From acdaccfb402434fd714d56f16e483b619f4f1cf4 Mon Sep 17 00:00:00 2001 From: saitima Date: Thu, 24 Oct 2024 17:32:13 +0200 Subject: [PATCH] feat(snark-wrapper): wrapper circuit with naive main gate --- crates/snark-wrapper/src/verifier/mod.rs | 69 +++++++++++++++++++----- 1 file changed, 57 insertions(+), 12 deletions(-) diff --git a/crates/snark-wrapper/src/verifier/mod.rs b/crates/snark-wrapper/src/verifier/mod.rs index 0f5d3cb..2f46716 100644 --- a/crates/snark-wrapper/src/verifier/mod.rs +++ b/crates/snark-wrapper/src/verifier/mod.rs @@ -24,9 +24,11 @@ use crate::franklin_crypto::plonk::circuit::goldilocks::GoldilocksField; use crate::franklin_crypto::plonk::circuit::linear_combination::LinearCombination; use crate::franklin_crypto::plonk::circuit::Assignment; +use crate::implementations::poseidon2::pow::ConcretePoseidon2SpongeGadget; use crate::traits::circuit::*; use crate::traits::transcript::CircuitGLTranscript; use crate::traits::tree_hasher::CircuitGLTreeHasher; +use crate::traits::*; use crate::verifier_structs::allocated_vk::AllocatedVerificationKey; use crate::verifier_structs::challenges::{ChallengesHolder, EvaluationsHolder}; use crate::verifier_structs::constants::ConstantsHolder; @@ -39,10 +41,11 @@ pub(crate) mod utils; use first_step::*; use fri::*; +use pow::RecursivePoWRunner; use quotient_contributions::*; use utils::*; -#[derive(Clone, Debug)] +#[derive(Clone, Debug, serde::Serialize)] pub struct WrapperCircuit< E: Engine, HS: TreeHasher, @@ -91,7 +94,7 @@ impl< let proof: AllocatedProof = AllocatedProof::allocate_from_witness(cs, &self.witness, &verifier, &fixed_parameters, &proof_config)?; // Verify proof - let correct = crate::verifier::verify::(cs, self.transcript_params.clone(), &proof_config, &proof, &verifier, &fixed_parameters, &vk)?; + let correct = crate::verifier::verify::>(cs, self.transcript_params.clone(), &proof_config, &proof, &verifier, &fixed_parameters, &vk)?; Boolean::enforce_equal(cs, &correct, &Boolean::constant(true))?; // Aggregate PI @@ -101,13 +104,57 @@ impl< } } -pub fn verify< +#[derive(Clone)] +pub struct WrapperCircuitWidth3NoLookupNoCustomGate< E: Engine, - CS: ConstraintSystem + 'static, - H: CircuitGLTreeHasher, + HS: TreeHasher, + H: CircuitGLTreeHasher, NonCircuitSimulator = HS>, TR: CircuitGLTranscript, - // TODO POW ->( + PWF: ProofWrapperFunction, +> { + pub witness: Option>, + pub vk: VerificationKey, + pub fixed_parameters: VerificationKeyCircuitGeometry, + pub transcript_params: TR::TranscriptParameters, + pub wrapper_function: PWF, +} + +impl< + E: Engine, + HS: TreeHasher, + H: CircuitGLTreeHasher, NonCircuitSimulator = HS>, + TR: CircuitGLTranscript, + PWF: ProofWrapperFunction, + > Circuit for WrapperCircuitWidth3NoLookupNoCustomGate +{ + type MainGate = rescue_poseidon::franklin_crypto::bellman::plonk::better_better_cs::gates::naive_main_gate::NaiveMainGate; + + fn declare_used_gates() -> Result>>, SynthesisError> { + Ok(vec![Self::MainGate::default().into_internal()]) + } + + fn synthesize + 'static>(&self, cs: &mut CS) -> Result<(), SynthesisError> { + // Prepare for proof verification + let verifier_builder = self.wrapper_function.builder_for_wrapper(); + let verifier = verifier_builder.create_wrapper_verifier(cs); + + let proof_config = self.wrapper_function.proof_config_for_compression_step(); + let fixed_parameters = self.fixed_parameters.clone(); + + let vk = AllocatedVerificationKey::::allocate_constant(&self.vk, &fixed_parameters); + let proof: AllocatedProof = AllocatedProof::allocate_from_witness(cs, &self.witness, &verifier, &fixed_parameters, &proof_config)?; + // Verify proof + let correct = crate::verifier::verify::>(cs, self.transcript_params.clone(), &proof_config, &proof, &verifier, &fixed_parameters, &vk)?; + Boolean::enforce_equal(cs, &correct, &Boolean::constant(true))?; + + // Aggregate PI + let _pi = aggregate_public_inputs(cs, &proof.public_inputs)?; + + Ok(()) + } +} + +pub fn verify + 'static, H: CircuitGLTreeHasher, TR: CircuitGLTranscript, POW: RecursivePoWRunner>( cs: &mut CS, transcript_params: TR::TranscriptParameters, proof_config: &ProofConfig, @@ -128,8 +175,7 @@ pub fn verify< let public_input_opening_tuples = verify_first_step(cs, proof, vk, &mut challenges, &mut transcript, verifier, fixed_parameters, &constants)?; validity_flags.extend(check_quotient_contributions_in_z(cs, proof, &challenges, verifier, fixed_parameters, &constants)?); - - validity_flags.extend(verify_fri_part::( + validity_flags.extend(verify_fri_part::( cs, proof, vk, @@ -155,10 +201,9 @@ fn aggregate_public_inputs>(cs: &mut CS, publ ); // Firstly we check that public inputs have correct size - use crate::franklin_crypto::plonk::circuit::bigint_new::enforce_range_check_using_bitop_table; + use rescue_poseidon::franklin_crypto::plonk::circuit::goldilocks::range_check_for_num_bits; for pi in public_inputs.iter() { - let table = cs.get_table(BITWISE_LOGICAL_OPS_TABLE_NAME).unwrap(); - enforce_range_check_using_bitop_table(cs, &pi.into_num().get_variable(), chunk_bit_size, table, false)?; + range_check_for_num_bits(cs, &pi.into_num(), 64)?; } // compute aggregated pi value