Initial implementation of the sha256 circuit

Brechtpd · Sep 9, 2022 · ef90cf0 · ef90cf0
1 parent 6abc33e
commit ef90cf0
Show file tree

Hide file tree

Showing 6 changed files with 1,246 additions and 0 deletions.
diff --git a/Makefile b/Makefile
@@ -46,6 +46,9 @@ packed_keccak_bench: ## Run Packed Keccak Circuit benchmarks
 packed_multi_keccak_bench: ## Run Packed Multi Keccak Circuit benchmarks
 	@cargo test --profile bench bench_packed_multi_keccak_circuit_prover -p circuit-benchmarks --features benches  -- --nocapture
 
+bit_sha256_bench: ## Run Bit Sha256 Circuit benchmarks
+	@cargo test --profile bench bench_bit_sha256_circuit_prover -p circuit-benchmarks --features benches  -- --nocapture
+
 circuit_benches: evm_bench state_bench ## Run All Circuit benchmarks
 
 

diff --git a/circuit-benchmarks/src/bit_sha256.rs b/circuit-benchmarks/src/bit_sha256.rs
@@ -0,0 +1,100 @@
+//! Sha256 circuit benchmarks
+
+#[cfg(test)]
+mod tests {
+    use ark_std::{end_timer, start_timer};
+    use halo2_proofs::halo2curves::bn256::Fr;
+    use halo2_proofs::plonk::{create_proof, keygen_pk, keygen_vk, verify_proof};
+    use halo2_proofs::poly::commitment::ParamsProver;
+    use halo2_proofs::poly::kzg::commitment::{KZGCommitmentScheme, ParamsKZG, ParamsVerifierKZG};
+    use halo2_proofs::poly::kzg::multiopen::{ProverSHPLONK, VerifierSHPLONK};
+    use halo2_proofs::poly::kzg::strategy::SingleStrategy;
+    use halo2_proofs::{
+        halo2curves::bn256::{Bn256, G1Affine},
+        transcript::{
+            Blake2bRead, Blake2bWrite, Challenge255, TranscriptReadBuffer, TranscriptWriterBuffer,
+        },
+    };
+    use rand::SeedableRng;
+    use rand_xorshift::XorShiftRng;
+    use std::env::var;
+    use zkevm_circuits::sha256_circuit::sha256_bit::Sha256BitCircuit;
+
+    #[cfg_attr(not(feature = "benches"), ignore)]
+    #[test]
+    fn bench_bit_sha256_circuit_prover() {
+        let degree: u32 = var("DEGREE")
+            .expect("No DEGREE env var was provided")
+            .parse()
+            .expect("Cannot parse DEGREE env var as u32");
+
+        // Create the circuit
+        let mut circuit = Sha256BitCircuit::new(2usize.pow(degree));
+
+        // Use the complete circuit
+        let inputs = vec![(0u8..55).collect::<Vec<_>>(); circuit.capacity()];
+        circuit.generate_witness(&inputs);
+
+        // Initialize the polynomial commitment parameters
+        let mut rng = XorShiftRng::from_seed([
+            0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
+            0xbc, 0xe5,
+        ]);
+
+        // Bench setup generation
+        let setup_message = format!("Setup generation with degree = {}", degree);
+        let start1 = start_timer!(|| setup_message);
+        let general_params = ParamsKZG::<Bn256>::setup(degree, &mut rng);
+        let verifier_params: ParamsVerifierKZG<Bn256> = general_params.verifier_params().clone();
+        end_timer!(start1);
+
+        // Initialize the proving key
+        let vk = keygen_vk(&general_params, &circuit).expect("keygen_vk should not fail");
+        let pk = keygen_pk(&general_params, vk, &circuit).expect("keygen_pk should not fail");
+        // Create a proof
+        let mut transcript = Blake2bWrite::<_, G1Affine, Challenge255<_>>::init(vec![]);
+
+        // Bench proof generation time
+        let proof_message = format!("Bit Sha256 Proof generation with {} rows", degree);
+        let start2 = start_timer!(|| proof_message);
+        create_proof::<
+            KZGCommitmentScheme<Bn256>,
+            ProverSHPLONK<'_, Bn256>,
+            Challenge255<G1Affine>,
+            XorShiftRng,
+            Blake2bWrite<Vec<u8>, G1Affine, Challenge255<G1Affine>>,
+            Sha256BitCircuit<Fr>,
+        >(
+            &general_params,
+            &pk,
+            &[circuit],
+            &[&[]],
+            rng,
+            &mut transcript,
+        )
+        .expect("proof generation should not fail");
+        let proof = transcript.finalize();
+        end_timer!(start2);
+
+        // Bench verification time
+        let start3 = start_timer!(|| "Sha256 Proof verification");
+        let mut verifier_transcript = Blake2bRead::<_, G1Affine, Challenge255<_>>::init(&proof[..]);
+        let strategy = SingleStrategy::new(&general_params);
+
+        verify_proof::<
+            KZGCommitmentScheme<Bn256>,
+            VerifierSHPLONK<'_, Bn256>,
+            Challenge255<G1Affine>,
+            Blake2bRead<&[u8], G1Affine, Challenge255<G1Affine>>,
+            SingleStrategy<'_, Bn256>,
+        >(
+            &verifier_params,
+            pk.get_vk(),
+            strategy,
+            &[&[]],
+            &mut verifier_transcript,
+        )
+        .expect("failed to verify bench circuit");
+        end_timer!(start3);
+    }
+}
diff --git a/circuit-benchmarks/src/lib.rs b/circuit-benchmarks/src/lib.rs
@@ -27,3 +27,7 @@ pub mod packed_keccak;
 #[cfg(test)]
 #[cfg(feature = "benches")]
 pub mod packed_multi_keccak;
+
+#[cfg(test)]
+#[cfg(feature = "benches")]
+pub mod bit_sha256;
diff --git a/zkevm-circuits/src/lib.rs b/zkevm-circuits/src/lib.rs
@@ -21,6 +21,7 @@ pub mod copy_circuit;
 pub mod evm_circuit;
 pub mod keccak_circuit;
 pub mod pi_circuit;
+pub mod sha256_circuit;
 pub mod state_circuit;
 pub mod super_circuit;
 pub mod table;

diff --git a/zkevm-circuits/src/sha256_circuit.rs b/zkevm-circuits/src/sha256_circuit.rs
@@ -0,0 +1,4 @@
+//! The sha256 circuit implementation.
+
+/// sha256 bit
+pub mod sha256_bit;