From 8ab9c3ea0e262354bb713ae83947323a9b354822 Mon Sep 17 00:00:00 2001 From: Alex Xiong Date: Wed, 24 Aug 2022 18:31:24 +0800 Subject: [PATCH 1/2] correct error type for PlonkVerifierGadget --- plonk/src/circuit/plonk_verifier/gadgets.rs | 26 +++++++-------- plonk/src/circuit/plonk_verifier/mod.rs | 37 ++++++++++----------- plonk/src/circuit/plonk_verifier/poly.rs | 26 +++++++-------- plonk/src/errors.rs | 10 +++++- 4 files changed, 51 insertions(+), 48 deletions(-) diff --git a/plonk/src/circuit/plonk_verifier/gadgets.rs b/plonk/src/circuit/plonk_verifier/gadgets.rs index 91a4e7f5c..efda72d16 100644 --- a/plonk/src/circuit/plonk_verifier/gadgets.rs +++ b/plonk/src/circuit/plonk_verifier/gadgets.rs @@ -8,7 +8,7 @@ use crate::{ circuit::{plonk_verifier::*, transcript::RescueTranscriptVar}, constants::EXTRA_TRANSCRIPT_MSG_LABEL, - errors::{PlonkError, SnarkError::ParameterError}, + errors::PlonkError, }; use ark_ec::{ short_weierstrass_jacobian::GroupAffine, PairingEngine, SWModelParameters as SWParam, @@ -18,6 +18,7 @@ use ark_poly::{EvaluationDomain, Radix2EvaluationDomain}; use ark_std::{format, vec::Vec}; use jf_primitives::rescue::RescueParameter; use jf_relation::{ + errors::{CircuitError, CircuitError::ParameterError}, gadgets::{ ecc::{PointVariable, SWToTEConParam}, ultraplonk::mod_arith::{FpElem, FpElemVar}, @@ -48,7 +49,7 @@ pub(super) fn aggregate_poly_commitments_circuit( batch_proof: &BatchProofVar, alpha_bases: &[FpElemVar], non_native_field_info: NonNativeFieldInfo, -) -> Result<(ScalarsAndBasesVar, Vec>), PlonkError> +) -> Result<(ScalarsAndBasesVar, Vec>), CircuitError> where E: PairingEngine, F: PrimeField, @@ -58,8 +59,7 @@ where "the number of verification keys {} != the number of instances {}", vks.len(), batch_proof.len() - )) - .into()); + ))); } // Compute the first part of the batched polynomial commitment `[D]1` described in Sec 8.4, step 9 of https://eprint.iacr.org/2019/953.pdf @@ -132,7 +132,7 @@ pub(super) fn aggregate_evaluations_circuit( poly_evals_vec: &[ProofEvaluationsVar], non_native_field_info: NonNativeFieldInfo, buffer_v_and_uv_basis: &[FpElemVar], -) -> Result, PlonkError> +) -> Result, CircuitError> where E: PairingEngine, F: PrimeField, @@ -177,7 +177,7 @@ where } // ensure all the buffer has been consumed if v_and_uv_basis.next().is_some() { - return Err(PlonkError::IteratorOutOfRange); + return Err(PlonkError::IteratorOutOfRange)?; } Ok(result) } @@ -191,7 +191,7 @@ pub(super) fn compute_challenges_vars( batch_proof: &BatchProofVar, extra_transcript_init_msg: &Option>, non_native_field_info: NonNativeFieldInfo, -) -> Result, PlonkError> +) -> Result, CircuitError> where E: PairingEngine>, F: RescueParameter + SWToTEConParam, @@ -270,7 +270,7 @@ pub(super) fn prepare_pcs_info_var( domain: Radix2EvaluationDomain, non_native_field_info: NonNativeFieldInfo, -) -> Result, PlonkError> +) -> Result, CircuitError> where E: PairingEngine>, F: RescueParameter + SWToTEConParam, @@ -398,7 +398,7 @@ fn add_poly_comm_circuit( comm: &PointVariable, r: &FpElemVar, p: &FpElem, -) -> Result<(), PlonkError> +) -> Result<(), CircuitError> where F: PrimeField, { @@ -417,7 +417,7 @@ fn add_pcs_eval_circuit( random_combiner: &FpElemVar, eval: &FpElemVar, p: &FpElem, -) -> Result<(), PlonkError> +) -> Result<(), CircuitError> where F: PrimeField, { @@ -434,7 +434,7 @@ fn compute_alpha_basis( alpha_to_3: FpElemVar, len: usize, non_native_field_info: NonNativeFieldInfo, -) -> Result>, PlonkError> { +) -> Result>, CircuitError> { let mut res = Vec::new(); let mut alpha_base_elem_var = FpElemVar::::one( circuit, @@ -472,12 +472,12 @@ mod test { const RANGE_BIT_LEN_FOR_TEST: usize = 16; #[test] - fn test_compute_challenges_vars_circuit() -> Result<(), PlonkError> { + fn test_compute_challenges_vars_circuit() -> Result<(), CircuitError> { test_compute_challenges_vars_circuit_helper::>( ) } - fn test_compute_challenges_vars_circuit_helper() -> Result<(), PlonkError> + fn test_compute_challenges_vars_circuit_helper() -> Result<(), CircuitError> where E: PairingEngine>, F: RescueParameter + SWToTEConParam, diff --git a/plonk/src/circuit/plonk_verifier/mod.rs b/plonk/src/circuit/plonk_verifier/mod.rs index 1f3db5c78..67727643e 100644 --- a/plonk/src/circuit/plonk_verifier/mod.rs +++ b/plonk/src/circuit/plonk_verifier/mod.rs @@ -5,10 +5,7 @@ // along with the Jellyfish library. If not, see . //! Circuits for Plonk verifiers. -use crate::{ - errors::{PlonkError, SnarkError::ParameterError}, - proof_system::{structs::VerifyingKey, verifier::Verifier}, -}; +use crate::proof_system::{structs::VerifyingKey, verifier::Verifier}; use ark_ec::{ short_weierstrass_jacobian::GroupAffine, PairingEngine, SWModelParameters as SWParam, TEModelParameters as TEParam, @@ -17,7 +14,7 @@ use ark_ff::{BigInteger, FpParameters, PrimeField}; use ark_std::{format, string::ToString, vec, vec::Vec}; use jf_primitives::rescue::RescueParameter; use jf_relation::{ - errors::CircuitError, + errors::{CircuitError, CircuitError::ParameterError}, gadgets::{ ecc::{MultiScalarMultiplicationCircuit, Point, PointVariable, SWToTEConParam}, ultraplonk::mod_arith::{FpElem, FpElemVar}, @@ -58,7 +55,7 @@ impl VerifyingKeyVar { pub fn new( circuit: &mut PlonkCircuit, verify_key: &VerifyingKey, - ) -> Result + ) -> Result where E: PairingEngine>, F: PrimeField + SWToTEConParam, @@ -103,7 +100,7 @@ impl VerifyingKeyVar { &self, circuit: &mut PlonkCircuit, other: &Self, - ) -> Result + ) -> Result where F: PrimeField, P: TEParam, @@ -157,7 +154,7 @@ impl VerifyingKeyVar { shared_public_input_vars: &[FpElemVar], batch_proof: &BatchProofVar, blinding_factor: Variable, - ) -> Result<(PointVariable, PointVariable), PlonkError> + ) -> Result<(PointVariable, PointVariable), CircuitError> where E: PairingEngine>, F: RescueParameter + SWToTEConParam, @@ -287,7 +284,7 @@ pub trait BatchableCircuit { &mut self, vk_type_a_vars: &[VerifyingKeyVar], vk_type_b_vars: &[VerifyingKeyVar], - ) -> Result>, PlonkError> + ) -> Result>, CircuitError> where E: PairingEngine, P: TEParam; @@ -302,7 +299,7 @@ where &mut self, vk_type_a_vars: &[VerifyingKeyVar], vk_type_b_vars: &[VerifyingKeyVar], - ) -> Result>, PlonkError> + ) -> Result>, CircuitError> where E: PairingEngine, P: TEParam, @@ -318,7 +315,7 @@ where .iter() .zip(vk_type_b_vars.iter()) .map(|(vk_b, vk_d)| vk_b.merge::(self, vk_d)) - .collect::, PlonkError>>() + .collect::, CircuitError>>() } } @@ -346,11 +343,11 @@ mod test { const RANGE_BIT_LEN_FOR_TEST: usize = 16; #[test] - fn test_aggregate_vks() -> Result<(), PlonkError> { + fn test_aggregate_vks() -> Result<(), CircuitError> { test_aggregate_vks_helper::() } - fn test_aggregate_vks_helper() -> Result<(), PlonkError> + fn test_aggregate_vks_helper() -> Result<(), CircuitError> where E: PairingEngine>, F: PrimeField + RescueParameter + SWToTEConParam, @@ -396,7 +393,7 @@ mod test { let vk_type_a_vars = vks_type_a .iter() .map(|vk| VerifyingKeyVar::new(&mut circuit, vk)) - .collect::, PlonkError>>()?; + .collect::, CircuitError>>()?; for (vk_var, vk) in vk_type_a_vars.iter().zip(vks_type_a.iter()) { check_vk_equality(&circuit, vk_var, vk); } @@ -404,7 +401,7 @@ mod test { let vk_type_b_vars = vks_type_b .iter() .map(|vk| VerifyingKeyVar::new(&mut circuit, vk)) - .collect::, PlonkError>>()?; + .collect::, CircuitError>>()?; for (vk_var, vk) in vk_type_b_vars.iter().zip(vks_type_b.iter()) { check_vk_equality(&circuit, vk_var, vk); } @@ -460,11 +457,11 @@ mod test { } #[test] - fn test_partial_verification_circuit() -> Result<(), PlonkError> { + fn test_partial_verification_circuit() -> Result<(), CircuitError> { test_partial_verification_circuit_helper::>() } - fn test_partial_verification_circuit_helper() -> Result<(), PlonkError> + fn test_partial_verification_circuit_helper() -> Result<(), CircuitError> where E: PairingEngine>, F: RescueParameter + SWToTEConParam, @@ -697,7 +694,7 @@ mod test { beta_g_ref: &GroupAffine

, generator_g: &GroupAffine

, blinding_factor: &E::Fr, - ) -> Result<(PlonkCircuit, (PointVariable, PointVariable)), PlonkError> + ) -> Result<(PlonkCircuit, (PointVariable, PointVariable)), CircuitError> where E: PairingEngine>, F: RescueParameter + SWToTEConParam, @@ -742,7 +739,7 @@ mod test { } #[test] - fn test_variable_independence_for_partial_verification_circuit() -> Result<(), PlonkError> { + fn test_variable_independence_for_partial_verification_circuit() -> Result<(), CircuitError> { test_variable_independence_for_partial_verification_circuit_helper::< Bls12_377, _, @@ -753,7 +750,7 @@ mod test { } fn test_variable_independence_for_partial_verification_circuit_helper( - ) -> Result<(), PlonkError> + ) -> Result<(), CircuitError> where E: PairingEngine>, F: RescueParameter + SWToTEConParam, diff --git a/plonk/src/circuit/plonk_verifier/poly.rs b/plonk/src/circuit/plonk_verifier/poly.rs index 7e089fdd9..6f59da326 100644 --- a/plonk/src/circuit/plonk_verifier/poly.rs +++ b/plonk/src/circuit/plonk_verifier/poly.rs @@ -5,16 +5,14 @@ // along with the Jellyfish library. If not, see . //! Circuits for the polynomial evaluations within Plonk verifiers. -use crate::{ - circuit::plonk_verifier::*, - errors::{PlonkError, SnarkError::ParameterError}, -}; +use crate::{circuit::plonk_verifier::*, errors::PlonkError}; use ark_ec::PairingEngine; use ark_ff::PrimeField; use ark_poly::{EvaluationDomain, Radix2EvaluationDomain}; use ark_std::{format, string::ToString, vec, vec::Vec, One}; use jf_relation::{ constants::GATE_WIDTH, + errors::{CircuitError, CircuitError::ParameterError}, gadgets::ultraplonk::mod_arith::{FpElem, FpElemVar}, PlonkCircuit, }; @@ -41,7 +39,7 @@ pub(super) fn evaluate_poly_helper( zeta_fp_elem_var: &FpElemVar, domain_size: usize, non_native_field_info: NonNativeFieldInfo, -) -> Result<([FpElemVar; 3]), PlonkError> +) -> Result<([FpElemVar; 3]), CircuitError> where E: PairingEngine, F: PrimeField, @@ -188,14 +186,14 @@ pub(super) fn evaluate_pi_poly_circuit( vanish_eval_fp_elem_var: &FpElemVar, circuit_is_merged: bool, non_native_field_info: NonNativeFieldInfo, -) -> Result, PlonkError> +) -> Result, CircuitError> where E: PairingEngine, F: PrimeField, { // the circuit is already merged if !circuit_is_merged { - return Err(PlonkError::InvalidParameters( + return Err(CircuitError::ParameterError( "Circuit should already been merged".to_string(), )); } @@ -319,7 +317,7 @@ pub(super) fn compute_lin_poly_constant_term_circuit( evals: &[FpElemVar; 3], alpha_bases: &[FpElemVar], non_native_field_info: NonNativeFieldInfo, -) -> Result, PlonkError> +) -> Result, CircuitError> where E: PairingEngine, F: PrimeField, @@ -343,7 +341,7 @@ where let pi = public_inputs[0]; for &pi_i in public_inputs.iter().skip(1) { if pi != pi_i { - return Err(PlonkError::PublicInputsDoNotMatch); + return Err(PlonkError::PublicInputsDoNotMatch)?; } } @@ -465,7 +463,7 @@ where } // ensure all the buffer has been consumed if alpha_bases_elem_var.next().is_some() { - return Err(PlonkError::IteratorOutOfRange); + return Err(PlonkError::IteratorOutOfRange)?; } // ===================================================== // second statement @@ -492,7 +490,7 @@ pub(super) fn linearization_scalars_and_bases_circuit( batch_proof: &BatchProofVar, alpha_bases: &[FpElemVar], non_native_field_info: NonNativeFieldInfo, -) -> Result, PlonkError> +) -> Result, CircuitError> where E: PairingEngine, F: PrimeField, @@ -616,7 +614,7 @@ where // Add output wire sigma polynomial commitment. scalars_and_bases.scalars.push(coeff_fp_elem_var); - let tmp = circuit.inverse_point(vk.sigma_comms.last().ok_or(PlonkError::IndexError)?)?; + let tmp = circuit.inverse_point(vk.sigma_comms.last().ok_or(CircuitError::IndexError)?)?; scalars_and_bases.bases.push(tmp); @@ -693,7 +691,7 @@ where // ensure all the buffer has been consumed if alpha_bases_elem_var.next().is_some() { - return Err(PlonkError::IteratorOutOfRange); + return Err(PlonkError::IteratorOutOfRange)?; } // ============================================ // Add splitted quotient commitments @@ -714,7 +712,7 @@ where batch_proof .split_quot_poly_comms .first() - .ok_or(PlonkError::IndexError)?, + .ok_or(CircuitError::IndexError)?, )?; scalars_and_bases.scalars.push(poly_evals[1]); scalars_and_bases.bases.push(tmp); diff --git a/plonk/src/errors.rs b/plonk/src/errors.rs index eef322640..badff875d 100644 --- a/plonk/src/errors.rs +++ b/plonk/src/errors.rs @@ -6,7 +6,7 @@ //! Error module. -use ark_std::string::String; +use ark_std::{format, string::String}; use displaydoc::Display; use jf_relation::errors::CircuitError; @@ -97,3 +97,11 @@ impl From for PlonkError { Self::CircuitError(e) } } + +impl From for CircuitError { + // this happen during invocation of Plonk proof system API inside Verifier + // gadget + fn from(e: PlonkError) -> Self { + Self::ParameterError(format!("Plonk proof system err: {:?}", e)) + } +} From 2c14a96e4db80ef38f66f2adbc1f879e40c44357 Mon Sep 17 00:00:00 2001 From: Alex Xiong Date: Wed, 24 Aug 2022 21:36:39 +0800 Subject: [PATCH 2/2] fix clippy warning --- plonk/src/circuit/plonk_verifier/gadgets.rs | 12 ++++-------- plonk/src/circuit/plonk_verifier/mod.rs | 20 +++++++++----------- plonk/src/circuit/plonk_verifier/poly.rs | 3 +-- 3 files changed, 14 insertions(+), 21 deletions(-) diff --git a/plonk/src/circuit/plonk_verifier/gadgets.rs b/plonk/src/circuit/plonk_verifier/gadgets.rs index efda72d16..9915ba923 100644 --- a/plonk/src/circuit/plonk_verifier/gadgets.rs +++ b/plonk/src/circuit/plonk_verifier/gadgets.rs @@ -203,8 +203,7 @@ where verify_keys.len(), batch_proof.len(), public_inputs.len(), - )) - .into()); + ))); } let mut transcript_var = RescueTranscriptVar::new(circuit); if let Some(msg) = extra_transcript_init_msg { @@ -282,8 +281,7 @@ where verify_keys.len(), batch_proof.len(), public_inputs.len(), - )) - .into()); + ))); } for (i, (&pub_input, &vk)) in public_inputs.iter().zip(verify_keys.iter()).enumerate() { @@ -293,8 +291,7 @@ where pub_input.len(), i, vk.num_inputs, - )) - .into()); + ))); } if vk.domain_size != domain.size() { @@ -303,8 +300,7 @@ where vk.domain_size, i, domain.size(), - )) - .into()); + ))); } } diff --git a/plonk/src/circuit/plonk_verifier/mod.rs b/plonk/src/circuit/plonk_verifier/mod.rs index 67727643e..49b51e8b1 100644 --- a/plonk/src/circuit/plonk_verifier/mod.rs +++ b/plonk/src/circuit/plonk_verifier/mod.rs @@ -106,19 +106,19 @@ impl VerifyingKeyVar { P: TEParam, { if self.is_merged || other.is_merged { - return Err(ParameterError("cannot merge a merged key again".to_string()).into()); + return Err(ParameterError( + "cannot merge a merged key again".to_string(), + )); } if self.domain_size != other.domain_size { return Err(ParameterError( "cannot merge a verifying key with different domain size".to_string(), - ) - .into()); + )); } if self.num_inputs != other.num_inputs { return Err(ParameterError( "cannot merge a verifying key with different public input length".to_string(), - ) - .into()); + )); } let sigma_comms = self .sigma_comms @@ -161,15 +161,14 @@ impl VerifyingKeyVar { P: SWParam + TEParam, { if merged_vks.is_empty() { - return Err(ParameterError("empty merged verification keys".to_string()).into()); + return Err(ParameterError("empty merged verification keys".to_string())); } if merged_vks.len() != batch_proof.len() { return Err(ParameterError(format!( "the number of verification keys {} is different from the number of instances {}.", merged_vks.len(), batch_proof.len() - )) - .into()); + ))); } let domain_size = merged_vks[0].domain_size; @@ -178,8 +177,7 @@ impl VerifyingKeyVar { return Err(ParameterError(format!( "the {}-th verification key's domain size {} is different from {}.", i, vk.domain_size, domain_size - )) - .into()); + ))); } } @@ -309,7 +307,7 @@ where "the number of type A verification key variables {} is different from the number of type B verification key variables {}.", vk_type_a_vars.len(), vk_type_b_vars.len()) - ).into()); + )); } vk_type_a_vars .iter() diff --git a/plonk/src/circuit/plonk_verifier/poly.rs b/plonk/src/circuit/plonk_verifier/poly.rs index 6f59da326..4c6f67f53 100644 --- a/plonk/src/circuit/plonk_verifier/poly.rs +++ b/plonk/src/circuit/plonk_verifier/poly.rs @@ -328,8 +328,7 @@ where verify_keys.len(), batch_proof.len(), public_inputs.len(), - )) - .into()); + ))); } let zeta_fp_elem_var = challenges.zeta;