From 636e5fa73e3aec25d000beb5b145dace4f928ff5 Mon Sep 17 00:00:00 2001 From: Mikhail Komarov Date: Wed, 22 Mar 2023 08:30:39 +0200 Subject: [PATCH 1/2] Non-native curve and field operations namespaces and includes adjustments done. --- .../nil/blueprint/blueprint/r1cs/circuit.hpp | 24 +- .../r1cs/blueprint_linear_combination.hpp | 6 +- .../r1cs/detail/r1cs/blueprint_variable.hpp | 4 +- .../plonk/non_native/complete_addition.hpp | 383 ++++++++++-------- .../edwards/plonk/non_native/doubling.hpp | 338 +++++++++------- .../non_native/fixed_base_multiplication.hpp | 252 ++++++------ .../variable_base_multiplication.hpp | 159 ++++---- .../variable_base_multiplication_per_bit.hpp | 156 ++++--- .../eddsa/plonk/non_native/verification.hpp | 213 ++++++---- .../non_native/chop_and_glue_non_native.hpp | 30 +- .../plonk/non_native/multiplication.cpp | 98 +++-- test/basic_components.cpp | 55 +-- test/basic_components_r1cs_gg_ppzksnark.cpp | 38 +- test/non_native/plonk/doubling.cpp | 5 +- test/non_native/plonk/ed25519.cpp | 4 +- .../plonk/signatures_verification.cpp | 23 +- .../non_native/plonk/var_base_mul_per_bit.cpp | 21 +- 17 files changed, 1017 insertions(+), 792 deletions(-) diff --git a/include/nil/blueprint/blueprint/r1cs/circuit.hpp b/include/nil/blueprint/blueprint/r1cs/circuit.hpp index f521234fbb..5d5a79dde1 100644 --- a/include/nil/blueprint/blueprint/r1cs/circuit.hpp +++ b/include/nil/blueprint/blueprint/r1cs/circuit.hpp @@ -35,8 +35,8 @@ #include -#include -#include +#include +#include namespace nil { namespace crypto3 { @@ -47,9 +47,9 @@ namespace nil { template class blueprint> { - typedef snark::r1cs_constraint_system ArithmetizationType; + typedef zk::snark::r1cs_constraint_system ArithmetizationType; - snark::r1cs_variable_assignment + zk::snark::r1cs_variable_assignment values; /* values[0] will hold the value of the first allocated variable of the blueprint, *NOT* constant 1 */ typename BlueprintFieldType::value_type constant_term; @@ -57,7 +57,7 @@ namespace nil { typename math::linear_variable::index_type next_free_var; typename detail::blueprint_linear_combination::index_type next_free_lc; std::vector lc_values; - snark::r1cs_constraint_system constraint_system; + zk::snark::r1cs_constraint_system constraint_system; public: // typedef BlueprintFieldType field_type; @@ -105,7 +105,7 @@ namespace nil { } } - void add_r1cs_constraint(const snark::r1cs_constraint &constr) { + void add_r1cs_constraint(const zk::snark::r1cs_constraint &constr) { constraint_system.constraints.emplace_back(constr); } @@ -131,19 +131,19 @@ namespace nil { constraint_system.auxiliary_input_size = num_variables() - primary_input_size; } - snark::r1cs_variable_assignment full_variable_assignment() const { + zk::snark::r1cs_variable_assignment full_variable_assignment() const { return values; } - snark::r1cs_primary_input primary_input() const { - return snark::r1cs_primary_input(values.begin(), values.begin() + num_inputs()); + zk::snark::r1cs_primary_input primary_input() const { + return zk::snark::r1cs_primary_input(values.begin(), values.begin() + num_inputs()); } - snark::r1cs_auxiliary_input auxiliary_input() const { - return snark::r1cs_auxiliary_input(values.begin() + num_inputs(), values.end()); + zk::snark::r1cs_auxiliary_input auxiliary_input() const { + return zk::snark::r1cs_auxiliary_input(values.begin() + num_inputs(), values.end()); } - snark::r1cs_constraint_system get_constraint_system() const { + zk::snark::r1cs_constraint_system get_constraint_system() const { return constraint_system; } diff --git a/include/nil/blueprint/blueprint/r1cs/detail/r1cs/blueprint_linear_combination.hpp b/include/nil/blueprint/blueprint/r1cs/detail/r1cs/blueprint_linear_combination.hpp index be151e767a..267b1a9d10 100644 --- a/include/nil/blueprint/blueprint/r1cs/detail/r1cs/blueprint_linear_combination.hpp +++ b/include/nil/blueprint/blueprint/r1cs/detail/r1cs/blueprint_linear_combination.hpp @@ -48,9 +48,9 @@ namespace nil { template class blueprint_linear_combination> : - public snark::linear_combination { + public zk::snark::linear_combination { - typedef snark::r1cs_constraint_system ArithmetizationType; + typedef zk::snark::r1cs_constraint_system ArithmetizationType; typedef BlueprintFieldType field_type; typedef typename field_type::value_type field_value_type; @@ -124,7 +124,7 @@ namespace nil { class blueprint_linear_combination_vector> : private std::vector>> { - typedef snark::r1cs_constraint_system ArithmetizationType; + typedef zk::snark::r1cs_constraint_system ArithmetizationType; typedef typename BlueprintFieldType::value_type field_value_type; typedef std::vector> contents; diff --git a/include/nil/blueprint/blueprint/r1cs/detail/r1cs/blueprint_variable.hpp b/include/nil/blueprint/blueprint/r1cs/detail/r1cs/blueprint_variable.hpp index d5c52b8ed7..04823f36b5 100644 --- a/include/nil/blueprint/blueprint/r1cs/detail/r1cs/blueprint_variable.hpp +++ b/include/nil/blueprint/blueprint/r1cs/detail/r1cs/blueprint_variable.hpp @@ -56,7 +56,7 @@ namespace nil { // BlueprintFieldType> class blueprint_variable; template - class blueprint_variable> + class blueprint_variable> : public math::linear_variable { public: blueprint_variable(const typename math::linear_variable::index_type index = 0) : @@ -79,7 +79,7 @@ namespace nil { class blueprint_variable_vector> : private std::vector>> { - typedef snark::r1cs_constraint_system ArithmetizationType; + typedef zk::snark::r1cs_constraint_system ArithmetizationType; typedef typename BlueprintFieldType::value_type field_value_type; typedef std::vector> contents; diff --git a/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/complete_addition.hpp b/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/complete_addition.hpp index 7a6651a71e..6b9bf3f052 100644 --- a/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/complete_addition.hpp +++ b/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/complete_addition.hpp @@ -37,14 +37,13 @@ namespace nil { namespace blueprint { namespace components { - template + template class complete_addition; template - class complete_addition, - CurveType, - Ed25519Type, - W0, - W1, - W2, - W3, - W4, - W5, - W6, - W7, - W8> { - - typedef snark::plonk_constraint_system ArithmetizationType; - - using non_native_range_component = zk::components::non_native_range; - using multiplication_component = non_native_field_element_multiplication; - - using addition_component = non_native_field_element_addition; - - using subtraction_component = non_native_field_element_subtraction; - + class complete_addition< + crypto3::zk::snark::plonk_constraint_system, + CurveType, + Ed25519Type, + W0, + W1, + W2, + W3, + W4, + W5, + W6, + W7, + W8> { + + typedef crypto3::zk::snark::plonk_constraint_system + ArithmetizationType; + + using non_native_range_component = + components::non_native_range; + using multiplication_component = non_native_field_element_multiplication; + + using addition_component = non_native_field_element_addition; + + using subtraction_component = non_native_field_element_subtraction; using var = snark::plonk_variable; constexpr static const std::size_t selector_seed = 0xff87; @@ -94,8 +123,8 @@ namespace nil { struct params_type { struct var_ec_point { - std::array x; - std::array y; + std::array x {}; + std::array y {}; }; var_ec_point T; @@ -104,18 +133,18 @@ namespace nil { struct result_type { struct var_ec_point { - std::array x; - std::array y; + std::array x {}; + std::array y {}; }; var_ec_point output; result_type(std::size_t component_start_row) { output.x = {var(W0, component_start_row, false), var(W1, component_start_row, false), - var(W2, component_start_row, false), var(W3, component_start_row, false)}; + var(W2, component_start_row, false), var(W3, component_start_row, false)}; output.y = {var(W0, component_start_row + non_native_range_component::rows_amount, false), - var(W1, component_start_row + non_native_range_component::rows_amount, false), - var(W2, component_start_row + non_native_range_component::rows_amount, false), - var(W3, component_start_row + non_native_range_component::rows_amount, false)}; + var(W1, component_start_row + non_native_range_component::rows_amount, false), + var(W2, component_start_row + non_native_range_component::rows_amount, false), + var(W3, component_start_row + non_native_range_component::rows_amount, false)}; } }; @@ -126,121 +155,144 @@ namespace nil { typename Ed25519Type::base_field_type::integral_type base = 1; std::array T_x = params.T.x; std::array T_y = params.T.y; - std::array T_x_array = {assignment.var_value(params.T.x[0]), - assignment.var_value(params.T.x[1]), assignment.var_value(params.T.x[2]), assignment.var_value(params.T.x[3])}; - std::array T_y_array = {assignment.var_value(params.T.y[0]), - assignment.var_value(params.T.y[1]), assignment.var_value(params.T.y[2]), assignment.var_value(params.T.y[3])}; + std::array T_x_array = { + assignment.var_value(params.T.x[0]), assignment.var_value(params.T.x[1]), + assignment.var_value(params.T.x[2]), assignment.var_value(params.T.x[3])}; + std::array T_y_array = { + assignment.var_value(params.T.y[0]), assignment.var_value(params.T.y[1]), + assignment.var_value(params.T.y[2]), assignment.var_value(params.T.y[3])}; std::array R_x = params.R.x; std::array R_y = params.R.y; - std::array R_x_array = {assignment.var_value(params.R.x[0]), - assignment.var_value(params.R.x[1]), assignment.var_value(params.R.x[2]), assignment.var_value(params.R.x[3])}; - std::array R_y_array = {assignment.var_value(params.R.y[0]), - assignment.var_value(params.R.y[1]), assignment.var_value(params.R.y[2]), assignment.var_value(params.R.y[3])}; - - typename Ed25519Type::template - g1_type::value_type T((typename Ed25519Type::base_field_type::integral_type(T_x_array[0].data) - + typename Ed25519Type::base_field_type::integral_type(T_x_array[1].data) * (base << 66) + - typename Ed25519Type::base_field_type::integral_type(T_x_array[2].data) * (base << 132) + - typename Ed25519Type::base_field_type::integral_type(T_x_array[3].data) * (base << 198)), - (typename Ed25519Type::base_field_type::integral_type(T_y_array[0].data) + - typename Ed25519Type::base_field_type::integral_type(T_y_array[1].data) * (base << 66) + - typename Ed25519Type::base_field_type::integral_type(T_y_array[2].data) * (base << 132) + - typename Ed25519Type::base_field_type::integral_type(T_y_array[3].data) * (base << 198))); - typename Ed25519Type::template - g1_type::value_type R((typename Ed25519Type::base_field_type::integral_type(R_x_array[0].data) - + typename Ed25519Type::base_field_type::integral_type(R_x_array[1].data) * (base << 66) + - typename Ed25519Type::base_field_type::integral_type(R_x_array[2].data) * (base << 132) + - typename Ed25519Type::base_field_type::integral_type(R_x_array[3].data) * (base << 198)), - (typename Ed25519Type::base_field_type::integral_type(R_y_array[0].data) + - typename Ed25519Type::base_field_type::integral_type(R_y_array[1].data) * (base << 66) + - typename Ed25519Type::base_field_type::integral_type(R_y_array[2].data) * (base << 132) + - typename Ed25519Type::base_field_type::integral_type(R_y_array[3].data) * (base << 198))); - - - typename Ed25519Type::template - g1_type::value_type P = T + R; + std::array R_x_array = { + assignment.var_value(params.R.x[0]), assignment.var_value(params.R.x[1]), + assignment.var_value(params.R.x[2]), assignment.var_value(params.R.x[3])}; + std::array R_y_array = { + assignment.var_value(params.R.y[0]), assignment.var_value(params.R.y[1]), + assignment.var_value(params.R.y[2]), assignment.var_value(params.R.y[3])}; + + typename Ed25519Type::template g1_type::value_type T( + (typename Ed25519Type::base_field_type::integral_type(T_x_array[0].data) + + typename Ed25519Type::base_field_type::integral_type(T_x_array[1].data) * (base << 66) + + typename Ed25519Type::base_field_type::integral_type(T_x_array[2].data) * (base << 132) + + typename Ed25519Type::base_field_type::integral_type(T_x_array[3].data) * (base << 198)), + (typename Ed25519Type::base_field_type::integral_type(T_y_array[0].data) + + typename Ed25519Type::base_field_type::integral_type(T_y_array[1].data) * (base << 66) + + typename Ed25519Type::base_field_type::integral_type(T_y_array[2].data) * (base << 132) + + typename Ed25519Type::base_field_type::integral_type(T_y_array[3].data) * (base << 198))); + typename Ed25519Type::template g1_type::value_type R( + (typename Ed25519Type::base_field_type::integral_type(R_x_array[0].data) + + typename Ed25519Type::base_field_type::integral_type(R_x_array[1].data) * (base << 66) + + typename Ed25519Type::base_field_type::integral_type(R_x_array[2].data) * (base << 132) + + typename Ed25519Type::base_field_type::integral_type(R_x_array[3].data) * (base << 198)), + (typename Ed25519Type::base_field_type::integral_type(R_y_array[0].data) + + typename Ed25519Type::base_field_type::integral_type(R_y_array[1].data) * (base << 66) + + typename Ed25519Type::base_field_type::integral_type(R_y_array[2].data) * (base << 132) + + typename Ed25519Type::base_field_type::integral_type(R_y_array[3].data) * (base << 198))); + + typename Ed25519Type::template g1_type::value_type P = T + R; typename Ed25519Type::base_field_type::integral_type mask = (base << 66) - 1; - typename Ed25519Type::base_field_type::integral_type Px_integral = typename Ed25519Type::base_field_type::integral_type(P.X.data); - std::array x3 = {Px_integral & mask, (Px_integral >>66) & mask, (Px_integral >>132) & mask, (Px_integral >>198) & mask}; - + typename Ed25519Type::base_field_type::integral_type Px_integral = + typename Ed25519Type::base_field_type::integral_type(P.X.data); + std::array x3 = { + Px_integral & mask, (Px_integral >> 66) & mask, (Px_integral >> 132) & mask, + (Px_integral >> 198) & mask}; - typename Ed25519Type::base_field_type::integral_type Py_integral = typename Ed25519Type::base_field_type::integral_type(P.Y.data); - std::array y3 = {Py_integral & mask, (Py_integral >>66) & mask, (Py_integral >>132) & mask, (Py_integral >>198) & mask}; + typename Ed25519Type::base_field_type::integral_type Py_integral = + typename Ed25519Type::base_field_type::integral_type(P.Y.data); + std::array y3 = { + Py_integral & mask, (Py_integral >> 66) & mask, (Py_integral >> 132) & mask, + (Py_integral >> 198) & mask}; assignment.witness(W0)[row] = x3[0]; assignment.witness(W1)[row] = x3[1]; assignment.witness(W2)[row] = x3[2]; assignment.witness(W3)[row] = x3[3]; - std::array P_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; + std::array P_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; typename non_native_range_component::params_type range_params_x3 = {P_x}; non_native_range_component::generate_assignments(assignment, range_params_x3, row); - row+=non_native_range_component::rows_amount; + row += non_native_range_component::rows_amount; assignment.witness(W0)[row] = y3[0]; assignment.witness(W1)[row] = y3[1]; assignment.witness(W2)[row] = y3[2]; assignment.witness(W3)[row] = y3[3]; - std::array P_y = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; + std::array P_y = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; typename non_native_range_component::params_type range_params_y3 = {P_y}; non_native_range_component::generate_assignments(assignment, range_params_y3, row); - row+=non_native_range_component::rows_amount; + row += non_native_range_component::rows_amount; - auto t0 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({T_x, R_y}), row); - row+=multiplication_component::rows_amount; + auto t0 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({T_x, R_y}), row); + row += multiplication_component::rows_amount; - auto t1 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({T_y, R_x}), row); - row+=multiplication_component::rows_amount; + auto t1 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({T_y, R_x}), row); + row += multiplication_component::rows_amount; - auto t2 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({T_x, R_x}), row); - row+=multiplication_component::rows_amount; + auto t2 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({T_x, R_x}), row); + row += multiplication_component::rows_amount; - auto t3 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({T_y, R_y}), row); - row+=multiplication_component::rows_amount; + auto t3 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({T_y, R_y}), row); + row += multiplication_component::rows_amount; - auto z0 = addition_component::generate_assignments(assignment, typename addition_component::params_type({t0.output, t1.output}), row); - row+=addition_component::rows_amount; + auto z0 = addition_component::generate_assignments( + assignment, typename addition_component::params_type({t0.output, t1.output}), row); + row += addition_component::rows_amount; - auto z1 = addition_component::generate_assignments(assignment, typename addition_component::params_type({t2.output, t3.output}), row); - row+=addition_component::rows_amount; + auto z1 = addition_component::generate_assignments( + assignment, typename addition_component::params_type({t2.output, t3.output}), row); + row += addition_component::rows_amount; - auto z2 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({t0.output, t1.output}), row); - row+=multiplication_component::rows_amount; + auto z2 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({t0.output, t1.output}), row); + row += multiplication_component::rows_amount; - typename Ed25519Type::base_field_type::integral_type d = typename Ed25519Type::base_field_type::integral_type(0x52036cee2b6ffe738cc740797779e89800700a4d4141d8ab75eb4dca135978a3_cppui256); + typename Ed25519Type::base_field_type::integral_type d = + typename Ed25519Type::base_field_type::integral_type( + 0x52036cee2b6ffe738cc740797779e89800700a4d4141d8ab75eb4dca135978a3_cppui256); assignment.constant(0)[row + 4] = d & mask; assignment.constant(0)[row + 5] = (d >> 66) & mask; assignment.constant(0)[row + 6] = (d >> 132) & mask; assignment.constant(0)[row + 7] = (d >> 198) & mask; - std::array d_var_array = {var(0, row + 4, false, var::column_type::constant), var(0, row + 5, false, var::column_type::constant), - var(0, row + 6, false, var::column_type::constant), var(0, row + 7, false, var::column_type::constant)}; + std::array d_var_array = {var(0, row + 4, false, var::column_type::constant), + var(0, row + 5, false, var::column_type::constant), + var(0, row + 6, false, var::column_type::constant), + var(0, row + 7, false, var::column_type::constant)}; - auto k0 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({d_var_array, z2.output}), row); - row+=multiplication_component::rows_amount; + auto k0 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({d_var_array, z2.output}), row); + row += multiplication_component::rows_amount; - auto k1 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({P_x, k0.output}), row); - row+=multiplication_component::rows_amount; + auto k1 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({P_x, k0.output}), row); + row += multiplication_component::rows_amount; - auto k2 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({P_y, k0.output}), row); - row+=multiplication_component::rows_amount; + auto k2 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({P_y, k0.output}), row); + row += multiplication_component::rows_amount; - auto k3 = addition_component::generate_assignments(assignment, typename addition_component::params_type({P_x, k1.output}), row); - row+=addition_component::rows_amount; + auto k3 = addition_component::generate_assignments( + assignment, typename addition_component::params_type({P_x, k1.output}), row); + row += addition_component::rows_amount; + + auto k4 = subtraction_component::generate_assignments( + assignment, typename subtraction_component::params_type({P_y, k2.output}), row); + row += subtraction_component::rows_amount; - auto k4 = subtraction_component::generate_assignments(assignment, typename subtraction_component::params_type({P_y, k2.output}), row); - row+=subtraction_component::rows_amount; - return result_type(component_start_row); } static result_type generate_circuit(blueprint &bp, - blueprint_public_assignment_table &assignment, - const params_type ¶ms, - const std::size_t start_row_index){ + blueprint_public_assignment_table &assignment, + const params_type ¶ms, + const std::size_t start_row_index) { auto selector_iterator = assignment.find_selector(selector_seed); std::size_t first_selector_index; @@ -251,61 +303,75 @@ namespace nil { first_selector_index = selector_iterator->second; } std::size_t row = start_row_index; - std::array P_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; + std::array P_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; typename non_native_range_component::params_type range_params_x3 = {P_x}; non_native_range_component::generate_circuit(bp, assignment, range_params_x3, row); - row+=non_native_range_component::rows_amount; + row += non_native_range_component::rows_amount; - std::array P_y = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; + std::array P_y = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; typename non_native_range_component::params_type range_params_y3 = {P_y}; non_native_range_component::generate_circuit(bp, assignment, range_params_y3, row); - row+=non_native_range_component::rows_amount; + row += non_native_range_component::rows_amount; std::array R_x = params.R.x; std::array R_y = params.R.y; std::array T_x = params.T.x; std::array T_y = params.T.y; - auto t0 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({T_x, R_y}), row); - row+=multiplication_component::rows_amount; + auto t0 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({T_x, R_y}), row); + row += multiplication_component::rows_amount; - auto t1 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({T_y, R_x}), row); - row+=multiplication_component::rows_amount; + auto t1 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({T_y, R_x}), row); + row += multiplication_component::rows_amount; - auto t2 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({T_x, R_x}), row); - row+=multiplication_component::rows_amount; + auto t2 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({T_x, R_x}), row); + row += multiplication_component::rows_amount; - auto t3 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({T_y, R_y}), row); - row+=multiplication_component::rows_amount; + auto t3 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({T_y, R_y}), row); + row += multiplication_component::rows_amount; - auto z0 = addition_component::generate_circuit(bp, assignment, typename addition_component::params_type({t0.output, t1.output}), row); - row+=addition_component::rows_amount; + auto z0 = addition_component::generate_circuit( + bp, assignment, typename addition_component::params_type({t0.output, t1.output}), row); + row += addition_component::rows_amount; - auto z1 = addition_component::generate_circuit(bp, assignment, typename addition_component::params_type({t2.output, t3.output}), row); - row+=addition_component::rows_amount; + auto z1 = addition_component::generate_circuit( + bp, assignment, typename addition_component::params_type({t2.output, t3.output}), row); + row += addition_component::rows_amount; - auto z2 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({t0.output, t1.output}), row); - row+=multiplication_component::rows_amount; + auto z2 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({t0.output, t1.output}), row); + row += multiplication_component::rows_amount; - std::array d_var_array = {var(0, row + 4, false, var::column_type::constant), var(0, row + 5, false, var::column_type::constant), - var(0, row + 6, false, var::column_type::constant), var(0, row + 7, false, var::column_type::constant)}; + std::array d_var_array = {var(0, row + 4, false, var::column_type::constant), + var(0, row + 5, false, var::column_type::constant), + var(0, row + 6, false, var::column_type::constant), + var(0, row + 7, false, var::column_type::constant)}; - auto k0 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({d_var_array, z2.output}), row); - row+=multiplication_component::rows_amount; + auto k0 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({d_var_array, z2.output}), row); + row += multiplication_component::rows_amount; - auto k1 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({P_x, k0.output}), row); - row+=multiplication_component::rows_amount; + auto k1 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({P_x, k0.output}), row); + row += multiplication_component::rows_amount; - auto k2 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({P_y, k0.output}), row); - row+=multiplication_component::rows_amount; + auto k2 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({P_y, k0.output}), row); + row += multiplication_component::rows_amount; - auto k3 = addition_component::generate_circuit(bp, assignment, typename addition_component::params_type({P_x, k1.output}), row); - row+=addition_component::rows_amount; + auto k3 = addition_component::generate_circuit( + bp, assignment, typename addition_component::params_type({P_x, k1.output}), row); + row += addition_component::rows_amount; - auto k4 = subtraction_component::generate_circuit(bp, assignment, typename subtraction_component::params_type({P_y, k2.output}), row); - row+=subtraction_component::rows_amount; + auto k4 = subtraction_component::generate_circuit( + bp, assignment, typename subtraction_component::params_type({P_y, k2.output}), row); + row += subtraction_component::rows_amount; generate_copy_constraints(bp, assignment, params, start_row_index); @@ -313,37 +379,36 @@ namespace nil { } private: - - static void generate_gates( - blueprint &bp, - blueprint_public_assignment_table &public_assignment, - const params_type ¶ms, - const std::size_t first_selector_index) { - + static void generate_gates(blueprint &bp, + blueprint_public_assignment_table &public_assignment, + const params_type ¶ms, + const std::size_t first_selector_index) { } - static void generate_copy_constraints(blueprint &bp, + static void + generate_copy_constraints(blueprint &bp, blueprint_public_assignment_table &assignment, const params_type ¶ms, const std::size_t start_row_index) { std::size_t row = start_row_index; - row+=non_native_range_component::rows_amount; - row+=non_native_range_component::rows_amount; - row+=multiplication_component::rows_amount; - row+=multiplication_component::rows_amount; - row+=multiplication_component::rows_amount; - row+=multiplication_component::rows_amount; + row += non_native_range_component::rows_amount; + row += non_native_range_component::rows_amount; + row += multiplication_component::rows_amount; + row += multiplication_component::rows_amount; + row += multiplication_component::rows_amount; + row += multiplication_component::rows_amount; - for (std::size_t i = 0; i < 4; i++){ - bp.add_copy_constraint({{i, (std::int32_t)(row + 2), false}, {i, (std::int32_t)(start_row_index + rows_amount - 4 - 2), false}}); + for (std::size_t i = 0; i < 4; i++) { + bp.add_copy_constraint({{i, (std::int32_t)(row + 2), false}, + {i, (std::int32_t)(start_row_index + rows_amount - 4 - 2), false}}); } - row+=addition_component::rows_amount; + row += addition_component::rows_amount; - for (std::size_t i = 0; i < 4; i++){ - bp.add_copy_constraint({{i, (std::int32_t)(row + 2), false}, {i, (std::int32_t)(start_row_index + rows_amount - 2), false}}); + for (std::size_t i = 0; i < 4; i++) { + bp.add_copy_constraint({{i, (std::int32_t)(row + 2), false}, + {i, (std::int32_t)(start_row_index + rows_amount - 2), false}}); } - } }; diff --git a/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/doubling.hpp b/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/doubling.hpp index 6abec8e77a..62441e3535 100644 --- a/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/doubling.hpp +++ b/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/doubling.hpp @@ -29,22 +29,21 @@ #include #include -#include -#include -#include +#include +#include +#include namespace nil { namespace blueprint { namespace components { - template + template class doubling; template class doubling, - CurveType, - Ed25519Type, - W0, - W1, - W2, - W3, - W4, - W5, - W6, - W7, - W8> { - - typedef snark::plonk_constraint_system ArithmetizationType; - - using non_native_range_component = zk::components::non_native_range; - using multiplication_component = non_native_field_element_multiplication; - - using addition_component = non_native_field_element_addition; - - using subtraction_component = non_native_field_element_subtraction; - + CurveType, + Ed25519Type, + W0, + W1, + W2, + W3, + W4, + W5, + W6, + W7, + W8> { + + typedef crypto3::zk::snark::plonk_constraint_system + ArithmetizationType; + + using non_native_range_component = + components::non_native_range; + using multiplication_component = non_native_field_element_multiplication; + + using addition_component = non_native_field_element_addition; + + using subtraction_component = non_native_field_element_subtraction; using var = snark::plonk_variable; constexpr static const std::size_t selector_seed = 0xfc87; @@ -88,7 +116,7 @@ namespace nil { public: constexpr static const std::size_t rows_amount = 2 * non_native_range_component::rows_amount + 5 * multiplication_component::rows_amount + - 4 * addition_component::rows_amount + 2*subtraction_component::rows_amount; + 4 * addition_component::rows_amount + 2 * subtraction_component::rows_amount; constexpr static const std::size_t gates_amount = 0; @@ -110,11 +138,11 @@ namespace nil { result_type(std::size_t component_start_row) { output.x = {var(W0, component_start_row, false), var(W1, component_start_row, false), - var(W2, component_start_row, false), var(W3, component_start_row, false)}; + var(W2, component_start_row, false), var(W3, component_start_row, false)}; output.y = {var(W0, component_start_row + non_native_range_component::rows_amount, false), - var(W1, component_start_row + non_native_range_component::rows_amount, false), - var(W2, component_start_row + non_native_range_component::rows_amount, false), - var(W3, component_start_row + non_native_range_component::rows_amount, false)}; + var(W1, component_start_row + non_native_range_component::rows_amount, false), + var(W2, component_start_row + non_native_range_component::rows_amount, false), + var(W3, component_start_row + non_native_range_component::rows_amount, false)}; } }; @@ -125,93 +153,109 @@ namespace nil { typename Ed25519Type::base_field_type::integral_type base = 1; std::array T_x = params.T.x; std::array T_y = params.T.y; - std::array T_x_array = {assignment.var_value(params.T.x[0]), - assignment.var_value(params.T.x[1]), assignment.var_value(params.T.x[2]), assignment.var_value(params.T.x[3])}; - std::array T_y_array = {assignment.var_value(params.T.y[0]), - assignment.var_value(params.T.y[1]), assignment.var_value(params.T.y[2]), assignment.var_value(params.T.y[3])}; - - typename Ed25519Type::template - g1_type::value_type T((typename Ed25519Type::base_field_type::integral_type(T_x_array[0].data) - + typename Ed25519Type::base_field_type::integral_type(T_x_array[1].data) * (base << 66) + - typename Ed25519Type::base_field_type::integral_type(T_x_array[2].data) * (base << 132) + - typename Ed25519Type::base_field_type::integral_type(T_x_array[3].data) * (base << 198)), - (typename Ed25519Type::base_field_type::integral_type(T_y_array[0].data) + - typename Ed25519Type::base_field_type::integral_type(T_y_array[1].data) * (base << 66) + - typename Ed25519Type::base_field_type::integral_type(T_y_array[2].data) * (base << 132) + - typename Ed25519Type::base_field_type::integral_type(T_y_array[3].data) * (base << 198))); - - - typename Ed25519Type::template - g1_type::value_type P = T + T; + std::array T_x_array = { + assignment.var_value(params.T.x[0]), assignment.var_value(params.T.x[1]), + assignment.var_value(params.T.x[2]), assignment.var_value(params.T.x[3])}; + std::array T_y_array = { + assignment.var_value(params.T.y[0]), assignment.var_value(params.T.y[1]), + assignment.var_value(params.T.y[2]), assignment.var_value(params.T.y[3])}; + + typename Ed25519Type::template g1_type::value_type T( + (typename Ed25519Type::base_field_type::integral_type(T_x_array[0].data) + + typename Ed25519Type::base_field_type::integral_type(T_x_array[1].data) * (base << 66) + + typename Ed25519Type::base_field_type::integral_type(T_x_array[2].data) * (base << 132) + + typename Ed25519Type::base_field_type::integral_type(T_x_array[3].data) * (base << 198)), + (typename Ed25519Type::base_field_type::integral_type(T_y_array[0].data) + + typename Ed25519Type::base_field_type::integral_type(T_y_array[1].data) * (base << 66) + + typename Ed25519Type::base_field_type::integral_type(T_y_array[2].data) * (base << 132) + + typename Ed25519Type::base_field_type::integral_type(T_y_array[3].data) * (base << 198))); + + typename Ed25519Type::template g1_type::value_type P = T + T; typename Ed25519Type::base_field_type::integral_type mask = (base << 66) - 1; - typename Ed25519Type::base_field_type::integral_type Px_integral = typename Ed25519Type::base_field_type::integral_type(P.X.data); - std::array x3 = {Px_integral & mask, (Px_integral >>66) & mask, (Px_integral >>132) & mask, (Px_integral >>198) & mask}; - + typename Ed25519Type::base_field_type::integral_type Px_integral = + typename Ed25519Type::base_field_type::integral_type(P.X.data); + std::array x3 = { + Px_integral & mask, (Px_integral >> 66) & mask, (Px_integral >> 132) & mask, + (Px_integral >> 198) & mask}; - typename Ed25519Type::base_field_type::integral_type Py_integral = typename Ed25519Type::base_field_type::integral_type(P.Y.data); - std::array y3 = {Py_integral & mask, (Py_integral >>66) & mask, (Py_integral >>132) & mask, (Py_integral >>198) & mask}; + typename Ed25519Type::base_field_type::integral_type Py_integral = + typename Ed25519Type::base_field_type::integral_type(P.Y.data); + std::array y3 = { + Py_integral & mask, (Py_integral >> 66) & mask, (Py_integral >> 132) & mask, + (Py_integral >> 198) & mask}; assignment.witness(W0)[row] = x3[0]; assignment.witness(W1)[row] = x3[1]; assignment.witness(W2)[row] = x3[2]; assignment.witness(W3)[row] = x3[3]; - std::array P_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; + std::array P_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; typename non_native_range_component::params_type range_params_x3 = {P_x}; non_native_range_component::generate_assignments(assignment, range_params_x3, row); - row+=non_native_range_component::rows_amount; + row += non_native_range_component::rows_amount; assignment.witness(W0)[row] = y3[0]; assignment.witness(W1)[row] = y3[1]; assignment.witness(W2)[row] = y3[2]; assignment.witness(W3)[row] = y3[3]; - std::array P_y = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; + std::array P_y = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; typename non_native_range_component::params_type range_params_y3 = {P_y}; non_native_range_component::generate_assignments(assignment, range_params_y3, row); - row+=non_native_range_component::rows_amount; + row += non_native_range_component::rows_amount; - auto t0 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({T_y, T_y}), row); - row+=multiplication_component::rows_amount; + auto t0 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({T_y, T_y}), row); + row += multiplication_component::rows_amount; - auto t1 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({T_x, T_x}), row); - row+=multiplication_component::rows_amount; + auto t1 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({T_x, T_x}), row); + row += multiplication_component::rows_amount; - auto t2 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({T_x, T_y}), row); - row+=multiplication_component::rows_amount; + auto t2 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({T_x, T_y}), row); + row += multiplication_component::rows_amount; - auto t3 = subtraction_component::generate_assignments(assignment, typename subtraction_component::params_type({t0.output, t1.output}), row); - row+=subtraction_component::rows_amount; + auto t3 = subtraction_component::generate_assignments( + assignment, typename subtraction_component::params_type({t0.output, t1.output}), row); + row += subtraction_component::rows_amount; - auto t4 = addition_component::generate_assignments(assignment, typename addition_component::params_type({t2.output, t2.output}), row); - row+=addition_component::rows_amount; + auto t4 = addition_component::generate_assignments( + assignment, typename addition_component::params_type({t2.output, t2.output}), row); + row += addition_component::rows_amount; - auto t5 = addition_component::generate_assignments(assignment, typename addition_component::params_type({t1.output, t0.output}), row); - row+=addition_component::rows_amount; + auto t5 = addition_component::generate_assignments( + assignment, typename addition_component::params_type({t1.output, t0.output}), row); + row += addition_component::rows_amount; - auto t6 = subtraction_component::generate_assignments(assignment, typename subtraction_component::params_type({t1.output, t0.output}), row); - row+=subtraction_component::rows_amount; + auto t6 = subtraction_component::generate_assignments( + assignment, typename subtraction_component::params_type({t1.output, t0.output}), row); + row += subtraction_component::rows_amount; - auto t7 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({P_x, t3.output}), row); - row+=multiplication_component::rows_amount; + auto t7 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({P_x, t3.output}), row); + row += multiplication_component::rows_amount; - auto t8 = addition_component::generate_assignments(assignment, typename addition_component::params_type({P_y, P_y}), row); - row+=addition_component::rows_amount; + auto t8 = addition_component::generate_assignments( + assignment, typename addition_component::params_type({P_y, P_y}), row); + row += addition_component::rows_amount; - auto t9 = multiplication_component::generate_assignments(assignment, typename multiplication_component::params_type({P_y, t6.output}), row); - row+=multiplication_component::rows_amount; + auto t9 = multiplication_component::generate_assignments( + assignment, typename multiplication_component::params_type({P_y, t6.output}), row); + row += multiplication_component::rows_amount; + + auto t10 = addition_component::generate_assignments( + assignment, typename addition_component::params_type({t8.output, t9.output}), row); + row += addition_component::rows_amount; - auto t10 = addition_component::generate_assignments(assignment, typename addition_component::params_type({t8.output, t9.output}), row); - row+=addition_component::rows_amount; - return result_type(component_start_row); } static result_type generate_circuit(blueprint &bp, - blueprint_public_assignment_table &assignment, - const params_type ¶ms, - const std::size_t start_row_index){ + blueprint_public_assignment_table &assignment, + const params_type ¶ms, + const std::size_t start_row_index) { auto selector_iterator = assignment.find_selector(selector_seed); std::size_t first_selector_index; @@ -222,52 +266,63 @@ namespace nil { first_selector_index = selector_iterator->second; } std::size_t row = start_row_index; - std::array P_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; + std::array P_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; typename non_native_range_component::params_type range_params_x3 = {P_x}; non_native_range_component::generate_circuit(bp, assignment, range_params_x3, row); - row+=non_native_range_component::rows_amount; + row += non_native_range_component::rows_amount; - std::array P_y = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; + std::array P_y = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; typename non_native_range_component::params_type range_params_y3 = {P_y}; non_native_range_component::generate_circuit(bp, assignment, range_params_y3, row); - row+=non_native_range_component::rows_amount; + row += non_native_range_component::rows_amount; std::array T_x = params.T.x; std::array T_y = params.T.y; - auto t0 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({T_y, T_y}), row); - row+=multiplication_component::rows_amount; + auto t0 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({T_y, T_y}), row); + row += multiplication_component::rows_amount; - auto t1 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({T_x, T_x}), row); - row+=multiplication_component::rows_amount; + auto t1 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({T_x, T_x}), row); + row += multiplication_component::rows_amount; - auto t2 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({T_x, T_y}), row); - row+=multiplication_component::rows_amount; + auto t2 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({T_x, T_y}), row); + row += multiplication_component::rows_amount; - auto t3 = subtraction_component::generate_circuit(bp, assignment, typename subtraction_component::params_type({t0.output, t1.output}), row); - row+=subtraction_component::rows_amount; + auto t3 = subtraction_component::generate_circuit( + bp, assignment, typename subtraction_component::params_type({t0.output, t1.output}), row); + row += subtraction_component::rows_amount; - auto t4 = addition_component::generate_circuit(bp, assignment, typename addition_component::params_type({t2.output, t2.output}), row); - row+=addition_component::rows_amount; + auto t4 = addition_component::generate_circuit( + bp, assignment, typename addition_component::params_type({t2.output, t2.output}), row); + row += addition_component::rows_amount; - auto t5 = addition_component::generate_circuit(bp, assignment, typename addition_component::params_type({t1.output, t0.output}), row); - row+=addition_component::rows_amount; + auto t5 = addition_component::generate_circuit( + bp, assignment, typename addition_component::params_type({t1.output, t0.output}), row); + row += addition_component::rows_amount; - auto t6 = subtraction_component::generate_circuit(bp, assignment, typename subtraction_component::params_type({t1.output, t0.output}), row); - row+=subtraction_component::rows_amount; + auto t6 = subtraction_component::generate_circuit( + bp, assignment, typename subtraction_component::params_type({t1.output, t0.output}), row); + row += subtraction_component::rows_amount; - auto t7 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({P_x, t3.output}), row); - row+=multiplication_component::rows_amount; + auto t7 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({P_x, t3.output}), row); + row += multiplication_component::rows_amount; - auto t8 = addition_component::generate_circuit(bp, assignment, typename addition_component::params_type({P_y, P_y}), row); - row+=addition_component::rows_amount; + auto t8 = addition_component::generate_circuit( + bp, assignment, typename addition_component::params_type({P_y, P_y}), row); + row += addition_component::rows_amount; - auto t9 = multiplication_component::generate_circuit(bp, assignment, typename multiplication_component::params_type({P_y, t6.output}), row); - row+=multiplication_component::rows_amount; + auto t9 = multiplication_component::generate_circuit( + bp, assignment, typename multiplication_component::params_type({P_y, t6.output}), row); + row += multiplication_component::rows_amount; - auto t10 = addition_component::generate_circuit(bp, assignment, typename addition_component::params_type({t8.output, t9.output}), row); - row+=addition_component::rows_amount; + auto t10 = addition_component::generate_circuit( + bp, assignment, typename addition_component::params_type({t8.output, t9.output}), row); + row += addition_component::rows_amount; generate_copy_constraints(bp, assignment, params, start_row_index); @@ -275,46 +330,45 @@ namespace nil { } private: - - static void generate_gates( - blueprint &bp, - blueprint_public_assignment_table &public_assignment, - const params_type ¶ms, - const std::size_t first_selector_index) { - + static void generate_gates(blueprint &bp, + blueprint_public_assignment_table &public_assignment, + const params_type ¶ms, + const std::size_t first_selector_index) { } - static void generate_copy_constraints(blueprint &bp, + static void + generate_copy_constraints(blueprint &bp, blueprint_public_assignment_table &assignment, const params_type ¶ms, const std::size_t start_row_index) { std::size_t row = start_row_index; - row+=non_native_range_component::rows_amount; - row+=non_native_range_component::rows_amount; - row+=multiplication_component::rows_amount; - row+=multiplication_component::rows_amount; - row+=multiplication_component::rows_amount; - row+=subtraction_component::rows_amount; + row += non_native_range_component::rows_amount; + row += non_native_range_component::rows_amount; + row += multiplication_component::rows_amount; + row += multiplication_component::rows_amount; + row += multiplication_component::rows_amount; + row += subtraction_component::rows_amount; std::size_t t4_row = row; - row+=addition_component::rows_amount; + row += addition_component::rows_amount; std::size_t t5_row = row; - row+=addition_component::rows_amount; - row+=subtraction_component::rows_amount; + row += addition_component::rows_amount; + row += subtraction_component::rows_amount; std::size_t t7_row = row; - row+=multiplication_component::rows_amount; - row+=addition_component::rows_amount; - row+=multiplication_component::rows_amount; + row += multiplication_component::rows_amount; + row += addition_component::rows_amount; + row += multiplication_component::rows_amount; std::size_t t10_row = row; - row+=addition_component::rows_amount; + row += addition_component::rows_amount; - for (std::size_t i = 0; i < 4; i++){ - bp.add_copy_constraint({{3 + i, (std::int32_t)(t7_row + 5), false}, {i, (std::int32_t)(t4_row + 2), false}}); + for (std::size_t i = 0; i < 4; i++) { + bp.add_copy_constraint( + {{3 + i, (std::int32_t)(t7_row + 5), false}, {i, (std::int32_t)(t4_row + 2), false}}); } - for (std::size_t i = 0; i < 4; i++){ - bp.add_copy_constraint({{3 + i, (std::int32_t)(t5_row + 2), false}, {3 + i, (std::int32_t)(t10_row + 2), false}}); + for (std::size_t i = 0; i < 4; i++) { + bp.add_copy_constraint( + {{3 + i, (std::int32_t)(t5_row + 2), false}, {3 + i, (std::int32_t)(t10_row + 2), false}}); } - } }; diff --git a/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/fixed_base_multiplication.hpp b/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/fixed_base_multiplication.hpp index ef517973e5..4bf3b79d43 100644 --- a/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/fixed_base_multiplication.hpp +++ b/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/fixed_base_multiplication.hpp @@ -29,61 +29,40 @@ #include #include -#include -#include - +#include +#include namespace nil { namespace blueprint { namespace components { - template + template class fixed_base_multiplication; - template - class fixed_base_multiplication, - CurveType, - Ed25519Type, - W0, - W1, - W2, - W3, - W4, - W5, - W6, - W7, - W8> { - - typedef snark::plonk_constraint_system ArithmetizationType; - - using non_native_range_component = zk::components::non_native_range; - using scalar_non_native_range_component = zk::components::scalar_non_native_range; - - using complete_addition_component = complete_addition; - + template + class fixed_base_multiplication< + crypto3::zk::snark::plonk_constraint_system, CurveType, + Ed25519Type, W0, W1, W2, W3, W4, W5, W6, W7, W8> { + + typedef snark::plonk_constraint_system ArithmetizationType; + + using non_native_range_component = + components::non_native_range; + using scalar_non_native_range_component = + components::scalar_non_native_range; + + using complete_addition_component = + complete_addition; using var = snark::plonk_variable; constexpr static const std::size_t selector_seed = 0xff88; public: - constexpr static const std::size_t rows_amount = scalar_non_native_range_component::rows_amount + 13 + 11 * complete_addition_component::rows_amount; + constexpr static const std::size_t rows_amount = + scalar_non_native_range_component::rows_amount + 13 + 11 * complete_addition_component::rows_amount; constexpr static const std::size_t gates_amount = 0; @@ -92,7 +71,7 @@ namespace nil { }; struct result_type { - struct var_ec_point { + componentsar_ec_point { std::array x; std::array y; }; @@ -108,105 +87,139 @@ namespace nil { const params_type ¶ms, std::size_t component_start_row) { std::size_t row = component_start_row; - auto k_chunks_vars = scalar_non_native_range_component::generate_assignments(assignment, - typename scalar_non_native_range_component::params_type({params.k}), row).output; - row+=scalar_non_native_range_component::rows_amount; + auto k_chunks_vars = + scalar_non_native_range_component::generate_assignments( + assignment, typename scalar_non_native_range_component::params_type({params.k}), row) + .output; + row += scalar_non_native_range_component::rows_amount; typename Ed25519Type::scalar_field_type::integral_type base = 1; - std::array k_chunks; - for (std::size_t i = 0; i < 12; i ++){ - k_chunks[i] = typename Ed25519Type::scalar_field_type::integral_type(assignment.var_value(k_chunks_vars[i]).data); + std::array k_chunks; + for (std::size_t i = 0; i < 12; i++) { + k_chunks[i] = typename Ed25519Type::scalar_field_type::integral_type( + assignment.var_value(k_chunks_vars[i]).data); } - typename Ed25519Type::template - g1_type::value_type B = Ed25519Type::template g1_type::value_type::one(); + typename Ed25519Type::template g1_type::value_type B = + Ed25519Type::template g1_type::value_type::one(); typename Ed25519Type::scalar_field_type::integral_type mask = (base << 66) - 1; - typename Ed25519Type::template - g1_type::value_type P = typename Ed25519Type::scalar_field_type::value_type(k_chunks[0]) * B; + typename Ed25519Type::template g1_type::value_type P = + typename Ed25519Type::scalar_field_type::value_type(k_chunks[0]) * B; - typename Ed25519Type::base_field_type::integral_type Px_integral = typename Ed25519Type::base_field_type::integral_type(P.X.data); - std::array x3 = {Px_integral & mask, (Px_integral >>66) & mask, (Px_integral >>132) & mask, (Px_integral >>198) & mask}; + typename Ed25519Type::base_field_type::integral_type Px_integral = + typename Ed25519Type::base_field_type::integral_type(P.X.data); + std::array x3 = { + Px_integral & mask, (Px_integral >> 66) & mask, (Px_integral >> 132) & mask, + (Px_integral >> 198) & mask}; - typename Ed25519Type::base_field_type::integral_type Py_integral = typename Ed25519Type::base_field_type::integral_type(P.Y.data); - std::array y3 = {Py_integral & mask, (Py_integral >>66) & mask, (Py_integral >>132) & mask, (Py_integral >>198) & mask}; + typename Ed25519Type::base_field_type::integral_type Py_integral = + typename Ed25519Type::base_field_type::integral_type(P.Y.data); + std::array y3 = { + Py_integral & mask, (Py_integral >> 66) & mask, (Py_integral >> 132) & mask, + (Py_integral >> 198) & mask}; assignment.witness(W0)[row] = x3[0]; assignment.witness(W1)[row] = x3[1]; assignment.witness(W2)[row] = x3[2]; assignment.witness(W3)[row] = x3[3]; - std::array P_x = {var(W0, row), var(W1, row), - var(W2, row), var(W3, row)}; + std::array P_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; assignment.witness(W4)[row] = y3[0]; assignment.witness(W5)[row] = y3[1]; assignment.witness(W6)[row] = y3[2]; assignment.witness(W7)[row] = y3[3]; - std::array P_y = {var(W4, row), var(W5, row), - var(W6, row), var(W7, row)}; + std::array P_y = {var(W4, row), var(W5, row), var(W6, row), var(W7, row)}; assignment.witness(W8)[row] = k_chunks[0]; row++; - for (std::size_t i = 0; i < 11; i ++) { - typename Ed25519Type::template - g1_type::value_type Q = typename Ed25519Type::scalar_field_type::value_type(k_chunks[i + 1]) * (base << 22 * (i + 1)) * B; + for (std::size_t i = 0; i < 11; i++) { + typename Ed25519Type::template g1_type::value_type Q = + typename Ed25519Type::scalar_field_type::value_type(k_chunks[i + 1]) * + (base << 22 * (i + 1)) * B; - typename Ed25519Type::base_field_type::integral_type Qx_integral = typename Ed25519Type::base_field_type::integral_type(Q.X.data); - std::array x3 = {Qx_integral & mask, (Qx_integral >>66) & mask, (Qx_integral >>132) & mask, (Qx_integral >>198) & mask}; + typename Ed25519Type::base_field_type::integral_type Qx_integral = + typename Ed25519Type::base_field_type::integral_type(Q.X.data); + std::array x3 = { + Qx_integral & mask, (Qx_integral >> 66) & mask, (Qx_integral >> 132) & mask, + (Qx_integral >> 198) & mask}; - typename Ed25519Type::base_field_type::integral_type Qy_integral = typename Ed25519Type::base_field_type::integral_type(Q.Y.data); - std::array y3 = {Qy_integral & mask, (Qy_integral >>66) & mask, (Qy_integral >>132) & mask, (Qy_integral >>198) & mask}; + typename Ed25519Type::base_field_type::integral_type Qy_integral = + typename Ed25519Type::base_field_type::integral_type(Q.Y.data); + std::array y3 = { + Qy_integral & mask, (Qy_integral >> 66) & mask, (Qy_integral >> 132) & mask, + (Qy_integral >> 198) & mask}; assignment.witness(W0)[row] = x3[0]; assignment.witness(W1)[row] = x3[1]; assignment.witness(W2)[row] = x3[2]; assignment.witness(W3)[row] = x3[3]; - std::array Q_x = {var(W0, row), var(W1, row), - var(W2, row), var(W3, row)}; + std::array Q_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; assignment.witness(W4)[row] = y3[0]; assignment.witness(W5)[row] = y3[1]; assignment.witness(W6)[row] = y3[2]; assignment.witness(W7)[row] = y3[3]; - std::array Q_y = {var(W4, row), var(W5, row), - var(W6, row), var(W7, row)}; + std::array Q_y = {var(W4, row), var(W5, row), var(W6, row), var(W7, row)}; assignment.witness(W8)[row] = k_chunks[0]; row++; - auto t = complete_addition_component::generate_assignments(assignment, - typename complete_addition_component::params_type({{P_x, P_y}, {Q_x, Q_y}}), row); - row+=complete_addition_component::rows_amount; + auto t = complete_addition_component::generate_assignments( + assignment, typename complete_addition_component::params_type({{P_x, P_y}, {Q_x, Q_y}}), + row); + row += complete_addition_component::rows_amount; if (i != 10) { P_x = t.output.x; P_y = t.output.y; - P.X = typename Ed25519Type::base_field_type::value_type((typename Ed25519Type::base_field_type::integral_type(assignment.var_value(P_x[0]).data) - + typename Ed25519Type::base_field_type::integral_type(assignment.var_value(P_x[1]).data) * (base << 66) + - typename Ed25519Type::base_field_type::integral_type(assignment.var_value(P_x[2]).data) * (base << 132) + - typename Ed25519Type::base_field_type::integral_type(assignment.var_value(P_x[3]).data) * (base << 198))); - P.Y = typename Ed25519Type::base_field_type::value_type((typename Ed25519Type::base_field_type::integral_type(assignment.var_value(P_y[0]).data) - + typename Ed25519Type::base_field_type::integral_type(assignment.var_value(P_y[1]).data) * (base << 66) + - typename Ed25519Type::base_field_type::integral_type(assignment.var_value(P_y[2]).data) * (base << 132) + - typename Ed25519Type::base_field_type::integral_type(assignment.var_value(P_y[3]).data) * (base << 198))); + P.X = typename Ed25519Type::base_field_type::value_type( + (typename Ed25519Type::base_field_type::integral_type( + assignment.var_value(P_x[0]).data) + + typename Ed25519Type::base_field_type::integral_type( + assignment.var_value(P_x[1]).data) * + (base << 66) + + typename Ed25519Type::base_field_type::integral_type( + assignment.var_value(P_x[2]).data) * + (base << 132) + + typename Ed25519Type::base_field_type::integral_type( + assignment.var_value(P_x[3]).data) * + (base << 198))); + P.Y = typename Ed25519Type::base_field_type::value_type( + (typename Ed25519Type::base_field_type::integral_type( + assignment.var_value(P_y[0]).data) + + typename Ed25519Type::base_field_type::integral_type( + assignment.var_value(P_y[1]).data) * + (base << 66) + + typename Ed25519Type::base_field_type::integral_type( + assignment.var_value(P_y[2]).data) * + (base << 132) + + typename Ed25519Type::base_field_type::integral_type( + assignment.var_value(P_y[3]).data) * + (base << 198))); } else { - typename Ed25519Type::template - g1_type::value_type Q = typename Ed25519Type::scalar_field_type::value_type((k_chunks[i + 1]) * (base << 11)) * P; + typename Ed25519Type::template g1_type::value_type Q = + typename Ed25519Type::scalar_field_type::value_type((k_chunks[i + 1]) * (base << 11)) * + P; - typename Ed25519Type::base_field_type::integral_type Qx_integral = typename Ed25519Type::base_field_type::integral_type(Q.X.data); - std::array x3 = {Qx_integral & mask, (Qx_integral >>66) & mask, (Qx_integral >>132) & mask, (Qx_integral >>198) & mask}; + typename Ed25519Type::base_field_type::integral_type Qx_integral = + typename Ed25519Type::base_field_type::integral_type(Q.X.data); + std::array x3 = { + Qx_integral & mask, (Qx_integral >> 66) & mask, (Qx_integral >> 132) & mask, + (Qx_integral >> 198) & mask}; - typename Ed25519Type::base_field_type::integral_type Qy_integral = typename Ed25519Type::base_field_type::integral_type(Q.Y.data); - std::array y3 = {Qy_integral & mask, (Qy_integral >>66) & mask, (Qy_integral >>132) & mask, (Qy_integral >>198) & mask}; + typename Ed25519Type::base_field_type::integral_type Qy_integral = + typename Ed25519Type::base_field_type::integral_type(Q.Y.data); + std::array y3 = { + Qy_integral & mask, (Qy_integral >> 66) & mask, (Qy_integral >> 132) & mask, + (Qy_integral >> 198) & mask}; assignment.witness(W0)[row] = x3[0]; assignment.witness(W1)[row] = x3[1]; assignment.witness(W2)[row] = x3[2]; assignment.witness(W3)[row] = x3[3]; - std::array Q_x = {var(W0, row), var(W1, row), - var(W2, row), var(W3, row)}; + std::array Q_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; assignment.witness(W4)[row] = y3[0]; assignment.witness(W5)[row] = y3[1]; assignment.witness(W6)[row] = y3[2]; assignment.witness(W7)[row] = y3[3]; - std::array Q_y = {var(W4, row), var(W5, row), - var(W6, row), var(W7, row)}; + std::array Q_y = {var(W4, row), var(W5, row), var(W6, row), var(W7, row)}; assignment.witness(W8)[row] = k_chunks[0]; row++; } @@ -215,30 +228,29 @@ namespace nil { } static result_type generate_circuit(blueprint &bp, - blueprint_public_assignment_table &assignment, - const params_type ¶ms, - const std::size_t start_row_index){ + blueprint_public_assignment_table &assignment, + const params_type ¶ms, + const std::size_t start_row_index) { std::size_t row = start_row_index; - auto k_chunks = scalar_non_native_range_component::generate_circuit(bp, assignment, - typename scalar_non_native_range_component::params_type({params.k}), row).output; - row+=scalar_non_native_range_component::rows_amount; - - std::array P_x = {var(W0, row), var(W1, row), - var(W2, row), var(W3, row)}; - std::array P_y = {var(W4, row), var(W5, row), - var(W6, row), var(W7, row)}; + auto k_chunks = + scalar_non_native_range_component::generate_circuit( + bp, assignment, typename scalar_non_native_range_component::params_type({params.k}), row) + .output; + row += scalar_non_native_range_component::rows_amount; + + std::array P_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; + std::array P_y = {var(W4, row), var(W5, row), var(W6, row), var(W7, row)}; row++; - for (std::size_t i = 0; i < 11; i ++) { - std::array Q_x = {var(W0, row), var(W1, row), - var(W2, row), var(W3, row)}; - std::array Q_y = {var(W4, row), var(W5, row), - var(W6, row), var(W7, row)}; + for (std::size_t i = 0; i < 11; i++) { + std::array Q_x = {var(W0, row), var(W1, row), var(W2, row), var(W3, row)}; + std::array Q_y = {var(W4, row), var(W5, row), var(W6, row), var(W7, row)}; row++; - auto t = complete_addition_component::generate_circuit(bp, assignment, - typename complete_addition_component::params_type({{P_x, P_y}, {Q_x, Q_y}}), row); - row+=complete_addition_component::rows_amount; + auto t = complete_addition_component::generate_circuit( + bp, assignment, typename complete_addition_component::params_type({{P_x, P_y}, {Q_x, Q_y}}), + row); + row += complete_addition_component::rows_amount; P_x = t.output.x; P_y = t.output.y; } @@ -249,20 +261,18 @@ namespace nil { } private: - - static void generate_gates( - blueprint &bp, - blueprint_public_assignment_table &public_assignment, - const params_type ¶ms, - const std::size_t first_selector_index) { + static void generate_gates(blueprint &bp, + blueprint_public_assignment_table &public_assignment, + const params_type ¶ms, + const std::size_t first_selector_index) { } - static void generate_copy_constraints(blueprint &bp, + static void + generate_copy_constraints(blueprint &bp, blueprint_public_assignment_table &assignment, const params_type ¶ms, const std::size_t start_row_index) { std::size_t row = start_row_index; - } }; diff --git a/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/variable_base_multiplication.hpp b/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/variable_base_multiplication.hpp index aa7fc13d7e..2f349e6125 100644 --- a/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/variable_base_multiplication.hpp +++ b/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/variable_base_multiplication.hpp @@ -29,60 +29,44 @@ #include #include -#include -#include +#include +#include +#include namespace nil { namespace blueprint { namespace components { - template + template class variable_base_multiplication; - template - class variable_base_multiplication, - CurveType, - Ed25519Type, - W0, - W1, - W2, - W3, - W4, - W5, - W6, - W7, - W8> { - - typedef crypto3::zk::snark::plonk_constraint_system ArithmetizationType; - - using mult_per_bit_component = variable_base_multiplication_per_bit; - - using bool_scalar_multiplication_component = bool_scalar_multiplication; - using bit_decomposition_component = bit_decomposition; - + template + class variable_base_multiplication< + crypto3::zk::snark::plonk_constraint_system, CurveType, + Ed25519Type, W0, W1, W2, W3, W4, W5, W6, W7, W8> { + + typedef crypto3::zk::snark::plonk_constraint_system + ArithmetizationType; + + using mult_per_bit_component = + components::variable_base_multiplication; + + using bool_scalar_multiplication_component = + bool_scalar_multiplication; + using bit_decomposition_component = + bit_decomposition; + using var = crypto3::zk::snark::plonk_variable; constexpr static const std::size_t selector_seed = 0xfcc2; public: constexpr static const std::size_t rows_amount = bit_decomposition_component::rows_amount + - 252 * mult_per_bit_component::rows_amount + bool_scalar_multiplication_component::rows_amount; + 252 * mult_per_bit_component::rows_amount + + bool_scalar_multiplication_component::rows_amount; constexpr static const std::size_t gates_amount = 0; @@ -110,60 +94,73 @@ namespace nil { std::size_t row = component_start_row; std::array T_x = params.T.x; std::array T_y = params.T.y; - auto bits = bit_decomposition_component::generate_assignments(assignment, - typename bit_decomposition_component::params_type({params.k}), row); - row+=bit_decomposition_component::rows_amount; - auto bool_mul_res = bool_scalar_multiplication_component::generate_assignments(assignment, typename bool_scalar_multiplication_component::params_type({{T_x, T_y}, - bits.output[0]}), row); - row+=bool_scalar_multiplication_component::rows_amount; - auto res_per_bit = mult_per_bit_component::generate_assignments(assignment, typename mult_per_bit_component::params_type({{T_x, T_y}, - {bool_mul_res.output.x, bool_mul_res.output.y}, bits.output[1]}), row); - row+=mult_per_bit_component::rows_amount; - for (std::size_t i = 2; i < 253; i++){ - res_per_bit = mult_per_bit_component::generate_assignments(assignment, typename mult_per_bit_component::params_type({{T_x, T_y}, - {res_per_bit.output.x, res_per_bit.output.y}, bits.output[i]}), row); - row+=mult_per_bit_component::rows_amount; + auto bits = bit_decomposition_component::generate_assignments( + assignment, typename bit_decomposition_component::params_type({params.k}), row); + row += bit_decomposition_component::rows_amount; + auto bool_mul_res = bool_scalar_multiplication_component::generate_assignments( + assignment, + typename bool_scalar_multiplication_component::params_type({{T_x, T_y}, bits.output[0]}), row); + row += bool_scalar_multiplication_component::rows_amount; + auto res_per_bit = mult_per_bit_component::generate_assignments( + assignment, + typename mult_per_bit_component::params_type( + {{T_x, T_y}, {bool_mul_res.output.x, bool_mul_res.output.y}, bits.output[1]}), + row); + row += mult_per_bit_component::rows_amount; + for (std::size_t i = 2; i < 253; i++) { + res_per_bit = mult_per_bit_component::generate_assignments( + assignment, + typename mult_per_bit_component::params_type( + {{T_x, T_y}, {res_per_bit.output.x, res_per_bit.output.y}, bits.output[i]}), + row); + row += mult_per_bit_component::rows_amount; } return {res_per_bit.output.x, res_per_bit.output.y}; } static result_type generate_circuit(blueprint &bp, - blueprint_public_assignment_table &assignment, - const params_type ¶ms, - const std::size_t start_row_index){ + blueprint_public_assignment_table &assignment, + const params_type ¶ms, + const std::size_t start_row_index) { std::size_t row = start_row_index; std::array T_x = params.T.x; std::array T_y = params.T.y; - auto bits = bit_decomposition_component::generate_circuit(bp, assignment, - typename bit_decomposition_component::params_type({params.k}), row); - row+=bit_decomposition_component::rows_amount; - auto bool_mul_res = bool_scalar_multiplication_component::generate_circuit(bp, assignment, typename bool_scalar_multiplication_component::params_type({{T_x, T_y}, bits.output[0]}), row); - row+=bool_scalar_multiplication_component::rows_amount; - auto res_per_bit = mult_per_bit_component::generate_circuit(bp, assignment, typename mult_per_bit_component::params_type({{T_x, T_y}, - {bool_mul_res.output.x, bool_mul_res.output.y}, bits.output[1]}), row); - row+=mult_per_bit_component::rows_amount; - for (std::size_t i = 2; i < 253; i++){ - res_per_bit = mult_per_bit_component::generate_circuit(bp, assignment, typename mult_per_bit_component::params_type({{T_x, T_y}, - {res_per_bit.output.x, res_per_bit.output.y}, bits.output[i]}), row); - row+=mult_per_bit_component::rows_amount; + auto bits = bit_decomposition_component::generate_circuit( + bp, assignment, typename bit_decomposition_component::params_type({params.k}), row); + row += bit_decomposition_component::rows_amount; + auto bool_mul_res = bool_scalar_multiplication_component::generate_circuit( + bp, assignment, + typename bool_scalar_multiplication_component::params_type({{T_x, T_y}, bits.output[0]}), row); + row += bool_scalar_multiplication_component::rows_amount; + auto res_per_bit = mult_per_bit_component::generate_circuit( + bp, assignment, + typename mult_per_bit_component::params_type( + {{T_x, T_y}, {bool_mul_res.output.x, bool_mul_res.output.y}, bits.output[1]}), + row); + row += mult_per_bit_component::rows_amount; + for (std::size_t i = 2; i < 253; i++) { + res_per_bit = mult_per_bit_component::generate_circuit( + bp, assignment, + typename mult_per_bit_component::params_type( + {{T_x, T_y}, {res_per_bit.output.x, res_per_bit.output.y}, bits.output[i]}), + row); + row += mult_per_bit_component::rows_amount; } return {res_per_bit.output.x, res_per_bit.output.y}; } private: - - static void generate_gates( - blueprint &bp, - blueprint_public_assignment_table &public_assignment, - const params_type ¶ms, - const std::size_t first_selector_index) { - + static void generate_gates(blueprint &bp, + blueprint_public_assignment_table &public_assignment, + const params_type ¶ms, + const std::size_t first_selector_index) { } - static void generate_copy_constraints(blueprint &bp, - blueprint_public_assignment_table &public_assignment, - const params_type ¶ms, - std::size_t component_start_row) { + static void + generate_copy_constraints(blueprint &bp, + blueprint_public_assignment_table &public_assignment, + const params_type ¶ms, + std::size_t component_start_row) { std::size_t row = component_start_row; } }; diff --git a/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/variable_base_multiplication_per_bit.hpp b/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/variable_base_multiplication_per_bit.hpp index 6f5ef4ad7a..ae3f563b12 100644 --- a/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/variable_base_multiplication_per_bit.hpp +++ b/include/nil/blueprint/components/algebra/curves/edwards/plonk/non_native/variable_base_multiplication_per_bit.hpp @@ -31,22 +31,21 @@ #include #include -#include -#include -#include +#include +#include +#include namespace nil { namespace blueprint { namespace components { - template + template class variable_base_multiplication_per_bit; template - class variable_base_multiplication_per_bit, - CurveType, - Ed25519Type, - W0, - W1, - W2, - W3, - W4, - W5, - W6, - W7, - W8> { - - typedef crypto3::zk::snark::plonk_constraint_system ArithmetizationType; - - using doubling_component = doubling; - - using complete_addition_component = complete_addition; - - using bool_scalar_multiplication_component = bool_scalar_multiplication; - + class variable_base_multiplication_per_bit< + crypto3::zk::snark::plonk_constraint_system, + CurveType, + Ed25519Type, + W0, + W1, + W2, + W3, + W4, + W5, + W6, + W7, + W8> { + + typedef crypto3::zk::snark::plonk_constraint_system + ArithmetizationType; + + using doubling_component = + doubling; + + using complete_addition_component = + complete_addition; + + using bool_scalar_multiplication_component = bool_scalar_multiplication; + using var = crypto3::zk::snark::plonk_variable; constexpr static const std::size_t selector_seed = 0xff82; public: - constexpr static const std::size_t rows_amount = - doubling_component::rows_amount + complete_addition_component::rows_amount + bool_scalar_multiplication_component::rows_amount; + constexpr static const std::size_t rows_amount = doubling_component::rows_amount + + complete_addition_component::rows_amount + + bool_scalar_multiplication_component::rows_amount; constexpr static const std::size_t gates_amount = 0; @@ -118,37 +129,56 @@ namespace nil { std::array R_x = params.R.x; std::array R_y = params.R.y; - auto bool_mul_res = bool_scalar_multiplication_component::generate_assignments(assignment, typename bool_scalar_multiplication_component::params_type({{T_x, T_y}, params.k}), row); - row+=bool_scalar_multiplication_component::rows_amount; + auto bool_mul_res = bool_scalar_multiplication_component::generate_assignments( + assignment, + typename bool_scalar_multiplication_component::params_type({{T_x, T_y}, params.k}), + row); + row += bool_scalar_multiplication_component::rows_amount; + + auto doubling_res = doubling_component::generate_assignments( + assignment, typename doubling_component::params_type({R_x, R_y}), row); + row += doubling_component::rows_amount; - auto doubling_res = doubling_component::generate_assignments(assignment, typename doubling_component::params_type({R_x, R_y}), row); - row+=doubling_component::rows_amount; + auto add_res = complete_addition_component::generate_assignments( + assignment, + typename complete_addition_component::params_type( + {{doubling_res.output.x, doubling_res.output.y}, + {bool_mul_res.output.x, bool_mul_res.output.y}}), + row); + row += complete_addition_component::rows_amount; - auto add_res = complete_addition_component::generate_assignments(assignment, typename complete_addition_component::params_type({{doubling_res.output.x, doubling_res.output.y}, - {bool_mul_res.output.x, bool_mul_res.output.y}}), row); - row+=complete_addition_component::rows_amount; - return {add_res.output.x, add_res.output.y}; } static result_type generate_circuit(blueprint &bp, - blueprint_public_assignment_table &assignment, - const params_type ¶ms, - const std::size_t start_row_index){ - std::size_t row = start_row_index; + blueprint_public_assignment_table &assignment, + const params_type ¶ms, + const std::size_t start_row_index) { + std::size_t row = start_row_index; std::array T_x = params.T.x; std::array T_y = params.T.y; std::array R_x = params.R.x; std::array R_y = params.R.y; - auto bool_mul_res = bool_scalar_multiplication_component::generate_circuit(bp, assignment, typename bool_scalar_multiplication_component::params_type({{T_x, T_y}, params.k}), row); - row+=bool_scalar_multiplication_component::rows_amount; - - auto doubling_res = doubling_component::generate_circuit(bp, assignment, typename doubling_component::params_type({R_x, R_y}), row); - row+=doubling_component::rows_amount; - - auto add_res = complete_addition_component::generate_circuit(bp, assignment, typename complete_addition_component::params_type({{doubling_res.output.x, doubling_res.output.y}, {bool_mul_res.output.x, bool_mul_res.output.y}}), row); - row+=complete_addition_component::rows_amount; + auto bool_mul_res = bool_scalar_multiplication_component::generate_circuit( + bp, + assignment, + typename bool_scalar_multiplication_component::params_type({{T_x, T_y}, params.k}), + row); + row += bool_scalar_multiplication_component::rows_amount; + + auto doubling_res = doubling_component::generate_circuit( + bp, assignment, typename doubling_component::params_type({R_x, R_y}), row); + row += doubling_component::rows_amount; + + auto add_res = complete_addition_component::generate_circuit( + bp, + assignment, + typename complete_addition_component::params_type( + {{doubling_res.output.x, doubling_res.output.y}, + {bool_mul_res.output.x, bool_mul_res.output.y}}), + row); + row += complete_addition_component::rows_amount; generate_copy_constraints(bp, assignment, params, start_row_index); @@ -156,19 +186,17 @@ namespace nil { } private: - - static void generate_gates( - blueprint &bp, - blueprint_public_assignment_table &public_assignment, - const params_type ¶ms, - const std::size_t first_selector_index) { - + static void generate_gates(blueprint &bp, + blueprint_public_assignment_table &public_assignment, + const params_type ¶ms, + const std::size_t first_selector_index) { } - static void generate_copy_constraints(blueprint &bp, - blueprint_public_assignment_table &public_assignment, - const params_type ¶ms, - std::size_t component_start_row) { + static void + generate_copy_constraints(blueprint &bp, + blueprint_public_assignment_table &public_assignment, + const params_type ¶ms, + std::size_t component_start_row) { std::size_t row = component_start_row; } }; diff --git a/include/nil/blueprint/components/pubkey/eddsa/plonk/non_native/verification.hpp b/include/nil/blueprint/components/pubkey/eddsa/plonk/non_native/verification.hpp index 58cfb2fc45..16565c5ede 100644 --- a/include/nil/blueprint/components/pubkey/eddsa/plonk/non_native/verification.hpp +++ b/include/nil/blueprint/components/pubkey/eddsa/plonk/non_native/verification.hpp @@ -29,22 +29,20 @@ #include #include -#include -#include -#include -#include -#include -#include -#include -#include +#include +#include +#include +#include +#include +#include +#include #include namespace nil { namespace blueprint { namespace components { - template + template class verification; template class verification, - CurveType, - Ed25519Type, - W0, - W1, - W2, - W3, - W4, - W5, - W6, - W7, - W8> { + CurveType, + Ed25519Type, + W0, + W1, + W2, + W3, + W4, + W5, + W6, + W7, + W8> { - typedef snark::plonk_constraint_system ArithmetizationType; + typedef snark::plonk_constraint_system ArithmetizationType; - using check_ec_point_component = ec_point; + using check_ec_point_component = + ec_point; - using variable_base_mult_component = variable_base_multiplication; - using fixed_base_mult_component = fixed_base_multiplication; - using addition_component = complete_addition; + using variable_base_mult_component = variable_base_multiplication; + using fixed_base_mult_component = fixed_base_multiplication; + using addition_component = + complete_addition; + + using reduction_component = + reduction; + using non_native_range_component = + non_native_range; + using scalar_non_native_range_component = scalar_non_native_range; + using non_addition_component = non_native_field_element_addition; + using sha512_component = sha512; - using reduction_component = reduction; - using non_native_range_component = non_native_range; - using scalar_non_native_range_component = scalar_non_native_range; - using non_addition_component = non_native_field_element_addition; - using sha512_component = sha512; - using var = snark::plonk_variable; constexpr static const std::size_t selector_seed = 0xfcc2; public: - constexpr static const std::size_t rows_amount = /*262144;*/scalar_non_native_range_component::rows_amount - + variable_base_mult_component::rows_amount - + fixed_base_mult_component::rows_amount - + addition_component::rows_amount - + reduction_component::rows_amount - + 2 * check_ec_point_component::rows_amount + sha512_component::rows_amount; + constexpr static const std::size_t rows_amount = + /*262144;*/ scalar_non_native_range_component::rows_amount + + variable_base_mult_component::rows_amount + fixed_base_mult_component::rows_amount + + addition_component::rows_amount + reduction_component::rows_amount + + 2 * check_ec_point_component::rows_amount + sha512_component::rows_amount; constexpr static const std::size_t gates_amount = 0; @@ -115,7 +150,7 @@ namespace nil { std::array x; std::array y; }; - struct signature{ + struct signature { var_ec_point R; var s; }; @@ -124,7 +159,7 @@ namespace nil { std::array M; }; - //TODO: check if points R and public_key lie on the curve + // TODO: check if points R and public_key lie on the curve struct result_type { result_type(std::size_t component_start_row) { @@ -135,7 +170,7 @@ namespace nil { const params_type ¶ms, std::size_t component_start_row) { std::size_t row = component_start_row; - //generate_lookup_table(assignment, params, component_start_row); + // generate_lookup_table(assignment, params, component_start_row); /*std::size_t n = (1 << 18); for(std::size_t i = 0; i < n; i++) { assignment.constant(1)[i] = i; @@ -152,19 +187,24 @@ namespace nil { row += check_ec_point_component::rows_amount; check_ec_point_component::generate_assignments(assignment, {{pk.x, pk.y}}, row); row += check_ec_point_component::rows_amount; - + /* here we get k = SHA(R||A||M) */ - auto k_vec = sha512_component::generate_assignments(assignment, {{{R.x[0], R.x[1], R.x[2], R.x[3]}, - {R.y[0], R.y[1], R.y[2], R.y[3]}}, {{pk.x[0], pk.x[1], pk.x[2], pk.x[3]}, - {pk.y[0], pk.y[1], pk.y[2], pk.y[3]}}, M}, row).output_state; + auto k_vec = sha512_component::generate_assignments( + assignment, + {{{R.x[0], R.x[1], R.x[2], R.x[3]}, {R.y[0], R.y[1], R.y[2], R.y[3]}}, + {{pk.x[0], pk.x[1], pk.x[2], pk.x[3]}, {pk.y[0], pk.y[1], pk.y[2], pk.y[3]}}, + M}, + row) + .output_state; row += sha512_component::rows_amount; var k = reduction_component::generate_assignments(assignment, {k_vec}, row).output; row += reduction_component::rows_amount; /* here we check sB == R + kA */ - + auto S = fixed_base_mult_component::generate_assignments(assignment, {s}, row).output; row += fixed_base_mult_component::rows_amount; - auto A = variable_base_mult_component::generate_assignments(assignment, {{pk.x, pk.y}, k}, row).output; + auto A = + variable_base_mult_component::generate_assignments(assignment, {{pk.x, pk.y}, k}, row).output; row += variable_base_mult_component::rows_amount; typename addition_component::params_type add_params = {{A.x, A.y}, {R.x, R.y}}; auto res = addition_component::generate_assignments(assignment, add_params, row).output; @@ -175,7 +215,7 @@ namespace nil { static result_type generate_circuit(blueprint &bp, blueprint_public_assignment_table &assignment, const params_type ¶ms, - const std::size_t start_row_index){ + const std::size_t start_row_index) { std::size_t row = start_row_index; var s = params.e.s; @@ -190,18 +230,24 @@ namespace nil { row += check_ec_point_component::rows_amount; check_ec_point_component::generate_circuit(bp, assignment, {{pk.x, pk.y}}, row); row += check_ec_point_component::rows_amount; - + /* here we get k = SHA(R||A||M) */ - auto k_vec = sha512_component::generate_circuit(bp, assignment, {{{R.x[0], R.x[1], R.x[2], R.x[3]}, - {R.y[0], R.y[1], R.y[2], R.y[3]}}, {{pk.x[0], pk.x[1], pk.x[2], pk.x[3]}, - {pk.y[0], pk.y[1], pk.y[2], pk.y[3]}}, M}, row).output_state; + auto k_vec = sha512_component::generate_circuit( + bp, + assignment, + {{{R.x[0], R.x[1], R.x[2], R.x[3]}, {R.y[0], R.y[1], R.y[2], R.y[3]}}, + {{pk.x[0], pk.x[1], pk.x[2], pk.x[3]}, {pk.y[0], pk.y[1], pk.y[2], pk.y[3]}}, + M}, + row) + .output_state; row += sha512_component::rows_amount; var k = reduction_component::generate_circuit(bp, assignment, {k_vec}, row).output; row += reduction_component::rows_amount; /* here we check sB == R + kA */ auto S = fixed_base_mult_component::generate_circuit(bp, assignment, {s}, row).output; row += fixed_base_mult_component::rows_amount; - auto A = variable_base_mult_component::generate_circuit(bp, assignment, {{pk.x, pk.y}, k}, row).output; + auto A = + variable_base_mult_component::generate_circuit(bp, assignment, {{pk.x, pk.y}, k}, row).output; row += variable_base_mult_component::rows_amount; typename addition_component::params_type add_params = {{A.x, A.y}, {R.x, R.y}}; auto res = addition_component::generate_circuit(bp, assignment, add_params, row).output; @@ -211,24 +257,25 @@ namespace nil { } private: - - static void generate_gates( - blueprint &bp, - blueprint_public_assignment_table &public_assignment, - const params_type ¶ms, - const std::size_t first_selector_index) { - + static void generate_gates(blueprint &bp, + blueprint_public_assignment_table &public_assignment, + const params_type ¶ms, + const std::size_t first_selector_index) { } - static void generate_copy_constraints(blueprint &bp, - blueprint_public_assignment_table &public_assignment, - const params_type ¶ms, - std::size_t component_start_row) { + static void + generate_copy_constraints(blueprint &bp, + blueprint_public_assignment_table &public_assignment, + const params_type ¶ms, + std::size_t component_start_row) { std::size_t row = component_start_row; - row += scalar_non_native_range_component::rows_amount + 2 * check_ec_point_component::rows_amount - + reduction_component::rows_amount + sha512_component::rows_amount + fixed_base_mult_component::rows_amount; - auto S = (typename fixed_base_mult_component::result_type(row - 1 - addition_component::rows_amount)).output; - row += variable_base_mult_component::rows_amount; + row += scalar_non_native_range_component::rows_amount + 2 * check_ec_point_component::rows_amount + + reduction_component::rows_amount + sha512_component::rows_amount + + fixed_base_mult_component::rows_amount; + auto S = + (typename fixed_base_mult_component::result_type(row - 1 - addition_component::rows_amount)) + .output; + row += variable_base_mult_component::rows_amount; auto res = (typename addition_component::result_type(row)).output; bp.add_copy_constraint({{S.x[0]}, {res.x[0]}}); bp.add_copy_constraint({{S.x[1]}, {res.x[1]}}); @@ -236,17 +283,17 @@ namespace nil { bp.add_copy_constraint({{S.x[3]}, {res.x[3]}}); bp.add_copy_constraint({{S.y[0]}, {res.y[0]}}); bp.add_copy_constraint({{S.y[1]}, {res.y[1]}}); - bp.add_copy_constraint({{S.y[2]}, {res.y[2]}}); + bp.add_copy_constraint({{S.y[2]}, {res.y[2]}}); bp.add_copy_constraint({{S.y[3]}, {res.y[3]}}); } static void generate_lookup_table(blueprint_assignment_table &assignment, - const params_type ¶ms, - std::size_t component_start_row) { - + const params_type ¶ms, + std::size_t component_start_row) { + std::size_t row = component_start_row; std::size_t n = (1 << 16); - for(std::size_t i = 0; i < 2; i++) { + for (std::size_t i = 0; i < 2; i++) { assignment.constant(1)[i] = 0; } } diff --git a/test/algebra/fields/plonk/non_native/chop_and_glue_non_native.hpp b/test/algebra/fields/plonk/non_native/chop_and_glue_non_native.hpp index a00d8eaf00..eca34fedca 100644 --- a/test/algebra/fields/plonk/non_native/chop_and_glue_non_native.hpp +++ b/test/algebra/fields/plonk/non_native/chop_and_glue_non_native.hpp @@ -1,15 +1,13 @@ template std::array chop_non_native(typename NonNativeFieldType::value_type input) { - typename NonNativeFieldType::integral_type input_integral = - typename NonNativeFieldType::integral_type( - input.data); + typename NonNativeFieldType::integral_type input_integral = typename NonNativeFieldType::integral_type(input.data); std::array output; typename NonNativeFieldType::integral_type base = 1; typename NonNativeFieldType::integral_type mask = (base << 66) - 1; - output[0] = input_integral & mask; + output[0] = input_integral & mask; output[1] = (input_integral >> 66) & mask; output[2] = (input_integral >> 132) & mask; output[3] = (input_integral >> 198) & mask; @@ -29,30 +27,32 @@ typename NonNativeFieldType::value_type glue_non_native(std::array -std::vector create_public_input(std::array a, std::array b) { +template +std::vector create_public_input(std::array a, + std::array b) { std::vector public_input; - for (std::size_t i = 0; i < a.size(); i++){ + for (std::size_t i = 0; i < a.size(); i++) { public_input.push_back(a[i]); } - for (std::size_t i = 0; i < b.size(); i++){ + for (std::size_t i = 0; i < b.size(); i++) { public_input.push_back(b[i]); } return public_input; } -template -std::vector create_public_input_1_value(std::array b) { +template +std::vector + create_public_input_1_value(std::array b) { std::vector public_input; - for (std::size_t i = 0; i < b.size(); i++){ + for (std::size_t i = 0; i < b.size(); i++) { public_input.push_back(b[i]); } return public_input; diff --git a/test/algebra/fields/plonk/non_native/multiplication.cpp b/test/algebra/fields/plonk/non_native/multiplication.cpp index 610e50587b..cf225c0c89 100644 --- a/test/algebra/fields/plonk/non_native/multiplication.cpp +++ b/test/algebra/fields/plonk/non_native/multiplication.cpp @@ -49,16 +49,17 @@ using namespace nil; -template -void test_field_mul(std::vector public_input, - std::array expected_res){ +template +void test_field_mul(std::vector public_input, + std::array + expected_res) { constexpr std::size_t WitnessColumns = 9; constexpr std::size_t PublicInputColumns = 1; constexpr std::size_t ConstantColumns = 0; constexpr std::size_t SelectorColumns = 2; - using ArithmetizationParams = - crypto3::zk::snark::plonk_arithmetization_params; + using ArithmetizationParams = crypto3::zk::snark:: + plonk_arithmetization_params; using ArithmetizationType = crypto3::zk::snark::plonk_constraint_system; using AssignmentType = blueprint::assignment; using hash_type = crypto3::hashes::keccak_1600<256>; @@ -66,8 +67,11 @@ void test_field_mul(std::vector public_ using var = crypto3::zk::snark::plonk_variable; - using component_type = blueprint::components::multiplication>; + using component_type = + blueprint::components::multiplication>; std::array input_var_a = { var(0, 0, false, var::column_type::public_input), var(0, 1, false, var::column_type::public_input), @@ -78,44 +82,53 @@ void test_field_mul(std::vector public_ typename component_type::input_type instance_input = {input_var_a, input_var_b}; - auto result_check = [&expected_res, public_input](AssignmentType &assignment, - typename component_type::result_type &real_res) { - - #ifdef BLUEPRINT_PLONK_PROFILING_ENABLED + auto result_check = [&expected_res, public_input](AssignmentType &assignment, + typename component_type::result_type &real_res) { + +#ifdef BLUEPRINT_PLONK_PROFILING_ENABLED std::array x, y, expected_chunks, real_chunks; for (std::size_t i = 0; i < 4; i++) { x[i] = public_input[i]; - y[i] = public_input[i+4]; + y[i] = public_input[i + 4]; expected_chunks[i] = expected_res[i]; real_chunks[i] = var_value(assignment, real_res.output[i]); } std::cout << std::hex; - std::cout << "_________________________________________________________________________________________________________________________________________________\n"; - std::cout << "input : "; - for (std::size_t i = 0; i < 4; i++) {std::cout << x[3-i].data << " ";} + std::cout << "_________________________________________________________________________________________________" + "________________________________________________\n"; + std::cout << "input : "; + for (std::size_t i = 0; i < 4; i++) { + std::cout << x[3 - i].data << " "; + } std::cout << "(" << glue_non_native(x).data << ")\n"; - std::cout << " "; - for (std::size_t i = 0; i < 4; i++) {std::cout << y[3-i].data << " ";} + std::cout << " "; + for (std::size_t i = 0; i < 4; i++) { + std::cout << y[3 - i].data << " "; + } std::cout << "(" << glue_non_native(y).data << ")\n"; - std::cout << "expected: "; - for (std::size_t i = 0; i < 4; i++) {std::cout << expected_chunks[3-i].data << " ";} + std::cout << "expected: "; + for (std::size_t i = 0; i < 4; i++) { + std::cout << expected_chunks[3 - i].data << " "; + } std::cout << "(" << glue_non_native(expected_chunks).data << ")\n"; - std::cout << "real : "; - for (std::size_t i = 0; i < 4; i++) {std::cout << real_chunks[3-i].data << " ";} + std::cout << "real : "; + for (std::size_t i = 0; i < 4; i++) { + std::cout << real_chunks[3 - i].data << " "; + } std::cout << "(" << glue_non_native(real_chunks).data << ")\n"; - #endif +#endif for (std::size_t i = 0; i < 4; i++) { assert(expected_res[i] == var_value(assignment, real_res.output[i])); } }; - component_type component_instance({0, 1, 2, 3, 4, 5, 6, 7, 8},{},{}); + component_type component_instance({0, 1, 2, 3, 4, 5, 6, 7, 8}, {}, {}); crypto3::test_component( component_instance, public_input, result_check, instance_input); @@ -123,18 +136,19 @@ void test_field_mul(std::vector public_ BOOST_AUTO_TEST_SUITE(blueprint_plonk_test_suite) -template -void test_field_mul_useable(typename NonNativeFieldType::value_type a, typename NonNativeFieldType::value_type b){ +template +void test_field_mul_useable(typename NonNativeFieldType::value_type a, typename NonNativeFieldType::value_type b) { using chunked_non_native_type = std::array; - chunked_non_native_type first = chop_non_native(a); + chunked_non_native_type first = chop_non_native(a); chunked_non_native_type second = chop_non_native(b); chunked_non_native_type expected_result = chop_non_native(a * b); - std::vector public_input = create_public_input(first, second); + std::vector public_input = + create_public_input(first, second); test_field_mul(public_input, expected_result); } -template -void test_field_mul_all_cases(){ +template +void test_field_mul_all_cases() { nil::crypto3::random::algebraic_engine rand; boost::random::mt19937 seed_seq; rand.seed(seed_seq); @@ -149,8 +163,8 @@ void test_field_mul_all_cases(){ } test_field_mul_useable( - glue_non_native({0,0,0x3ffffffffffffffff_cppui255,0}), - glue_non_native({0,0,0x3ffffffffffffffff_cppui255,0})); + glue_non_native({0, 0, 0x3ffffffffffffffff_cppui255, 0}), + glue_non_native({0, 0, 0x3ffffffffffffffff_cppui255, 0})); test_field_mul_useable(0, 0); test_field_mul_useable(1, 1); @@ -162,21 +176,23 @@ void test_field_mul_all_cases(){ glue_non_native({45524, 52353, 68769, 5431}), glue_non_native({3724, 342453, 5425, 54222})); - test_field_mul_useable( - glue_non_native({1,1,1,1}), - glue_non_native({1,1,1,1})); + test_field_mul_useable(glue_non_native({1, 1, 1, 1}), + glue_non_native({1, 1, 1, 1})); - test_field_mul_useable( - glue_non_native({1,0,0,0}), - glue_non_native({1,0,0,0})); + test_field_mul_useable(glue_non_native({1, 0, 0, 0}), + glue_non_native({1, 0, 0, 0})); test_field_mul_useable( - glue_non_native({0x2BCA8C5A0FDF3D53E_cppui253, 0x39840DDF4C421B2D5_cppui253, 0x24FCE5728D26931CA_cppui253, 0xFBD6153B4CE63_cppui253}), - glue_non_native({0x3CD7BA9506A76AA1C_cppui253, 0x15C58810F101DDB2F_cppui253, 0x1AA5750251F6DA658_cppui253, 0x1323F61B67242F_cppui253})); + glue_non_native({0x2BCA8C5A0FDF3D53E_cppui253, 0x39840DDF4C421B2D5_cppui253, + 0x24FCE5728D26931CA_cppui253, 0xFBD6153B4CE63_cppui253}), + glue_non_native({0x3CD7BA9506A76AA1C_cppui253, 0x15C58810F101DDB2F_cppui253, + 0x1AA5750251F6DA658_cppui253, 0x1323F61B67242F_cppui253})); test_field_mul_useable( - glue_non_native({0xc801afd_cppui255, 0xc801afd_cppui255, 0xc801afd_cppui255, 0xc801afd_cppui255}), - glue_non_native({0xc801afd_cppui255, 0xc801afd_cppui255, 0xc801afd_cppui255, 0xc801afd_cppui255})); + glue_non_native( + {0xc801afd_cppui255, 0xc801afd_cppui255, 0xc801afd_cppui255, 0xc801afd_cppui255}), + glue_non_native( + {0xc801afd_cppui255, 0xc801afd_cppui255, 0xc801afd_cppui255, 0xc801afd_cppui255})); for (std::size_t i = 0; i < 10; i++) { test_field_mul_useable(rand(), rand()); } diff --git a/test/basic_components.cpp b/test/basic_components.cpp index b6a8594c37..3f3c6e60fb 100644 --- a/test/basic_components.cpp +++ b/test/basic_components.cpp @@ -31,13 +31,16 @@ #include #include -#include -#include -#include -#include -#include +#include +#include +#include +#include +#include -#include +#include +#include + +#include using namespace nil::crypto3; using namespace nil::crypto3::zk; @@ -45,14 +48,14 @@ using namespace nil::crypto3::algebra; template void test_disjunction_component(size_t n) { - blueprint bp; - nil::crypto3::zk::detail::blueprint_variable_vector inputs; + blueprint::blueprint bp; + blueprint::detail::blueprint_variable_vector inputs; inputs.allocate(bp, n); - nil::crypto3::zk::detail::blueprint_variable output; + blueprint::detail::blueprint_variable_vector output; output.allocate(bp); - components::disjunction d(bp, inputs, output); + nil::crypto3::blueprint::components::disjunction d(bp, inputs, output); d.generate_gates(); for (std::size_t w = 0; w < 1ul << n; ++w) { @@ -72,14 +75,14 @@ void test_disjunction_component(size_t n) { template void test_conjunction_component(size_t n) { - blueprint bp; - nil::crypto3::zk::detail::blueprint_variable_vector inputs; + blueprint::blueprint bp; + blueprint::detail::blueprint_variable_vector inputs; inputs.allocate(bp, n); - nil::crypto3::zk::detail::blueprint_variable output; + blueprint::detail::blueprint_variable output; output.allocate(bp); - components::conjunction c(bp, inputs, output); + nil::crypto3::blueprint::components::conjunction c(bp, inputs, output); c.generate_gates(); for (std::size_t w = 0; w < 1ul << n; ++w) { @@ -100,15 +103,15 @@ void test_conjunction_component(size_t n) { template void test_comparison_component(size_t n) { - blueprint bp; + blueprint::blueprint bp; - nil::crypto3::zk::detail::blueprint_variable A, B, less, less_or_eq; + blueprint::detail::blueprint_variable A, B, less, less_or_eq; A.allocate(bp); B.allocate(bp); less.allocate(bp); less_or_eq.allocate(bp); - components::comparison cmp(bp, n, A, B, less, less_or_eq); + nil::crypto3::blueprint::components::comparison cmp(bp, n, A, B, less, less_or_eq); cmp.generate_gates(); for (std::size_t a = 0; a < 1ul << n; ++a) { @@ -127,16 +130,16 @@ void test_comparison_component(size_t n) { template void test_inner_product_component(size_t n) { - blueprint bp; - nil::crypto3::zk::detail::blueprint_variable_vector A; + blueprint::blueprint bp; + blueprint::detail::blueprint_variable_vector A; A.allocate(bp, n); - nil::crypto3::zk::detail::blueprint_variable_vector B; + blueprint::detail::blueprint_variable_vector B; B.allocate(bp, n); - nil::crypto3::zk::detail::blueprint_variable result; + blueprint::detail::blueprint_variable result; result.allocate(bp); - components::inner_product g(bp, A, B, result); + nil::crypto3::blueprint::components::inner_product g(bp, A, B, result); g.generate_gates(); for (std::size_t i = 0; i < 1ul << n; ++i) { @@ -161,16 +164,16 @@ void test_inner_product_component(size_t n) { template void test_loose_multiplexing_component(size_t n) { - blueprint bp; + blueprint::blueprint bp; - nil::crypto3::zk::detail::blueprint_variable_vector arr; + blueprint::detail::blueprint_variable_vector arr; arr.allocate(bp, 1ul << n); - nil::crypto3::zk::detail::blueprint_variable index, result, success_flag; + blueprint::detail::blueprint_variable index, result, success_flag; index.allocate(bp); result.allocate(bp); success_flag.allocate(bp); - components::loose_multiplexing g(bp, arr, index, result, success_flag); + nil::crypto3::blueprint::components::loose_multiplexing g(bp, arr, index, result, success_flag); g.generate_gates(); for (std::size_t i = 0; i < 1ul << n; ++i) { diff --git a/test/basic_components_r1cs_gg_ppzksnark.cpp b/test/basic_components_r1cs_gg_ppzksnark.cpp index 36643cf502..6b055151a9 100644 --- a/test/basic_components_r1cs_gg_ppzksnark.cpp +++ b/test/basic_components_r1cs_gg_ppzksnark.cpp @@ -47,16 +47,20 @@ #include #include -#include -#include -#include -#include -#include +#include + +#include +#include +#include +#include +#include #include #include "verify_r1cs_scheme.hpp" +#include + using namespace nil::crypto3; using namespace nil::crypto3::zk; using namespace nil::crypto3::algebra; @@ -69,16 +73,16 @@ void test_disjunction_component(std::size_t w) { std::size_t n = std::log2(w) + ((w > (1ul << std::size_t(std::log2(w)))) ? 1 : 0); - blueprint bp; - nil::crypto3::zk::detail::blueprint_variable output; + blueprint::blueprint bp; + nil::crypto3::blueprint::detail::blueprint_variable output; output.allocate(bp); bp.set_input_sizes(1); - nil::crypto3::zk::detail::blueprint_variable_vector inputs; + nil::crypto3::blueprint::detail::blueprint_variable_vector inputs; inputs.allocate(bp, n); - components::disjunction d(bp, inputs, output); + nil::crypto3::blueprint::components::disjunction d(bp, inputs, output); d.generate_gates(); for (std::size_t j = 0; j < n; ++j) { @@ -101,17 +105,17 @@ void test_conjunction_component(std::size_t w) { std::size_t n = std::log2(w) + ((w > (1ul << std::size_t(std::log2(w)))) ? 1 : 0); - blueprint bp; + blueprint::blueprint bp; - nil::crypto3::zk::detail::blueprint_variable output; + nil::crypto3::blueprint::detail::blueprint_variable output; output.allocate(bp); bp.set_input_sizes(1); - nil::crypto3::zk::detail::blueprint_variable_vector inputs; + nil::crypto3::blueprint::detail::blueprint_variable_vector inputs; inputs.allocate(bp, n); - components::conjunction c(bp, inputs, output); + nil::crypto3::blueprint::components::conjunction c(bp, inputs, output); c.generate_gates(); for (std::size_t j = 0; j < n; ++j) { @@ -133,9 +137,9 @@ void test_comparison_component(std::size_t a, std::size_t b) { using field_type = typename CurveType::scalar_field_type; using curve_type = CurveType; - blueprint bp; + blueprint::blueprint bp; - nil::crypto3::zk::detail::blueprint_variable A, B, less, less_or_eq; + nil::crypto3::blueprint::detail::blueprint_variable A, B, less, less_or_eq; A.allocate(bp); B.allocate(bp); less.allocate(bp); @@ -145,9 +149,9 @@ void test_comparison_component(std::size_t a, std::size_t b) { std::size_t n = std::log2(std::max(a, b)) + ((std::max(a, b) > (1ul << std::size_t(std::log2(std::max(a, b))))) ? 1 : 0); - components::comparison cmp(bp, n, A, B, less, less_or_eq); + nil::crypto3::blueprint::components::comparison cmp(bp, n, A, B, less, less_or_eq); cmp.generate_gates(); - + bp.val(A) = typename field_type::value_type(a); bp.val(B) = typename field_type::value_type(b); diff --git a/test/non_native/plonk/doubling.cpp b/test/non_native/plonk/doubling.cpp index 2786aa59e8..26275626d2 100644 --- a/test/non_native/plonk/doubling.cpp +++ b/test/non_native/plonk/doubling.cpp @@ -39,7 +39,7 @@ #include #include -#include +#include #include "../../test_plonk_component.hpp" @@ -102,7 +102,8 @@ BOOST_AUTO_TEST_CASE(blueprint_non_native_doubling) { } }; - test_component(params, public_input, result_check); + test_component(params, public_input, + result_check); } BOOST_AUTO_TEST_SUITE_END() \ No newline at end of file diff --git a/test/non_native/plonk/ed25519.cpp b/test/non_native/plonk/ed25519.cpp index e0036d9a58..04eb48fe01 100644 --- a/test/non_native/plonk/ed25519.cpp +++ b/test/non_native/plonk/ed25519.cpp @@ -39,7 +39,7 @@ #include #include -#include +#include #include "../../test_plonk_component.hpp" @@ -65,7 +65,7 @@ BOOST_AUTO_TEST_CASE(blueprint_edwards) { using var = zk::snark::plonk_variable; - using component_type = zk::components::eddsa25519; ed25519_type::template g1_type::value_type B = ed25519_type::template g1_type::value_type::one(); diff --git a/test/non_native/plonk/signatures_verification.cpp b/test/non_native/plonk/signatures_verification.cpp index d956a07665..4d722b1323 100644 --- a/test/non_native/plonk/signatures_verification.cpp +++ b/test/non_native/plonk/signatures_verification.cpp @@ -39,8 +39,7 @@ #include #include -#include -#include +#include #include "../../test_plonk_component.hpp" @@ -50,8 +49,8 @@ BOOST_AUTO_TEST_SUITE(blueprint_plonk_test_suite) template typename ed25519_type::scalar_field_type::value_type - sha512(typename ed25519_type::template g1_type::value_type R, - typename ed25519_type::template g1_type::value_type pk, + sha512(typename ed25519_type::template g1_type::value_type R, + typename ed25519_type::template g1_type::value_type pk, std::array M) { std::array round_constant = { @@ -358,8 +357,8 @@ BOOST_AUTO_TEST_CASE(blueprint_signatures_verification) { using var_ec_point = typename ed25519_component::params_type::var_ec_point; using signature = typename ed25519_component::params_type::signature; - ed25519_type::template g1_type::value_type B = - ed25519_type::template g1_type::value_type::one(); + ed25519_type::template g1_type::value_type B = + ed25519_type::template g1_type::value_type::one(); auto M = 0x40000000000000000000000000000000224698fc094cf91b992d30ed00000001_cppui256; std::vector public_input; @@ -368,17 +367,17 @@ BOOST_AUTO_TEST_CASE(blueprint_signatures_verification) { std::array signatures; std::array public_keys; - std::array::value_type, k> signatures_point; + std::array::value_type, k> signatures_point; std::array signatures_scalar; - std::array::value_type, k> public_keys_values; + std::array::value_type, k> public_keys_values; for (std::size_t i = 0; i < k; i++) { - ed25519_type::scalar_field_type::value_type r = algebra::random_element(); - ed25519_type::scalar_field_type::value_type c = algebra::random_element(); + ed25519_type::scalar_field_type::value_type r = crypto3::algebra::random_element(); + ed25519_type::scalar_field_type::value_type c = crypto3::algebra::random_element(); - ed25519_type::template g1_type::value_type R = r * B; + ed25519_type::template g1_type::value_type R = r * B; signatures_point[i] = R; - ed25519_type::template g1_type::value_type P = c * B; + ed25519_type::template g1_type::value_type P = c * B; public_keys_values[i] = P; auto sha_output = sha512(R, P, diff --git a/test/non_native/plonk/var_base_mul_per_bit.cpp b/test/non_native/plonk/var_base_mul_per_bit.cpp index ba2fd1f0b9..019739681c 100644 --- a/test/non_native/plonk/var_base_mul_per_bit.cpp +++ b/test/non_native/plonk/var_base_mul_per_bit.cpp @@ -40,7 +40,7 @@ #include #include -#include +#include #include "../../test_plonk_component.hpp" @@ -68,9 +68,8 @@ BOOST_AUTO_TEST_CASE(blueprint_non_native_var_base_mul_per_bit) { using var = zk::snark::plonk_variable; - using component_type = - zk::components::variable_base_multiplication_per_bit; + using component_type = blueprint::components:: + variable_base_multiplication_per_bit; std::array input_var_Xa = { var(0, 0, false, var::column_type::public_input), var(0, 1, false, var::column_type::public_input), @@ -90,11 +89,12 @@ BOOST_AUTO_TEST_CASE(blueprint_non_native_var_base_mul_per_bit) { typename component_type::params_type params = {{input_var_Xa, input_var_Xb}, {input_var_Ya, input_var_Yb}, b}; - ed25519_type::template g1_type::value_type T = - algebra::random_element>(); - ed25519_type::template g1_type::value_type R = 2 * T; + ed25519_type::template g1_type::value_type T = + crypto3::algebra::random_element< + ed25519_type::template g1_type>(); + ed25519_type::template g1_type::value_type R = 2 * T; ed25519_type::scalar_field_type::value_type b_val = 1; - ed25519_type::template g1_type::value_type P = 2 * R + b_val * T; + ed25519_type::template g1_type::value_type P = 2 * R + b_val * T; ed25519_type::base_field_type::integral_type Tx = ed25519_type::base_field_type::integral_type(T.X.data); ed25519_type::base_field_type::integral_type Ty = ed25519_type::base_field_type::integral_type(T.Y.data); @@ -134,8 +134,9 @@ BOOST_AUTO_TEST_CASE(blueprint_non_native_var_base_mul_per_bit) { assignment.var_value(real_res.output.y[i])); } }; - - test_component(params, public_input, result_check); + + crypto3::test_component( + params, public_input, result_check); } BOOST_AUTO_TEST_SUITE_END() \ No newline at end of file From 856c17237ae40275824ea7beccc38a61150d4c1c Mon Sep 17 00:00:00 2001 From: Mikhail Komarov Date: Fri, 24 Mar 2023 11:26:21 +0200 Subject: [PATCH 2/2] R1CS circuits definitions updated. --- .../nil/blueprint/blueprint/r1cs/circuit.hpp | 6 ++- .../r1cs/blueprint_linear_combination.hpp | 10 ++-- .../components/boolean/r1cs/comparison.hpp | 41 ++++++++-------- .../components/boolean/r1cs/conjunction.hpp | 31 ++++++------ .../components/boolean/r1cs/disjunction.hpp | 26 +++++----- .../components/boolean/r1cs/inner_product.hpp | 22 ++++----- .../detail/r1cs/loose_multiplexing.hpp | 35 +++++++------- .../components/detail/r1cs/packing.hpp | 48 +++++++++++-------- .../nil/blueprint/detail/get_component_id.hpp | 9 ++-- test/test_plonk_component.hpp | 28 +++++------ test/verify_r1cs_scheme.hpp | 6 +-- 11 files changed, 134 insertions(+), 128 deletions(-) diff --git a/include/nil/blueprint/blueprint/r1cs/circuit.hpp b/include/nil/blueprint/blueprint/r1cs/circuit.hpp index 5d5a79dde1..5ef89b5a91 100644 --- a/include/nil/blueprint/blueprint/r1cs/circuit.hpp +++ b/include/nil/blueprint/blueprint/r1cs/circuit.hpp @@ -136,11 +136,13 @@ namespace nil { } zk::snark::r1cs_primary_input primary_input() const { - return zk::snark::r1cs_primary_input(values.begin(), values.begin() + num_inputs()); + return zk::snark::r1cs_primary_input(values.begin(), + values.begin() + num_inputs()); } zk::snark::r1cs_auxiliary_input auxiliary_input() const { - return zk::snark::r1cs_auxiliary_input(values.begin() + num_inputs(), values.end()); + return zk::snark::r1cs_auxiliary_input(values.begin() + num_inputs(), + values.end()); } zk::snark::r1cs_constraint_system get_constraint_system() const { diff --git a/include/nil/blueprint/blueprint/r1cs/detail/r1cs/blueprint_linear_combination.hpp b/include/nil/blueprint/blueprint/r1cs/detail/r1cs/blueprint_linear_combination.hpp index 267b1a9d10..39b80cf826 100644 --- a/include/nil/blueprint/blueprint/r1cs/detail/r1cs/blueprint_linear_combination.hpp +++ b/include/nil/blueprint/blueprint/r1cs/detail/r1cs/blueprint_linear_combination.hpp @@ -47,8 +47,8 @@ namespace nil { class blueprint_linear_combination; template - class blueprint_linear_combination> : - public zk::snark::linear_combination { + class blueprint_linear_combination> + : public math::linear_combination { typedef zk::snark::r1cs_constraint_system ArithmetizationType; typedef BlueprintFieldType field_type; @@ -121,8 +121,10 @@ namespace nil { class blueprint_linear_combination_vector; template - class blueprint_linear_combination_vector> - : private std::vector>> { + class blueprint_linear_combination_vector< + crypto3::zk::snark::r1cs_constraint_system> + : private std::vector>> { typedef zk::snark::r1cs_constraint_system ArithmetizationType; typedef typename BlueprintFieldType::value_type field_value_type; diff --git a/include/nil/blueprint/components/boolean/r1cs/comparison.hpp b/include/nil/blueprint/components/boolean/r1cs/comparison.hpp index fc12bb6df5..499309a1e0 100644 --- a/include/nil/blueprint/components/boolean/r1cs/comparison.hpp +++ b/include/nil/blueprint/components/boolean/r1cs/comparison.hpp @@ -30,8 +30,8 @@ #include #include -#include -#include +#include +#include #include #include @@ -50,29 +50,29 @@ namespace nil { if X != 0 then R = 1 and I = X^{-1} */ template - class comparison : public component { + class comparison : public nil::blueprint::components::component { private: - blueprint_variable_vector alpha; - blueprint_variable alpha_packed; - std::shared_ptr> pack_alpha; + detail::blueprint_variable_vector alpha; + detail::blueprint_variable alpha_packed; + std::shared_ptr> pack_alpha; std::shared_ptr> all_zeros_test; - blueprint_variable not_all_zeros; + detail::blueprint_variable not_all_zeros; public: const std::size_t n; - const blueprint_linear_combination A; - const blueprint_linear_combination B; - const blueprint_variable less; - const blueprint_variable less_or_eq; + const detail::blueprint_linear_combination A; + const detail::blueprint_linear_combination B; + const detail::blueprint_variable less; + const detail::blueprint_variable less_or_eq; comparison(blueprint &bp, std::size_t n, - const blueprint_linear_combination &A, - const blueprint_linear_combination &B, - const blueprint_variable &less, - const blueprint_variable &less_or_eq) : - component(bp), + const detail::blueprint_linear_combination &A, + const detail::blueprint_linear_combination &B, + const detail::blueprint_variable &less, + const detail::blueprint_variable &less_or_eq) : + nil::blueprint::components::component(bp), n(n), A(A), B(B), less(less), less_or_eq(less_or_eq) { alpha.allocate(bp, n); alpha.emplace_back(less_or_eq); // alpha[n] is less_or_eq @@ -80,10 +80,10 @@ namespace nil { alpha_packed.allocate(bp); not_all_zeros.allocate(bp); - pack_alpha.reset(new packing_component(bp, alpha, alpha_packed)); + pack_alpha.reset(new packing(bp, alpha, alpha_packed)); all_zeros_test.reset(new disjunction( - bp, blueprint_variable_vector(alpha.begin(), alpha.begin() + n), not_all_zeros)); + bp, detail::blueprint_variable_vector(alpha.begin(), alpha.begin() + n), not_all_zeros)); }; void generate_gates() { @@ -107,13 +107,13 @@ namespace nil { /* constraints for packed(alpha) = 2^n + B - A */ pack_alpha->generate_gates(true); - this->bp.add_r1cs_constraint(snark::r1cs_constraint( + this->bp.add_r1cs_constraint(zk::snark::r1cs_constraint( 1, (typename FieldType::value_type(0x02).pow(n)) + B - A, alpha_packed)); /* compute result */ all_zeros_test->generate_gates(); this->bp.add_r1cs_constraint( - snark::r1cs_constraint(less_or_eq, not_all_zeros, less)); + zk::snark::r1cs_constraint(less_or_eq, not_all_zeros, less)); } void generate_assignments() { @@ -130,7 +130,6 @@ namespace nil { this->bp.val(less) = this->bp.val(less_or_eq) * this->bp.val(not_all_zeros); } }; - } // namespace components } // namespace blueprint } // namespace crypto3 diff --git a/include/nil/blueprint/components/boolean/r1cs/conjunction.hpp b/include/nil/blueprint/components/boolean/r1cs/conjunction.hpp index 1f043fe959..4331fa9bfb 100644 --- a/include/nil/blueprint/components/boolean/r1cs/conjunction.hpp +++ b/include/nil/blueprint/components/boolean/r1cs/conjunction.hpp @@ -48,18 +48,18 @@ namespace nil { if X != 0 then R = 1 and I = X^{-1} */ template - class conjunction : public component { + class conjunction : public nil::blueprint::components::component { private: - blueprint_variable inv; + detail::blueprint_variable inv; public: - const blueprint_variable_vector inputs; - const blueprint_variable output; + const detail::blueprint_variable_vector inputs; + const detail::blueprint_variable output; conjunction(blueprint &bp, - const blueprint_variable_vector &inputs, - const blueprint_variable &output) : - component(bp), + const detail::blueprint_variable_vector &inputs, + const detail::blueprint_variable &output) : + nil::blueprint::components::component(bp), inputs(inputs), output(output) { assert(inputs.size() >= 1); inv.allocate(bp); @@ -67,27 +67,27 @@ namespace nil { void generate_gates() { /* inv * (n-sum) = 1-output */ - blueprint_linear_combination a1, b1, c1; + math::non_linear_combination a1, b1, c1; a1.add_term(inv); - b1.add_term(blueprint_variable(0), inputs.size()); + b1.add_term(detail::blueprint_variable(0), inputs.size()); for (std::size_t i = 0; i < inputs.size(); ++i) { b1.add_term(inputs[i], -1); } - c1.add_term(blueprint_variable(0)); + c1.add_term(detail::blueprint_variable(0)); c1.add_term(output, -1); - this->bp.add_r1cs_constraint(snark::r1cs_constraint(a1, b1, c1)); + this->bp.add_r1cs_constraint(zk::snark::r1cs_constraint(a1, b1, c1)); /* output * (n-sum) = 0 */ - blueprint_linear_combination a2, b2, c2; + math::non_linear_combination a2, b2, c2; a2.add_term(output); - b2.add_term(blueprint_variable(0), inputs.size()); + b2.add_term(detail::blueprint_variable(0), inputs.size()); for (std::size_t i = 0; i < inputs.size(); ++i) { b2.add_term(inputs[i], -1); } - c2.add_term(blueprint_variable(0), 0); + c2.add_term(detail::blueprint_variable(0), 0); - this->bp.add_r1cs_constraint(snark::r1cs_constraint(a2, b2, c2)); + this->bp.add_r1cs_constraint(zk::snark::r1cs_constraint(a2, b2, c2)); } void generate_assignments() { typename FieldType::value_type sum = typename FieldType::value_type(inputs.size()); @@ -105,7 +105,6 @@ namespace nil { } } }; - } // namespace components } // namespace blueprint } // namespace crypto3 diff --git a/include/nil/blueprint/components/boolean/r1cs/disjunction.hpp b/include/nil/blueprint/components/boolean/r1cs/disjunction.hpp index 720a0e3a0f..a1153d3509 100644 --- a/include/nil/blueprint/components/boolean/r1cs/disjunction.hpp +++ b/include/nil/blueprint/components/boolean/r1cs/disjunction.hpp @@ -49,18 +49,18 @@ namespace nil { */ template - class disjunction : public component { + class disjunction : public nil::blueprint::components::component { private: - blueprint_variable inv; + detail::blueprint_variable inv; public: - const blueprint_variable_vector inputs; - const blueprint_variable output; + const detail::blueprint_variable_vector inputs; + const detail::blueprint_variable output; disjunction(blueprint &bp, - const blueprint_variable_vector &inputs, - const blueprint_variable &output) : - component(bp), + const detail::blueprint_variable_vector &inputs, + const detail::blueprint_variable &output) : + nil::blueprint::components::component(bp), inputs(inputs), output(output) { assert(inputs.size() >= 1); inv.allocate(bp); @@ -68,25 +68,25 @@ namespace nil { void generate_gates() { /* inv * sum = output */ - blueprint_linear_combination a1, b1, c1; + math::non_linear_combination a1, b1, c1; a1.add_term(inv); for (std::size_t i = 0; i < inputs.size(); ++i) { b1.add_term(inputs[i]); } c1.add_term(output); - this->bp.add_r1cs_constraint(snark::r1cs_constraint(a1, b1, c1)); + this->bp.add_r1cs_constraint(zk::snark::r1cs_constraint(a1, b1, c1)); /* (1-output) * sum = 0 */ - blueprint_linear_combination a2, b2, c2; - a2.add_term(blueprint_variable(0)); + math::non_linear_combination a2, b2, c2; + a2.add_term(detail::blueprint_variable(0)); a2.add_term(output, -1); for (std::size_t i = 0; i < inputs.size(); ++i) { b2.add_term(inputs[i]); } - c2.add_term(blueprint_variable(0), 0); + c2.add_term(detail::blueprint_variable(0), 0); - this->bp.add_r1cs_constraint(snark::r1cs_constraint(a2, b2, c2)); + this->bp.add_r1cs_constraint(zk::snark::r1cs_constraint(a2, b2, c2)); } void generate_assignments() { diff --git a/include/nil/blueprint/components/boolean/r1cs/inner_product.hpp b/include/nil/blueprint/components/boolean/r1cs/inner_product.hpp index 24384bf04a..1da775bb24 100644 --- a/include/nil/blueprint/components/boolean/r1cs/inner_product.hpp +++ b/include/nil/blueprint/components/boolean/r1cs/inner_product.hpp @@ -48,21 +48,21 @@ namespace nil { if X != 0 then R = 1 and I = X^{-1} */ template - class inner_product : public component { + class inner_product : public nil::blueprint::components::component { private: /* S_i = \sum_{k=0}^{i+1} A[i] * B[i] */ - blueprint_variable_vector S; + detail::blueprint_variable_vector S; public: - const blueprint_linear_combination_vector A; - const blueprint_linear_combination_vector B; - const blueprint_variable result; + const detail::blueprint_linear_combination_vector A; + const detail::blueprint_linear_combination_vector B; + const detail::blueprint_variable result; inner_product(blueprint &bp, - const blueprint_linear_combination_vector &A, - const blueprint_linear_combination_vector &B, - const blueprint_variable &result) : - component(bp), + const detail::blueprint_linear_combination_vector &A, + const detail::blueprint_linear_combination_vector &B, + const detail::blueprint_variable &result) : + nil::blueprint::components::component(bp), A(A), B(B), result(result) { assert(A.size() >= 1); assert(A.size() == B.size()); @@ -77,10 +77,10 @@ namespace nil { S[i+1] - S[i] = A[i] * B[i] */ for (std::size_t i = 0; i < A.size(); ++i) { - this->bp.add_r1cs_constraint(snark::r1cs_constraint( + this->bp.add_r1cs_constraint(zk::snark::r1cs_constraint( A[i], B[i], (i == A.size() - 1 ? result : S[i]) + - (i == 0 ? 0 * blueprint_variable(0) : -S[i - 1]))); + (i == 0 ? 0 * detail::blueprint_variable(0) : -S[i - 1]))); } } diff --git a/include/nil/blueprint/components/detail/r1cs/loose_multiplexing.hpp b/include/nil/blueprint/components/detail/r1cs/loose_multiplexing.hpp index 35a651e066..4d475cdbbe 100644 --- a/include/nil/blueprint/components/detail/r1cs/loose_multiplexing.hpp +++ b/include/nil/blueprint/components/detail/r1cs/loose_multiplexing.hpp @@ -30,8 +30,8 @@ #include #include -#include -#include +#include +#include #include #include @@ -49,25 +49,25 @@ namespace nil { be 0) */ template - class loose_multiplexing : public component { + class loose_multiplexing : public nil::blueprint::components::component { public: - blueprint_variable_vector alpha; + detail::blueprint_variable_vector alpha; private: std::shared_ptr> compute_result; public: - const blueprint_linear_combination_vector arr; - const blueprint_variable index; - const blueprint_variable result; - const blueprint_variable success_flag; + const detail::blueprint_linear_combination_vector arr; + const detail::blueprint_variable index; + const detail::blueprint_variable result; + const detail::blueprint_variable success_flag; loose_multiplexing(blueprint &bp, - const blueprint_linear_combination_vector &arr, - const blueprint_variable &index, - const blueprint_variable &result, - const blueprint_variable &success_flag) : - component(bp), + const detail::blueprint_linear_combination_vector &arr, + const detail::blueprint_variable &index, + const detail::blueprint_variable &result, + const detail::blueprint_variable &success_flag) : + nil::blueprint::components::component(bp), arr(arr), index(index), result(result), success_flag(success_flag) { alpha.allocate(bp, arr.size()); compute_result.reset(new inner_product(bp, alpha, arr, result)); @@ -76,17 +76,17 @@ namespace nil { void generate_gates() { /* \alpha_i (index - i) = 0 */ for (std::size_t i = 0; i < arr.size(); ++i) { - this->bp.add_r1cs_constraint(snark::r1cs_constraint(alpha[i], index - i, 0)); + this->bp.add_r1cs_constraint(zk::snark::r1cs_constraint(alpha[i], index - i, 0)); } /* 1 * (\sum \alpha_i) = success_flag */ - blueprint_linear_combination a, b, c; - a.add_term(blueprint_variable(0)); + detail::blueprint_linear_combination a, b, c; + a.add_term(detail::blueprint_variable(0)); for (std::size_t i = 0; i < arr.size(); ++i) { b.add_term(alpha[i]); } c.add_term(success_flag); - this->bp.add_r1cs_constraint(snark::r1cs_constraint(a, b, c)); + this->bp.add_r1cs_constraint(zk::snark::r1cs_constraint(a, b, c)); /* now success_flag is constrained to either 0 (if index is out of range) or \alpha_i. constrain it and \alpha_i to zero */ @@ -121,7 +121,6 @@ namespace nil { compute_result->generate_assignments(); } }; - } // namespace components } // namespace blueprint } // namespace crypto3 diff --git a/include/nil/blueprint/components/detail/r1cs/packing.hpp b/include/nil/blueprint/components/detail/r1cs/packing.hpp index b9904e0fea..f05bc4b969 100644 --- a/include/nil/blueprint/components/detail/r1cs/packing.hpp +++ b/include/nil/blueprint/components/detail/r1cs/packing.hpp @@ -30,6 +30,7 @@ #include #include +#include #include #include @@ -41,20 +42,20 @@ namespace nil { /* forces lc to take value 0 or 1 by adding constraint lc * (1-lc) = 0 */ template void generate_boolean_r1cs_constraint(blueprint &bp, - const detail::blueprint_linear_combination &lc) { - bp.add_r1cs_constraint( - snark::r1cs_constraint(lc, Field::value_type::one() - lc, Field::value_type::zero())); + const math::non_linear_combination &lc) { + bp.add_r1cs_constraint(zk::snark::r1cs_constraint(lc, Field::value_type::one() - lc, + Field::value_type::zero())); } template void generate_r1cs_equals_const_constraint(blueprint &bp, - const detail::blueprint_linear_combination &lc, + const math::non_linear_combination &lc, const typename Field::value_type &c) { - bp.add_r1cs_constraint(snark::r1cs_constraint(Field::value_type::one(), lc, c)); + bp.add_r1cs_constraint(zk::snark::r1cs_constraint(Field::value_type::one(), lc, c)); } template - struct packing : public component { + struct packing : public nil::blueprint::components::component { using field_type = Field; using field_value_type = typename field_type::value_type; @@ -64,13 +65,15 @@ namespace nil { packing(blueprint &bp, const detail::blueprint_linear_combination_vector &bits, const detail::blueprint_linear_combination &packed) : - component(bp), + nil::blueprint::components::component(bp), bits(bits), packed(packed) { } + explicit packing(const detail::blueprint_linear_combination_vector &bits) : bits(bits) { + } /* adds constraint result = \sum bits[i] * 2^i */ void generate_gates(bool enforce_bitness) { - this->bp.add_r1cs_constraint(snark::r1cs_constraint( + this->bp.add_r1cs_constraint(zk::snark::r1cs_constraint( field_type::value_type::one(), detail::blueprint_packing_sum(bits), packed)); if (enforce_bitness) { @@ -98,7 +101,7 @@ namespace nil { }; template - class multipacking_component : public component { + class multipacking_component : public nil::blueprint::components::component { private: std::vector> packers; @@ -115,7 +118,7 @@ namespace nil { const detail::blueprint_linear_combination_vector &bits, const detail::blueprint_linear_combination_vector &packed_vars, std::size_t chunk_size) : - component(bp), + nil::blueprint::components::component(bp), bits(bits), packed_vars(packed_vars), chunk_size(chunk_size), num_chunks((bits.size() + (chunk_size - 1)) / chunk_size) { @@ -150,7 +153,7 @@ namespace nil { }; template - class field_vector_copy_component : public component { + class field_vector_copy_component : public nil::blueprint::components::component { public: const detail::blueprint_variable_vector source; const detail::blueprint_variable_vector target; @@ -160,7 +163,7 @@ namespace nil { const detail::blueprint_variable_vector &source, const detail::blueprint_variable_vector &target, const detail::blueprint_linear_combination &do_copy) : - component(bp), + nil::blueprint::components::component(bp), source(source), target(target), do_copy(do_copy) { assert(source.size() == target.size()); @@ -168,7 +171,7 @@ namespace nil { void generate_gates() { for (std::size_t i = 0; i < source.size(); ++i) { this->bp.add_r1cs_constraint( - snark::r1cs_constraint(do_copy, source[i] - target[i], 0)); + zk::snark::r1cs_constraint(do_copy, source[i] - target[i], 0)); } } @@ -185,7 +188,7 @@ namespace nil { }; template - class bit_vector_copy_component : public component { + class bit_vector_copy_component : public nil::blueprint::components::component { public: const detail::blueprint_variable_vector source_bits; const detail::blueprint_variable_vector target_bits; @@ -206,7 +209,7 @@ namespace nil { const detail::blueprint_variable_vector &target_bits, const detail::blueprint_linear_combination &do_copy, std::size_t chunk_size) : - component(bp), + nil::blueprint::components::component(bp), source_bits(source_bits), target_bits(target_bits), do_copy(do_copy), chunk_size(chunk_size), num_chunks((source_bits.size() + (chunk_size - 1)) / chunk_size) { @@ -246,7 +249,7 @@ namespace nil { }; template - class dual_variable_component : public component { + class dual_variable_component : public nil::blueprint::components::component { private: std::shared_ptr> consistency_check; @@ -254,21 +257,24 @@ namespace nil { detail::blueprint_variable packed; detail::blueprint_variable_vector bits; - dual_variable_component(blueprint &bp, std::size_t width) : component(bp) { + dual_variable_component(blueprint &bp, std::size_t width) : + nil::blueprint::components::component(bp) { packed.allocate(bp); bits.allocate(bp, width); consistency_check.reset(new packing(bp, bits, packed)); } - dual_variable_component(blueprint &bp, const detail::blueprint_variable_vector &bits) : - component(bp), bits(bits) { + dual_variable_component(blueprint &bp, + const detail::blueprint_variable_vector &bits) : + nil::blueprint::components::component(bp), + bits(bits) { packed.allocate(bp); consistency_check.reset(new packing(bp, bits, packed)); } dual_variable_component(blueprint &bp, const detail::blueprint_variable &packed, std::size_t width) : - component(bp), + nil::blueprint::components::component(bp), packed(packed) { bits.allocate(bp, width); consistency_check.reset(new packing(bp, bits, packed)); @@ -305,7 +311,7 @@ namespace nil { c.add_term(target.all_vars[i]); - bp.add_r1cs_constraint(snark::r1cs_constraint(a, b, c)); + bp.add_r1cs_constraint(zk::snark::r1cs_constraint(a, b, c)); } } diff --git a/include/nil/blueprint/detail/get_component_id.hpp b/include/nil/blueprint/detail/get_component_id.hpp index dcf5b5d2d8..d85ae170b7 100644 --- a/include/nil/blueprint/detail/get_component_id.hpp +++ b/include/nil/blueprint/detail/get_component_id.hpp @@ -34,15 +34,14 @@ namespace nil { using blueprint_component_id_type = std::string; - template - blueprint_component_id_type get_component_id (ComponentType component){ + template + blueprint_component_id_type get_component_id(ComponentType component) { std::stringstream id; - id << typeid(component).name() ; + id << typeid(component).name(); return id.str(); } - } // namespace detail - } // namespace blueprint + } // namespace blueprint } // namespace nil #endif // CRYPTO3_BLUEPRINT_DETAIL_COMPONENT_ID_HPP diff --git a/test/test_plonk_component.hpp b/test/test_plonk_component.hpp index 32cf074b10..52c38f4dbd 100644 --- a/test/test_plonk_component.hpp +++ b/test/test_plonk_component.hpp @@ -94,12 +94,13 @@ namespace nil { return params; } - template::value_type>::value, - bool>::type = true> + template< + typename ComponentType, typename BlueprintFieldType, typename ArithmetizationParams, typename Hash, + std::size_t Lambda, typename FunctorResultCheck, typename PublicInputContainerType, + typename std::enable_if::value_type>::value, + bool>::type = true> auto prepare_component(ComponentType component_instance, const PublicInputContainerType &public_input, const FunctorResultCheck &result_check, typename ComponentType::input_type instance_input) { @@ -113,7 +114,7 @@ namespace nil { std::size_t start_row = 0; for (std::size_t i = 0; i < public_input.size(); i++) { - assignment.public_input(0, start_row +i) = (public_input[i]); + assignment.public_input(0, start_row + i) = (public_input[i]); } blueprint::components::generate_circuit( @@ -130,7 +131,7 @@ namespace nil { #ifdef BLUEPRINT_PLONK_PROFILING_ENABLED std::cout << "Usable rows: " << desc.usable_rows_amount << std::endl; std::cout << "Padded rows: " << desc.rows_amount << std::endl; - + profiling(assignment); #endif @@ -141,12 +142,11 @@ namespace nil { template - typename std::enable_if< - std::is_same::value_type>::value>::type + typename std::enable_if::value_type>::value>::type test_component(ComponentType component_instance, const PublicInputContainerType &public_input, - FunctorResultCheck result_check, - typename ComponentType::input_type instance_input) { + FunctorResultCheck result_check, typename ComponentType::input_type instance_input) { auto [desc, bp, assignments] = prepare_component::process( - public_preprocessed_data, proof, bp, fri_params); + public_preprocessed_data, proof, bp, fri_params); BOOST_CHECK(verifier_res); #endif diff --git a/test/verify_r1cs_scheme.hpp b/test/verify_r1cs_scheme.hpp index 32faf8de5d..b821fd1375 100644 --- a/test/verify_r1cs_scheme.hpp +++ b/test/verify_r1cs_scheme.hpp @@ -32,7 +32,7 @@ #include #include -#include +#include #include @@ -41,7 +41,7 @@ using namespace nil::crypto3::zk; using namespace nil::crypto3::algebra; template> -bool verify_component(blueprint bp) { +bool verify_component(blueprint::blueprint bp) { if (bp.num_variables() == 0x00) { std::cout << "Empty blueprint!" << std::endl; @@ -80,7 +80,7 @@ bool verify_component(blueprint bp) { template<> bool verify_component, snark::r1cs_gg_ppzksnark>>( - blueprint::scalar_field_type> bp) { + blueprint::blueprint::scalar_field_type> bp) { std::cout << "Warning! r1cs_gg_ppzksnark for Edwards-183 is not implemented yet" << std::endl; return false;