From 5e036889f8fec8eaa841a2e3cff3b60b3e393607 Mon Sep 17 00:00:00 2001 From: codygunton Date: Wed, 12 Apr 2023 22:17:11 +0000 Subject: [PATCH] WIP --- .../dsl/acir_format/acir_format.hpp | 2 +- .../dsl/acir_format/blake2s_constraint.hpp | 2 +- .../dsl/acir_format/ecdsa_secp256k1.hpp | 2 +- .../dsl/acir_format/fixed_base_scalar_mul.hpp | 2 +- .../dsl/acir_format/hash_to_field.hpp | 2 +- .../dsl/acir_format/logic_constraint.hpp | 2 +- .../merkle_membership_constraint.hpp | 2 +- .../barretenberg/dsl/acir_format/pedersen.hpp | 2 +- .../dsl/acir_format/schnorr_verify.hpp | 2 +- .../dsl/acir_format/sha256_constraint.hpp | 2 +- .../dsl/acir_proofs/acir_proofs.cpp | 2 +- cpp/src/barretenberg/dsl/types.hpp | 83 ++ .../honk/proof_system/verifier.cpp | 1 - .../honk/proof_system/verifier.test.cpp | 1 - .../proofs/join_split/join_split.hpp | 2 - .../proofs/join_split/join_split_circuit.cpp | 32 +- .../proofs/join_split/join_split_circuit.hpp | 17 +- .../proofs/join_split/join_split_tx.hpp | 3 - .../proofs/mock/mock_circuit.test.cpp | 3 +- .../notes/circuit/account/account_note.hpp | 3 - .../proofs/notes/circuit/account/commit.hpp | 18 +- .../proofs/notes/circuit/asset_id.cpp | 19 +- .../proofs/notes/circuit/asset_id.hpp | 11 +- .../proofs/notes/circuit/bridge_call_data.hpp | 8 +- .../proofs/notes/circuit/claim/claim_note.hpp | 39 +- .../claim/complete_partial_commitment.hpp | 13 +- .../notes/circuit/claim/compute_nullifier.hpp | 3 - .../claim/create_partial_commitment.hpp | 20 +- .../notes/circuit/claim/witness_data.hpp | 3 - .../value/complete_partial_commitment.hpp | 13 +- .../notes/circuit/value/compute_nullifier.cpp | 17 +- .../notes/circuit/value/compute_nullifier.hpp | 13 +- .../circuit/value/compute_nullifier.test.cpp | 8 +- .../value/create_partial_commitment.hpp | 13 +- .../proofs/notes/circuit/value/value_note.hpp | 24 +- .../notes/circuit/value/witness_data.hpp | 17 +- .../plonk/proof_system/constants.hpp | 9 - .../plonk/proof_system/prover/c_bind.cpp | 5 +- .../proof_system/prover/c_bind_unrolled.cpp | 40 +- .../encryption/schnorr/schnorr.test.cpp | 692 ++++++------- .../stdlib/hash/blake2s/blake2s.test.cpp | 156 +-- .../stdlib/hash/sha256/sha256.bench.cpp | 152 +-- .../stdlib/hash/sha256/sha256.test.cpp | 912 +++++++++--------- .../barretenberg/stdlib/merkle_tree/hash.hpp | 24 +- .../stdlib/merkle_tree/hash.test.cpp | 118 +-- .../stdlib/merkle_tree/membership.test.cpp | 490 +++++----- .../stdlib/merkle_tree/merkle_tree.test.cpp | 260 ++--- .../primitives/byte_array/byte_array.test.cpp | 1 - .../stdlib/primitives/group/group.test.cpp | 2 +- .../packed_byte_array.test.cpp | 1 - .../primitives/safe_uint/safe_uint.test.cpp | 1 - cpp/src/barretenberg/stdlib/types/types.hpp | 89 -- 52 files changed, 1670 insertions(+), 1688 deletions(-) create mode 100644 cpp/src/barretenberg/dsl/types.hpp delete mode 100644 cpp/src/barretenberg/stdlib/types/types.hpp diff --git a/cpp/src/barretenberg/dsl/acir_format/acir_format.hpp b/cpp/src/barretenberg/dsl/acir_format/acir_format.hpp index 55d5ee969e..210cf0cdda 100644 --- a/cpp/src/barretenberg/dsl/acir_format/acir_format.hpp +++ b/cpp/src/barretenberg/dsl/acir_format/acir_format.hpp @@ -9,7 +9,7 @@ #include "merkle_membership_constraint.hpp" #include "pedersen.hpp" #include "hash_to_field.hpp" -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/dsl/types.hpp" namespace acir_format { diff --git a/cpp/src/barretenberg/dsl/acir_format/blake2s_constraint.hpp b/cpp/src/barretenberg/dsl/acir_format/blake2s_constraint.hpp index 643eb1e39b..ec6c73cc6c 100644 --- a/cpp/src/barretenberg/dsl/acir_format/blake2s_constraint.hpp +++ b/cpp/src/barretenberg/dsl/acir_format/blake2s_constraint.hpp @@ -1,7 +1,7 @@ #pragma once #include #include -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/dsl/types.hpp" namespace acir_format { diff --git a/cpp/src/barretenberg/dsl/acir_format/ecdsa_secp256k1.hpp b/cpp/src/barretenberg/dsl/acir_format/ecdsa_secp256k1.hpp index 9fee1b035a..113f03a052 100644 --- a/cpp/src/barretenberg/dsl/acir_format/ecdsa_secp256k1.hpp +++ b/cpp/src/barretenberg/dsl/acir_format/ecdsa_secp256k1.hpp @@ -1,6 +1,6 @@ #pragma once #include -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/dsl/types.hpp" namespace acir_format { diff --git a/cpp/src/barretenberg/dsl/acir_format/fixed_base_scalar_mul.hpp b/cpp/src/barretenberg/dsl/acir_format/fixed_base_scalar_mul.hpp index 2b61305a5c..237df8a10b 100644 --- a/cpp/src/barretenberg/dsl/acir_format/fixed_base_scalar_mul.hpp +++ b/cpp/src/barretenberg/dsl/acir_format/fixed_base_scalar_mul.hpp @@ -1,6 +1,6 @@ #pragma once #include -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/dsl/types.hpp" namespace acir_format { diff --git a/cpp/src/barretenberg/dsl/acir_format/hash_to_field.hpp b/cpp/src/barretenberg/dsl/acir_format/hash_to_field.hpp index 275ce3fd0d..63389ede58 100644 --- a/cpp/src/barretenberg/dsl/acir_format/hash_to_field.hpp +++ b/cpp/src/barretenberg/dsl/acir_format/hash_to_field.hpp @@ -1,7 +1,7 @@ #pragma once #include #include -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/dsl/types.hpp" namespace acir_format { diff --git a/cpp/src/barretenberg/dsl/acir_format/logic_constraint.hpp b/cpp/src/barretenberg/dsl/acir_format/logic_constraint.hpp index 0a194838ad..1a3fe581af 100644 --- a/cpp/src/barretenberg/dsl/acir_format/logic_constraint.hpp +++ b/cpp/src/barretenberg/dsl/acir_format/logic_constraint.hpp @@ -1,6 +1,6 @@ #pragma once #include -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/dsl/types.hpp" namespace acir_format { diff --git a/cpp/src/barretenberg/dsl/acir_format/merkle_membership_constraint.hpp b/cpp/src/barretenberg/dsl/acir_format/merkle_membership_constraint.hpp index 1fa1481e88..d3a8eee451 100644 --- a/cpp/src/barretenberg/dsl/acir_format/merkle_membership_constraint.hpp +++ b/cpp/src/barretenberg/dsl/acir_format/merkle_membership_constraint.hpp @@ -1,6 +1,6 @@ #pragma once #include -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/dsl/types.hpp" namespace acir_format { diff --git a/cpp/src/barretenberg/dsl/acir_format/pedersen.hpp b/cpp/src/barretenberg/dsl/acir_format/pedersen.hpp index b801d2a8f2..8f74d9654a 100644 --- a/cpp/src/barretenberg/dsl/acir_format/pedersen.hpp +++ b/cpp/src/barretenberg/dsl/acir_format/pedersen.hpp @@ -1,6 +1,6 @@ #pragma once #include -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/dsl/types.hpp" namespace acir_format { diff --git a/cpp/src/barretenberg/dsl/acir_format/schnorr_verify.hpp b/cpp/src/barretenberg/dsl/acir_format/schnorr_verify.hpp index f8e6b9c53f..3d0865f634 100644 --- a/cpp/src/barretenberg/dsl/acir_format/schnorr_verify.hpp +++ b/cpp/src/barretenberg/dsl/acir_format/schnorr_verify.hpp @@ -1,6 +1,6 @@ #pragma once #include -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/dsl/types.hpp" namespace acir_format { diff --git a/cpp/src/barretenberg/dsl/acir_format/sha256_constraint.hpp b/cpp/src/barretenberg/dsl/acir_format/sha256_constraint.hpp index dec3bca40a..f6a15c70fe 100644 --- a/cpp/src/barretenberg/dsl/acir_format/sha256_constraint.hpp +++ b/cpp/src/barretenberg/dsl/acir_format/sha256_constraint.hpp @@ -1,7 +1,7 @@ #pragma once #include #include -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/dsl/types.hpp" namespace acir_format { diff --git a/cpp/src/barretenberg/dsl/acir_proofs/acir_proofs.cpp b/cpp/src/barretenberg/dsl/acir_proofs/acir_proofs.cpp index bbcb24c42c..cb692a417b 100644 --- a/cpp/src/barretenberg/dsl/acir_proofs/acir_proofs.cpp +++ b/cpp/src/barretenberg/dsl/acir_proofs/acir_proofs.cpp @@ -2,7 +2,7 @@ #include "acir_proofs.hpp" #include "barretenberg/plonk/proof_system/proving_key/serialize.hpp" #include "barretenberg/dsl/acir_format/acir_format.hpp" -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/dsl/types.hpp" #include "barretenberg/srs/reference_string/pippenger_reference_string.hpp" #include "barretenberg/plonk/proof_system/verification_key/sol_gen.hpp" diff --git a/cpp/src/barretenberg/dsl/types.hpp b/cpp/src/barretenberg/dsl/types.hpp new file mode 100644 index 0000000000..32b2d5fd7c --- /dev/null +++ b/cpp/src/barretenberg/dsl/types.hpp @@ -0,0 +1,83 @@ +#pragma once +#include "barretenberg/plonk/composer/splitting_tmp/ultra_plonk_composer.hpp" +#include "barretenberg/plonk/proof_system/constants.hpp" +#include "barretenberg/plonk/composer/standard_composer.hpp" +#include "barretenberg/plonk/composer/turbo_composer.hpp" +#include "barretenberg/plonk/composer/ultra_composer.hpp" +#include "barretenberg/plonk/proof_system/prover/prover.hpp" +#include "barretenberg/stdlib/primitives/bigfield/bigfield.hpp" +#include "barretenberg/stdlib/primitives/biggroup/biggroup.hpp" +#include "barretenberg/stdlib/primitives/bit_array/bit_array.hpp" +#include "barretenberg/stdlib/primitives/bool/bool.hpp" +#include "barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.hpp" +#include "barretenberg/stdlib/primitives/byte_array/byte_array.hpp" +#include "barretenberg/stdlib/primitives/uint/uint.hpp" +#include "barretenberg/stdlib/primitives/witness/witness.hpp" +#include "barretenberg/stdlib/primitives/bigfield/bigfield.hpp" +#include "barretenberg/stdlib/primitives/biggroup/biggroup.hpp" +#include "barretenberg/stdlib/commitment/pedersen/pedersen.hpp" +#include "barretenberg/stdlib/commitment/pedersen/pedersen_plookup.hpp" +#include "barretenberg/stdlib/merkle_tree/hash_path.hpp" +#include "barretenberg/stdlib/encryption/schnorr/schnorr.hpp" +#include "barretenberg/stdlib/primitives/curves/bn254.hpp" +#include "barretenberg/stdlib/primitives/curves/secp256k1.hpp" +#include "barretenberg/stdlib/primitives/memory/rom_table.hpp" +#include "barretenberg/stdlib/recursion/verifier/program_settings.hpp" +#include "barretenberg/stdlib/primitives/memory/ram_table.hpp" +#include "barretenberg/stdlib/primitives/memory/rom_table.hpp" +#include "barretenberg/stdlib/primitives/memory/dynamic_array.hpp" + +namespace acir_format { + +using NoirComposer = plonk::UltraComposer; + +using Prover = std::conditional_t< + std::same_as, + plonk::UltraWithKeccakProver, + std::conditional_t, plonk::TurboProver, plonk::Prover>>; + +using Verifier = std::conditional_t< + std::same_as, + plonk::UltraWithKeccakVerifier, + std::conditional_t, plonk::TurboVerifier, plonk::Verifier>>; + +using witness_ct = proof_system::plonk::stdlib::witness_t; +using public_witness_ct = proof_system::plonk::stdlib::public_witness_t; +using bool_ct = proof_system::plonk::stdlib::bool_t; +using byte_array_ct = proof_system::plonk::stdlib::byte_array; +using packed_byte_array_ct = proof_system::plonk::stdlib::packed_byte_array; +using field_ct = proof_system::plonk::stdlib::field_t; +using suint_ct = proof_system::plonk::stdlib::safe_uint_t; +using uint8_ct = proof_system::plonk::stdlib::uint8; +using uint16_ct = proof_system::plonk::stdlib::uint16; +using uint32_ct = proof_system::plonk::stdlib::uint32; +using uint64_ct = proof_system::plonk::stdlib::uint64; +using bit_array_ct = proof_system::plonk::stdlib::bit_array; +using fq_ct = proof_system::plonk::stdlib::bigfield; +using biggroup_ct = proof_system::plonk::stdlib::element; +using point_ct = proof_system::plonk::stdlib::point; +using pedersen_commitment = proof_system::plonk::stdlib::pedersen_commitment; +using group_ct = proof_system::plonk::stdlib::group; +using bn254 = proof_system::plonk::stdlib::bn254; +using secp256k1_ct = proof_system::plonk::stdlib::secp256k1; + +namespace merkle_tree { +using namespace proof_system::plonk::stdlib::merkle_tree; +using hash_path = proof_system::plonk::stdlib::merkle_tree::hash_path; +} // namespace merkle_tree + +namespace schnorr { +using signature_bits = proof_system::plonk::stdlib::schnorr::signature_bits; +} // namespace schnorr + +// Ultra-composer specific typesv +using rom_table_ct = proof_system::plonk::stdlib::rom_table; + +// NOTE: In ultra setting, recursive verifier settings are incompatible with the settings used by Noir. +// TODO: remove? +using recursive_inner_verifier_settings = + std::conditional_t, + proof_system::plonk::stdlib::recursion::recursive_ultra_verifier_settings, + proof_system::plonk::stdlib::recursion::recursive_turbo_verifier_settings>; + +} // namespace acir_format diff --git a/cpp/src/barretenberg/honk/proof_system/verifier.cpp b/cpp/src/barretenberg/honk/proof_system/verifier.cpp index 26e4b7e033..b26f10fa47 100644 --- a/cpp/src/barretenberg/honk/proof_system/verifier.cpp +++ b/cpp/src/barretenberg/honk/proof_system/verifier.cpp @@ -3,7 +3,6 @@ #include #include #include "barretenberg/honk/transcript/transcript.hpp" -#include "barretenberg/plonk/proof_system/constants.hpp" #include "./verifier.hpp" #include "barretenberg/plonk/proof_system/public_inputs/public_inputs.hpp" #include "barretenberg/ecc/curves/bn254/fr.hpp" diff --git a/cpp/src/barretenberg/honk/proof_system/verifier.test.cpp b/cpp/src/barretenberg/honk/proof_system/verifier.test.cpp index b98d39e893..903ea36adb 100644 --- a/cpp/src/barretenberg/honk/proof_system/verifier.test.cpp +++ b/cpp/src/barretenberg/honk/proof_system/verifier.test.cpp @@ -1,5 +1,4 @@ #include "barretenberg/numeric/bitop/get_msb.hpp" -#include "barretenberg/plonk/proof_system/constants.hpp" #include "barretenberg/polynomials/polynomial.hpp" #include "barretenberg/honk/flavor/flavor.hpp" #include "prover.hpp" diff --git a/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split.hpp b/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split.hpp index 6c9b4ac5ab..dda4a4477e 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split.hpp @@ -1,14 +1,12 @@ #pragma once #include "join_split_tx.hpp" #include "barretenberg/srs/reference_string/mem_reference_string.hpp" -#include "barretenberg/stdlib/types/types.hpp" namespace join_split_example { namespace proofs { namespace join_split { using namespace proof_system::plonk::stdlib::merkle_tree; -using namespace proof_system::plonk::stdlib::types; void init_proving_key(std::shared_ptr const& crs_factory, bool mock); diff --git a/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split_circuit.cpp b/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split_circuit.cpp index a0061cde88..424cd1c61c 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split_circuit.cpp +++ b/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split_circuit.cpp @@ -4,6 +4,8 @@ #include "../notes/circuit/value/value_note.hpp" #include "../notes/circuit/account/account_note.hpp" #include "../notes/circuit/claim/claim_note.hpp" +#include "barretenberg/stdlib/primitives/bool/bool.hpp" +#include "barretenberg/stdlib/primitives/safe_uint/safe_uint.hpp" #include "verify_signature.hpp" #include "barretenberg/stdlib/merkle_tree/membership.hpp" @@ -20,14 +22,16 @@ using namespace proof_system::plonk::stdlib::merkle_tree; * The note does not need to exist in the tree if it's not real, or if it's consumed (i.e. propagated = input). * Return the nullifier for the input note. If the input note is consumed, the nullifier becomes 0. */ -field_ct process_input_note(field_ct const& account_private_key, - field_ct const& merkle_root, - merkle_tree::hash_path const& hash_path, - suint_ct const& index, - value::value_note const& note, - bool_ct is_propagated, - bool_ct is_note_in_use) +template +stdlib::field_t process_input_note(stdlib::field_t const& account_private_key, + stdlib::field_t const& merkle_root, + stdlib::merkle_tree::hash_path const& hash_path, + stdlib::safe_uint_t const& index, + value::value_note const& note, + stdlib::bool_t is_propagated, + stdlib::bool_t is_note_in_use) { + using bool_ct = stdlib::bool_t; const bool_ct valid_value = note.value == 0 || is_note_in_use; valid_value.assert_equal(true, "padding note non zero"); @@ -39,8 +43,14 @@ field_ct process_input_note(field_ct const& account_private_key, return compute_nullifier(note.commitment, account_private_key, is_note_in_use); } -join_split_outputs join_split_circuit_component(join_split_inputs const& inputs) +template +join_split_outputs join_split_circuit_component(join_split_inputs const& inputs) { + using field_ct = stdlib::field_t; + using bool_ct = stdlib::bool_t; + using point_ct = stdlib::point; + using suint_ct = stdlib::safe_uint_t; + const bool_ct is_deposit = inputs.proof_id == field_ct(ProofIds::DEPOSIT); const bool_ct is_withdraw = inputs.proof_id == field_ct(ProofIds::WITHDRAW); const bool_ct is_send = inputs.proof_id == field_ct(ProofIds::SEND); @@ -269,6 +279,12 @@ join_split_outputs join_split_circuit_component(join_split_inputs const& inputs) void join_split_circuit(Composer& composer, join_split_tx const& tx) { + using field_ct = stdlib::field_t; + using bool_ct = stdlib::bool_t; + using point_ct = stdlib::point; + using suint_ct = stdlib::safe_uint_t; + using witness_ct = stdlib::witness_t; + join_split_inputs inputs = { .proof_id = witness_ct(&composer, tx.proof_id), .public_value = suint_ct(witness_ct(&composer, tx.public_value), NOTE_VALUE_BIT_LENGTH, "public_value"), diff --git a/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split_circuit.hpp b/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split_circuit.hpp index b8821989b4..47495176ae 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split_circuit.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split_circuit.hpp @@ -1,17 +1,18 @@ #pragma once +#include "barretenberg/stdlib/primitives/safe_uint/safe_uint.hpp" #include "join_split_tx.hpp" #include "../notes/circuit/value/witness_data.hpp" #include "../notes/circuit/claim/witness_data.hpp" #include "barretenberg/crypto/schnorr/schnorr.hpp" -#include "barretenberg/stdlib/types/types.hpp" namespace join_split_example { namespace proofs { namespace join_split { -using namespace proof_system::plonk::stdlib::types; +template struct join_split_inputs { + using field_ct = field_t; + using suint_ct = stdlib::safe_uint_t; -struct join_split_inputs { field_ct proof_id; suint_ct public_value; field_ct public_owner; @@ -33,12 +34,13 @@ struct join_split_inputs { merkle_tree::hash_path account_note_path; field_ct account_private_key; suint_ct alias_hash; - bool_ct account_required; + bool_t account_required; field_ct backward_link; field_ct allow_chain; }; -struct join_split_outputs { +template struct join_split_outputs { + using field_ct = field_t; field_ct nullifier1; field_ct nullifier2; field_ct output_note1; @@ -49,9 +51,10 @@ struct join_split_outputs { field_ct defi_deposit_value; }; -join_split_outputs join_split_circuit_component(join_split_inputs const& inputs); +template +join_split_outputs join_split_circuit_component(join_split_inputs const& inputs); -void join_split_circuit(Composer& composer, join_split_tx const& tx); +template void join_split_circuit(Composer& composer, join_split_tx const& tx); } // namespace join_split } // namespace proofs diff --git a/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split_tx.hpp b/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split_tx.hpp index 4dae8f30e3..7a67b5464e 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split_tx.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/join_split/join_split_tx.hpp @@ -3,14 +3,11 @@ #include "../notes/native/value/value_note.hpp" #include "barretenberg/crypto/schnorr/schnorr.hpp" #include "barretenberg/stdlib/merkle_tree/hash_path.hpp" -#include "barretenberg/stdlib/types/types.hpp" namespace join_split_example { namespace proofs { namespace join_split { -using namespace proof_system::plonk::stdlib::types; - struct join_split_tx { uint32_t proof_id; uint256_t public_value; diff --git a/cpp/src/barretenberg/join_split_example/proofs/mock/mock_circuit.test.cpp b/cpp/src/barretenberg/join_split_example/proofs/mock/mock_circuit.test.cpp index 2188725010..fa8f8d844f 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/mock/mock_circuit.test.cpp +++ b/cpp/src/barretenberg/join_split_example/proofs/mock/mock_circuit.test.cpp @@ -1,9 +1,8 @@ #include "mock_circuit.hpp" #include "../join_split/join_split_tx.hpp" #include "barretenberg/common/test.hpp" -#include "barretenberg/stdlib/types/types.hpp" -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; namespace rollup { namespace proofs { diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/account/account_note.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/account/account_note.hpp index 334b2edfc3..641d0ef5ce 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/account/account_note.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/account/account_note.hpp @@ -1,5 +1,4 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" #include "commit.hpp" namespace join_split_example { @@ -8,8 +7,6 @@ namespace notes { namespace circuit { namespace account { -using namespace proof_system::plonk::stdlib::types; - struct account_note { field_ct account_alias_hash; point_ct account_public_key; diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/account/commit.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/account/commit.hpp index 497644a951..ec25998ca3 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/account/commit.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/account/commit.hpp @@ -1,6 +1,7 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" -#include "../../constants.hpp" +#include "barretenberg/stdlib/commitment/pedersen/pedersen.hpp" +#include "barretenberg/stdlib/primitives/point/point.hpp" +#include "barretenberg/join_split_example/proofs/notes/constants.hpp" namespace join_split_example { namespace proofs { @@ -8,19 +9,20 @@ namespace notes { namespace circuit { namespace account { -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; -inline auto commit(field_ct const& account_alias_hash, - point_ct const& account_public_key, - point_ct const& signing_pub_key) +template +inline auto commit(field_t const& account_alias_hash, + point const& account_public_key, + point const& signing_pub_key) { - return pedersen_commitment::compress( + return pedersen_commitment::compress( { account_alias_hash, account_public_key.x, signing_pub_key.x, }, - GeneratorIndex::ACCOUNT_NOTE_COMMITMENT); + join_split_example::proofs::notes::GeneratorIndex::ACCOUNT_NOTE_COMMITMENT); } } // namespace account diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/asset_id.cpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/asset_id.cpp index 5163231bc5..73d35f8e40 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/asset_id.cpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/asset_id.cpp @@ -1,11 +1,16 @@ -#include "barretenberg/stdlib/types/types.hpp" -#include "../constants.hpp" +#pragma once +#include "../../native/value/value_note.hpp" +#include "barretenberg/stdlib/primitives/safe_uint/safe_uint.hpp" +#include "barretenberg/stdlib/primitives/field/field.hpp" +#include "barretenberg/stdlib/primitives/bool/bool.hpp" +#include "barretenberg/join_split_example/constants.hpp" namespace join_split_example::proofs::notes::circuit { -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; -std::pair deflag_asset_id(suint_ct const& asset_id) +template +std::pair, safe_uint_t> deflag_asset_id(safe_uint_t const& asset_id) { const auto virtual_idx = MAX_NUM_ASSETS_BIT_LENGTH - 1; // bit 29 @@ -16,13 +21,13 @@ std::pair deflag_asset_id(suint_ct const& asset_id) // A virtual note does not have an ERC20 token equivalent and exists only inside the Aztec network. // The low 29 bits of the asset id represent the defi interaction nonce of the defi interaction that created the // note. - const bool_ct is_virtual = sliced_asset_id[1] == 1; - const suint_ct& deflagged_asset_id = sliced_asset_id[0]; + const bool_t is_virtual = sliced_asset_id[1] == 1; + const safe_uint_t& deflagged_asset_id = sliced_asset_id[0]; return { is_virtual, deflagged_asset_id }; } -bool_ct get_asset_id_flag(suint_ct const& asset_id) +template bool_t get_asset_id_flag(safe_uint_t const& asset_id) { const auto& [is_virtual, _] = deflag_asset_id(asset_id); return is_virtual; diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/asset_id.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/asset_id.hpp index 3c67f16695..618c1f4a37 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/asset_id.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/asset_id.hpp @@ -1,12 +1,15 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" +#include "../../native/value/value_note.hpp" +#include "barretenberg/stdlib/primitives/safe_uint/safe_uint.hpp" +#include "barretenberg/stdlib/primitives/bool/bool.hpp" namespace join_split_example::proofs::notes::circuit { -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; -std::pair deflag_asset_id(suint_ct const& asset_id); +template +std::pair, safe_uint_t> deflag_asset_id(safe_uint_t const& asset_id); -bool_ct get_asset_id_flag(suint_ct const& asset_id); +template bool_t get_asset_id_flag(safe_uint_t const& asset_id); } // namespace join_split_example::proofs::notes::circuit diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/bridge_call_data.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/bridge_call_data.hpp index f5b1bbd319..b74292c934 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/bridge_call_data.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/bridge_call_data.hpp @@ -1,5 +1,4 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" #include "../native/bridge_call_data.hpp" #include "./asset_id.hpp" #include "../constants.hpp" @@ -9,7 +8,7 @@ namespace proofs { namespace notes { namespace circuit { -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; constexpr uint32_t input_asset_id_a_shift = DEFI_BRIDGE_ADDRESS_ID_LEN; constexpr uint32_t input_asset_id_b_shift = input_asset_id_a_shift + DEFI_BRIDGE_INPUT_A_ASSET_ID_LEN; @@ -18,8 +17,9 @@ constexpr uint32_t output_asset_id_b_shift = output_asset_id_a_shift + DEFI_BRID constexpr uint32_t bitconfig_shift = output_asset_id_b_shift + DEFI_BRIDGE_OUTPUT_B_ASSET_ID_LEN; constexpr uint32_t aux_data_shift = bitconfig_shift + DEFI_BRIDGE_BITCONFIG_LEN; -struct bridge_call_data { - +template struct bridge_call_data { + using bool_ct = bool_t; + using suint_ct = safe_uint_t; /** * The 32-bit bit_config comprises the following: * diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/claim_note.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/claim_note.hpp index 8021265a43..8d442a2335 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/claim_note.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/claim_note.hpp @@ -1,5 +1,6 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/stdlib/primitives/byte_array/byte_array.hpp" +#include "barretenberg/stdlib/primitives/safe_uint/safe_uint.hpp" #include "../bridge_call_data.hpp" #include "witness_data.hpp" #include "../value/create_partial_commitment.hpp" @@ -12,18 +13,18 @@ namespace notes { namespace circuit { namespace claim { -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; -struct partial_claim_note { - suint_ct deposit_value; - suint_ct bridge_call_data; - field_ct value_note_partial_commitment; - field_ct input_nullifier; - field_ct partial_commitment; +template struct partial_claim_note { + safe_uint_t deposit_value; + safe_uint_t bridge_call_data; + field_t value_note_partial_commitment; + field_t input_nullifier; + field_t partial_commitment; partial_claim_note(partial_claim_note_witness_data const& data, - point_ct const& owner, - bool_ct const& owner_account_required) + point const& owner, + bool_t const& owner_account_required) { deposit_value = data.deposit_value; bridge_call_data = data.bridge_call_data_local.to_safe_uint(); @@ -35,14 +36,14 @@ struct partial_claim_note { } }; -struct claim_note { - suint_ct deposit_value; - suint_ct bridge_call_data; - field_ct value_note_partial_commitment; - field_ct input_nullifier; - suint_ct defi_interaction_nonce; - suint_ct fee; - field_ct commitment; +template struct claim_note { + safe_uint_t deposit_value; + safe_uint_t bridge_call_data; + field_t value_note_partial_commitment; + field_t input_nullifier; + safe_uint_t defi_interaction_nonce; + safe_uint_t fee; + field_t commitment; claim_note(claim_note_witness_data const& data) : deposit_value(data.deposit_value) @@ -58,7 +59,7 @@ struct claim_note { fee)) {} - operator byte_array_ct() const { return byte_array_ct(commitment); } + explicit operator byte_array() const { return byte_array(commitment); } }; } // namespace claim diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/complete_partial_commitment.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/complete_partial_commitment.hpp index 9b1010ab58..c85b0fc8cc 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/complete_partial_commitment.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/complete_partial_commitment.hpp @@ -1,6 +1,6 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" -#include "../../constants.hpp" + +#include "barretenberg/stdlib/hash/pedersen/pedersen.hpp" namespace join_split_example { namespace proofs { @@ -8,11 +8,12 @@ namespace notes { namespace circuit { namespace claim { -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; -inline auto complete_partial_commitment(field_ct const& partial_commitment, - field_ct const& interaction_nonce, - suint_ct const& fee) +template +inline auto complete_partial_commitment(field_t const& partial_commitment, + field_t const& interaction_nonce, + safe_uint const& fee) { return pedersen_commitment::compress({ partial_commitment, interaction_nonce, fee.value }, GeneratorIndex::CLAIM_NOTE_COMMITMENT); diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/compute_nullifier.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/compute_nullifier.hpp index 304f9f6205..be1dd2b462 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/compute_nullifier.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/compute_nullifier.hpp @@ -1,5 +1,4 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" #include "barretenberg/stdlib/hash/pedersen/pedersen.hpp" #include "../../constants.hpp" @@ -9,8 +8,6 @@ namespace notes { namespace circuit { namespace claim { -using namespace proof_system::plonk::stdlib::types; - inline field_ct compute_nullifier(field_ct const& note_commitment) { return pedersen_commitment::compress(std::vector{ note_commitment }, diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/create_partial_commitment.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/create_partial_commitment.hpp index 30eb7adb7a..f12f7cd75b 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/create_partial_commitment.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/create_partial_commitment.hpp @@ -1,7 +1,6 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" -#include "barretenberg/stdlib/hash/pedersen/pedersen.hpp" -#include "../../constants.hpp" +#include "barretenberg/stdlib/commitment/pedersen/pedersen.hpp" +#include "barretenberg/join_split_example/constants.hpp" namespace join_split_example { namespace proofs { @@ -9,16 +8,17 @@ namespace notes { namespace circuit { namespace claim { -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; -inline auto create_partial_commitment(field_ct const& deposit_value, - field_ct const& bridge_call_data, - field_ct const& value_note_partial_commitment, - field_ct const& input_nullifier) +template +inline auto create_partial_commitment(field_t const& deposit_value, + field_t const& bridge_call_data, + field_t const& value_note_partial_commitment, + field_t const& input_nullifier) { - return pedersen_commitment::compress( + return pedersen_commitment::compress( { deposit_value, bridge_call_data, value_note_partial_commitment, input_nullifier }, - GeneratorIndex::CLAIM_NOTE_PARTIAL_COMMITMENT); + join_split_example::circuit::notes::GeneratorIndex::CLAIM_NOTE_PARTIAL_COMMITMENT); } } // namespace claim diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/witness_data.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/witness_data.hpp index b49bddd3bb..e24701a897 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/witness_data.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/claim/witness_data.hpp @@ -1,5 +1,4 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" #include "../../native/claim/claim_note.hpp" #include "../../native/claim/claim_note_tx_data.hpp" #include "../../constants.hpp" @@ -11,8 +10,6 @@ namespace notes { namespace circuit { namespace claim { -using namespace proof_system::plonk::stdlib::types; - /** * Convert native claim note data into circuit witness data. * Used in the claim circuit where the input is an actual, fully committed, claim note. diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/complete_partial_commitment.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/complete_partial_commitment.hpp index e5bc84b994..a784549ef8 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/complete_partial_commitment.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/complete_partial_commitment.hpp @@ -1,20 +1,17 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" #include "barretenberg/stdlib/commitment/pedersen/pedersen.hpp" #include "../../constants.hpp" - namespace join_split_example { namespace proofs { namespace notes { namespace circuit { namespace value { -using namespace proof_system::plonk::stdlib::types; - -inline auto complete_partial_commitment(field_ct const& value_note_partial_commitment, - suint_ct const& value, - suint_ct const& asset_id, - field_ct const& input_nullifier) +template +inline auto complete_partial_commitment(plonk::stdlib::field_t const& value_note_partial_commitment, + plonk::stdlib::suint_t const& value, + plonk::stdlib::suint_t const& asset_id, + plonk::stdlib::field_t const& input_nullifier) { return pedersen_commitment::compress( { value_note_partial_commitment, value.value, asset_id.value, input_nullifier }, diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/compute_nullifier.cpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/compute_nullifier.cpp index 30dafca6b6..a5de7de492 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/compute_nullifier.cpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/compute_nullifier.cpp @@ -1,6 +1,4 @@ #include "compute_nullifier.hpp" -#include "../../constants.hpp" -#include "barretenberg/stdlib/types/types.hpp" namespace join_split_example { namespace proofs { @@ -8,20 +6,21 @@ namespace notes { namespace circuit { using namespace barretenberg; -using namespace proof_system::plonk::stdlib::types; +using namespace plonk::stdlib; -field_ct compute_nullifier(field_ct const& note_commitment, - field_ct const& account_private_key, - bool_ct const& is_note_in_use) +template +field_t compute_nullifier(field_t const& note_commitment, + field_t const& account_private_key, + bool_t const& is_note_in_use) { // Hashing the private key in this way enables the following use case: // - A user can demonstrate to a 3rd party that they have spent a note, by providing the hashed_private_key and the // note_commitment. The 3rd party can then recalculate the nullifier. This does not reveal the underlying // account_private_key to the 3rd party. - auto hashed_private_key = group_ct::fixed_base_scalar_mul<254>( + auto hashed_private_key = group_t::fixed_base_scalar_mul<254>( account_private_key, GeneratorIndex::JOIN_SPLIT_NULLIFIER_ACCOUNT_PRIVATE_KEY); - std::vector hash_inputs{ + std::vector> hash_inputs{ note_commitment, hashed_private_key.x, hashed_private_key.y, @@ -43,7 +42,7 @@ field_ct compute_nullifier(field_ct const& note_commitment, */ auto blake_input = byte_array_ct(compressed_inputs); auto blake_result = proof_system::plonk::stdlib::blake2s(blake_input); - return field_ct(blake_result); + return field_t(blake_result); } } // namespace circuit diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/compute_nullifier.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/compute_nullifier.hpp index 3271035abb..44c7f88a05 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/compute_nullifier.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/compute_nullifier.hpp @@ -1,17 +1,18 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/stdlib/primitives/field/field.hpp" +#include "barretenberg/stdlib/primitives/field/bool.hpp" namespace join_split_example { namespace proofs { namespace notes { namespace circuit { -using namespace barretenberg; -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; -field_ct compute_nullifier(field_ct const& note_commitment, - field_ct const& account_private_key, - bool_ct const& is_note_in_use); +template +field_t compute_nullifier(field_t const& note_commitment, + field_t const& account_private_key, + bool_t const& is_note_in_use); } // namespace circuit } // namespace notes diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/compute_nullifier.test.cpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/compute_nullifier.test.cpp index 063ef93edd..b213331553 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/compute_nullifier.test.cpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/compute_nullifier.test.cpp @@ -4,10 +4,9 @@ #include "./value_note.hpp" #include "../../native/value/compute_nullifier.hpp" #include "../../native/value/value_note.hpp" -#include "barretenberg/stdlib/types/types.hpp" using namespace join_split_example::proofs::notes; -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; TEST(compute_nullifier_circuit, native_consistency) { @@ -22,8 +21,9 @@ TEST(compute_nullifier_circuit, native_consistency) Composer composer; auto circuit_witness_data = circuit::value::witness_data(composer, native_input_note); auto circuit_input_note = circuit::value::value_note(circuit_witness_data); - auto circuit_nullifier = circuit::compute_nullifier( - circuit_input_note.commitment, field_ct(witness_ct(&composer, priv_key)), bool_ct(witness_ct(&composer, true))); + auto circuit_nullifier = circuit::compute_nullifier(circuit_input_note.commitment, + field_t(witness_ct(&composer, priv_key)), + bool_t(witness_t(&composer, true))); EXPECT_EQ(circuit_nullifier.get_value(), native_nullifier); } diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/create_partial_commitment.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/create_partial_commitment.hpp index f01324ee34..f60882700a 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/create_partial_commitment.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/create_partial_commitment.hpp @@ -1,7 +1,5 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" #include "barretenberg/stdlib/hash/pedersen/pedersen.hpp" -#include "../../constants.hpp" namespace join_split_example { namespace proofs { @@ -9,12 +7,13 @@ namespace notes { namespace circuit { namespace value { -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; -inline auto create_partial_commitment(field_ct const& secret, - point_ct const& owner, - bool_ct const& account_required, - field_ct const& creator_pubkey) +template +inline auto create_partial_commitment(field_t const& secret, + point const& owner, + bool_t const& account_required, + field_t const& creator_pubkey) { return pedersen_commitment::compress({ secret, owner.x, owner.y, account_required, creator_pubkey }, GeneratorIndex::VALUE_NOTE_PARTIAL_COMMITMENT); diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/value_note.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/value_note.hpp index a4f8cc04c8..9470146382 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/value_note.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/value_note.hpp @@ -1,5 +1,5 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" +#include "barretenberg/stdlib/primitives/safe_uint/safe_uint.hpp" #include "witness_data.hpp" #include "commit.hpp" @@ -9,17 +9,17 @@ namespace notes { namespace circuit { namespace value { -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; -struct value_note { - point_ct owner; - suint_ct value; - field_ct secret; - suint_ct asset_id; - bool_ct account_required; - field_ct input_nullifier; - field_ct commitment; - field_ct creator_pubkey; +template struct value_note { + point owner; + safe_uint_t value; + field_t secret; + safe_uint_t asset_id; + bool_t account_required; + field_t input_nullifier; + field_t commitment; + field_t creator_pubkey; value_note(witness_data const& note) : owner(note.owner) @@ -32,7 +32,7 @@ struct value_note { , creator_pubkey(note.creator_pubkey) {} - operator byte_array_ct() const { return byte_array_ct(commitment); } + explicit operator byte_array() const { return byte_array(commitment); } }; } // namespace value diff --git a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/witness_data.hpp b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/witness_data.hpp index ff0cbc0cc2..8d32fca2c3 100644 --- a/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/witness_data.hpp +++ b/cpp/src/barretenberg/join_split_example/proofs/notes/circuit/value/witness_data.hpp @@ -1,7 +1,10 @@ #pragma once -#include "barretenberg/stdlib/types/types.hpp" #include "../../native/value/value_note.hpp" -#include "../../constants.hpp" +#include "barretenberg/stdlib/primitives/point/point.hpp" +#include "barretenberg/stdlib/primitives/safe_uint/safe_uint.hpp" +#include "barretenberg/stdlib/primitives/field/field.hpp" +#include "barretenberg/stdlib/primitives/bool/bool.hpp" +#include "barretenberg/stdlib/primitives/witness/witness.hpp" namespace join_split_example { namespace proofs { @@ -9,9 +12,15 @@ namespace notes { namespace circuit { namespace value { -using namespace proof_system::plonk::stdlib::types; +using namespace proof_system::plonk::stdlib; + +template struct witness_data { + using point_ct = point; + using suint_ct = safe_uint_t; + using field_ct = field_t; + using bool_ct = bool_t; + using witness_ct = witness_t; -struct witness_data { point_ct owner; suint_ct value; field_ct secret; diff --git a/cpp/src/barretenberg/plonk/proof_system/constants.hpp b/cpp/src/barretenberg/plonk/proof_system/constants.hpp index b5de8c110a..d042d6a624 100644 --- a/cpp/src/barretenberg/plonk/proof_system/constants.hpp +++ b/cpp/src/barretenberg/plonk/proof_system/constants.hpp @@ -3,15 +3,6 @@ #include "barretenberg/proof_system/types/composer_type.hpp" namespace proof_system::plonk { -// This variable sets the composer (TURBO or ULTRA) of the entire stdlib and rollup modules. -// To switch to using a new composer, only changing this variable should activate the new composer -// throughout the stdlib and circuits. -#ifdef USE_TURBO -static constexpr uint32_t SYSTEM_COMPOSER = ComposerType::TURBO; -#else -static constexpr uint32_t SYSTEM_COMPOSER = ComposerType::PLOOKUP; -#endif - // limb size when simulating a non-native field using bigfield class // (needs to be a universal constant to be used by native verifier) static constexpr uint64_t NUM_LIMB_BITS_IN_FIELD_SIMULATION = 68; diff --git a/cpp/src/barretenberg/plonk/proof_system/prover/c_bind.cpp b/cpp/src/barretenberg/plonk/proof_system/prover/c_bind.cpp index 6cd4d4c7af..ef1d1c1392 100644 --- a/cpp/src/barretenberg/plonk/proof_system/prover/c_bind.cpp +++ b/cpp/src/barretenberg/plonk/proof_system/prover/c_bind.cpp @@ -1,7 +1,6 @@ #include "prover.hpp" #include "barretenberg/env/data_store.hpp" #include "barretenberg/env/crs.hpp" -#include "barretenberg/proof_system/types/composer_type.hpp" #define WASM_EXPORT __attribute__((visibility("default"))) @@ -48,8 +47,8 @@ WASM_EXPORT void* test_env_load_prover_crs(size_t num_points) { return env_load_prover_crs(num_points); } -typedef std::conditional_t - WasmProver; + +using WasmProver = plonk::UltraProver; WASM_EXPORT void prover_process_queue(WasmProver* prover) { diff --git a/cpp/src/barretenberg/plonk/proof_system/prover/c_bind_unrolled.cpp b/cpp/src/barretenberg/plonk/proof_system/prover/c_bind_unrolled.cpp index 66cfdc7496..bc6211f947 100644 --- a/cpp/src/barretenberg/plonk/proof_system/prover/c_bind_unrolled.cpp +++ b/cpp/src/barretenberg/plonk/proof_system/prover/c_bind_unrolled.cpp @@ -7,101 +7,99 @@ using namespace barretenberg; extern "C" { -// TODO(Cody): Removed "unrolled" here when the time comes, if it does. -typedef std::conditional_t - WasmUnrolledProver; +using WasmProver = plonk::UltraProver; -WASM_EXPORT void unrolled_prover_process_queue(WasmUnrolledProver* prover) +WASM_EXPORT void unrolled_prover_process_queue(WasmProver* prover) { prover->queue.process_queue(); } -WASM_EXPORT size_t unrolled_prover_get_circuit_size(WasmUnrolledProver* prover) +WASM_EXPORT size_t unrolled_prover_get_circuit_size(WasmProver* prover) { return prover->get_circuit_size(); } -WASM_EXPORT void unrolled_prover_get_work_queue_item_info(WasmUnrolledProver* prover, uint8_t* result) +WASM_EXPORT void unrolled_prover_get_work_queue_item_info(WasmProver* prover, uint8_t* result) { auto info = prover->get_queued_work_item_info(); memcpy(result, &info, sizeof(info)); } -WASM_EXPORT fr* unrolled_prover_get_scalar_multiplication_data(WasmUnrolledProver* prover, size_t work_item_number) +WASM_EXPORT fr* unrolled_prover_get_scalar_multiplication_data(WasmProver* prover, size_t work_item_number) { return prover->get_scalar_multiplication_data(work_item_number); } -WASM_EXPORT size_t unrolled_prover_get_scalar_multiplication_size(WasmUnrolledProver* prover, size_t work_item_number) +WASM_EXPORT size_t unrolled_prover_get_scalar_multiplication_size(WasmProver* prover, size_t work_item_number) { return prover->get_scalar_multiplication_size(work_item_number); } -WASM_EXPORT void unrolled_prover_put_scalar_multiplication_data(WasmUnrolledProver* prover, +WASM_EXPORT void unrolled_prover_put_scalar_multiplication_data(WasmProver* prover, g1::element* result, const size_t work_item_number) { prover->put_scalar_multiplication_data(*result, work_item_number); } -WASM_EXPORT fr* unrolled_prover_get_fft_data(WasmUnrolledProver* prover, fr* shift_factor, size_t work_item_number) +WASM_EXPORT fr* unrolled_prover_get_fft_data(WasmProver* prover, fr* shift_factor, size_t work_item_number) { auto data = prover->get_fft_data(work_item_number); *shift_factor = data.shift_factor; return data.data; } -WASM_EXPORT void unrolled_prover_put_fft_data(WasmUnrolledProver* prover, fr* result, size_t work_item_number) +WASM_EXPORT void unrolled_prover_put_fft_data(WasmProver* prover, fr* result, size_t work_item_number) { prover->put_fft_data(result, work_item_number); } -WASM_EXPORT fr* unrolled_prover_get_ifft_data(WasmUnrolledProver* prover, size_t work_item_number) +WASM_EXPORT fr* unrolled_prover_get_ifft_data(WasmProver* prover, size_t work_item_number) { return prover->get_ifft_data(work_item_number); } -WASM_EXPORT void unrolled_prover_put_ifft_data(WasmUnrolledProver* prover, fr* result, size_t work_item_number) +WASM_EXPORT void unrolled_prover_put_ifft_data(WasmProver* prover, fr* result, size_t work_item_number) { prover->put_ifft_data(result, work_item_number); } -WASM_EXPORT void unrolled_prover_execute_preamble_round(WasmUnrolledProver* prover) +WASM_EXPORT void unrolled_prover_execute_preamble_round(WasmProver* prover) { prover->execute_preamble_round(); } -WASM_EXPORT void unrolled_prover_execute_first_round(WasmUnrolledProver* prover) +WASM_EXPORT void unrolled_prover_execute_first_round(WasmProver* prover) { prover->execute_first_round(); } -WASM_EXPORT void unrolled_prover_execute_second_round(WasmUnrolledProver* prover) +WASM_EXPORT void unrolled_prover_execute_second_round(WasmProver* prover) { prover->execute_second_round(); } -WASM_EXPORT void unrolled_prover_execute_third_round(WasmUnrolledProver* prover) +WASM_EXPORT void unrolled_prover_execute_third_round(WasmProver* prover) { prover->execute_third_round(); } -WASM_EXPORT void unrolled_prover_execute_fourth_round(WasmUnrolledProver* prover) +WASM_EXPORT void unrolled_prover_execute_fourth_round(WasmProver* prover) { prover->execute_fourth_round(); } -WASM_EXPORT void unrolled_prover_execute_fifth_round(WasmUnrolledProver* prover) +WASM_EXPORT void unrolled_prover_execute_fifth_round(WasmProver* prover) { prover->execute_fifth_round(); } -WASM_EXPORT void unrolled_prover_execute_sixth_round(WasmUnrolledProver* prover) +WASM_EXPORT void unrolled_prover_execute_sixth_round(WasmProver* prover) { prover->execute_sixth_round(); } -WASM_EXPORT size_t unrolled_prover_export_proof(WasmUnrolledProver* prover, uint8_t** proof_data_buf) +WASM_EXPORT size_t unrolled_prover_export_proof(WasmProver* prover, uint8_t** proof_data_buf) { auto& proof_data = prover->export_proof().proof_data; *proof_data_buf = proof_data.data(); diff --git a/cpp/src/barretenberg/stdlib/encryption/schnorr/schnorr.test.cpp b/cpp/src/barretenberg/stdlib/encryption/schnorr/schnorr.test.cpp index 53062b79fe..bb954f6ba9 100644 --- a/cpp/src/barretenberg/stdlib/encryption/schnorr/schnorr.test.cpp +++ b/cpp/src/barretenberg/stdlib/encryption/schnorr/schnorr.test.cpp @@ -1,346 +1,346 @@ -#include "schnorr.hpp" -#include "barretenberg/crypto/pedersen_commitment/pedersen.hpp" -#include "barretenberg/ecc/curves/grumpkin/grumpkin.hpp" -#include -#include "barretenberg/stdlib/types/types.hpp" - -namespace test_stdlib_schnorr { - -using namespace barretenberg; -using namespace proof_system::plonk::stdlib::types; -using namespace proof_system::plonk::stdlib::schnorr; - -auto run_scalar_mul_test = [](grumpkin::fr scalar_mont, bool expect_verify) { - Composer composer = Composer(); - - grumpkin::fr scalar = scalar_mont.from_montgomery_form(); - - uint256_t scalar_low{ scalar.data[0], scalar.data[1], 0ULL, 0ULL }; - uint256_t scalar_high{ scalar.data[2], scalar.data[3], 0ULL, 0ULL }; - - field_ct input_lo = witness_ct(&composer, scalar_low); - field_ct input_hi = witness_ct(&composer, scalar_high); - - grumpkin::g1::element expected = grumpkin::g1::one * scalar_mont; - expected = expected.normalize(); - point_ct point_input{ witness_ct(&composer, grumpkin::g1::affine_one.x), - witness_ct(&composer, grumpkin::g1::affine_one.y) }; - - point_ct output = variable_base_mul(point_input, input_lo, input_hi); - - if (expect_verify) { - EXPECT_EQ(output.x.get_value(), expected.x); - EXPECT_EQ(output.y.get_value(), expected.y); - }; - - auto prover = composer.create_ultra_with_keccak_prover(); - - info("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); - - plonk::proof proof = prover.construct_proof(); - - bool result = verifier.verify_proof(proof); - EXPECT_EQ(result, expect_verify); -}; - -typedef wnaf_record wnaf_record_ct; - -/** - * @brief Helper function to compare wnaf_records, useful since == on bool_ct's returns a bool_ct. - */ -bool compare_records(wnaf_record_ct a, wnaf_record_ct b) -{ - bool result = a.skew.witness_bool == b.skew.witness_bool; - if (result) { - for (size_t i = 0; i != a.bits.size(); ++i) { - bool a_bit = a.bits[i].witness_bool; - bool b_bit = b.bits[i].witness_bool; - result = result == false ? false : a_bit == b_bit; - } - } - return result; -} - -TEST(stdlib_schnorr, convert_field_into_wnaf_special) -{ - Composer composer = Composer(); - - // the wnaf_record ((b_1, ... b_128), skew) corresponding to the 129-bit non-negative value - // is, 2^128 + 2^127 w_1 + ... + 2 w_127 + w_128 - skew, where w_i = 1 if b_i is true, else -1.. - // We make some auxiliary wnaf records that will be helpful. - std::vector false128(128, false); - wnaf_record_ct all_false({ .bits = false128, .skew = false }); - - std::vector true128(128, true); - wnaf_record_ct all_true({ .bits = true128, .skew = true }); - - // establish a list of special values to be converted to a wnaf_record - std::vector special_values({ 1, - 0, - (static_cast(1) << 128) - 1, - (static_cast(1) << 128) + 1, - (static_cast(1) << 128), - (static_cast(1) << 129) - 1 }); - - size_t num_special_values(special_values.size()); - - // convert these values to field elements - std::vector special_field_elts(num_special_values); - for (size_t i = 0; i != num_special_values; ++i) { - field_ct a(special_values[i]); - special_field_elts[i] = a; - }; - - // manually build the expected wnaf records - // 1 is given by ((false, ..., false), false) - auto record_1 = all_false; - - // 0 is given by ((false, ..., false), true) - auto record_0 = all_false; - record_0.skew = true; - - // 2^128 - 1 = 2^128 - 2^127 + (2^127 - 1) - 0 is given by((false, true, ..., true), false) - auto record_128_minus_1 = all_true; - record_128_minus_1.bits[0] = false; - record_128_minus_1.skew = false; - - // 2^128 + 1 = 2^128 + (2^127 - (2^127 - 1)) - 0 is given by((true, false, false, ..., false), false) - auto record_128_plus_1 = all_false; - record_128_plus_1.bits[0] = true; - - // 2^128 = 2^128 + (2^127 - (2^127 - 1)) - 1 is given by((true, false, false, ..., false), true) - auto record_128 = all_false; - record_128.bits[0] = true; - record_128.skew = true; - - // // 2^129-1 = 2^128 + 2^127 + ... + 1 - 0 should be given by ((true, true, ..., true), false). - // Note: fixed_wnaf<129, 1, 1>, used inside of convert_field_into_wnaf, incorrectly computes the the coefficient - // of - // 2^127 in the wnaf representation of to be -1. - auto record_max = all_true; - record_max.skew = false; - - std::vector expected_wnaf_records( - { record_1, record_0, record_128_minus_1, record_128_plus_1, record_128, record_max }); - - // integers less than 2^128 are converted correctly - for (size_t i = 0; i != num_special_values; ++i) { - field_ct elt = special_field_elts[i]; - wnaf_record_ct record = convert_field_into_wnaf(&composer, elt); - wnaf_record_ct expected_record = expected_wnaf_records[i]; - bool records_equal = compare_records(record, expected_record); - ASSERT_TRUE(records_equal); - ASSERT_FALSE(composer.failed()); - } -} - -TEST(stdlib_schnorr, convert_field_into_wnaf) -{ - Composer composer = Composer(); - - grumpkin::fq scalar_mont = grumpkin::fq::random_element(); - grumpkin::fq scalar = scalar_mont.from_montgomery_form(); - - // our wnaf records only represent 128 bits, so we test by generating a field - // element and then truncating. - scalar.data[2] = 0ULL; - scalar.data[3] = 0ULL; - - scalar = scalar.to_montgomery_form(); - - field_ct input(&composer, scalar); - convert_field_into_wnaf(&composer, input); - - auto prover = composer.create_ultra_with_keccak_prover(); - - info("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); - - plonk::proof proof = prover.construct_proof(); - - bool result = verifier.verify_proof(proof); - EXPECT_EQ(result, true); -} - -/** - * @brief Test variable_base_mul(const point& pub_key, - * const field_t& low_bits, - * const field_t& high_bits) - * by taking a random field Fr element s, computing the corresponding Grumpkin G1 element both natively - * and using the function in question (splitting s into 128-bit halves), then comparing the results. - */ -TEST(stdlib_schnorr, test_scalar_mul_low_high) -{ - run_scalar_mul_test(grumpkin::fr::random_element(), true); - run_scalar_mul_test(grumpkin::fr(static_cast(1) << 128), false); - run_scalar_mul_test(0, false); -} - -/** - * @test Test circuit verifying a Schnorr signature generated by \see{crypto::schnorr::verify_signature}. - * We only test: messages signed and verified using Grumpkin and the BLAKE2s hash function. We only test - * TurboPLONK. We test strings of lengths 0, 1, ..., 33. - */ -TEST(stdlib_schnorr, verify_signature) -{ - std::string longer_string = "This is a test string of length 34"; - - std::vector test_lengths({ 0, 1, 32, 33 }); - for (size_t i : test_lengths) { - Composer composer = Composer(); - auto message_string = longer_string.substr(0, i); - - crypto::schnorr::key_pair account; - account.private_key = grumpkin::fr::random_element(); - account.public_key = grumpkin::g1::one * account.private_key; - - crypto::schnorr::signature signature = - crypto::schnorr::construct_signature( - message_string, account); - - bool first_result = crypto::schnorr::verify_signature( - message_string, account.public_key, signature); - EXPECT_EQ(first_result, true); - - point_ct pub_key{ witness_ct(&composer, account.public_key.x), witness_ct(&composer, account.public_key.y) }; - stdlib::schnorr::signature_bits sig = stdlib::schnorr::convert_signature(&composer, signature); - byte_array_ct message(&composer, message_string); - stdlib::schnorr::verify_signature(message, pub_key, sig); - - auto prover = composer.create_ultra_with_keccak_prover(); - info("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); - plonk::proof proof = prover.construct_proof(); - bool result = verifier.verify_proof(proof); - EXPECT_EQ(result, true); - } -} - -/** - * @brief Verification fails when the wrong public key is used. - * - */ -TEST(stdlib_schnorr, verify_signature_failure) -{ - Composer composer = Composer(); - std::string message_string = "This is a test string of length 34"; - - // create key pair 1 - crypto::schnorr::key_pair account1; - account1.private_key = grumpkin::fr::random_element(); - account1.public_key = grumpkin::g1::one * account1.private_key; - - // create key pair 2 - crypto::schnorr::key_pair account2; - account2.private_key = grumpkin::fr::random_element(); - account2.public_key = grumpkin::g1::one * account2.private_key; - - // sign the message with account 1 private key - crypto::schnorr::signature signature = - crypto::schnorr::construct_signature(message_string, - account1); - - // check native verification with account 2 public key fails - bool native_result = crypto::schnorr::verify_signature( - message_string, account2.public_key, signature); - EXPECT_EQ(native_result, false); - - // check stdlib verification with account 2 public key fails - point_ct pub_key2_ct{ witness_ct(&composer, account2.public_key.x), witness_ct(&composer, account2.public_key.y) }; - stdlib::schnorr::signature_bits sig = stdlib::schnorr::convert_signature(&composer, signature); - byte_array_ct message(&composer, message_string); - stdlib::schnorr::verify_signature(message, pub_key2_ct, sig); - - auto prover = composer.create_ultra_with_keccak_prover(); - - info("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); - - plonk::proof proof = prover.construct_proof(); - - bool verification_result = verifier.verify_proof(proof); - EXPECT_EQ(verification_result, false); -} - -/** - * @test Like stdlib_schnorr.verify_signature, but we use the function signature_verification that produces a - * boolean witness and does not require the prover to provide a valid signature. - */ -TEST(stdlib_schnorr, signature_verification_result) -{ - std::string longer_string = "This is a test string of length 34"; - - Composer composer = Composer(); - - crypto::schnorr::key_pair account; - account.private_key = grumpkin::fr::random_element(); - account.public_key = grumpkin::g1::one * account.private_key; - - crypto::schnorr::signature signature = - crypto::schnorr::construct_signature(longer_string, - account); - - bool first_result = crypto::schnorr::verify_signature( - longer_string, account.public_key, signature); - EXPECT_EQ(first_result, true); - - point_ct pub_key{ witness_ct(&composer, account.public_key.x), witness_ct(&composer, account.public_key.y) }; - stdlib::schnorr::signature_bits sig = stdlib::schnorr::convert_signature(&composer, signature); - byte_array_ct message(&composer, longer_string); - bool_ct signature_result = stdlib::schnorr::signature_verification_result(message, pub_key, sig); - EXPECT_EQ(signature_result.witness_bool, true); - - plonk::stdlib::types::Prover prover = composer.create_ultra_with_keccak_prover(); - info("composer gates = %zu\n", composer.get_num_gates()); - plonk::stdlib::types::Verifier verifier = composer.create_ultra_with_keccak_verifier(); - plonk::proof proof = prover.construct_proof(); - bool result = verifier.verify_proof(proof); - EXPECT_EQ(result, true); -} - -/** - * @test Like stdlib_schnorr.verify_signature_failure, but we use the function signature_verification that produces a - * boolean witness and allow for proving that a signature verification fails. - */ -TEST(stdlib_schnorr, signature_verification_result_failure) -{ - Composer composer = Composer(); - std::string message_string = "This is a test string of length 34"; - - // create key pair 1 - crypto::schnorr::key_pair account1; - account1.private_key = grumpkin::fr::random_element(); - account1.public_key = grumpkin::g1::one * account1.private_key; - - // create key pair 2 - crypto::schnorr::key_pair account2; - account2.private_key = grumpkin::fr::random_element(); - account2.public_key = grumpkin::g1::one * account2.private_key; - - // sign the message with account 1 private key - crypto::schnorr::signature signature = - crypto::schnorr::construct_signature(message_string, - account1); - - // check native verification with account 2 public key fails - bool native_result = crypto::schnorr::verify_signature( - message_string, account2.public_key, signature); - EXPECT_EQ(native_result, false); - - // check stdlib verification with account 2 public key fails - point_ct pub_key2_ct{ witness_ct(&composer, account2.public_key.x), witness_ct(&composer, account2.public_key.y) }; - stdlib::schnorr::signature_bits sig = stdlib::schnorr::convert_signature(&composer, signature); - byte_array_ct message(&composer, message_string); - bool_ct signature_result = stdlib::schnorr::signature_verification_result(message, pub_key2_ct, sig); - EXPECT_EQ(signature_result.witness_bool, false); - - plonk::stdlib::types::Prover prover = composer.create_ultra_with_keccak_prover(); - info("composer gates = %zu\n", composer.get_num_gates()); - plonk::stdlib::types::Verifier verifier = composer.create_ultra_with_keccak_verifier(); - plonk::proof proof = prover.construct_proof(); - bool verification_result = verifier.verify_proof(proof); - EXPECT_EQ(verification_result, true); -} - -} // namespace test_stdlib_schnorr +// #include "schnorr.hpp" +// #include "barretenberg/crypto/pedersen_commitment/pedersen.hpp" +// #include "barretenberg/ecc/curves/grumpkin/grumpkin.hpp" +// #include +// #include "barretenberg/stdlib/types/types.hpp" + +// namespace test_stdlib_schnorr { + +// using namespace barretenberg; +// using namespace proof_system::plonk::stdlib::types; +// using namespace proof_system::plonk::stdlib::schnorr; + +// auto run_scalar_mul_test = [](grumpkin::fr scalar_mont, bool expect_verify) { +// Composer composer = Composer(); + +// grumpkin::fr scalar = scalar_mont.from_montgomery_form(); + +// uint256_t scalar_low{ scalar.data[0], scalar.data[1], 0ULL, 0ULL }; +// uint256_t scalar_high{ scalar.data[2], scalar.data[3], 0ULL, 0ULL }; + +// field_ct input_lo = witness_ct(&composer, scalar_low); +// field_ct input_hi = witness_ct(&composer, scalar_high); + +// grumpkin::g1::element expected = grumpkin::g1::one * scalar_mont; +// expected = expected.normalize(); +// point_ct point_input{ witness_ct(&composer, grumpkin::g1::affine_one.x), +// witness_ct(&composer, grumpkin::g1::affine_one.y) }; + +// point_ct output = variable_base_mul(point_input, input_lo, input_hi); + +// if (expect_verify) { +// EXPECT_EQ(output.x.get_value(), expected.x); +// EXPECT_EQ(output.y.get_value(), expected.y); +// }; + +// auto prover = composer.create_ultra_with_keccak_prover(); + +// info("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); + +// plonk::proof proof = prover.construct_proof(); + +// bool result = verifier.verify_proof(proof); +// EXPECT_EQ(result, expect_verify); +// }; + +// typedef wnaf_record wnaf_record_ct; + +// /** +// * @brief Helper function to compare wnaf_records, useful since == on bool_ct's returns a bool_ct. +// */ +// bool compare_records(wnaf_record_ct a, wnaf_record_ct b) +// { +// bool result = a.skew.witness_bool == b.skew.witness_bool; +// if (result) { +// for (size_t i = 0; i != a.bits.size(); ++i) { +// bool a_bit = a.bits[i].witness_bool; +// bool b_bit = b.bits[i].witness_bool; +// result = result == false ? false : a_bit == b_bit; +// } +// } +// return result; +// } + +// TEST(stdlib_schnorr, convert_field_into_wnaf_special) +// { +// Composer composer = Composer(); + +// // the wnaf_record ((b_1, ... b_128), skew) corresponding to the 129-bit non-negative value +// // is, 2^128 + 2^127 w_1 + ... + 2 w_127 + w_128 - skew, where w_i = 1 if b_i is true, else -1.. +// // We make some auxiliary wnaf records that will be helpful. +// std::vector false128(128, false); +// wnaf_record_ct all_false({ .bits = false128, .skew = false }); + +// std::vector true128(128, true); +// wnaf_record_ct all_true({ .bits = true128, .skew = true }); + +// // establish a list of special values to be converted to a wnaf_record +// std::vector special_values({ 1, +// 0, +// (static_cast(1) << 128) - 1, +// (static_cast(1) << 128) + 1, +// (static_cast(1) << 128), +// (static_cast(1) << 129) - 1 }); + +// size_t num_special_values(special_values.size()); + +// // convert these values to field elements +// std::vector special_field_elts(num_special_values); +// for (size_t i = 0; i != num_special_values; ++i) { +// field_ct a(special_values[i]); +// special_field_elts[i] = a; +// }; + +// // manually build the expected wnaf records +// // 1 is given by ((false, ..., false), false) +// auto record_1 = all_false; + +// // 0 is given by ((false, ..., false), true) +// auto record_0 = all_false; +// record_0.skew = true; + +// // 2^128 - 1 = 2^128 - 2^127 + (2^127 - 1) - 0 is given by((false, true, ..., true), false) +// auto record_128_minus_1 = all_true; +// record_128_minus_1.bits[0] = false; +// record_128_minus_1.skew = false; + +// // 2^128 + 1 = 2^128 + (2^127 - (2^127 - 1)) - 0 is given by((true, false, false, ..., false), false) +// auto record_128_plus_1 = all_false; +// record_128_plus_1.bits[0] = true; + +// // 2^128 = 2^128 + (2^127 - (2^127 - 1)) - 1 is given by((true, false, false, ..., false), true) +// auto record_128 = all_false; +// record_128.bits[0] = true; +// record_128.skew = true; + +// // // 2^129-1 = 2^128 + 2^127 + ... + 1 - 0 should be given by ((true, true, ..., true), false). +// // Note: fixed_wnaf<129, 1, 1>, used inside of convert_field_into_wnaf, incorrectly computes the the coefficient +// // of +// // 2^127 in the wnaf representation of to be -1. +// auto record_max = all_true; +// record_max.skew = false; + +// std::vector expected_wnaf_records( +// { record_1, record_0, record_128_minus_1, record_128_plus_1, record_128, record_max }); + +// // integers less than 2^128 are converted correctly +// for (size_t i = 0; i != num_special_values; ++i) { +// field_ct elt = special_field_elts[i]; +// wnaf_record_ct record = convert_field_into_wnaf(&composer, elt); +// wnaf_record_ct expected_record = expected_wnaf_records[i]; +// bool records_equal = compare_records(record, expected_record); +// ASSERT_TRUE(records_equal); +// ASSERT_FALSE(composer.failed()); +// } +// } + +// TEST(stdlib_schnorr, convert_field_into_wnaf) +// { +// Composer composer = Composer(); + +// grumpkin::fq scalar_mont = grumpkin::fq::random_element(); +// grumpkin::fq scalar = scalar_mont.from_montgomery_form(); + +// // our wnaf records only represent 128 bits, so we test by generating a field +// // element and then truncating. +// scalar.data[2] = 0ULL; +// scalar.data[3] = 0ULL; + +// scalar = scalar.to_montgomery_form(); + +// field_ct input(&composer, scalar); +// convert_field_into_wnaf(&composer, input); + +// auto prover = composer.create_ultra_with_keccak_prover(); + +// info("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); + +// plonk::proof proof = prover.construct_proof(); + +// bool result = verifier.verify_proof(proof); +// EXPECT_EQ(result, true); +// } + +// /** +// * @brief Test variable_base_mul(const point& pub_key, +// * const field_t& low_bits, +// * const field_t& high_bits) +// * by taking a random field Fr element s, computing the corresponding Grumpkin G1 element both natively +// * and using the function in question (splitting s into 128-bit halves), then comparing the results. +// */ +// TEST(stdlib_schnorr, test_scalar_mul_low_high) +// { +// run_scalar_mul_test(grumpkin::fr::random_element(), true); +// run_scalar_mul_test(grumpkin::fr(static_cast(1) << 128), false); +// run_scalar_mul_test(0, false); +// } + +// /** +// * @test Test circuit verifying a Schnorr signature generated by \see{crypto::schnorr::verify_signature}. +// * We only test: messages signed and verified using Grumpkin and the BLAKE2s hash function. We only test +// * TurboPLONK. We test strings of lengths 0, 1, ..., 33. +// */ +// TEST(stdlib_schnorr, verify_signature) +// { +// std::string longer_string = "This is a test string of length 34"; + +// std::vector test_lengths({ 0, 1, 32, 33 }); +// for (size_t i : test_lengths) { +// Composer composer = Composer(); +// auto message_string = longer_string.substr(0, i); + +// crypto::schnorr::key_pair account; +// account.private_key = grumpkin::fr::random_element(); +// account.public_key = grumpkin::g1::one * account.private_key; + +// crypto::schnorr::signature signature = +// crypto::schnorr::construct_signature( +// message_string, account); + +// bool first_result = crypto::schnorr::verify_signature( +// message_string, account.public_key, signature); +// EXPECT_EQ(first_result, true); + +// point_ct pub_key{ witness_ct(&composer, account.public_key.x), witness_ct(&composer, account.public_key.y) }; +// stdlib::schnorr::signature_bits sig = stdlib::schnorr::convert_signature(&composer, signature); +// byte_array_ct message(&composer, message_string); +// stdlib::schnorr::verify_signature(message, pub_key, sig); + +// auto prover = composer.create_ultra_with_keccak_prover(); +// info("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); +// plonk::proof proof = prover.construct_proof(); +// bool result = verifier.verify_proof(proof); +// EXPECT_EQ(result, true); +// } +// } + +// /** +// * @brief Verification fails when the wrong public key is used. +// * +// */ +// TEST(stdlib_schnorr, verify_signature_failure) +// { +// Composer composer = Composer(); +// std::string message_string = "This is a test string of length 34"; + +// // create key pair 1 +// crypto::schnorr::key_pair account1; +// account1.private_key = grumpkin::fr::random_element(); +// account1.public_key = grumpkin::g1::one * account1.private_key; + +// // create key pair 2 +// crypto::schnorr::key_pair account2; +// account2.private_key = grumpkin::fr::random_element(); +// account2.public_key = grumpkin::g1::one * account2.private_key; + +// // sign the message with account 1 private key +// crypto::schnorr::signature signature = +// crypto::schnorr::construct_signature(message_string, +// account1); + +// // check native verification with account 2 public key fails +// bool native_result = crypto::schnorr::verify_signature( +// message_string, account2.public_key, signature); +// EXPECT_EQ(native_result, false); + +// // check stdlib verification with account 2 public key fails +// point_ct pub_key2_ct{ witness_ct(&composer, account2.public_key.x), witness_ct(&composer, account2.public_key.y) +// }; stdlib::schnorr::signature_bits sig = stdlib::schnorr::convert_signature(&composer, signature); byte_array_ct +// message(&composer, message_string); stdlib::schnorr::verify_signature(message, pub_key2_ct, sig); + +// auto prover = composer.create_ultra_with_keccak_prover(); + +// info("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); + +// plonk::proof proof = prover.construct_proof(); + +// bool verification_result = verifier.verify_proof(proof); +// EXPECT_EQ(verification_result, false); +// } + +// /** +// * @test Like stdlib_schnorr.verify_signature, but we use the function signature_verification that produces a +// * boolean witness and does not require the prover to provide a valid signature. +// */ +// TEST(stdlib_schnorr, signature_verification_result) +// { +// std::string longer_string = "This is a test string of length 34"; + +// Composer composer = Composer(); + +// crypto::schnorr::key_pair account; +// account.private_key = grumpkin::fr::random_element(); +// account.public_key = grumpkin::g1::one * account.private_key; + +// crypto::schnorr::signature signature = +// crypto::schnorr::construct_signature(longer_string, +// account); + +// bool first_result = crypto::schnorr::verify_signature( +// longer_string, account.public_key, signature); +// EXPECT_EQ(first_result, true); + +// point_ct pub_key{ witness_ct(&composer, account.public_key.x), witness_ct(&composer, account.public_key.y) }; +// stdlib::schnorr::signature_bits sig = stdlib::schnorr::convert_signature(&composer, signature); +// byte_array_ct message(&composer, longer_string); +// bool_ct signature_result = stdlib::schnorr::signature_verification_result(message, pub_key, sig); +// EXPECT_EQ(signature_result.witness_bool, true); + +// plonk::stdlib::types::Prover prover = composer.create_ultra_with_keccak_prover(); +// info("composer gates = %zu\n", composer.get_num_gates()); +// plonk::stdlib::types::Verifier verifier = composer.create_ultra_with_keccak_verifier(); +// plonk::proof proof = prover.construct_proof(); +// bool result = verifier.verify_proof(proof); +// EXPECT_EQ(result, true); +// } + +// /** +// * @test Like stdlib_schnorr.verify_signature_failure, but we use the function signature_verification that produces a +// * boolean witness and allow for proving that a signature verification fails. +// */ +// TEST(stdlib_schnorr, signature_verification_result_failure) +// { +// Composer composer = Composer(); +// std::string message_string = "This is a test string of length 34"; + +// // create key pair 1 +// crypto::schnorr::key_pair account1; +// account1.private_key = grumpkin::fr::random_element(); +// account1.public_key = grumpkin::g1::one * account1.private_key; + +// // create key pair 2 +// crypto::schnorr::key_pair account2; +// account2.private_key = grumpkin::fr::random_element(); +// account2.public_key = grumpkin::g1::one * account2.private_key; + +// // sign the message with account 1 private key +// crypto::schnorr::signature signature = +// crypto::schnorr::construct_signature(message_string, +// account1); + +// // check native verification with account 2 public key fails +// bool native_result = crypto::schnorr::verify_signature( +// message_string, account2.public_key, signature); +// EXPECT_EQ(native_result, false); + +// // check stdlib verification with account 2 public key fails +// point_ct pub_key2_ct{ witness_ct(&composer, account2.public_key.x), witness_ct(&composer, account2.public_key.y) +// }; stdlib::schnorr::signature_bits sig = stdlib::schnorr::convert_signature(&composer, signature); byte_array_ct +// message(&composer, message_string); bool_ct signature_result = +// stdlib::schnorr::signature_verification_result(message, pub_key2_ct, sig); +// EXPECT_EQ(signature_result.witness_bool, false); + +// plonk::stdlib::types::Prover prover = composer.create_ultra_with_keccak_prover(); +// info("composer gates = %zu\n", composer.get_num_gates()); +// plonk::stdlib::types::Verifier verifier = composer.create_ultra_with_keccak_verifier(); +// plonk::proof proof = prover.construct_proof(); +// bool verification_result = verifier.verify_proof(proof); +// EXPECT_EQ(verification_result, true); +// } + +// } // namespace test_stdlib_schnorr diff --git a/cpp/src/barretenberg/stdlib/hash/blake2s/blake2s.test.cpp b/cpp/src/barretenberg/stdlib/hash/blake2s/blake2s.test.cpp index 4b5fc2910d..e4453fc5ca 100644 --- a/cpp/src/barretenberg/stdlib/hash/blake2s/blake2s.test.cpp +++ b/cpp/src/barretenberg/stdlib/hash/blake2s/blake2s.test.cpp @@ -1,110 +1,110 @@ -#include "blake2s.hpp" -#include "blake2s_plookup.hpp" -#include "barretenberg/crypto/blake2s/blake2s.hpp" -#include -#include "barretenberg/stdlib/types/types.hpp" +// #include "blake2s.hpp" +// #include "blake2s_plookup.hpp" +// #include "barretenberg/crypto/blake2s/blake2s.hpp" +// #include +// #include "barretenberg/stdlib/types/types.hpp" -using namespace barretenberg; -using namespace proof_system::plonk; +// using namespace barretenberg; +// using namespace proof_system::plonk; -using namespace proof_system::plonk::stdlib::types; -typedef stdlib::byte_array byte_array; -typedef stdlib::byte_array byte_array_plookup; -typedef stdlib::public_witness_t public_witness_t; -typedef stdlib::public_witness_t public_witness_t_plookup; +// using namespace proof_system::plonk::stdlib::types; +// typedef stdlib::byte_array byte_array; +// typedef stdlib::byte_array byte_array_plookup; +// typedef stdlib::public_witness_t public_witness_t; +// typedef stdlib::public_witness_t public_witness_t_plookup; -TEST(stdlib_blake2s, test_single_block) -{ - Composer composer = Composer(); - std::string input = "abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz01"; - std::vector input_v(input.begin(), input.end()); +// TEST(stdlib_blake2s, test_single_block) +// { +// Composer composer = Composer(); +// std::string input = "abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz01"; +// std::vector input_v(input.begin(), input.end()); - byte_array_ct input_arr(&composer, input_v); - byte_array_ct output = stdlib::blake2s(input_arr); +// byte_array_ct input_arr(&composer, input_v); +// byte_array_ct output = stdlib::blake2s(input_arr); - std::vector expected = blake2::blake2s(input_v); +// std::vector expected = blake2::blake2s(input_v); - EXPECT_EQ(output.get_value(), expected); +// EXPECT_EQ(output.get_value(), expected); - auto prover = composer.create_ultra_with_keccak_prover(); +// auto prover = composer.create_ultra_with_keccak_prover(); - printf("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); +// printf("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); - auto proof = prover.construct_proof(); +// auto proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} +// bool proof_result = verifier.verify_proof(proof); +// EXPECT_EQ(proof_result, true); +// } -TEST(stdlib_blake2s, test_single_block_plookup) -{ - plonk::UltraComposer composer = UltraComposer(); - std::string input = "abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz01"; - std::vector input_v(input.begin(), input.end()); +// TEST(stdlib_blake2s, test_single_block_plookup) +// { +// plonk::UltraComposer composer = UltraComposer(); +// std::string input = "abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz01"; +// std::vector input_v(input.begin(), input.end()); - byte_array_plookup input_arr(&composer, input_v); - byte_array_plookup output = stdlib::blake2s(input_arr); +// byte_array_plookup input_arr(&composer, input_v); +// byte_array_plookup output = stdlib::blake2s(input_arr); - std::vector expected = blake2::blake2s(input_v); +// std::vector expected = blake2::blake2s(input_v); - EXPECT_EQ(output.get_value(), expected); +// EXPECT_EQ(output.get_value(), expected); - auto prover = composer.create_ultra_with_keccak_prover(); - std::cout << "prover gates = " << prover.circuit_size << std::endl; - printf("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); +// auto prover = composer.create_ultra_with_keccak_prover(); +// std::cout << "prover gates = " << prover.circuit_size << std::endl; +// printf("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); - auto proof = prover.construct_proof(); +// auto proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} +// bool proof_result = verifier.verify_proof(proof); +// EXPECT_EQ(proof_result, true); +// } -TEST(stdlib_blake2s, test_double_block) -{ - Composer composer = Composer(); - std::string input = "abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789"; - std::vector input_v(input.begin(), input.end()); +// TEST(stdlib_blake2s, test_double_block) +// { +// Composer composer = Composer(); +// std::string input = "abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789"; +// std::vector input_v(input.begin(), input.end()); - byte_array_ct input_arr(&composer, input_v); - byte_array_ct output = stdlib::blake2s(input_arr); +// byte_array_ct input_arr(&composer, input_v); +// byte_array_ct output = stdlib::blake2s(input_arr); - std::vector expected = blake2::blake2s(input_v); +// std::vector expected = blake2::blake2s(input_v); - EXPECT_EQ(output.get_value(), expected); +// EXPECT_EQ(output.get_value(), expected); - auto prover = composer.create_ultra_with_keccak_prover(); +// auto prover = composer.create_ultra_with_keccak_prover(); - printf("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); +// printf("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); - auto proof = prover.construct_proof(); +// auto proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} +// bool proof_result = verifier.verify_proof(proof); +// EXPECT_EQ(proof_result, true); +// } -TEST(stdlib_blake2s, test_double_block_plookup) -{ - plonk::UltraComposer composer = UltraComposer(); - std::string input = "abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789"; - std::vector input_v(input.begin(), input.end()); +// TEST(stdlib_blake2s, test_double_block_plookup) +// { +// plonk::UltraComposer composer = UltraComposer(); +// std::string input = "abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789"; +// std::vector input_v(input.begin(), input.end()); - byte_array_plookup input_arr(&composer, input_v); - byte_array_plookup output = stdlib::blake2s(input_arr); +// byte_array_plookup input_arr(&composer, input_v); +// byte_array_plookup output = stdlib::blake2s(input_arr); - std::vector expected = blake2::blake2s(input_v); +// std::vector expected = blake2::blake2s(input_v); - EXPECT_EQ(output.get_value(), expected); +// EXPECT_EQ(output.get_value(), expected); - auto prover = composer.create_ultra_with_keccak_prover(); - std::cout << "prover gates = " << prover.circuit_size << std::endl; - printf("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); +// auto prover = composer.create_ultra_with_keccak_prover(); +// std::cout << "prover gates = " << prover.circuit_size << std::endl; +// printf("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); - auto proof = prover.construct_proof(); +// auto proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} +// bool proof_result = verifier.verify_proof(proof); +// EXPECT_EQ(proof_result, true); +// } diff --git a/cpp/src/barretenberg/stdlib/hash/sha256/sha256.bench.cpp b/cpp/src/barretenberg/stdlib/hash/sha256/sha256.bench.cpp index 4e79f1fb43..cefe412a92 100644 --- a/cpp/src/barretenberg/stdlib/hash/sha256/sha256.bench.cpp +++ b/cpp/src/barretenberg/stdlib/hash/sha256/sha256.bench.cpp @@ -1,87 +1,87 @@ -#include "sha256.hpp" -#include -#include "barretenberg/ecc/curves/bn254/fr.hpp" -#include "barretenberg/plonk/composer/ultra_composer.hpp" -#include "barretenberg/stdlib/types/types.hpp" +// #include "sha256.hpp" +// #include +// #include "barretenberg/ecc/curves/bn254/fr.hpp" +// #include "barretenberg/plonk/composer/ultra_composer.hpp" +// #include "barretenberg/stdlib/types/types.hpp" -using namespace benchmark; -using namespace proof_system::plonk::stdlib::types; +// using namespace benchmark; +// using namespace proof_system::plonk::stdlib::types; -constexpr size_t NUM_HASHES = 8; -constexpr size_t BYTES_PER_CHUNK = 512; -constexpr size_t START_BYTES = BYTES_PER_CHUNK - 9; -constexpr size_t MAX_BYTES = START_BYTES + (BYTES_PER_CHUNK * (NUM_HASHES - 1)); +// constexpr size_t NUM_HASHES = 8; +// constexpr size_t BYTES_PER_CHUNK = 512; +// constexpr size_t START_BYTES = BYTES_PER_CHUNK - 9; +// constexpr size_t MAX_BYTES = START_BYTES + (BYTES_PER_CHUNK * (NUM_HASHES - 1)); -char get_random_char() -{ - return static_cast(barretenberg::fr::random_element().data[0] % 8); -} +// char get_random_char() +// { +// return static_cast(barretenberg::fr::random_element().data[0] % 8); +// } -void generate_test_plonk_circuit(Composer& composer, size_t num_bytes) -{ - std::string in; - in.resize(num_bytes); - for (size_t i = 0; i < num_bytes; ++i) { - in[i] = get_random_char(); - } - packed_byte_array_ct input(&composer, in); - plonk::stdlib::sha256(input); -} +// void generate_test_plonk_circuit(Composer& composer, size_t num_bytes) +// { +// std::string in; +// in.resize(num_bytes); +// for (size_t i = 0; i < num_bytes; ++i) { +// in[i] = get_random_char(); +// } +// packed_byte_array_ct input(&composer, in); +// plonk::stdlib::sha256(input); +// } -stdlib::types::Composer composers[NUM_HASHES]; -stdlib::types::Prover provers[NUM_HASHES]; -stdlib::types::Verifier verifiers[NUM_HASHES]; -plonk::proof proofs[NUM_HASHES]; +// stdlib::types::Composer composers[NUM_HASHES]; +// stdlib::types::Prover provers[NUM_HASHES]; +// stdlib::types::Verifier verifiers[NUM_HASHES]; +// plonk::proof proofs[NUM_HASHES]; -void construct_witnesses_bench(State& state) noexcept -{ - for (auto _ : state) { - size_t idx = (static_cast((state.range(0))) - START_BYTES) / BYTES_PER_CHUNK; - composers[idx] = Composer(); - generate_test_plonk_circuit(composers[idx], static_cast(state.range(0))); - } -} -BENCHMARK(construct_witnesses_bench)->DenseRange(START_BYTES, MAX_BYTES, BYTES_PER_CHUNK); +// void construct_witnesses_bench(State& state) noexcept +// { +// for (auto _ : state) { +// size_t idx = (static_cast((state.range(0))) - START_BYTES) / BYTES_PER_CHUNK; +// composers[idx] = Composer(); +// generate_test_plonk_circuit(composers[idx], static_cast(state.range(0))); +// } +// } +// BENCHMARK(construct_witnesses_bench)->DenseRange(START_BYTES, MAX_BYTES, BYTES_PER_CHUNK); -void preprocess_witnesses_bench(State& state) noexcept -{ - for (auto _ : state) { - size_t idx = (static_cast((state.range(0))) - START_BYTES) / BYTES_PER_CHUNK; - provers[idx] = composers[idx].create_ultra_with_keccak_prover(); - std::cout << "prover subgroup size = " << provers[idx].key->small_domain.size << std::endl; - // printf("num bytes = %" PRIx64 ", num gates = %zu\n", state.range(0), composers[idx].get_num_gates()); - } -} -BENCHMARK(preprocess_witnesses_bench)->DenseRange(START_BYTES, MAX_BYTES, BYTES_PER_CHUNK); +// void preprocess_witnesses_bench(State& state) noexcept +// { +// for (auto _ : state) { +// size_t idx = (static_cast((state.range(0))) - START_BYTES) / BYTES_PER_CHUNK; +// provers[idx] = composers[idx].create_ultra_with_keccak_prover(); +// std::cout << "prover subgroup size = " << provers[idx].key->small_domain.size << std::endl; +// // printf("num bytes = %" PRIx64 ", num gates = %zu\n", state.range(0), composers[idx].get_num_gates()); +// } +// } +// BENCHMARK(preprocess_witnesses_bench)->DenseRange(START_BYTES, MAX_BYTES, BYTES_PER_CHUNK); -void construct_instances_bench(State& state) noexcept -{ - for (auto _ : state) { - size_t idx = (static_cast((state.range(0))) - START_BYTES) / BYTES_PER_CHUNK; - verifiers[idx] = composers[idx].create_ultra_with_keccak_verifier(); - } -} -BENCHMARK(construct_instances_bench)->DenseRange(START_BYTES, MAX_BYTES, BYTES_PER_CHUNK); +// void construct_instances_bench(State& state) noexcept +// { +// for (auto _ : state) { +// size_t idx = (static_cast((state.range(0))) - START_BYTES) / BYTES_PER_CHUNK; +// verifiers[idx] = composers[idx].create_ultra_with_keccak_verifier(); +// } +// } +// BENCHMARK(construct_instances_bench)->DenseRange(START_BYTES, MAX_BYTES, BYTES_PER_CHUNK); -void construct_proofs_bench(State& state) noexcept -{ - for (auto _ : state) { - size_t idx = (static_cast((state.range(0))) - START_BYTES) / BYTES_PER_CHUNK; - proofs[idx] = provers[idx].construct_proof(); - state.PauseTiming(); - provers[idx].reset(); - state.ResumeTiming(); - } -} -BENCHMARK(construct_proofs_bench)->DenseRange(START_BYTES, MAX_BYTES, BYTES_PER_CHUNK); +// void construct_proofs_bench(State& state) noexcept +// { +// for (auto _ : state) { +// size_t idx = (static_cast((state.range(0))) - START_BYTES) / BYTES_PER_CHUNK; +// proofs[idx] = provers[idx].construct_proof(); +// state.PauseTiming(); +// provers[idx].reset(); +// state.ResumeTiming(); +// } +// } +// BENCHMARK(construct_proofs_bench)->DenseRange(START_BYTES, MAX_BYTES, BYTES_PER_CHUNK); -void verify_proofs_bench(State& state) noexcept -{ - for (auto _ : state) { - size_t idx = (static_cast((state.range(0))) - START_BYTES) / BYTES_PER_CHUNK; - verifiers[idx].verify_proof(proofs[idx]); - } -} -BENCHMARK(verify_proofs_bench)->DenseRange(START_BYTES, MAX_BYTES, BYTES_PER_CHUNK); +// void verify_proofs_bench(State& state) noexcept +// { +// for (auto _ : state) { +// size_t idx = (static_cast((state.range(0))) - START_BYTES) / BYTES_PER_CHUNK; +// verifiers[idx].verify_proof(proofs[idx]); +// } +// } +// BENCHMARK(verify_proofs_bench)->DenseRange(START_BYTES, MAX_BYTES, BYTES_PER_CHUNK); -BENCHMARK_MAIN(); +// BENCHMARK_MAIN(); diff --git a/cpp/src/barretenberg/stdlib/hash/sha256/sha256.test.cpp b/cpp/src/barretenberg/stdlib/hash/sha256/sha256.test.cpp index 4ac0307275..c53df602d2 100644 --- a/cpp/src/barretenberg/stdlib/hash/sha256/sha256.test.cpp +++ b/cpp/src/barretenberg/stdlib/hash/sha256/sha256.test.cpp @@ -1,501 +1,501 @@ -#include "sha256.hpp" -#include "barretenberg/common/test.hpp" -#include "barretenberg/crypto/sha256/sha256.hpp" -#include "barretenberg/plonk/composer/standard_composer.hpp" -#include "barretenberg/plonk/composer/plookup_tables/plookup_tables.hpp" -#include "barretenberg/stdlib/types/types.hpp" - -#include "barretenberg/numeric/random/engine.hpp" -#include "barretenberg/numeric/bitop/rotate.hpp" -#include "barretenberg/numeric/bitop/sparse_form.hpp" - -namespace { -auto& engine = numeric::random::get_debug_engine(); -} - -namespace test_stdlib_sha256 { - -using namespace barretenberg; -using namespace proof_system::plonk; -using namespace proof_system::plonk::stdlib::types; - -constexpr uint64_t ror(uint64_t val, uint64_t shift) -{ - return (val >> (shift & 31U)) | (val << (32U - (shift & 31U))); -} - -std::array extend_witness(std::array& in) -{ - std::array w; - - for (size_t i = 0; i < 16; ++i) { - w[i] = in[i]; - } - - for (size_t i = 16; i < 64; ++i) { - uint64_t left = w[i - 15]; - uint64_t right = w[i - 2]; - - uint64_t left_rot7 = numeric::rotate32((uint32_t)left, 7); - uint64_t left_rot18 = numeric::rotate32((uint32_t)left, 18); - uint64_t left_sh3 = left >> 3; - - uint64_t right_rot17 = numeric::rotate32((uint32_t)right, 17); - uint64_t right_rot19 = numeric::rotate32((uint32_t)right, 19); - uint64_t right_sh10 = right >> 10; - - uint64_t s0 = left_rot7 ^ left_rot18 ^ left_sh3; - uint64_t s1 = right_rot17 ^ right_rot19 ^ right_sh10; - - w[i] = w[i - 16] + w[i - 7] + s0 + s1; - } - return w; -} -std::array inner_block(std::array& w) -{ - constexpr uint32_t init_constants[8]{ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, - 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 }; - - constexpr uint32_t round_constants[64]{ - 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, - 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, - 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, - 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, - 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, - 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, - 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, - 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 - }; - uint32_t a = init_constants[0]; - uint32_t b = init_constants[1]; - uint32_t c = init_constants[2]; - uint32_t d = init_constants[3]; - uint32_t e = init_constants[4]; - uint32_t f = init_constants[5]; - uint32_t g = init_constants[6]; - uint32_t h = init_constants[7]; - for (size_t i = 0; i < 64; ++i) { - uint32_t S1 = numeric::rotate32((uint32_t)e, 6U) ^ numeric::rotate32((uint32_t)e, 11U) ^ - numeric::rotate32((uint32_t)e, 25U); - uint32_t ch = (e & f) ^ (~e & g); // === (e & f) ^ (~e & g), `+` op is cheaper - uint32_t temp1 = h + S1 + ch + round_constants[i] + (uint32_t)w[i]; - uint32_t S0 = numeric::rotate32((uint32_t)a, 2U) ^ numeric::rotate32((uint32_t)a, 13U) ^ - numeric::rotate32((uint32_t)a, 22U); - uint32_t maj = (a & b) ^ (a & c) ^ (b & c); // (a & (b + c - (T0 * 2))) + T0; // === (a & b) ^ (a & c) ^ (b & c) - uint32_t temp2 = S0 + maj; - - h = g; - g = f; - f = e; - e = d + temp1; - d = c; - c = b; - b = a; - a = temp1 + temp2; - } - - /** - * Add into previous block output and return - **/ - std::array output; - output[0] = (uint32_t)(a + init_constants[0]); - output[1] = (uint32_t)(b + init_constants[1]); - output[2] = (uint32_t)(c + init_constants[2]); - output[3] = (uint32_t)(d + init_constants[3]); - output[4] = (uint32_t)(e + init_constants[4]); - output[5] = (uint32_t)(f + init_constants[5]); - output[6] = (uint32_t)(g + init_constants[6]); - output[7] = (uint32_t)(h + init_constants[7]); - return output; -} - -TEST(stdlib_sha256, test_duplicate_proving_key) -{ - - plonk::StandardComposer first_composer = StandardComposer(); - stdlib::packed_byte_array input(&first_composer, "An 8 character password? Snow White and the 7 Dwarves.."); - plonk::stdlib::sha256(input); - auto prover = first_composer.create_prover(); - auto verifier = first_composer.create_verifier(); - plonk::proof proof_one = prover.construct_proof(); - bool proof_result_one = verifier.verify_proof(proof_one); - EXPECT_EQ(proof_result_one, true); - auto proving_key = prover.key; - auto verification_key = verifier.key; - auto circuit_size = prover.circuit_size; - - // Test a second time with same keys and different input. - plonk::StandardComposer second_composer = StandardComposer(proving_key, verification_key, circuit_size); - stdlib::packed_byte_array input2(&second_composer, "An 8 character password? Snow White and the 9 Dwarves.."); - plonk::stdlib::sha256(input2); - auto second_prover = second_composer.create_prover(); - auto second_verifier = second_composer.create_verifier(); - plonk::proof proof_two = second_prover.construct_proof(); - bool proof_result_two = second_verifier.verify_proof(proof_two); - EXPECT_EQ(proof_result_two, true); -} - -// TEST(stdlib_sha256_plookup, test_round) +// #include "sha256.hpp" +// #include "barretenberg/common/test.hpp" +// #include "barretenberg/crypto/sha256/sha256.hpp" +// #include "barretenberg/plonk/composer/standard_composer.hpp" +// #include "barretenberg/plonk/composer/plookup_tables/plookup_tables.hpp" +// #include "barretenberg/stdlib/types/types.hpp" + +// #include "barretenberg/numeric/random/engine.hpp" +// #include "barretenberg/numeric/bitop/rotate.hpp" +// #include "barretenberg/numeric/bitop/sparse_form.hpp" + +// namespace { +// auto& engine = numeric::random::get_debug_engine(); +// } + +// namespace test_stdlib_sha256 { + +// using namespace barretenberg; +// using namespace proof_system::plonk; +// using namespace proof_system::plonk::stdlib::types; + +// constexpr uint64_t ror(uint64_t val, uint64_t shift) // { +// return (val >> (shift & 31U)) | (val << (32U - (shift & 31U))); +// } -// plonk::UltraComposer composer = UltraComposer(); +// std::array extend_witness(std::array& in) +// { +// std::array w; + +// for (size_t i = 0; i < 16; ++i) { +// w[i] = in[i]; +// } + +// for (size_t i = 16; i < 64; ++i) { +// uint64_t left = w[i - 15]; +// uint64_t right = w[i - 2]; + +// uint64_t left_rot7 = numeric::rotate32((uint32_t)left, 7); +// uint64_t left_rot18 = numeric::rotate32((uint32_t)left, 18); +// uint64_t left_sh3 = left >> 3; + +// uint64_t right_rot17 = numeric::rotate32((uint32_t)right, 17); +// uint64_t right_rot19 = numeric::rotate32((uint32_t)right, 19); +// uint64_t right_sh10 = right >> 10; -// std::array w_inputs; -// std::array, 64> w_elements; +// uint64_t s0 = left_rot7 ^ left_rot18 ^ left_sh3; +// uint64_t s1 = right_rot17 ^ right_rot19 ^ right_sh10; +// w[i] = w[i - 16] + w[i - 7] + s0 + s1; +// } +// return w; +// } +// std::array inner_block(std::array& w) +// { +// constexpr uint32_t init_constants[8]{ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, +// 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 }; + +// constexpr uint32_t round_constants[64]{ +// 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, +// 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, +// 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, +// 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, +// 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, +// 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, +// 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, +// 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 +// }; +// uint32_t a = init_constants[0]; +// uint32_t b = init_constants[1]; +// uint32_t c = init_constants[2]; +// uint32_t d = init_constants[3]; +// uint32_t e = init_constants[4]; +// uint32_t f = init_constants[5]; +// uint32_t g = init_constants[6]; +// uint32_t h = init_constants[7]; // for (size_t i = 0; i < 64; ++i) { -// w_inputs[i] = engine.get_random_uint32(); -// w_elements[i] = stdlib::witness_t(&composer, -// barretenberg::fr(w_inputs[i])); +// uint32_t S1 = numeric::rotate32((uint32_t)e, 6U) ^ numeric::rotate32((uint32_t)e, 11U) ^ +// numeric::rotate32((uint32_t)e, 25U); +// uint32_t ch = (e & f) ^ (~e & g); // === (e & f) ^ (~e & g), `+` op is cheaper +// uint32_t temp1 = h + S1 + ch + round_constants[i] + (uint32_t)w[i]; +// uint32_t S0 = numeric::rotate32((uint32_t)a, 2U) ^ numeric::rotate32((uint32_t)a, 13U) ^ +// numeric::rotate32((uint32_t)a, 22U); +// uint32_t maj = (a & b) ^ (a & c) ^ (b & c); // (a & (b + c - (T0 * 2))) + T0; // === (a & b) ^ (a & c) ^ (b & +// c) uint32_t temp2 = S0 + maj; + +// h = g; +// g = f; +// f = e; +// e = d + temp1; +// d = c; +// c = b; +// b = a; +// a = temp1 + temp2; // } -// const auto expected = inner_block(w_inputs); +// /** +// * Add into previous block output and return +// **/ +// std::array output; +// output[0] = (uint32_t)(a + init_constants[0]); +// output[1] = (uint32_t)(b + init_constants[1]); +// output[2] = (uint32_t)(c + init_constants[2]); +// output[3] = (uint32_t)(d + init_constants[3]); +// output[4] = (uint32_t)(e + init_constants[4]); +// output[5] = (uint32_t)(f + init_constants[5]); +// output[6] = (uint32_t)(g + init_constants[6]); +// output[7] = (uint32_t)(h + init_constants[7]); +// return output; +// } -// const std::array, 8> result = -// plonk::stdlib::sha256_inner_block(w_elements); -// for (size_t i = 0; i < 8; ++i) { -// EXPECT_EQ(uint256_t(result[i].get_value()).data[0] & 0xffffffffUL, -// uint256_t(expected[i]).data[0] & 0xffffffffUL); -// } +// TEST(stdlib_sha256, test_duplicate_proving_key) +// { + +// plonk::StandardComposer first_composer = StandardComposer(); +// stdlib::packed_byte_array input(&first_composer, "An 8 character password? Snow White and the 7 Dwarves.."); +// plonk::stdlib::sha256(input); +// auto prover = first_composer.create_prover(); +// auto verifier = first_composer.create_verifier(); +// plonk::proof proof_one = prover.construct_proof(); +// bool proof_result_one = verifier.verify_proof(proof_one); +// EXPECT_EQ(proof_result_one, true); +// auto proving_key = prover.key; +// auto verification_key = verifier.key; +// auto circuit_size = prover.circuit_size; + +// // Test a second time with same keys and different input. +// plonk::StandardComposer second_composer = StandardComposer(proving_key, verification_key, circuit_size); +// stdlib::packed_byte_array input2(&second_composer, "An 8 character password? Snow White and the 9 Dwarves.."); +// plonk::stdlib::sha256(input2); +// auto second_prover = second_composer.create_prover(); +// auto second_verifier = second_composer.create_verifier(); +// plonk::proof proof_two = second_prover.construct_proof(); +// bool proof_result_two = second_verifier.verify_proof(proof_two); +// EXPECT_EQ(proof_result_two, true); +// } + +// // TEST(stdlib_sha256_plookup, test_round) +// // { + +// // plonk::UltraComposer composer = UltraComposer(); + +// // std::array w_inputs; +// // std::array, 64> w_elements; + +// // for (size_t i = 0; i < 64; ++i) { +// // w_inputs[i] = engine.get_random_uint32(); +// // w_elements[i] = stdlib::witness_t(&composer, +// // barretenberg::fr(w_inputs[i])); +// // } + +// // const auto expected = inner_block(w_inputs); + +// // const std::array, 8> result = +// // plonk::stdlib::sha256_inner_block(w_elements); +// // for (size_t i = 0; i < 8; ++i) { +// // EXPECT_EQ(uint256_t(result[i].get_value()).data[0] & 0xffffffffUL, +// // uint256_t(expected[i]).data[0] & 0xffffffffUL); +// // } +// // printf("composer gates = %zu\n", composer.get_num_gates()); + +// // auto prover = composer.create_prover(); + +// // auto verifier = composer.create_verifier(); +// // plonk::proof proof = prover.construct_proof(); +// // bool proof_result = verifier.verify_proof(proof); +// // EXPECT_EQ(proof_result, true); +// // } + +// TEST(stdlib_sha256, test_plookup_55_bytes) +// { +// typedef stdlib::field_t field_pt; +// typedef stdlib::packed_byte_array packed_byte_array_pt; + +// // 55 bytes is the largest number of bytes that can be hashed in a single block, +// // accounting for the single padding bit, and the 64 size bits required by the SHA-256 standard. +// plonk::UltraComposer composer = UltraComposer(); +// packed_byte_array_pt input(&composer, "An 8 character password? Snow White and the 7 Dwarves.."); + +// packed_byte_array_pt output_bits = stdlib::sha256(input); + +// std::vector output = output_bits.to_unverified_byte_slices(4); + +// EXPECT_EQ(uint256_t(output[0].get_value()), 0x51b2529fU); +// EXPECT_EQ(uint256_t(output[1].get_value()), 0x872e839aU); +// EXPECT_EQ(uint256_t(output[2].get_value()), 0xb686c3c2U); +// EXPECT_EQ(uint256_t(output[3].get_value()), 0x483c872eU); +// EXPECT_EQ(uint256_t(output[4].get_value()), 0x975bd672U); +// EXPECT_EQ(uint256_t(output[5].get_value()), 0xbde22ab0U); +// EXPECT_EQ(uint256_t(output[6].get_value()), 0x54a8fac7U); +// EXPECT_EQ(uint256_t(output[7].get_value()), 0x93791fc7U); +// printf("composer gates = %zu\n", composer.get_num_gates()); + +// auto prover = composer.create_prover(); + +// auto verifier = composer.create_verifier(); +// printf("constructing proof \n"); +// plonk::proof proof = prover.construct_proof(); +// printf("constructed proof \n"); +// bool proof_result = verifier.verify_proof(proof); +// EXPECT_EQ(proof_result, true); +// } + +// TEST(stdlib_sha256, test_55_bytes) +// { +// // 55 bytes is the largest number of bytes that can be hashed in a single block, +// // accounting for the single padding bit, and the 64 size bits required by the SHA-256 standard. +// Composer composer = Composer(); +// packed_byte_array_ct input(&composer, "An 8 character password? Snow White and the 7 Dwarves.."); + +// packed_byte_array_ct output_bits = stdlib::sha256(input); + +// std::vector output = output_bits.to_unverified_byte_slices(4); + +// EXPECT_EQ(output[0].get_value(), fr(0x51b2529fULL)); +// EXPECT_EQ(output[1].get_value(), fr(0x872e839aULL)); +// EXPECT_EQ(output[2].get_value(), fr(0xb686c3c2ULL)); +// EXPECT_EQ(output[3].get_value(), fr(0x483c872eULL)); +// EXPECT_EQ(output[4].get_value(), fr(0x975bd672ULL)); +// EXPECT_EQ(output[5].get_value(), fr(0xbde22ab0ULL)); +// EXPECT_EQ(output[6].get_value(), fr(0x54a8fac7ULL)); +// EXPECT_EQ(output[7].get_value(), fr(0x93791fc7ULL)); +// printf("composer gates = %zu\n", composer.get_num_gates()); + +// auto prover = composer.create_ultra_with_keccak_prover(); + +// auto verifier = composer.create_ultra_with_keccak_verifier(); +// printf("constructing proof \n"); +// plonk::proof proof = prover.construct_proof(); +// printf("constructed proof \n"); +// bool proof_result = verifier.verify_proof(proof); +// EXPECT_EQ(proof_result, true); +// } + +// TEST(stdlib_sha256, test_NIST_vector_one_packed_byte_array) +// { +// typedef stdlib::field_t field_pt; +// typedef stdlib::packed_byte_array packed_byte_array_pt; + +// plonk::UltraComposer composer = UltraComposer(); + +// packed_byte_array_pt input(&composer, "abc"); +// packed_byte_array_pt output_bytes = stdlib::sha256(input); +// std::vector output = output_bytes.to_unverified_byte_slices(4); +// EXPECT_EQ(uint256_t(output[0].get_value()).data[0], (uint64_t)0xBA7816BFU); +// EXPECT_EQ(uint256_t(output[1].get_value()).data[0], (uint64_t)0x8F01CFEAU); +// EXPECT_EQ(uint256_t(output[2].get_value()).data[0], (uint64_t)0x414140DEU); +// EXPECT_EQ(uint256_t(output[3].get_value()).data[0], (uint64_t)0x5DAE2223U); +// EXPECT_EQ(uint256_t(output[4].get_value()).data[0], (uint64_t)0xB00361A3U); +// EXPECT_EQ(uint256_t(output[5].get_value()).data[0], (uint64_t)0x96177A9CU); +// EXPECT_EQ(uint256_t(output[6].get_value()).data[0], (uint64_t)0xB410FF61U); +// EXPECT_EQ(uint256_t(output[7].get_value()).data[0], (uint64_t)0xF20015ADU); +// printf("composer gates = %zu\n", composer.get_num_gates()); + +// auto prover = composer.create_ultra_with_keccak_prover(); + +// auto verifier = composer.create_ultra_with_keccak_verifier(); +// printf("constructing proof \n"); +// plonk::proof proof = prover.construct_proof(); +// printf("constructed proof \n"); + +// bool proof_result = verifier.verify_proof(proof); +// EXPECT_EQ(proof_result, true); +// } + +// TEST(stdlib_sha256, test_NIST_vector_one) +// { +// typedef stdlib::field_t field_pt; +// typedef stdlib::packed_byte_array packed_byte_array_pt; + +// plonk::UltraComposer composer = UltraComposer(); + +// packed_byte_array_pt input(&composer, "abc"); + +// packed_byte_array_pt output_bits = stdlib::sha256(input); + +// std::vector output = output_bits.to_unverified_byte_slices(4); + +// EXPECT_EQ(output[0].get_value(), fr(0xBA7816BFULL)); +// EXPECT_EQ(output[1].get_value(), fr(0x8F01CFEAULL)); +// EXPECT_EQ(output[2].get_value(), fr(0x414140DEULL)); +// EXPECT_EQ(output[3].get_value(), fr(0x5DAE2223ULL)); +// EXPECT_EQ(output[4].get_value(), fr(0xB00361A3ULL)); +// EXPECT_EQ(output[5].get_value(), fr(0x96177A9CULL)); +// EXPECT_EQ(output[6].get_value(), fr(0xB410FF61ULL)); +// EXPECT_EQ(output[7].get_value(), fr(0xF20015ADULL)); // printf("composer gates = %zu\n", composer.get_num_gates()); // auto prover = composer.create_prover(); // auto verifier = composer.create_verifier(); +// printf("constructing proof \n"); // plonk::proof proof = prover.construct_proof(); +// printf("constructed proof \n"); + // bool proof_result = verifier.verify_proof(proof); // EXPECT_EQ(proof_result, true); // } -TEST(stdlib_sha256, test_plookup_55_bytes) -{ - typedef stdlib::field_t field_pt; - typedef stdlib::packed_byte_array packed_byte_array_pt; - - // 55 bytes is the largest number of bytes that can be hashed in a single block, - // accounting for the single padding bit, and the 64 size bits required by the SHA-256 standard. - plonk::UltraComposer composer = UltraComposer(); - packed_byte_array_pt input(&composer, "An 8 character password? Snow White and the 7 Dwarves.."); - - packed_byte_array_pt output_bits = stdlib::sha256(input); - - std::vector output = output_bits.to_unverified_byte_slices(4); - - EXPECT_EQ(uint256_t(output[0].get_value()), 0x51b2529fU); - EXPECT_EQ(uint256_t(output[1].get_value()), 0x872e839aU); - EXPECT_EQ(uint256_t(output[2].get_value()), 0xb686c3c2U); - EXPECT_EQ(uint256_t(output[3].get_value()), 0x483c872eU); - EXPECT_EQ(uint256_t(output[4].get_value()), 0x975bd672U); - EXPECT_EQ(uint256_t(output[5].get_value()), 0xbde22ab0U); - EXPECT_EQ(uint256_t(output[6].get_value()), 0x54a8fac7U); - EXPECT_EQ(uint256_t(output[7].get_value()), 0x93791fc7U); - printf("composer gates = %zu\n", composer.get_num_gates()); - - auto prover = composer.create_prover(); - - auto verifier = composer.create_verifier(); - printf("constructing proof \n"); - plonk::proof proof = prover.construct_proof(); - printf("constructed proof \n"); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} - -TEST(stdlib_sha256, test_55_bytes) -{ - // 55 bytes is the largest number of bytes that can be hashed in a single block, - // accounting for the single padding bit, and the 64 size bits required by the SHA-256 standard. - Composer composer = Composer(); - packed_byte_array_ct input(&composer, "An 8 character password? Snow White and the 7 Dwarves.."); - - packed_byte_array_ct output_bits = stdlib::sha256(input); - - std::vector output = output_bits.to_unverified_byte_slices(4); - - EXPECT_EQ(output[0].get_value(), fr(0x51b2529fULL)); - EXPECT_EQ(output[1].get_value(), fr(0x872e839aULL)); - EXPECT_EQ(output[2].get_value(), fr(0xb686c3c2ULL)); - EXPECT_EQ(output[3].get_value(), fr(0x483c872eULL)); - EXPECT_EQ(output[4].get_value(), fr(0x975bd672ULL)); - EXPECT_EQ(output[5].get_value(), fr(0xbde22ab0ULL)); - EXPECT_EQ(output[6].get_value(), fr(0x54a8fac7ULL)); - EXPECT_EQ(output[7].get_value(), fr(0x93791fc7ULL)); - printf("composer gates = %zu\n", composer.get_num_gates()); - - auto prover = composer.create_ultra_with_keccak_prover(); - - auto verifier = composer.create_ultra_with_keccak_verifier(); - printf("constructing proof \n"); - plonk::proof proof = prover.construct_proof(); - printf("constructed proof \n"); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} - -TEST(stdlib_sha256, test_NIST_vector_one_packed_byte_array) -{ - typedef stdlib::field_t field_pt; - typedef stdlib::packed_byte_array packed_byte_array_pt; - - plonk::UltraComposer composer = UltraComposer(); - - packed_byte_array_pt input(&composer, "abc"); - packed_byte_array_pt output_bytes = stdlib::sha256(input); - std::vector output = output_bytes.to_unverified_byte_slices(4); - EXPECT_EQ(uint256_t(output[0].get_value()).data[0], (uint64_t)0xBA7816BFU); - EXPECT_EQ(uint256_t(output[1].get_value()).data[0], (uint64_t)0x8F01CFEAU); - EXPECT_EQ(uint256_t(output[2].get_value()).data[0], (uint64_t)0x414140DEU); - EXPECT_EQ(uint256_t(output[3].get_value()).data[0], (uint64_t)0x5DAE2223U); - EXPECT_EQ(uint256_t(output[4].get_value()).data[0], (uint64_t)0xB00361A3U); - EXPECT_EQ(uint256_t(output[5].get_value()).data[0], (uint64_t)0x96177A9CU); - EXPECT_EQ(uint256_t(output[6].get_value()).data[0], (uint64_t)0xB410FF61U); - EXPECT_EQ(uint256_t(output[7].get_value()).data[0], (uint64_t)0xF20015ADU); - printf("composer gates = %zu\n", composer.get_num_gates()); - - auto prover = composer.create_ultra_with_keccak_prover(); - - auto verifier = composer.create_ultra_with_keccak_verifier(); - printf("constructing proof \n"); - plonk::proof proof = prover.construct_proof(); - printf("constructed proof \n"); - - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} - -TEST(stdlib_sha256, test_NIST_vector_one) -{ - typedef stdlib::field_t field_pt; - typedef stdlib::packed_byte_array packed_byte_array_pt; - - plonk::UltraComposer composer = UltraComposer(); - - packed_byte_array_pt input(&composer, "abc"); - - packed_byte_array_pt output_bits = stdlib::sha256(input); - - std::vector output = output_bits.to_unverified_byte_slices(4); - - EXPECT_EQ(output[0].get_value(), fr(0xBA7816BFULL)); - EXPECT_EQ(output[1].get_value(), fr(0x8F01CFEAULL)); - EXPECT_EQ(output[2].get_value(), fr(0x414140DEULL)); - EXPECT_EQ(output[3].get_value(), fr(0x5DAE2223ULL)); - EXPECT_EQ(output[4].get_value(), fr(0xB00361A3ULL)); - EXPECT_EQ(output[5].get_value(), fr(0x96177A9CULL)); - EXPECT_EQ(output[6].get_value(), fr(0xB410FF61ULL)); - EXPECT_EQ(output[7].get_value(), fr(0xF20015ADULL)); - printf("composer gates = %zu\n", composer.get_num_gates()); - - auto prover = composer.create_prover(); - - auto verifier = composer.create_verifier(); - printf("constructing proof \n"); - plonk::proof proof = prover.construct_proof(); - printf("constructed proof \n"); - - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} +// TEST(stdlib_sha256, test_NIST_vector_two) +// { +// Composer composer = Composer(); -TEST(stdlib_sha256, test_NIST_vector_two) -{ - Composer composer = Composer(); +// byte_array_ct input(&composer, "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"); - byte_array_ct input(&composer, "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"); - - byte_array_ct output_bits = stdlib::sha256(input); - - std::vector output = packed_byte_array_ct(output_bits).to_unverified_byte_slices(4); - - EXPECT_EQ(output[0].get_value(), 0x248D6A61ULL); - EXPECT_EQ(output[1].get_value(), 0xD20638B8ULL); - EXPECT_EQ(output[2].get_value(), 0xE5C02693ULL); - EXPECT_EQ(output[3].get_value(), 0x0C3E6039ULL); - EXPECT_EQ(output[4].get_value(), 0xA33CE459ULL); - EXPECT_EQ(output[5].get_value(), 0x64FF2167ULL); - EXPECT_EQ(output[6].get_value(), 0xF6ECEDD4ULL); - EXPECT_EQ(output[7].get_value(), 0x19DB06C1ULL); - printf("composer gates = %zu\n", composer.get_num_gates()); - - auto prover = composer.create_ultra_with_keccak_prover(); - - auto verifier = composer.create_ultra_with_keccak_verifier(); - printf("constructing proof \n"); - plonk::proof proof = prover.construct_proof(); - printf("constructed proof \n"); - - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} +// byte_array_ct output_bits = stdlib::sha256(input); -TEST(stdlib_sha256, test_NIST_vector_three) -{ - Composer composer = Composer(); +// std::vector output = packed_byte_array_ct(output_bits).to_unverified_byte_slices(4); - // one byte, 0xbd - byte_array_ct input(&composer, std::vector{ 0xbd }); +// EXPECT_EQ(output[0].get_value(), 0x248D6A61ULL); +// EXPECT_EQ(output[1].get_value(), 0xD20638B8ULL); +// EXPECT_EQ(output[2].get_value(), 0xE5C02693ULL); +// EXPECT_EQ(output[3].get_value(), 0x0C3E6039ULL); +// EXPECT_EQ(output[4].get_value(), 0xA33CE459ULL); +// EXPECT_EQ(output[5].get_value(), 0x64FF2167ULL); +// EXPECT_EQ(output[6].get_value(), 0xF6ECEDD4ULL); +// EXPECT_EQ(output[7].get_value(), 0x19DB06C1ULL); +// printf("composer gates = %zu\n", composer.get_num_gates()); - byte_array_ct output_bits = stdlib::sha256(input); +// auto prover = composer.create_ultra_with_keccak_prover(); - std::vector output = packed_byte_array_ct(output_bits).to_unverified_byte_slices(4); +// auto verifier = composer.create_ultra_with_keccak_verifier(); +// printf("constructing proof \n"); +// plonk::proof proof = prover.construct_proof(); +// printf("constructed proof \n"); - EXPECT_EQ(output[0].get_value(), 0x68325720ULL); - EXPECT_EQ(output[1].get_value(), 0xaabd7c82ULL); - EXPECT_EQ(output[2].get_value(), 0xf30f554bULL); - EXPECT_EQ(output[3].get_value(), 0x313d0570ULL); - EXPECT_EQ(output[4].get_value(), 0xc95accbbULL); - EXPECT_EQ(output[5].get_value(), 0x7dc4b5aaULL); - EXPECT_EQ(output[6].get_value(), 0xe11204c0ULL); - EXPECT_EQ(output[7].get_value(), 0x8ffe732bULL); - printf("composer gates = %zu\n", composer.get_num_gates()); +// bool proof_result = verifier.verify_proof(proof); +// EXPECT_EQ(proof_result, true); +// } - auto prover = composer.create_ultra_with_keccak_prover(); +// TEST(stdlib_sha256, test_NIST_vector_three) +// { +// Composer composer = Composer(); - auto verifier = composer.create_ultra_with_keccak_verifier(); +// // one byte, 0xbd +// byte_array_ct input(&composer, std::vector{ 0xbd }); - plonk::proof proof = prover.construct_proof(); +// byte_array_ct output_bits = stdlib::sha256(input); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} +// std::vector output = packed_byte_array_ct(output_bits).to_unverified_byte_slices(4); -TEST(stdlib_sha256, test_NIST_vector_four) -{ - Composer composer = Composer(); +// EXPECT_EQ(output[0].get_value(), 0x68325720ULL); +// EXPECT_EQ(output[1].get_value(), 0xaabd7c82ULL); +// EXPECT_EQ(output[2].get_value(), 0xf30f554bULL); +// EXPECT_EQ(output[3].get_value(), 0x313d0570ULL); +// EXPECT_EQ(output[4].get_value(), 0xc95accbbULL); +// EXPECT_EQ(output[5].get_value(), 0x7dc4b5aaULL); +// EXPECT_EQ(output[6].get_value(), 0xe11204c0ULL); +// EXPECT_EQ(output[7].get_value(), 0x8ffe732bULL); +// printf("composer gates = %zu\n", composer.get_num_gates()); - // 4 bytes, 0xc98c8e55 - byte_array_ct input(&composer, std::vector{ 0xc9, 0x8c, 0x8e, 0x55 }); +// auto prover = composer.create_ultra_with_keccak_prover(); - byte_array_ct output_bits = stdlib::sha256(input); +// auto verifier = composer.create_ultra_with_keccak_verifier(); - std::vector output = packed_byte_array_ct(output_bits).to_unverified_byte_slices(4); +// plonk::proof proof = prover.construct_proof(); - EXPECT_EQ(output[0].get_value(), 0x7abc22c0ULL); - EXPECT_EQ(output[1].get_value(), 0xae5af26cULL); - EXPECT_EQ(output[2].get_value(), 0xe93dbb94ULL); - EXPECT_EQ(output[3].get_value(), 0x433a0e0bULL); - EXPECT_EQ(output[4].get_value(), 0x2e119d01ULL); - EXPECT_EQ(output[5].get_value(), 0x4f8e7f65ULL); - EXPECT_EQ(output[6].get_value(), 0xbd56c61cULL); - EXPECT_EQ(output[7].get_value(), 0xcccd9504ULL); - - auto prover = composer.create_ultra_with_keccak_prover(); - - printf("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); - - plonk::proof proof = prover.construct_proof(); - - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} - -HEAVY_TEST(stdlib_sha256, test_NIST_vector_five) -{ - typedef stdlib::field_t field_pt; - typedef stdlib::packed_byte_array packed_byte_array_pt; +// bool proof_result = verifier.verify_proof(proof); +// EXPECT_EQ(proof_result, true); +// } - plonk::UltraComposer composer = UltraComposer(); +// TEST(stdlib_sha256, test_NIST_vector_four) +// { +// Composer composer = Composer(); - packed_byte_array_pt input( - &composer, - "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" - "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" - "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" - "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" - "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" - "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" - "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" - "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" - "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" - "AAAAAAAAAA"); - - packed_byte_array_pt output_bits = stdlib::sha256(input); - - std::vector output = output_bits.to_unverified_byte_slices(4); +// // 4 bytes, 0xc98c8e55 +// byte_array_ct input(&composer, std::vector{ 0xc9, 0x8c, 0x8e, 0x55 }); - EXPECT_EQ(output[0].get_value(), 0xc2e68682ULL); - EXPECT_EQ(output[1].get_value(), 0x3489ced2ULL); - EXPECT_EQ(output[2].get_value(), 0x017f6059ULL); - EXPECT_EQ(output[3].get_value(), 0xb8b23931ULL); - EXPECT_EQ(output[4].get_value(), 0x8b6364f6ULL); - EXPECT_EQ(output[5].get_value(), 0xdcd835d0ULL); - EXPECT_EQ(output[6].get_value(), 0xa519105aULL); - EXPECT_EQ(output[7].get_value(), 0x1eadd6e4ULL); +// byte_array_ct output_bits = stdlib::sha256(input); - auto prover = composer.create_prover(); +// std::vector output = packed_byte_array_ct(output_bits).to_unverified_byte_slices(4); - printf("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_verifier(); +// EXPECT_EQ(output[0].get_value(), 0x7abc22c0ULL); +// EXPECT_EQ(output[1].get_value(), 0xae5af26cULL); +// EXPECT_EQ(output[2].get_value(), 0xe93dbb94ULL); +// EXPECT_EQ(output[3].get_value(), 0x433a0e0bULL); +// EXPECT_EQ(output[4].get_value(), 0x2e119d01ULL); +// EXPECT_EQ(output[5].get_value(), 0x4f8e7f65ULL); +// EXPECT_EQ(output[6].get_value(), 0xbd56c61cULL); +// EXPECT_EQ(output[7].get_value(), 0xcccd9504ULL); - plonk::proof proof = prover.construct_proof(); +// auto prover = composer.create_ultra_with_keccak_prover(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} +// printf("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); -TEST(stdlib_sha256, test_input_len_multiple) -{ - Composer composer = Composer(); - - std::vector input_sizes = { 1, 7, 15, 16, 30, 32, 55, 64, 90, 128, 512, 700 }; - - for (auto& inp : input_sizes) { - auto input_buf = std::vector(inp, 1); - - byte_array_ct input(&composer, input_buf); - byte_array_ct output_bits = stdlib::sha256(input); +// plonk::proof proof = prover.construct_proof(); - auto circuit_output = output_bits.get_value(); +// bool proof_result = verifier.verify_proof(proof); +// EXPECT_EQ(proof_result, true); +// } + +// HEAVY_TEST(stdlib_sha256, test_NIST_vector_five) +// { +// typedef stdlib::field_t field_pt; +// typedef stdlib::packed_byte_array packed_byte_array_pt; + +// plonk::UltraComposer composer = UltraComposer(); + +// packed_byte_array_pt input( +// &composer, +// "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +// "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +// "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +// "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +// "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +// "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +// "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +// "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +// "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" +// "AAAAAAAAAA"); + +// packed_byte_array_pt output_bits = stdlib::sha256(input); + +// std::vector output = output_bits.to_unverified_byte_slices(4); + +// EXPECT_EQ(output[0].get_value(), 0xc2e68682ULL); +// EXPECT_EQ(output[1].get_value(), 0x3489ced2ULL); +// EXPECT_EQ(output[2].get_value(), 0x017f6059ULL); +// EXPECT_EQ(output[3].get_value(), 0xb8b23931ULL); +// EXPECT_EQ(output[4].get_value(), 0x8b6364f6ULL); +// EXPECT_EQ(output[5].get_value(), 0xdcd835d0ULL); +// EXPECT_EQ(output[6].get_value(), 0xa519105aULL); +// EXPECT_EQ(output[7].get_value(), 0x1eadd6e4ULL); + +// auto prover = composer.create_prover(); + +// printf("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_verifier(); + +// plonk::proof proof = prover.construct_proof(); + +// bool proof_result = verifier.verify_proof(proof); +// EXPECT_EQ(proof_result, true); +// } + +// TEST(stdlib_sha256, test_input_len_multiple) +// { +// Composer composer = Composer(); + +// std::vector input_sizes = { 1, 7, 15, 16, 30, 32, 55, 64, 90, 128, 512, 700 }; + +// for (auto& inp : input_sizes) { +// auto input_buf = std::vector(inp, 1); + +// byte_array_ct input(&composer, input_buf); +// byte_array_ct output_bits = stdlib::sha256(input); + +// auto circuit_output = output_bits.get_value(); - auto expected = sha256::sha256(input_buf); +// auto expected = sha256::sha256(input_buf); + +// EXPECT_EQ(circuit_output, expected); +// } +// } + +// TEST(stdlib_sha256, test_input_str_len_multiple) +// { +// Composer composer = Composer(); + +// std::vector input_strings = { +// "y", // 1 +// "rjvrbuh", // 7 +// "mrrozctemyvkntd", // 15 +// "wzazugetudtuezxa", // 16 +// "dbxldszbrgdmyvncpeifhnelmlulqo", // 30 +// "qdnsbdlamrivgzbktsyyijethtvuzzrk", // 32 +// "qhpqepdogwsiuyfwqgbqcikeywbgyjznoswitwddhytzkrkdjykvflg", // 55 +// "fmsityhwkevuctwwsosjyrznibbpfcawmkoatqaaojeahnldcnrwijqpwiuvdeyp", // 64 +// "utszdtjhsqjeakhczzusnntdrtxbljvhqdndaybosjgaufvnjxmnidcvvedgszbspaycosgwauyttmbdvqogakiktp", // 90 +// "enbgynwxnnymvqeqbojewmzwowfbpetrerntwtkgwnvtdopjssnddzxjnkqwicthufgpbwrmmhiwpyxlpskxgarmrtvketlvkmdvnsqgdftfhw" +// "dvgmlfjrqoviqrhuon", // 128 +// "nngsypjgwnazpjdxovbqnevgrqxwzuljdqqiahpgwvvmgjdzfwjsjwwxcadhluzqxezlrznuoiuobpmkhqibphwvfjicmpxkshiizlgpyloxyx" +// "fljwgwlazfidiylowazmguxxxjzimizxrzllescpactcpzeaeuyhjxgkmktkqslxripwwgragpvwknphwifojuqatlraacymbwfaohhhzstnil" +// "tqvukrienivisigkoefkqejdagylahffwvloqtqjkmtgxenxviqutsjjgffmolrwqbwgigyrhbpqsnyyzmvvyehcsyzxxskkyxiuqvagakutcu" +// "lqowtykszgnpmeebrksyaqezflhdbrgswpwnrknjnfhnfqfwquooxazubnccawwvldpihkhjkwmwceuvorfeuwvzjzzceywuimfzunordhixpo" +// "rqveoywjgdbnmgiywcwwcybhoqvhentbwxfvouauviyqbnphtfotgwtitxutdfxjforuyaau", // 512 +// "lbfeywyqvybssdvmorkyltmgxvjezwltijsqfnpaexqyzfppmnpsxlhqwdojjqsqlfybpxskexswevngctedgvhbdwszxqxqoqbhmshmpmdrpy" +// "akejsoevkfrtvgfzcvockujdynvxfaxsdavmwlpxfwftczoduqdfxrkksnqygdsarhaszezxndalitvvsziyeklymrytdkunnxpvwvkzldrrzw" +// "ccxghwdnufkxsvpumhhszzjpmwuxvfjxfccltjqlwkyleyoydzpqqfnkkuvdgbvuqqsnpexuoqupakvhvqfucbkzoyzehocvkzsngtwkyqklhk" +// "qdtszsbtyzxzdeipjsbmzrpqlkhlkqimoiiblhrrymyafvtdbrmbixuzwhvnkcroanyvxvbaaznpgoadhmltgcweqajbnnkzuxihlcqurjzkxb" +// "pxqjyvutmgqquavwpkdgkppctvybdikwvqxgifgfbgzywijqtcyvfqdsbbxsknqejhrwuhlnqjgdcpipxxwbguzgsjygbdgqczmqxcnzieoyok" +// "oraykfcqzctnjgjcdyhnxnuorvaxhsdbeosqhvqebccfxiefubecprupofnkkpafpmlzcqbcnojbelemuqlxoiqqwhtrddqqwurvgyretfvhuh" +// "fzkbvfywmrqpjqxdrvlrmvlbmmfeldmwvxmpohle" // 700 +// }; + +// for (auto& input_str : input_strings) { +// auto input_buf = std::vector(input_str.begin(), input_str.end()); + +// byte_array_ct input(&composer, input_buf); +// byte_array_ct output_bits = stdlib::sha256(input); + +// auto circuit_output = output_bits.get_value(); + +// auto expected = sha256::sha256(input_buf); + +// EXPECT_EQ(circuit_output, expected); +// } +// } - EXPECT_EQ(circuit_output, expected); - } -} - -TEST(stdlib_sha256, test_input_str_len_multiple) -{ - Composer composer = Composer(); - - std::vector input_strings = { - "y", // 1 - "rjvrbuh", // 7 - "mrrozctemyvkntd", // 15 - "wzazugetudtuezxa", // 16 - "dbxldszbrgdmyvncpeifhnelmlulqo", // 30 - "qdnsbdlamrivgzbktsyyijethtvuzzrk", // 32 - "qhpqepdogwsiuyfwqgbqcikeywbgyjznoswitwddhytzkrkdjykvflg", // 55 - "fmsityhwkevuctwwsosjyrznibbpfcawmkoatqaaojeahnldcnrwijqpwiuvdeyp", // 64 - "utszdtjhsqjeakhczzusnntdrtxbljvhqdndaybosjgaufvnjxmnidcvvedgszbspaycosgwauyttmbdvqogakiktp", // 90 - "enbgynwxnnymvqeqbojewmzwowfbpetrerntwtkgwnvtdopjssnddzxjnkqwicthufgpbwrmmhiwpyxlpskxgarmrtvketlvkmdvnsqgdftfhw" - "dvgmlfjrqoviqrhuon", // 128 - "nngsypjgwnazpjdxovbqnevgrqxwzuljdqqiahpgwvvmgjdzfwjsjwwxcadhluzqxezlrznuoiuobpmkhqibphwvfjicmpxkshiizlgpyloxyx" - "fljwgwlazfidiylowazmguxxxjzimizxrzllescpactcpzeaeuyhjxgkmktkqslxripwwgragpvwknphwifojuqatlraacymbwfaohhhzstnil" - "tqvukrienivisigkoefkqejdagylahffwvloqtqjkmtgxenxviqutsjjgffmolrwqbwgigyrhbpqsnyyzmvvyehcsyzxxskkyxiuqvagakutcu" - "lqowtykszgnpmeebrksyaqezflhdbrgswpwnrknjnfhnfqfwquooxazubnccawwvldpihkhjkwmwceuvorfeuwvzjzzceywuimfzunordhixpo" - "rqveoywjgdbnmgiywcwwcybhoqvhentbwxfvouauviyqbnphtfotgwtitxutdfxjforuyaau", // 512 - "lbfeywyqvybssdvmorkyltmgxvjezwltijsqfnpaexqyzfppmnpsxlhqwdojjqsqlfybpxskexswevngctedgvhbdwszxqxqoqbhmshmpmdrpy" - "akejsoevkfrtvgfzcvockujdynvxfaxsdavmwlpxfwftczoduqdfxrkksnqygdsarhaszezxndalitvvsziyeklymrytdkunnxpvwvkzldrrzw" - "ccxghwdnufkxsvpumhhszzjpmwuxvfjxfccltjqlwkyleyoydzpqqfnkkuvdgbvuqqsnpexuoqupakvhvqfucbkzoyzehocvkzsngtwkyqklhk" - "qdtszsbtyzxzdeipjsbmzrpqlkhlkqimoiiblhrrymyafvtdbrmbixuzwhvnkcroanyvxvbaaznpgoadhmltgcweqajbnnkzuxihlcqurjzkxb" - "pxqjyvutmgqquavwpkdgkppctvybdikwvqxgifgfbgzywijqtcyvfqdsbbxsknqejhrwuhlnqjgdcpipxxwbguzgsjygbdgqczmqxcnzieoyok" - "oraykfcqzctnjgjcdyhnxnuorvaxhsdbeosqhvqebccfxiefubecprupofnkkpafpmlzcqbcnojbelemuqlxoiqqwhtrddqqwurvgyretfvhuh" - "fzkbvfywmrqpjqxdrvlrmvlbmmfeldmwvxmpohle" // 700 - }; - - for (auto& input_str : input_strings) { - auto input_buf = std::vector(input_str.begin(), input_str.end()); - - byte_array_ct input(&composer, input_buf); - byte_array_ct output_bits = stdlib::sha256(input); - - auto circuit_output = output_bits.get_value(); - - auto expected = sha256::sha256(input_buf); - - EXPECT_EQ(circuit_output, expected); - } -} - -} // namespace test_stdlib_sha256 +// } // namespace test_stdlib_sha256 diff --git a/cpp/src/barretenberg/stdlib/merkle_tree/hash.hpp b/cpp/src/barretenberg/stdlib/merkle_tree/hash.hpp index 32e6fb2d8d..63b647d7eb 100644 --- a/cpp/src/barretenberg/stdlib/merkle_tree/hash.hpp +++ b/cpp/src/barretenberg/stdlib/merkle_tree/hash.hpp @@ -15,20 +15,12 @@ namespace merkle_tree { inline barretenberg::fr hash_pair_native(barretenberg::fr const& lhs, barretenberg::fr const& rhs) { - if (plonk::SYSTEM_COMPOSER == ComposerType::PLOOKUP) { - return crypto::pedersen_hash::lookup::hash_multiple({ lhs, rhs }); // uses lookup tables - } else { - return crypto::pedersen_hash::hash_multiple({ lhs, rhs }); // uses fixed-base multiplication gate - } + return crypto::pedersen_hash::lookup::hash_multiple({ lhs, rhs }); // uses lookup tables } inline barretenberg::fr hash_multiple_native(std::vector const& inputs) { - if (plonk::SYSTEM_COMPOSER == ComposerType::PLOOKUP) { - return crypto::pedersen_hash::lookup::hash_multiple(inputs); // uses lookup tables - } else { - return crypto::pedersen_hash::hash_multiple(inputs); // uses fixed-base multiplication gate - } + return crypto::pedersen_hash::lookup::hash_multiple(inputs); // uses lookup tables } /** @@ -46,11 +38,7 @@ inline barretenberg::fr compute_tree_root_native(std::vector c while (layer.size() > 1) { std::vector next_layer(layer.size() / 2); for (size_t i = 0; i < next_layer.size(); ++i) { - if (plonk::SYSTEM_COMPOSER == ComposerType::PLOOKUP) { - next_layer[i] = crypto::pedersen_hash::lookup::hash_multiple({ layer[i * 2], layer[i * 2 + 1] }); - } else { - next_layer[i] = crypto::pedersen_hash::hash_multiple({ layer[i * 2], layer[i * 2 + 1] }); - } + next_layer[i] = crypto::pedersen_hash::lookup::hash_multiple({ layer[i * 2], layer[i * 2 + 1] }); } layer = std::move(next_layer); } @@ -69,11 +57,7 @@ inline std::vector compute_tree_native(std::vector 1) { std::vector next_layer(layer.size() / 2); for (size_t i = 0; i < next_layer.size(); ++i) { - if (plonk::SYSTEM_COMPOSER == ComposerType::PLOOKUP) { - next_layer[i] = crypto::pedersen_hash::lookup::hash_multiple({ layer[i * 2], layer[i * 2 + 1] }); - } else { - next_layer[i] = crypto::pedersen_hash::hash_multiple({ layer[i * 2], layer[i * 2 + 1] }); - } + next_layer[i] = crypto::pedersen_hash::lookup::hash_multiple({ layer[i * 2], layer[i * 2 + 1] }); tree.push_back(next_layer[i]); } layer = std::move(next_layer); diff --git a/cpp/src/barretenberg/stdlib/merkle_tree/hash.test.cpp b/cpp/src/barretenberg/stdlib/merkle_tree/hash.test.cpp index da60dfa799..2e992fdbab 100644 --- a/cpp/src/barretenberg/stdlib/merkle_tree/hash.test.cpp +++ b/cpp/src/barretenberg/stdlib/merkle_tree/hash.test.cpp @@ -1,59 +1,59 @@ -#include "hash.hpp" -#include "memory_tree.hpp" -#include -#include "barretenberg/stdlib/hash/pedersen/pedersen.hpp" -#include "barretenberg/stdlib/merkle_tree/membership.hpp" -#include "barretenberg/stdlib/types/types.hpp" - -using namespace barretenberg; -using namespace proof_system::plonk::stdlib::types; - -TEST(stdlib_merkle_tree_hash, compress_native_vs_circuit) -{ - fr x = uint256_t(0x5ec473eb273a8011, 0x50160109385471ca, 0x2f3095267e02607d, 0x02586f4a39e69b86); - Composer composer = Composer(); - witness_ct y = witness_ct(&composer, x); - field_ct z = plonk::stdlib::pedersen_hash::hash_multiple({ y, y }); - auto zz = stdlib::merkle_tree::hash_pair_native(x, x); - - EXPECT_EQ(z.get_value(), zz); -} - -TEST(stdlib_merkle_tree_hash, compute_tree_root_native_vs_circuit) -{ - Composer composer = Composer(); - std::vector inputs; - std::vector inputs_ct; - for (size_t i = 0; i < 16; i++) { - auto input = fr::random_element(); - auto input_ct = witness_ct(&composer, input); - inputs.push_back(input); - inputs_ct.push_back(input_ct); - } - - field_ct z = plonk::stdlib::merkle_tree::compute_tree_root(inputs_ct); - auto zz = plonk::stdlib::merkle_tree::compute_tree_root_native(inputs); - - EXPECT_EQ(z.get_value(), zz); -} - -TEST(stdlib_merkle_tree_hash, compute_tree_native) -{ - constexpr size_t depth = 2; - stdlib::merkle_tree::MemoryTree mem_tree(depth); - - std::vector leaves; - for (size_t i = 0; i < (size_t(1) << depth); i++) { - auto input = fr::random_element(); - leaves.push_back(input); - mem_tree.update_element(i, input); - } - - std::vector tree_vector = plonk::stdlib::merkle_tree::compute_tree_native(leaves); - - // Check if the tree vector matches the memory tree hashes - for (size_t i = 0; i < tree_vector.size() - 1; i++) { - EXPECT_EQ(tree_vector[i], mem_tree.hashes_[i]); - } - EXPECT_EQ(tree_vector.back(), mem_tree.root()); -} +// #include "hash.hpp" +// #include "memory_tree.hpp" +// #include +// #include "barretenberg/stdlib/hash/pedersen/pedersen.hpp" +// #include "barretenberg/stdlib/merkle_tree/membership.hpp" +// #include "barretenberg/stdlib/types/types.hpp" + +// using namespace barretenberg; +// using namespace proof_system::plonk::stdlib::types; + +// TEST(stdlib_merkle_tree_hash, compress_native_vs_circuit) +// { +// fr x = uint256_t(0x5ec473eb273a8011, 0x50160109385471ca, 0x2f3095267e02607d, 0x02586f4a39e69b86); +// Composer composer = Composer(); +// witness_ct y = witness_ct(&composer, x); +// field_ct z = plonk::stdlib::pedersen_hash::hash_multiple({ y, y }); +// auto zz = stdlib::merkle_tree::hash_pair_native(x, x); + +// EXPECT_EQ(z.get_value(), zz); +// } + +// TEST(stdlib_merkle_tree_hash, compute_tree_root_native_vs_circuit) +// { +// Composer composer = Composer(); +// std::vector inputs; +// std::vector inputs_ct; +// for (size_t i = 0; i < 16; i++) { +// auto input = fr::random_element(); +// auto input_ct = witness_ct(&composer, input); +// inputs.push_back(input); +// inputs_ct.push_back(input_ct); +// } + +// field_ct z = plonk::stdlib::merkle_tree::compute_tree_root(inputs_ct); +// auto zz = plonk::stdlib::merkle_tree::compute_tree_root_native(inputs); + +// EXPECT_EQ(z.get_value(), zz); +// } + +// TEST(stdlib_merkle_tree_hash, compute_tree_native) +// { +// constexpr size_t depth = 2; +// stdlib::merkle_tree::MemoryTree mem_tree(depth); + +// std::vector leaves; +// for (size_t i = 0; i < (size_t(1) << depth); i++) { +// auto input = fr::random_element(); +// leaves.push_back(input); +// mem_tree.update_element(i, input); +// } + +// std::vector tree_vector = plonk::stdlib::merkle_tree::compute_tree_native(leaves); + +// // Check if the tree vector matches the memory tree hashes +// for (size_t i = 0; i < tree_vector.size() - 1; i++) { +// EXPECT_EQ(tree_vector[i], mem_tree.hashes_[i]); +// } +// EXPECT_EQ(tree_vector.back(), mem_tree.root()); +// } diff --git a/cpp/src/barretenberg/stdlib/merkle_tree/membership.test.cpp b/cpp/src/barretenberg/stdlib/merkle_tree/membership.test.cpp index 477e1406cf..270d846ba5 100644 --- a/cpp/src/barretenberg/stdlib/merkle_tree/membership.test.cpp +++ b/cpp/src/barretenberg/stdlib/merkle_tree/membership.test.cpp @@ -1,275 +1,275 @@ -#include "merkle_tree.hpp" -#include "membership.hpp" -#include "memory_store.hpp" -#include "memory_tree.hpp" -#include -#include "barretenberg/stdlib/types/types.hpp" - -using namespace barretenberg; -using namespace proof_system::plonk::stdlib::types; -using namespace proof_system::plonk::stdlib::merkle_tree; - -namespace { -auto& engine = numeric::random::get_debug_engine(); -} - -TEST(stdlib_merkle_tree, test_check_membership) -{ - MemoryStore store; - auto db = MerkleTree(store, 3); - Composer composer = Composer(); - - // Check membership at index 0. - auto zero = field_ct(witness_ct(&composer, fr::zero())).decompose_into_bits(); - field_ct root = witness_ct(&composer, db.root()); - bool_ct is_member = - check_membership(root, create_witness_hash_path(composer, db.get_hash_path(0)), field_ct(0), zero); - - // Check membership at index 7 after inserting 1. - db.update_element(7, 1); - auto seven = field_ct(witness_ct(&composer, fr(7))).decompose_into_bits(); - root = witness_ct(&composer, db.root()); - bool_ct is_member_ = - check_membership(root, create_witness_hash_path(composer, db.get_hash_path(1)), field_ct(1), seven); - - auto prover = composer.create_ultra_with_keccak_prover(); - printf("composer gates = %zu\n", composer.get_num_gates()); - - auto verifier = composer.create_ultra_with_keccak_verifier(); - - plonk::proof proof = prover.construct_proof(); - - bool result = verifier.verify_proof(proof); - EXPECT_EQ(is_member.get_value(), true); - EXPECT_EQ(is_member_.get_value(), true); - EXPECT_EQ(result, true); -} - -TEST(stdlib_merkle_tree, test_batch_update_membership) -{ - MemoryStore store; - MerkleTree db(store, 4); - Composer composer = Composer(); - // Fill in an arbitrary value at i = 2. - db.update_element(2, fr::random_element()); - // Define old state. - field_ct old_root = witness_ct(&composer, db.root()); - auto old_hash_path_1 = create_witness_hash_path(composer, db.get_hash_path(5)); - auto old_hash_path_2 = create_witness_hash_path(composer, db.get_hash_path(7)); - auto values = std::vector(4); - for (size_t i = 4; i < 8; i++) { - values[i - 4] = field_ct(&composer, i * 2); - db.update_element(i, fr(i * 2)); - } - // Define new state. Batch update must verify with any old hash path in the subtree. - field_ct new_root = witness_ct(&composer, db.root()); - field_ct start_idx = field_ct(witness_ct(&composer, fr(4))); - batch_update_membership(new_root, old_root, old_hash_path_1, values, start_idx); - batch_update_membership(new_root, old_root, old_hash_path_2, values, start_idx); - auto prover = composer.create_ultra_with_keccak_prover(); - printf("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); - plonk::proof proof = prover.construct_proof(); - bool result = verifier.verify_proof(proof); - EXPECT_EQ(result, true); -} - -TEST(stdlib_merkle_tree, test_assert_check_membership) -{ - MemoryStore store; - auto db = MerkleTree(store, 3); - Composer composer = Composer(); - - auto zero = field_ct(witness_ct(&composer, fr::zero())).decompose_into_bits(); - field_ct root = witness_ct(&composer, db.root()); - - assert_check_membership(root, create_witness_hash_path(composer, db.get_hash_path(0)), field_ct(0), zero); - - auto prover = composer.create_ultra_with_keccak_prover(); - printf("composer gates = %zu\n", composer.get_num_gates()); - - auto verifier = composer.create_ultra_with_keccak_verifier(); - - plonk::proof proof = prover.construct_proof(); - - bool result = verifier.verify_proof(proof); - EXPECT_EQ(result, true); -} - -TEST(stdlib_merkle_tree, test_assert_check_membership_fail) -{ - MemoryStore store; - auto db = MerkleTree(store, 3); - - Composer composer = Composer(); +// #include "merkle_tree.hpp" +// #include "membership.hpp" +// #include "memory_store.hpp" +// #include "memory_tree.hpp" +// #include +// #include "barretenberg/stdlib/types/types.hpp" + +// using namespace barretenberg; +// using namespace proof_system::plonk::stdlib::types; +// using namespace proof_system::plonk::stdlib::merkle_tree; + +// namespace { +// auto& engine = numeric::random::get_debug_engine(); +// } + +// TEST(stdlib_merkle_tree, test_check_membership) +// { +// MemoryStore store; +// auto db = MerkleTree(store, 3); +// Composer composer = Composer(); + +// // Check membership at index 0. +// auto zero = field_ct(witness_ct(&composer, fr::zero())).decompose_into_bits(); +// field_ct root = witness_ct(&composer, db.root()); +// bool_ct is_member = +// check_membership(root, create_witness_hash_path(composer, db.get_hash_path(0)), field_ct(0), zero); + +// // Check membership at index 7 after inserting 1. +// db.update_element(7, 1); +// auto seven = field_ct(witness_ct(&composer, fr(7))).decompose_into_bits(); +// root = witness_ct(&composer, db.root()); +// bool_ct is_member_ = +// check_membership(root, create_witness_hash_path(composer, db.get_hash_path(1)), field_ct(1), seven); + +// auto prover = composer.create_ultra_with_keccak_prover(); +// printf("composer gates = %zu\n", composer.get_num_gates()); + +// auto verifier = composer.create_ultra_with_keccak_verifier(); + +// plonk::proof proof = prover.construct_proof(); + +// bool result = verifier.verify_proof(proof); +// EXPECT_EQ(is_member.get_value(), true); +// EXPECT_EQ(is_member_.get_value(), true); +// EXPECT_EQ(result, true); +// } + +// TEST(stdlib_merkle_tree, test_batch_update_membership) +// { +// MemoryStore store; +// MerkleTree db(store, 4); +// Composer composer = Composer(); +// // Fill in an arbitrary value at i = 2. +// db.update_element(2, fr::random_element()); +// // Define old state. +// field_ct old_root = witness_ct(&composer, db.root()); +// auto old_hash_path_1 = create_witness_hash_path(composer, db.get_hash_path(5)); +// auto old_hash_path_2 = create_witness_hash_path(composer, db.get_hash_path(7)); +// auto values = std::vector(4); +// for (size_t i = 4; i < 8; i++) { +// values[i - 4] = field_ct(&composer, i * 2); +// db.update_element(i, fr(i * 2)); +// } +// // Define new state. Batch update must verify with any old hash path in the subtree. +// field_ct new_root = witness_ct(&composer, db.root()); +// field_ct start_idx = field_ct(witness_ct(&composer, fr(4))); +// batch_update_membership(new_root, old_root, old_hash_path_1, values, start_idx); +// batch_update_membership(new_root, old_root, old_hash_path_2, values, start_idx); +// auto prover = composer.create_ultra_with_keccak_prover(); +// printf("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); +// plonk::proof proof = prover.construct_proof(); +// bool result = verifier.verify_proof(proof); +// EXPECT_EQ(result, true); +// } + +// TEST(stdlib_merkle_tree, test_assert_check_membership) +// { +// MemoryStore store; +// auto db = MerkleTree(store, 3); +// Composer composer = Composer(); + +// auto zero = field_ct(witness_ct(&composer, fr::zero())).decompose_into_bits(); +// field_ct root = witness_ct(&composer, db.root()); + +// assert_check_membership(root, create_witness_hash_path(composer, db.get_hash_path(0)), field_ct(0), zero); + +// auto prover = composer.create_ultra_with_keccak_prover(); +// printf("composer gates = %zu\n", composer.get_num_gates()); + +// auto verifier = composer.create_ultra_with_keccak_verifier(); + +// plonk::proof proof = prover.construct_proof(); + +// bool result = verifier.verify_proof(proof); +// EXPECT_EQ(result, true); +// } + +// TEST(stdlib_merkle_tree, test_assert_check_membership_fail) +// { +// MemoryStore store; +// auto db = MerkleTree(store, 3); + +// Composer composer = Composer(); - auto zero = field_ct(witness_ct(&composer, fr::zero())).decompose_into_bits(); - field_ct root = witness_ct(&composer, db.root()); +// auto zero = field_ct(witness_ct(&composer, fr::zero())).decompose_into_bits(); +// field_ct root = witness_ct(&composer, db.root()); - assert_check_membership(root, create_witness_hash_path(composer, db.get_hash_path(0)), field_ct(1), zero); +// assert_check_membership(root, create_witness_hash_path(composer, db.get_hash_path(0)), field_ct(1), zero); - auto prover = composer.create_ultra_with_keccak_prover(); - printf("composer gates = %zu\n", composer.get_num_gates()); +// auto prover = composer.create_ultra_with_keccak_prover(); +// printf("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); +// auto verifier = composer.create_ultra_with_keccak_verifier(); - plonk::proof proof = prover.construct_proof(); +// plonk::proof proof = prover.construct_proof(); - bool result = verifier.verify_proof(proof); - EXPECT_EQ(result, false); -} -// To test whether both old hash path and new hash path works for the same Merkle tree -TEST(stdlib_merkle_tree, test_update_members) -{ - { - MemoryStore store; - auto db = MerkleTree(store, 3); +// bool result = verifier.verify_proof(proof); +// EXPECT_EQ(result, false); +// } +// // To test whether both old hash path and new hash path works for the same Merkle tree +// TEST(stdlib_merkle_tree, test_update_members) +// { +// { +// MemoryStore store; +// auto db = MerkleTree(store, 3); - Composer composer = Composer(); +// Composer composer = Composer(); - auto zero = field_ct(witness_ct(&composer, fr::zero())).decompose_into_bits(); +// auto zero = field_ct(witness_ct(&composer, fr::zero())).decompose_into_bits(); - auto old_value = field_ct(0); - hash_path old_path = create_witness_hash_path(composer, db.get_hash_path(0)); - field_ct old_root = witness_ct(&composer, db.root()); +// auto old_value = field_ct(0); +// hash_path old_path = create_witness_hash_path(composer, db.get_hash_path(0)); +// field_ct old_root = witness_ct(&composer, db.root()); - auto new_value = field_ct(1); - auto new_path_fr = get_new_hash_path(db.get_hash_path(0), 0, new_value.get_value()); - hash_path new_path = create_witness_hash_path(composer, new_path_fr); - field_ct new_root = witness_ct(&composer, get_hash_path_root(new_path_fr)); - - update_membership(new_root, new_value, old_root, old_path, old_value, zero); - - auto prover = composer.create_ultra_with_keccak_prover(); - - printf("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); - - plonk::proof proof = prover.construct_proof(); - - bool result = verifier.verify_proof(proof); - EXPECT_EQ(result, true); - } - { - MemoryStore store; - auto db = MerkleTree(store, 3); +// auto new_value = field_ct(1); +// auto new_path_fr = get_new_hash_path(db.get_hash_path(0), 0, new_value.get_value()); +// hash_path new_path = create_witness_hash_path(composer, new_path_fr); +// field_ct new_root = witness_ct(&composer, get_hash_path_root(new_path_fr)); + +// update_membership(new_root, new_value, old_root, old_path, old_value, zero); + +// auto prover = composer.create_ultra_with_keccak_prover(); + +// printf("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); + +// plonk::proof proof = prover.construct_proof(); + +// bool result = verifier.verify_proof(proof); +// EXPECT_EQ(result, true); +// } +// { +// MemoryStore store; +// auto db = MerkleTree(store, 3); - Composer composer = Composer(); +// Composer composer = Composer(); - auto zero = field_ct(witness_ct(&composer, fr::zero())).decompose_into_bits(); +// auto zero = field_ct(witness_ct(&composer, fr::zero())).decompose_into_bits(); - auto old_value = field_ct(0); - hash_path old_path = create_witness_hash_path(composer, db.get_hash_path(0)); - field_ct old_root = witness_ct(&composer, db.root()); +// auto old_value = field_ct(0); +// hash_path old_path = create_witness_hash_path(composer, db.get_hash_path(0)); +// field_ct old_root = witness_ct(&composer, db.root()); - auto new_value = field_ct(1); - auto new_path_fr = get_new_hash_path(db.get_hash_path(0), 0, new_value.get_value()); - hash_path new_path = create_witness_hash_path(composer, new_path_fr); - field_ct new_root = witness_ct(&composer, get_hash_path_root(new_path_fr)); +// auto new_value = field_ct(1); +// auto new_path_fr = get_new_hash_path(db.get_hash_path(0), 0, new_value.get_value()); +// hash_path new_path = create_witness_hash_path(composer, new_path_fr); +// field_ct new_root = witness_ct(&composer, get_hash_path_root(new_path_fr)); - update_membership(new_root, new_value, old_root, new_path, old_value, zero); +// update_membership(new_root, new_value, old_root, new_path, old_value, zero); - auto prover = composer.create_ultra_with_keccak_prover(); +// auto prover = composer.create_ultra_with_keccak_prover(); - printf("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); +// printf("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); - plonk::proof proof = prover.construct_proof(); +// plonk::proof proof = prover.construct_proof(); - bool result = verifier.verify_proof(proof); - EXPECT_EQ(result, true); - } -} +// bool result = verifier.verify_proof(proof); +// EXPECT_EQ(result, true); +// } +// } -TEST(stdlib_merkle_tree, test_tree) -{ - size_t depth = 3; - size_t num = 1UL << depth; - MemoryStore store; - MerkleTree db(store, depth); - MemoryTree mem_tree(depth); +// TEST(stdlib_merkle_tree, test_tree) +// { +// size_t depth = 3; +// size_t num = 1UL << depth; +// MemoryStore store; +// MerkleTree db(store, depth); +// MemoryTree mem_tree(depth); - Composer composer = Composer(); +// Composer composer = Composer(); - auto zero_field = field_ct(witness_ct(&composer, fr::zero())); - auto values = std::vector(num, zero_field); - auto root = field_ct(&composer, mem_tree.root()); +// auto zero_field = field_ct(witness_ct(&composer, fr::zero())); +// auto values = std::vector(num, zero_field); +// auto root = field_ct(&composer, mem_tree.root()); - assert_check_tree(root, values); +// assert_check_tree(root, values); - auto prover = composer.create_ultra_with_keccak_prover(); +// auto prover = composer.create_ultra_with_keccak_prover(); - printf("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); +// printf("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); - plonk::proof proof = prover.construct_proof(); +// plonk::proof proof = prover.construct_proof(); - bool result = verifier.verify_proof(proof); - EXPECT_EQ(result, true); -} +// bool result = verifier.verify_proof(proof); +// EXPECT_EQ(result, true); +// } -TEST(stdlib_merkle_tree, test_update_memberships) -{ - constexpr size_t depth = 4; - MemoryStore store; - MerkleTree tree(store, depth); - - Composer composer = Composer(); - - constexpr size_t filled = (1UL << depth) / 2; - std::vector filled_values; - for (size_t i = 0; i < filled; i++) { - uint256_t val = fr::random_element(); - tree.update_element(i, val); - filled_values.push_back(val); - } +// TEST(stdlib_merkle_tree, test_update_memberships) +// { +// constexpr size_t depth = 4; +// MemoryStore store; +// MerkleTree tree(store, depth); + +// Composer composer = Composer(); + +// constexpr size_t filled = (1UL << depth) / 2; +// std::vector filled_values; +// for (size_t i = 0; i < filled; i++) { +// uint256_t val = fr::random_element(); +// tree.update_element(i, val); +// filled_values.push_back(val); +// } - // old state - fr old_root = tree.root(); - std::vector old_indices = { 0, 2, 5, 7 }; +// // old state +// fr old_root = tree.root(); +// std::vector old_indices = { 0, 2, 5, 7 }; - std::vector old_values; - std::vector old_hash_paths; - for (size_t i = 0; i < old_indices.size(); i++) { - old_values.push_back(filled_values[old_indices[i]]); - } - - // new state - std::vector new_values; - std::vector new_roots; - for (size_t i = 0; i < old_indices.size(); i++) { - uint256_t val = fr::random_element(); - new_values.push_back(val); - old_hash_paths.push_back(tree.get_hash_path(old_indices[i])); - new_roots.push_back(tree.update_element(old_indices[i], new_values[i])); - } - - // old state circuit types - field_ct old_root_ct = witness_ct(&composer, old_root); - std::vector> old_indices_ct; - std::vector old_values_ct; - std::vector> old_hash_paths_ct; - - // new state circuit types - std::vector new_values_ct; - std::vector new_roots_ct; - - for (size_t i = 0; i < old_indices.size(); i++) { - auto idx_vec = field_ct(witness_ct(&composer, uint256_t(old_indices[i]))).decompose_into_bits(depth); - old_indices_ct.push_back(idx_vec); - old_values_ct.push_back(witness_ct(&composer, old_values[i])); - old_hash_paths_ct.push_back(create_witness_hash_path(composer, old_hash_paths[i])); - - new_values_ct.push_back(witness_ct(&composer, new_values[i])); - new_roots_ct.push_back(witness_ct(&composer, new_roots[i])); - } - - update_memberships(old_root_ct, new_roots_ct, new_values_ct, old_values_ct, old_hash_paths_ct, old_indices_ct); - - auto prover = composer.create_ultra_with_keccak_prover(); - printf("composer gates = %zu\n", composer.get_num_gates()); - auto verifier = composer.create_ultra_with_keccak_verifier(); - plonk::proof proof = prover.construct_proof(); - bool result = verifier.verify_proof(proof); - EXPECT_EQ(result, true); -} +// std::vector old_values; +// std::vector old_hash_paths; +// for (size_t i = 0; i < old_indices.size(); i++) { +// old_values.push_back(filled_values[old_indices[i]]); +// } + +// // new state +// std::vector new_values; +// std::vector new_roots; +// for (size_t i = 0; i < old_indices.size(); i++) { +// uint256_t val = fr::random_element(); +// new_values.push_back(val); +// old_hash_paths.push_back(tree.get_hash_path(old_indices[i])); +// new_roots.push_back(tree.update_element(old_indices[i], new_values[i])); +// } + +// // old state circuit types +// field_ct old_root_ct = witness_ct(&composer, old_root); +// std::vector> old_indices_ct; +// std::vector old_values_ct; +// std::vector> old_hash_paths_ct; + +// // new state circuit types +// std::vector new_values_ct; +// std::vector new_roots_ct; + +// for (size_t i = 0; i < old_indices.size(); i++) { +// auto idx_vec = field_ct(witness_ct(&composer, uint256_t(old_indices[i]))).decompose_into_bits(depth); +// old_indices_ct.push_back(idx_vec); +// old_values_ct.push_back(witness_ct(&composer, old_values[i])); +// old_hash_paths_ct.push_back(create_witness_hash_path(composer, old_hash_paths[i])); + +// new_values_ct.push_back(witness_ct(&composer, new_values[i])); +// new_roots_ct.push_back(witness_ct(&composer, new_roots[i])); +// } + +// update_memberships(old_root_ct, new_roots_ct, new_values_ct, old_values_ct, old_hash_paths_ct, old_indices_ct); + +// auto prover = composer.create_ultra_with_keccak_prover(); +// printf("composer gates = %zu\n", composer.get_num_gates()); +// auto verifier = composer.create_ultra_with_keccak_verifier(); +// plonk::proof proof = prover.construct_proof(); +// bool result = verifier.verify_proof(proof); +// EXPECT_EQ(result, true); +// } diff --git a/cpp/src/barretenberg/stdlib/merkle_tree/merkle_tree.test.cpp b/cpp/src/barretenberg/stdlib/merkle_tree/merkle_tree.test.cpp index a4b3607be9..10f2c4008e 100644 --- a/cpp/src/barretenberg/stdlib/merkle_tree/merkle_tree.test.cpp +++ b/cpp/src/barretenberg/stdlib/merkle_tree/merkle_tree.test.cpp @@ -1,130 +1,130 @@ -#include "merkle_tree.hpp" -#include "memory_store.hpp" -#include "memory_tree.hpp" -#include "barretenberg/common/streams.hpp" -#include "barretenberg/common/test.hpp" -#include "barretenberg/numeric/random/engine.hpp" -#include "barretenberg/stdlib/types/types.hpp" - -using namespace barretenberg; -using namespace proof_system::plonk::stdlib::merkle_tree; - -namespace { -auto& engine = numeric::random::get_debug_engine(); -auto& random_engine = numeric::random::get_engine(); -} // namespace - -static std::vector VALUES = []() { - std::vector values(1024); - for (size_t i = 0; i < 1024; ++i) { - values[i] = i; - } - return values; -}(); - -TEST(stdlib_merkle_tree, test_kv_memory_vs_memory_consistency) -{ - constexpr size_t depth = 10; - MemoryTree memdb(depth); - - MemoryStore store; - MerkleTree db(store, depth); - - std::vector indicies(1 << depth); - std::iota(indicies.begin(), indicies.end(), 0); - std::random_device rd; - std::mt19937 g(rd()); - std::shuffle(indicies.begin(), indicies.end(), g); - - for (size_t i = 0; i < indicies.size(); ++i) { - size_t idx = indicies[i]; - memdb.update_element(idx, VALUES[idx]); - db.update_element(idx, VALUES[idx]); - } - - for (size_t i = 0; i < indicies.size(); ++i) { - size_t idx = indicies[i]; - EXPECT_EQ(db.get_hash_path(idx), memdb.get_hash_path(idx)); - } - - EXPECT_EQ(db.root(), memdb.root()); -} - -TEST(stdlib_merkle_tree, test_size) -{ - MemoryStore store; - auto db = MerkleTree(store, 256); - - EXPECT_EQ(db.size(), 0ULL); - - // Add first. - db.update_element(0, VALUES[1]); - EXPECT_EQ(db.size(), 1ULL); - - // Add second. - db.update_element(1, VALUES[2]); - EXPECT_EQ(db.size(), 2ULL); - - // Set second to same value. - db.update_element(1, VALUES[2]); - EXPECT_EQ(db.size(), 2ULL); - - // Set second to new value. - db.update_element(1, VALUES[3]); - EXPECT_EQ(db.size(), 2ULL); - - // Set third to new value. - db.update_element(2, VALUES[4]); - EXPECT_EQ(db.size(), 3ULL); -} - -TEST(stdlib_merkle_tree, test_get_hash_path) -{ - MemoryTree memdb(10); - - MemoryStore store; - auto db = MerkleTree(store, 10); - - EXPECT_EQ(memdb.get_hash_path(512), db.get_hash_path(512)); - - memdb.update_element(512, VALUES[512]); - db.update_element(512, VALUES[512]); - - EXPECT_EQ(db.get_hash_path(512), memdb.get_hash_path(512)); - - for (size_t i = 0; i < 1024; ++i) { - memdb.update_element(i, VALUES[i]); - db.update_element(i, VALUES[i]); - } - - EXPECT_EQ(db.get_hash_path(512), memdb.get_hash_path(512)); -} - -TEST(stdlib_merkle_tree, test_get_hash_path_layers) -{ - { - MemoryStore store; - auto db = MerkleTree(store, 3); - - auto before = db.get_hash_path(1); - db.update_element(0, VALUES[1]); - auto after = db.get_hash_path(1); - - EXPECT_NE(before[0], after[0]); - EXPECT_NE(before[1], after[1]); - EXPECT_NE(before[2], after[2]); - } - - { - MemoryStore store; - auto db = MerkleTree(store, 3); - - auto before = db.get_hash_path(7); - db.update_element(0x0, VALUES[1]); - auto after = db.get_hash_path(7); - - EXPECT_EQ(before[0], after[0]); - EXPECT_EQ(before[1], after[1]); - EXPECT_NE(before[2], after[2]); - } -} +// #include "merkle_tree.hpp" +// #include "memory_store.hpp" +// #include "memory_tree.hpp" +// #include "barretenberg/common/streams.hpp" +// #include "barretenberg/common/test.hpp" +// #include "barretenberg/numeric/random/engine.hpp" +// #include "barretenberg/stdlib/types/types.hpp" + +// using namespace barretenberg; +// using namespace proof_system::plonk::stdlib::merkle_tree; + +// namespace { +// auto& engine = numeric::random::get_debug_engine(); +// auto& random_engine = numeric::random::get_engine(); +// } // namespace + +// static std::vector VALUES = []() { +// std::vector values(1024); +// for (size_t i = 0; i < 1024; ++i) { +// values[i] = i; +// } +// return values; +// }(); + +// TEST(stdlib_merkle_tree, test_kv_memory_vs_memory_consistency) +// { +// constexpr size_t depth = 10; +// MemoryTree memdb(depth); + +// MemoryStore store; +// MerkleTree db(store, depth); + +// std::vector indicies(1 << depth); +// std::iota(indicies.begin(), indicies.end(), 0); +// std::random_device rd; +// std::mt19937 g(rd()); +// std::shuffle(indicies.begin(), indicies.end(), g); + +// for (size_t i = 0; i < indicies.size(); ++i) { +// size_t idx = indicies[i]; +// memdb.update_element(idx, VALUES[idx]); +// db.update_element(idx, VALUES[idx]); +// } + +// for (size_t i = 0; i < indicies.size(); ++i) { +// size_t idx = indicies[i]; +// EXPECT_EQ(db.get_hash_path(idx), memdb.get_hash_path(idx)); +// } + +// EXPECT_EQ(db.root(), memdb.root()); +// } + +// TEST(stdlib_merkle_tree, test_size) +// { +// MemoryStore store; +// auto db = MerkleTree(store, 256); + +// EXPECT_EQ(db.size(), 0ULL); + +// // Add first. +// db.update_element(0, VALUES[1]); +// EXPECT_EQ(db.size(), 1ULL); + +// // Add second. +// db.update_element(1, VALUES[2]); +// EXPECT_EQ(db.size(), 2ULL); + +// // Set second to same value. +// db.update_element(1, VALUES[2]); +// EXPECT_EQ(db.size(), 2ULL); + +// // Set second to new value. +// db.update_element(1, VALUES[3]); +// EXPECT_EQ(db.size(), 2ULL); + +// // Set third to new value. +// db.update_element(2, VALUES[4]); +// EXPECT_EQ(db.size(), 3ULL); +// } + +// TEST(stdlib_merkle_tree, test_get_hash_path) +// { +// MemoryTree memdb(10); + +// MemoryStore store; +// auto db = MerkleTree(store, 10); + +// EXPECT_EQ(memdb.get_hash_path(512), db.get_hash_path(512)); + +// memdb.update_element(512, VALUES[512]); +// db.update_element(512, VALUES[512]); + +// EXPECT_EQ(db.get_hash_path(512), memdb.get_hash_path(512)); + +// for (size_t i = 0; i < 1024; ++i) { +// memdb.update_element(i, VALUES[i]); +// db.update_element(i, VALUES[i]); +// } + +// EXPECT_EQ(db.get_hash_path(512), memdb.get_hash_path(512)); +// } + +// TEST(stdlib_merkle_tree, test_get_hash_path_layers) +// { +// { +// MemoryStore store; +// auto db = MerkleTree(store, 3); + +// auto before = db.get_hash_path(1); +// db.update_element(0, VALUES[1]); +// auto after = db.get_hash_path(1); + +// EXPECT_NE(before[0], after[0]); +// EXPECT_NE(before[1], after[1]); +// EXPECT_NE(before[2], after[2]); +// } + +// { +// MemoryStore store; +// auto db = MerkleTree(store, 3); + +// auto before = db.get_hash_path(7); +// db.update_element(0x0, VALUES[1]); +// auto after = db.get_hash_path(7); + +// EXPECT_EQ(before[0], after[0]); +// EXPECT_EQ(before[1], after[1]); +// EXPECT_NE(before[2], after[2]); +// } +// } diff --git a/cpp/src/barretenberg/stdlib/primitives/byte_array/byte_array.test.cpp b/cpp/src/barretenberg/stdlib/primitives/byte_array/byte_array.test.cpp index 81fcd8139a..70371bee4a 100644 --- a/cpp/src/barretenberg/stdlib/primitives/byte_array/byte_array.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/byte_array/byte_array.test.cpp @@ -1,6 +1,5 @@ #include "byte_array.hpp" #include -#include "../../types/types.hpp" #include "barretenberg/plonk/composer/standard_composer.hpp" #include "barretenberg/honk/composer/standard_honk_composer.hpp" #include "barretenberg/stdlib/primitives/bool/bool.hpp" diff --git a/cpp/src/barretenberg/stdlib/primitives/group/group.test.cpp b/cpp/src/barretenberg/stdlib/primitives/group/group.test.cpp index 1a71438a2e..6bb87634be 100644 --- a/cpp/src/barretenberg/stdlib/primitives/group/group.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/group/group.test.cpp @@ -1,8 +1,8 @@ -#include "../../types/types.hpp" #include #include "barretenberg/honk/composer/standard_honk_composer.hpp" #include "barretenberg/stdlib/primitives/witness/witness.hpp" #include "barretenberg/numeric/random/engine.hpp" + #define STDLIB_TYPE_ALIASES \ using Composer = TypeParam; \ using witness_ct = stdlib::witness_t; \ diff --git a/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.test.cpp b/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.test.cpp index 340d02a543..37abbd07f2 100644 --- a/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.test.cpp @@ -1,5 +1,4 @@ #include "packed_byte_array.hpp" -#include "../../types/types.hpp" #include "../byte_array/byte_array.hpp" #include #include "barretenberg/numeric/random/engine.hpp" diff --git a/cpp/src/barretenberg/stdlib/primitives/safe_uint/safe_uint.test.cpp b/cpp/src/barretenberg/stdlib/primitives/safe_uint/safe_uint.test.cpp index 45657fb45f..f51c072fe8 100644 --- a/cpp/src/barretenberg/stdlib/primitives/safe_uint/safe_uint.test.cpp +++ b/cpp/src/barretenberg/stdlib/primitives/safe_uint/safe_uint.test.cpp @@ -7,7 +7,6 @@ #include "barretenberg/numeric/random/engine.hpp" #include "../byte_array/byte_array.hpp" #include "barretenberg/honk/composer/standard_honk_composer.hpp" -#include "barretenberg/stdlib/types/types.hpp" #pragma GCC diagnostic ignored "-Wunused-local-typedefs" diff --git a/cpp/src/barretenberg/stdlib/types/types.hpp b/cpp/src/barretenberg/stdlib/types/types.hpp deleted file mode 100644 index 6a1db12f6e..0000000000 --- a/cpp/src/barretenberg/stdlib/types/types.hpp +++ /dev/null @@ -1,89 +0,0 @@ -#pragma once -#include "barretenberg/plonk/proof_system/constants.hpp" -#include "barretenberg/plonk/composer/standard_composer.hpp" -#include "barretenberg/plonk/composer/turbo_composer.hpp" -#include "barretenberg/plonk/composer/ultra_composer.hpp" -#include "barretenberg/plonk/proof_system/prover/prover.hpp" -#include "barretenberg/stdlib/primitives/bigfield/bigfield.hpp" -#include "barretenberg/stdlib/primitives/biggroup/biggroup.hpp" -#include "barretenberg/stdlib/primitives/bit_array/bit_array.hpp" -#include "barretenberg/stdlib/primitives/bool/bool.hpp" -#include "barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.hpp" -#include "barretenberg/stdlib/primitives/byte_array/byte_array.hpp" -#include "barretenberg/stdlib/primitives/uint/uint.hpp" -#include "barretenberg/stdlib/primitives/witness/witness.hpp" -#include "barretenberg/stdlib/primitives/bigfield/bigfield.hpp" -#include "barretenberg/stdlib/primitives/biggroup/biggroup.hpp" -#include "barretenberg/stdlib/commitment/pedersen/pedersen.hpp" -#include "barretenberg/stdlib/commitment/pedersen/pedersen_plookup.hpp" -#include "barretenberg/stdlib/merkle_tree/hash_path.hpp" -#include "barretenberg/stdlib/encryption/schnorr/schnorr.hpp" -#include "barretenberg/stdlib/primitives/curves/bn254.hpp" -#include "barretenberg/stdlib/primitives/curves/secp256k1.hpp" -#include "barretenberg/stdlib/primitives/memory/rom_table.hpp" -#include "barretenberg/stdlib/recursion/verifier/program_settings.hpp" -#include "barretenberg/stdlib/primitives/memory/ram_table.hpp" -#include "barretenberg/stdlib/primitives/memory/rom_table.hpp" -#include "barretenberg/stdlib/primitives/memory/dynamic_array.hpp" - -namespace proof_system::plonk::stdlib::types { - -using namespace proof_system::plonk; -static constexpr size_t SYSTEM_COMPOSER = proof_system::plonk::SYSTEM_COMPOSER; - -typedef std::conditional_t< - SYSTEM_COMPOSER == proof_system::STANDARD, - plonk::StandardComposer, - std::conditional_t> - Composer; - -typedef std::conditional_t< - SYSTEM_COMPOSER == proof_system::STANDARD, - plonk::Prover, - std::conditional_t> - Prover; - -typedef std::conditional_t< - SYSTEM_COMPOSER == proof_system::STANDARD, - plonk::Verifier, - std::conditional_t> - Verifier; - -typedef stdlib::witness_t witness_ct; -typedef stdlib::public_witness_t public_witness_ct; -typedef stdlib::bool_t bool_ct; -typedef stdlib::byte_array byte_array_ct; -typedef stdlib::packed_byte_array packed_byte_array_ct; -typedef stdlib::field_t field_ct; -typedef stdlib::safe_uint_t suint_ct; -typedef stdlib::uint8 uint8_ct; -typedef stdlib::uint16 uint16_ct; -typedef stdlib::uint32 uint32_ct; -typedef stdlib::uint64 uint64_ct; -typedef stdlib::bit_array bit_array_ct; -typedef stdlib::bigfield fq_ct; -typedef stdlib::element biggroup_ct; -typedef stdlib::point point_ct; -typedef stdlib::pedersen_commitment pedersen_commitment; -typedef stdlib::group group_ct; -typedef stdlib::bn254 bn254; -typedef stdlib::secp256k1 secp256k1_ct; - -namespace merkle_tree { -using namespace stdlib::merkle_tree; -typedef stdlib::merkle_tree::hash_path hash_path; -} // namespace merkle_tree - -namespace schnorr { -typedef stdlib::schnorr::signature_bits signature_bits; -} // namespace schnorr - -// Ultra-composer specific types -typedef stdlib::rom_table rom_table_ct; - -typedef std::conditional_t, - recursion::recursive_ultra_verifier_settings> - recursive_inner_verifier_settings; - -} // namespace proof_system::plonk::stdlib::types