-
Notifications
You must be signed in to change notification settings - Fork 266
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: deterministically deduplicate cached_partial_non_native_field_multiplication
across wasm32 and native compilations
#3425
chore: deterministically deduplicate cached_partial_non_native_field_multiplication
across wasm32 and native compilations
#3425
Conversation
Copying from slack: Context We have two ways to create proofs, either natively or via javascript Symptoms We had a bug only with ecdsa signature verification
Preliminary conclusions
Methodology
High Level: The < operator on cached_partial_non_native_field_multiplication was not implemented properly. This struct looks like this:
There were two reasons it was not implemented properly: Using == in less than operator (benign) The first is the fact it was doing an equality check, which technically it should not be doing since we are doing implementing < and not <=. The fix is to implement < as:
Notice that this does not check lo_0, hi_0 and hi_1. This is the second bug. Comparing Fields Because we were not explicitly comparing fields, we were essentially leaving this to compiler to do. I checked the cpp docs and it will actually just ignore the field types, but because the sort is not stable, it will not preserve the order of items where the a and b vectors are the same. This is a problem because we sort a vector of these structs and then iterate over the vector and for each element, we create a gate. So if the order is not deterministic, we create a different circuit. Note: I'm assuming that it was done this way because the implementor assumed that just be comparing the non-field elements would be enough to create deterministic ordering. I manually printed out every element and double checked that this is not correct. The fix:
Retro conclusion The above struct is used for non native arithmetic, so it makes sense that for algorithms that do not require it, the bug did not show up. I imagine that this would also pop up for recursion. However, I am not 100% certain because while bisecting and simplifying, there were red-herrings where the ordering coincidentally lined up resulting in the same circuit |
Benchmark resultsMetrics with a significant change:
Detailed resultsAll benchmarks are run on txs on the This benchmark source data is available in JSON format on S3 here. Values are compared against data from master at commit L2 block published to L1Each column represents the number of txs on an L2 block published to L1.
L2 chain processingEach column represents the number of blocks on the L2 chain where each block has 16 txs.
Circuits statsStats on running time and I/O sizes collected for every circuit run across all benchmarks.
MiscellaneousTransaction sizes based on how many contracts are deployed in the tx.
|
cached_partial_non_native_field_multiplication
cached_partial_non_native_field_multiplication
across wasm32 and native compilations
Longer term, we should remove the operator< and instead have something like:
|
barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp
Show resolved
Hide resolved
cached_partial_non_native_field_multiplication
across wasm32 and native compilationscached_partial_non_native_field_multiplication
across wasm32 and native compilations
barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp
Show resolved
Hide resolved
barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp
Show resolved
Hide resolved
🤖 I have created a release *beep* *boop* --- <details><summary>aztec-packages: 0.16.0</summary> ## [0.16.0](aztec-packages-v0.15.1...aztec-packages-v0.16.0) (2023-11-27) ### ⚠ BREAKING CHANGES * deprecate circuits/cpp ([#3421](#3421)) * call stack validation optimisation. ([#3387](#3387)) ### Features * Base rollup in noir ([#3257](#3257)) ([4a1e9c3](4a1e9c3)) * Call stack validation optimisation. ([#3387](#3387)) ([d06d5db](d06d5db)) * Goblin proof construction ([#3332](#3332)) ([6a7ebb6](6a7ebb6)) * More logs relevant for debugging failures of 2 pixies test ([#3370](#3370)) ([683a0f3](683a0f3)) * Noir subrepo. ([#3369](#3369)) ([d94d88b](d94d88b)) * Noir_wasm compilation of noir programs ([#3272](#3272)) ([f9981d5](f9981d5)) * Rollback public state changes on failure ([#3393](#3393)) ([0e276fb](0e276fb)) ### Bug Fixes * **docs:** Doc explaining noir debug_log ([#3322](#3322)) ([eed023d](eed023d)) * Naming inconsistency in private kernel ([#3384](#3384)) ([4743486](4743486)) * Race condition in `PXE.getTxReceipt(...)` ([#3411](#3411)) ([9557a66](9557a66)) ### Miscellaneous * Deprecate circuits/cpp ([#3421](#3421)) ([4973cfb](4973cfb)) * Deterministically deduplicate `cached_partial_non_native_field_multiplication` across wasm32 and native compilations ([#3425](#3425)) ([5524933](5524933)) * **docs:** Common patterns and anti patterns in aztec.nr ([#3413](#3413)) ([65bd855](65bd855)) * Fix and reenable e2e quick start ([#3403](#3403)) ([112740e](112740e)), closes [#3356](#3356) * Fix intermittent failures for block-building e2e test ([#3404](#3404)) ([e76e2d4](e76e2d4)), closes [#3358](#3358) * Formatted `noir-contracts` and `aztec-nr` ([a73c4aa](a73c4aa)) * Initial clone of noir to subrepo ([#3409](#3409)) ([8f1cb83](8f1cb83)) * **noir-contracts:** Remove redundant return value of 1 ([#3415](#3415)) ([2001d47](2001d47)), closes [#2615](#2615) * Plumbs noir subrepo into yarn-project. ([#3420](#3420)) ([63173c4](63173c4)) * Remove pxe / node /p2p-bootstrap docker images ([#3396](#3396)) ([c236143](c236143)) * Skip artifacts for prettier ([#3399](#3399)) ([98d9e04](98d9e04)) * Update path to acir artifacts ([#3426](#3426)) ([f56f88d](f56f88d)) </details> <details><summary>barretenberg.js: 0.16.0</summary> ## [0.16.0](barretenberg.js-v0.15.1...barretenberg.js-v0.16.0) (2023-11-27) ### Miscellaneous * Plumbs noir subrepo into yarn-project. ([#3420](#3420)) ([63173c4](63173c4)) </details> <details><summary>barretenberg: 0.16.0</summary> ## [0.16.0](barretenberg-v0.15.1...barretenberg-v0.16.0) (2023-11-27) ### Features * Goblin proof construction ([#3332](#3332)) ([6a7ebb6](6a7ebb6)) * Noir subrepo. ([#3369](#3369)) ([d94d88b](d94d88b)) ### Miscellaneous * Deterministically deduplicate `cached_partial_non_native_field_multiplication` across wasm32 and native compilations ([#3425](#3425)) ([5524933](5524933)) * Plumbs noir subrepo into yarn-project. ([#3420](#3420)) ([63173c4](63173c4)) * Update path to acir artifacts ([#3426](#3426)) ([f56f88d](f56f88d)) </details> --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
🤖 I have created a release *beep* *boop* --- <details><summary>aztec-packages: 0.16.0</summary> ## [0.16.0](AztecProtocol/aztec-packages@aztec-packages-v0.15.1...aztec-packages-v0.16.0) (2023-11-27) ### ⚠ BREAKING CHANGES * deprecate circuits/cpp ([#3421](AztecProtocol/aztec-packages#3421)) * call stack validation optimisation. ([#3387](AztecProtocol/aztec-packages#3387)) ### Features * Base rollup in noir ([#3257](AztecProtocol/aztec-packages#3257)) ([4a1e9c3](AztecProtocol/aztec-packages@4a1e9c3)) * Call stack validation optimisation. ([#3387](AztecProtocol/aztec-packages#3387)) ([d06d5db](AztecProtocol/aztec-packages@d06d5db)) * Goblin proof construction ([#3332](AztecProtocol/aztec-packages#3332)) ([6a7ebb6](AztecProtocol/aztec-packages@6a7ebb6)) * More logs relevant for debugging failures of 2 pixies test ([#3370](AztecProtocol/aztec-packages#3370)) ([683a0f3](AztecProtocol/aztec-packages@683a0f3)) * Noir subrepo. ([#3369](AztecProtocol/aztec-packages#3369)) ([d94d88b](AztecProtocol/aztec-packages@d94d88b)) * Noir_wasm compilation of noir programs ([#3272](AztecProtocol/aztec-packages#3272)) ([f9981d5](AztecProtocol/aztec-packages@f9981d5)) * Rollback public state changes on failure ([#3393](AztecProtocol/aztec-packages#3393)) ([0e276fb](AztecProtocol/aztec-packages@0e276fb)) ### Bug Fixes * **docs:** Doc explaining noir debug_log ([#3322](AztecProtocol/aztec-packages#3322)) ([eed023d](AztecProtocol/aztec-packages@eed023d)) * Naming inconsistency in private kernel ([#3384](AztecProtocol/aztec-packages#3384)) ([4743486](AztecProtocol/aztec-packages@4743486)) * Race condition in `PXE.getTxReceipt(...)` ([#3411](AztecProtocol/aztec-packages#3411)) ([9557a66](AztecProtocol/aztec-packages@9557a66)) ### Miscellaneous * Deprecate circuits/cpp ([#3421](AztecProtocol/aztec-packages#3421)) ([4973cfb](AztecProtocol/aztec-packages@4973cfb)) * Deterministically deduplicate `cached_partial_non_native_field_multiplication` across wasm32 and native compilations ([#3425](AztecProtocol/aztec-packages#3425)) ([5524933](AztecProtocol/aztec-packages@5524933)) * **docs:** Common patterns and anti patterns in aztec.nr ([#3413](AztecProtocol/aztec-packages#3413)) ([65bd855](AztecProtocol/aztec-packages@65bd855)) * Fix and reenable e2e quick start ([#3403](AztecProtocol/aztec-packages#3403)) ([112740e](AztecProtocol/aztec-packages@112740e)), closes [#3356](AztecProtocol/aztec-packages#3356) * Fix intermittent failures for block-building e2e test ([#3404](AztecProtocol/aztec-packages#3404)) ([e76e2d4](AztecProtocol/aztec-packages@e76e2d4)), closes [#3358](AztecProtocol/aztec-packages#3358) * Formatted `noir-contracts` and `aztec-nr` ([a73c4aa](AztecProtocol/aztec-packages@a73c4aa)) * Initial clone of noir to subrepo ([#3409](AztecProtocol/aztec-packages#3409)) ([8f1cb83](AztecProtocol/aztec-packages@8f1cb83)) * **noir-contracts:** Remove redundant return value of 1 ([#3415](AztecProtocol/aztec-packages#3415)) ([2001d47](AztecProtocol/aztec-packages@2001d47)), closes [#2615](AztecProtocol/aztec-packages#2615) * Plumbs noir subrepo into yarn-project. ([#3420](AztecProtocol/aztec-packages#3420)) ([63173c4](AztecProtocol/aztec-packages@63173c4)) * Remove pxe / node /p2p-bootstrap docker images ([#3396](AztecProtocol/aztec-packages#3396)) ([c236143](AztecProtocol/aztec-packages@c236143)) * Skip artifacts for prettier ([#3399](AztecProtocol/aztec-packages#3399)) ([98d9e04](AztecProtocol/aztec-packages@98d9e04)) * Update path to acir artifacts ([#3426](AztecProtocol/aztec-packages#3426)) ([f56f88d](AztecProtocol/aztec-packages@f56f88d)) </details> <details><summary>barretenberg.js: 0.16.0</summary> ## [0.16.0](AztecProtocol/aztec-packages@barretenberg.js-v0.15.1...barretenberg.js-v0.16.0) (2023-11-27) ### Miscellaneous * Plumbs noir subrepo into yarn-project. ([#3420](AztecProtocol/aztec-packages#3420)) ([63173c4](AztecProtocol/aztec-packages@63173c4)) </details> <details><summary>barretenberg: 0.16.0</summary> ## [0.16.0](AztecProtocol/aztec-packages@barretenberg-v0.15.1...barretenberg-v0.16.0) (2023-11-27) ### Features * Goblin proof construction ([#3332](AztecProtocol/aztec-packages#3332)) ([6a7ebb6](AztecProtocol/aztec-packages@6a7ebb6)) * Noir subrepo. ([#3369](AztecProtocol/aztec-packages#3369)) ([d94d88b](AztecProtocol/aztec-packages@d94d88b)) ### Miscellaneous * Deterministically deduplicate `cached_partial_non_native_field_multiplication` across wasm32 and native compilations ([#3425](AztecProtocol/aztec-packages#3425)) ([5524933](AztecProtocol/aztec-packages@5524933)) * Plumbs noir subrepo into yarn-project. ([#3420](AztecProtocol/aztec-packages#3420)) ([63173c4](AztecProtocol/aztec-packages@63173c4)) * Update path to acir artifacts ([#3426](AztecProtocol/aztec-packages#3426)) ([f56f88d](AztecProtocol/aztec-packages@f56f88d)) </details> --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
This essentially fixes the implementation of < on the struct in question
Read comment below for more context.
Checklist:
Remove the checklist to signal you've completed it. Enable auto-merge if the PR is ready to merge.