noir-lang · TomAFrench · Apr 28, 2023 · Apr 26, 2023 · Apr 27, 2023 · Apr 27, 2023
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -9,7 +9,8 @@ license = "MIT OR Apache-2.0"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-acvm = { version = "0.9.0", features = ["bn254"] }
+acvm = { version = "0.10.3", features = ["bn254"] }
+
 blake2 = "0.9.1"
 dirs = { version = "3.0", optional = true }
 reqwest = { version = "0.11.16", optional = true, default-features = false, features = ["stream", "rustls-tls"] }

diff --git a/flake.lock b/flake.lock
diff --git a/src/acvm_interop/proof_system.rs b/src/acvm_interop/proof_system.rs
@@ -23,7 +23,7 @@ impl ProofSystemCompiler for Barretenberg {
             | BlackBoxFunc::RANGE
             | BlackBoxFunc::SHA256
             | BlackBoxFunc::Blake2s
-            | BlackBoxFunc::MerkleMembership
+            | BlackBoxFunc::ComputeMerkleRoot
             | BlackBoxFunc::SchnorrVerify
             | BlackBoxFunc::Pedersen
             | BlackBoxFunc::HashToField128Security

diff --git a/src/acvm_interop/pwg.rs b/src/acvm_interop/pwg.rs
@@ -25,19 +25,19 @@ impl PartialWitnessGenerator for Barretenberg {
             BlackBoxFunc::SHA256 => hash::sha256(initial_witness, func_call),
             BlackBoxFunc::Blake2s => hash::blake2s(initial_witness, func_call),
             BlackBoxFunc::EcdsaSecp256k1 => {
-                signature::ecdsa::secp256k1_prehashed(initial_witness, func_call)?
+                signature::ecdsa::secp256k1_prehashed(initial_witness, func_call)
             }
-            BlackBoxFunc::AES | BlackBoxFunc::Keccak256 => {
-                return Err(OpcodeResolutionError::UnsupportedBlackBoxFunc(
-                    func_call.name,
-                ))
+
+            BlackBoxFunc::AND | BlackBoxFunc::XOR => {
+                logic::solve_logic_opcode(initial_witness, func_call)
             }
-            BlackBoxFunc::MerkleMembership => {
+            BlackBoxFunc::RANGE => range::solve_range_opcode(initial_witness, func_call),
+            BlackBoxFunc::AES | BlackBoxFunc::Keccak256 => Err(
+                OpcodeResolutionError::UnsupportedBlackBoxFunc(func_call.name),
+            ),
+            BlackBoxFunc::ComputeMerkleRoot => {
                 let mut inputs_iter = func_call.inputs.iter();
 
-                let _root = inputs_iter.next().expect("expected a root");
-                let root = witness_to_value(initial_witness, _root.witness)?;
-
                 let _leaf = inputs_iter.next().expect("expected a leaf");
                 let leaf = witness_to_value(initial_witness, _leaf.witness)?;
 
@@ -55,13 +55,8 @@ impl PartialWitnessGenerator for Barretenberg {
                     leaf,
                 );
 
-                let result = if &computed_merkle_root == root {
-                    FieldElement::one()
-                } else {
-                    FieldElement::zero()
-                };
-
-                initial_witness.insert(func_call.outputs[0], result);
+                initial_witness.insert(func_call.outputs[0], computed_merkle_root);
+                Ok(OpcodeResolution::Solved)
             }
             BlackBoxFunc::SchnorrVerify => {
                 // In barretenberg, if the signature fails, then the whole thing fails.
@@ -116,6 +111,7 @@ impl PartialWitnessGenerator for Barretenberg {
                 };
 
                 initial_witness.insert(func_call.outputs[0], result);
+                Ok(OpcodeResolution::Solved)
             }
             BlackBoxFunc::Pedersen => {
                 let inputs_iter = func_call.inputs.iter();
@@ -128,6 +124,7 @@ impl PartialWitnessGenerator for Barretenberg {
                 let (res_x, res_y) = self.encrypt(scalars);
                 initial_witness.insert(func_call.outputs[0], res_x);
                 initial_witness.insert(func_call.outputs[1], res_y);
+                Ok(OpcodeResolution::Solved)
             }
             BlackBoxFunc::HashToField128Security => {
                 let mut hasher = <Blake2s as blake2::Digest>::new();
@@ -149,6 +146,7 @@ impl PartialWitnessGenerator for Barretenberg {
                 assert_eq!(func_call.outputs.len(), 1);
 
                 initial_witness.insert(func_call.outputs[0], reduced_res);
+                Ok(OpcodeResolution::Solved)
             }
             BlackBoxFunc::FixedBaseScalarMul => {
                 let scalar = witness_to_value(initial_witness, func_call.inputs[0].witness)?;
@@ -157,13 +155,8 @@ impl PartialWitnessGenerator for Barretenberg {
 
                 initial_witness.insert(func_call.outputs[0], pub_x);
                 initial_witness.insert(func_call.outputs[1], pub_y);
+                Ok(OpcodeResolution::Solved)
             }
-            BlackBoxFunc::AND | BlackBoxFunc::XOR => {
-                logic::solve_logic_opcode(initial_witness, func_call)?
-            }
-            BlackBoxFunc::RANGE => range::solve_range_opcode(initial_witness, func_call)?,
         }
-
-        Ok(OpcodeResolution::Solved)
     }
 }
diff --git a/src/barretenberg_structures.rs b/src/barretenberg_structures.rs
@@ -200,15 +200,14 @@ impl SchnorrConstraint {
     }
 }
 #[derive(Clone, Hash, Debug)]
-pub(crate) struct MerkleMembershipConstraint {
+pub(crate) struct ComputeMerkleRootConstraint {
     pub(crate) hash_path: Vec<i32>,
-    pub(crate) root: i32,
     pub(crate) leaf: i32,
     pub(crate) index: i32,
     pub(crate) result: i32,
 }
 
-impl MerkleMembershipConstraint {
+impl ComputeMerkleRootConstraint {
     fn to_bytes(&self) -> Vec<u8> {
         let mut buffer = Vec::new();
 
@@ -219,7 +218,6 @@ impl MerkleMembershipConstraint {
             buffer.extend_from_slice(&constraint.to_be_bytes());
         }
 
-        buffer.extend_from_slice(&self.root.to_be_bytes());
         buffer.extend_from_slice(&self.leaf.to_be_bytes());
         buffer.extend_from_slice(&self.result.to_be_bytes());
         buffer.extend_from_slice(&self.index.to_be_bytes());
@@ -394,7 +392,7 @@ pub(crate) struct ConstraintSystem {
     logic_constraints: Vec<LogicConstraint>,
     range_constraints: Vec<RangeConstraint>,
     sha256_constraints: Vec<Sha256Constraint>,
-    merkle_membership_constraints: Vec<MerkleMembershipConstraint>,
+    compute_merkle_root_constraints: Vec<ComputeMerkleRootConstraint>,
     schnorr_constraints: Vec<SchnorrConstraint>,
     ecdsa_secp256k1_constraints: Vec<EcdsaConstraint>,
     blake2s_constraints: Vec<Blake2sConstraint>,
@@ -441,11 +439,11 @@ impl ConstraintSystem {
         self
     }
 
-    pub(crate) fn merkle_membership_constraints(
+    pub(crate) fn compute_merkle_root_constraints(
         mut self,
-        merkle_membership_constraints: Vec<MerkleMembershipConstraint>,
+        compute_merkle_root_constraints: Vec<ComputeMerkleRootConstraint>,
     ) -> Self {
-        self.merkle_membership_constraints = merkle_membership_constraints;
+        self.compute_merkle_root_constraints = compute_merkle_root_constraints;
         self
     }
 
@@ -541,10 +539,10 @@ impl ConstraintSystem {
             buffer.extend(&constraint.to_bytes());
         }
 
-        // Serialize each Merkle Membership constraint
-        let merkle_membership_constraints_len = self.merkle_membership_constraints.len() as u32;
-        buffer.extend_from_slice(&merkle_membership_constraints_len.to_be_bytes());
-        for constraint in self.merkle_membership_constraints.iter() {
+        // Serialize each Compute Merkle Root constraint
+        let compute_merkle_root_constraints_len = self.compute_merkle_root_constraints.len() as u32;
+        buffer.extend_from_slice(&compute_merkle_root_constraints_len.to_be_bytes());
+        for constraint in self.compute_merkle_root_constraints.iter() {
             buffer.extend(&constraint.to_bytes());
         }
 
@@ -611,7 +609,7 @@ impl From<&Circuit> for ConstraintSystem {
         let mut sha256_constraints: Vec<Sha256Constraint> = Vec::new();
         let mut blake2s_constraints: Vec<Blake2sConstraint> = Vec::new();
         let mut pedersen_constraints: Vec<PedersenConstraint> = Vec::new();
-        let mut merkle_membership_constraints: Vec<MerkleMembershipConstraint> = Vec::new();
+        let mut compute_merkle_root_constraints: Vec<ComputeMerkleRootConstraint> = Vec::new();
         let mut schnorr_constraints: Vec<SchnorrConstraint> = Vec::new();
         let mut ecdsa_secp256k1_constraints: Vec<EcdsaConstraint> = Vec::new();
         let mut fixed_base_scalar_mul_constraints: Vec<FixedBaseScalarMulConstraint> = Vec::new();
@@ -732,14 +730,9 @@ impl From<&Circuit> for ConstraintSystem {
 
                             blake2s_constraints.push(blake2s_constraint);
                         }
-                        BlackBoxFunc::MerkleMembership => {
+                        BlackBoxFunc::ComputeMerkleRoot => {
                             let mut inputs_iter = gadget_call.inputs.iter().peekable();
 
-                            // root
-                            let root = {
-                                let root_input = inputs_iter.next().expect("missing Merkle root");
-                                root_input.witness.witness_index() as i32
-                            };
                             // leaf
                             let leaf = {
                                 let leaf_input = inputs_iter
@@ -765,18 +758,17 @@ impl From<&Circuit> for ConstraintSystem {
                                 hash_path.push(path_elem_index);
                             }
 
-                            // result
+                            // computed root
                             let result = gadget_call.outputs[0].witness_index() as i32;
 
-                            let constraint = MerkleMembershipConstraint {
+                            let constraint = ComputeMerkleRootConstraint {
                                 hash_path,
-                                root,
                                 leaf,
                                 index,
                                 result,
                             };
 
-                            merkle_membership_constraints.push(constraint);
+                            compute_merkle_root_constraints.push(constraint);
                         }
                         BlackBoxFunc::SchnorrVerify => {
                             let mut inputs_iter = gadget_call.inputs.iter();
@@ -951,7 +943,7 @@ impl From<&Circuit> for ConstraintSystem {
             logic_constraints,
             range_constraints,
             sha256_constraints,
-            merkle_membership_constraints,
+            compute_merkle_root_constraints,
             pedersen_constraints,
             schnorr_constraints,
             ecdsa_secp256k1_constraints,

diff --git a/src/composer.rs b/src/composer.rs
@@ -442,8 +442,12 @@ mod test {
     use acvm::FieldElement;
 
     use super::*;
-    use crate::barretenberg_structures::{
-        Constraint, LogicConstraint, PedersenConstraint, RangeConstraint, SchnorrConstraint,
+    use crate::{
+        barretenberg_structures::{
+            ComputeMerkleRootConstraint, Constraint, LogicConstraint, PedersenConstraint,
+            RangeConstraint, SchnorrConstraint,
+        },
+        merkle::{MerkleTree, MessageHasher},
     };
 
     #[test]
@@ -761,6 +765,57 @@ mod test {
         test_composer_with_pk_vk(constraint_system, vec![case_1]);
     }
 
+    #[test]
+    fn test_compute_merkle_root_constraint() {
+        use tempfile::tempdir;
+        let temp_dir = tempdir().unwrap();
+        let mut msg_hasher: blake2::Blake2s = MessageHasher::new();
+
+        let tree: MerkleTree<blake2::Blake2s, Barretenberg> = MerkleTree::new(3, &temp_dir);
+
+        let empty_leaf = vec![0; 64];
+
+        let index = FieldElement::zero();
+        let index_as_usize: usize = 0;
+        let mut index_bits = index.bits();
+        index_bits.reverse();
+
+        let leaf = msg_hasher.hash(&empty_leaf);
+
+        let root = tree.root();
+
+        let hash_path = tree.get_hash_path(index_as_usize);
+        let mut hash_path_ref = Vec::new();
+        for (i, path_pair) in hash_path.into_iter().enumerate() {
+            let path_bit = index_bits[i];
+            let hash = if !path_bit { path_pair.1 } else { path_pair.0 };
+            hash_path_ref.push(hash);
+        }
+        let hash_path_ref: Vec<FieldElement> = hash_path_ref.into_iter().collect();
+
+        let constraint = ComputeMerkleRootConstraint {
+            hash_path: (3..3 + hash_path_ref.len() as i32).collect(),
+            leaf: 0,
+            index: 1,
+            result: 2,
+        };
+
+        let constraint_system = ConstraintSystem::new()
+            .var_num(500)
+            .compute_merkle_root_constraints(vec![constraint]);
+
+        let mut witness_values = vec![leaf, index, root];
+        witness_values.extend(hash_path_ref);
+
+        let case_1 = WitnessResult {
+            witness: witness_values.into(),
+            public_inputs: vec![].into(),
+            result: true,
+        };
+
+        test_composer_with_pk_vk(constraint_system, vec![case_1]);
+    }
+
     #[test]
     fn test_logic_constraints() {
         /*