From cab34f9171bda3be795c34b317cb87046ea26ae9 Mon Sep 17 00:00:00 2001 From: guipublic Date: Fri, 5 May 2023 09:22:49 +0000 Subject: [PATCH 1/7] Use acvm to solve bb functions when possible --- acvm/src/pwg/blackbox.rs | 78 +++++++++++++++++----------------------- 1 file changed, 32 insertions(+), 46 deletions(-) diff --git a/acvm/src/pwg/blackbox.rs b/acvm/src/pwg/blackbox.rs index 3c507592f..ac82d19b8 100644 --- a/acvm/src/pwg/blackbox.rs +++ b/acvm/src/pwg/blackbox.rs @@ -8,7 +8,13 @@ use acir::{ use crate::{OpcodeNotSolvable, OpcodeResolutionError, PartialWitnessGenerator}; -use super::OpcodeResolution; +use super::{ + hash::{blake2s, hash_to_field_128_security, keccak256, sha256}, + logic::solve_logic_opcode, + range::solve_range_opcode, + signature::ecdsa::secp256k1_prehashed, + OpcodeResolution, +}; /// Check if all of the inputs to the function have assignments /// @@ -39,56 +45,36 @@ pub(crate) fn solve( initial_witness: &mut BTreeMap, bb_func: &BlackBoxFuncCall, ) -> Result { - match bb_func { - BlackBoxFuncCall { inputs, .. } if !contains_all_inputs(initial_witness, inputs) => { - if let Some(unassigned_witness) = first_missing_assignment(initial_witness, inputs) { - Ok(OpcodeResolution::Stalled(OpcodeNotSolvable::MissingAssignment( - unassigned_witness.0, - ))) - } else { - // This only exists because Rust won't let us bind in a pattern guard. - // See https://github.com/rust-lang/rust/issues/51114 - unreachable!("Only reachable if the blackbox is stalled") - } - } - BlackBoxFuncCall { name: BlackBoxFunc::AES, inputs, outputs } => { - backend.aes(initial_witness, inputs, outputs) - } - BlackBoxFuncCall { name: BlackBoxFunc::AND, inputs, outputs } => { - backend.and(initial_witness, inputs, outputs) - } - BlackBoxFuncCall { name: BlackBoxFunc::XOR, inputs, outputs } => { - backend.xor(initial_witness, inputs, outputs) - } - BlackBoxFuncCall { name: BlackBoxFunc::RANGE, inputs, outputs } => { - backend.range(initial_witness, inputs, outputs) + if !contains_all_inputs(initial_witness, &bb_func.inputs) { + if let Some(unassigned_witness) = first_missing_assignment(initial_witness, &bb_func.inputs) + { + return Ok(OpcodeResolution::Stalled(OpcodeNotSolvable::MissingAssignment( + unassigned_witness.0, + ))); } - BlackBoxFuncCall { name: BlackBoxFunc::SHA256, inputs, outputs } => { - backend.sha256(initial_witness, inputs, outputs) - } - BlackBoxFuncCall { name: BlackBoxFunc::Blake2s, inputs, outputs } => { - backend.blake2s(initial_witness, inputs, outputs) - } - BlackBoxFuncCall { name: BlackBoxFunc::ComputeMerkleRoot, inputs, outputs } => { - backend.compute_merkle_root(initial_witness, inputs, outputs) - } - BlackBoxFuncCall { name: BlackBoxFunc::SchnorrVerify, inputs, outputs } => { - backend.schnorr_verify(initial_witness, inputs, outputs) - } - BlackBoxFuncCall { name: BlackBoxFunc::Pedersen, inputs, outputs } => { - backend.pedersen(initial_witness, inputs, outputs) + } + match bb_func.name { + BlackBoxFunc::AND | BlackBoxFunc::XOR => solve_logic_opcode(initial_witness, bb_func), + BlackBoxFunc::RANGE => solve_range_opcode(initial_witness, bb_func), + BlackBoxFunc::SHA256 => sha256(initial_witness, bb_func), + BlackBoxFunc::Blake2s => blake2s(initial_witness, bb_func), + BlackBoxFunc::Keccak256 => keccak256(initial_witness, bb_func), + BlackBoxFunc::ComputeMerkleRoot => { + backend.compute_merkle_root(initial_witness, &bb_func.inputs, &bb_func.outputs) } - BlackBoxFuncCall { name: BlackBoxFunc::HashToField128Security, inputs, outputs } => { - backend.hash_to_field128_security(initial_witness, inputs, outputs) + BlackBoxFunc::SchnorrVerify => { + backend.schnorr_verify(initial_witness, &bb_func.inputs, &bb_func.outputs) } - BlackBoxFuncCall { name: BlackBoxFunc::EcdsaSecp256k1, inputs, outputs } => { - backend.ecdsa_secp256k1(initial_witness, inputs, outputs) + BlackBoxFunc::Pedersen => { + backend.pedersen(initial_witness, &bb_func.inputs, &bb_func.outputs) } - BlackBoxFuncCall { name: BlackBoxFunc::FixedBaseScalarMul, inputs, outputs } => { - backend.fixed_base_scalar_mul(initial_witness, inputs, outputs) + BlackBoxFunc::HashToField128Security => { + hash_to_field_128_security(initial_witness, bb_func) } - BlackBoxFuncCall { name: BlackBoxFunc::Keccak256, inputs, outputs } => { - backend.keccak256(initial_witness, inputs, outputs) + BlackBoxFunc::EcdsaSecp256k1 => secp256k1_prehashed(initial_witness, bb_func), + BlackBoxFunc::FixedBaseScalarMul => { + backend.fixed_base_scalar_mul(initial_witness, &bb_func.inputs, &bb_func.outputs) } + BlackBoxFunc::AES => Err(OpcodeResolutionError::UnsupportedBlackBoxFunc(bb_func.name)), } } From af4e4b495b3b642f404dc45040564576ee890ca8 Mon Sep 17 00:00:00 2001 From: guipublic Date: Fri, 5 May 2023 12:20:18 +0000 Subject: [PATCH 2/7] use backend for aes --- acvm/src/pwg/blackbox.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/acvm/src/pwg/blackbox.rs b/acvm/src/pwg/blackbox.rs index ac82d19b8..96667bb99 100644 --- a/acvm/src/pwg/blackbox.rs +++ b/acvm/src/pwg/blackbox.rs @@ -75,6 +75,6 @@ pub(crate) fn solve( BlackBoxFunc::FixedBaseScalarMul => { backend.fixed_base_scalar_mul(initial_witness, &bb_func.inputs, &bb_func.outputs) } - BlackBoxFunc::AES => Err(OpcodeResolutionError::UnsupportedBlackBoxFunc(bb_func.name)), + BlackBoxFunc::AES => backend.aes(initial_witness, &bb_func.inputs, &bb_func.outputs), } } From aa151bbd1fe90ac177a4d9f2dce5dcc2e14bad32 Mon Sep 17 00:00:00 2001 From: guipublic Date: Fri, 5 May 2023 12:56:11 +0000 Subject: [PATCH 3/7] code review --- acvm/src/pwg/blackbox.rs | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/acvm/src/pwg/blackbox.rs b/acvm/src/pwg/blackbox.rs index 96667bb99..6f9b79acf 100644 --- a/acvm/src/pwg/blackbox.rs +++ b/acvm/src/pwg/blackbox.rs @@ -59,6 +59,10 @@ pub(crate) fn solve( BlackBoxFunc::SHA256 => sha256(initial_witness, bb_func), BlackBoxFunc::Blake2s => blake2s(initial_witness, bb_func), BlackBoxFunc::Keccak256 => keccak256(initial_witness, bb_func), + BlackBoxFunc::HashToField128Security => { + hash_to_field_128_security(initial_witness, bb_func) + } + BlackBoxFunc::EcdsaSecp256k1 => secp256k1_prehashed(initial_witness, bb_func), BlackBoxFunc::ComputeMerkleRoot => { backend.compute_merkle_root(initial_witness, &bb_func.inputs, &bb_func.outputs) } @@ -68,10 +72,7 @@ pub(crate) fn solve( BlackBoxFunc::Pedersen => { backend.pedersen(initial_witness, &bb_func.inputs, &bb_func.outputs) } - BlackBoxFunc::HashToField128Security => { - hash_to_field_128_security(initial_witness, bb_func) - } - BlackBoxFunc::EcdsaSecp256k1 => secp256k1_prehashed(initial_witness, bb_func), + BlackBoxFunc::FixedBaseScalarMul => { backend.fixed_base_scalar_mul(initial_witness, &bb_func.inputs, &bb_func.outputs) } From e19fc32c3f1dba322ae0f9d22b4fcbc6eb675201 Mon Sep 17 00:00:00 2001 From: guipublic Date: Fri, 12 May 2023 12:02:51 +0000 Subject: [PATCH 4/7] format --- acvm/src/pwg/blackbox.rs | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/acvm/src/pwg/blackbox.rs b/acvm/src/pwg/blackbox.rs index a1bb546dd..0b4190e4a 100644 --- a/acvm/src/pwg/blackbox.rs +++ b/acvm/src/pwg/blackbox.rs @@ -107,8 +107,6 @@ pub(crate) fn solve( BlackBoxFuncCall::FixedBaseScalarMul { input, outputs } => { backend.fixed_base_scalar_mul(initial_witness, input, outputs) } - BlackBoxFuncCall::AES { inputs, outputs } => { - backend.aes(initial_witness, inputs, outputs) - } + BlackBoxFuncCall::AES { inputs, outputs } => backend.aes(initial_witness, inputs, outputs), } } From 779bfdb96bf64992a7346017002bf5b3214f70ed Mon Sep 17 00:00:00 2001 From: kevaundray Date: Thu, 18 May 2023 20:28:55 +0100 Subject: [PATCH 5/7] Remove backend solvable opcodes from the PWG trait (#289) --- acvm/src/lib.rs | 121 +----------------------------------------------- 1 file changed, 1 insertion(+), 120 deletions(-) diff --git a/acvm/src/lib.rs b/acvm/src/lib.rs index 999646f02..c8cc7c6c0 100644 --- a/acvm/src/lib.rs +++ b/acvm/src/lib.rs @@ -67,37 +67,7 @@ pub trait PartialWitnessGenerator { inputs: &[FunctionInput], outputs: &[Witness], ) -> Result; - fn and( - &self, - initial_witness: &mut WitnessMap, - lhs: &FunctionInput, - rhs: &FunctionInput, - output: &Witness, - ) -> Result; - fn xor( - &self, - initial_witness: &mut WitnessMap, - lhs: &FunctionInput, - rhs: &FunctionInput, - output: &Witness, - ) -> Result; - fn range( - &self, - initial_witness: &mut WitnessMap, - input: &FunctionInput, - ) -> Result; - fn sha256( - &self, - initial_witness: &mut WitnessMap, - inputs: &[FunctionInput], - outputs: &[Witness], - ) -> Result; - fn blake2s( - &self, - initial_witness: &mut WitnessMap, - inputs: &[FunctionInput], - outputs: &[Witness], - ) -> Result; + fn compute_merkle_root( &self, initial_witness: &mut WitnessMap, @@ -121,33 +91,12 @@ pub trait PartialWitnessGenerator { inputs: &[FunctionInput], outputs: &[Witness], ) -> Result; - fn hash_to_field_128_security( - &self, - initial_witness: &mut WitnessMap, - inputs: &[FunctionInput], - outputs: &Witness, - ) -> Result; - fn ecdsa_secp256k1( - &self, - initial_witness: &mut WitnessMap, - public_key_x: &[FunctionInput], - public_key_y: &[FunctionInput], - signature: &[FunctionInput], - message: &[FunctionInput], - outputs: &Witness, - ) -> Result; fn fixed_base_scalar_mul( &self, initial_witness: &mut WitnessMap, input: &FunctionInput, outputs: &[Witness], ) -> Result; - fn keccak256( - &self, - initial_witness: &mut WitnessMap, - inputs: &[FunctionInput], - outputs: &[Witness], - ) -> Result; } pub trait SmartContract { @@ -291,47 +240,6 @@ mod test { ) -> Result { panic!("Path not trodden by this test") } - fn and( - &self, - _initial_witness: &mut WitnessMap, - _lhs: &FunctionInput, - _rhs: &FunctionInput, - _output: &Witness, - ) -> Result { - panic!("Path not trodden by this test") - } - fn xor( - &self, - _initial_witness: &mut WitnessMap, - _lhs: &FunctionInput, - _rhs: &FunctionInput, - _output: &Witness, - ) -> Result { - panic!("Path not trodden by this test") - } - fn range( - &self, - _initial_witness: &mut WitnessMap, - _input: &FunctionInput, - ) -> Result { - panic!("Path not trodden by this test") - } - fn sha256( - &self, - _initial_witness: &mut WitnessMap, - _inputs: &[FunctionInput], - _outputs: &[Witness], - ) -> Result { - panic!("Path not trodden by this test") - } - fn blake2s( - &self, - _initial_witness: &mut WitnessMap, - _inputs: &[FunctionInput], - _outputs: &[Witness], - ) -> Result { - panic!("Path not trodden by this test") - } fn compute_merkle_root( &self, _initial_witness: &mut WitnessMap, @@ -361,25 +269,6 @@ mod test { ) -> Result { panic!("Path not trodden by this test") } - fn hash_to_field_128_security( - &self, - _initial_witness: &mut WitnessMap, - _inputs: &[FunctionInput], - _output: &Witness, - ) -> Result { - panic!("Path not trodden by this test") - } - fn ecdsa_secp256k1( - &self, - _initial_witness: &mut WitnessMap, - _public_key_x: &[FunctionInput], - _public_key_y: &[FunctionInput], - _signature: &[FunctionInput], - _message: &[FunctionInput], - _output: &Witness, - ) -> Result { - panic!("Path not trodden by this test") - } fn fixed_base_scalar_mul( &self, _initial_witness: &mut WitnessMap, @@ -388,14 +277,6 @@ mod test { ) -> Result { panic!("Path not trodden by this test") } - fn keccak256( - &self, - _initial_witness: &mut WitnessMap, - _inputs: &[FunctionInput], - _outputs: &[Witness], - ) -> Result { - panic!("Path not trodden by this test") - } } #[test] From b83ebcda45d3893efd868becc36d5dc02937f33a Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Thu, 18 May 2023 20:40:41 +0100 Subject: [PATCH 6/7] reduce diff --- acvm/src/pwg/blackbox.rs | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/acvm/src/pwg/blackbox.rs b/acvm/src/pwg/blackbox.rs index d5027c6c3..71c26870e 100644 --- a/acvm/src/pwg/blackbox.rs +++ b/acvm/src/pwg/blackbox.rs @@ -49,6 +49,7 @@ pub(crate) fn solve( } match bb_func { + BlackBoxFuncCall::AES { inputs, outputs } => backend.aes(initial_witness, inputs, outputs), acir::circuit::opcodes::BlackBoxFuncCall::AND { lhs, rhs, output } => { and(initial_witness, lhs, rhs, output) } @@ -58,49 +59,48 @@ pub(crate) fn solve( BlackBoxFuncCall::Blake2s { inputs, outputs } => { blake2s256(initial_witness, inputs, outputs) } - BlackBoxFuncCall::Keccak256 { inputs, outputs } => { - keccak256(initial_witness, inputs, outputs) - } - BlackBoxFuncCall::HashToField128Security { inputs, output } => { - hash_to_field_128_security(initial_witness, inputs, output) + BlackBoxFuncCall::ComputeMerkleRoot { leaf, index, hash_path, output } => { + backend.compute_merkle_root(initial_witness, leaf, index, hash_path, output) } - BlackBoxFuncCall::EcdsaSecp256k1 { + BlackBoxFuncCall::SchnorrVerify { public_key_x, public_key_y, signature, - hashed_message: message, + message, output, - } => secp256k1_prehashed( + } => backend.schnorr_verify( initial_witness, public_key_x, public_key_y, signature, message, - *output, + output, ), - BlackBoxFuncCall::ComputeMerkleRoot { leaf, index, hash_path, output } => { - backend.compute_merkle_root(initial_witness, leaf, index, hash_path, output) + BlackBoxFuncCall::Pedersen { inputs, outputs } => { + backend.pedersen(initial_witness, inputs, outputs) } - BlackBoxFuncCall::SchnorrVerify { + BlackBoxFuncCall::HashToField128Security { inputs, output } => { + hash_to_field_128_security(initial_witness, inputs, output) + } + BlackBoxFuncCall::EcdsaSecp256k1 { public_key_x, public_key_y, signature, - message, + hashed_message: message, output, - } => backend.schnorr_verify( + } => secp256k1_prehashed( initial_witness, public_key_x, public_key_y, signature, message, - output, + *output, ), - BlackBoxFuncCall::Pedersen { inputs, outputs } => { - backend.pedersen(initial_witness, inputs, outputs) - } BlackBoxFuncCall::FixedBaseScalarMul { input, outputs } => { backend.fixed_base_scalar_mul(initial_witness, input, outputs) } - BlackBoxFuncCall::AES { inputs, outputs } => backend.aes(initial_witness, inputs, outputs), + BlackBoxFuncCall::Keccak256 { inputs, outputs } => { + keccak256(initial_witness, inputs, outputs) + } } } From 716f16eb97e069f9cff13a4a048f127596840d46 Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Thu, 18 May 2023 20:45:09 +0100 Subject: [PATCH 7/7] revert merge overwrite --- acvm/src/lib.rs | 52 ------------------------------------- acvm/src/pwg.rs | 68 ------------------------------------------------- 2 files changed, 120 deletions(-) diff --git a/acvm/src/lib.rs b/acvm/src/lib.rs index 82af9461a..8c33f64da 100644 --- a/acvm/src/lib.rs +++ b/acvm/src/lib.rs @@ -80,37 +80,6 @@ pub trait PartialWitnessGenerator { inputs: &[FunctionInput], outputs: &[Witness], ) -> Result; - fn and( - &self, - initial_witness: &mut WitnessMap, - lhs: &FunctionInput, - rhs: &FunctionInput, - output: &Witness, - ) -> Result; - fn xor( - &self, - initial_witness: &mut WitnessMap, - lhs: &FunctionInput, - rhs: &FunctionInput, - output: &Witness, - ) -> Result; - fn range( - &self, - initial_witness: &mut WitnessMap, - input: &FunctionInput, - ) -> Result; - fn sha256( - &self, - initial_witness: &mut WitnessMap, - inputs: &[FunctionInput], - outputs: &[Witness], - ) -> Result; - fn blake2s( - &self, - initial_witness: &mut WitnessMap, - inputs: &[FunctionInput], - outputs: &[Witness], - ) -> Result; fn compute_merkle_root( &self, initial_witness: &mut WitnessMap, @@ -134,33 +103,12 @@ pub trait PartialWitnessGenerator { inputs: &[FunctionInput], outputs: &[Witness], ) -> Result; - fn hash_to_field_128_security( - &self, - initial_witness: &mut WitnessMap, - inputs: &[FunctionInput], - outputs: &Witness, - ) -> Result; - fn ecdsa_secp256k1( - &self, - initial_witness: &mut WitnessMap, - public_key_x: &[FunctionInput], - public_key_y: &[FunctionInput], - signature: &[FunctionInput], - hashed_message: &[FunctionInput], - outputs: &Witness, - ) -> Result; fn fixed_base_scalar_mul( &self, initial_witness: &mut WitnessMap, input: &FunctionInput, outputs: &[Witness], ) -> Result; - fn keccak256( - &self, - initial_witness: &mut WitnessMap, - inputs: &[FunctionInput], - outputs: &[Witness], - ) -> Result; } pub trait SmartContract { diff --git a/acvm/src/pwg.rs b/acvm/src/pwg.rs index 4a902a747..dc849b6bd 100644 --- a/acvm/src/pwg.rs +++ b/acvm/src/pwg.rs @@ -270,47 +270,6 @@ mod test { ) -> Result { panic!("Path not trodden by this test") } - fn and( - &self, - _initial_witness: &mut WitnessMap, - _lhs: &FunctionInput, - _rhs: &FunctionInput, - _output: &Witness, - ) -> Result { - panic!("Path not trodden by this test") - } - fn xor( - &self, - _initial_witness: &mut WitnessMap, - _lhs: &FunctionInput, - _rhs: &FunctionInput, - _output: &Witness, - ) -> Result { - panic!("Path not trodden by this test") - } - fn range( - &self, - _initial_witness: &mut WitnessMap, - _input: &FunctionInput, - ) -> Result { - panic!("Path not trodden by this test") - } - fn sha256( - &self, - _initial_witness: &mut WitnessMap, - _inputs: &[FunctionInput], - _outputs: &[Witness], - ) -> Result { - panic!("Path not trodden by this test") - } - fn blake2s( - &self, - _initial_witness: &mut WitnessMap, - _inputs: &[FunctionInput], - _outputs: &[Witness], - ) -> Result { - panic!("Path not trodden by this test") - } fn compute_merkle_root( &self, _initial_witness: &mut WitnessMap, @@ -340,25 +299,6 @@ mod test { ) -> Result { panic!("Path not trodden by this test") } - fn hash_to_field_128_security( - &self, - _initial_witness: &mut WitnessMap, - _inputs: &[FunctionInput], - _output: &Witness, - ) -> Result { - panic!("Path not trodden by this test") - } - fn ecdsa_secp256k1( - &self, - _initial_witness: &mut WitnessMap, - _public_key_x: &[FunctionInput], - _public_key_y: &[FunctionInput], - _signature: &[FunctionInput], - _hashed_message: &[FunctionInput], - _output: &Witness, - ) -> Result { - panic!("Path not trodden by this test") - } fn fixed_base_scalar_mul( &self, _initial_witness: &mut WitnessMap, @@ -367,14 +307,6 @@ mod test { ) -> Result { panic!("Path not trodden by this test") } - fn keccak256( - &self, - _initial_witness: &mut WitnessMap, - _inputs: &[FunctionInput], - _outputs: &[Witness], - ) -> Result { - panic!("Path not trodden by this test") - } } #[test]