e0)))) + mstore(RECURSIVE_P1_X_LOC, x0) + mstore(RECURSIVE_P1_Y_LOC, y0) + mstore(RECURSIVE_P2_X_LOC, x1) + mstore(RECURSIVE_P2_Y_LOC, y1) + + // validate these are valid bn128 G1 points + if iszero(and(and(lt(x0, q), lt(x1, q)), and(lt(y0, q), lt(y1, q)))) { + mstore(0x00, PUBLIC_INPUT_INVALID_BN128_G1_POINT_SELECTOR) + revert(0x00, 0x04) + } + } + } + + { + /** + * Generate initial challenge + */ + mstore(0x00, shl(224, mload(N_LOC))) + mstore(0x04, shl(224, mload(NUM_INPUTS_LOC))) + let challenge := keccak256(0x00, 0x08) + + /** + * Generate eta challenge + */ + mstore(PUBLIC_INPUTS_HASH_LOCATION, challenge) + // The public input location is stored at 0x24, we then add 0x24 to skip selector and the length of public inputs + let public_inputs_start := add(calldataload(0x24), 0x24) + // copy the public inputs over + let public_input_size := mul(mload(NUM_INPUTS_LOC), 0x20) + calldatacopy(add(PUBLIC_INPUTS_HASH_LOCATION, 0x20), public_inputs_start, public_input_size) + + // copy W1, W2, W3 into challenge. Each point is 0x40 bytes, so load 0xc0 = 3 * 0x40 bytes (ETA input length) + let w_start := add(calldataload(0x04), 0x24) + calldatacopy(add(add(PUBLIC_INPUTS_HASH_LOCATION, 0x20), public_input_size), w_start, ETA_INPUT_LENGTH) + + // Challenge is the old challenge + public inputs + W1, W2, W3 (0x20 + public_input_size + 0xc0) + let challenge_bytes_size := add(0x20, add(public_input_size, ETA_INPUT_LENGTH)) + + challenge := keccak256(PUBLIC_INPUTS_HASH_LOCATION, challenge_bytes_size) + { + let eta := mod(challenge, p) + mstore(C_ETA_LOC, eta) + mstore(C_ETA_SQR_LOC, mulmod(eta, eta, p)) + mstore(C_ETA_CUBE_LOC, mulmod(mload(C_ETA_SQR_LOC), eta, p)) + } + + /** + * Generate beta challenge + */ + mstore(0x00, challenge) + mstore(0x20, mload(W4_Y_LOC)) + mstore(0x40, mload(W4_X_LOC)) + mstore(0x60, mload(S_Y_LOC)) + mstore(0x80, mload(S_X_LOC)) + challenge := keccak256(0x00, 0xa0) + mstore(C_BETA_LOC, mod(challenge, p)) + + /** + * Generate gamma challenge + */ + mstore(0x00, challenge) + mstore8(0x20, 0x01) + challenge := keccak256(0x00, 0x21) + mstore(C_GAMMA_LOC, mod(challenge, p)) + + /** + * Generate alpha challenge + */ + mstore(0x00, challenge) + mstore(0x20, mload(Z_Y_LOC)) + mstore(0x40, mload(Z_X_LOC)) + mstore(0x60, mload(Z_LOOKUP_Y_LOC)) + mstore(0x80, mload(Z_LOOKUP_X_LOC)) + challenge := keccak256(0x00, 0xa0) + mstore(C_ALPHA_LOC, mod(challenge, p)) + + /** + * Compute and store some powers of alpha for future computations + */ + let alpha := mload(C_ALPHA_LOC) + mstore(C_ALPHA_SQR_LOC, mulmod(alpha, alpha, p)) + mstore(C_ALPHA_CUBE_LOC, mulmod(mload(C_ALPHA_SQR_LOC), alpha, p)) + mstore(C_ALPHA_QUAD_LOC, mulmod(mload(C_ALPHA_CUBE_LOC), alpha, p)) + mstore(C_ALPHA_BASE_LOC, alpha) + + /** + * Generate zeta challenge + */ + mstore(0x00, challenge) + mstore(0x20, mload(T1_Y_LOC)) + mstore(0x40, mload(T1_X_LOC)) + mstore(0x60, mload(T2_Y_LOC)) + mstore(0x80, mload(T2_X_LOC)) + mstore(0xa0, mload(T3_Y_LOC)) + mstore(0xc0, mload(T3_X_LOC)) + mstore(0xe0, mload(T4_Y_LOC)) + mstore(0x100, mload(T4_X_LOC)) + + challenge := keccak256(0x00, 0x120) + + mstore(C_ZETA_LOC, mod(challenge, p)) + mstore(C_CURRENT_LOC, challenge) + } + + /** + * EVALUATE FIELD OPERATIONS + */ + + /** + * COMPUTE PUBLIC INPUT DELTA + * ΔPI = ∏ᵢ∈ℓ(wᵢ + β σ(i) + γ) / ∏ᵢ∈ℓ(wᵢ + β σ'(i) + γ) + */ + { + let beta := mload(C_BETA_LOC) // β + let gamma := mload(C_GAMMA_LOC) // γ + let work_root := mload(OMEGA_LOC) // ω + let numerator_value := 1 + let denominator_value := 1 + + let p_clone := p // move p to the front of the stack + let valid_inputs := true + + // Load the starting point of the public inputs (jump over the selector and the length of public inputs [0x24]) + let public_inputs_ptr := add(calldataload(0x24), 0x24) + + // endpoint_ptr = public_inputs_ptr + num_inputs * 0x20. // every public input is 0x20 bytes + let endpoint_ptr := add(public_inputs_ptr, mul(mload(NUM_INPUTS_LOC), 0x20)) + + // root_1 = β * 0x05 + let root_1 := mulmod(beta, 0x05, p_clone) // k1.β + // root_2 = β * 0x0c + let root_2 := mulmod(beta, 0x0c, p_clone) + // @note 0x05 + 0x07 == 0x0c == external coset generator + + for {} lt(public_inputs_ptr, endpoint_ptr) { public_inputs_ptr := add(public_inputs_ptr, 0x20) } { + /** + * input = public_input[i] + * valid_inputs &= input < p + * temp = input + gamma + * numerator_value *= (β.σ(i) + wᵢ + γ) // σ(i) = 0x05.ωⁱ + * denominator_value *= (β.σ'(i) + wᵢ + γ) // σ'(i) = 0x0c.ωⁱ + * root_1 *= ω + * root_2 *= ω + */ + + let input := calldataload(public_inputs_ptr) + valid_inputs := and(valid_inputs, lt(input, p_clone)) + let temp := addmod(input, gamma, p_clone) + + numerator_value := mulmod(numerator_value, add(root_1, temp), p_clone) + denominator_value := mulmod(denominator_value, add(root_2, temp), p_clone) + + root_1 := mulmod(root_1, work_root, p_clone) + root_2 := mulmod(root_2, work_root, p_clone) + } + + // Revert if not all public inputs are field elements (i.e. < p) + if iszero(valid_inputs) { + mstore(0x00, PUBLIC_INPUT_GE_P_SELECTOR) + revert(0x00, 0x04) + } + + mstore(DELTA_NUMERATOR_LOC, numerator_value) + mstore(DELTA_DENOMINATOR_LOC, denominator_value) + } + + /** + * Compute Plookup delta factor [γ(1 + β)]^{n-k} + * k = num roots cut out of Z_H = 4 + */ + { + let delta_base := mulmod(mload(C_GAMMA_LOC), addmod(mload(C_BETA_LOC), 1, p), p) + let delta_numerator := delta_base + { + let exponent := mload(N_LOC) + let count := 1 + for {} lt(count, exponent) { count := add(count, count) } { + delta_numerator := mulmod(delta_numerator, delta_numerator, p) + } + } + mstore(PLOOKUP_DELTA_NUMERATOR_LOC, delta_numerator) + + let delta_denominator := mulmod(delta_base, delta_base, p) + delta_denominator := mulmod(delta_denominator, delta_denominator, p) + mstore(PLOOKUP_DELTA_DENOMINATOR_LOC, delta_denominator) + } + /** + * Compute lagrange poly and vanishing poly fractions + */ + { + /** + * vanishing_numerator = zeta + * ZETA_POW_N = zeta^n + * vanishing_numerator -= 1 + * accumulating_root = omega_inverse + * work_root = p - accumulating_root + * domain_inverse = domain_inverse + * vanishing_denominator = zeta + work_root + * work_root *= accumulating_root + * vanishing_denominator *= (zeta + work_root) + * work_root *= accumulating_root + * vanishing_denominator *= (zeta + work_root) + * vanishing_denominator *= (zeta + (zeta + accumulating_root)) + * work_root = omega + * lagrange_numerator = vanishing_numerator * domain_inverse + * l_start_denominator = zeta - 1 + * accumulating_root = work_root^2 + * l_end_denominator = accumulating_root^2 * work_root * zeta - 1 + * Note: l_end_denominator term contains a term \omega^5 to cut out 5 roots of unity from vanishing poly + */ + + let zeta := mload(C_ZETA_LOC) + + // compute zeta^n, where n is a power of 2 + let vanishing_numerator := zeta + { + // pow_small + let exponent := mload(N_LOC) + let count := 1 + for {} lt(count, exponent) { count := add(count, count) } { + vanishing_numerator := mulmod(vanishing_numerator, vanishing_numerator, p) + } + } + mstore(ZETA_POW_N_LOC, vanishing_numerator) + vanishing_numerator := addmod(vanishing_numerator, sub(p, 1), p) + + let accumulating_root := mload(OMEGA_INVERSE_LOC) + let work_root := sub(p, accumulating_root) + let domain_inverse := mload(DOMAIN_INVERSE_LOC) + + let vanishing_denominator := addmod(zeta, work_root, p) + work_root := mulmod(work_root, accumulating_root, p) + vanishing_denominator := mulmod(vanishing_denominator, addmod(zeta, work_root, p), p) + work_root := mulmod(work_root, accumulating_root, p) + vanishing_denominator := mulmod(vanishing_denominator, addmod(zeta, work_root, p), p) + vanishing_denominator := + mulmod(vanishing_denominator, addmod(zeta, mulmod(work_root, accumulating_root, p), p), p) + + work_root := mload(OMEGA_LOC) + + let lagrange_numerator := mulmod(vanishing_numerator, domain_inverse, p) + let l_start_denominator := addmod(zeta, sub(p, 1), p) + + accumulating_root := mulmod(work_root, work_root, p) + + let l_end_denominator := + addmod( + mulmod(mulmod(mulmod(accumulating_root, accumulating_root, p), work_root, p), zeta, p), sub(p, 1), p + ) + + /** + * Compute inversions using Montgomery's batch inversion trick + */ + let accumulator := mload(DELTA_DENOMINATOR_LOC) + let t0 := accumulator + accumulator := mulmod(accumulator, vanishing_denominator, p) + let t1 := accumulator + accumulator := mulmod(accumulator, vanishing_numerator, p) + let t2 := accumulator + accumulator := mulmod(accumulator, l_start_denominator, p) + let t3 := accumulator + accumulator := mulmod(accumulator, mload(PLOOKUP_DELTA_DENOMINATOR_LOC), p) + let t4 := accumulator + { + mstore(0, 0x20) + mstore(0x20, 0x20) + mstore(0x40, 0x20) + mstore(0x60, mulmod(accumulator, l_end_denominator, p)) + mstore(0x80, sub(p, 2)) + mstore(0xa0, p) + if iszero(staticcall(gas(), 0x05, 0x00, 0xc0, 0x00, 0x20)) { + mstore(0x0, MOD_EXP_FAILURE_SELECTOR) + revert(0x00, 0x04) + } + accumulator := mload(0x00) + } + + t4 := mulmod(accumulator, t4, p) + accumulator := mulmod(accumulator, l_end_denominator, p) + + t3 := mulmod(accumulator, t3, p) + accumulator := mulmod(accumulator, mload(PLOOKUP_DELTA_DENOMINATOR_LOC), p) + + t2 := mulmod(accumulator, t2, p) + accumulator := mulmod(accumulator, l_start_denominator, p) + + t1 := mulmod(accumulator, t1, p) + accumulator := mulmod(accumulator, vanishing_numerator, p) + + t0 := mulmod(accumulator, t0, p) + accumulator := mulmod(accumulator, vanishing_denominator, p) + + accumulator := mulmod(mulmod(accumulator, accumulator, p), mload(DELTA_DENOMINATOR_LOC), p) + + mstore(PUBLIC_INPUT_DELTA_LOC, mulmod(mload(DELTA_NUMERATOR_LOC), accumulator, p)) + mstore(ZERO_POLY_LOC, mulmod(vanishing_numerator, t0, p)) + mstore(ZERO_POLY_INVERSE_LOC, mulmod(vanishing_denominator, t1, p)) + mstore(L_START_LOC, mulmod(lagrange_numerator, t2, p)) + mstore(PLOOKUP_DELTA_LOC, mulmod(mload(PLOOKUP_DELTA_NUMERATOR_LOC), t3, p)) + mstore(L_END_LOC, mulmod(lagrange_numerator, t4, p)) + } + + /** + * UltraPlonk Widget Ordering: + * + * 1. Permutation widget + * 2. Plookup widget + * 3. Arithmetic widget + * 4. Fixed base widget (?) + * 5. GenPermSort widget + * 6. Elliptic widget + * 7. Auxiliary widget + */ + + /** + * COMPUTE PERMUTATION WIDGET EVALUATION + */ + { + let alpha := mload(C_ALPHA_LOC) + let beta := mload(C_BETA_LOC) + let gamma := mload(C_GAMMA_LOC) + + /** + * t1 = (W1 + gamma + beta * ID1) * (W2 + gamma + beta * ID2) + * t2 = (W3 + gamma + beta * ID3) * (W4 + gamma + beta * ID4) + * result = alpha_base * z_eval * t1 * t2 + * t1 = (W1 + gamma + beta * sigma_1_eval) * (W2 + gamma + beta * sigma_2_eval) + * t2 = (W2 + gamma + beta * sigma_3_eval) * (W3 + gamma + beta * sigma_4_eval) + * result -= (alpha_base * z_omega_eval * t1 * t2) + */ + let t1 := + mulmod( + add(add(mload(W1_EVAL_LOC), gamma), mulmod(beta, mload(ID1_EVAL_LOC), p)), + add(add(mload(W2_EVAL_LOC), gamma), mulmod(beta, mload(ID2_EVAL_LOC), p)), + p + ) + let t2 := + mulmod( + add(add(mload(W3_EVAL_LOC), gamma), mulmod(beta, mload(ID3_EVAL_LOC), p)), + add(add(mload(W4_EVAL_LOC), gamma), mulmod(beta, mload(ID4_EVAL_LOC), p)), + p + ) + let result := mulmod(mload(C_ALPHA_BASE_LOC), mulmod(mload(Z_EVAL_LOC), mulmod(t1, t2, p), p), p) + t1 := + mulmod( + add(add(mload(W1_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA1_EVAL_LOC), p)), + add(add(mload(W2_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA2_EVAL_LOC), p)), + p + ) + t2 := + mulmod( + add(add(mload(W3_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA3_EVAL_LOC), p)), + add(add(mload(W4_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA4_EVAL_LOC), p)), + p + ) + result := + addmod( + result, + sub(p, mulmod(mload(C_ALPHA_BASE_LOC), mulmod(mload(Z_OMEGA_EVAL_LOC), mulmod(t1, t2, p), p), p)), + p + ) + + /** + * alpha_base *= alpha + * result += alpha_base . (L_{n-k}(ʓ) . (z(ʓ.ω) - ∆_{PI})) + * alpha_base *= alpha + * result += alpha_base . (L_1(ʓ)(Z(ʓ) - 1)) + * alpha_Base *= alpha + */ + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p)) + result := + addmod( + result, + mulmod( + mload(C_ALPHA_BASE_LOC), + mulmod( + mload(L_END_LOC), + addmod(mload(Z_OMEGA_EVAL_LOC), sub(p, mload(PUBLIC_INPUT_DELTA_LOC)), p), + p + ), + p + ), + p + ) + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p)) + mstore( + PERMUTATION_IDENTITY, + addmod( + result, + mulmod( + mload(C_ALPHA_BASE_LOC), + mulmod(mload(L_START_LOC), addmod(mload(Z_EVAL_LOC), sub(p, 1), p), p), + p + ), + p + ) + ) + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p)) + } + + /** + * COMPUTE PLOOKUP WIDGET EVALUATION + */ + { + /** + * Goal: f = (w1(z) + q2.w1(zω)) + η(w2(z) + qm.w2(zω)) + η²(w3(z) + qc.w_3(zω)) + q3(z).η³ + * f = η.q3(z) + * f += (w3(z) + qc.w_3(zω)) + * f *= η + * f += (w2(z) + qm.w2(zω)) + * f *= η + * f += (w1(z) + q2.w1(zω)) + */ + let f := mulmod(mload(C_ETA_LOC), mload(Q3_EVAL_LOC), p) + f := + addmod(f, addmod(mload(W3_EVAL_LOC), mulmod(mload(QC_EVAL_LOC), mload(W3_OMEGA_EVAL_LOC), p), p), p) + f := mulmod(f, mload(C_ETA_LOC), p) + f := + addmod(f, addmod(mload(W2_EVAL_LOC), mulmod(mload(QM_EVAL_LOC), mload(W2_OMEGA_EVAL_LOC), p), p), p) + f := mulmod(f, mload(C_ETA_LOC), p) + f := + addmod(f, addmod(mload(W1_EVAL_LOC), mulmod(mload(Q2_EVAL_LOC), mload(W1_OMEGA_EVAL_LOC), p), p), p) + + // t(z) = table4(z).η³ + table3(z).η² + table2(z).η + table1(z) + let t := + addmod( + addmod( + addmod( + mulmod(mload(TABLE4_EVAL_LOC), mload(C_ETA_CUBE_LOC), p), + mulmod(mload(TABLE3_EVAL_LOC), mload(C_ETA_SQR_LOC), p), + p + ), + mulmod(mload(TABLE2_EVAL_LOC), mload(C_ETA_LOC), p), + p + ), + mload(TABLE1_EVAL_LOC), + p + ) + + // t(zw) = table4(zw).η³ + table3(zw).η² + table2(zw).η + table1(zw) + let t_omega := + addmod( + addmod( + addmod( + mulmod(mload(TABLE4_OMEGA_EVAL_LOC), mload(C_ETA_CUBE_LOC), p), + mulmod(mload(TABLE3_OMEGA_EVAL_LOC), mload(C_ETA_SQR_LOC), p), + p + ), + mulmod(mload(TABLE2_OMEGA_EVAL_LOC), mload(C_ETA_LOC), p), + p + ), + mload(TABLE1_OMEGA_EVAL_LOC), + p + ) + + /** + * Goal: numerator = (TABLE_TYPE_EVAL * f(z) + γ) * (t(z) + βt(zω) + γ(β + 1)) * (β + 1) + * gamma_beta_constant = γ(β + 1) + * numerator = f * TABLE_TYPE_EVAL + gamma + * temp0 = t(z) + t(zω) * β + gamma_beta_constant + * numerator *= temp0 + * numerator *= (β + 1) + * temp0 = alpha * l_1 + * numerator += temp0 + * numerator *= z_lookup(z) + * numerator -= temp0 + */ + let gamma_beta_constant := mulmod(mload(C_GAMMA_LOC), addmod(mload(C_BETA_LOC), 1, p), p) + let numerator := addmod(mulmod(f, mload(TABLE_TYPE_EVAL_LOC), p), mload(C_GAMMA_LOC), p) + let temp0 := addmod(addmod(t, mulmod(t_omega, mload(C_BETA_LOC), p), p), gamma_beta_constant, p) + numerator := mulmod(numerator, temp0, p) + numerator := mulmod(numerator, addmod(mload(C_BETA_LOC), 1, p), p) + temp0 := mulmod(mload(C_ALPHA_LOC), mload(L_START_LOC), p) + numerator := addmod(numerator, temp0, p) + numerator := mulmod(numerator, mload(Z_LOOKUP_EVAL_LOC), p) + numerator := addmod(numerator, sub(p, temp0), p) + + /** + * Goal: denominator = z_lookup(zω)*[s(z) + βs(zω) + γ(1 + β)] - [z_lookup(zω) - [γ(1 + β)]^{n-k}]*α²L_end(z) + * note: delta_factor = [γ(1 + β)]^{n-k} + * denominator = s(z) + βs(zω) + γ(β + 1) + * temp1 = α²L_end(z) + * denominator -= temp1 + * denominator *= z_lookup(zω) + * denominator += temp1 * delta_factor + * PLOOKUP_IDENTITY = (numerator - denominator).alpha_base + * alpha_base *= alpha^3 + */ + let denominator := + addmod( + addmod(mload(S_EVAL_LOC), mulmod(mload(S_OMEGA_EVAL_LOC), mload(C_BETA_LOC), p), p), + gamma_beta_constant, + p + ) + let temp1 := mulmod(mload(C_ALPHA_SQR_LOC), mload(L_END_LOC), p) + denominator := addmod(denominator, sub(p, temp1), p) + denominator := mulmod(denominator, mload(Z_LOOKUP_OMEGA_EVAL_LOC), p) + denominator := addmod(denominator, mulmod(temp1, mload(PLOOKUP_DELTA_LOC), p), p) + + mstore(PLOOKUP_IDENTITY, mulmod(addmod(numerator, sub(p, denominator), p), mload(C_ALPHA_BASE_LOC), p)) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_CUBE_LOC), p)) + } + + /** + * COMPUTE ARITHMETIC WIDGET EVALUATION + */ + { + /** + * The basic arithmetic gate identity in standard plonk is as follows. + * (w_1 . w_2 . q_m) + (w_1 . q_1) + (w_2 . q_2) + (w_3 . q_3) + (w_4 . q_4) + q_c = 0 + * However, for Ultraplonk, we extend this to support "passing" wires between rows (shown without alpha scaling below): + * q_arith * ( ( (-1/2) * (q_arith - 3) * q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c ) + + * (q_arith - 1)*( α * (q_arith - 2) * (w_1 + w_4 - w_1_omega + q_m) + w_4_omega) ) = 0 + * + * This formula results in several cases depending on q_arith: + * 1. q_arith == 0: Arithmetic gate is completely disabled + * + * 2. q_arith == 1: Everything in the minigate on the right is disabled. The equation is just a standard plonk equation + * with extra wires: q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c = 0 + * + * 3. q_arith == 2: The (w_1 + w_4 - ...) term is disabled. THe equation is: + * (1/2) * q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + w_4_omega = 0 + * It allows defining w_4 at next index (w_4_omega) in terms of current wire values + * + * 4. q_arith == 3: The product of w_1 and w_2 is disabled, but a mini addition gate is enabled. α allows us to split + * the equation into two: + * + * q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + 2 * w_4_omega = 0 + * and + * w_1 + w_4 - w_1_omega + q_m = 0 (we are reusing q_m here) + * + * 5. q_arith > 3: The product of w_1 and w_2 is scaled by (q_arith - 3), while the w_4_omega term is scaled by (q_arith - 1). + * The equation can be split into two: + * + * (q_arith - 3)* q_m * w_1 * w_ 2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + (q_arith - 1) * w_4_omega = 0 + * and + * w_1 + w_4 - w_1_omega + q_m = 0 + * + * The problem that q_m is used both in both equations can be dealt with by appropriately changing selector values at + * the next gate. Then we can treat (q_arith - 1) as a simulated q_6 selector and scale q_m to handle (q_arith - 3) at + * product. + */ + + let w1q1 := mulmod(mload(W1_EVAL_LOC), mload(Q1_EVAL_LOC), p) + let w2q2 := mulmod(mload(W2_EVAL_LOC), mload(Q2_EVAL_LOC), p) + let w3q3 := mulmod(mload(W3_EVAL_LOC), mload(Q3_EVAL_LOC), p) + let w4q3 := mulmod(mload(W4_EVAL_LOC), mload(Q4_EVAL_LOC), p) + + // @todo - Add a explicit test that hits QARITH == 3 + // w1w2qm := (w_1 . w_2 . q_m . (QARITH_EVAL_LOC - 3)) / 2 + let w1w2qm := + mulmod( + mulmod( + mulmod(mulmod(mload(W1_EVAL_LOC), mload(W2_EVAL_LOC), p), mload(QM_EVAL_LOC), p), + addmod(mload(QARITH_EVAL_LOC), sub(p, 3), p), + p + ), + NEGATIVE_INVERSE_OF_2_MODULO_P, + p + ) + + // (w_1 . w_2 . q_m . (q_arith - 3)) / -2) + (w_1 . q_1) + (w_2 . q_2) + (w_3 . q_3) + (w_4 . q_4) + q_c + let identity := + addmod( + mload(QC_EVAL_LOC), addmod(w4q3, addmod(w3q3, addmod(w2q2, addmod(w1q1, w1w2qm, p), p), p), p), p + ) + + // if q_arith == 3 we evaluate an additional mini addition gate (on top of the regular one), where: + // w_1 + w_4 - w_1_omega + q_m = 0 + // we use this gate to save an addition gate when adding or subtracting non-native field elements + // α * (q_arith - 2) * (w_1 + w_4 - w_1_omega + q_m) + let extra_small_addition_gate_identity := + mulmod( + mload(C_ALPHA_LOC), + mulmod( + addmod(mload(QARITH_EVAL_LOC), sub(p, 2), p), + addmod( + mload(QM_EVAL_LOC), + addmod( + sub(p, mload(W1_OMEGA_EVAL_LOC)), addmod(mload(W1_EVAL_LOC), mload(W4_EVAL_LOC), p), p + ), + p + ), + p + ), + p + ) + + // if q_arith == 2 OR q_arith == 3 we add the 4th wire of the NEXT gate into the arithmetic identity + // N.B. if q_arith > 2, this wire value will be scaled by (q_arith - 1) relative to the other gate wires! + // alpha_base * q_arith * (identity + (q_arith - 1) * (w_4_omega + extra_small_addition_gate_identity)) + mstore( + ARITHMETIC_IDENTITY, + mulmod( + mload(C_ALPHA_BASE_LOC), + mulmod( + mload(QARITH_EVAL_LOC), + addmod( + identity, + mulmod( + addmod(mload(QARITH_EVAL_LOC), sub(p, 1), p), + addmod(mload(W4_OMEGA_EVAL_LOC), extra_small_addition_gate_identity, p), + p + ), + p + ), + p + ), + p + ) + ) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_SQR_LOC), p)) + } + + /** + * COMPUTE GENPERMSORT WIDGET EVALUATION + */ + { + /** + * D1 = (w2 - w1) + * D2 = (w3 - w2) + * D3 = (w4 - w3) + * D4 = (w1_omega - w4) + * + * α_a = alpha_base + * α_b = alpha_base * α + * α_c = alpha_base * α^2 + * α_d = alpha_base * α^3 + * + * range_accumulator = ( + * D1(D1 - 1)(D1 - 2)(D1 - 3).α_a + + * D2(D2 - 1)(D2 - 2)(D2 - 3).α_b + + * D3(D3 - 1)(D3 - 2)(D3 - 3).α_c + + * D4(D4 - 1)(D4 - 2)(D4 - 3).α_d + + * ) . q_sort + */ + let minus_two := sub(p, 2) + let minus_three := sub(p, 3) + let d1 := addmod(mload(W2_EVAL_LOC), sub(p, mload(W1_EVAL_LOC)), p) + let d2 := addmod(mload(W3_EVAL_LOC), sub(p, mload(W2_EVAL_LOC)), p) + let d3 := addmod(mload(W4_EVAL_LOC), sub(p, mload(W3_EVAL_LOC)), p) + let d4 := addmod(mload(W1_OMEGA_EVAL_LOC), sub(p, mload(W4_EVAL_LOC)), p) + + let range_accumulator := + mulmod( + mulmod( + mulmod(addmod(mulmod(d1, d1, p), sub(p, d1), p), addmod(d1, minus_two, p), p), + addmod(d1, minus_three, p), + p + ), + mload(C_ALPHA_BASE_LOC), + p + ) + range_accumulator := + addmod( + range_accumulator, + mulmod( + mulmod( + mulmod(addmod(mulmod(d2, d2, p), sub(p, d2), p), addmod(d2, minus_two, p), p), + addmod(d2, minus_three, p), + p + ), + mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p), + p + ), + p + ) + range_accumulator := + addmod( + range_accumulator, + mulmod( + mulmod( + mulmod(addmod(mulmod(d3, d3, p), sub(p, d3), p), addmod(d3, minus_two, p), p), + addmod(d3, minus_three, p), + p + ), + mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_SQR_LOC), p), + p + ), + p + ) + range_accumulator := + addmod( + range_accumulator, + mulmod( + mulmod( + mulmod(addmod(mulmod(d4, d4, p), sub(p, d4), p), addmod(d4, minus_two, p), p), + addmod(d4, minus_three, p), + p + ), + mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_CUBE_LOC), p), + p + ), + p + ) + range_accumulator := mulmod(range_accumulator, mload(QSORT_EVAL_LOC), p) + + mstore(SORT_IDENTITY, range_accumulator) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_QUAD_LOC), p)) + } + + /** + * COMPUTE ELLIPTIC WIDGET EVALUATION + */ + { + /** + * endo_term = (-x_2) * x_1 * (x_3 * 2 + x_1) * q_beta + * endo_sqr_term = x_2^2 + * endo_sqr_term *= (x_3 - x_1) + * endo_sqr_term *= q_beta^2 + * leftovers = x_2^2 + * leftovers *= x_2 + * leftovers += x_1^2 * (x_3 + x_1) @follow-up Invalid comment in BB widget + * leftovers -= (y_2^2 + y_1^2) + * sign_term = y_2 * y_1 + * sign_term += sign_term + * sign_term *= q_sign + */ + // q_elliptic * (x3 + x2 + x1)(x2 - x1)(x2 - x1) - y2^2 - y1^2 + 2(y2y1)*q_sign = 0 + let x_diff := addmod(mload(X2_EVAL_LOC), sub(p, mload(X1_EVAL_LOC)), p) + let y2_sqr := mulmod(mload(Y2_EVAL_LOC), mload(Y2_EVAL_LOC), p) + let y1_sqr := mulmod(mload(Y1_EVAL_LOC), mload(Y1_EVAL_LOC), p) + let y1y2 := mulmod(mulmod(mload(Y1_EVAL_LOC), mload(Y2_EVAL_LOC), p), mload(QSIGN_LOC), p) + + let x_add_identity := + addmod( + mulmod( + addmod(mload(X3_EVAL_LOC), addmod(mload(X2_EVAL_LOC), mload(X1_EVAL_LOC), p), p), + mulmod(x_diff, x_diff, p), + p + ), + addmod( + sub( + p, + addmod(y2_sqr, y1_sqr, p) + ), + addmod(y1y2, y1y2, p), + p + ), + p + ) + x_add_identity := + mulmod( + mulmod( + x_add_identity, + addmod( + 1, + sub(p, mload(QM_EVAL_LOC)), + p + ), + p + ), + mload(C_ALPHA_BASE_LOC), + p + ) + + // q_elliptic * (x3 + x2 + x1)(x2 - x1)(x2 - x1) - y2^2 - y1^2 + 2(y2y1)*q_sign = 0 + let y1_plus_y3 := addmod( + mload(Y1_EVAL_LOC), + mload(Y3_EVAL_LOC), + p + ) + let y_diff := addmod(mulmod(mload(Y2_EVAL_LOC), mload(QSIGN_LOC), p), sub(p, mload(Y1_EVAL_LOC)), p) + let y_add_identity := + addmod( + mulmod(y1_plus_y3, x_diff, p), + mulmod(addmod(mload(X3_EVAL_LOC), sub(p, mload(X1_EVAL_LOC)), p), y_diff, p), + p + ) + y_add_identity := + mulmod( + mulmod(y_add_identity, addmod(1, sub(p, mload(QM_EVAL_LOC)), p), p), + mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p), + p + ) + + // ELLIPTIC_IDENTITY = (x_identity + y_identity) * Q_ELLIPTIC_EVAL + mstore( + ELLIPTIC_IDENTITY, mulmod(addmod(x_add_identity, y_add_identity, p), mload(QELLIPTIC_EVAL_LOC), p) + ) + } + { + /** + * x_pow_4 = (y_1_sqr - curve_b) * x_1; + * y_1_sqr_mul_4 = y_1_sqr + y_1_sqr; + * y_1_sqr_mul_4 += y_1_sqr_mul_4; + * x_1_pow_4_mul_9 = x_pow_4; + * x_1_pow_4_mul_9 += x_1_pow_4_mul_9; + * x_1_pow_4_mul_9 += x_1_pow_4_mul_9; + * x_1_pow_4_mul_9 += x_1_pow_4_mul_9; + * x_1_pow_4_mul_9 += x_pow_4; + * x_1_sqr_mul_3 = x_1_sqr + x_1_sqr + x_1_sqr; + * x_double_identity = (x_3 + x_1 + x_1) * y_1_sqr_mul_4 - x_1_pow_4_mul_9; + * y_double_identity = x_1_sqr_mul_3 * (x_1 - x_3) - (y_1 + y_1) * (y_1 + y_3); + */ + // (x3 + x1 + x1) (4y1*y1) - 9 * x1 * x1 * x1 * x1 = 0 + let x1_sqr := mulmod(mload(X1_EVAL_LOC), mload(X1_EVAL_LOC), p) + let y1_sqr := mulmod(mload(Y1_EVAL_LOC), mload(Y1_EVAL_LOC), p) + let x_pow_4 := mulmod(addmod(y1_sqr, GRUMPKIN_CURVE_B_PARAMETER_NEGATED, p), mload(X1_EVAL_LOC), p) + let y1_sqr_mul_4 := mulmod(y1_sqr, 4, p) + let x1_pow_4_mul_9 := mulmod(x_pow_4, 9, p) + let x1_sqr_mul_3 := mulmod(x1_sqr, 3, p) + let x_double_identity := + addmod( + mulmod( + addmod(mload(X3_EVAL_LOC), addmod(mload(X1_EVAL_LOC), mload(X1_EVAL_LOC), p), p), + y1_sqr_mul_4, + p + ), + sub(p, x1_pow_4_mul_9), + p + ) + // (y1 + y1) (2y1) - (3 * x1 * x1)(x1 - x3) = 0 + let y_double_identity := + addmod( + mulmod(x1_sqr_mul_3, addmod(mload(X1_EVAL_LOC), sub(p, mload(X3_EVAL_LOC)), p), p), + sub( + p, + mulmod( + addmod(mload(Y1_EVAL_LOC), mload(Y1_EVAL_LOC), p), + addmod(mload(Y1_EVAL_LOC), mload(Y3_EVAL_LOC), p), + p + ) + ), + p + ) + x_double_identity := mulmod(x_double_identity, mload(C_ALPHA_BASE_LOC), p) + y_double_identity := + mulmod(y_double_identity, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p), p) + x_double_identity := mulmod(x_double_identity, mload(QM_EVAL_LOC), p) + y_double_identity := mulmod(y_double_identity, mload(QM_EVAL_LOC), p) + // ELLIPTIC_IDENTITY += (x_double_identity + y_double_identity) * Q_DOUBLE_EVAL + mstore( + ELLIPTIC_IDENTITY, + addmod( + mload(ELLIPTIC_IDENTITY), + mulmod(addmod(x_double_identity, y_double_identity, p), mload(QELLIPTIC_EVAL_LOC), p), + p + ) + ) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_QUAD_LOC), p)) + } + + /** + * COMPUTE AUXILIARY WIDGET EVALUATION + */ + { + { + /** + * Non native field arithmetic gate 2 + * _ _ + * / _ _ _ 14 \ + * q_2 . q_4 | (w_1 . w_2) + (w_1 . w_2) + (w_1 . w_4 + w_2 . w_3 - w_3) . 2 - w_3 - w_4 | + * \_ _/ + * + * limb_subproduct = w_1 . w_2_omega + w_1_omega . w_2 + * non_native_field_gate_2 = w_1 * w_4 + w_4 * w_3 - w_3_omega + * non_native_field_gate_2 = non_native_field_gate_2 * limb_size + * non_native_field_gate_2 -= w_4_omega + * non_native_field_gate_2 += limb_subproduct + * non_native_field_gate_2 *= q_4 + * limb_subproduct *= limb_size + * limb_subproduct += w_1_omega * w_2_omega + * non_native_field_gate_1 = (limb_subproduct + w_3 + w_4) * q_3 + * non_native_field_gate_3 = (limb_subproduct + w_4 - (w_3_omega + w_4_omega)) * q_m + * non_native_field_identity = (non_native_field_gate_1 + non_native_field_gate_2 + non_native_field_gate_3) * q_2 + */ + + let limb_subproduct := + addmod( + mulmod(mload(W1_EVAL_LOC), mload(W2_OMEGA_EVAL_LOC), p), + mulmod(mload(W1_OMEGA_EVAL_LOC), mload(W2_EVAL_LOC), p), + p + ) + + let non_native_field_gate_2 := + addmod( + addmod( + mulmod(mload(W1_EVAL_LOC), mload(W4_EVAL_LOC), p), + mulmod(mload(W2_EVAL_LOC), mload(W3_EVAL_LOC), p), + p + ), + sub(p, mload(W3_OMEGA_EVAL_LOC)), + p + ) + non_native_field_gate_2 := mulmod(non_native_field_gate_2, LIMB_SIZE, p) + non_native_field_gate_2 := addmod(non_native_field_gate_2, sub(p, mload(W4_OMEGA_EVAL_LOC)), p) + non_native_field_gate_2 := addmod(non_native_field_gate_2, limb_subproduct, p) + non_native_field_gate_2 := mulmod(non_native_field_gate_2, mload(Q4_EVAL_LOC), p) + limb_subproduct := mulmod(limb_subproduct, LIMB_SIZE, p) + limb_subproduct := + addmod(limb_subproduct, mulmod(mload(W1_OMEGA_EVAL_LOC), mload(W2_OMEGA_EVAL_LOC), p), p) + let non_native_field_gate_1 := + mulmod( + addmod(limb_subproduct, sub(p, addmod(mload(W3_EVAL_LOC), mload(W4_EVAL_LOC), p)), p), + mload(Q3_EVAL_LOC), + p + ) + let non_native_field_gate_3 := + mulmod( + addmod( + addmod(limb_subproduct, mload(W4_EVAL_LOC), p), + sub(p, addmod(mload(W3_OMEGA_EVAL_LOC), mload(W4_OMEGA_EVAL_LOC), p)), + p + ), + mload(QM_EVAL_LOC), + p + ) + let non_native_field_identity := + mulmod( + addmod(addmod(non_native_field_gate_1, non_native_field_gate_2, p), non_native_field_gate_3, p), + mload(Q2_EVAL_LOC), + p + ) + + mstore(AUX_NON_NATIVE_FIELD_EVALUATION, non_native_field_identity) + } + + { + /** + * limb_accumulator_1 = w_2_omega; + * limb_accumulator_1 *= SUBLIMB_SHIFT; + * limb_accumulator_1 += w_1_omega; + * limb_accumulator_1 *= SUBLIMB_SHIFT; + * limb_accumulator_1 += w_3; + * limb_accumulator_1 *= SUBLIMB_SHIFT; + * limb_accumulator_1 += w_2; + * limb_accumulator_1 *= SUBLIMB_SHIFT; + * limb_accumulator_1 += w_1; + * limb_accumulator_1 -= w_4; + * limb_accumulator_1 *= q_4; + */ + let limb_accumulator_1 := mulmod(mload(W2_OMEGA_EVAL_LOC), SUBLIMB_SHIFT, p) + limb_accumulator_1 := addmod(limb_accumulator_1, mload(W1_OMEGA_EVAL_LOC), p) + limb_accumulator_1 := mulmod(limb_accumulator_1, SUBLIMB_SHIFT, p) + limb_accumulator_1 := addmod(limb_accumulator_1, mload(W3_EVAL_LOC), p) + limb_accumulator_1 := mulmod(limb_accumulator_1, SUBLIMB_SHIFT, p) + limb_accumulator_1 := addmod(limb_accumulator_1, mload(W2_EVAL_LOC), p) + limb_accumulator_1 := mulmod(limb_accumulator_1, SUBLIMB_SHIFT, p) + limb_accumulator_1 := addmod(limb_accumulator_1, mload(W1_EVAL_LOC), p) + limb_accumulator_1 := addmod(limb_accumulator_1, sub(p, mload(W4_EVAL_LOC)), p) + limb_accumulator_1 := mulmod(limb_accumulator_1, mload(Q4_EVAL_LOC), p) + + /** + * limb_accumulator_2 = w_3_omega; + * limb_accumulator_2 *= SUBLIMB_SHIFT; + * limb_accumulator_2 += w_2_omega; + * limb_accumulator_2 *= SUBLIMB_SHIFT; + * limb_accumulator_2 += w_1_omega; + * limb_accumulator_2 *= SUBLIMB_SHIFT; + * limb_accumulator_2 += w_4; + * limb_accumulator_2 *= SUBLIMB_SHIFT; + * limb_accumulator_2 += w_3; + * limb_accumulator_2 -= w_4_omega; + * limb_accumulator_2 *= q_m; + */ + let limb_accumulator_2 := mulmod(mload(W3_OMEGA_EVAL_LOC), SUBLIMB_SHIFT, p) + limb_accumulator_2 := addmod(limb_accumulator_2, mload(W2_OMEGA_EVAL_LOC), p) + limb_accumulator_2 := mulmod(limb_accumulator_2, SUBLIMB_SHIFT, p) + limb_accumulator_2 := addmod(limb_accumulator_2, mload(W1_OMEGA_EVAL_LOC), p) + limb_accumulator_2 := mulmod(limb_accumulator_2, SUBLIMB_SHIFT, p) + limb_accumulator_2 := addmod(limb_accumulator_2, mload(W4_EVAL_LOC), p) + limb_accumulator_2 := mulmod(limb_accumulator_2, SUBLIMB_SHIFT, p) + limb_accumulator_2 := addmod(limb_accumulator_2, mload(W3_EVAL_LOC), p) + limb_accumulator_2 := addmod(limb_accumulator_2, sub(p, mload(W4_OMEGA_EVAL_LOC)), p) + limb_accumulator_2 := mulmod(limb_accumulator_2, mload(QM_EVAL_LOC), p) + + mstore( + AUX_LIMB_ACCUMULATOR_EVALUATION, + mulmod(addmod(limb_accumulator_1, limb_accumulator_2, p), mload(Q3_EVAL_LOC), p) + ) + } + + { + /** + * memory_record_check = w_3; + * memory_record_check *= eta; + * memory_record_check += w_2; + * memory_record_check *= eta; + * memory_record_check += w_1; + * memory_record_check *= eta; + * memory_record_check += q_c; + * + * partial_record_check = memory_record_check; + * + * memory_record_check -= w_4; + */ + + let memory_record_check := mulmod(mload(W3_EVAL_LOC), mload(C_ETA_LOC), p) + memory_record_check := addmod(memory_record_check, mload(W2_EVAL_LOC), p) + memory_record_check := mulmod(memory_record_check, mload(C_ETA_LOC), p) + memory_record_check := addmod(memory_record_check, mload(W1_EVAL_LOC), p) + memory_record_check := mulmod(memory_record_check, mload(C_ETA_LOC), p) + memory_record_check := addmod(memory_record_check, mload(QC_EVAL_LOC), p) + + let partial_record_check := memory_record_check + memory_record_check := addmod(memory_record_check, sub(p, mload(W4_EVAL_LOC)), p) + + mstore(AUX_MEMORY_EVALUATION, memory_record_check) + + // index_delta = w_1_omega - w_1 + let index_delta := addmod(mload(W1_OMEGA_EVAL_LOC), sub(p, mload(W1_EVAL_LOC)), p) + // record_delta = w_4_omega - w_4 + let record_delta := addmod(mload(W4_OMEGA_EVAL_LOC), sub(p, mload(W4_EVAL_LOC)), p) + // index_is_monotonically_increasing = index_delta * (index_delta - 1) + let index_is_monotonically_increasing := mulmod(index_delta, addmod(index_delta, sub(p, 1), p), p) + + // adjacent_values_match_if_adjacent_indices_match = record_delta * (1 - index_delta) + let adjacent_values_match_if_adjacent_indices_match := + mulmod(record_delta, addmod(1, sub(p, index_delta), p), p) + + // AUX_ROM_CONSISTENCY_EVALUATION = ((adjacent_values_match_if_adjacent_indices_match * alpha) + index_is_monotonically_increasing) * alpha + partial_record_check + mstore( + AUX_ROM_CONSISTENCY_EVALUATION, + addmod( + mulmod( + addmod( + mulmod(adjacent_values_match_if_adjacent_indices_match, mload(C_ALPHA_LOC), p), + index_is_monotonically_increasing, + p + ), + mload(C_ALPHA_LOC), + p + ), + memory_record_check, + p + ) + ) + + { + /** + * next_gate_access_type = w_3_omega; + * next_gate_access_type *= eta; + * next_gate_access_type += w_2_omega; + * next_gate_access_type *= eta; + * next_gate_access_type += w_1_omega; + * next_gate_access_type *= eta; + * next_gate_access_type = w_4_omega - next_gate_access_type; + */ + let next_gate_access_type := mulmod(mload(W3_OMEGA_EVAL_LOC), mload(C_ETA_LOC), p) + next_gate_access_type := addmod(next_gate_access_type, mload(W2_OMEGA_EVAL_LOC), p) + next_gate_access_type := mulmod(next_gate_access_type, mload(C_ETA_LOC), p) + next_gate_access_type := addmod(next_gate_access_type, mload(W1_OMEGA_EVAL_LOC), p) + next_gate_access_type := mulmod(next_gate_access_type, mload(C_ETA_LOC), p) + next_gate_access_type := addmod(mload(W4_OMEGA_EVAL_LOC), sub(p, next_gate_access_type), p) + + // value_delta = w_3_omega - w_3 + let value_delta := addmod(mload(W3_OMEGA_EVAL_LOC), sub(p, mload(W3_EVAL_LOC)), p) + // adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation = (1 - index_delta) * value_delta * (1 - next_gate_access_type); + + let adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation := + mulmod( + addmod(1, sub(p, index_delta), p), + mulmod(value_delta, addmod(1, sub(p, next_gate_access_type), p), p), + p + ) + + // AUX_RAM_CONSISTENCY_EVALUATION + + /** + * access_type = w_4 - partial_record_check + * access_check = access_type^2 - access_type + * next_gate_access_type_is_boolean = next_gate_access_type^2 - next_gate_access_type + * RAM_consistency_check_identity = adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation; + * RAM_consistency_check_identity *= alpha; + * RAM_consistency_check_identity += index_is_monotonically_increasing; + * RAM_consistency_check_identity *= alpha; + * RAM_consistency_check_identity += next_gate_access_type_is_boolean; + * RAM_consistency_check_identity *= alpha; + * RAM_consistency_check_identity += access_check; + */ + + let access_type := addmod(mload(W4_EVAL_LOC), sub(p, partial_record_check), p) + let access_check := mulmod(access_type, addmod(access_type, sub(p, 1), p), p) + let next_gate_access_type_is_boolean := + mulmod(next_gate_access_type, addmod(next_gate_access_type, sub(p, 1), p), p) + let RAM_cci := + mulmod( + adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation, + mload(C_ALPHA_LOC), + p + ) + RAM_cci := addmod(RAM_cci, index_is_monotonically_increasing, p) + RAM_cci := mulmod(RAM_cci, mload(C_ALPHA_LOC), p) + RAM_cci := addmod(RAM_cci, next_gate_access_type_is_boolean, p) + RAM_cci := mulmod(RAM_cci, mload(C_ALPHA_LOC), p) + RAM_cci := addmod(RAM_cci, access_check, p) + + mstore(AUX_RAM_CONSISTENCY_EVALUATION, RAM_cci) + } + + { + // timestamp_delta = w_2_omega - w_2 + let timestamp_delta := addmod(mload(W2_OMEGA_EVAL_LOC), sub(p, mload(W2_EVAL_LOC)), p) + + // RAM_timestamp_check_identity = (1 - index_delta) * timestamp_delta - w_3 + let RAM_timestamp_check_identity := + addmod( + mulmod(timestamp_delta, addmod(1, sub(p, index_delta), p), p), sub(p, mload(W3_EVAL_LOC)), p + ) + + /** + * memory_identity = ROM_consistency_check_identity * q_2; + * memory_identity += RAM_timestamp_check_identity * q_4; + * memory_identity += memory_record_check * q_m; + * memory_identity *= q_1; + * memory_identity += (RAM_consistency_check_identity * q_arith); + * + * auxiliary_identity = memory_identity + non_native_field_identity + limb_accumulator_identity; + * auxiliary_identity *= q_aux; + * auxiliary_identity *= alpha_base; + */ + let memory_identity := mulmod(mload(AUX_ROM_CONSISTENCY_EVALUATION), mload(Q2_EVAL_LOC), p) + memory_identity := + addmod(memory_identity, mulmod(RAM_timestamp_check_identity, mload(Q4_EVAL_LOC), p), p) + memory_identity := + addmod(memory_identity, mulmod(mload(AUX_MEMORY_EVALUATION), mload(QM_EVAL_LOC), p), p) + memory_identity := mulmod(memory_identity, mload(Q1_EVAL_LOC), p) + memory_identity := + addmod( + memory_identity, mulmod(mload(AUX_RAM_CONSISTENCY_EVALUATION), mload(QARITH_EVAL_LOC), p), p + ) + + let auxiliary_identity := addmod(memory_identity, mload(AUX_NON_NATIVE_FIELD_EVALUATION), p) + auxiliary_identity := addmod(auxiliary_identity, mload(AUX_LIMB_ACCUMULATOR_EVALUATION), p) + auxiliary_identity := mulmod(auxiliary_identity, mload(QAUX_EVAL_LOC), p) + auxiliary_identity := mulmod(auxiliary_identity, mload(C_ALPHA_BASE_LOC), p) + + mstore(AUX_IDENTITY, auxiliary_identity) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_CUBE_LOC), p)) + } + } + } + + { + /** + * quotient = ARITHMETIC_IDENTITY + * quotient += PERMUTATION_IDENTITY + * quotient += PLOOKUP_IDENTITY + * quotient += SORT_IDENTITY + * quotient += ELLIPTIC_IDENTITY + * quotient += AUX_IDENTITY + * quotient *= ZERO_POLY_INVERSE + */ + mstore( + QUOTIENT_EVAL_LOC, + mulmod( + addmod( + addmod( + addmod( + addmod( + addmod(mload(PERMUTATION_IDENTITY), mload(PLOOKUP_IDENTITY), p), + mload(ARITHMETIC_IDENTITY), + p + ), + mload(SORT_IDENTITY), + p + ), + mload(ELLIPTIC_IDENTITY), + p + ), + mload(AUX_IDENTITY), + p + ), + mload(ZERO_POLY_INVERSE_LOC), + p + ) + ) + } + + /** + * GENERATE NU AND SEPARATOR CHALLENGES + */ + { + let current_challenge := mload(C_CURRENT_LOC) + // get a calldata pointer that points to the start of the data we want to copy + let calldata_ptr := add(calldataload(0x04), 0x24) + + calldata_ptr := add(calldata_ptr, NU_CALLDATA_SKIP_LENGTH) + + mstore(NU_CHALLENGE_INPUT_LOC_A, current_challenge) + mstore(NU_CHALLENGE_INPUT_LOC_B, mload(QUOTIENT_EVAL_LOC)) + calldatacopy(NU_CHALLENGE_INPUT_LOC_C, calldata_ptr, NU_INPUT_LENGTH) + + // hash length = (0x20 + num field elements), we include the previous challenge in the hash + let challenge := keccak256(NU_CHALLENGE_INPUT_LOC_A, add(NU_INPUT_LENGTH, 0x40)) + + mstore(C_V0_LOC, mod(challenge, p)) + // We need THIRTY-ONE independent nu challenges! + mstore(0x00, challenge) + mstore8(0x20, 0x01) + mstore(C_V1_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x02) + mstore(C_V2_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x03) + mstore(C_V3_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x04) + mstore(C_V4_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x05) + mstore(C_V5_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x06) + mstore(C_V6_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x07) + mstore(C_V7_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x08) + mstore(C_V8_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x09) + mstore(C_V9_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0a) + mstore(C_V10_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0b) + mstore(C_V11_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0c) + mstore(C_V12_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0d) + mstore(C_V13_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0e) + mstore(C_V14_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0f) + mstore(C_V15_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x10) + mstore(C_V16_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x11) + mstore(C_V17_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x12) + mstore(C_V18_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x13) + mstore(C_V19_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x14) + mstore(C_V20_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x15) + mstore(C_V21_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x16) + mstore(C_V22_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x17) + mstore(C_V23_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x18) + mstore(C_V24_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x19) + mstore(C_V25_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x1a) + mstore(C_V26_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x1b) + mstore(C_V27_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x1c) + mstore(C_V28_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x1d) + mstore(C_V29_LOC, mod(keccak256(0x00, 0x21), p)) + + // @follow-up - Why are both v29 and v30 using appending 0x1d to the prior challenge and hashing, should it not change? + mstore8(0x20, 0x1d) + challenge := keccak256(0x00, 0x21) + mstore(C_V30_LOC, mod(challenge, p)) + + // separator + mstore(0x00, challenge) + mstore(0x20, mload(PI_Z_Y_LOC)) + mstore(0x40, mload(PI_Z_X_LOC)) + mstore(0x60, mload(PI_Z_OMEGA_Y_LOC)) + mstore(0x80, mload(PI_Z_OMEGA_X_LOC)) + + mstore(C_U_LOC, mod(keccak256(0x00, 0xa0), p)) + } + + let success := 0 + // VALIDATE T1 + { + let x := mload(T1_X_LOC) + let y := mload(T1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(ACCUMULATOR_X_LOC, x) + mstore(add(ACCUMULATOR_X_LOC, 0x20), y) + } + // VALIDATE T2 + { + let x := mload(T2_X_LOC) // 0x1400 + let y := mload(T2_Y_LOC) // 0x1420 + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(ZETA_POW_N_LOC)) + // accumulator_2 = [T2].zeta^n + success := staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40) + // accumulator = [T1] + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE T3 + { + let x := mload(T3_X_LOC) + let y := mload(T3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(mload(ZETA_POW_N_LOC), mload(ZETA_POW_N_LOC), p)) + // accumulator_2 = [T3].zeta^{2n} + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE T4 + { + let x := mload(T4_X_LOC) + let y := mload(T4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(mulmod(mload(ZETA_POW_N_LOC), mload(ZETA_POW_N_LOC), p), mload(ZETA_POW_N_LOC), p)) + // accumulator_2 = [T4].zeta^{3n} + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE W1 + { + let x := mload(W1_X_LOC) + let y := mload(W1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V0_LOC), p)) + // accumulator_2 = v0.(u + 1).[W1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE W2 + { + let x := mload(W2_X_LOC) + let y := mload(W2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V1_LOC), p)) + // accumulator_2 = v1.(u + 1).[W2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE W3 + { + let x := mload(W3_X_LOC) + let y := mload(W3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V2_LOC), p)) + // accumulator_2 = v2.(u + 1).[W3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE W4 + { + let x := mload(W4_X_LOC) + let y := mload(W4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V3_LOC), p)) + // accumulator_2 = v3.(u + 1).[W4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE S + { + let x := mload(S_X_LOC) + let y := mload(S_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V4_LOC), p)) + // accumulator_2 = v4.(u + 1).[S] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Z + { + let x := mload(Z_X_LOC) + let y := mload(Z_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V5_LOC), p)) + // accumulator_2 = v5.(u + 1).[Z] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Z_LOOKUP + { + let x := mload(Z_LOOKUP_X_LOC) + let y := mload(Z_LOOKUP_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V6_LOC), p)) + // accumulator_2 = v6.(u + 1).[Z_LOOKUP] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Q1 + { + let x := mload(Q1_X_LOC) + let y := mload(Q1_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V7_LOC)) + // accumulator_2 = v7.[Q1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Q2 + { + let x := mload(Q2_X_LOC) + let y := mload(Q2_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V8_LOC)) + // accumulator_2 = v8.[Q2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Q3 + { + let x := mload(Q3_X_LOC) + let y := mload(Q3_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V9_LOC)) + // accumulator_2 = v9.[Q3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Q4 + { + let x := mload(Q4_X_LOC) + let y := mload(Q4_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V10_LOC)) + // accumulator_2 = v10.[Q4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QM + { + let x := mload(QM_X_LOC) + let y := mload(QM_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V11_LOC)) + // accumulator_2 = v11.[Q;] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QC + { + let x := mload(QC_X_LOC) + let y := mload(QC_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V12_LOC)) + // accumulator_2 = v12.[QC] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QARITH + { + let x := mload(QARITH_X_LOC) + let y := mload(QARITH_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V13_LOC)) + // accumulator_2 = v13.[QARITH] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QSORT + { + let x := mload(QSORT_X_LOC) + let y := mload(QSORT_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V14_LOC)) + // accumulator_2 = v14.[QSORT] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QELLIPTIC + { + let x := mload(QELLIPTIC_X_LOC) + let y := mload(QELLIPTIC_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V15_LOC)) + // accumulator_2 = v15.[QELLIPTIC] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QAUX + { + let x := mload(QAUX_X_LOC) + let y := mload(QAUX_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V16_LOC)) + // accumulator_2 = v15.[Q_AUX] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE SIGMA1 + { + let x := mload(SIGMA1_X_LOC) + let y := mload(SIGMA1_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V17_LOC)) + // accumulator_2 = v17.[sigma1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE SIGMA2 + { + let x := mload(SIGMA2_X_LOC) + let y := mload(SIGMA2_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V18_LOC)) + // accumulator_2 = v18.[sigma2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE SIGMA3 + { + let x := mload(SIGMA3_X_LOC) + let y := mload(SIGMA3_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V19_LOC)) + // accumulator_2 = v19.[sigma3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE SIGMA4 + { + let x := mload(SIGMA4_X_LOC) + let y := mload(SIGMA4_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V20_LOC)) + // accumulator_2 = v20.[sigma4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE1 + { + let x := mload(TABLE1_X_LOC) + let y := mload(TABLE1_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V21_LOC), p)) + // accumulator_2 = u.[table1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE2 + { + let x := mload(TABLE2_X_LOC) + let y := mload(TABLE2_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V22_LOC), p)) + // accumulator_2 = u.[table2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE3 + { + let x := mload(TABLE3_X_LOC) + let y := mload(TABLE3_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V23_LOC), p)) + // accumulator_2 = u.[table3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE4 + { + let x := mload(TABLE4_X_LOC) + let y := mload(TABLE4_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V24_LOC), p)) + // accumulator_2 = u.[table4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE_TYPE + { + let x := mload(TABLE_TYPE_X_LOC) + let y := mload(TABLE_TYPE_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V25_LOC)) + // accumulator_2 = v25.[TableType] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE ID1 + { + let x := mload(ID1_X_LOC) + let y := mload(ID1_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V26_LOC)) + // accumulator_2 = v26.[ID1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE ID2 + { + let x := mload(ID2_X_LOC) + let y := mload(ID2_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V27_LOC)) + // accumulator_2 = v27.[ID2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE ID3 + { + let x := mload(ID3_X_LOC) + let y := mload(ID3_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V28_LOC)) + // accumulator_2 = v28.[ID3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE ID4 + { + let x := mload(ID4_X_LOC) + let y := mload(ID4_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V29_LOC)) + // accumulator_2 = v29.[ID4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + /** + * COMPUTE BATCH EVALUATION SCALAR MULTIPLIER + */ + { + /** + * batch_evaluation = v0 * (w_1_omega * u + w_1_eval) + * batch_evaluation += v1 * (w_2_omega * u + w_2_eval) + * batch_evaluation += v2 * (w_3_omega * u + w_3_eval) + * batch_evaluation += v3 * (w_4_omega * u + w_4_eval) + * batch_evaluation += v4 * (s_omega_eval * u + s_eval) + * batch_evaluation += v5 * (z_omega_eval * u + z_eval) + * batch_evaluation += v6 * (z_lookup_omega_eval * u + z_lookup_eval) + */ + let batch_evaluation := + mulmod( + mload(C_V0_LOC), + addmod(mulmod(mload(W1_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W1_EVAL_LOC), p), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V1_LOC), + addmod(mulmod(mload(W2_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W2_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V2_LOC), + addmod(mulmod(mload(W3_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W3_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V3_LOC), + addmod(mulmod(mload(W4_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W4_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V4_LOC), + addmod(mulmod(mload(S_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(S_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V5_LOC), + addmod(mulmod(mload(Z_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(Z_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V6_LOC), + addmod(mulmod(mload(Z_LOOKUP_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(Z_LOOKUP_EVAL_LOC), p), + p + ), + p + ) + + /** + * batch_evaluation += v7 * Q1_EVAL + * batch_evaluation += v8 * Q2_EVAL + * batch_evaluation += v9 * Q3_EVAL + * batch_evaluation += v10 * Q4_EVAL + * batch_evaluation += v11 * QM_EVAL + * batch_evaluation += v12 * QC_EVAL + * batch_evaluation += v13 * QARITH_EVAL + * batch_evaluation += v14 * QSORT_EVAL_LOC + * batch_evaluation += v15 * QELLIPTIC_EVAL_LOC + * batch_evaluation += v16 * QAUX_EVAL_LOC + * batch_evaluation += v17 * SIGMA1_EVAL_LOC + * batch_evaluation += v18 * SIGMA2_EVAL_LOC + * batch_evaluation += v19 * SIGMA3_EVAL_LOC + * batch_evaluation += v20 * SIGMA4_EVAL_LOC + */ + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V7_LOC), mload(Q1_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V8_LOC), mload(Q2_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V9_LOC), mload(Q3_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V10_LOC), mload(Q4_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V11_LOC), mload(QM_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V12_LOC), mload(QC_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V13_LOC), mload(QARITH_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V14_LOC), mload(QSORT_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V15_LOC), mload(QELLIPTIC_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V16_LOC), mload(QAUX_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V17_LOC), mload(SIGMA1_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V18_LOC), mload(SIGMA2_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V19_LOC), mload(SIGMA3_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V20_LOC), mload(SIGMA4_EVAL_LOC), p), p) + + /** + * batch_evaluation += v21 * (table1(zw) * u + table1(z)) + * batch_evaluation += v22 * (table2(zw) * u + table2(z)) + * batch_evaluation += v23 * (table3(zw) * u + table3(z)) + * batch_evaluation += v24 * (table4(zw) * u + table4(z)) + * batch_evaluation += v25 * table_type_eval + * batch_evaluation += v26 * id1_eval + * batch_evaluation += v27 * id2_eval + * batch_evaluation += v28 * id3_eval + * batch_evaluation += v29 * id4_eval + * batch_evaluation += quotient_eval + */ + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V21_LOC), + addmod(mulmod(mload(TABLE1_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE1_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V22_LOC), + addmod(mulmod(mload(TABLE2_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE2_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V23_LOC), + addmod(mulmod(mload(TABLE3_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE3_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V24_LOC), + addmod(mulmod(mload(TABLE4_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE4_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V25_LOC), mload(TABLE_TYPE_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V26_LOC), mload(ID1_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V27_LOC), mload(ID2_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V28_LOC), mload(ID3_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V29_LOC), mload(ID4_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mload(QUOTIENT_EVAL_LOC), p) + + mstore(0x00, 0x01) // [1].x + mstore(0x20, 0x02) // [1].y + mstore(0x40, sub(p, batch_evaluation)) + // accumulator_2 = -[1].(batch_evaluation) + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + if iszero(success) { + mstore(0x0, OPENING_COMMITMENT_FAILED_SELECTOR) + revert(0x00, 0x04) + } + } + + /** + * PERFORM PAIRING PREAMBLE + */ + { + let u := mload(C_U_LOC) + let zeta := mload(C_ZETA_LOC) + // VALIDATE PI_Z + { + let x := mload(PI_Z_X_LOC) + let y := mload(PI_Z_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + // compute zeta.[PI_Z] and add into accumulator + mstore(0x40, zeta) + success := staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE PI_Z_OMEGA + { + let x := mload(PI_Z_OMEGA_X_LOC) + let y := mload(PI_Z_OMEGA_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(mulmod(u, zeta, p), mload(OMEGA_LOC), p)) + // accumulator_2 = u.zeta.omega.[PI_Z_OMEGA] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // PAIRING_RHS = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, PAIRING_RHS_X_LOC, 0x40)) + + mstore(0x00, mload(PI_Z_X_LOC)) + mstore(0x20, mload(PI_Z_Y_LOC)) + mstore(0x40, mload(PI_Z_OMEGA_X_LOC)) + mstore(0x60, mload(PI_Z_OMEGA_Y_LOC)) + mstore(0x80, u) + success := and(success, staticcall(gas(), 7, 0x40, 0x60, 0x40, 0x40)) + // PAIRING_LHS = [PI_Z] + [PI_Z_OMEGA] * u + success := and(success, staticcall(gas(), 6, 0x00, 0x80, PAIRING_LHS_X_LOC, 0x40)) + // negate lhs y-coordinate + mstore(PAIRING_LHS_Y_LOC, sub(q, mload(PAIRING_LHS_Y_LOC))) + + if mload(CONTAINS_RECURSIVE_PROOF_LOC) { + // VALIDATE RECURSIVE P1 + { + let x := mload(RECURSIVE_P1_X_LOC) + let y := mload(RECURSIVE_P1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + + // compute u.u.[recursive_p1] and write into 0x60 + mstore(0x40, mulmod(u, u, p)) + success := and(success, staticcall(gas(), 7, 0x00, 0x60, 0x60, 0x40)) + // VALIDATE RECURSIVE P2 + { + let x := mload(RECURSIVE_P2_X_LOC) + let y := mload(RECURSIVE_P2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + // compute u.u.[recursive_p2] and write into 0x00 + // 0x40 still contains u*u + success := and(success, staticcall(gas(), 7, 0x00, 0x60, 0x00, 0x40)) + + // compute u.u.[recursiveP1] + rhs and write into rhs + mstore(0xa0, mload(PAIRING_RHS_X_LOC)) + mstore(0xc0, mload(PAIRING_RHS_Y_LOC)) + success := and(success, staticcall(gas(), 6, 0x60, 0x80, PAIRING_RHS_X_LOC, 0x40)) + + // compute u.u.[recursiveP2] + lhs and write into lhs + mstore(0x40, mload(PAIRING_LHS_X_LOC)) + mstore(0x60, mload(PAIRING_LHS_Y_LOC)) + success := and(success, staticcall(gas(), 6, 0x00, 0x80, PAIRING_LHS_X_LOC, 0x40)) + } + + if iszero(success) { + mstore(0x0, PAIRING_PREAMBLE_FAILED_SELECTOR) + revert(0x00, 0x04) + } + } + + /** + * PERFORM PAIRING + */ + { + // rhs paired with [1]_2 + // lhs paired with [x]_2 + + mstore(0x00, mload(PAIRING_RHS_X_LOC)) + mstore(0x20, mload(PAIRING_RHS_Y_LOC)) + mstore(0x40, 0x198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c2) // this is [1]_2 + mstore(0x60, 0x1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed) + mstore(0x80, 0x090689d0585ff075ec9e99ad690c3395bc4b313370b38ef355acdadcd122975b) + mstore(0xa0, 0x12c85ea5db8c6deb4aab71808dcb408fe3d1e7690c43d37b4ce6cc0166fa7daa) + + mstore(0xc0, mload(PAIRING_LHS_X_LOC)) + mstore(0xe0, mload(PAIRING_LHS_Y_LOC)) + mstore(0x100, mload(G2X_X0_LOC)) + mstore(0x120, mload(G2X_X1_LOC)) + mstore(0x140, mload(G2X_Y0_LOC)) + mstore(0x160, mload(G2X_Y1_LOC)) + + success := staticcall(gas(), 8, 0x00, 0x180, 0x00, 0x20) + if iszero(and(success, mload(0x00))) { + mstore(0x0, PAIRING_FAILED_SELECTOR) + revert(0x00, 0x04) + } + } + + { + mstore(0x00, 0x01) + return(0x00, 0x20) // Proof succeeded! + } + } + } +} + +contract UltraVerifier is BaseUltraVerifier { + function getVerificationKeyHash() public pure override(BaseUltraVerifier) returns (bytes32) { + return UltraVerificationKey.verificationKeyHash(); + } + + function loadVerificationKey(uint256 vk, uint256 _omegaInverseLoc) internal pure virtual override(BaseUltraVerifier) { + UltraVerificationKey.loadVerificationKey(vk, _omegaInverseLoc); + } +} diff --git a/noir/noir-repo/compiler/integration-tests/contracts/assert_statement.sol b/noir/noir-repo/compiler/integration-tests/contracts/assert_statement.sol new file mode 100644 index 00000000000..6946be8ee4b --- /dev/null +++ b/noir/noir-repo/compiler/integration-tests/contracts/assert_statement.sol @@ -0,0 +1,2869 @@ +// Verification Key Hash: 203c988709ced4125d5c6138661ba4d16a71092c5f4189d2b3baf2596a93311b +// SPDX-License-Identifier: Apache-2.0 +// Copyright 2022 Aztec +pragma solidity >=0.8.4; + +library UltraVerificationKey { + function verificationKeyHash() internal pure returns(bytes32) { + return 0x203c988709ced4125d5c6138661ba4d16a71092c5f4189d2b3baf2596a93311b; + } + + function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure { + assembly { + mstore(add(_vk, 0x00), 0x0000000000000000000000000000000000000000000000000000000000000008) // vk.circuit_size + mstore(add(_vk, 0x20), 0x0000000000000000000000000000000000000000000000000000000000000001) // vk.num_inputs + mstore(add(_vk, 0x40), 0x2b337de1c8c14f22ec9b9e2f96afef3652627366f8170a0a948dad4ac1bd5e80) // vk.work_root + mstore(add(_vk, 0x60), 0x2a57c4a4850b6c2481463cffb1512d51832d6b3f6a82427f1b65b6e172000001) // vk.domain_inverse + mstore(add(_vk, 0x80), 0x0160ce4e279582f91bde4f03f5e9a292139c61bae1a44f0fc7689507414be688) // vk.Q1.x + mstore(add(_vk, 0xa0), 0x07e3e8a5d98a1177ec85bf88f163a55dc2d37f658c3b2d60f24740eb13b65d79) // vk.Q1.y + mstore(add(_vk, 0xc0), 0x23d08e2817ac16990004ed11d8fc66dc3035fbd7ff16412a8fd7da587a935298) // vk.Q2.x + mstore(add(_vk, 0xe0), 0x0708529196af3c8e16ffa580c26182356a5ad59c646c746a8d09f5d154e47c4f) // vk.Q2.y + mstore(add(_vk, 0x100), 0x13757e15a0905f298303784a161b212ddfe70eb7a1280596e8e4a804f118a6dd) // vk.Q3.x + mstore(add(_vk, 0x120), 0x05775b6c146c4a59856e869fe5a70ea23a729df796935c7824e3a26be794829b) // vk.Q3.y + mstore(add(_vk, 0x140), 0x1d539ccbfc556d0ad59307a218de65eef0c9e088fd2d45aa40311082d1f2809b) // vk.Q4.x + mstore(add(_vk, 0x160), 0x177004deeb1f9d401fd7b1af1a5ac8a2c848beceb6ab7806fd3b88037b8410fc) // vk.Q4.y + mstore(add(_vk, 0x180), 0x0d82d51f2f75d806285fd248c819b82508eb63672a733f20de1a97644be4f540) // vk.Q_M.x + mstore(add(_vk, 0x1a0), 0x06cd3b0e3460533b9e5ea2cdc0fcbbd002f9100cbba8a29f13b11513c53c59d0) // vk.Q_M.y + mstore(add(_vk, 0x1c0), 0x21791de65f9a28ec7024b1a87ab4f3f45ea38a93b2f810c5633ddb54927c1c96) // vk.Q_C.x + mstore(add(_vk, 0x1e0), 0x29fa14a969c5d81ed3abbbfb11220a926511a0439502c86885a8c6f0327aa7ad) // vk.Q_C.y + mstore(add(_vk, 0x200), 0x2a910445cd8fc895e5d235cd8ea185b84c3258e8206f560e5b5b18cbeafef87e) // vk.Q_ARITHMETIC.x + mstore(add(_vk, 0x220), 0x14dc6643d801c3ef27c2066b6e2bb4887e67f15e84bcb8507a5064a363f6043b) // vk.Q_ARITHMETIC.y + mstore(add(_vk, 0x240), 0x20690fd4869db418306046b38161dce38e900b42c314ba803088e8fbf125203f) // vk.QSORT.x + mstore(add(_vk, 0x260), 0x048a85e0bbac7c60ad3d78f601f63c1e2fa856bf7951b8292b1e88185993629c) // vk.QSORT.y + mstore(add(_vk, 0x280), 0x2623ad892dc62b1fa7d0a650f0d4706f457719495073d3666d77a625aeab0c51) // vk.Q_ELLIPTIC.x + mstore(add(_vk, 0x2a0), 0x295f6f10976c37bd9c6f96bb7187d5dbfcc8a467e021c03b13f74a9f79c3a10c) // vk.Q_ELLIPTIC.y + mstore(add(_vk, 0x2c0), 0x03560a3b334e887532f605c9cb7628c13ef9a937cc12420fb38d9ab8e848e85e) // vk.Q_AUX.x + mstore(add(_vk, 0x2e0), 0x15adc8bb1e01c835f48959d1237bd69bcebf08a4599cdda0fb96312d4dc0c7a9) // vk.Q_AUX.y + mstore(add(_vk, 0x300), 0x24e3690cd89b1f74c96a6b0e03032344488741fb4b129e9cbcb31de91fd06ad8) // vk.SIGMA1.x + mstore(add(_vk, 0x320), 0x2c3b3b2783935f54e840bb7502b0ec734cb8ac2419c90514d0d015a974a9b52b) // vk.SIGMA1.y + mstore(add(_vk, 0x340), 0x060d8aa43fdc434d1942263f364d95ab17c6189d67d3bf5dd2f3885de0151b6f) // vk.SIGMA2.x + mstore(add(_vk, 0x360), 0x1a1018a66221883639f2898a66f3455d292333b3adb497f00b4bc32d45229060) // vk.SIGMA2.y + mstore(add(_vk, 0x380), 0x27730cec8ee6eafbd0e5ccffeab20dbd1c781a61196943647af68c4e39985fdc) // vk.SIGMA3.x + mstore(add(_vk, 0x3a0), 0x0766d1f3a85c923ee23cb3fcd89886f19af23a34217779c58eaeceb38cfdf1eb) // vk.SIGMA3.y + mstore(add(_vk, 0x3c0), 0x09ae6c317ff52520ae05150d89a4678f6f5839296a91685a8f562ca95fa36822) // vk.SIGMA4.x + mstore(add(_vk, 0x3e0), 0x0832680695476b91062cfd71c4663f5bd579304b4448ce5ae6eaa6620db20ab1) // vk.SIGMA4.y + mstore(add(_vk, 0x400), 0x1f54baa07558e5fb055bd9ba49c0679c5d6e08a6605ab4513748ac0fa017dd1c) // vk.TABLE1.x + mstore(add(_vk, 0x420), 0x24aec62a9d9763499267dc98c334281e1ee7ee29bbb5e4b080c6091c1433ce62) // vk.TABLE1.y + mstore(add(_vk, 0x440), 0x28cf3e22bcd53782ebc3e0490e27e51a96755946ff16f0d6632365f0eb0ab4d4) // vk.TABLE2.x + mstore(add(_vk, 0x460), 0x234ce541f1f5117dd404cfaf01a22943148d7d8c9ba43f2133fab4201435a364) // vk.TABLE2.y + mstore(add(_vk, 0x480), 0x3016955028b6390f446c3fd0c5b424a7fb95ffb461d9514a1070e2d2403982ef) // vk.TABLE3.x + mstore(add(_vk, 0x4a0), 0x13ef666111b0be56a235983d397d2a08863c3b7cd7cddc20ba79ce915051c56e) // vk.TABLE3.y + mstore(add(_vk, 0x4c0), 0x217f7c4235161e9a3c16c45b6ca499e3993f465fc9f56e93ac769e597b752c1c) // vk.TABLE4.x + mstore(add(_vk, 0x4e0), 0x256467bfcb63d9fdcb5dde397757ad8ffa4cd96bc67b0b7df5678271e1114075) // vk.TABLE4.y + mstore(add(_vk, 0x500), 0x0e52d1bd75812c33c6f3d79ee4b94c54e5eb270bb64bde6e6ececadfd8c3236c) // vk.TABLE_TYPE.x + mstore(add(_vk, 0x520), 0x0ff417d256be43e73c8b1aa85bdda3484a2c641dce55bc2dd64ef0cd790a7fea) // vk.TABLE_TYPE.y + mstore(add(_vk, 0x540), 0x2914765365b4bb5f48a424db02b30c158b9ace6a8786bf33f65c33e87249f995) // vk.ID1.x + mstore(add(_vk, 0x560), 0x2e606ebd09b7686801932b72c9dbe83a6b1ae341f8cb6d52a568b693630f4643) // vk.ID1.y + mstore(add(_vk, 0x580), 0x1b0d1316756ddd16982a7e98b868244fff53c5d4bdc2b70e371c0d08e994cfd5) // vk.ID2.x + mstore(add(_vk, 0x5a0), 0x27f94b1ce85bf25b95857aaa3b82f6a3706170d67e53462bc635491ec3a29f98) // vk.ID2.y + mstore(add(_vk, 0x5c0), 0x26c5c0971d041a6777e4896896f674670e17bb68e92cbb11e605d2d74c077f66) // vk.ID3.x + mstore(add(_vk, 0x5e0), 0x15d5a580649417ff6523c7ec8e2fce5f1f22fef5be2a9fb4fd3004d9c6562efe) // vk.ID3.y + mstore(add(_vk, 0x600), 0x2eea648c8732596b1314fe2a4d2f05363f0c994e91cecad25835338edee2294f) // vk.ID4.x + mstore(add(_vk, 0x620), 0x0ab49886c2b94bd0bd3f6ed1dbbe2cb2671d2ae51d31c1210433c3972bb64578) // vk.ID4.y + mstore(add(_vk, 0x640), 0x00) // vk.contains_recursive_proof + mstore(add(_vk, 0x660), 0) // vk.recursive_proof_public_input_indices + mstore(add(_vk, 0x680), 0x260e01b251f6f1c7e7ff4e580791dee8ea51d87a358e038b4efe30fac09383c1) // vk.g2_x.X.c1 + mstore(add(_vk, 0x6a0), 0x0118c4d5b837bcc2bc89b5b398b5974e9f5944073b32078b7e231fec938883b0) // vk.g2_x.X.c0 + mstore(add(_vk, 0x6c0), 0x04fc6369f7110fe3d25156c1bb9a72859cf2a04641f99ba4ee413c80da6a5fe4) // vk.g2_x.Y.c1 + mstore(add(_vk, 0x6e0), 0x22febda3c0c0632a56475b4214e5615e11e6dd3f96e6cea2854a87d4dacc5e55) // vk.g2_x.Y.c0 + mstore(_omegaInverseLoc, 0x130b17119778465cfb3acaee30f81dee20710ead41671f568b11d9ab07b95a9b) // vk.work_root_inverse + } + } +} + +/** + * @title Ultra Plonk proof verification contract + * @dev Top level Plonk proof verification contract, which allows Plonk proof to be verified + */ +abstract contract BaseUltraVerifier { + // VERIFICATION KEY MEMORY LOCATIONS + uint256 internal constant N_LOC = 0x380; + uint256 internal constant NUM_INPUTS_LOC = 0x3a0; + uint256 internal constant OMEGA_LOC = 0x3c0; + uint256 internal constant DOMAIN_INVERSE_LOC = 0x3e0; + uint256 internal constant Q1_X_LOC = 0x400; + uint256 internal constant Q1_Y_LOC = 0x420; + uint256 internal constant Q2_X_LOC = 0x440; + uint256 internal constant Q2_Y_LOC = 0x460; + uint256 internal constant Q3_X_LOC = 0x480; + uint256 internal constant Q3_Y_LOC = 0x4a0; + uint256 internal constant Q4_X_LOC = 0x4c0; + uint256 internal constant Q4_Y_LOC = 0x4e0; + uint256 internal constant QM_X_LOC = 0x500; + uint256 internal constant QM_Y_LOC = 0x520; + uint256 internal constant QC_X_LOC = 0x540; + uint256 internal constant QC_Y_LOC = 0x560; + uint256 internal constant QARITH_X_LOC = 0x580; + uint256 internal constant QARITH_Y_LOC = 0x5a0; + uint256 internal constant QSORT_X_LOC = 0x5c0; + uint256 internal constant QSORT_Y_LOC = 0x5e0; + uint256 internal constant QELLIPTIC_X_LOC = 0x600; + uint256 internal constant QELLIPTIC_Y_LOC = 0x620; + uint256 internal constant QAUX_X_LOC = 0x640; + uint256 internal constant QAUX_Y_LOC = 0x660; + uint256 internal constant SIGMA1_X_LOC = 0x680; + uint256 internal constant SIGMA1_Y_LOC = 0x6a0; + uint256 internal constant SIGMA2_X_LOC = 0x6c0; + uint256 internal constant SIGMA2_Y_LOC = 0x6e0; + uint256 internal constant SIGMA3_X_LOC = 0x700; + uint256 internal constant SIGMA3_Y_LOC = 0x720; + uint256 internal constant SIGMA4_X_LOC = 0x740; + uint256 internal constant SIGMA4_Y_LOC = 0x760; + uint256 internal constant TABLE1_X_LOC = 0x780; + uint256 internal constant TABLE1_Y_LOC = 0x7a0; + uint256 internal constant TABLE2_X_LOC = 0x7c0; + uint256 internal constant TABLE2_Y_LOC = 0x7e0; + uint256 internal constant TABLE3_X_LOC = 0x800; + uint256 internal constant TABLE3_Y_LOC = 0x820; + uint256 internal constant TABLE4_X_LOC = 0x840; + uint256 internal constant TABLE4_Y_LOC = 0x860; + uint256 internal constant TABLE_TYPE_X_LOC = 0x880; + uint256 internal constant TABLE_TYPE_Y_LOC = 0x8a0; + uint256 internal constant ID1_X_LOC = 0x8c0; + uint256 internal constant ID1_Y_LOC = 0x8e0; + uint256 internal constant ID2_X_LOC = 0x900; + uint256 internal constant ID2_Y_LOC = 0x920; + uint256 internal constant ID3_X_LOC = 0x940; + uint256 internal constant ID3_Y_LOC = 0x960; + uint256 internal constant ID4_X_LOC = 0x980; + uint256 internal constant ID4_Y_LOC = 0x9a0; + uint256 internal constant CONTAINS_RECURSIVE_PROOF_LOC = 0x9c0; + uint256 internal constant RECURSIVE_PROOF_PUBLIC_INPUT_INDICES_LOC = 0x9e0; + uint256 internal constant G2X_X0_LOC = 0xa00; + uint256 internal constant G2X_X1_LOC = 0xa20; + uint256 internal constant G2X_Y0_LOC = 0xa40; + uint256 internal constant G2X_Y1_LOC = 0xa60; + + // ### PROOF DATA MEMORY LOCATIONS + uint256 internal constant W1_X_LOC = 0x1200; + uint256 internal constant W1_Y_LOC = 0x1220; + uint256 internal constant W2_X_LOC = 0x1240; + uint256 internal constant W2_Y_LOC = 0x1260; + uint256 internal constant W3_X_LOC = 0x1280; + uint256 internal constant W3_Y_LOC = 0x12a0; + uint256 internal constant W4_X_LOC = 0x12c0; + uint256 internal constant W4_Y_LOC = 0x12e0; + uint256 internal constant S_X_LOC = 0x1300; + uint256 internal constant S_Y_LOC = 0x1320; + uint256 internal constant Z_X_LOC = 0x1340; + uint256 internal constant Z_Y_LOC = 0x1360; + uint256 internal constant Z_LOOKUP_X_LOC = 0x1380; + uint256 internal constant Z_LOOKUP_Y_LOC = 0x13a0; + uint256 internal constant T1_X_LOC = 0x13c0; + uint256 internal constant T1_Y_LOC = 0x13e0; + uint256 internal constant T2_X_LOC = 0x1400; + uint256 internal constant T2_Y_LOC = 0x1420; + uint256 internal constant T3_X_LOC = 0x1440; + uint256 internal constant T3_Y_LOC = 0x1460; + uint256 internal constant T4_X_LOC = 0x1480; + uint256 internal constant T4_Y_LOC = 0x14a0; + + uint256 internal constant W1_EVAL_LOC = 0x1600; + uint256 internal constant W2_EVAL_LOC = 0x1620; + uint256 internal constant W3_EVAL_LOC = 0x1640; + uint256 internal constant W4_EVAL_LOC = 0x1660; + uint256 internal constant S_EVAL_LOC = 0x1680; + uint256 internal constant Z_EVAL_LOC = 0x16a0; + uint256 internal constant Z_LOOKUP_EVAL_LOC = 0x16c0; + uint256 internal constant Q1_EVAL_LOC = 0x16e0; + uint256 internal constant Q2_EVAL_LOC = 0x1700; + uint256 internal constant Q3_EVAL_LOC = 0x1720; + uint256 internal constant Q4_EVAL_LOC = 0x1740; + uint256 internal constant QM_EVAL_LOC = 0x1760; + uint256 internal constant QC_EVAL_LOC = 0x1780; + uint256 internal constant QARITH_EVAL_LOC = 0x17a0; + uint256 internal constant QSORT_EVAL_LOC = 0x17c0; + uint256 internal constant QELLIPTIC_EVAL_LOC = 0x17e0; + uint256 internal constant QAUX_EVAL_LOC = 0x1800; + uint256 internal constant TABLE1_EVAL_LOC = 0x1840; + uint256 internal constant TABLE2_EVAL_LOC = 0x1860; + uint256 internal constant TABLE3_EVAL_LOC = 0x1880; + uint256 internal constant TABLE4_EVAL_LOC = 0x18a0; + uint256 internal constant TABLE_TYPE_EVAL_LOC = 0x18c0; + uint256 internal constant ID1_EVAL_LOC = 0x18e0; + uint256 internal constant ID2_EVAL_LOC = 0x1900; + uint256 internal constant ID3_EVAL_LOC = 0x1920; + uint256 internal constant ID4_EVAL_LOC = 0x1940; + uint256 internal constant SIGMA1_EVAL_LOC = 0x1960; + uint256 internal constant SIGMA2_EVAL_LOC = 0x1980; + uint256 internal constant SIGMA3_EVAL_LOC = 0x19a0; + uint256 internal constant SIGMA4_EVAL_LOC = 0x19c0; + uint256 internal constant W1_OMEGA_EVAL_LOC = 0x19e0; + uint256 internal constant W2_OMEGA_EVAL_LOC = 0x2000; + uint256 internal constant W3_OMEGA_EVAL_LOC = 0x2020; + uint256 internal constant W4_OMEGA_EVAL_LOC = 0x2040; + uint256 internal constant S_OMEGA_EVAL_LOC = 0x2060; + uint256 internal constant Z_OMEGA_EVAL_LOC = 0x2080; + uint256 internal constant Z_LOOKUP_OMEGA_EVAL_LOC = 0x20a0; + uint256 internal constant TABLE1_OMEGA_EVAL_LOC = 0x20c0; + uint256 internal constant TABLE2_OMEGA_EVAL_LOC = 0x20e0; + uint256 internal constant TABLE3_OMEGA_EVAL_LOC = 0x2100; + uint256 internal constant TABLE4_OMEGA_EVAL_LOC = 0x2120; + + uint256 internal constant PI_Z_X_LOC = 0x2300; + uint256 internal constant PI_Z_Y_LOC = 0x2320; + uint256 internal constant PI_Z_OMEGA_X_LOC = 0x2340; + uint256 internal constant PI_Z_OMEGA_Y_LOC = 0x2360; + + // Used for elliptic widget. These are alias names for wire + shifted wire evaluations + uint256 internal constant X1_EVAL_LOC = W2_EVAL_LOC; + uint256 internal constant X2_EVAL_LOC = W1_OMEGA_EVAL_LOC; + uint256 internal constant X3_EVAL_LOC = W2_OMEGA_EVAL_LOC; + uint256 internal constant Y1_EVAL_LOC = W3_EVAL_LOC; + uint256 internal constant Y2_EVAL_LOC = W4_OMEGA_EVAL_LOC; + uint256 internal constant Y3_EVAL_LOC = W3_OMEGA_EVAL_LOC; + uint256 internal constant QBETA_LOC = Q3_EVAL_LOC; + uint256 internal constant QBETA_SQR_LOC = Q4_EVAL_LOC; + uint256 internal constant QSIGN_LOC = Q1_EVAL_LOC; + + // ### CHALLENGES MEMORY OFFSETS + + uint256 internal constant C_BETA_LOC = 0x2600; + uint256 internal constant C_GAMMA_LOC = 0x2620; + uint256 internal constant C_ALPHA_LOC = 0x2640; + uint256 internal constant C_ETA_LOC = 0x2660; + uint256 internal constant C_ETA_SQR_LOC = 0x2680; + uint256 internal constant C_ETA_CUBE_LOC = 0x26a0; + + uint256 internal constant C_ZETA_LOC = 0x26c0; + uint256 internal constant C_CURRENT_LOC = 0x26e0; + uint256 internal constant C_V0_LOC = 0x2700; + uint256 internal constant C_V1_LOC = 0x2720; + uint256 internal constant C_V2_LOC = 0x2740; + uint256 internal constant C_V3_LOC = 0x2760; + uint256 internal constant C_V4_LOC = 0x2780; + uint256 internal constant C_V5_LOC = 0x27a0; + uint256 internal constant C_V6_LOC = 0x27c0; + uint256 internal constant C_V7_LOC = 0x27e0; + uint256 internal constant C_V8_LOC = 0x2800; + uint256 internal constant C_V9_LOC = 0x2820; + uint256 internal constant C_V10_LOC = 0x2840; + uint256 internal constant C_V11_LOC = 0x2860; + uint256 internal constant C_V12_LOC = 0x2880; + uint256 internal constant C_V13_LOC = 0x28a0; + uint256 internal constant C_V14_LOC = 0x28c0; + uint256 internal constant C_V15_LOC = 0x28e0; + uint256 internal constant C_V16_LOC = 0x2900; + uint256 internal constant C_V17_LOC = 0x2920; + uint256 internal constant C_V18_LOC = 0x2940; + uint256 internal constant C_V19_LOC = 0x2960; + uint256 internal constant C_V20_LOC = 0x2980; + uint256 internal constant C_V21_LOC = 0x29a0; + uint256 internal constant C_V22_LOC = 0x29c0; + uint256 internal constant C_V23_LOC = 0x29e0; + uint256 internal constant C_V24_LOC = 0x2a00; + uint256 internal constant C_V25_LOC = 0x2a20; + uint256 internal constant C_V26_LOC = 0x2a40; + uint256 internal constant C_V27_LOC = 0x2a60; + uint256 internal constant C_V28_LOC = 0x2a80; + uint256 internal constant C_V29_LOC = 0x2aa0; + uint256 internal constant C_V30_LOC = 0x2ac0; + + uint256 internal constant C_U_LOC = 0x2b00; + + // ### LOCAL VARIABLES MEMORY OFFSETS + uint256 internal constant DELTA_NUMERATOR_LOC = 0x3000; + uint256 internal constant DELTA_DENOMINATOR_LOC = 0x3020; + uint256 internal constant ZETA_POW_N_LOC = 0x3040; + uint256 internal constant PUBLIC_INPUT_DELTA_LOC = 0x3060; + uint256 internal constant ZERO_POLY_LOC = 0x3080; + uint256 internal constant L_START_LOC = 0x30a0; + uint256 internal constant L_END_LOC = 0x30c0; + uint256 internal constant R_ZERO_EVAL_LOC = 0x30e0; + + uint256 internal constant PLOOKUP_DELTA_NUMERATOR_LOC = 0x3100; + uint256 internal constant PLOOKUP_DELTA_DENOMINATOR_LOC = 0x3120; + uint256 internal constant PLOOKUP_DELTA_LOC = 0x3140; + + uint256 internal constant ACCUMULATOR_X_LOC = 0x3160; + uint256 internal constant ACCUMULATOR_Y_LOC = 0x3180; + uint256 internal constant ACCUMULATOR2_X_LOC = 0x31a0; + uint256 internal constant ACCUMULATOR2_Y_LOC = 0x31c0; + uint256 internal constant PAIRING_LHS_X_LOC = 0x31e0; + uint256 internal constant PAIRING_LHS_Y_LOC = 0x3200; + uint256 internal constant PAIRING_RHS_X_LOC = 0x3220; + uint256 internal constant PAIRING_RHS_Y_LOC = 0x3240; + + // misc stuff + uint256 internal constant OMEGA_INVERSE_LOC = 0x3300; + uint256 internal constant C_ALPHA_SQR_LOC = 0x3320; + uint256 internal constant C_ALPHA_CUBE_LOC = 0x3340; + uint256 internal constant C_ALPHA_QUAD_LOC = 0x3360; + uint256 internal constant C_ALPHA_BASE_LOC = 0x3380; + + // ### RECURSION VARIABLE MEMORY LOCATIONS + uint256 internal constant RECURSIVE_P1_X_LOC = 0x3400; + uint256 internal constant RECURSIVE_P1_Y_LOC = 0x3420; + uint256 internal constant RECURSIVE_P2_X_LOC = 0x3440; + uint256 internal constant RECURSIVE_P2_Y_LOC = 0x3460; + uint256 internal constant PUBLIC_INPUTS_HASH_LOCATION = 0x3480; + + // sub-identity storage + uint256 internal constant PERMUTATION_IDENTITY = 0x3500; + uint256 internal constant PLOOKUP_IDENTITY = 0x3520; + uint256 internal constant ARITHMETIC_IDENTITY = 0x3540; + uint256 internal constant SORT_IDENTITY = 0x3560; + uint256 internal constant ELLIPTIC_IDENTITY = 0x3580; + uint256 internal constant AUX_IDENTITY = 0x35a0; + uint256 internal constant AUX_NON_NATIVE_FIELD_EVALUATION = 0x35c0; + uint256 internal constant AUX_LIMB_ACCUMULATOR_EVALUATION = 0x35e0; + uint256 internal constant AUX_RAM_CONSISTENCY_EVALUATION = 0x3600; + uint256 internal constant AUX_ROM_CONSISTENCY_EVALUATION = 0x3620; + uint256 internal constant AUX_MEMORY_EVALUATION = 0x3640; + + uint256 internal constant QUOTIENT_EVAL_LOC = 0x3660; + uint256 internal constant ZERO_POLY_INVERSE_LOC = 0x3680; + + // when hashing public inputs we use memory at NU_CHALLENGE_INPUT_LOC_A, as the hash input size is unknown at compile time + uint256 internal constant NU_CHALLENGE_INPUT_LOC_A = 0x36a0; + uint256 internal constant NU_CHALLENGE_INPUT_LOC_B = 0x36c0; + uint256 internal constant NU_CHALLENGE_INPUT_LOC_C = 0x36e0; + + bytes4 internal constant INVALID_VERIFICATION_KEY_SELECTOR = 0x7e5769bf; + bytes4 internal constant POINT_NOT_ON_CURVE_SELECTOR = 0xa3dad654; + bytes4 internal constant PUBLIC_INPUT_INVALID_BN128_G1_POINT_SELECTOR = 0xeba9f4a6; + bytes4 internal constant PUBLIC_INPUT_GE_P_SELECTOR = 0x374a972f; + bytes4 internal constant MOD_EXP_FAILURE_SELECTOR = 0xf894a7bc; + bytes4 internal constant PAIRING_PREAMBLE_FAILED_SELECTOR = 0x01882d81; + bytes4 internal constant OPENING_COMMITMENT_FAILED_SELECTOR = 0x4e719763; + bytes4 internal constant PAIRING_FAILED_SELECTOR = 0xd71fd263; + + uint256 internal constant ETA_INPUT_LENGTH = 0xc0; // W1, W2, W3 = 6 * 0x20 bytes + + // We need to hash 41 field elements when generating the NU challenge + // w1, w2, w3, w4, s, z, z_lookup, q1, q2, q3, q4, qm, qc, qarith (14) + // qsort, qelliptic, qaux, sigma1, sigma2, sigma, sigma4, (7) + // table1, table2, table3, table4, tabletype, id1, id2, id3, id4, (9) + // w1_omega, w2_omega, w3_omega, w4_omega, s_omega, z_omega, z_lookup_omega, (7) + // table1_omega, table2_omega, table3_omega, table4_omega (4) + uint256 internal constant NU_INPUT_LENGTH = 0x520; // 0x520 = 41 * 0x20 + + // There are ELEVEN G1 group elements added into the transcript in the `beta` round, that we need to skip over + // W1, W2, W3, W4, S, Z, Z_LOOKUP, T1, T2, T3, T4 + uint256 internal constant NU_CALLDATA_SKIP_LENGTH = 0x2c0; // 11 * 0x40 = 0x2c0 + + uint256 internal constant NEGATIVE_INVERSE_OF_2_MODULO_P = + 0x183227397098d014dc2822db40c0ac2e9419f4243cdcb848a1f0fac9f8000000; + uint256 internal constant LIMB_SIZE = 0x100000000000000000; // 2<<68 + uint256 internal constant SUBLIMB_SHIFT = 0x4000; // 2<<14 + + // y^2 = x^3 + ax + b + // for Grumpkin, a = 0 and b = -17. We use b in a custom gate relation that evaluates elliptic curve arithmetic + uint256 internal constant GRUMPKIN_CURVE_B_PARAMETER_NEGATED = 17; + + error INVALID_VERIFICATION_KEY(); + error POINT_NOT_ON_CURVE(); + error PUBLIC_INPUT_COUNT_INVALID(uint256 expected, uint256 actual); + error PUBLIC_INPUT_INVALID_BN128_G1_POINT(); + error PUBLIC_INPUT_GE_P(); + error MOD_EXP_FAILURE(); + error PAIRING_PREAMBLE_FAILED(); + error OPENING_COMMITMENT_FAILED(); + error PAIRING_FAILED(); + + function getVerificationKeyHash() public pure virtual returns (bytes32); + + /** + * @dev We assume that the verification key loaded by this function is constant as we only verify it on deployment + */ + function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure virtual; + + constructor() { + loadVerificationKey(N_LOC, OMEGA_INVERSE_LOC); + + // We verify that all of the EC points in the verification key lie on the bn128 curve. + assembly { + let q := 21888242871839275222246405745257275088696311157297823662689037894645226208583 // EC group order + + let success := 1 + + // VALIDATE Q1 + { + let x := mload(Q1_X_LOC) + let y := mload(Q1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE Q2 + { + let x := mload(Q2_X_LOC) + let y := mload(Q2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE Q3 + { + let x := mload(Q3_X_LOC) + let y := mload(Q3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE Q4 + { + let x := mload(Q4_X_LOC) + let y := mload(Q4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + mstore(0x00, x) + mstore(0x20, y) + } + // VALIDATE QM + { + let x := mload(QM_X_LOC) + let y := mload(QM_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QC + { + let x := mload(QC_X_LOC) + let y := mload(QC_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QARITH + { + let x := mload(QARITH_X_LOC) + let y := mload(QARITH_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QSORT + { + let x := mload(QSORT_X_LOC) + let y := mload(QSORT_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QELLIPTIC + { + let x := mload(QELLIPTIC_X_LOC) + let y := mload(QELLIPTIC_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QAUX + { + let x := mload(QAUX_X_LOC) + let y := mload(QAUX_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE SIGMA1 + { + let x := mload(SIGMA1_X_LOC) + let y := mload(SIGMA1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE SIGMA2 + { + let x := mload(SIGMA2_X_LOC) + let y := mload(SIGMA2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE SIGMA3 + { + let x := mload(SIGMA3_X_LOC) + let y := mload(SIGMA3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE SIGMA4 + { + let x := mload(SIGMA4_X_LOC) + let y := mload(SIGMA4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE1 + { + let x := mload(TABLE1_X_LOC) + let y := mload(TABLE1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE2 + { + let x := mload(TABLE2_X_LOC) + let y := mload(TABLE2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE3 + { + let x := mload(TABLE3_X_LOC) + let y := mload(TABLE3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE4 + { + let x := mload(TABLE4_X_LOC) + let y := mload(TABLE4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE_TYPE + { + let x := mload(TABLE_TYPE_X_LOC) + let y := mload(TABLE_TYPE_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE ID1 + { + let x := mload(ID1_X_LOC) + let y := mload(ID1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE ID2 + { + let x := mload(ID2_X_LOC) + let y := mload(ID2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE ID3 + { + let x := mload(ID3_X_LOC) + let y := mload(ID3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE ID4 + { + let x := mload(ID4_X_LOC) + let y := mload(ID4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + + if iszero(success) { + mstore(0x0, INVALID_VERIFICATION_KEY_SELECTOR) + revert(0x00, 0x04) + } + } + } + + /** + * @notice Verify a Ultra Plonk proof + * @param _proof - The serialized proof + * @param _publicInputs - An array of the public inputs + * @return True if proof is valid, reverts otherwise + */ + function verify(bytes calldata _proof, bytes32[] calldata _publicInputs) external view returns (bool) { + loadVerificationKey(N_LOC, OMEGA_INVERSE_LOC); + + uint256 requiredPublicInputCount; + assembly { + requiredPublicInputCount := mload(NUM_INPUTS_LOC) + } + if (requiredPublicInputCount != _publicInputs.length) { + revert PUBLIC_INPUT_COUNT_INVALID(requiredPublicInputCount, _publicInputs.length); + } + + assembly { + let q := 21888242871839275222246405745257275088696311157297823662689037894645226208583 // EC group order + let p := 21888242871839275222246405745257275088548364400416034343698204186575808495617 // Prime field order + + /** + * LOAD PROOF FROM CALLDATA + */ + { + let data_ptr := add(calldataload(0x04), 0x24) + + mstore(W1_Y_LOC, mod(calldataload(data_ptr), q)) + mstore(W1_X_LOC, mod(calldataload(add(data_ptr, 0x20)), q)) + + mstore(W2_Y_LOC, mod(calldataload(add(data_ptr, 0x40)), q)) + mstore(W2_X_LOC, mod(calldataload(add(data_ptr, 0x60)), q)) + + mstore(W3_Y_LOC, mod(calldataload(add(data_ptr, 0x80)), q)) + mstore(W3_X_LOC, mod(calldataload(add(data_ptr, 0xa0)), q)) + + mstore(W4_Y_LOC, mod(calldataload(add(data_ptr, 0xc0)), q)) + mstore(W4_X_LOC, mod(calldataload(add(data_ptr, 0xe0)), q)) + + mstore(S_Y_LOC, mod(calldataload(add(data_ptr, 0x100)), q)) + mstore(S_X_LOC, mod(calldataload(add(data_ptr, 0x120)), q)) + mstore(Z_Y_LOC, mod(calldataload(add(data_ptr, 0x140)), q)) + mstore(Z_X_LOC, mod(calldataload(add(data_ptr, 0x160)), q)) + mstore(Z_LOOKUP_Y_LOC, mod(calldataload(add(data_ptr, 0x180)), q)) + mstore(Z_LOOKUP_X_LOC, mod(calldataload(add(data_ptr, 0x1a0)), q)) + mstore(T1_Y_LOC, mod(calldataload(add(data_ptr, 0x1c0)), q)) + mstore(T1_X_LOC, mod(calldataload(add(data_ptr, 0x1e0)), q)) + + mstore(T2_Y_LOC, mod(calldataload(add(data_ptr, 0x200)), q)) + mstore(T2_X_LOC, mod(calldataload(add(data_ptr, 0x220)), q)) + + mstore(T3_Y_LOC, mod(calldataload(add(data_ptr, 0x240)), q)) + mstore(T3_X_LOC, mod(calldataload(add(data_ptr, 0x260)), q)) + + mstore(T4_Y_LOC, mod(calldataload(add(data_ptr, 0x280)), q)) + mstore(T4_X_LOC, mod(calldataload(add(data_ptr, 0x2a0)), q)) + + mstore(W1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x2c0)), p)) + mstore(W2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x2e0)), p)) + mstore(W3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x300)), p)) + mstore(W4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x320)), p)) + mstore(S_EVAL_LOC, mod(calldataload(add(data_ptr, 0x340)), p)) + mstore(Z_EVAL_LOC, mod(calldataload(add(data_ptr, 0x360)), p)) + mstore(Z_LOOKUP_EVAL_LOC, mod(calldataload(add(data_ptr, 0x380)), p)) + mstore(Q1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x3a0)), p)) + mstore(Q2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x3c0)), p)) + mstore(Q3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x3e0)), p)) + mstore(Q4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x400)), p)) + mstore(QM_EVAL_LOC, mod(calldataload(add(data_ptr, 0x420)), p)) + mstore(QC_EVAL_LOC, mod(calldataload(add(data_ptr, 0x440)), p)) + mstore(QARITH_EVAL_LOC, mod(calldataload(add(data_ptr, 0x460)), p)) + mstore(QSORT_EVAL_LOC, mod(calldataload(add(data_ptr, 0x480)), p)) + mstore(QELLIPTIC_EVAL_LOC, mod(calldataload(add(data_ptr, 0x4a0)), p)) + mstore(QAUX_EVAL_LOC, mod(calldataload(add(data_ptr, 0x4c0)), p)) + + mstore(SIGMA1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x4e0)), p)) + mstore(SIGMA2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x500)), p)) + + mstore(SIGMA3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x520)), p)) + mstore(SIGMA4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x540)), p)) + + mstore(TABLE1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x560)), p)) + mstore(TABLE2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x580)), p)) + mstore(TABLE3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x5a0)), p)) + mstore(TABLE4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x5c0)), p)) + mstore(TABLE_TYPE_EVAL_LOC, mod(calldataload(add(data_ptr, 0x5e0)), p)) + + mstore(ID1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x600)), p)) + mstore(ID2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x620)), p)) + mstore(ID3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x640)), p)) + mstore(ID4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x660)), p)) + + mstore(W1_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x680)), p)) + mstore(W2_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x6a0)), p)) + mstore(W3_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x6c0)), p)) + mstore(W4_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x6e0)), p)) + mstore(S_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x700)), p)) + + mstore(Z_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x720)), p)) + + mstore(Z_LOOKUP_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x740)), p)) + mstore(TABLE1_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x760)), p)) + mstore(TABLE2_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x780)), p)) + mstore(TABLE3_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x7a0)), p)) + mstore(TABLE4_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x7c0)), p)) + + mstore(PI_Z_Y_LOC, mod(calldataload(add(data_ptr, 0x7e0)), q)) + mstore(PI_Z_X_LOC, mod(calldataload(add(data_ptr, 0x800)), q)) + + mstore(PI_Z_OMEGA_Y_LOC, mod(calldataload(add(data_ptr, 0x820)), q)) + mstore(PI_Z_OMEGA_X_LOC, mod(calldataload(add(data_ptr, 0x840)), q)) + } + + /** + * LOAD RECURSIVE PROOF INTO MEMORY + */ + { + if mload(CONTAINS_RECURSIVE_PROOF_LOC) { + let public_inputs_ptr := add(calldataload(0x24), 0x24) + let index_counter := add(shl(5, mload(RECURSIVE_PROOF_PUBLIC_INPUT_INDICES_LOC)), public_inputs_ptr) + + let x0 := calldataload(index_counter) + x0 := add(x0, shl(68, calldataload(add(index_counter, 0x20)))) + x0 := add(x0, shl(136, calldataload(add(index_counter, 0x40)))) + x0 := add(x0, shl(204, calldataload(add(index_counter, 0x60)))) + let y0 := calldataload(add(index_counter, 0x80)) + y0 := add(y0, shl(68, calldataload(add(index_counter, 0xa0)))) + y0 := add(y0, shl(136, calldataload(add(index_counter, 0xc0)))) + y0 := add(y0, shl(204, calldataload(add(index_counter, 0xe0)))) + let x1 := calldataload(add(index_counter, 0x100)) + x1 := add(x1, shl(68, calldataload(add(index_counter, 0x120)))) + x1 := add(x1, shl(136, calldataload(add(index_counter, 0x140)))) + x1 := add(x1, shl(204, calldataload(add(index_counter, 0x160)))) + let y1 := calldataload(add(index_counter, 0x180)) + y1 := add(y1, shl(68, calldataload(add(index_counter, 0x1a0)))) + y1 := add(y1, shl(136, calldataload(add(index_counter, 0x1c0)))) + y1 := add(y1, shl(204, calldataload(add(index_counter, 0x1e0)))) + mstore(RECURSIVE_P1_X_LOC, x0) + mstore(RECURSIVE_P1_Y_LOC, y0) + mstore(RECURSIVE_P2_X_LOC, x1) + mstore(RECURSIVE_P2_Y_LOC, y1) + + // validate these are valid bn128 G1 points + if iszero(and(and(lt(x0, q), lt(x1, q)), and(lt(y0, q), lt(y1, q)))) { + mstore(0x00, PUBLIC_INPUT_INVALID_BN128_G1_POINT_SELECTOR) + revert(0x00, 0x04) + } + } + } + + { + /** + * Generate initial challenge + */ + mstore(0x00, shl(224, mload(N_LOC))) + mstore(0x04, shl(224, mload(NUM_INPUTS_LOC))) + let challenge := keccak256(0x00, 0x08) + + /** + * Generate eta challenge + */ + mstore(PUBLIC_INPUTS_HASH_LOCATION, challenge) + // The public input location is stored at 0x24, we then add 0x24 to skip selector and the length of public inputs + let public_inputs_start := add(calldataload(0x24), 0x24) + // copy the public inputs over + let public_input_size := mul(mload(NUM_INPUTS_LOC), 0x20) + calldatacopy(add(PUBLIC_INPUTS_HASH_LOCATION, 0x20), public_inputs_start, public_input_size) + + // copy W1, W2, W3 into challenge. Each point is 0x40 bytes, so load 0xc0 = 3 * 0x40 bytes (ETA input length) + let w_start := add(calldataload(0x04), 0x24) + calldatacopy(add(add(PUBLIC_INPUTS_HASH_LOCATION, 0x20), public_input_size), w_start, ETA_INPUT_LENGTH) + + // Challenge is the old challenge + public inputs + W1, W2, W3 (0x20 + public_input_size + 0xc0) + let challenge_bytes_size := add(0x20, add(public_input_size, ETA_INPUT_LENGTH)) + + challenge := keccak256(PUBLIC_INPUTS_HASH_LOCATION, challenge_bytes_size) + { + let eta := mod(challenge, p) + mstore(C_ETA_LOC, eta) + mstore(C_ETA_SQR_LOC, mulmod(eta, eta, p)) + mstore(C_ETA_CUBE_LOC, mulmod(mload(C_ETA_SQR_LOC), eta, p)) + } + + /** + * Generate beta challenge + */ + mstore(0x00, challenge) + mstore(0x20, mload(W4_Y_LOC)) + mstore(0x40, mload(W4_X_LOC)) + mstore(0x60, mload(S_Y_LOC)) + mstore(0x80, mload(S_X_LOC)) + challenge := keccak256(0x00, 0xa0) + mstore(C_BETA_LOC, mod(challenge, p)) + + /** + * Generate gamma challenge + */ + mstore(0x00, challenge) + mstore8(0x20, 0x01) + challenge := keccak256(0x00, 0x21) + mstore(C_GAMMA_LOC, mod(challenge, p)) + + /** + * Generate alpha challenge + */ + mstore(0x00, challenge) + mstore(0x20, mload(Z_Y_LOC)) + mstore(0x40, mload(Z_X_LOC)) + mstore(0x60, mload(Z_LOOKUP_Y_LOC)) + mstore(0x80, mload(Z_LOOKUP_X_LOC)) + challenge := keccak256(0x00, 0xa0) + mstore(C_ALPHA_LOC, mod(challenge, p)) + + /** + * Compute and store some powers of alpha for future computations + */ + let alpha := mload(C_ALPHA_LOC) + mstore(C_ALPHA_SQR_LOC, mulmod(alpha, alpha, p)) + mstore(C_ALPHA_CUBE_LOC, mulmod(mload(C_ALPHA_SQR_LOC), alpha, p)) + mstore(C_ALPHA_QUAD_LOC, mulmod(mload(C_ALPHA_CUBE_LOC), alpha, p)) + mstore(C_ALPHA_BASE_LOC, alpha) + + /** + * Generate zeta challenge + */ + mstore(0x00, challenge) + mstore(0x20, mload(T1_Y_LOC)) + mstore(0x40, mload(T1_X_LOC)) + mstore(0x60, mload(T2_Y_LOC)) + mstore(0x80, mload(T2_X_LOC)) + mstore(0xa0, mload(T3_Y_LOC)) + mstore(0xc0, mload(T3_X_LOC)) + mstore(0xe0, mload(T4_Y_LOC)) + mstore(0x100, mload(T4_X_LOC)) + + challenge := keccak256(0x00, 0x120) + + mstore(C_ZETA_LOC, mod(challenge, p)) + mstore(C_CURRENT_LOC, challenge) + } + + /** + * EVALUATE FIELD OPERATIONS + */ + + /** + * COMPUTE PUBLIC INPUT DELTA + * ΔPI = ∏ᵢ∈ℓ(wᵢ + β σ(i) + γ) / ∏ᵢ∈ℓ(wᵢ + β σ'(i) + γ) + */ + { + let beta := mload(C_BETA_LOC) // β + let gamma := mload(C_GAMMA_LOC) // γ + let work_root := mload(OMEGA_LOC) // ω + let numerator_value := 1 + let denominator_value := 1 + + let p_clone := p // move p to the front of the stack + let valid_inputs := true + + // Load the starting point of the public inputs (jump over the selector and the length of public inputs [0x24]) + let public_inputs_ptr := add(calldataload(0x24), 0x24) + + // endpoint_ptr = public_inputs_ptr + num_inputs * 0x20. // every public input is 0x20 bytes + let endpoint_ptr := add(public_inputs_ptr, mul(mload(NUM_INPUTS_LOC), 0x20)) + + // root_1 = β * 0x05 + let root_1 := mulmod(beta, 0x05, p_clone) // k1.β + // root_2 = β * 0x0c + let root_2 := mulmod(beta, 0x0c, p_clone) + // @note 0x05 + 0x07 == 0x0c == external coset generator + + for {} lt(public_inputs_ptr, endpoint_ptr) { public_inputs_ptr := add(public_inputs_ptr, 0x20) } { + /** + * input = public_input[i] + * valid_inputs &= input < p + * temp = input + gamma + * numerator_value *= (β.σ(i) + wᵢ + γ) // σ(i) = 0x05.ωⁱ + * denominator_value *= (β.σ'(i) + wᵢ + γ) // σ'(i) = 0x0c.ωⁱ + * root_1 *= ω + * root_2 *= ω + */ + + let input := calldataload(public_inputs_ptr) + valid_inputs := and(valid_inputs, lt(input, p_clone)) + let temp := addmod(input, gamma, p_clone) + + numerator_value := mulmod(numerator_value, add(root_1, temp), p_clone) + denominator_value := mulmod(denominator_value, add(root_2, temp), p_clone) + + root_1 := mulmod(root_1, work_root, p_clone) + root_2 := mulmod(root_2, work_root, p_clone) + } + + // Revert if not all public inputs are field elements (i.e. < p) + if iszero(valid_inputs) { + mstore(0x00, PUBLIC_INPUT_GE_P_SELECTOR) + revert(0x00, 0x04) + } + + mstore(DELTA_NUMERATOR_LOC, numerator_value) + mstore(DELTA_DENOMINATOR_LOC, denominator_value) + } + + /** + * Compute Plookup delta factor [γ(1 + β)]^{n-k} + * k = num roots cut out of Z_H = 4 + */ + { + let delta_base := mulmod(mload(C_GAMMA_LOC), addmod(mload(C_BETA_LOC), 1, p), p) + let delta_numerator := delta_base + { + let exponent := mload(N_LOC) + let count := 1 + for {} lt(count, exponent) { count := add(count, count) } { + delta_numerator := mulmod(delta_numerator, delta_numerator, p) + } + } + mstore(PLOOKUP_DELTA_NUMERATOR_LOC, delta_numerator) + + let delta_denominator := mulmod(delta_base, delta_base, p) + delta_denominator := mulmod(delta_denominator, delta_denominator, p) + mstore(PLOOKUP_DELTA_DENOMINATOR_LOC, delta_denominator) + } + /** + * Compute lagrange poly and vanishing poly fractions + */ + { + /** + * vanishing_numerator = zeta + * ZETA_POW_N = zeta^n + * vanishing_numerator -= 1 + * accumulating_root = omega_inverse + * work_root = p - accumulating_root + * domain_inverse = domain_inverse + * vanishing_denominator = zeta + work_root + * work_root *= accumulating_root + * vanishing_denominator *= (zeta + work_root) + * work_root *= accumulating_root + * vanishing_denominator *= (zeta + work_root) + * vanishing_denominator *= (zeta + (zeta + accumulating_root)) + * work_root = omega + * lagrange_numerator = vanishing_numerator * domain_inverse + * l_start_denominator = zeta - 1 + * accumulating_root = work_root^2 + * l_end_denominator = accumulating_root^2 * work_root * zeta - 1 + * Note: l_end_denominator term contains a term \omega^5 to cut out 5 roots of unity from vanishing poly + */ + + let zeta := mload(C_ZETA_LOC) + + // compute zeta^n, where n is a power of 2 + let vanishing_numerator := zeta + { + // pow_small + let exponent := mload(N_LOC) + let count := 1 + for {} lt(count, exponent) { count := add(count, count) } { + vanishing_numerator := mulmod(vanishing_numerator, vanishing_numerator, p) + } + } + mstore(ZETA_POW_N_LOC, vanishing_numerator) + vanishing_numerator := addmod(vanishing_numerator, sub(p, 1), p) + + let accumulating_root := mload(OMEGA_INVERSE_LOC) + let work_root := sub(p, accumulating_root) + let domain_inverse := mload(DOMAIN_INVERSE_LOC) + + let vanishing_denominator := addmod(zeta, work_root, p) + work_root := mulmod(work_root, accumulating_root, p) + vanishing_denominator := mulmod(vanishing_denominator, addmod(zeta, work_root, p), p) + work_root := mulmod(work_root, accumulating_root, p) + vanishing_denominator := mulmod(vanishing_denominator, addmod(zeta, work_root, p), p) + vanishing_denominator := + mulmod(vanishing_denominator, addmod(zeta, mulmod(work_root, accumulating_root, p), p), p) + + work_root := mload(OMEGA_LOC) + + let lagrange_numerator := mulmod(vanishing_numerator, domain_inverse, p) + let l_start_denominator := addmod(zeta, sub(p, 1), p) + + accumulating_root := mulmod(work_root, work_root, p) + + let l_end_denominator := + addmod( + mulmod(mulmod(mulmod(accumulating_root, accumulating_root, p), work_root, p), zeta, p), sub(p, 1), p + ) + + /** + * Compute inversions using Montgomery's batch inversion trick + */ + let accumulator := mload(DELTA_DENOMINATOR_LOC) + let t0 := accumulator + accumulator := mulmod(accumulator, vanishing_denominator, p) + let t1 := accumulator + accumulator := mulmod(accumulator, vanishing_numerator, p) + let t2 := accumulator + accumulator := mulmod(accumulator, l_start_denominator, p) + let t3 := accumulator + accumulator := mulmod(accumulator, mload(PLOOKUP_DELTA_DENOMINATOR_LOC), p) + let t4 := accumulator + { + mstore(0, 0x20) + mstore(0x20, 0x20) + mstore(0x40, 0x20) + mstore(0x60, mulmod(accumulator, l_end_denominator, p)) + mstore(0x80, sub(p, 2)) + mstore(0xa0, p) + if iszero(staticcall(gas(), 0x05, 0x00, 0xc0, 0x00, 0x20)) { + mstore(0x0, MOD_EXP_FAILURE_SELECTOR) + revert(0x00, 0x04) + } + accumulator := mload(0x00) + } + + t4 := mulmod(accumulator, t4, p) + accumulator := mulmod(accumulator, l_end_denominator, p) + + t3 := mulmod(accumulator, t3, p) + accumulator := mulmod(accumulator, mload(PLOOKUP_DELTA_DENOMINATOR_LOC), p) + + t2 := mulmod(accumulator, t2, p) + accumulator := mulmod(accumulator, l_start_denominator, p) + + t1 := mulmod(accumulator, t1, p) + accumulator := mulmod(accumulator, vanishing_numerator, p) + + t0 := mulmod(accumulator, t0, p) + accumulator := mulmod(accumulator, vanishing_denominator, p) + + accumulator := mulmod(mulmod(accumulator, accumulator, p), mload(DELTA_DENOMINATOR_LOC), p) + + mstore(PUBLIC_INPUT_DELTA_LOC, mulmod(mload(DELTA_NUMERATOR_LOC), accumulator, p)) + mstore(ZERO_POLY_LOC, mulmod(vanishing_numerator, t0, p)) + mstore(ZERO_POLY_INVERSE_LOC, mulmod(vanishing_denominator, t1, p)) + mstore(L_START_LOC, mulmod(lagrange_numerator, t2, p)) + mstore(PLOOKUP_DELTA_LOC, mulmod(mload(PLOOKUP_DELTA_NUMERATOR_LOC), t3, p)) + mstore(L_END_LOC, mulmod(lagrange_numerator, t4, p)) + } + + /** + * UltraPlonk Widget Ordering: + * + * 1. Permutation widget + * 2. Plookup widget + * 3. Arithmetic widget + * 4. Fixed base widget (?) + * 5. GenPermSort widget + * 6. Elliptic widget + * 7. Auxiliary widget + */ + + /** + * COMPUTE PERMUTATION WIDGET EVALUATION + */ + { + let alpha := mload(C_ALPHA_LOC) + let beta := mload(C_BETA_LOC) + let gamma := mload(C_GAMMA_LOC) + + /** + * t1 = (W1 + gamma + beta * ID1) * (W2 + gamma + beta * ID2) + * t2 = (W3 + gamma + beta * ID3) * (W4 + gamma + beta * ID4) + * result = alpha_base * z_eval * t1 * t2 + * t1 = (W1 + gamma + beta * sigma_1_eval) * (W2 + gamma + beta * sigma_2_eval) + * t2 = (W2 + gamma + beta * sigma_3_eval) * (W3 + gamma + beta * sigma_4_eval) + * result -= (alpha_base * z_omega_eval * t1 * t2) + */ + let t1 := + mulmod( + add(add(mload(W1_EVAL_LOC), gamma), mulmod(beta, mload(ID1_EVAL_LOC), p)), + add(add(mload(W2_EVAL_LOC), gamma), mulmod(beta, mload(ID2_EVAL_LOC), p)), + p + ) + let t2 := + mulmod( + add(add(mload(W3_EVAL_LOC), gamma), mulmod(beta, mload(ID3_EVAL_LOC), p)), + add(add(mload(W4_EVAL_LOC), gamma), mulmod(beta, mload(ID4_EVAL_LOC), p)), + p + ) + let result := mulmod(mload(C_ALPHA_BASE_LOC), mulmod(mload(Z_EVAL_LOC), mulmod(t1, t2, p), p), p) + t1 := + mulmod( + add(add(mload(W1_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA1_EVAL_LOC), p)), + add(add(mload(W2_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA2_EVAL_LOC), p)), + p + ) + t2 := + mulmod( + add(add(mload(W3_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA3_EVAL_LOC), p)), + add(add(mload(W4_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA4_EVAL_LOC), p)), + p + ) + result := + addmod( + result, + sub(p, mulmod(mload(C_ALPHA_BASE_LOC), mulmod(mload(Z_OMEGA_EVAL_LOC), mulmod(t1, t2, p), p), p)), + p + ) + + /** + * alpha_base *= alpha + * result += alpha_base . (L_{n-k}(ʓ) . (z(ʓ.ω) - ∆_{PI})) + * alpha_base *= alpha + * result += alpha_base . (L_1(ʓ)(Z(ʓ) - 1)) + * alpha_Base *= alpha + */ + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p)) + result := + addmod( + result, + mulmod( + mload(C_ALPHA_BASE_LOC), + mulmod( + mload(L_END_LOC), + addmod(mload(Z_OMEGA_EVAL_LOC), sub(p, mload(PUBLIC_INPUT_DELTA_LOC)), p), + p + ), + p + ), + p + ) + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p)) + mstore( + PERMUTATION_IDENTITY, + addmod( + result, + mulmod( + mload(C_ALPHA_BASE_LOC), + mulmod(mload(L_START_LOC), addmod(mload(Z_EVAL_LOC), sub(p, 1), p), p), + p + ), + p + ) + ) + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p)) + } + + /** + * COMPUTE PLOOKUP WIDGET EVALUATION + */ + { + /** + * Goal: f = (w1(z) + q2.w1(zω)) + η(w2(z) + qm.w2(zω)) + η²(w3(z) + qc.w_3(zω)) + q3(z).η³ + * f = η.q3(z) + * f += (w3(z) + qc.w_3(zω)) + * f *= η + * f += (w2(z) + qm.w2(zω)) + * f *= η + * f += (w1(z) + q2.w1(zω)) + */ + let f := mulmod(mload(C_ETA_LOC), mload(Q3_EVAL_LOC), p) + f := + addmod(f, addmod(mload(W3_EVAL_LOC), mulmod(mload(QC_EVAL_LOC), mload(W3_OMEGA_EVAL_LOC), p), p), p) + f := mulmod(f, mload(C_ETA_LOC), p) + f := + addmod(f, addmod(mload(W2_EVAL_LOC), mulmod(mload(QM_EVAL_LOC), mload(W2_OMEGA_EVAL_LOC), p), p), p) + f := mulmod(f, mload(C_ETA_LOC), p) + f := + addmod(f, addmod(mload(W1_EVAL_LOC), mulmod(mload(Q2_EVAL_LOC), mload(W1_OMEGA_EVAL_LOC), p), p), p) + + // t(z) = table4(z).η³ + table3(z).η² + table2(z).η + table1(z) + let t := + addmod( + addmod( + addmod( + mulmod(mload(TABLE4_EVAL_LOC), mload(C_ETA_CUBE_LOC), p), + mulmod(mload(TABLE3_EVAL_LOC), mload(C_ETA_SQR_LOC), p), + p + ), + mulmod(mload(TABLE2_EVAL_LOC), mload(C_ETA_LOC), p), + p + ), + mload(TABLE1_EVAL_LOC), + p + ) + + // t(zw) = table4(zw).η³ + table3(zw).η² + table2(zw).η + table1(zw) + let t_omega := + addmod( + addmod( + addmod( + mulmod(mload(TABLE4_OMEGA_EVAL_LOC), mload(C_ETA_CUBE_LOC), p), + mulmod(mload(TABLE3_OMEGA_EVAL_LOC), mload(C_ETA_SQR_LOC), p), + p + ), + mulmod(mload(TABLE2_OMEGA_EVAL_LOC), mload(C_ETA_LOC), p), + p + ), + mload(TABLE1_OMEGA_EVAL_LOC), + p + ) + + /** + * Goal: numerator = (TABLE_TYPE_EVAL * f(z) + γ) * (t(z) + βt(zω) + γ(β + 1)) * (β + 1) + * gamma_beta_constant = γ(β + 1) + * numerator = f * TABLE_TYPE_EVAL + gamma + * temp0 = t(z) + t(zω) * β + gamma_beta_constant + * numerator *= temp0 + * numerator *= (β + 1) + * temp0 = alpha * l_1 + * numerator += temp0 + * numerator *= z_lookup(z) + * numerator -= temp0 + */ + let gamma_beta_constant := mulmod(mload(C_GAMMA_LOC), addmod(mload(C_BETA_LOC), 1, p), p) + let numerator := addmod(mulmod(f, mload(TABLE_TYPE_EVAL_LOC), p), mload(C_GAMMA_LOC), p) + let temp0 := addmod(addmod(t, mulmod(t_omega, mload(C_BETA_LOC), p), p), gamma_beta_constant, p) + numerator := mulmod(numerator, temp0, p) + numerator := mulmod(numerator, addmod(mload(C_BETA_LOC), 1, p), p) + temp0 := mulmod(mload(C_ALPHA_LOC), mload(L_START_LOC), p) + numerator := addmod(numerator, temp0, p) + numerator := mulmod(numerator, mload(Z_LOOKUP_EVAL_LOC), p) + numerator := addmod(numerator, sub(p, temp0), p) + + /** + * Goal: denominator = z_lookup(zω)*[s(z) + βs(zω) + γ(1 + β)] - [z_lookup(zω) - [γ(1 + β)]^{n-k}]*α²L_end(z) + * note: delta_factor = [γ(1 + β)]^{n-k} + * denominator = s(z) + βs(zω) + γ(β + 1) + * temp1 = α²L_end(z) + * denominator -= temp1 + * denominator *= z_lookup(zω) + * denominator += temp1 * delta_factor + * PLOOKUP_IDENTITY = (numerator - denominator).alpha_base + * alpha_base *= alpha^3 + */ + let denominator := + addmod( + addmod(mload(S_EVAL_LOC), mulmod(mload(S_OMEGA_EVAL_LOC), mload(C_BETA_LOC), p), p), + gamma_beta_constant, + p + ) + let temp1 := mulmod(mload(C_ALPHA_SQR_LOC), mload(L_END_LOC), p) + denominator := addmod(denominator, sub(p, temp1), p) + denominator := mulmod(denominator, mload(Z_LOOKUP_OMEGA_EVAL_LOC), p) + denominator := addmod(denominator, mulmod(temp1, mload(PLOOKUP_DELTA_LOC), p), p) + + mstore(PLOOKUP_IDENTITY, mulmod(addmod(numerator, sub(p, denominator), p), mload(C_ALPHA_BASE_LOC), p)) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_CUBE_LOC), p)) + } + + /** + * COMPUTE ARITHMETIC WIDGET EVALUATION + */ + { + /** + * The basic arithmetic gate identity in standard plonk is as follows. + * (w_1 . w_2 . q_m) + (w_1 . q_1) + (w_2 . q_2) + (w_3 . q_3) + (w_4 . q_4) + q_c = 0 + * However, for Ultraplonk, we extend this to support "passing" wires between rows (shown without alpha scaling below): + * q_arith * ( ( (-1/2) * (q_arith - 3) * q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c ) + + * (q_arith - 1)*( α * (q_arith - 2) * (w_1 + w_4 - w_1_omega + q_m) + w_4_omega) ) = 0 + * + * This formula results in several cases depending on q_arith: + * 1. q_arith == 0: Arithmetic gate is completely disabled + * + * 2. q_arith == 1: Everything in the minigate on the right is disabled. The equation is just a standard plonk equation + * with extra wires: q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c = 0 + * + * 3. q_arith == 2: The (w_1 + w_4 - ...) term is disabled. THe equation is: + * (1/2) * q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + w_4_omega = 0 + * It allows defining w_4 at next index (w_4_omega) in terms of current wire values + * + * 4. q_arith == 3: The product of w_1 and w_2 is disabled, but a mini addition gate is enabled. α allows us to split + * the equation into two: + * + * q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + 2 * w_4_omega = 0 + * and + * w_1 + w_4 - w_1_omega + q_m = 0 (we are reusing q_m here) + * + * 5. q_arith > 3: The product of w_1 and w_2 is scaled by (q_arith - 3), while the w_4_omega term is scaled by (q_arith - 1). + * The equation can be split into two: + * + * (q_arith - 3)* q_m * w_1 * w_ 2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + (q_arith - 1) * w_4_omega = 0 + * and + * w_1 + w_4 - w_1_omega + q_m = 0 + * + * The problem that q_m is used both in both equations can be dealt with by appropriately changing selector values at + * the next gate. Then we can treat (q_arith - 1) as a simulated q_6 selector and scale q_m to handle (q_arith - 3) at + * product. + */ + + let w1q1 := mulmod(mload(W1_EVAL_LOC), mload(Q1_EVAL_LOC), p) + let w2q2 := mulmod(mload(W2_EVAL_LOC), mload(Q2_EVAL_LOC), p) + let w3q3 := mulmod(mload(W3_EVAL_LOC), mload(Q3_EVAL_LOC), p) + let w4q3 := mulmod(mload(W4_EVAL_LOC), mload(Q4_EVAL_LOC), p) + + // @todo - Add a explicit test that hits QARITH == 3 + // w1w2qm := (w_1 . w_2 . q_m . (QARITH_EVAL_LOC - 3)) / 2 + let w1w2qm := + mulmod( + mulmod( + mulmod(mulmod(mload(W1_EVAL_LOC), mload(W2_EVAL_LOC), p), mload(QM_EVAL_LOC), p), + addmod(mload(QARITH_EVAL_LOC), sub(p, 3), p), + p + ), + NEGATIVE_INVERSE_OF_2_MODULO_P, + p + ) + + // (w_1 . w_2 . q_m . (q_arith - 3)) / -2) + (w_1 . q_1) + (w_2 . q_2) + (w_3 . q_3) + (w_4 . q_4) + q_c + let identity := + addmod( + mload(QC_EVAL_LOC), addmod(w4q3, addmod(w3q3, addmod(w2q2, addmod(w1q1, w1w2qm, p), p), p), p), p + ) + + // if q_arith == 3 we evaluate an additional mini addition gate (on top of the regular one), where: + // w_1 + w_4 - w_1_omega + q_m = 0 + // we use this gate to save an addition gate when adding or subtracting non-native field elements + // α * (q_arith - 2) * (w_1 + w_4 - w_1_omega + q_m) + let extra_small_addition_gate_identity := + mulmod( + mload(C_ALPHA_LOC), + mulmod( + addmod(mload(QARITH_EVAL_LOC), sub(p, 2), p), + addmod( + mload(QM_EVAL_LOC), + addmod( + sub(p, mload(W1_OMEGA_EVAL_LOC)), addmod(mload(W1_EVAL_LOC), mload(W4_EVAL_LOC), p), p + ), + p + ), + p + ), + p + ) + + // if q_arith == 2 OR q_arith == 3 we add the 4th wire of the NEXT gate into the arithmetic identity + // N.B. if q_arith > 2, this wire value will be scaled by (q_arith - 1) relative to the other gate wires! + // alpha_base * q_arith * (identity + (q_arith - 1) * (w_4_omega + extra_small_addition_gate_identity)) + mstore( + ARITHMETIC_IDENTITY, + mulmod( + mload(C_ALPHA_BASE_LOC), + mulmod( + mload(QARITH_EVAL_LOC), + addmod( + identity, + mulmod( + addmod(mload(QARITH_EVAL_LOC), sub(p, 1), p), + addmod(mload(W4_OMEGA_EVAL_LOC), extra_small_addition_gate_identity, p), + p + ), + p + ), + p + ), + p + ) + ) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_SQR_LOC), p)) + } + + /** + * COMPUTE GENPERMSORT WIDGET EVALUATION + */ + { + /** + * D1 = (w2 - w1) + * D2 = (w3 - w2) + * D3 = (w4 - w3) + * D4 = (w1_omega - w4) + * + * α_a = alpha_base + * α_b = alpha_base * α + * α_c = alpha_base * α^2 + * α_d = alpha_base * α^3 + * + * range_accumulator = ( + * D1(D1 - 1)(D1 - 2)(D1 - 3).α_a + + * D2(D2 - 1)(D2 - 2)(D2 - 3).α_b + + * D3(D3 - 1)(D3 - 2)(D3 - 3).α_c + + * D4(D4 - 1)(D4 - 2)(D4 - 3).α_d + + * ) . q_sort + */ + let minus_two := sub(p, 2) + let minus_three := sub(p, 3) + let d1 := addmod(mload(W2_EVAL_LOC), sub(p, mload(W1_EVAL_LOC)), p) + let d2 := addmod(mload(W3_EVAL_LOC), sub(p, mload(W2_EVAL_LOC)), p) + let d3 := addmod(mload(W4_EVAL_LOC), sub(p, mload(W3_EVAL_LOC)), p) + let d4 := addmod(mload(W1_OMEGA_EVAL_LOC), sub(p, mload(W4_EVAL_LOC)), p) + + let range_accumulator := + mulmod( + mulmod( + mulmod(addmod(mulmod(d1, d1, p), sub(p, d1), p), addmod(d1, minus_two, p), p), + addmod(d1, minus_three, p), + p + ), + mload(C_ALPHA_BASE_LOC), + p + ) + range_accumulator := + addmod( + range_accumulator, + mulmod( + mulmod( + mulmod(addmod(mulmod(d2, d2, p), sub(p, d2), p), addmod(d2, minus_two, p), p), + addmod(d2, minus_three, p), + p + ), + mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p), + p + ), + p + ) + range_accumulator := + addmod( + range_accumulator, + mulmod( + mulmod( + mulmod(addmod(mulmod(d3, d3, p), sub(p, d3), p), addmod(d3, minus_two, p), p), + addmod(d3, minus_three, p), + p + ), + mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_SQR_LOC), p), + p + ), + p + ) + range_accumulator := + addmod( + range_accumulator, + mulmod( + mulmod( + mulmod(addmod(mulmod(d4, d4, p), sub(p, d4), p), addmod(d4, minus_two, p), p), + addmod(d4, minus_three, p), + p + ), + mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_CUBE_LOC), p), + p + ), + p + ) + range_accumulator := mulmod(range_accumulator, mload(QSORT_EVAL_LOC), p) + + mstore(SORT_IDENTITY, range_accumulator) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_QUAD_LOC), p)) + } + + /** + * COMPUTE ELLIPTIC WIDGET EVALUATION + */ + { + /** + * endo_term = (-x_2) * x_1 * (x_3 * 2 + x_1) * q_beta + * endo_sqr_term = x_2^2 + * endo_sqr_term *= (x_3 - x_1) + * endo_sqr_term *= q_beta^2 + * leftovers = x_2^2 + * leftovers *= x_2 + * leftovers += x_1^2 * (x_3 + x_1) @follow-up Invalid comment in BB widget + * leftovers -= (y_2^2 + y_1^2) + * sign_term = y_2 * y_1 + * sign_term += sign_term + * sign_term *= q_sign + */ + // q_elliptic * (x3 + x2 + x1)(x2 - x1)(x2 - x1) - y2^2 - y1^2 + 2(y2y1)*q_sign = 0 + let x_diff := addmod(mload(X2_EVAL_LOC), sub(p, mload(X1_EVAL_LOC)), p) + let y2_sqr := mulmod(mload(Y2_EVAL_LOC), mload(Y2_EVAL_LOC), p) + let y1_sqr := mulmod(mload(Y1_EVAL_LOC), mload(Y1_EVAL_LOC), p) + let y1y2 := mulmod(mulmod(mload(Y1_EVAL_LOC), mload(Y2_EVAL_LOC), p), mload(QSIGN_LOC), p) + + let x_add_identity := + addmod( + mulmod( + addmod(mload(X3_EVAL_LOC), addmod(mload(X2_EVAL_LOC), mload(X1_EVAL_LOC), p), p), + mulmod(x_diff, x_diff, p), + p + ), + addmod( + sub( + p, + addmod(y2_sqr, y1_sqr, p) + ), + addmod(y1y2, y1y2, p), + p + ), + p + ) + x_add_identity := + mulmod( + mulmod( + x_add_identity, + addmod( + 1, + sub(p, mload(QM_EVAL_LOC)), + p + ), + p + ), + mload(C_ALPHA_BASE_LOC), + p + ) + + // q_elliptic * (x3 + x2 + x1)(x2 - x1)(x2 - x1) - y2^2 - y1^2 + 2(y2y1)*q_sign = 0 + let y1_plus_y3 := addmod( + mload(Y1_EVAL_LOC), + mload(Y3_EVAL_LOC), + p + ) + let y_diff := addmod(mulmod(mload(Y2_EVAL_LOC), mload(QSIGN_LOC), p), sub(p, mload(Y1_EVAL_LOC)), p) + let y_add_identity := + addmod( + mulmod(y1_plus_y3, x_diff, p), + mulmod(addmod(mload(X3_EVAL_LOC), sub(p, mload(X1_EVAL_LOC)), p), y_diff, p), + p + ) + y_add_identity := + mulmod( + mulmod(y_add_identity, addmod(1, sub(p, mload(QM_EVAL_LOC)), p), p), + mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p), + p + ) + + // ELLIPTIC_IDENTITY = (x_identity + y_identity) * Q_ELLIPTIC_EVAL + mstore( + ELLIPTIC_IDENTITY, mulmod(addmod(x_add_identity, y_add_identity, p), mload(QELLIPTIC_EVAL_LOC), p) + ) + } + { + /** + * x_pow_4 = (y_1_sqr - curve_b) * x_1; + * y_1_sqr_mul_4 = y_1_sqr + y_1_sqr; + * y_1_sqr_mul_4 += y_1_sqr_mul_4; + * x_1_pow_4_mul_9 = x_pow_4; + * x_1_pow_4_mul_9 += x_1_pow_4_mul_9; + * x_1_pow_4_mul_9 += x_1_pow_4_mul_9; + * x_1_pow_4_mul_9 += x_1_pow_4_mul_9; + * x_1_pow_4_mul_9 += x_pow_4; + * x_1_sqr_mul_3 = x_1_sqr + x_1_sqr + x_1_sqr; + * x_double_identity = (x_3 + x_1 + x_1) * y_1_sqr_mul_4 - x_1_pow_4_mul_9; + * y_double_identity = x_1_sqr_mul_3 * (x_1 - x_3) - (y_1 + y_1) * (y_1 + y_3); + */ + // (x3 + x1 + x1) (4y1*y1) - 9 * x1 * x1 * x1 * x1 = 0 + let x1_sqr := mulmod(mload(X1_EVAL_LOC), mload(X1_EVAL_LOC), p) + let y1_sqr := mulmod(mload(Y1_EVAL_LOC), mload(Y1_EVAL_LOC), p) + let x_pow_4 := mulmod(addmod(y1_sqr, GRUMPKIN_CURVE_B_PARAMETER_NEGATED, p), mload(X1_EVAL_LOC), p) + let y1_sqr_mul_4 := mulmod(y1_sqr, 4, p) + let x1_pow_4_mul_9 := mulmod(x_pow_4, 9, p) + let x1_sqr_mul_3 := mulmod(x1_sqr, 3, p) + let x_double_identity := + addmod( + mulmod( + addmod(mload(X3_EVAL_LOC), addmod(mload(X1_EVAL_LOC), mload(X1_EVAL_LOC), p), p), + y1_sqr_mul_4, + p + ), + sub(p, x1_pow_4_mul_9), + p + ) + // (y1 + y1) (2y1) - (3 * x1 * x1)(x1 - x3) = 0 + let y_double_identity := + addmod( + mulmod(x1_sqr_mul_3, addmod(mload(X1_EVAL_LOC), sub(p, mload(X3_EVAL_LOC)), p), p), + sub( + p, + mulmod( + addmod(mload(Y1_EVAL_LOC), mload(Y1_EVAL_LOC), p), + addmod(mload(Y1_EVAL_LOC), mload(Y3_EVAL_LOC), p), + p + ) + ), + p + ) + x_double_identity := mulmod(x_double_identity, mload(C_ALPHA_BASE_LOC), p) + y_double_identity := + mulmod(y_double_identity, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p), p) + x_double_identity := mulmod(x_double_identity, mload(QM_EVAL_LOC), p) + y_double_identity := mulmod(y_double_identity, mload(QM_EVAL_LOC), p) + // ELLIPTIC_IDENTITY += (x_double_identity + y_double_identity) * Q_DOUBLE_EVAL + mstore( + ELLIPTIC_IDENTITY, + addmod( + mload(ELLIPTIC_IDENTITY), + mulmod(addmod(x_double_identity, y_double_identity, p), mload(QELLIPTIC_EVAL_LOC), p), + p + ) + ) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_QUAD_LOC), p)) + } + + /** + * COMPUTE AUXILIARY WIDGET EVALUATION + */ + { + { + /** + * Non native field arithmetic gate 2 + * _ _ + * / _ _ _ 14 \ + * q_2 . q_4 | (w_1 . w_2) + (w_1 . w_2) + (w_1 . w_4 + w_2 . w_3 - w_3) . 2 - w_3 - w_4 | + * \_ _/ + * + * limb_subproduct = w_1 . w_2_omega + w_1_omega . w_2 + * non_native_field_gate_2 = w_1 * w_4 + w_4 * w_3 - w_3_omega + * non_native_field_gate_2 = non_native_field_gate_2 * limb_size + * non_native_field_gate_2 -= w_4_omega + * non_native_field_gate_2 += limb_subproduct + * non_native_field_gate_2 *= q_4 + * limb_subproduct *= limb_size + * limb_subproduct += w_1_omega * w_2_omega + * non_native_field_gate_1 = (limb_subproduct + w_3 + w_4) * q_3 + * non_native_field_gate_3 = (limb_subproduct + w_4 - (w_3_omega + w_4_omega)) * q_m + * non_native_field_identity = (non_native_field_gate_1 + non_native_field_gate_2 + non_native_field_gate_3) * q_2 + */ + + let limb_subproduct := + addmod( + mulmod(mload(W1_EVAL_LOC), mload(W2_OMEGA_EVAL_LOC), p), + mulmod(mload(W1_OMEGA_EVAL_LOC), mload(W2_EVAL_LOC), p), + p + ) + + let non_native_field_gate_2 := + addmod( + addmod( + mulmod(mload(W1_EVAL_LOC), mload(W4_EVAL_LOC), p), + mulmod(mload(W2_EVAL_LOC), mload(W3_EVAL_LOC), p), + p + ), + sub(p, mload(W3_OMEGA_EVAL_LOC)), + p + ) + non_native_field_gate_2 := mulmod(non_native_field_gate_2, LIMB_SIZE, p) + non_native_field_gate_2 := addmod(non_native_field_gate_2, sub(p, mload(W4_OMEGA_EVAL_LOC)), p) + non_native_field_gate_2 := addmod(non_native_field_gate_2, limb_subproduct, p) + non_native_field_gate_2 := mulmod(non_native_field_gate_2, mload(Q4_EVAL_LOC), p) + limb_subproduct := mulmod(limb_subproduct, LIMB_SIZE, p) + limb_subproduct := + addmod(limb_subproduct, mulmod(mload(W1_OMEGA_EVAL_LOC), mload(W2_OMEGA_EVAL_LOC), p), p) + let non_native_field_gate_1 := + mulmod( + addmod(limb_subproduct, sub(p, addmod(mload(W3_EVAL_LOC), mload(W4_EVAL_LOC), p)), p), + mload(Q3_EVAL_LOC), + p + ) + let non_native_field_gate_3 := + mulmod( + addmod( + addmod(limb_subproduct, mload(W4_EVAL_LOC), p), + sub(p, addmod(mload(W3_OMEGA_EVAL_LOC), mload(W4_OMEGA_EVAL_LOC), p)), + p + ), + mload(QM_EVAL_LOC), + p + ) + let non_native_field_identity := + mulmod( + addmod(addmod(non_native_field_gate_1, non_native_field_gate_2, p), non_native_field_gate_3, p), + mload(Q2_EVAL_LOC), + p + ) + + mstore(AUX_NON_NATIVE_FIELD_EVALUATION, non_native_field_identity) + } + + { + /** + * limb_accumulator_1 = w_2_omega; + * limb_accumulator_1 *= SUBLIMB_SHIFT; + * limb_accumulator_1 += w_1_omega; + * limb_accumulator_1 *= SUBLIMB_SHIFT; + * limb_accumulator_1 += w_3; + * limb_accumulator_1 *= SUBLIMB_SHIFT; + * limb_accumulator_1 += w_2; + * limb_accumulator_1 *= SUBLIMB_SHIFT; + * limb_accumulator_1 += w_1; + * limb_accumulator_1 -= w_4; + * limb_accumulator_1 *= q_4; + */ + let limb_accumulator_1 := mulmod(mload(W2_OMEGA_EVAL_LOC), SUBLIMB_SHIFT, p) + limb_accumulator_1 := addmod(limb_accumulator_1, mload(W1_OMEGA_EVAL_LOC), p) + limb_accumulator_1 := mulmod(limb_accumulator_1, SUBLIMB_SHIFT, p) + limb_accumulator_1 := addmod(limb_accumulator_1, mload(W3_EVAL_LOC), p) + limb_accumulator_1 := mulmod(limb_accumulator_1, SUBLIMB_SHIFT, p) + limb_accumulator_1 := addmod(limb_accumulator_1, mload(W2_EVAL_LOC), p) + limb_accumulator_1 := mulmod(limb_accumulator_1, SUBLIMB_SHIFT, p) + limb_accumulator_1 := addmod(limb_accumulator_1, mload(W1_EVAL_LOC), p) + limb_accumulator_1 := addmod(limb_accumulator_1, sub(p, mload(W4_EVAL_LOC)), p) + limb_accumulator_1 := mulmod(limb_accumulator_1, mload(Q4_EVAL_LOC), p) + + /** + * limb_accumulator_2 = w_3_omega; + * limb_accumulator_2 *= SUBLIMB_SHIFT; + * limb_accumulator_2 += w_2_omega; + * limb_accumulator_2 *= SUBLIMB_SHIFT; + * limb_accumulator_2 += w_1_omega; + * limb_accumulator_2 *= SUBLIMB_SHIFT; + * limb_accumulator_2 += w_4; + * limb_accumulator_2 *= SUBLIMB_SHIFT; + * limb_accumulator_2 += w_3; + * limb_accumulator_2 -= w_4_omega; + * limb_accumulator_2 *= q_m; + */ + let limb_accumulator_2 := mulmod(mload(W3_OMEGA_EVAL_LOC), SUBLIMB_SHIFT, p) + limb_accumulator_2 := addmod(limb_accumulator_2, mload(W2_OMEGA_EVAL_LOC), p) + limb_accumulator_2 := mulmod(limb_accumulator_2, SUBLIMB_SHIFT, p) + limb_accumulator_2 := addmod(limb_accumulator_2, mload(W1_OMEGA_EVAL_LOC), p) + limb_accumulator_2 := mulmod(limb_accumulator_2, SUBLIMB_SHIFT, p) + limb_accumulator_2 := addmod(limb_accumulator_2, mload(W4_EVAL_LOC), p) + limb_accumulator_2 := mulmod(limb_accumulator_2, SUBLIMB_SHIFT, p) + limb_accumulator_2 := addmod(limb_accumulator_2, mload(W3_EVAL_LOC), p) + limb_accumulator_2 := addmod(limb_accumulator_2, sub(p, mload(W4_OMEGA_EVAL_LOC)), p) + limb_accumulator_2 := mulmod(limb_accumulator_2, mload(QM_EVAL_LOC), p) + + mstore( + AUX_LIMB_ACCUMULATOR_EVALUATION, + mulmod(addmod(limb_accumulator_1, limb_accumulator_2, p), mload(Q3_EVAL_LOC), p) + ) + } + + { + /** + * memory_record_check = w_3; + * memory_record_check *= eta; + * memory_record_check += w_2; + * memory_record_check *= eta; + * memory_record_check += w_1; + * memory_record_check *= eta; + * memory_record_check += q_c; + * + * partial_record_check = memory_record_check; + * + * memory_record_check -= w_4; + */ + + let memory_record_check := mulmod(mload(W3_EVAL_LOC), mload(C_ETA_LOC), p) + memory_record_check := addmod(memory_record_check, mload(W2_EVAL_LOC), p) + memory_record_check := mulmod(memory_record_check, mload(C_ETA_LOC), p) + memory_record_check := addmod(memory_record_check, mload(W1_EVAL_LOC), p) + memory_record_check := mulmod(memory_record_check, mload(C_ETA_LOC), p) + memory_record_check := addmod(memory_record_check, mload(QC_EVAL_LOC), p) + + let partial_record_check := memory_record_check + memory_record_check := addmod(memory_record_check, sub(p, mload(W4_EVAL_LOC)), p) + + mstore(AUX_MEMORY_EVALUATION, memory_record_check) + + // index_delta = w_1_omega - w_1 + let index_delta := addmod(mload(W1_OMEGA_EVAL_LOC), sub(p, mload(W1_EVAL_LOC)), p) + // record_delta = w_4_omega - w_4 + let record_delta := addmod(mload(W4_OMEGA_EVAL_LOC), sub(p, mload(W4_EVAL_LOC)), p) + // index_is_monotonically_increasing = index_delta * (index_delta - 1) + let index_is_monotonically_increasing := mulmod(index_delta, addmod(index_delta, sub(p, 1), p), p) + + // adjacent_values_match_if_adjacent_indices_match = record_delta * (1 - index_delta) + let adjacent_values_match_if_adjacent_indices_match := + mulmod(record_delta, addmod(1, sub(p, index_delta), p), p) + + // AUX_ROM_CONSISTENCY_EVALUATION = ((adjacent_values_match_if_adjacent_indices_match * alpha) + index_is_monotonically_increasing) * alpha + partial_record_check + mstore( + AUX_ROM_CONSISTENCY_EVALUATION, + addmod( + mulmod( + addmod( + mulmod(adjacent_values_match_if_adjacent_indices_match, mload(C_ALPHA_LOC), p), + index_is_monotonically_increasing, + p + ), + mload(C_ALPHA_LOC), + p + ), + memory_record_check, + p + ) + ) + + { + /** + * next_gate_access_type = w_3_omega; + * next_gate_access_type *= eta; + * next_gate_access_type += w_2_omega; + * next_gate_access_type *= eta; + * next_gate_access_type += w_1_omega; + * next_gate_access_type *= eta; + * next_gate_access_type = w_4_omega - next_gate_access_type; + */ + let next_gate_access_type := mulmod(mload(W3_OMEGA_EVAL_LOC), mload(C_ETA_LOC), p) + next_gate_access_type := addmod(next_gate_access_type, mload(W2_OMEGA_EVAL_LOC), p) + next_gate_access_type := mulmod(next_gate_access_type, mload(C_ETA_LOC), p) + next_gate_access_type := addmod(next_gate_access_type, mload(W1_OMEGA_EVAL_LOC), p) + next_gate_access_type := mulmod(next_gate_access_type, mload(C_ETA_LOC), p) + next_gate_access_type := addmod(mload(W4_OMEGA_EVAL_LOC), sub(p, next_gate_access_type), p) + + // value_delta = w_3_omega - w_3 + let value_delta := addmod(mload(W3_OMEGA_EVAL_LOC), sub(p, mload(W3_EVAL_LOC)), p) + // adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation = (1 - index_delta) * value_delta * (1 - next_gate_access_type); + + let adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation := + mulmod( + addmod(1, sub(p, index_delta), p), + mulmod(value_delta, addmod(1, sub(p, next_gate_access_type), p), p), + p + ) + + // AUX_RAM_CONSISTENCY_EVALUATION + + /** + * access_type = w_4 - partial_record_check + * access_check = access_type^2 - access_type + * next_gate_access_type_is_boolean = next_gate_access_type^2 - next_gate_access_type + * RAM_consistency_check_identity = adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation; + * RAM_consistency_check_identity *= alpha; + * RAM_consistency_check_identity += index_is_monotonically_increasing; + * RAM_consistency_check_identity *= alpha; + * RAM_consistency_check_identity += next_gate_access_type_is_boolean; + * RAM_consistency_check_identity *= alpha; + * RAM_consistency_check_identity += access_check; + */ + + let access_type := addmod(mload(W4_EVAL_LOC), sub(p, partial_record_check), p) + let access_check := mulmod(access_type, addmod(access_type, sub(p, 1), p), p) + let next_gate_access_type_is_boolean := + mulmod(next_gate_access_type, addmod(next_gate_access_type, sub(p, 1), p), p) + let RAM_cci := + mulmod( + adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation, + mload(C_ALPHA_LOC), + p + ) + RAM_cci := addmod(RAM_cci, index_is_monotonically_increasing, p) + RAM_cci := mulmod(RAM_cci, mload(C_ALPHA_LOC), p) + RAM_cci := addmod(RAM_cci, next_gate_access_type_is_boolean, p) + RAM_cci := mulmod(RAM_cci, mload(C_ALPHA_LOC), p) + RAM_cci := addmod(RAM_cci, access_check, p) + + mstore(AUX_RAM_CONSISTENCY_EVALUATION, RAM_cci) + } + + { + // timestamp_delta = w_2_omega - w_2 + let timestamp_delta := addmod(mload(W2_OMEGA_EVAL_LOC), sub(p, mload(W2_EVAL_LOC)), p) + + // RAM_timestamp_check_identity = (1 - index_delta) * timestamp_delta - w_3 + let RAM_timestamp_check_identity := + addmod( + mulmod(timestamp_delta, addmod(1, sub(p, index_delta), p), p), sub(p, mload(W3_EVAL_LOC)), p + ) + + /** + * memory_identity = ROM_consistency_check_identity * q_2; + * memory_identity += RAM_timestamp_check_identity * q_4; + * memory_identity += memory_record_check * q_m; + * memory_identity *= q_1; + * memory_identity += (RAM_consistency_check_identity * q_arith); + * + * auxiliary_identity = memory_identity + non_native_field_identity + limb_accumulator_identity; + * auxiliary_identity *= q_aux; + * auxiliary_identity *= alpha_base; + */ + let memory_identity := mulmod(mload(AUX_ROM_CONSISTENCY_EVALUATION), mload(Q2_EVAL_LOC), p) + memory_identity := + addmod(memory_identity, mulmod(RAM_timestamp_check_identity, mload(Q4_EVAL_LOC), p), p) + memory_identity := + addmod(memory_identity, mulmod(mload(AUX_MEMORY_EVALUATION), mload(QM_EVAL_LOC), p), p) + memory_identity := mulmod(memory_identity, mload(Q1_EVAL_LOC), p) + memory_identity := + addmod( + memory_identity, mulmod(mload(AUX_RAM_CONSISTENCY_EVALUATION), mload(QARITH_EVAL_LOC), p), p + ) + + let auxiliary_identity := addmod(memory_identity, mload(AUX_NON_NATIVE_FIELD_EVALUATION), p) + auxiliary_identity := addmod(auxiliary_identity, mload(AUX_LIMB_ACCUMULATOR_EVALUATION), p) + auxiliary_identity := mulmod(auxiliary_identity, mload(QAUX_EVAL_LOC), p) + auxiliary_identity := mulmod(auxiliary_identity, mload(C_ALPHA_BASE_LOC), p) + + mstore(AUX_IDENTITY, auxiliary_identity) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_CUBE_LOC), p)) + } + } + } + + { + /** + * quotient = ARITHMETIC_IDENTITY + * quotient += PERMUTATION_IDENTITY + * quotient += PLOOKUP_IDENTITY + * quotient += SORT_IDENTITY + * quotient += ELLIPTIC_IDENTITY + * quotient += AUX_IDENTITY + * quotient *= ZERO_POLY_INVERSE + */ + mstore( + QUOTIENT_EVAL_LOC, + mulmod( + addmod( + addmod( + addmod( + addmod( + addmod(mload(PERMUTATION_IDENTITY), mload(PLOOKUP_IDENTITY), p), + mload(ARITHMETIC_IDENTITY), + p + ), + mload(SORT_IDENTITY), + p + ), + mload(ELLIPTIC_IDENTITY), + p + ), + mload(AUX_IDENTITY), + p + ), + mload(ZERO_POLY_INVERSE_LOC), + p + ) + ) + } + + /** + * GENERATE NU AND SEPARATOR CHALLENGES + */ + { + let current_challenge := mload(C_CURRENT_LOC) + // get a calldata pointer that points to the start of the data we want to copy + let calldata_ptr := add(calldataload(0x04), 0x24) + + calldata_ptr := add(calldata_ptr, NU_CALLDATA_SKIP_LENGTH) + + mstore(NU_CHALLENGE_INPUT_LOC_A, current_challenge) + mstore(NU_CHALLENGE_INPUT_LOC_B, mload(QUOTIENT_EVAL_LOC)) + calldatacopy(NU_CHALLENGE_INPUT_LOC_C, calldata_ptr, NU_INPUT_LENGTH) + + // hash length = (0x20 + num field elements), we include the previous challenge in the hash + let challenge := keccak256(NU_CHALLENGE_INPUT_LOC_A, add(NU_INPUT_LENGTH, 0x40)) + + mstore(C_V0_LOC, mod(challenge, p)) + // We need THIRTY-ONE independent nu challenges! + mstore(0x00, challenge) + mstore8(0x20, 0x01) + mstore(C_V1_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x02) + mstore(C_V2_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x03) + mstore(C_V3_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x04) + mstore(C_V4_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x05) + mstore(C_V5_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x06) + mstore(C_V6_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x07) + mstore(C_V7_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x08) + mstore(C_V8_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x09) + mstore(C_V9_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0a) + mstore(C_V10_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0b) + mstore(C_V11_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0c) + mstore(C_V12_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0d) + mstore(C_V13_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0e) + mstore(C_V14_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0f) + mstore(C_V15_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x10) + mstore(C_V16_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x11) + mstore(C_V17_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x12) + mstore(C_V18_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x13) + mstore(C_V19_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x14) + mstore(C_V20_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x15) + mstore(C_V21_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x16) + mstore(C_V22_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x17) + mstore(C_V23_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x18) + mstore(C_V24_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x19) + mstore(C_V25_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x1a) + mstore(C_V26_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x1b) + mstore(C_V27_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x1c) + mstore(C_V28_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x1d) + mstore(C_V29_LOC, mod(keccak256(0x00, 0x21), p)) + + // @follow-up - Why are both v29 and v30 using appending 0x1d to the prior challenge and hashing, should it not change? + mstore8(0x20, 0x1d) + challenge := keccak256(0x00, 0x21) + mstore(C_V30_LOC, mod(challenge, p)) + + // separator + mstore(0x00, challenge) + mstore(0x20, mload(PI_Z_Y_LOC)) + mstore(0x40, mload(PI_Z_X_LOC)) + mstore(0x60, mload(PI_Z_OMEGA_Y_LOC)) + mstore(0x80, mload(PI_Z_OMEGA_X_LOC)) + + mstore(C_U_LOC, mod(keccak256(0x00, 0xa0), p)) + } + + let success := 0 + // VALIDATE T1 + { + let x := mload(T1_X_LOC) + let y := mload(T1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(ACCUMULATOR_X_LOC, x) + mstore(add(ACCUMULATOR_X_LOC, 0x20), y) + } + // VALIDATE T2 + { + let x := mload(T2_X_LOC) // 0x1400 + let y := mload(T2_Y_LOC) // 0x1420 + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(ZETA_POW_N_LOC)) + // accumulator_2 = [T2].zeta^n + success := staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40) + // accumulator = [T1] + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE T3 + { + let x := mload(T3_X_LOC) + let y := mload(T3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(mload(ZETA_POW_N_LOC), mload(ZETA_POW_N_LOC), p)) + // accumulator_2 = [T3].zeta^{2n} + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE T4 + { + let x := mload(T4_X_LOC) + let y := mload(T4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(mulmod(mload(ZETA_POW_N_LOC), mload(ZETA_POW_N_LOC), p), mload(ZETA_POW_N_LOC), p)) + // accumulator_2 = [T4].zeta^{3n} + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE W1 + { + let x := mload(W1_X_LOC) + let y := mload(W1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V0_LOC), p)) + // accumulator_2 = v0.(u + 1).[W1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE W2 + { + let x := mload(W2_X_LOC) + let y := mload(W2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V1_LOC), p)) + // accumulator_2 = v1.(u + 1).[W2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE W3 + { + let x := mload(W3_X_LOC) + let y := mload(W3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V2_LOC), p)) + // accumulator_2 = v2.(u + 1).[W3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE W4 + { + let x := mload(W4_X_LOC) + let y := mload(W4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V3_LOC), p)) + // accumulator_2 = v3.(u + 1).[W4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE S + { + let x := mload(S_X_LOC) + let y := mload(S_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V4_LOC), p)) + // accumulator_2 = v4.(u + 1).[S] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Z + { + let x := mload(Z_X_LOC) + let y := mload(Z_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V5_LOC), p)) + // accumulator_2 = v5.(u + 1).[Z] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Z_LOOKUP + { + let x := mload(Z_LOOKUP_X_LOC) + let y := mload(Z_LOOKUP_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V6_LOC), p)) + // accumulator_2 = v6.(u + 1).[Z_LOOKUP] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Q1 + { + let x := mload(Q1_X_LOC) + let y := mload(Q1_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V7_LOC)) + // accumulator_2 = v7.[Q1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Q2 + { + let x := mload(Q2_X_LOC) + let y := mload(Q2_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V8_LOC)) + // accumulator_2 = v8.[Q2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Q3 + { + let x := mload(Q3_X_LOC) + let y := mload(Q3_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V9_LOC)) + // accumulator_2 = v9.[Q3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Q4 + { + let x := mload(Q4_X_LOC) + let y := mload(Q4_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V10_LOC)) + // accumulator_2 = v10.[Q4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QM + { + let x := mload(QM_X_LOC) + let y := mload(QM_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V11_LOC)) + // accumulator_2 = v11.[Q;] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QC + { + let x := mload(QC_X_LOC) + let y := mload(QC_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V12_LOC)) + // accumulator_2 = v12.[QC] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QARITH + { + let x := mload(QARITH_X_LOC) + let y := mload(QARITH_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V13_LOC)) + // accumulator_2 = v13.[QARITH] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QSORT + { + let x := mload(QSORT_X_LOC) + let y := mload(QSORT_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V14_LOC)) + // accumulator_2 = v14.[QSORT] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QELLIPTIC + { + let x := mload(QELLIPTIC_X_LOC) + let y := mload(QELLIPTIC_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V15_LOC)) + // accumulator_2 = v15.[QELLIPTIC] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QAUX + { + let x := mload(QAUX_X_LOC) + let y := mload(QAUX_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V16_LOC)) + // accumulator_2 = v15.[Q_AUX] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE SIGMA1 + { + let x := mload(SIGMA1_X_LOC) + let y := mload(SIGMA1_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V17_LOC)) + // accumulator_2 = v17.[sigma1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE SIGMA2 + { + let x := mload(SIGMA2_X_LOC) + let y := mload(SIGMA2_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V18_LOC)) + // accumulator_2 = v18.[sigma2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE SIGMA3 + { + let x := mload(SIGMA3_X_LOC) + let y := mload(SIGMA3_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V19_LOC)) + // accumulator_2 = v19.[sigma3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE SIGMA4 + { + let x := mload(SIGMA4_X_LOC) + let y := mload(SIGMA4_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V20_LOC)) + // accumulator_2 = v20.[sigma4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE1 + { + let x := mload(TABLE1_X_LOC) + let y := mload(TABLE1_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V21_LOC), p)) + // accumulator_2 = u.[table1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE2 + { + let x := mload(TABLE2_X_LOC) + let y := mload(TABLE2_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V22_LOC), p)) + // accumulator_2 = u.[table2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE3 + { + let x := mload(TABLE3_X_LOC) + let y := mload(TABLE3_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V23_LOC), p)) + // accumulator_2 = u.[table3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE4 + { + let x := mload(TABLE4_X_LOC) + let y := mload(TABLE4_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V24_LOC), p)) + // accumulator_2 = u.[table4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE_TYPE + { + let x := mload(TABLE_TYPE_X_LOC) + let y := mload(TABLE_TYPE_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V25_LOC)) + // accumulator_2 = v25.[TableType] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE ID1 + { + let x := mload(ID1_X_LOC) + let y := mload(ID1_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V26_LOC)) + // accumulator_2 = v26.[ID1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE ID2 + { + let x := mload(ID2_X_LOC) + let y := mload(ID2_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V27_LOC)) + // accumulator_2 = v27.[ID2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE ID3 + { + let x := mload(ID3_X_LOC) + let y := mload(ID3_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V28_LOC)) + // accumulator_2 = v28.[ID3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE ID4 + { + let x := mload(ID4_X_LOC) + let y := mload(ID4_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V29_LOC)) + // accumulator_2 = v29.[ID4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + /** + * COMPUTE BATCH EVALUATION SCALAR MULTIPLIER + */ + { + /** + * batch_evaluation = v0 * (w_1_omega * u + w_1_eval) + * batch_evaluation += v1 * (w_2_omega * u + w_2_eval) + * batch_evaluation += v2 * (w_3_omega * u + w_3_eval) + * batch_evaluation += v3 * (w_4_omega * u + w_4_eval) + * batch_evaluation += v4 * (s_omega_eval * u + s_eval) + * batch_evaluation += v5 * (z_omega_eval * u + z_eval) + * batch_evaluation += v6 * (z_lookup_omega_eval * u + z_lookup_eval) + */ + let batch_evaluation := + mulmod( + mload(C_V0_LOC), + addmod(mulmod(mload(W1_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W1_EVAL_LOC), p), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V1_LOC), + addmod(mulmod(mload(W2_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W2_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V2_LOC), + addmod(mulmod(mload(W3_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W3_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V3_LOC), + addmod(mulmod(mload(W4_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W4_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V4_LOC), + addmod(mulmod(mload(S_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(S_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V5_LOC), + addmod(mulmod(mload(Z_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(Z_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V6_LOC), + addmod(mulmod(mload(Z_LOOKUP_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(Z_LOOKUP_EVAL_LOC), p), + p + ), + p + ) + + /** + * batch_evaluation += v7 * Q1_EVAL + * batch_evaluation += v8 * Q2_EVAL + * batch_evaluation += v9 * Q3_EVAL + * batch_evaluation += v10 * Q4_EVAL + * batch_evaluation += v11 * QM_EVAL + * batch_evaluation += v12 * QC_EVAL + * batch_evaluation += v13 * QARITH_EVAL + * batch_evaluation += v14 * QSORT_EVAL_LOC + * batch_evaluation += v15 * QELLIPTIC_EVAL_LOC + * batch_evaluation += v16 * QAUX_EVAL_LOC + * batch_evaluation += v17 * SIGMA1_EVAL_LOC + * batch_evaluation += v18 * SIGMA2_EVAL_LOC + * batch_evaluation += v19 * SIGMA3_EVAL_LOC + * batch_evaluation += v20 * SIGMA4_EVAL_LOC + */ + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V7_LOC), mload(Q1_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V8_LOC), mload(Q2_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V9_LOC), mload(Q3_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V10_LOC), mload(Q4_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V11_LOC), mload(QM_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V12_LOC), mload(QC_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V13_LOC), mload(QARITH_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V14_LOC), mload(QSORT_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V15_LOC), mload(QELLIPTIC_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V16_LOC), mload(QAUX_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V17_LOC), mload(SIGMA1_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V18_LOC), mload(SIGMA2_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V19_LOC), mload(SIGMA3_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V20_LOC), mload(SIGMA4_EVAL_LOC), p), p) + + /** + * batch_evaluation += v21 * (table1(zw) * u + table1(z)) + * batch_evaluation += v22 * (table2(zw) * u + table2(z)) + * batch_evaluation += v23 * (table3(zw) * u + table3(z)) + * batch_evaluation += v24 * (table4(zw) * u + table4(z)) + * batch_evaluation += v25 * table_type_eval + * batch_evaluation += v26 * id1_eval + * batch_evaluation += v27 * id2_eval + * batch_evaluation += v28 * id3_eval + * batch_evaluation += v29 * id4_eval + * batch_evaluation += quotient_eval + */ + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V21_LOC), + addmod(mulmod(mload(TABLE1_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE1_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V22_LOC), + addmod(mulmod(mload(TABLE2_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE2_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V23_LOC), + addmod(mulmod(mload(TABLE3_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE3_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V24_LOC), + addmod(mulmod(mload(TABLE4_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE4_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V25_LOC), mload(TABLE_TYPE_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V26_LOC), mload(ID1_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V27_LOC), mload(ID2_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V28_LOC), mload(ID3_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V29_LOC), mload(ID4_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mload(QUOTIENT_EVAL_LOC), p) + + mstore(0x00, 0x01) // [1].x + mstore(0x20, 0x02) // [1].y + mstore(0x40, sub(p, batch_evaluation)) + // accumulator_2 = -[1].(batch_evaluation) + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + if iszero(success) { + mstore(0x0, OPENING_COMMITMENT_FAILED_SELECTOR) + revert(0x00, 0x04) + } + } + + /** + * PERFORM PAIRING PREAMBLE + */ + { + let u := mload(C_U_LOC) + let zeta := mload(C_ZETA_LOC) + // VALIDATE PI_Z + { + let x := mload(PI_Z_X_LOC) + let y := mload(PI_Z_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + // compute zeta.[PI_Z] and add into accumulator + mstore(0x40, zeta) + success := staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE PI_Z_OMEGA + { + let x := mload(PI_Z_OMEGA_X_LOC) + let y := mload(PI_Z_OMEGA_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(mulmod(u, zeta, p), mload(OMEGA_LOC), p)) + // accumulator_2 = u.zeta.omega.[PI_Z_OMEGA] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // PAIRING_RHS = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, PAIRING_RHS_X_LOC, 0x40)) + + mstore(0x00, mload(PI_Z_X_LOC)) + mstore(0x20, mload(PI_Z_Y_LOC)) + mstore(0x40, mload(PI_Z_OMEGA_X_LOC)) + mstore(0x60, mload(PI_Z_OMEGA_Y_LOC)) + mstore(0x80, u) + success := and(success, staticcall(gas(), 7, 0x40, 0x60, 0x40, 0x40)) + // PAIRING_LHS = [PI_Z] + [PI_Z_OMEGA] * u + success := and(success, staticcall(gas(), 6, 0x00, 0x80, PAIRING_LHS_X_LOC, 0x40)) + // negate lhs y-coordinate + mstore(PAIRING_LHS_Y_LOC, sub(q, mload(PAIRING_LHS_Y_LOC))) + + if mload(CONTAINS_RECURSIVE_PROOF_LOC) { + // VALIDATE RECURSIVE P1 + { + let x := mload(RECURSIVE_P1_X_LOC) + let y := mload(RECURSIVE_P1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + + // compute u.u.[recursive_p1] and write into 0x60 + mstore(0x40, mulmod(u, u, p)) + success := and(success, staticcall(gas(), 7, 0x00, 0x60, 0x60, 0x40)) + // VALIDATE RECURSIVE P2 + { + let x := mload(RECURSIVE_P2_X_LOC) + let y := mload(RECURSIVE_P2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + // compute u.u.[recursive_p2] and write into 0x00 + // 0x40 still contains u*u + success := and(success, staticcall(gas(), 7, 0x00, 0x60, 0x00, 0x40)) + + // compute u.u.[recursiveP1] + rhs and write into rhs + mstore(0xa0, mload(PAIRING_RHS_X_LOC)) + mstore(0xc0, mload(PAIRING_RHS_Y_LOC)) + success := and(success, staticcall(gas(), 6, 0x60, 0x80, PAIRING_RHS_X_LOC, 0x40)) + + // compute u.u.[recursiveP2] + lhs and write into lhs + mstore(0x40, mload(PAIRING_LHS_X_LOC)) + mstore(0x60, mload(PAIRING_LHS_Y_LOC)) + success := and(success, staticcall(gas(), 6, 0x00, 0x80, PAIRING_LHS_X_LOC, 0x40)) + } + + if iszero(success) { + mstore(0x0, PAIRING_PREAMBLE_FAILED_SELECTOR) + revert(0x00, 0x04) + } + } + + /** + * PERFORM PAIRING + */ + { + // rhs paired with [1]_2 + // lhs paired with [x]_2 + + mstore(0x00, mload(PAIRING_RHS_X_LOC)) + mstore(0x20, mload(PAIRING_RHS_Y_LOC)) + mstore(0x40, 0x198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c2) // this is [1]_2 + mstore(0x60, 0x1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed) + mstore(0x80, 0x090689d0585ff075ec9e99ad690c3395bc4b313370b38ef355acdadcd122975b) + mstore(0xa0, 0x12c85ea5db8c6deb4aab71808dcb408fe3d1e7690c43d37b4ce6cc0166fa7daa) + + mstore(0xc0, mload(PAIRING_LHS_X_LOC)) + mstore(0xe0, mload(PAIRING_LHS_Y_LOC)) + mstore(0x100, mload(G2X_X0_LOC)) + mstore(0x120, mload(G2X_X1_LOC)) + mstore(0x140, mload(G2X_Y0_LOC)) + mstore(0x160, mload(G2X_Y1_LOC)) + + success := staticcall(gas(), 8, 0x00, 0x180, 0x00, 0x20) + if iszero(and(success, mload(0x00))) { + mstore(0x0, PAIRING_FAILED_SELECTOR) + revert(0x00, 0x04) + } + } + + { + mstore(0x00, 0x01) + return(0x00, 0x20) // Proof succeeded! + } + } + } +} + +contract UltraVerifier is BaseUltraVerifier { + function getVerificationKeyHash() public pure override(BaseUltraVerifier) returns (bytes32) { + return UltraVerificationKey.verificationKeyHash(); + } + + function loadVerificationKey(uint256 vk, uint256 _omegaInverseLoc) internal pure virtual override(BaseUltraVerifier) { + UltraVerificationKey.loadVerificationKey(vk, _omegaInverseLoc); + } +} diff --git a/noir/noir-repo/compiler/integration-tests/contracts/recursion.sol b/noir/noir-repo/compiler/integration-tests/contracts/recursion.sol new file mode 100644 index 00000000000..abb5529f12e --- /dev/null +++ b/noir/noir-repo/compiler/integration-tests/contracts/recursion.sol @@ -0,0 +1,2869 @@ +// Verification Key Hash: e0328cb05dead618095601e226cdeb6dbc39366658b78fabcb8b4d79b64150fe +// SPDX-License-Identifier: Apache-2.0 +// Copyright 2022 Aztec +pragma solidity >=0.8.4; + +library UltraVerificationKey { + function verificationKeyHash() internal pure returns(bytes32) { + return 0xe0328cb05dead618095601e226cdeb6dbc39366658b78fabcb8b4d79b64150fe; + } + + function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure { + assembly { + mstore(add(_vk, 0x00), 0x0000000000000000000000000000000000000000000000000000000000040000) // vk.circuit_size + mstore(add(_vk, 0x20), 0x0000000000000000000000000000000000000000000000000000000000000010) // vk.num_inputs + mstore(add(_vk, 0x40), 0x19ddbcaf3a8d46c15c0176fbb5b95e4dc57088ff13f4d1bd84c6bfa57dcdc0e0) // vk.work_root + mstore(add(_vk, 0x60), 0x30644259cd94e7dd5045d7a27013b7fcd21c9e3b7fa75222e7bda49b729b0401) // vk.domain_inverse + mstore(add(_vk, 0x80), 0x296cf46c4f739702b3432a7e00d817fd408d994c86c7b2a3d111e60216220ff4) // vk.Q1.x + mstore(add(_vk, 0xa0), 0x23eb5e8befe06db56c45cacc7f6ebe1c5a6d564eacd9ce398f5512f78716db2f) // vk.Q1.y + mstore(add(_vk, 0xc0), 0x1343a11edd4c8f943d25b149f25ce46f3f3d778986116e54e46f19ecea6f222c) // vk.Q2.x + mstore(add(_vk, 0xe0), 0x21465130765a50d22ae703a7f04f1c56d702a1fd8e60ef7ab8643e7d65400d4a) // vk.Q2.y + mstore(add(_vk, 0x100), 0x14ca6d2277d046bfec277680aaef68c036229345162dc5898d4c59c48af3050c) // vk.Q3.x + mstore(add(_vk, 0x120), 0x0193076249ef903f84326def1f71f3e0f8964d6ad9b8169b10373534c5d8ce3a) // vk.Q3.y + mstore(add(_vk, 0x140), 0x19b321f51f228bda6233253f630bd7a4ef8886b0b0b04b8aa5dae7de26262741) // vk.Q4.x + mstore(add(_vk, 0x160), 0x29e642b2b28bb28117bf91a05f4072be4aa7b9e461a30a8b512c9ce550b8bd11) // vk.Q4.y + mstore(add(_vk, 0x180), 0x135c2b4ca117cad1e6de43b35922898f10a215ca4bd212fb235b11f749747a40) // vk.Q_M.x + mstore(add(_vk, 0x1a0), 0x1b5898cbfad83193f396baa1b97d270788e813afeb2a55342f4e01118d7c8d52) // vk.Q_M.y + mstore(add(_vk, 0x1c0), 0x22b15c7b21212709f0670cb679b2f9983b0624880388177e34194a86a8beeec4) // vk.Q_C.x + mstore(add(_vk, 0x1e0), 0x23abf1bb3ae5b994d972821a588c2a181d6f73b19cd63eb97ba3d279280c8d89) // vk.Q_C.y + mstore(add(_vk, 0x200), 0x113b6d3105a628cbad57a3e0d3af01035264182e3730b1e09ec465456c93e237) // vk.Q_ARITHMETIC.x + mstore(add(_vk, 0x220), 0x144c2223ed41c781c7e91e392a785122901565726d0733d1f85d715cf72f46c7) // vk.Q_ARITHMETIC.y + mstore(add(_vk, 0x240), 0x2ef5ddac9f6900407cb286d52468a09ed415e365b5086f5c9b74b4f281c61054) // vk.QSORT.x + mstore(add(_vk, 0x260), 0x010674e24f29b69a54da15ac59911e89cf3fa787ed2cad6a44daa63c67d00fd7) // vk.QSORT.y + mstore(add(_vk, 0x280), 0x26ba1f4d0e050a78621b511228a9c6983f7868dde8d03a3206ba8ecb4745228c) // vk.Q_ELLIPTIC.x + mstore(add(_vk, 0x2a0), 0x00e496fbcd18c30efca8bbab288382270e7c1ca730a6de1c97f1fdb8e8cbb8ae) // vk.Q_ELLIPTIC.y + mstore(add(_vk, 0x2c0), 0x12f33eb7f1ef14f7b9c5eef6fda9e8b915b1505a9fc4fddbe85273bab940215d) // vk.Q_AUX.x + mstore(add(_vk, 0x2e0), 0x0243ce5ba21f31b237dca7bb13bb6552da8e193324813b7269b144f5fc4bb571) // vk.Q_AUX.y + mstore(add(_vk, 0x300), 0x08ba0b0a65af34cf8d99b68d5a1f8ff614a3d2f2b79feeb798b1167cc9a38cc9) // vk.SIGMA1.x + mstore(add(_vk, 0x320), 0x150a1dbd173563cdd0503776c3d59e91d6e78c1f1e6d23785f9da5843b27fc60) // vk.SIGMA1.y + mstore(add(_vk, 0x340), 0x2495d18a5ab5b8e3a2f6f9888d92d349362dde30734049dccc6fa6e07d903231) // vk.SIGMA2.x + mstore(add(_vk, 0x360), 0x0823530dc06e55a763f9a51db768d4bc53ebec26334b3e9d248235e7972624c6) // vk.SIGMA2.y + mstore(add(_vk, 0x380), 0x15b6c07df0304bc78711f6f924f040f63c0a1e6174d1bc4bb20c5cf93444d239) // vk.SIGMA3.x + mstore(add(_vk, 0x3a0), 0x1c7932ed2c40d035d67e80599df3f127fd408c30af2f5dd14805dd5816715881) // vk.SIGMA3.y + mstore(add(_vk, 0x3c0), 0x2644c0b211b5bc8160034e9b4948392266e615c101df2306a82bc2f99ceb2357) // vk.SIGMA4.x + mstore(add(_vk, 0x3e0), 0x245551ceeed8c044a968549997e4d89071e9d65cd887afe82835c4b05394c8dd) // vk.SIGMA4.y + mstore(add(_vk, 0x400), 0x09796190fd3ba909c6530c89811df9b5b4f5f2fe6501ec21dd864b20673fc02c) // vk.TABLE1.x + mstore(add(_vk, 0x420), 0x00b9c2423e310caa43e1eb83b55f53977fccbed85422df8935635d77d146bf39) // vk.TABLE1.y + mstore(add(_vk, 0x440), 0x217dad26ccc0c543ec5750513e9365a5cae8164b08d364efcf4b5890ff05f334) // vk.TABLE2.x + mstore(add(_vk, 0x460), 0x1db28433f6bde424423f3587787f81c48101d2dc6e54b431332cb275f8518c62) // vk.TABLE2.y + mstore(add(_vk, 0x480), 0x2cc2d90f2da7f4ec16b7fe61babd4fb9b580ecff03c471764dd67a8c433afab5) // vk.TABLE3.x + mstore(add(_vk, 0x4a0), 0x3032b9ff096a43ce326cc63ffc6a86dcb913fb1f7700939f5304f6c6beb24574) // vk.TABLE3.y + mstore(add(_vk, 0x4c0), 0x1f4c58502ca713ed0bffb4ff31ed55e557e83a37d31b8e703aa9219d6158e2d2) // vk.TABLE4.x + mstore(add(_vk, 0x4e0), 0x0b0d5ed5432c5e7b56344c1d26ce0d9f632e8f8aa52505d6c89f6da89f357fa8) // vk.TABLE4.y + mstore(add(_vk, 0x500), 0x18f58f41d54253e53e11e950a30712a53ac21c410a53424cf08b5c866aa18ef7) // vk.TABLE_TYPE.x + mstore(add(_vk, 0x520), 0x085b844a9b90e6d79f01271644b9cbc23f81cccb1679ddb7c4cf28f525ff41ad) // vk.TABLE_TYPE.y + mstore(add(_vk, 0x540), 0x1409fc0d97f2c216efc3538236ffa767e74c140c918e041cd17029a30a4a9d44) // vk.ID1.x + mstore(add(_vk, 0x560), 0x26c5c627007675f6a57449fe0df318783b14e9abcf70ff93026059d76f6b9cd7) // vk.ID1.y + mstore(add(_vk, 0x580), 0x2c14b2eb3d66e1ad2ab2f3f572c788cc7fc3c5de27f10dc4b03fb8d24d99a100) // vk.ID2.x + mstore(add(_vk, 0x5a0), 0x12fb35d49297144b9c18d4fedadb24ecaf825a0b16f15429880254c021b848d3) // vk.ID2.y + mstore(add(_vk, 0x5c0), 0x09cd56d13b51b36941752c549fcbf0f91175759cd433aa663380ff74eea969bb) // vk.ID3.x + mstore(add(_vk, 0x5e0), 0x0a8120bced78e668891c2b79e4098b73357660d7ac5d18c38692b82fae92ceae) // vk.ID3.y + mstore(add(_vk, 0x600), 0x23a22f97c87c77b7ec20064f688ad1d82994517560d78cc0366cbaa3ad0fe931) // vk.ID4.x + mstore(add(_vk, 0x620), 0x08d8108812baa0e234edc5109ec726f19dc6efd247eea7d61930f0857844dba1) // vk.ID4.y + mstore(add(_vk, 0x640), 0x01) // vk.contains_recursive_proof + mstore(add(_vk, 0x660), 0) // vk.recursive_proof_public_input_indices + mstore(add(_vk, 0x680), 0x260e01b251f6f1c7e7ff4e580791dee8ea51d87a358e038b4efe30fac09383c1) // vk.g2_x.X.c1 + mstore(add(_vk, 0x6a0), 0x0118c4d5b837bcc2bc89b5b398b5974e9f5944073b32078b7e231fec938883b0) // vk.g2_x.X.c0 + mstore(add(_vk, 0x6c0), 0x04fc6369f7110fe3d25156c1bb9a72859cf2a04641f99ba4ee413c80da6a5fe4) // vk.g2_x.Y.c1 + mstore(add(_vk, 0x6e0), 0x22febda3c0c0632a56475b4214e5615e11e6dd3f96e6cea2854a87d4dacc5e55) // vk.g2_x.Y.c0 + mstore(_omegaInverseLoc, 0x036853f083780e87f8d7c71d111119c57dbe118c22d5ad707a82317466c5174c) // vk.work_root_inverse + } + } +} + +/** + * @title Ultra Plonk proof verification contract + * @dev Top level Plonk proof verification contract, which allows Plonk proof to be verified + */ +abstract contract BaseUltraVerifier { + // VERIFICATION KEY MEMORY LOCATIONS + uint256 internal constant N_LOC = 0x380; + uint256 internal constant NUM_INPUTS_LOC = 0x3a0; + uint256 internal constant OMEGA_LOC = 0x3c0; + uint256 internal constant DOMAIN_INVERSE_LOC = 0x3e0; + uint256 internal constant Q1_X_LOC = 0x400; + uint256 internal constant Q1_Y_LOC = 0x420; + uint256 internal constant Q2_X_LOC = 0x440; + uint256 internal constant Q2_Y_LOC = 0x460; + uint256 internal constant Q3_X_LOC = 0x480; + uint256 internal constant Q3_Y_LOC = 0x4a0; + uint256 internal constant Q4_X_LOC = 0x4c0; + uint256 internal constant Q4_Y_LOC = 0x4e0; + uint256 internal constant QM_X_LOC = 0x500; + uint256 internal constant QM_Y_LOC = 0x520; + uint256 internal constant QC_X_LOC = 0x540; + uint256 internal constant QC_Y_LOC = 0x560; + uint256 internal constant QARITH_X_LOC = 0x580; + uint256 internal constant QARITH_Y_LOC = 0x5a0; + uint256 internal constant QSORT_X_LOC = 0x5c0; + uint256 internal constant QSORT_Y_LOC = 0x5e0; + uint256 internal constant QELLIPTIC_X_LOC = 0x600; + uint256 internal constant QELLIPTIC_Y_LOC = 0x620; + uint256 internal constant QAUX_X_LOC = 0x640; + uint256 internal constant QAUX_Y_LOC = 0x660; + uint256 internal constant SIGMA1_X_LOC = 0x680; + uint256 internal constant SIGMA1_Y_LOC = 0x6a0; + uint256 internal constant SIGMA2_X_LOC = 0x6c0; + uint256 internal constant SIGMA2_Y_LOC = 0x6e0; + uint256 internal constant SIGMA3_X_LOC = 0x700; + uint256 internal constant SIGMA3_Y_LOC = 0x720; + uint256 internal constant SIGMA4_X_LOC = 0x740; + uint256 internal constant SIGMA4_Y_LOC = 0x760; + uint256 internal constant TABLE1_X_LOC = 0x780; + uint256 internal constant TABLE1_Y_LOC = 0x7a0; + uint256 internal constant TABLE2_X_LOC = 0x7c0; + uint256 internal constant TABLE2_Y_LOC = 0x7e0; + uint256 internal constant TABLE3_X_LOC = 0x800; + uint256 internal constant TABLE3_Y_LOC = 0x820; + uint256 internal constant TABLE4_X_LOC = 0x840; + uint256 internal constant TABLE4_Y_LOC = 0x860; + uint256 internal constant TABLE_TYPE_X_LOC = 0x880; + uint256 internal constant TABLE_TYPE_Y_LOC = 0x8a0; + uint256 internal constant ID1_X_LOC = 0x8c0; + uint256 internal constant ID1_Y_LOC = 0x8e0; + uint256 internal constant ID2_X_LOC = 0x900; + uint256 internal constant ID2_Y_LOC = 0x920; + uint256 internal constant ID3_X_LOC = 0x940; + uint256 internal constant ID3_Y_LOC = 0x960; + uint256 internal constant ID4_X_LOC = 0x980; + uint256 internal constant ID4_Y_LOC = 0x9a0; + uint256 internal constant CONTAINS_RECURSIVE_PROOF_LOC = 0x9c0; + uint256 internal constant RECURSIVE_PROOF_PUBLIC_INPUT_INDICES_LOC = 0x9e0; + uint256 internal constant G2X_X0_LOC = 0xa00; + uint256 internal constant G2X_X1_LOC = 0xa20; + uint256 internal constant G2X_Y0_LOC = 0xa40; + uint256 internal constant G2X_Y1_LOC = 0xa60; + + // ### PROOF DATA MEMORY LOCATIONS + uint256 internal constant W1_X_LOC = 0x1200; + uint256 internal constant W1_Y_LOC = 0x1220; + uint256 internal constant W2_X_LOC = 0x1240; + uint256 internal constant W2_Y_LOC = 0x1260; + uint256 internal constant W3_X_LOC = 0x1280; + uint256 internal constant W3_Y_LOC = 0x12a0; + uint256 internal constant W4_X_LOC = 0x12c0; + uint256 internal constant W4_Y_LOC = 0x12e0; + uint256 internal constant S_X_LOC = 0x1300; + uint256 internal constant S_Y_LOC = 0x1320; + uint256 internal constant Z_X_LOC = 0x1340; + uint256 internal constant Z_Y_LOC = 0x1360; + uint256 internal constant Z_LOOKUP_X_LOC = 0x1380; + uint256 internal constant Z_LOOKUP_Y_LOC = 0x13a0; + uint256 internal constant T1_X_LOC = 0x13c0; + uint256 internal constant T1_Y_LOC = 0x13e0; + uint256 internal constant T2_X_LOC = 0x1400; + uint256 internal constant T2_Y_LOC = 0x1420; + uint256 internal constant T3_X_LOC = 0x1440; + uint256 internal constant T3_Y_LOC = 0x1460; + uint256 internal constant T4_X_LOC = 0x1480; + uint256 internal constant T4_Y_LOC = 0x14a0; + + uint256 internal constant W1_EVAL_LOC = 0x1600; + uint256 internal constant W2_EVAL_LOC = 0x1620; + uint256 internal constant W3_EVAL_LOC = 0x1640; + uint256 internal constant W4_EVAL_LOC = 0x1660; + uint256 internal constant S_EVAL_LOC = 0x1680; + uint256 internal constant Z_EVAL_LOC = 0x16a0; + uint256 internal constant Z_LOOKUP_EVAL_LOC = 0x16c0; + uint256 internal constant Q1_EVAL_LOC = 0x16e0; + uint256 internal constant Q2_EVAL_LOC = 0x1700; + uint256 internal constant Q3_EVAL_LOC = 0x1720; + uint256 internal constant Q4_EVAL_LOC = 0x1740; + uint256 internal constant QM_EVAL_LOC = 0x1760; + uint256 internal constant QC_EVAL_LOC = 0x1780; + uint256 internal constant QARITH_EVAL_LOC = 0x17a0; + uint256 internal constant QSORT_EVAL_LOC = 0x17c0; + uint256 internal constant QELLIPTIC_EVAL_LOC = 0x17e0; + uint256 internal constant QAUX_EVAL_LOC = 0x1800; + uint256 internal constant TABLE1_EVAL_LOC = 0x1840; + uint256 internal constant TABLE2_EVAL_LOC = 0x1860; + uint256 internal constant TABLE3_EVAL_LOC = 0x1880; + uint256 internal constant TABLE4_EVAL_LOC = 0x18a0; + uint256 internal constant TABLE_TYPE_EVAL_LOC = 0x18c0; + uint256 internal constant ID1_EVAL_LOC = 0x18e0; + uint256 internal constant ID2_EVAL_LOC = 0x1900; + uint256 internal constant ID3_EVAL_LOC = 0x1920; + uint256 internal constant ID4_EVAL_LOC = 0x1940; + uint256 internal constant SIGMA1_EVAL_LOC = 0x1960; + uint256 internal constant SIGMA2_EVAL_LOC = 0x1980; + uint256 internal constant SIGMA3_EVAL_LOC = 0x19a0; + uint256 internal constant SIGMA4_EVAL_LOC = 0x19c0; + uint256 internal constant W1_OMEGA_EVAL_LOC = 0x19e0; + uint256 internal constant W2_OMEGA_EVAL_LOC = 0x2000; + uint256 internal constant W3_OMEGA_EVAL_LOC = 0x2020; + uint256 internal constant W4_OMEGA_EVAL_LOC = 0x2040; + uint256 internal constant S_OMEGA_EVAL_LOC = 0x2060; + uint256 internal constant Z_OMEGA_EVAL_LOC = 0x2080; + uint256 internal constant Z_LOOKUP_OMEGA_EVAL_LOC = 0x20a0; + uint256 internal constant TABLE1_OMEGA_EVAL_LOC = 0x20c0; + uint256 internal constant TABLE2_OMEGA_EVAL_LOC = 0x20e0; + uint256 internal constant TABLE3_OMEGA_EVAL_LOC = 0x2100; + uint256 internal constant TABLE4_OMEGA_EVAL_LOC = 0x2120; + + uint256 internal constant PI_Z_X_LOC = 0x2300; + uint256 internal constant PI_Z_Y_LOC = 0x2320; + uint256 internal constant PI_Z_OMEGA_X_LOC = 0x2340; + uint256 internal constant PI_Z_OMEGA_Y_LOC = 0x2360; + + // Used for elliptic widget. These are alias names for wire + shifted wire evaluations + uint256 internal constant X1_EVAL_LOC = W2_EVAL_LOC; + uint256 internal constant X2_EVAL_LOC = W1_OMEGA_EVAL_LOC; + uint256 internal constant X3_EVAL_LOC = W2_OMEGA_EVAL_LOC; + uint256 internal constant Y1_EVAL_LOC = W3_EVAL_LOC; + uint256 internal constant Y2_EVAL_LOC = W4_OMEGA_EVAL_LOC; + uint256 internal constant Y3_EVAL_LOC = W3_OMEGA_EVAL_LOC; + uint256 internal constant QBETA_LOC = Q3_EVAL_LOC; + uint256 internal constant QBETA_SQR_LOC = Q4_EVAL_LOC; + uint256 internal constant QSIGN_LOC = Q1_EVAL_LOC; + + // ### CHALLENGES MEMORY OFFSETS + + uint256 internal constant C_BETA_LOC = 0x2600; + uint256 internal constant C_GAMMA_LOC = 0x2620; + uint256 internal constant C_ALPHA_LOC = 0x2640; + uint256 internal constant C_ETA_LOC = 0x2660; + uint256 internal constant C_ETA_SQR_LOC = 0x2680; + uint256 internal constant C_ETA_CUBE_LOC = 0x26a0; + + uint256 internal constant C_ZETA_LOC = 0x26c0; + uint256 internal constant C_CURRENT_LOC = 0x26e0; + uint256 internal constant C_V0_LOC = 0x2700; + uint256 internal constant C_V1_LOC = 0x2720; + uint256 internal constant C_V2_LOC = 0x2740; + uint256 internal constant C_V3_LOC = 0x2760; + uint256 internal constant C_V4_LOC = 0x2780; + uint256 internal constant C_V5_LOC = 0x27a0; + uint256 internal constant C_V6_LOC = 0x27c0; + uint256 internal constant C_V7_LOC = 0x27e0; + uint256 internal constant C_V8_LOC = 0x2800; + uint256 internal constant C_V9_LOC = 0x2820; + uint256 internal constant C_V10_LOC = 0x2840; + uint256 internal constant C_V11_LOC = 0x2860; + uint256 internal constant C_V12_LOC = 0x2880; + uint256 internal constant C_V13_LOC = 0x28a0; + uint256 internal constant C_V14_LOC = 0x28c0; + uint256 internal constant C_V15_LOC = 0x28e0; + uint256 internal constant C_V16_LOC = 0x2900; + uint256 internal constant C_V17_LOC = 0x2920; + uint256 internal constant C_V18_LOC = 0x2940; + uint256 internal constant C_V19_LOC = 0x2960; + uint256 internal constant C_V20_LOC = 0x2980; + uint256 internal constant C_V21_LOC = 0x29a0; + uint256 internal constant C_V22_LOC = 0x29c0; + uint256 internal constant C_V23_LOC = 0x29e0; + uint256 internal constant C_V24_LOC = 0x2a00; + uint256 internal constant C_V25_LOC = 0x2a20; + uint256 internal constant C_V26_LOC = 0x2a40; + uint256 internal constant C_V27_LOC = 0x2a60; + uint256 internal constant C_V28_LOC = 0x2a80; + uint256 internal constant C_V29_LOC = 0x2aa0; + uint256 internal constant C_V30_LOC = 0x2ac0; + + uint256 internal constant C_U_LOC = 0x2b00; + + // ### LOCAL VARIABLES MEMORY OFFSETS + uint256 internal constant DELTA_NUMERATOR_LOC = 0x3000; + uint256 internal constant DELTA_DENOMINATOR_LOC = 0x3020; + uint256 internal constant ZETA_POW_N_LOC = 0x3040; + uint256 internal constant PUBLIC_INPUT_DELTA_LOC = 0x3060; + uint256 internal constant ZERO_POLY_LOC = 0x3080; + uint256 internal constant L_START_LOC = 0x30a0; + uint256 internal constant L_END_LOC = 0x30c0; + uint256 internal constant R_ZERO_EVAL_LOC = 0x30e0; + + uint256 internal constant PLOOKUP_DELTA_NUMERATOR_LOC = 0x3100; + uint256 internal constant PLOOKUP_DELTA_DENOMINATOR_LOC = 0x3120; + uint256 internal constant PLOOKUP_DELTA_LOC = 0x3140; + + uint256 internal constant ACCUMULATOR_X_LOC = 0x3160; + uint256 internal constant ACCUMULATOR_Y_LOC = 0x3180; + uint256 internal constant ACCUMULATOR2_X_LOC = 0x31a0; + uint256 internal constant ACCUMULATOR2_Y_LOC = 0x31c0; + uint256 internal constant PAIRING_LHS_X_LOC = 0x31e0; + uint256 internal constant PAIRING_LHS_Y_LOC = 0x3200; + uint256 internal constant PAIRING_RHS_X_LOC = 0x3220; + uint256 internal constant PAIRING_RHS_Y_LOC = 0x3240; + + // misc stuff + uint256 internal constant OMEGA_INVERSE_LOC = 0x3300; + uint256 internal constant C_ALPHA_SQR_LOC = 0x3320; + uint256 internal constant C_ALPHA_CUBE_LOC = 0x3340; + uint256 internal constant C_ALPHA_QUAD_LOC = 0x3360; + uint256 internal constant C_ALPHA_BASE_LOC = 0x3380; + + // ### RECURSION VARIABLE MEMORY LOCATIONS + uint256 internal constant RECURSIVE_P1_X_LOC = 0x3400; + uint256 internal constant RECURSIVE_P1_Y_LOC = 0x3420; + uint256 internal constant RECURSIVE_P2_X_LOC = 0x3440; + uint256 internal constant RECURSIVE_P2_Y_LOC = 0x3460; + uint256 internal constant PUBLIC_INPUTS_HASH_LOCATION = 0x3480; + + // sub-identity storage + uint256 internal constant PERMUTATION_IDENTITY = 0x3500; + uint256 internal constant PLOOKUP_IDENTITY = 0x3520; + uint256 internal constant ARITHMETIC_IDENTITY = 0x3540; + uint256 internal constant SORT_IDENTITY = 0x3560; + uint256 internal constant ELLIPTIC_IDENTITY = 0x3580; + uint256 internal constant AUX_IDENTITY = 0x35a0; + uint256 internal constant AUX_NON_NATIVE_FIELD_EVALUATION = 0x35c0; + uint256 internal constant AUX_LIMB_ACCUMULATOR_EVALUATION = 0x35e0; + uint256 internal constant AUX_RAM_CONSISTENCY_EVALUATION = 0x3600; + uint256 internal constant AUX_ROM_CONSISTENCY_EVALUATION = 0x3620; + uint256 internal constant AUX_MEMORY_EVALUATION = 0x3640; + + uint256 internal constant QUOTIENT_EVAL_LOC = 0x3660; + uint256 internal constant ZERO_POLY_INVERSE_LOC = 0x3680; + + // when hashing public inputs we use memory at NU_CHALLENGE_INPUT_LOC_A, as the hash input size is unknown at compile time + uint256 internal constant NU_CHALLENGE_INPUT_LOC_A = 0x36a0; + uint256 internal constant NU_CHALLENGE_INPUT_LOC_B = 0x36c0; + uint256 internal constant NU_CHALLENGE_INPUT_LOC_C = 0x36e0; + + bytes4 internal constant INVALID_VERIFICATION_KEY_SELECTOR = 0x7e5769bf; + bytes4 internal constant POINT_NOT_ON_CURVE_SELECTOR = 0xa3dad654; + bytes4 internal constant PUBLIC_INPUT_INVALID_BN128_G1_POINT_SELECTOR = 0xeba9f4a6; + bytes4 internal constant PUBLIC_INPUT_GE_P_SELECTOR = 0x374a972f; + bytes4 internal constant MOD_EXP_FAILURE_SELECTOR = 0xf894a7bc; + bytes4 internal constant PAIRING_PREAMBLE_FAILED_SELECTOR = 0x01882d81; + bytes4 internal constant OPENING_COMMITMENT_FAILED_SELECTOR = 0x4e719763; + bytes4 internal constant PAIRING_FAILED_SELECTOR = 0xd71fd263; + + uint256 internal constant ETA_INPUT_LENGTH = 0xc0; // W1, W2, W3 = 6 * 0x20 bytes + + // We need to hash 41 field elements when generating the NU challenge + // w1, w2, w3, w4, s, z, z_lookup, q1, q2, q3, q4, qm, qc, qarith (14) + // qsort, qelliptic, qaux, sigma1, sigma2, sigma, sigma4, (7) + // table1, table2, table3, table4, tabletype, id1, id2, id3, id4, (9) + // w1_omega, w2_omega, w3_omega, w4_omega, s_omega, z_omega, z_lookup_omega, (7) + // table1_omega, table2_omega, table3_omega, table4_omega (4) + uint256 internal constant NU_INPUT_LENGTH = 0x520; // 0x520 = 41 * 0x20 + + // There are ELEVEN G1 group elements added into the transcript in the `beta` round, that we need to skip over + // W1, W2, W3, W4, S, Z, Z_LOOKUP, T1, T2, T3, T4 + uint256 internal constant NU_CALLDATA_SKIP_LENGTH = 0x2c0; // 11 * 0x40 = 0x2c0 + + uint256 internal constant NEGATIVE_INVERSE_OF_2_MODULO_P = + 0x183227397098d014dc2822db40c0ac2e9419f4243cdcb848a1f0fac9f8000000; + uint256 internal constant LIMB_SIZE = 0x100000000000000000; // 2<<68 + uint256 internal constant SUBLIMB_SHIFT = 0x4000; // 2<<14 + + // y^2 = x^3 + ax + b + // for Grumpkin, a = 0 and b = -17. We use b in a custom gate relation that evaluates elliptic curve arithmetic + uint256 internal constant GRUMPKIN_CURVE_B_PARAMETER_NEGATED = 17; + + error INVALID_VERIFICATION_KEY(); + error POINT_NOT_ON_CURVE(); + error PUBLIC_INPUT_COUNT_INVALID(uint256 expected, uint256 actual); + error PUBLIC_INPUT_INVALID_BN128_G1_POINT(); + error PUBLIC_INPUT_GE_P(); + error MOD_EXP_FAILURE(); + error PAIRING_PREAMBLE_FAILED(); + error OPENING_COMMITMENT_FAILED(); + error PAIRING_FAILED(); + + function getVerificationKeyHash() public pure virtual returns (bytes32); + + /** + * @dev We assume that the verification key loaded by this function is constant as we only verify it on deployment + */ + function loadVerificationKey(uint256 _vk, uint256 _omegaInverseLoc) internal pure virtual; + + constructor() { + loadVerificationKey(N_LOC, OMEGA_INVERSE_LOC); + + // We verify that all of the EC points in the verification key lie on the bn128 curve. + assembly { + let q := 21888242871839275222246405745257275088696311157297823662689037894645226208583 // EC group order + + let success := 1 + + // VALIDATE Q1 + { + let x := mload(Q1_X_LOC) + let y := mload(Q1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE Q2 + { + let x := mload(Q2_X_LOC) + let y := mload(Q2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE Q3 + { + let x := mload(Q3_X_LOC) + let y := mload(Q3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE Q4 + { + let x := mload(Q4_X_LOC) + let y := mload(Q4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + mstore(0x00, x) + mstore(0x20, y) + } + // VALIDATE QM + { + let x := mload(QM_X_LOC) + let y := mload(QM_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QC + { + let x := mload(QC_X_LOC) + let y := mload(QC_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QARITH + { + let x := mload(QARITH_X_LOC) + let y := mload(QARITH_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QSORT + { + let x := mload(QSORT_X_LOC) + let y := mload(QSORT_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QELLIPTIC + { + let x := mload(QELLIPTIC_X_LOC) + let y := mload(QELLIPTIC_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE QAUX + { + let x := mload(QAUX_X_LOC) + let y := mload(QAUX_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE SIGMA1 + { + let x := mload(SIGMA1_X_LOC) + let y := mload(SIGMA1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE SIGMA2 + { + let x := mload(SIGMA2_X_LOC) + let y := mload(SIGMA2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE SIGMA3 + { + let x := mload(SIGMA3_X_LOC) + let y := mload(SIGMA3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE SIGMA4 + { + let x := mload(SIGMA4_X_LOC) + let y := mload(SIGMA4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE1 + { + let x := mload(TABLE1_X_LOC) + let y := mload(TABLE1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE2 + { + let x := mload(TABLE2_X_LOC) + let y := mload(TABLE2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE3 + { + let x := mload(TABLE3_X_LOC) + let y := mload(TABLE3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE4 + { + let x := mload(TABLE4_X_LOC) + let y := mload(TABLE4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE TABLE_TYPE + { + let x := mload(TABLE_TYPE_X_LOC) + let y := mload(TABLE_TYPE_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE ID1 + { + let x := mload(ID1_X_LOC) + let y := mload(ID1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE ID2 + { + let x := mload(ID2_X_LOC) + let y := mload(ID2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE ID3 + { + let x := mload(ID3_X_LOC) + let y := mload(ID3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + // VALIDATE ID4 + { + let x := mload(ID4_X_LOC) + let y := mload(ID4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + success := and(success, eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) + } + + if iszero(success) { + mstore(0x0, INVALID_VERIFICATION_KEY_SELECTOR) + revert(0x00, 0x04) + } + } + } + + /** + * @notice Verify a Ultra Plonk proof + * @param _proof - The serialized proof + * @param _publicInputs - An array of the public inputs + * @return True if proof is valid, reverts otherwise + */ + function verify(bytes calldata _proof, bytes32[] calldata _publicInputs) external view returns (bool) { + loadVerificationKey(N_LOC, OMEGA_INVERSE_LOC); + + uint256 requiredPublicInputCount; + assembly { + requiredPublicInputCount := mload(NUM_INPUTS_LOC) + } + if (requiredPublicInputCount != _publicInputs.length) { + revert PUBLIC_INPUT_COUNT_INVALID(requiredPublicInputCount, _publicInputs.length); + } + + assembly { + let q := 21888242871839275222246405745257275088696311157297823662689037894645226208583 // EC group order + let p := 21888242871839275222246405745257275088548364400416034343698204186575808495617 // Prime field order + + /** + * LOAD PROOF FROM CALLDATA + */ + { + let data_ptr := add(calldataload(0x04), 0x24) + + mstore(W1_Y_LOC, mod(calldataload(data_ptr), q)) + mstore(W1_X_LOC, mod(calldataload(add(data_ptr, 0x20)), q)) + + mstore(W2_Y_LOC, mod(calldataload(add(data_ptr, 0x40)), q)) + mstore(W2_X_LOC, mod(calldataload(add(data_ptr, 0x60)), q)) + + mstore(W3_Y_LOC, mod(calldataload(add(data_ptr, 0x80)), q)) + mstore(W3_X_LOC, mod(calldataload(add(data_ptr, 0xa0)), q)) + + mstore(W4_Y_LOC, mod(calldataload(add(data_ptr, 0xc0)), q)) + mstore(W4_X_LOC, mod(calldataload(add(data_ptr, 0xe0)), q)) + + mstore(S_Y_LOC, mod(calldataload(add(data_ptr, 0x100)), q)) + mstore(S_X_LOC, mod(calldataload(add(data_ptr, 0x120)), q)) + mstore(Z_Y_LOC, mod(calldataload(add(data_ptr, 0x140)), q)) + mstore(Z_X_LOC, mod(calldataload(add(data_ptr, 0x160)), q)) + mstore(Z_LOOKUP_Y_LOC, mod(calldataload(add(data_ptr, 0x180)), q)) + mstore(Z_LOOKUP_X_LOC, mod(calldataload(add(data_ptr, 0x1a0)), q)) + mstore(T1_Y_LOC, mod(calldataload(add(data_ptr, 0x1c0)), q)) + mstore(T1_X_LOC, mod(calldataload(add(data_ptr, 0x1e0)), q)) + + mstore(T2_Y_LOC, mod(calldataload(add(data_ptr, 0x200)), q)) + mstore(T2_X_LOC, mod(calldataload(add(data_ptr, 0x220)), q)) + + mstore(T3_Y_LOC, mod(calldataload(add(data_ptr, 0x240)), q)) + mstore(T3_X_LOC, mod(calldataload(add(data_ptr, 0x260)), q)) + + mstore(T4_Y_LOC, mod(calldataload(add(data_ptr, 0x280)), q)) + mstore(T4_X_LOC, mod(calldataload(add(data_ptr, 0x2a0)), q)) + + mstore(W1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x2c0)), p)) + mstore(W2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x2e0)), p)) + mstore(W3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x300)), p)) + mstore(W4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x320)), p)) + mstore(S_EVAL_LOC, mod(calldataload(add(data_ptr, 0x340)), p)) + mstore(Z_EVAL_LOC, mod(calldataload(add(data_ptr, 0x360)), p)) + mstore(Z_LOOKUP_EVAL_LOC, mod(calldataload(add(data_ptr, 0x380)), p)) + mstore(Q1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x3a0)), p)) + mstore(Q2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x3c0)), p)) + mstore(Q3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x3e0)), p)) + mstore(Q4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x400)), p)) + mstore(QM_EVAL_LOC, mod(calldataload(add(data_ptr, 0x420)), p)) + mstore(QC_EVAL_LOC, mod(calldataload(add(data_ptr, 0x440)), p)) + mstore(QARITH_EVAL_LOC, mod(calldataload(add(data_ptr, 0x460)), p)) + mstore(QSORT_EVAL_LOC, mod(calldataload(add(data_ptr, 0x480)), p)) + mstore(QELLIPTIC_EVAL_LOC, mod(calldataload(add(data_ptr, 0x4a0)), p)) + mstore(QAUX_EVAL_LOC, mod(calldataload(add(data_ptr, 0x4c0)), p)) + + mstore(SIGMA1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x4e0)), p)) + mstore(SIGMA2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x500)), p)) + + mstore(SIGMA3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x520)), p)) + mstore(SIGMA4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x540)), p)) + + mstore(TABLE1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x560)), p)) + mstore(TABLE2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x580)), p)) + mstore(TABLE3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x5a0)), p)) + mstore(TABLE4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x5c0)), p)) + mstore(TABLE_TYPE_EVAL_LOC, mod(calldataload(add(data_ptr, 0x5e0)), p)) + + mstore(ID1_EVAL_LOC, mod(calldataload(add(data_ptr, 0x600)), p)) + mstore(ID2_EVAL_LOC, mod(calldataload(add(data_ptr, 0x620)), p)) + mstore(ID3_EVAL_LOC, mod(calldataload(add(data_ptr, 0x640)), p)) + mstore(ID4_EVAL_LOC, mod(calldataload(add(data_ptr, 0x660)), p)) + + mstore(W1_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x680)), p)) + mstore(W2_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x6a0)), p)) + mstore(W3_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x6c0)), p)) + mstore(W4_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x6e0)), p)) + mstore(S_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x700)), p)) + + mstore(Z_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x720)), p)) + + mstore(Z_LOOKUP_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x740)), p)) + mstore(TABLE1_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x760)), p)) + mstore(TABLE2_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x780)), p)) + mstore(TABLE3_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x7a0)), p)) + mstore(TABLE4_OMEGA_EVAL_LOC, mod(calldataload(add(data_ptr, 0x7c0)), p)) + + mstore(PI_Z_Y_LOC, mod(calldataload(add(data_ptr, 0x7e0)), q)) + mstore(PI_Z_X_LOC, mod(calldataload(add(data_ptr, 0x800)), q)) + + mstore(PI_Z_OMEGA_Y_LOC, mod(calldataload(add(data_ptr, 0x820)), q)) + mstore(PI_Z_OMEGA_X_LOC, mod(calldataload(add(data_ptr, 0x840)), q)) + } + + /** + * LOAD RECURSIVE PROOF INTO MEMORY + */ + { + if mload(CONTAINS_RECURSIVE_PROOF_LOC) { + let public_inputs_ptr := add(calldataload(0x24), 0x24) + let index_counter := add(shl(5, mload(RECURSIVE_PROOF_PUBLIC_INPUT_INDICES_LOC)), public_inputs_ptr) + + let x0 := calldataload(index_counter) + x0 := add(x0, shl(68, calldataload(add(index_counter, 0x20)))) + x0 := add(x0, shl(136, calldataload(add(index_counter, 0x40)))) + x0 := add(x0, shl(204, calldataload(add(index_counter, 0x60)))) + let y0 := calldataload(add(index_counter, 0x80)) + y0 := add(y0, shl(68, calldataload(add(index_counter, 0xa0)))) + y0 := add(y0, shl(136, calldataload(add(index_counter, 0xc0)))) + y0 := add(y0, shl(204, calldataload(add(index_counter, 0xe0)))) + let x1 := calldataload(add(index_counter, 0x100)) + x1 := add(x1, shl(68, calldataload(add(index_counter, 0x120)))) + x1 := add(x1, shl(136, calldataload(add(index_counter, 0x140)))) + x1 := add(x1, shl(204, calldataload(add(index_counter, 0x160)))) + let y1 := calldataload(add(index_counter, 0x180)) + y1 := add(y1, shl(68, calldataload(add(index_counter, 0x1a0)))) + y1 := add(y1, shl(136, calldataload(add(index_counter, 0x1c0)))) + y1 := add(y1, shl(204, calldataload(add(index_counter, 0x1e0)))) + mstore(RECURSIVE_P1_X_LOC, x0) + mstore(RECURSIVE_P1_Y_LOC, y0) + mstore(RECURSIVE_P2_X_LOC, x1) + mstore(RECURSIVE_P2_Y_LOC, y1) + + // validate these are valid bn128 G1 points + if iszero(and(and(lt(x0, q), lt(x1, q)), and(lt(y0, q), lt(y1, q)))) { + mstore(0x00, PUBLIC_INPUT_INVALID_BN128_G1_POINT_SELECTOR) + revert(0x00, 0x04) + } + } + } + + { + /** + * Generate initial challenge + */ + mstore(0x00, shl(224, mload(N_LOC))) + mstore(0x04, shl(224, mload(NUM_INPUTS_LOC))) + let challenge := keccak256(0x00, 0x08) + + /** + * Generate eta challenge + */ + mstore(PUBLIC_INPUTS_HASH_LOCATION, challenge) + // The public input location is stored at 0x24, we then add 0x24 to skip selector and the length of public inputs + let public_inputs_start := add(calldataload(0x24), 0x24) + // copy the public inputs over + let public_input_size := mul(mload(NUM_INPUTS_LOC), 0x20) + calldatacopy(add(PUBLIC_INPUTS_HASH_LOCATION, 0x20), public_inputs_start, public_input_size) + + // copy W1, W2, W3 into challenge. Each point is 0x40 bytes, so load 0xc0 = 3 * 0x40 bytes (ETA input length) + let w_start := add(calldataload(0x04), 0x24) + calldatacopy(add(add(PUBLIC_INPUTS_HASH_LOCATION, 0x20), public_input_size), w_start, ETA_INPUT_LENGTH) + + // Challenge is the old challenge + public inputs + W1, W2, W3 (0x20 + public_input_size + 0xc0) + let challenge_bytes_size := add(0x20, add(public_input_size, ETA_INPUT_LENGTH)) + + challenge := keccak256(PUBLIC_INPUTS_HASH_LOCATION, challenge_bytes_size) + { + let eta := mod(challenge, p) + mstore(C_ETA_LOC, eta) + mstore(C_ETA_SQR_LOC, mulmod(eta, eta, p)) + mstore(C_ETA_CUBE_LOC, mulmod(mload(C_ETA_SQR_LOC), eta, p)) + } + + /** + * Generate beta challenge + */ + mstore(0x00, challenge) + mstore(0x20, mload(W4_Y_LOC)) + mstore(0x40, mload(W4_X_LOC)) + mstore(0x60, mload(S_Y_LOC)) + mstore(0x80, mload(S_X_LOC)) + challenge := keccak256(0x00, 0xa0) + mstore(C_BETA_LOC, mod(challenge, p)) + + /** + * Generate gamma challenge + */ + mstore(0x00, challenge) + mstore8(0x20, 0x01) + challenge := keccak256(0x00, 0x21) + mstore(C_GAMMA_LOC, mod(challenge, p)) + + /** + * Generate alpha challenge + */ + mstore(0x00, challenge) + mstore(0x20, mload(Z_Y_LOC)) + mstore(0x40, mload(Z_X_LOC)) + mstore(0x60, mload(Z_LOOKUP_Y_LOC)) + mstore(0x80, mload(Z_LOOKUP_X_LOC)) + challenge := keccak256(0x00, 0xa0) + mstore(C_ALPHA_LOC, mod(challenge, p)) + + /** + * Compute and store some powers of alpha for future computations + */ + let alpha := mload(C_ALPHA_LOC) + mstore(C_ALPHA_SQR_LOC, mulmod(alpha, alpha, p)) + mstore(C_ALPHA_CUBE_LOC, mulmod(mload(C_ALPHA_SQR_LOC), alpha, p)) + mstore(C_ALPHA_QUAD_LOC, mulmod(mload(C_ALPHA_CUBE_LOC), alpha, p)) + mstore(C_ALPHA_BASE_LOC, alpha) + + /** + * Generate zeta challenge + */ + mstore(0x00, challenge) + mstore(0x20, mload(T1_Y_LOC)) + mstore(0x40, mload(T1_X_LOC)) + mstore(0x60, mload(T2_Y_LOC)) + mstore(0x80, mload(T2_X_LOC)) + mstore(0xa0, mload(T3_Y_LOC)) + mstore(0xc0, mload(T3_X_LOC)) + mstore(0xe0, mload(T4_Y_LOC)) + mstore(0x100, mload(T4_X_LOC)) + + challenge := keccak256(0x00, 0x120) + + mstore(C_ZETA_LOC, mod(challenge, p)) + mstore(C_CURRENT_LOC, challenge) + } + + /** + * EVALUATE FIELD OPERATIONS + */ + + /** + * COMPUTE PUBLIC INPUT DELTA + * ΔPI = ∏ᵢ∈ℓ(wᵢ + β σ(i) + γ) / ∏ᵢ∈ℓ(wᵢ + β σ'(i) + γ) + */ + { + let beta := mload(C_BETA_LOC) // β + let gamma := mload(C_GAMMA_LOC) // γ + let work_root := mload(OMEGA_LOC) // ω + let numerator_value := 1 + let denominator_value := 1 + + let p_clone := p // move p to the front of the stack + let valid_inputs := true + + // Load the starting point of the public inputs (jump over the selector and the length of public inputs [0x24]) + let public_inputs_ptr := add(calldataload(0x24), 0x24) + + // endpoint_ptr = public_inputs_ptr + num_inputs * 0x20. // every public input is 0x20 bytes + let endpoint_ptr := add(public_inputs_ptr, mul(mload(NUM_INPUTS_LOC), 0x20)) + + // root_1 = β * 0x05 + let root_1 := mulmod(beta, 0x05, p_clone) // k1.β + // root_2 = β * 0x0c + let root_2 := mulmod(beta, 0x0c, p_clone) + // @note 0x05 + 0x07 == 0x0c == external coset generator + + for {} lt(public_inputs_ptr, endpoint_ptr) { public_inputs_ptr := add(public_inputs_ptr, 0x20) } { + /** + * input = public_input[i] + * valid_inputs &= input < p + * temp = input + gamma + * numerator_value *= (β.σ(i) + wᵢ + γ) // σ(i) = 0x05.ωⁱ + * denominator_value *= (β.σ'(i) + wᵢ + γ) // σ'(i) = 0x0c.ωⁱ + * root_1 *= ω + * root_2 *= ω + */ + + let input := calldataload(public_inputs_ptr) + valid_inputs := and(valid_inputs, lt(input, p_clone)) + let temp := addmod(input, gamma, p_clone) + + numerator_value := mulmod(numerator_value, add(root_1, temp), p_clone) + denominator_value := mulmod(denominator_value, add(root_2, temp), p_clone) + + root_1 := mulmod(root_1, work_root, p_clone) + root_2 := mulmod(root_2, work_root, p_clone) + } + + // Revert if not all public inputs are field elements (i.e. < p) + if iszero(valid_inputs) { + mstore(0x00, PUBLIC_INPUT_GE_P_SELECTOR) + revert(0x00, 0x04) + } + + mstore(DELTA_NUMERATOR_LOC, numerator_value) + mstore(DELTA_DENOMINATOR_LOC, denominator_value) + } + + /** + * Compute Plookup delta factor [γ(1 + β)]^{n-k} + * k = num roots cut out of Z_H = 4 + */ + { + let delta_base := mulmod(mload(C_GAMMA_LOC), addmod(mload(C_BETA_LOC), 1, p), p) + let delta_numerator := delta_base + { + let exponent := mload(N_LOC) + let count := 1 + for {} lt(count, exponent) { count := add(count, count) } { + delta_numerator := mulmod(delta_numerator, delta_numerator, p) + } + } + mstore(PLOOKUP_DELTA_NUMERATOR_LOC, delta_numerator) + + let delta_denominator := mulmod(delta_base, delta_base, p) + delta_denominator := mulmod(delta_denominator, delta_denominator, p) + mstore(PLOOKUP_DELTA_DENOMINATOR_LOC, delta_denominator) + } + /** + * Compute lagrange poly and vanishing poly fractions + */ + { + /** + * vanishing_numerator = zeta + * ZETA_POW_N = zeta^n + * vanishing_numerator -= 1 + * accumulating_root = omega_inverse + * work_root = p - accumulating_root + * domain_inverse = domain_inverse + * vanishing_denominator = zeta + work_root + * work_root *= accumulating_root + * vanishing_denominator *= (zeta + work_root) + * work_root *= accumulating_root + * vanishing_denominator *= (zeta + work_root) + * vanishing_denominator *= (zeta + (zeta + accumulating_root)) + * work_root = omega + * lagrange_numerator = vanishing_numerator * domain_inverse + * l_start_denominator = zeta - 1 + * accumulating_root = work_root^2 + * l_end_denominator = accumulating_root^2 * work_root * zeta - 1 + * Note: l_end_denominator term contains a term \omega^5 to cut out 5 roots of unity from vanishing poly + */ + + let zeta := mload(C_ZETA_LOC) + + // compute zeta^n, where n is a power of 2 + let vanishing_numerator := zeta + { + // pow_small + let exponent := mload(N_LOC) + let count := 1 + for {} lt(count, exponent) { count := add(count, count) } { + vanishing_numerator := mulmod(vanishing_numerator, vanishing_numerator, p) + } + } + mstore(ZETA_POW_N_LOC, vanishing_numerator) + vanishing_numerator := addmod(vanishing_numerator, sub(p, 1), p) + + let accumulating_root := mload(OMEGA_INVERSE_LOC) + let work_root := sub(p, accumulating_root) + let domain_inverse := mload(DOMAIN_INVERSE_LOC) + + let vanishing_denominator := addmod(zeta, work_root, p) + work_root := mulmod(work_root, accumulating_root, p) + vanishing_denominator := mulmod(vanishing_denominator, addmod(zeta, work_root, p), p) + work_root := mulmod(work_root, accumulating_root, p) + vanishing_denominator := mulmod(vanishing_denominator, addmod(zeta, work_root, p), p) + vanishing_denominator := + mulmod(vanishing_denominator, addmod(zeta, mulmod(work_root, accumulating_root, p), p), p) + + work_root := mload(OMEGA_LOC) + + let lagrange_numerator := mulmod(vanishing_numerator, domain_inverse, p) + let l_start_denominator := addmod(zeta, sub(p, 1), p) + + accumulating_root := mulmod(work_root, work_root, p) + + let l_end_denominator := + addmod( + mulmod(mulmod(mulmod(accumulating_root, accumulating_root, p), work_root, p), zeta, p), sub(p, 1), p + ) + + /** + * Compute inversions using Montgomery's batch inversion trick + */ + let accumulator := mload(DELTA_DENOMINATOR_LOC) + let t0 := accumulator + accumulator := mulmod(accumulator, vanishing_denominator, p) + let t1 := accumulator + accumulator := mulmod(accumulator, vanishing_numerator, p) + let t2 := accumulator + accumulator := mulmod(accumulator, l_start_denominator, p) + let t3 := accumulator + accumulator := mulmod(accumulator, mload(PLOOKUP_DELTA_DENOMINATOR_LOC), p) + let t4 := accumulator + { + mstore(0, 0x20) + mstore(0x20, 0x20) + mstore(0x40, 0x20) + mstore(0x60, mulmod(accumulator, l_end_denominator, p)) + mstore(0x80, sub(p, 2)) + mstore(0xa0, p) + if iszero(staticcall(gas(), 0x05, 0x00, 0xc0, 0x00, 0x20)) { + mstore(0x0, MOD_EXP_FAILURE_SELECTOR) + revert(0x00, 0x04) + } + accumulator := mload(0x00) + } + + t4 := mulmod(accumulator, t4, p) + accumulator := mulmod(accumulator, l_end_denominator, p) + + t3 := mulmod(accumulator, t3, p) + accumulator := mulmod(accumulator, mload(PLOOKUP_DELTA_DENOMINATOR_LOC), p) + + t2 := mulmod(accumulator, t2, p) + accumulator := mulmod(accumulator, l_start_denominator, p) + + t1 := mulmod(accumulator, t1, p) + accumulator := mulmod(accumulator, vanishing_numerator, p) + + t0 := mulmod(accumulator, t0, p) + accumulator := mulmod(accumulator, vanishing_denominator, p) + + accumulator := mulmod(mulmod(accumulator, accumulator, p), mload(DELTA_DENOMINATOR_LOC), p) + + mstore(PUBLIC_INPUT_DELTA_LOC, mulmod(mload(DELTA_NUMERATOR_LOC), accumulator, p)) + mstore(ZERO_POLY_LOC, mulmod(vanishing_numerator, t0, p)) + mstore(ZERO_POLY_INVERSE_LOC, mulmod(vanishing_denominator, t1, p)) + mstore(L_START_LOC, mulmod(lagrange_numerator, t2, p)) + mstore(PLOOKUP_DELTA_LOC, mulmod(mload(PLOOKUP_DELTA_NUMERATOR_LOC), t3, p)) + mstore(L_END_LOC, mulmod(lagrange_numerator, t4, p)) + } + + /** + * UltraPlonk Widget Ordering: + * + * 1. Permutation widget + * 2. Plookup widget + * 3. Arithmetic widget + * 4. Fixed base widget (?) + * 5. GenPermSort widget + * 6. Elliptic widget + * 7. Auxiliary widget + */ + + /** + * COMPUTE PERMUTATION WIDGET EVALUATION + */ + { + let alpha := mload(C_ALPHA_LOC) + let beta := mload(C_BETA_LOC) + let gamma := mload(C_GAMMA_LOC) + + /** + * t1 = (W1 + gamma + beta * ID1) * (W2 + gamma + beta * ID2) + * t2 = (W3 + gamma + beta * ID3) * (W4 + gamma + beta * ID4) + * result = alpha_base * z_eval * t1 * t2 + * t1 = (W1 + gamma + beta * sigma_1_eval) * (W2 + gamma + beta * sigma_2_eval) + * t2 = (W2 + gamma + beta * sigma_3_eval) * (W3 + gamma + beta * sigma_4_eval) + * result -= (alpha_base * z_omega_eval * t1 * t2) + */ + let t1 := + mulmod( + add(add(mload(W1_EVAL_LOC), gamma), mulmod(beta, mload(ID1_EVAL_LOC), p)), + add(add(mload(W2_EVAL_LOC), gamma), mulmod(beta, mload(ID2_EVAL_LOC), p)), + p + ) + let t2 := + mulmod( + add(add(mload(W3_EVAL_LOC), gamma), mulmod(beta, mload(ID3_EVAL_LOC), p)), + add(add(mload(W4_EVAL_LOC), gamma), mulmod(beta, mload(ID4_EVAL_LOC), p)), + p + ) + let result := mulmod(mload(C_ALPHA_BASE_LOC), mulmod(mload(Z_EVAL_LOC), mulmod(t1, t2, p), p), p) + t1 := + mulmod( + add(add(mload(W1_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA1_EVAL_LOC), p)), + add(add(mload(W2_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA2_EVAL_LOC), p)), + p + ) + t2 := + mulmod( + add(add(mload(W3_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA3_EVAL_LOC), p)), + add(add(mload(W4_EVAL_LOC), gamma), mulmod(beta, mload(SIGMA4_EVAL_LOC), p)), + p + ) + result := + addmod( + result, + sub(p, mulmod(mload(C_ALPHA_BASE_LOC), mulmod(mload(Z_OMEGA_EVAL_LOC), mulmod(t1, t2, p), p), p)), + p + ) + + /** + * alpha_base *= alpha + * result += alpha_base . (L_{n-k}(ʓ) . (z(ʓ.ω) - ∆_{PI})) + * alpha_base *= alpha + * result += alpha_base . (L_1(ʓ)(Z(ʓ) - 1)) + * alpha_Base *= alpha + */ + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p)) + result := + addmod( + result, + mulmod( + mload(C_ALPHA_BASE_LOC), + mulmod( + mload(L_END_LOC), + addmod(mload(Z_OMEGA_EVAL_LOC), sub(p, mload(PUBLIC_INPUT_DELTA_LOC)), p), + p + ), + p + ), + p + ) + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p)) + mstore( + PERMUTATION_IDENTITY, + addmod( + result, + mulmod( + mload(C_ALPHA_BASE_LOC), + mulmod(mload(L_START_LOC), addmod(mload(Z_EVAL_LOC), sub(p, 1), p), p), + p + ), + p + ) + ) + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p)) + } + + /** + * COMPUTE PLOOKUP WIDGET EVALUATION + */ + { + /** + * Goal: f = (w1(z) + q2.w1(zω)) + η(w2(z) + qm.w2(zω)) + η²(w3(z) + qc.w_3(zω)) + q3(z).η³ + * f = η.q3(z) + * f += (w3(z) + qc.w_3(zω)) + * f *= η + * f += (w2(z) + qm.w2(zω)) + * f *= η + * f += (w1(z) + q2.w1(zω)) + */ + let f := mulmod(mload(C_ETA_LOC), mload(Q3_EVAL_LOC), p) + f := + addmod(f, addmod(mload(W3_EVAL_LOC), mulmod(mload(QC_EVAL_LOC), mload(W3_OMEGA_EVAL_LOC), p), p), p) + f := mulmod(f, mload(C_ETA_LOC), p) + f := + addmod(f, addmod(mload(W2_EVAL_LOC), mulmod(mload(QM_EVAL_LOC), mload(W2_OMEGA_EVAL_LOC), p), p), p) + f := mulmod(f, mload(C_ETA_LOC), p) + f := + addmod(f, addmod(mload(W1_EVAL_LOC), mulmod(mload(Q2_EVAL_LOC), mload(W1_OMEGA_EVAL_LOC), p), p), p) + + // t(z) = table4(z).η³ + table3(z).η² + table2(z).η + table1(z) + let t := + addmod( + addmod( + addmod( + mulmod(mload(TABLE4_EVAL_LOC), mload(C_ETA_CUBE_LOC), p), + mulmod(mload(TABLE3_EVAL_LOC), mload(C_ETA_SQR_LOC), p), + p + ), + mulmod(mload(TABLE2_EVAL_LOC), mload(C_ETA_LOC), p), + p + ), + mload(TABLE1_EVAL_LOC), + p + ) + + // t(zw) = table4(zw).η³ + table3(zw).η² + table2(zw).η + table1(zw) + let t_omega := + addmod( + addmod( + addmod( + mulmod(mload(TABLE4_OMEGA_EVAL_LOC), mload(C_ETA_CUBE_LOC), p), + mulmod(mload(TABLE3_OMEGA_EVAL_LOC), mload(C_ETA_SQR_LOC), p), + p + ), + mulmod(mload(TABLE2_OMEGA_EVAL_LOC), mload(C_ETA_LOC), p), + p + ), + mload(TABLE1_OMEGA_EVAL_LOC), + p + ) + + /** + * Goal: numerator = (TABLE_TYPE_EVAL * f(z) + γ) * (t(z) + βt(zω) + γ(β + 1)) * (β + 1) + * gamma_beta_constant = γ(β + 1) + * numerator = f * TABLE_TYPE_EVAL + gamma + * temp0 = t(z) + t(zω) * β + gamma_beta_constant + * numerator *= temp0 + * numerator *= (β + 1) + * temp0 = alpha * l_1 + * numerator += temp0 + * numerator *= z_lookup(z) + * numerator -= temp0 + */ + let gamma_beta_constant := mulmod(mload(C_GAMMA_LOC), addmod(mload(C_BETA_LOC), 1, p), p) + let numerator := addmod(mulmod(f, mload(TABLE_TYPE_EVAL_LOC), p), mload(C_GAMMA_LOC), p) + let temp0 := addmod(addmod(t, mulmod(t_omega, mload(C_BETA_LOC), p), p), gamma_beta_constant, p) + numerator := mulmod(numerator, temp0, p) + numerator := mulmod(numerator, addmod(mload(C_BETA_LOC), 1, p), p) + temp0 := mulmod(mload(C_ALPHA_LOC), mload(L_START_LOC), p) + numerator := addmod(numerator, temp0, p) + numerator := mulmod(numerator, mload(Z_LOOKUP_EVAL_LOC), p) + numerator := addmod(numerator, sub(p, temp0), p) + + /** + * Goal: denominator = z_lookup(zω)*[s(z) + βs(zω) + γ(1 + β)] - [z_lookup(zω) - [γ(1 + β)]^{n-k}]*α²L_end(z) + * note: delta_factor = [γ(1 + β)]^{n-k} + * denominator = s(z) + βs(zω) + γ(β + 1) + * temp1 = α²L_end(z) + * denominator -= temp1 + * denominator *= z_lookup(zω) + * denominator += temp1 * delta_factor + * PLOOKUP_IDENTITY = (numerator - denominator).alpha_base + * alpha_base *= alpha^3 + */ + let denominator := + addmod( + addmod(mload(S_EVAL_LOC), mulmod(mload(S_OMEGA_EVAL_LOC), mload(C_BETA_LOC), p), p), + gamma_beta_constant, + p + ) + let temp1 := mulmod(mload(C_ALPHA_SQR_LOC), mload(L_END_LOC), p) + denominator := addmod(denominator, sub(p, temp1), p) + denominator := mulmod(denominator, mload(Z_LOOKUP_OMEGA_EVAL_LOC), p) + denominator := addmod(denominator, mulmod(temp1, mload(PLOOKUP_DELTA_LOC), p), p) + + mstore(PLOOKUP_IDENTITY, mulmod(addmod(numerator, sub(p, denominator), p), mload(C_ALPHA_BASE_LOC), p)) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_CUBE_LOC), p)) + } + + /** + * COMPUTE ARITHMETIC WIDGET EVALUATION + */ + { + /** + * The basic arithmetic gate identity in standard plonk is as follows. + * (w_1 . w_2 . q_m) + (w_1 . q_1) + (w_2 . q_2) + (w_3 . q_3) + (w_4 . q_4) + q_c = 0 + * However, for Ultraplonk, we extend this to support "passing" wires between rows (shown without alpha scaling below): + * q_arith * ( ( (-1/2) * (q_arith - 3) * q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c ) + + * (q_arith - 1)*( α * (q_arith - 2) * (w_1 + w_4 - w_1_omega + q_m) + w_4_omega) ) = 0 + * + * This formula results in several cases depending on q_arith: + * 1. q_arith == 0: Arithmetic gate is completely disabled + * + * 2. q_arith == 1: Everything in the minigate on the right is disabled. The equation is just a standard plonk equation + * with extra wires: q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c = 0 + * + * 3. q_arith == 2: The (w_1 + w_4 - ...) term is disabled. THe equation is: + * (1/2) * q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + w_4_omega = 0 + * It allows defining w_4 at next index (w_4_omega) in terms of current wire values + * + * 4. q_arith == 3: The product of w_1 and w_2 is disabled, but a mini addition gate is enabled. α allows us to split + * the equation into two: + * + * q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + 2 * w_4_omega = 0 + * and + * w_1 + w_4 - w_1_omega + q_m = 0 (we are reusing q_m here) + * + * 5. q_arith > 3: The product of w_1 and w_2 is scaled by (q_arith - 3), while the w_4_omega term is scaled by (q_arith - 1). + * The equation can be split into two: + * + * (q_arith - 3)* q_m * w_1 * w_ 2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + (q_arith - 1) * w_4_omega = 0 + * and + * w_1 + w_4 - w_1_omega + q_m = 0 + * + * The problem that q_m is used both in both equations can be dealt with by appropriately changing selector values at + * the next gate. Then we can treat (q_arith - 1) as a simulated q_6 selector and scale q_m to handle (q_arith - 3) at + * product. + */ + + let w1q1 := mulmod(mload(W1_EVAL_LOC), mload(Q1_EVAL_LOC), p) + let w2q2 := mulmod(mload(W2_EVAL_LOC), mload(Q2_EVAL_LOC), p) + let w3q3 := mulmod(mload(W3_EVAL_LOC), mload(Q3_EVAL_LOC), p) + let w4q3 := mulmod(mload(W4_EVAL_LOC), mload(Q4_EVAL_LOC), p) + + // @todo - Add a explicit test that hits QARITH == 3 + // w1w2qm := (w_1 . w_2 . q_m . (QARITH_EVAL_LOC - 3)) / 2 + let w1w2qm := + mulmod( + mulmod( + mulmod(mulmod(mload(W1_EVAL_LOC), mload(W2_EVAL_LOC), p), mload(QM_EVAL_LOC), p), + addmod(mload(QARITH_EVAL_LOC), sub(p, 3), p), + p + ), + NEGATIVE_INVERSE_OF_2_MODULO_P, + p + ) + + // (w_1 . w_2 . q_m . (q_arith - 3)) / -2) + (w_1 . q_1) + (w_2 . q_2) + (w_3 . q_3) + (w_4 . q_4) + q_c + let identity := + addmod( + mload(QC_EVAL_LOC), addmod(w4q3, addmod(w3q3, addmod(w2q2, addmod(w1q1, w1w2qm, p), p), p), p), p + ) + + // if q_arith == 3 we evaluate an additional mini addition gate (on top of the regular one), where: + // w_1 + w_4 - w_1_omega + q_m = 0 + // we use this gate to save an addition gate when adding or subtracting non-native field elements + // α * (q_arith - 2) * (w_1 + w_4 - w_1_omega + q_m) + let extra_small_addition_gate_identity := + mulmod( + mload(C_ALPHA_LOC), + mulmod( + addmod(mload(QARITH_EVAL_LOC), sub(p, 2), p), + addmod( + mload(QM_EVAL_LOC), + addmod( + sub(p, mload(W1_OMEGA_EVAL_LOC)), addmod(mload(W1_EVAL_LOC), mload(W4_EVAL_LOC), p), p + ), + p + ), + p + ), + p + ) + + // if q_arith == 2 OR q_arith == 3 we add the 4th wire of the NEXT gate into the arithmetic identity + // N.B. if q_arith > 2, this wire value will be scaled by (q_arith - 1) relative to the other gate wires! + // alpha_base * q_arith * (identity + (q_arith - 1) * (w_4_omega + extra_small_addition_gate_identity)) + mstore( + ARITHMETIC_IDENTITY, + mulmod( + mload(C_ALPHA_BASE_LOC), + mulmod( + mload(QARITH_EVAL_LOC), + addmod( + identity, + mulmod( + addmod(mload(QARITH_EVAL_LOC), sub(p, 1), p), + addmod(mload(W4_OMEGA_EVAL_LOC), extra_small_addition_gate_identity, p), + p + ), + p + ), + p + ), + p + ) + ) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_SQR_LOC), p)) + } + + /** + * COMPUTE GENPERMSORT WIDGET EVALUATION + */ + { + /** + * D1 = (w2 - w1) + * D2 = (w3 - w2) + * D3 = (w4 - w3) + * D4 = (w1_omega - w4) + * + * α_a = alpha_base + * α_b = alpha_base * α + * α_c = alpha_base * α^2 + * α_d = alpha_base * α^3 + * + * range_accumulator = ( + * D1(D1 - 1)(D1 - 2)(D1 - 3).α_a + + * D2(D2 - 1)(D2 - 2)(D2 - 3).α_b + + * D3(D3 - 1)(D3 - 2)(D3 - 3).α_c + + * D4(D4 - 1)(D4 - 2)(D4 - 3).α_d + + * ) . q_sort + */ + let minus_two := sub(p, 2) + let minus_three := sub(p, 3) + let d1 := addmod(mload(W2_EVAL_LOC), sub(p, mload(W1_EVAL_LOC)), p) + let d2 := addmod(mload(W3_EVAL_LOC), sub(p, mload(W2_EVAL_LOC)), p) + let d3 := addmod(mload(W4_EVAL_LOC), sub(p, mload(W3_EVAL_LOC)), p) + let d4 := addmod(mload(W1_OMEGA_EVAL_LOC), sub(p, mload(W4_EVAL_LOC)), p) + + let range_accumulator := + mulmod( + mulmod( + mulmod(addmod(mulmod(d1, d1, p), sub(p, d1), p), addmod(d1, minus_two, p), p), + addmod(d1, minus_three, p), + p + ), + mload(C_ALPHA_BASE_LOC), + p + ) + range_accumulator := + addmod( + range_accumulator, + mulmod( + mulmod( + mulmod(addmod(mulmod(d2, d2, p), sub(p, d2), p), addmod(d2, minus_two, p), p), + addmod(d2, minus_three, p), + p + ), + mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p), + p + ), + p + ) + range_accumulator := + addmod( + range_accumulator, + mulmod( + mulmod( + mulmod(addmod(mulmod(d3, d3, p), sub(p, d3), p), addmod(d3, minus_two, p), p), + addmod(d3, minus_three, p), + p + ), + mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_SQR_LOC), p), + p + ), + p + ) + range_accumulator := + addmod( + range_accumulator, + mulmod( + mulmod( + mulmod(addmod(mulmod(d4, d4, p), sub(p, d4), p), addmod(d4, minus_two, p), p), + addmod(d4, minus_three, p), + p + ), + mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_CUBE_LOC), p), + p + ), + p + ) + range_accumulator := mulmod(range_accumulator, mload(QSORT_EVAL_LOC), p) + + mstore(SORT_IDENTITY, range_accumulator) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_QUAD_LOC), p)) + } + + /** + * COMPUTE ELLIPTIC WIDGET EVALUATION + */ + { + /** + * endo_term = (-x_2) * x_1 * (x_3 * 2 + x_1) * q_beta + * endo_sqr_term = x_2^2 + * endo_sqr_term *= (x_3 - x_1) + * endo_sqr_term *= q_beta^2 + * leftovers = x_2^2 + * leftovers *= x_2 + * leftovers += x_1^2 * (x_3 + x_1) @follow-up Invalid comment in BB widget + * leftovers -= (y_2^2 + y_1^2) + * sign_term = y_2 * y_1 + * sign_term += sign_term + * sign_term *= q_sign + */ + // q_elliptic * (x3 + x2 + x1)(x2 - x1)(x2 - x1) - y2^2 - y1^2 + 2(y2y1)*q_sign = 0 + let x_diff := addmod(mload(X2_EVAL_LOC), sub(p, mload(X1_EVAL_LOC)), p) + let y2_sqr := mulmod(mload(Y2_EVAL_LOC), mload(Y2_EVAL_LOC), p) + let y1_sqr := mulmod(mload(Y1_EVAL_LOC), mload(Y1_EVAL_LOC), p) + let y1y2 := mulmod(mulmod(mload(Y1_EVAL_LOC), mload(Y2_EVAL_LOC), p), mload(QSIGN_LOC), p) + + let x_add_identity := + addmod( + mulmod( + addmod(mload(X3_EVAL_LOC), addmod(mload(X2_EVAL_LOC), mload(X1_EVAL_LOC), p), p), + mulmod(x_diff, x_diff, p), + p + ), + addmod( + sub( + p, + addmod(y2_sqr, y1_sqr, p) + ), + addmod(y1y2, y1y2, p), + p + ), + p + ) + x_add_identity := + mulmod( + mulmod( + x_add_identity, + addmod( + 1, + sub(p, mload(QM_EVAL_LOC)), + p + ), + p + ), + mload(C_ALPHA_BASE_LOC), + p + ) + + // q_elliptic * (x3 + x2 + x1)(x2 - x1)(x2 - x1) - y2^2 - y1^2 + 2(y2y1)*q_sign = 0 + let y1_plus_y3 := addmod( + mload(Y1_EVAL_LOC), + mload(Y3_EVAL_LOC), + p + ) + let y_diff := addmod(mulmod(mload(Y2_EVAL_LOC), mload(QSIGN_LOC), p), sub(p, mload(Y1_EVAL_LOC)), p) + let y_add_identity := + addmod( + mulmod(y1_plus_y3, x_diff, p), + mulmod(addmod(mload(X3_EVAL_LOC), sub(p, mload(X1_EVAL_LOC)), p), y_diff, p), + p + ) + y_add_identity := + mulmod( + mulmod(y_add_identity, addmod(1, sub(p, mload(QM_EVAL_LOC)), p), p), + mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p), + p + ) + + // ELLIPTIC_IDENTITY = (x_identity + y_identity) * Q_ELLIPTIC_EVAL + mstore( + ELLIPTIC_IDENTITY, mulmod(addmod(x_add_identity, y_add_identity, p), mload(QELLIPTIC_EVAL_LOC), p) + ) + } + { + /** + * x_pow_4 = (y_1_sqr - curve_b) * x_1; + * y_1_sqr_mul_4 = y_1_sqr + y_1_sqr; + * y_1_sqr_mul_4 += y_1_sqr_mul_4; + * x_1_pow_4_mul_9 = x_pow_4; + * x_1_pow_4_mul_9 += x_1_pow_4_mul_9; + * x_1_pow_4_mul_9 += x_1_pow_4_mul_9; + * x_1_pow_4_mul_9 += x_1_pow_4_mul_9; + * x_1_pow_4_mul_9 += x_pow_4; + * x_1_sqr_mul_3 = x_1_sqr + x_1_sqr + x_1_sqr; + * x_double_identity = (x_3 + x_1 + x_1) * y_1_sqr_mul_4 - x_1_pow_4_mul_9; + * y_double_identity = x_1_sqr_mul_3 * (x_1 - x_3) - (y_1 + y_1) * (y_1 + y_3); + */ + // (x3 + x1 + x1) (4y1*y1) - 9 * x1 * x1 * x1 * x1 = 0 + let x1_sqr := mulmod(mload(X1_EVAL_LOC), mload(X1_EVAL_LOC), p) + let y1_sqr := mulmod(mload(Y1_EVAL_LOC), mload(Y1_EVAL_LOC), p) + let x_pow_4 := mulmod(addmod(y1_sqr, GRUMPKIN_CURVE_B_PARAMETER_NEGATED, p), mload(X1_EVAL_LOC), p) + let y1_sqr_mul_4 := mulmod(y1_sqr, 4, p) + let x1_pow_4_mul_9 := mulmod(x_pow_4, 9, p) + let x1_sqr_mul_3 := mulmod(x1_sqr, 3, p) + let x_double_identity := + addmod( + mulmod( + addmod(mload(X3_EVAL_LOC), addmod(mload(X1_EVAL_LOC), mload(X1_EVAL_LOC), p), p), + y1_sqr_mul_4, + p + ), + sub(p, x1_pow_4_mul_9), + p + ) + // (y1 + y1) (2y1) - (3 * x1 * x1)(x1 - x3) = 0 + let y_double_identity := + addmod( + mulmod(x1_sqr_mul_3, addmod(mload(X1_EVAL_LOC), sub(p, mload(X3_EVAL_LOC)), p), p), + sub( + p, + mulmod( + addmod(mload(Y1_EVAL_LOC), mload(Y1_EVAL_LOC), p), + addmod(mload(Y1_EVAL_LOC), mload(Y3_EVAL_LOC), p), + p + ) + ), + p + ) + x_double_identity := mulmod(x_double_identity, mload(C_ALPHA_BASE_LOC), p) + y_double_identity := + mulmod(y_double_identity, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_LOC), p), p) + x_double_identity := mulmod(x_double_identity, mload(QM_EVAL_LOC), p) + y_double_identity := mulmod(y_double_identity, mload(QM_EVAL_LOC), p) + // ELLIPTIC_IDENTITY += (x_double_identity + y_double_identity) * Q_DOUBLE_EVAL + mstore( + ELLIPTIC_IDENTITY, + addmod( + mload(ELLIPTIC_IDENTITY), + mulmod(addmod(x_double_identity, y_double_identity, p), mload(QELLIPTIC_EVAL_LOC), p), + p + ) + ) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_QUAD_LOC), p)) + } + + /** + * COMPUTE AUXILIARY WIDGET EVALUATION + */ + { + { + /** + * Non native field arithmetic gate 2 + * _ _ + * / _ _ _ 14 \ + * q_2 . q_4 | (w_1 . w_2) + (w_1 . w_2) + (w_1 . w_4 + w_2 . w_3 - w_3) . 2 - w_3 - w_4 | + * \_ _/ + * + * limb_subproduct = w_1 . w_2_omega + w_1_omega . w_2 + * non_native_field_gate_2 = w_1 * w_4 + w_4 * w_3 - w_3_omega + * non_native_field_gate_2 = non_native_field_gate_2 * limb_size + * non_native_field_gate_2 -= w_4_omega + * non_native_field_gate_2 += limb_subproduct + * non_native_field_gate_2 *= q_4 + * limb_subproduct *= limb_size + * limb_subproduct += w_1_omega * w_2_omega + * non_native_field_gate_1 = (limb_subproduct + w_3 + w_4) * q_3 + * non_native_field_gate_3 = (limb_subproduct + w_4 - (w_3_omega + w_4_omega)) * q_m + * non_native_field_identity = (non_native_field_gate_1 + non_native_field_gate_2 + non_native_field_gate_3) * q_2 + */ + + let limb_subproduct := + addmod( + mulmod(mload(W1_EVAL_LOC), mload(W2_OMEGA_EVAL_LOC), p), + mulmod(mload(W1_OMEGA_EVAL_LOC), mload(W2_EVAL_LOC), p), + p + ) + + let non_native_field_gate_2 := + addmod( + addmod( + mulmod(mload(W1_EVAL_LOC), mload(W4_EVAL_LOC), p), + mulmod(mload(W2_EVAL_LOC), mload(W3_EVAL_LOC), p), + p + ), + sub(p, mload(W3_OMEGA_EVAL_LOC)), + p + ) + non_native_field_gate_2 := mulmod(non_native_field_gate_2, LIMB_SIZE, p) + non_native_field_gate_2 := addmod(non_native_field_gate_2, sub(p, mload(W4_OMEGA_EVAL_LOC)), p) + non_native_field_gate_2 := addmod(non_native_field_gate_2, limb_subproduct, p) + non_native_field_gate_2 := mulmod(non_native_field_gate_2, mload(Q4_EVAL_LOC), p) + limb_subproduct := mulmod(limb_subproduct, LIMB_SIZE, p) + limb_subproduct := + addmod(limb_subproduct, mulmod(mload(W1_OMEGA_EVAL_LOC), mload(W2_OMEGA_EVAL_LOC), p), p) + let non_native_field_gate_1 := + mulmod( + addmod(limb_subproduct, sub(p, addmod(mload(W3_EVAL_LOC), mload(W4_EVAL_LOC), p)), p), + mload(Q3_EVAL_LOC), + p + ) + let non_native_field_gate_3 := + mulmod( + addmod( + addmod(limb_subproduct, mload(W4_EVAL_LOC), p), + sub(p, addmod(mload(W3_OMEGA_EVAL_LOC), mload(W4_OMEGA_EVAL_LOC), p)), + p + ), + mload(QM_EVAL_LOC), + p + ) + let non_native_field_identity := + mulmod( + addmod(addmod(non_native_field_gate_1, non_native_field_gate_2, p), non_native_field_gate_3, p), + mload(Q2_EVAL_LOC), + p + ) + + mstore(AUX_NON_NATIVE_FIELD_EVALUATION, non_native_field_identity) + } + + { + /** + * limb_accumulator_1 = w_2_omega; + * limb_accumulator_1 *= SUBLIMB_SHIFT; + * limb_accumulator_1 += w_1_omega; + * limb_accumulator_1 *= SUBLIMB_SHIFT; + * limb_accumulator_1 += w_3; + * limb_accumulator_1 *= SUBLIMB_SHIFT; + * limb_accumulator_1 += w_2; + * limb_accumulator_1 *= SUBLIMB_SHIFT; + * limb_accumulator_1 += w_1; + * limb_accumulator_1 -= w_4; + * limb_accumulator_1 *= q_4; + */ + let limb_accumulator_1 := mulmod(mload(W2_OMEGA_EVAL_LOC), SUBLIMB_SHIFT, p) + limb_accumulator_1 := addmod(limb_accumulator_1, mload(W1_OMEGA_EVAL_LOC), p) + limb_accumulator_1 := mulmod(limb_accumulator_1, SUBLIMB_SHIFT, p) + limb_accumulator_1 := addmod(limb_accumulator_1, mload(W3_EVAL_LOC), p) + limb_accumulator_1 := mulmod(limb_accumulator_1, SUBLIMB_SHIFT, p) + limb_accumulator_1 := addmod(limb_accumulator_1, mload(W2_EVAL_LOC), p) + limb_accumulator_1 := mulmod(limb_accumulator_1, SUBLIMB_SHIFT, p) + limb_accumulator_1 := addmod(limb_accumulator_1, mload(W1_EVAL_LOC), p) + limb_accumulator_1 := addmod(limb_accumulator_1, sub(p, mload(W4_EVAL_LOC)), p) + limb_accumulator_1 := mulmod(limb_accumulator_1, mload(Q4_EVAL_LOC), p) + + /** + * limb_accumulator_2 = w_3_omega; + * limb_accumulator_2 *= SUBLIMB_SHIFT; + * limb_accumulator_2 += w_2_omega; + * limb_accumulator_2 *= SUBLIMB_SHIFT; + * limb_accumulator_2 += w_1_omega; + * limb_accumulator_2 *= SUBLIMB_SHIFT; + * limb_accumulator_2 += w_4; + * limb_accumulator_2 *= SUBLIMB_SHIFT; + * limb_accumulator_2 += w_3; + * limb_accumulator_2 -= w_4_omega; + * limb_accumulator_2 *= q_m; + */ + let limb_accumulator_2 := mulmod(mload(W3_OMEGA_EVAL_LOC), SUBLIMB_SHIFT, p) + limb_accumulator_2 := addmod(limb_accumulator_2, mload(W2_OMEGA_EVAL_LOC), p) + limb_accumulator_2 := mulmod(limb_accumulator_2, SUBLIMB_SHIFT, p) + limb_accumulator_2 := addmod(limb_accumulator_2, mload(W1_OMEGA_EVAL_LOC), p) + limb_accumulator_2 := mulmod(limb_accumulator_2, SUBLIMB_SHIFT, p) + limb_accumulator_2 := addmod(limb_accumulator_2, mload(W4_EVAL_LOC), p) + limb_accumulator_2 := mulmod(limb_accumulator_2, SUBLIMB_SHIFT, p) + limb_accumulator_2 := addmod(limb_accumulator_2, mload(W3_EVAL_LOC), p) + limb_accumulator_2 := addmod(limb_accumulator_2, sub(p, mload(W4_OMEGA_EVAL_LOC)), p) + limb_accumulator_2 := mulmod(limb_accumulator_2, mload(QM_EVAL_LOC), p) + + mstore( + AUX_LIMB_ACCUMULATOR_EVALUATION, + mulmod(addmod(limb_accumulator_1, limb_accumulator_2, p), mload(Q3_EVAL_LOC), p) + ) + } + + { + /** + * memory_record_check = w_3; + * memory_record_check *= eta; + * memory_record_check += w_2; + * memory_record_check *= eta; + * memory_record_check += w_1; + * memory_record_check *= eta; + * memory_record_check += q_c; + * + * partial_record_check = memory_record_check; + * + * memory_record_check -= w_4; + */ + + let memory_record_check := mulmod(mload(W3_EVAL_LOC), mload(C_ETA_LOC), p) + memory_record_check := addmod(memory_record_check, mload(W2_EVAL_LOC), p) + memory_record_check := mulmod(memory_record_check, mload(C_ETA_LOC), p) + memory_record_check := addmod(memory_record_check, mload(W1_EVAL_LOC), p) + memory_record_check := mulmod(memory_record_check, mload(C_ETA_LOC), p) + memory_record_check := addmod(memory_record_check, mload(QC_EVAL_LOC), p) + + let partial_record_check := memory_record_check + memory_record_check := addmod(memory_record_check, sub(p, mload(W4_EVAL_LOC)), p) + + mstore(AUX_MEMORY_EVALUATION, memory_record_check) + + // index_delta = w_1_omega - w_1 + let index_delta := addmod(mload(W1_OMEGA_EVAL_LOC), sub(p, mload(W1_EVAL_LOC)), p) + // record_delta = w_4_omega - w_4 + let record_delta := addmod(mload(W4_OMEGA_EVAL_LOC), sub(p, mload(W4_EVAL_LOC)), p) + // index_is_monotonically_increasing = index_delta * (index_delta - 1) + let index_is_monotonically_increasing := mulmod(index_delta, addmod(index_delta, sub(p, 1), p), p) + + // adjacent_values_match_if_adjacent_indices_match = record_delta * (1 - index_delta) + let adjacent_values_match_if_adjacent_indices_match := + mulmod(record_delta, addmod(1, sub(p, index_delta), p), p) + + // AUX_ROM_CONSISTENCY_EVALUATION = ((adjacent_values_match_if_adjacent_indices_match * alpha) + index_is_monotonically_increasing) * alpha + partial_record_check + mstore( + AUX_ROM_CONSISTENCY_EVALUATION, + addmod( + mulmod( + addmod( + mulmod(adjacent_values_match_if_adjacent_indices_match, mload(C_ALPHA_LOC), p), + index_is_monotonically_increasing, + p + ), + mload(C_ALPHA_LOC), + p + ), + memory_record_check, + p + ) + ) + + { + /** + * next_gate_access_type = w_3_omega; + * next_gate_access_type *= eta; + * next_gate_access_type += w_2_omega; + * next_gate_access_type *= eta; + * next_gate_access_type += w_1_omega; + * next_gate_access_type *= eta; + * next_gate_access_type = w_4_omega - next_gate_access_type; + */ + let next_gate_access_type := mulmod(mload(W3_OMEGA_EVAL_LOC), mload(C_ETA_LOC), p) + next_gate_access_type := addmod(next_gate_access_type, mload(W2_OMEGA_EVAL_LOC), p) + next_gate_access_type := mulmod(next_gate_access_type, mload(C_ETA_LOC), p) + next_gate_access_type := addmod(next_gate_access_type, mload(W1_OMEGA_EVAL_LOC), p) + next_gate_access_type := mulmod(next_gate_access_type, mload(C_ETA_LOC), p) + next_gate_access_type := addmod(mload(W4_OMEGA_EVAL_LOC), sub(p, next_gate_access_type), p) + + // value_delta = w_3_omega - w_3 + let value_delta := addmod(mload(W3_OMEGA_EVAL_LOC), sub(p, mload(W3_EVAL_LOC)), p) + // adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation = (1 - index_delta) * value_delta * (1 - next_gate_access_type); + + let adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation := + mulmod( + addmod(1, sub(p, index_delta), p), + mulmod(value_delta, addmod(1, sub(p, next_gate_access_type), p), p), + p + ) + + // AUX_RAM_CONSISTENCY_EVALUATION + + /** + * access_type = w_4 - partial_record_check + * access_check = access_type^2 - access_type + * next_gate_access_type_is_boolean = next_gate_access_type^2 - next_gate_access_type + * RAM_consistency_check_identity = adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation; + * RAM_consistency_check_identity *= alpha; + * RAM_consistency_check_identity += index_is_monotonically_increasing; + * RAM_consistency_check_identity *= alpha; + * RAM_consistency_check_identity += next_gate_access_type_is_boolean; + * RAM_consistency_check_identity *= alpha; + * RAM_consistency_check_identity += access_check; + */ + + let access_type := addmod(mload(W4_EVAL_LOC), sub(p, partial_record_check), p) + let access_check := mulmod(access_type, addmod(access_type, sub(p, 1), p), p) + let next_gate_access_type_is_boolean := + mulmod(next_gate_access_type, addmod(next_gate_access_type, sub(p, 1), p), p) + let RAM_cci := + mulmod( + adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation, + mload(C_ALPHA_LOC), + p + ) + RAM_cci := addmod(RAM_cci, index_is_monotonically_increasing, p) + RAM_cci := mulmod(RAM_cci, mload(C_ALPHA_LOC), p) + RAM_cci := addmod(RAM_cci, next_gate_access_type_is_boolean, p) + RAM_cci := mulmod(RAM_cci, mload(C_ALPHA_LOC), p) + RAM_cci := addmod(RAM_cci, access_check, p) + + mstore(AUX_RAM_CONSISTENCY_EVALUATION, RAM_cci) + } + + { + // timestamp_delta = w_2_omega - w_2 + let timestamp_delta := addmod(mload(W2_OMEGA_EVAL_LOC), sub(p, mload(W2_EVAL_LOC)), p) + + // RAM_timestamp_check_identity = (1 - index_delta) * timestamp_delta - w_3 + let RAM_timestamp_check_identity := + addmod( + mulmod(timestamp_delta, addmod(1, sub(p, index_delta), p), p), sub(p, mload(W3_EVAL_LOC)), p + ) + + /** + * memory_identity = ROM_consistency_check_identity * q_2; + * memory_identity += RAM_timestamp_check_identity * q_4; + * memory_identity += memory_record_check * q_m; + * memory_identity *= q_1; + * memory_identity += (RAM_consistency_check_identity * q_arith); + * + * auxiliary_identity = memory_identity + non_native_field_identity + limb_accumulator_identity; + * auxiliary_identity *= q_aux; + * auxiliary_identity *= alpha_base; + */ + let memory_identity := mulmod(mload(AUX_ROM_CONSISTENCY_EVALUATION), mload(Q2_EVAL_LOC), p) + memory_identity := + addmod(memory_identity, mulmod(RAM_timestamp_check_identity, mload(Q4_EVAL_LOC), p), p) + memory_identity := + addmod(memory_identity, mulmod(mload(AUX_MEMORY_EVALUATION), mload(QM_EVAL_LOC), p), p) + memory_identity := mulmod(memory_identity, mload(Q1_EVAL_LOC), p) + memory_identity := + addmod( + memory_identity, mulmod(mload(AUX_RAM_CONSISTENCY_EVALUATION), mload(QARITH_EVAL_LOC), p), p + ) + + let auxiliary_identity := addmod(memory_identity, mload(AUX_NON_NATIVE_FIELD_EVALUATION), p) + auxiliary_identity := addmod(auxiliary_identity, mload(AUX_LIMB_ACCUMULATOR_EVALUATION), p) + auxiliary_identity := mulmod(auxiliary_identity, mload(QAUX_EVAL_LOC), p) + auxiliary_identity := mulmod(auxiliary_identity, mload(C_ALPHA_BASE_LOC), p) + + mstore(AUX_IDENTITY, auxiliary_identity) + + // update alpha + mstore(C_ALPHA_BASE_LOC, mulmod(mload(C_ALPHA_BASE_LOC), mload(C_ALPHA_CUBE_LOC), p)) + } + } + } + + { + /** + * quotient = ARITHMETIC_IDENTITY + * quotient += PERMUTATION_IDENTITY + * quotient += PLOOKUP_IDENTITY + * quotient += SORT_IDENTITY + * quotient += ELLIPTIC_IDENTITY + * quotient += AUX_IDENTITY + * quotient *= ZERO_POLY_INVERSE + */ + mstore( + QUOTIENT_EVAL_LOC, + mulmod( + addmod( + addmod( + addmod( + addmod( + addmod(mload(PERMUTATION_IDENTITY), mload(PLOOKUP_IDENTITY), p), + mload(ARITHMETIC_IDENTITY), + p + ), + mload(SORT_IDENTITY), + p + ), + mload(ELLIPTIC_IDENTITY), + p + ), + mload(AUX_IDENTITY), + p + ), + mload(ZERO_POLY_INVERSE_LOC), + p + ) + ) + } + + /** + * GENERATE NU AND SEPARATOR CHALLENGES + */ + { + let current_challenge := mload(C_CURRENT_LOC) + // get a calldata pointer that points to the start of the data we want to copy + let calldata_ptr := add(calldataload(0x04), 0x24) + + calldata_ptr := add(calldata_ptr, NU_CALLDATA_SKIP_LENGTH) + + mstore(NU_CHALLENGE_INPUT_LOC_A, current_challenge) + mstore(NU_CHALLENGE_INPUT_LOC_B, mload(QUOTIENT_EVAL_LOC)) + calldatacopy(NU_CHALLENGE_INPUT_LOC_C, calldata_ptr, NU_INPUT_LENGTH) + + // hash length = (0x20 + num field elements), we include the previous challenge in the hash + let challenge := keccak256(NU_CHALLENGE_INPUT_LOC_A, add(NU_INPUT_LENGTH, 0x40)) + + mstore(C_V0_LOC, mod(challenge, p)) + // We need THIRTY-ONE independent nu challenges! + mstore(0x00, challenge) + mstore8(0x20, 0x01) + mstore(C_V1_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x02) + mstore(C_V2_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x03) + mstore(C_V3_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x04) + mstore(C_V4_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x05) + mstore(C_V5_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x06) + mstore(C_V6_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x07) + mstore(C_V7_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x08) + mstore(C_V8_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x09) + mstore(C_V9_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0a) + mstore(C_V10_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0b) + mstore(C_V11_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0c) + mstore(C_V12_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0d) + mstore(C_V13_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0e) + mstore(C_V14_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x0f) + mstore(C_V15_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x10) + mstore(C_V16_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x11) + mstore(C_V17_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x12) + mstore(C_V18_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x13) + mstore(C_V19_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x14) + mstore(C_V20_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x15) + mstore(C_V21_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x16) + mstore(C_V22_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x17) + mstore(C_V23_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x18) + mstore(C_V24_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x19) + mstore(C_V25_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x1a) + mstore(C_V26_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x1b) + mstore(C_V27_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x1c) + mstore(C_V28_LOC, mod(keccak256(0x00, 0x21), p)) + mstore8(0x20, 0x1d) + mstore(C_V29_LOC, mod(keccak256(0x00, 0x21), p)) + + // @follow-up - Why are both v29 and v30 using appending 0x1d to the prior challenge and hashing, should it not change? + mstore8(0x20, 0x1d) + challenge := keccak256(0x00, 0x21) + mstore(C_V30_LOC, mod(challenge, p)) + + // separator + mstore(0x00, challenge) + mstore(0x20, mload(PI_Z_Y_LOC)) + mstore(0x40, mload(PI_Z_X_LOC)) + mstore(0x60, mload(PI_Z_OMEGA_Y_LOC)) + mstore(0x80, mload(PI_Z_OMEGA_X_LOC)) + + mstore(C_U_LOC, mod(keccak256(0x00, 0xa0), p)) + } + + let success := 0 + // VALIDATE T1 + { + let x := mload(T1_X_LOC) + let y := mload(T1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(ACCUMULATOR_X_LOC, x) + mstore(add(ACCUMULATOR_X_LOC, 0x20), y) + } + // VALIDATE T2 + { + let x := mload(T2_X_LOC) // 0x1400 + let y := mload(T2_Y_LOC) // 0x1420 + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(ZETA_POW_N_LOC)) + // accumulator_2 = [T2].zeta^n + success := staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40) + // accumulator = [T1] + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE T3 + { + let x := mload(T3_X_LOC) + let y := mload(T3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(mload(ZETA_POW_N_LOC), mload(ZETA_POW_N_LOC), p)) + // accumulator_2 = [T3].zeta^{2n} + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE T4 + { + let x := mload(T4_X_LOC) + let y := mload(T4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(mulmod(mload(ZETA_POW_N_LOC), mload(ZETA_POW_N_LOC), p), mload(ZETA_POW_N_LOC), p)) + // accumulator_2 = [T4].zeta^{3n} + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE W1 + { + let x := mload(W1_X_LOC) + let y := mload(W1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V0_LOC), p)) + // accumulator_2 = v0.(u + 1).[W1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE W2 + { + let x := mload(W2_X_LOC) + let y := mload(W2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V1_LOC), p)) + // accumulator_2 = v1.(u + 1).[W2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE W3 + { + let x := mload(W3_X_LOC) + let y := mload(W3_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V2_LOC), p)) + // accumulator_2 = v2.(u + 1).[W3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE W4 + { + let x := mload(W4_X_LOC) + let y := mload(W4_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V3_LOC), p)) + // accumulator_2 = v3.(u + 1).[W4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE S + { + let x := mload(S_X_LOC) + let y := mload(S_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V4_LOC), p)) + // accumulator_2 = v4.(u + 1).[S] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Z + { + let x := mload(Z_X_LOC) + let y := mload(Z_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V5_LOC), p)) + // accumulator_2 = v5.(u + 1).[Z] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Z_LOOKUP + { + let x := mload(Z_LOOKUP_X_LOC) + let y := mload(Z_LOOKUP_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V6_LOC), p)) + // accumulator_2 = v6.(u + 1).[Z_LOOKUP] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Q1 + { + let x := mload(Q1_X_LOC) + let y := mload(Q1_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V7_LOC)) + // accumulator_2 = v7.[Q1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Q2 + { + let x := mload(Q2_X_LOC) + let y := mload(Q2_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V8_LOC)) + // accumulator_2 = v8.[Q2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Q3 + { + let x := mload(Q3_X_LOC) + let y := mload(Q3_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V9_LOC)) + // accumulator_2 = v9.[Q3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE Q4 + { + let x := mload(Q4_X_LOC) + let y := mload(Q4_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V10_LOC)) + // accumulator_2 = v10.[Q4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QM + { + let x := mload(QM_X_LOC) + let y := mload(QM_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V11_LOC)) + // accumulator_2 = v11.[Q;] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QC + { + let x := mload(QC_X_LOC) + let y := mload(QC_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V12_LOC)) + // accumulator_2 = v12.[QC] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QARITH + { + let x := mload(QARITH_X_LOC) + let y := mload(QARITH_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V13_LOC)) + // accumulator_2 = v13.[QARITH] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QSORT + { + let x := mload(QSORT_X_LOC) + let y := mload(QSORT_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V14_LOC)) + // accumulator_2 = v14.[QSORT] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QELLIPTIC + { + let x := mload(QELLIPTIC_X_LOC) + let y := mload(QELLIPTIC_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V15_LOC)) + // accumulator_2 = v15.[QELLIPTIC] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE QAUX + { + let x := mload(QAUX_X_LOC) + let y := mload(QAUX_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V16_LOC)) + // accumulator_2 = v15.[Q_AUX] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE SIGMA1 + { + let x := mload(SIGMA1_X_LOC) + let y := mload(SIGMA1_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V17_LOC)) + // accumulator_2 = v17.[sigma1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE SIGMA2 + { + let x := mload(SIGMA2_X_LOC) + let y := mload(SIGMA2_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V18_LOC)) + // accumulator_2 = v18.[sigma2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE SIGMA3 + { + let x := mload(SIGMA3_X_LOC) + let y := mload(SIGMA3_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V19_LOC)) + // accumulator_2 = v19.[sigma3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE SIGMA4 + { + let x := mload(SIGMA4_X_LOC) + let y := mload(SIGMA4_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V20_LOC)) + // accumulator_2 = v20.[sigma4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE1 + { + let x := mload(TABLE1_X_LOC) + let y := mload(TABLE1_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V21_LOC), p)) + // accumulator_2 = u.[table1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE2 + { + let x := mload(TABLE2_X_LOC) + let y := mload(TABLE2_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V22_LOC), p)) + // accumulator_2 = u.[table2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE3 + { + let x := mload(TABLE3_X_LOC) + let y := mload(TABLE3_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V23_LOC), p)) + // accumulator_2 = u.[table3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE4 + { + let x := mload(TABLE4_X_LOC) + let y := mload(TABLE4_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(addmod(mload(C_U_LOC), 0x1, p), mload(C_V24_LOC), p)) + // accumulator_2 = u.[table4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE TABLE_TYPE + { + let x := mload(TABLE_TYPE_X_LOC) + let y := mload(TABLE_TYPE_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V25_LOC)) + // accumulator_2 = v25.[TableType] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE ID1 + { + let x := mload(ID1_X_LOC) + let y := mload(ID1_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V26_LOC)) + // accumulator_2 = v26.[ID1] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE ID2 + { + let x := mload(ID2_X_LOC) + let y := mload(ID2_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V27_LOC)) + // accumulator_2 = v27.[ID2] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE ID3 + { + let x := mload(ID3_X_LOC) + let y := mload(ID3_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V28_LOC)) + // accumulator_2 = v28.[ID3] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE ID4 + { + let x := mload(ID4_X_LOC) + let y := mload(ID4_Y_LOC) + let xx := mulmod(x, x, q) + // Verification key fields verified to be on curve at contract deployment + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mload(C_V29_LOC)) + // accumulator_2 = v29.[ID4] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + /** + * COMPUTE BATCH EVALUATION SCALAR MULTIPLIER + */ + { + /** + * batch_evaluation = v0 * (w_1_omega * u + w_1_eval) + * batch_evaluation += v1 * (w_2_omega * u + w_2_eval) + * batch_evaluation += v2 * (w_3_omega * u + w_3_eval) + * batch_evaluation += v3 * (w_4_omega * u + w_4_eval) + * batch_evaluation += v4 * (s_omega_eval * u + s_eval) + * batch_evaluation += v5 * (z_omega_eval * u + z_eval) + * batch_evaluation += v6 * (z_lookup_omega_eval * u + z_lookup_eval) + */ + let batch_evaluation := + mulmod( + mload(C_V0_LOC), + addmod(mulmod(mload(W1_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W1_EVAL_LOC), p), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V1_LOC), + addmod(mulmod(mload(W2_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W2_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V2_LOC), + addmod(mulmod(mload(W3_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W3_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V3_LOC), + addmod(mulmod(mload(W4_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(W4_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V4_LOC), + addmod(mulmod(mload(S_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(S_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V5_LOC), + addmod(mulmod(mload(Z_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(Z_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V6_LOC), + addmod(mulmod(mload(Z_LOOKUP_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(Z_LOOKUP_EVAL_LOC), p), + p + ), + p + ) + + /** + * batch_evaluation += v7 * Q1_EVAL + * batch_evaluation += v8 * Q2_EVAL + * batch_evaluation += v9 * Q3_EVAL + * batch_evaluation += v10 * Q4_EVAL + * batch_evaluation += v11 * QM_EVAL + * batch_evaluation += v12 * QC_EVAL + * batch_evaluation += v13 * QARITH_EVAL + * batch_evaluation += v14 * QSORT_EVAL_LOC + * batch_evaluation += v15 * QELLIPTIC_EVAL_LOC + * batch_evaluation += v16 * QAUX_EVAL_LOC + * batch_evaluation += v17 * SIGMA1_EVAL_LOC + * batch_evaluation += v18 * SIGMA2_EVAL_LOC + * batch_evaluation += v19 * SIGMA3_EVAL_LOC + * batch_evaluation += v20 * SIGMA4_EVAL_LOC + */ + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V7_LOC), mload(Q1_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V8_LOC), mload(Q2_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V9_LOC), mload(Q3_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V10_LOC), mload(Q4_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V11_LOC), mload(QM_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V12_LOC), mload(QC_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V13_LOC), mload(QARITH_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V14_LOC), mload(QSORT_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V15_LOC), mload(QELLIPTIC_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V16_LOC), mload(QAUX_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V17_LOC), mload(SIGMA1_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V18_LOC), mload(SIGMA2_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V19_LOC), mload(SIGMA3_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V20_LOC), mload(SIGMA4_EVAL_LOC), p), p) + + /** + * batch_evaluation += v21 * (table1(zw) * u + table1(z)) + * batch_evaluation += v22 * (table2(zw) * u + table2(z)) + * batch_evaluation += v23 * (table3(zw) * u + table3(z)) + * batch_evaluation += v24 * (table4(zw) * u + table4(z)) + * batch_evaluation += v25 * table_type_eval + * batch_evaluation += v26 * id1_eval + * batch_evaluation += v27 * id2_eval + * batch_evaluation += v28 * id3_eval + * batch_evaluation += v29 * id4_eval + * batch_evaluation += quotient_eval + */ + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V21_LOC), + addmod(mulmod(mload(TABLE1_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE1_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V22_LOC), + addmod(mulmod(mload(TABLE2_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE2_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V23_LOC), + addmod(mulmod(mload(TABLE3_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE3_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := + addmod( + batch_evaluation, + mulmod( + mload(C_V24_LOC), + addmod(mulmod(mload(TABLE4_OMEGA_EVAL_LOC), mload(C_U_LOC), p), mload(TABLE4_EVAL_LOC), p), + p + ), + p + ) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V25_LOC), mload(TABLE_TYPE_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V26_LOC), mload(ID1_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V27_LOC), mload(ID2_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V28_LOC), mload(ID3_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mulmod(mload(C_V29_LOC), mload(ID4_EVAL_LOC), p), p) + batch_evaluation := addmod(batch_evaluation, mload(QUOTIENT_EVAL_LOC), p) + + mstore(0x00, 0x01) // [1].x + mstore(0x20, 0x02) // [1].y + mstore(0x40, sub(p, batch_evaluation)) + // accumulator_2 = -[1].(batch_evaluation) + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + if iszero(success) { + mstore(0x0, OPENING_COMMITMENT_FAILED_SELECTOR) + revert(0x00, 0x04) + } + } + + /** + * PERFORM PAIRING PREAMBLE + */ + { + let u := mload(C_U_LOC) + let zeta := mload(C_ZETA_LOC) + // VALIDATE PI_Z + { + let x := mload(PI_Z_X_LOC) + let y := mload(PI_Z_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + // compute zeta.[PI_Z] and add into accumulator + mstore(0x40, zeta) + success := staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40) + // accumulator = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, ACCUMULATOR_X_LOC, 0x40)) + + // VALIDATE PI_Z_OMEGA + { + let x := mload(PI_Z_OMEGA_X_LOC) + let y := mload(PI_Z_OMEGA_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + mstore(0x40, mulmod(mulmod(u, zeta, p), mload(OMEGA_LOC), p)) + // accumulator_2 = u.zeta.omega.[PI_Z_OMEGA] + success := and(success, staticcall(gas(), 7, 0x00, 0x60, ACCUMULATOR2_X_LOC, 0x40)) + // PAIRING_RHS = accumulator + accumulator_2 + success := and(success, staticcall(gas(), 6, ACCUMULATOR_X_LOC, 0x80, PAIRING_RHS_X_LOC, 0x40)) + + mstore(0x00, mload(PI_Z_X_LOC)) + mstore(0x20, mload(PI_Z_Y_LOC)) + mstore(0x40, mload(PI_Z_OMEGA_X_LOC)) + mstore(0x60, mload(PI_Z_OMEGA_Y_LOC)) + mstore(0x80, u) + success := and(success, staticcall(gas(), 7, 0x40, 0x60, 0x40, 0x40)) + // PAIRING_LHS = [PI_Z] + [PI_Z_OMEGA] * u + success := and(success, staticcall(gas(), 6, 0x00, 0x80, PAIRING_LHS_X_LOC, 0x40)) + // negate lhs y-coordinate + mstore(PAIRING_LHS_Y_LOC, sub(q, mload(PAIRING_LHS_Y_LOC))) + + if mload(CONTAINS_RECURSIVE_PROOF_LOC) { + // VALIDATE RECURSIVE P1 + { + let x := mload(RECURSIVE_P1_X_LOC) + let y := mload(RECURSIVE_P1_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + + // compute u.u.[recursive_p1] and write into 0x60 + mstore(0x40, mulmod(u, u, p)) + success := and(success, staticcall(gas(), 7, 0x00, 0x60, 0x60, 0x40)) + // VALIDATE RECURSIVE P2 + { + let x := mload(RECURSIVE_P2_X_LOC) + let y := mload(RECURSIVE_P2_Y_LOC) + let xx := mulmod(x, x, q) + // validate on curve + if iszero(eq(mulmod(y, y, q), addmod(mulmod(x, xx, q), 3, q))) { + mstore(0x0, POINT_NOT_ON_CURVE_SELECTOR) + revert(0x00, 0x04) + } + mstore(0x00, x) + mstore(0x20, y) + } + // compute u.u.[recursive_p2] and write into 0x00 + // 0x40 still contains u*u + success := and(success, staticcall(gas(), 7, 0x00, 0x60, 0x00, 0x40)) + + // compute u.u.[recursiveP1] + rhs and write into rhs + mstore(0xa0, mload(PAIRING_RHS_X_LOC)) + mstore(0xc0, mload(PAIRING_RHS_Y_LOC)) + success := and(success, staticcall(gas(), 6, 0x60, 0x80, PAIRING_RHS_X_LOC, 0x40)) + + // compute u.u.[recursiveP2] + lhs and write into lhs + mstore(0x40, mload(PAIRING_LHS_X_LOC)) + mstore(0x60, mload(PAIRING_LHS_Y_LOC)) + success := and(success, staticcall(gas(), 6, 0x00, 0x80, PAIRING_LHS_X_LOC, 0x40)) + } + + if iszero(success) { + mstore(0x0, PAIRING_PREAMBLE_FAILED_SELECTOR) + revert(0x00, 0x04) + } + } + + /** + * PERFORM PAIRING + */ + { + // rhs paired with [1]_2 + // lhs paired with [x]_2 + + mstore(0x00, mload(PAIRING_RHS_X_LOC)) + mstore(0x20, mload(PAIRING_RHS_Y_LOC)) + mstore(0x40, 0x198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c2) // this is [1]_2 + mstore(0x60, 0x1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed) + mstore(0x80, 0x090689d0585ff075ec9e99ad690c3395bc4b313370b38ef355acdadcd122975b) + mstore(0xa0, 0x12c85ea5db8c6deb4aab71808dcb408fe3d1e7690c43d37b4ce6cc0166fa7daa) + + mstore(0xc0, mload(PAIRING_LHS_X_LOC)) + mstore(0xe0, mload(PAIRING_LHS_Y_LOC)) + mstore(0x100, mload(G2X_X0_LOC)) + mstore(0x120, mload(G2X_X1_LOC)) + mstore(0x140, mload(G2X_Y0_LOC)) + mstore(0x160, mload(G2X_Y1_LOC)) + + success := staticcall(gas(), 8, 0x00, 0x180, 0x00, 0x20) + if iszero(and(success, mload(0x00))) { + mstore(0x0, PAIRING_FAILED_SELECTOR) + revert(0x00, 0x04) + } + } + + { + mstore(0x00, 0x01) + return(0x00, 0x20) // Proof succeeded! + } + } + } +} + +contract UltraVerifier is BaseUltraVerifier { + function getVerificationKeyHash() public pure override(BaseUltraVerifier) returns (bytes32) { + return UltraVerificationKey.verificationKeyHash(); + } + + function loadVerificationKey(uint256 vk, uint256 _omegaInverseLoc) internal pure virtual override(BaseUltraVerifier) { + UltraVerificationKey.loadVerificationKey(vk, _omegaInverseLoc); + } +} diff --git a/noir/noir-repo/compiler/integration-tests/package.json b/noir/noir-repo/compiler/integration-tests/package.json index 798b7c55312..511df534110 100644 --- a/noir/noir-repo/compiler/integration-tests/package.json +++ b/noir/noir-repo/compiler/integration-tests/package.json @@ -6,7 +6,7 @@ "scripts": { "build": "echo Integration Test build step", "test": "yarn test:browser && yarn test:node", - "test:node": "bash ./scripts/codegen-verifiers.sh && hardhat test test/node/**/*", + "test:node": "hardhat test test/node/**/*", "test:browser": "web-test-runner", "test:integration:browser": "web-test-runner test/browser/**/*.test.ts", "test:integration:browser:watch": "web-test-runner test/browser/**/*.test.ts --watch", diff --git a/noir/noir-repo/test_programs/execution_success/recursion/Nargo.toml b/noir/noir-repo/test_programs/execution_success/recursion/Nargo.toml new file mode 100644 index 00000000000..fe1ba8b1ce6 --- /dev/null +++ b/noir/noir-repo/test_programs/execution_success/recursion/Nargo.toml @@ -0,0 +1,7 @@ +[package] +name = "recursion" +type = "bin" +authors = [""] +compiler_version = ">=0.24.0" + +[dependencies] \ No newline at end of file diff --git a/noir/noir-repo/test_programs/execution_success/recursion/Prover.toml b/noir/noir-repo/test_programs/execution_success/recursion/Prover.toml new file mode 100644 index 00000000000..b00cd8661d8 --- /dev/null +++ b/noir/noir-repo/test_programs/execution_success/recursion/Prover.toml @@ -0,0 +1,4 @@ +key_hash = "0" +public_inputs = ["0"] +verification_keyproof = ['0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0'] \ No newline at end of file diff --git a/noir/noir-repo/test_programs/execution_success/recursion/src/main.nr b/noir/noir-repo/test_programs/execution_success/recursion/src/main.nr new file mode 100644 index 00000000000..f1b3875e1d4 --- /dev/null +++ b/noir/noir-repo/test_programs/execution_success/recursion/src/main.nr @@ -0,0 +1,16 @@ +use dep::std; + +// This test is used to generate artifacts for the compiler `integration-tests` +fn main( + verification_key: [Field; 114], + proof: [Field; 93], + public_inputs: [Field; 1], + key_hash: Field +) { + std::verify_proof( + verification_key.as_slice(), + proof.as_slice(), + public_inputs.as_slice(), + key_hash + ) +} diff --git a/noir/noir-repo/tooling/backend_interface/src/smart_contract.rs b/noir/noir-repo/tooling/backend_interface/src/smart_contract.rs index f6beeeb09d9..e2addeb66df 100644 --- a/noir/noir-repo/tooling/backend_interface/src/smart_contract.rs +++ b/noir/noir-repo/tooling/backend_interface/src/smart_contract.rs @@ -3,7 +3,7 @@ use crate::{ cli::{ContractCommand, WriteVkCommand}, Backend, BackendError, }; -use acvm::acir::circuit::Program; +use acvm::acir::circuit::{Circuit, Program}; use tempfile::tempdir; impl Backend { @@ -17,6 +17,7 @@ impl Backend { // Create a temporary file for the circuit let bytecode_path = temp_directory_path.join("program").with_extension("bytecode"); let serialized_program = Program::serialize_program(program); + // let serialized_program = Circuit::serialize_circuit(&program.functions[0]); write_to_file(&serialized_program, &bytecode_path); // Create the verification key and write it to the specified path diff --git a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs index ea6bf8bbb11..52b5c385e5d 100644 --- a/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs +++ b/noir/noir-repo/tooling/nargo_cli/src/cli/fs/witness.rs @@ -13,7 +13,7 @@ pub(crate) fn save_witness_to_dir>( ) -> Result { create_named_dir(witness_dir.as_ref(), "witness"); let witness_path = witness_dir.as_ref().join(witness_name).with_extension(WITNESS_EXT); - dbg!(witnesses.clone()); + // TODO(https://github.com/noir-lang/noir/issues/4428) let witness_stack: WitnessStack = witnesses.into(); let buf: Vec = witness_stack.try_into()?; From 24749d929c8e749d711e5c8d3bf3f608019ca57d Mon Sep 17 00:00:00 2001 From: vezenovm Date: Tue, 12 Mar 2024 03:12:08 +0000 Subject: [PATCH 29/29] skip recursion in acir tests --- barretenberg/acir_tests/run_acir_tests.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/barretenberg/acir_tests/run_acir_tests.sh b/barretenberg/acir_tests/run_acir_tests.sh index 88189a43438..4203d9448f9 100755 --- a/barretenberg/acir_tests/run_acir_tests.sh +++ b/barretenberg/acir_tests/run_acir_tests.sh @@ -35,7 +35,7 @@ export BIN CRS_PATH VERBOSE BRANCH cd acir_tests # Convert them to array -SKIP_ARRAY=(diamond_deps_0 workspace workspace_default_member) +SKIP_ARRAY=(diamond_deps_0 workspace workspace_default_member recursion) function test() { cd $1