Merge pull request #179 from KogarashiNetwork/feature/nova-gadget

init NIFS circuit and gadget
KogarashiNetwork · Nov 24, 2023 · 06041d8 · 06041d8
2 parents 17fdce1 + 78e675a
commit 06041d8
Show file tree

Hide file tree

Showing 52 changed files with 856 additions and 452 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -4,7 +4,6 @@ members = [
     "groth16",
     "grumpkin",
     "nova",
-    "r1cs",
     "zkstd",
 ]
 

diff --git a/groth16/Cargo.toml b/groth16/Cargo.toml
@@ -16,8 +16,8 @@ rustdoc-args = ["--cfg", "docsrs", "--html-in-header", "katex-header.html"]
 
 [dependencies]
 zkstd = { path = "../zkstd", default-features = false }
-r1cs = { path = "../r1cs", default-features = false }
 bn-254 = { path = "../bn254", default-features = false }
+grumpkin = { path = "../grumpkin", default-features = false }
 rayon = { version = "1.5.1", optional = true }
 
 [features]

diff --git a/groth16/src/circuit.rs b/groth16/src/circuit.rs
@@ -1,6 +1,7 @@
 use crate::error::Error;
 
-use r1cs::{GrumpkinDriver, R1cs};
+use grumpkin::driver::GrumpkinDriver;
+use zkstd::circuit::prelude::R1cs;
 use zkstd::common::Debug;
 
 /// circuit trait

diff --git a/groth16/src/lib.rs b/groth16/src/lib.rs
@@ -21,9 +21,10 @@ mod tests {
     use crate::circuit::Circuit;
     use crate::error::Error;
     use crate::zksnark::ZkSnark;
+
     use bn_254::Fr as BnScalar;
-    use r1cs::gadget::field::FieldAssignment;
-    use r1cs::{GrumpkinDriver, R1cs};
+    use grumpkin::driver::GrumpkinDriver;
+    use zkstd::circuit::prelude::{FieldAssignment, R1cs};
     use zkstd::common::OsRng;
 
     #[test]

diff --git a/groth16/src/prover.rs b/groth16/src/prover.rs
@@ -7,8 +7,8 @@ use crate::poly::PointsValue;
 use crate::proof::Proof;
 
 use bn_254::Fr;
-use r1cs::R1cs;
 use zkstd::common::{CurveGroup, Group, RngCore};
+use zkstd::r1cs::R1cs;
 
 #[derive(Debug)]
 pub struct Prover {

diff --git a/groth16/src/zksnark.rs b/groth16/src/zksnark.rs
@@ -7,8 +7,8 @@ use crate::prover::Prover;
 use crate::verifier::{Verifier, VerifyingKey};
 
 use bn_254::{Fr, G1Affine, G2Affine};
-use r1cs::R1cs;
 use zkstd::common::{vec, Group, MulAssign, PrimeField, RngCore, Vec};
+use zkstd::r1cs::R1cs;
 
 /// Generate the arguments to prove and verify a circuit
 pub struct ZkSnark {}

diff --git a/grumpkin/src/driver.rs b/grumpkin/src/driver.rs
@@ -0,0 +1,19 @@
+use crate::params::PARAM_B3;
+use bn_254::{Fq, Fr, G1Affine};
+use zkstd::circuit::CircuitDriver;
+
+#[derive(Clone, Debug, Default, PartialEq, Eq)]
+pub struct GrumpkinDriver;
+
+impl CircuitDriver for GrumpkinDriver {
+    const NUM_BITS: u16 = 254;
+    type Affine = G1Affine;
+
+    type Base = Fq;
+
+    type Scalar = Fr;
+
+    fn b3() -> Self::Scalar {
+        PARAM_B3
+    }
+}
diff --git a/grumpkin/src/lib.rs b/grumpkin/src/lib.rs
@@ -18,6 +18,7 @@
 #![allow(clippy::suspicious_arithmetic_impl)]
 
 mod curve;
+pub mod driver;
+pub mod params;
 
 pub use curve::{Affine, Projective};
-pub mod params;
diff --git a/grumpkin/src/params.rs b/grumpkin/src/params.rs
@@ -8,6 +8,7 @@ pub const GENERATOR_Y: Fr = Fr::new_unchecked([
     0xaa7b8cf435dfafbb,
     0x14b34cf69dc25d68,
 ]);
+
 // bn curve b param
 pub(crate) const PARAM_B: Fr = Fr::new_unchecked([
     0xdd7056026000005a,

diff --git a/nova/Cargo.toml b/nova/Cargo.toml
@@ -11,9 +11,9 @@ categories = ["cryptography"]
 keywords = ["zkp", "blockchain", "elliptic-curve"]
 
 [dependencies]
-r1cs = { path = "../r1cs", default-features = false }
 zkstd = { path = "../zkstd", default-features = false }
 bn-254 = { path = "../bn254", default-features = false }
+grumpkin = { path = "../grumpkin", default-features = false }
 serde = { version = "1.0.102", default-features = false, features = ["derive"] }
 blake2b_simd = { version = "1", default-features = false }
 

diff --git a/nova/src/circuit.rs b/nova/src/circuit.rs
@@ -0,0 +1,2 @@
+mod nifs;
+mod transcript;
diff --git a/nova/src/circuit/nifs.rs b/nova/src/circuit/nifs.rs
@@ -0,0 +1,11 @@
+use core::marker::PhantomData;
+
+use zkstd::circuit::prelude::{CircuitDriver, R1cs};
+
+pub(crate) struct NifsCircuit<C: CircuitDriver> {
+    p: PhantomData<C>,
+}
+
+impl<C: CircuitDriver> NifsCircuit<C> {
+    pub(crate) fn verify(cs: &mut R1cs<C>) {}
+}
diff --git a/nova/src/hash/circuit.rs → nova/src/circuit/transcript.rs b/nova/src/hash/circuit.rs → nova/src/circuit/transcript.rs
@@ -1,38 +1,7 @@
-use crate::hash::Mimc;
-use r1cs::gadget::curve::PointAssignment;
-use r1cs::gadget::field::FieldAssignment;
-use r1cs::{CircuitDriver, R1cs};
-use zkstd::common::IntGroup;
-
-pub(crate) struct MimcAssignment<const ROUND: usize, C: CircuitDriver> {
-    constants: [C::Scalar; ROUND],
-}
-
-impl<const ROUND: usize, C: CircuitDriver> Default for MimcAssignment<ROUND, C> {
-    fn default() -> Self {
-        Self {
-            constants: Mimc::<ROUND, C::Scalar>::default().constants,
-        }
-    }
-}
+use crate::gadget::MimcAssignment;
 
-impl<const ROUND: usize, C: CircuitDriver> MimcAssignment<ROUND, C> {
-    pub(crate) fn hash(
-        &self,
-        cs: &mut R1cs<C>,
-        mut xl: FieldAssignment<C>,
-        mut xr: FieldAssignment<C>,
-    ) -> FieldAssignment<C> {
-        for c in self.constants.iter().map(|c| FieldAssignment::constant(c)) {
-            let cxl = &xl + &c;
-            let mut ccxl = FieldAssignment::square(cs, &cxl);
-            ccxl = &FieldAssignment::mul(cs, &ccxl, &cxl) + &xr;
-            xr = xl;
-            xl = ccxl;
-        }
-        xl
-    }
-}
+use zkstd::circuit::prelude::{CircuitDriver, FieldAssignment, PointAssignment, R1cs};
+use zkstd::common::IntGroup;
 
 pub(crate) struct MimcROCircuit<const ROUND: usize, C: CircuitDriver> {
     hasher: MimcAssignment<ROUND, C>,
@@ -71,14 +40,13 @@ impl<const ROUND: usize, C: CircuitDriver> MimcROCircuit<ROUND, C> {
 
 #[cfg(test)]
 mod tests {
-    use crate::hash::circuit::MimcROCircuit;
+    use super::MimcROCircuit;
     use crate::hash::{MimcRO, MIMC_ROUNDS};
+
     use bn_254::Fr;
-    use grumpkin::Affine;
-    use r1cs::gadget::curve::PointAssignment;
-    use r1cs::gadget::field::FieldAssignment;
-    use r1cs::{GrumpkinDriver, R1cs};
+    use grumpkin::{driver::GrumpkinDriver, Affine};
     use rand_core::OsRng;
+    use zkstd::circuit::prelude::{FieldAssignment, PointAssignment, R1cs};
     use zkstd::common::{CurveGroup, Group};
 
     #[test]

diff --git a/nova/src/function.rs b/nova/src/function.rs
@@ -1,4 +1,5 @@
-use r1cs::{CircuitDriver, DenseVectors};
+use zkstd::circuit::prelude::CircuitDriver;
+use zkstd::matrix::DenseVectors;
 
 pub trait Function<C: CircuitDriver> {
     fn invoke(z: &DenseVectors<C::Scalar>) -> DenseVectors<C::Scalar>;

diff --git a/nova/src/gadget.rs b/nova/src/gadget.rs
@@ -0,0 +1,4 @@
+mod mimc;
+mod relaxed_r1cs;
+
+pub(crate) use mimc::MimcAssignment;
diff --git a/nova/src/gadget/mimc.rs b/nova/src/gadget/mimc.rs
@@ -0,0 +1,33 @@
+use crate::hash::Mimc;
+
+use zkstd::circuit::prelude::{CircuitDriver, FieldAssignment, R1cs};
+
+pub(crate) struct MimcAssignment<const ROUND: usize, C: CircuitDriver> {
+    constants: [C::Scalar; ROUND],
+}
+
+impl<const ROUND: usize, C: CircuitDriver> Default for MimcAssignment<ROUND, C> {
+    fn default() -> Self {
+        Self {
+            constants: Mimc::<ROUND, C::Scalar>::default().constants,
+        }
+    }
+}
+
+impl<const ROUND: usize, C: CircuitDriver> MimcAssignment<ROUND, C> {
+    pub(crate) fn hash(
+        &self,
+        cs: &mut R1cs<C>,
+        mut xl: FieldAssignment<C>,
+        mut xr: FieldAssignment<C>,
+    ) -> FieldAssignment<C> {
+        for c in self.constants.iter().map(|c| FieldAssignment::constant(c)) {
+            let cxl = &xl + &c;
+            let mut ccxl = FieldAssignment::square(cs, &cxl);
+            ccxl = &FieldAssignment::mul(cs, &ccxl, &cxl) + &xr;
+            xr = xl;
+            xl = ccxl;
+        }
+        xl
+    }
+}
diff --git a/nova/src/gadget/relaxed_r1cs.rs b/nova/src/gadget/relaxed_r1cs.rs
@@ -0,0 +1,14 @@
+use crate::relaxed_r1cs::RelaxedR1csInstance;
+
+use zkstd::circuit::prelude::{CircuitDriver, FieldAssignment, PointAssignment, R1cs};
+
+pub(crate) struct RelaxedR1csAssignment<C: CircuitDriver> {
+    pub(crate) commit_w: PointAssignment<C>,
+    pub(crate) commit_e: PointAssignment<C>,
+    pub(crate) u: FieldAssignment<C>,
+    pub(crate) x: Vec<FieldAssignment<C>>,
+}
+
+impl<C: CircuitDriver> RelaxedR1csAssignment<C> {
+    pub(crate) fn witness(cs: &mut R1cs<C>, relaxed_r1cs: RelaxedR1csInstance<C>) {}
+}
diff --git a/nova/src/hash.rs b/nova/src/hash.rs
@@ -1,4 +1,3 @@
-mod circuit;
 mod helper;
 
 use helper::BlakeHelper;
@@ -9,7 +8,7 @@ use zkstd::common::{BNAffine, PrimeField};
 pub(crate) const MIMC_ROUNDS: usize = 322;
 
 pub(crate) struct Mimc<const ROUND: usize, F: PrimeField> {
-    constants: [F; ROUND],
+    pub(crate) constants: [F; ROUND],
 }
 
 impl<const ROUND: usize, F: PrimeField> Default for Mimc<ROUND, F> {

diff --git a/nova/src/ivc.rs b/nova/src/ivc.rs
@@ -2,8 +2,9 @@ use crate::function::Function;
 use crate::proof::RecursiveProof;
 use crate::{Prover, RelaxedR1cs};
 
-use r1cs::{CircuitDriver, DenseVectors, R1cs};
+use zkstd::circuit::prelude::{CircuitDriver, R1cs};
 use zkstd::common::RngCore;
+use zkstd::matrix::DenseVectors;
 
 pub struct Ivc<C: CircuitDriver> {
     i: usize,
@@ -71,8 +72,12 @@ impl<C: CircuitDriver> Ivc<C> {
 mod tests {
     use super::Ivc;
     use crate::test::ExampleFunction;
-    use r1cs::{test::example_r1cs, DenseVectors, GrumpkinDriver, R1cs};
+
+    use grumpkin::driver::GrumpkinDriver;
     use rand_core::OsRng;
+    use zkstd::circuit::prelude::R1cs;
+    use zkstd::matrix::DenseVectors;
+    use zkstd::r1cs::test::example_r1cs;
 
     #[test]
     fn ivc_test() {

diff --git a/nova/src/lib.rs b/nova/src/lib.rs
@@ -1,14 +1,15 @@
 #![doc = include_str!("../README.md")]
-#![allow(dead_code)]
+#![allow(unused_variables, dead_code)]
 
+mod circuit;
 mod function;
+mod gadget;
 mod hash;
 mod ivc;
 mod pedersen;
 mod proof;
 mod prover;
 mod relaxed_r1cs;
-
 mod verifier;
 
 #[cfg(test)]

diff --git a/nova/src/pedersen.rs b/nova/src/pedersen.rs
@@ -1,5 +1,5 @@
-use r1cs::DenseVectors;
 use zkstd::common::{BNAffine, Group, RngCore};
+use zkstd::matrix::DenseVectors;
 
 pub struct PedersenCommitment<C: BNAffine> {
     g: Vec<C>,

diff --git a/nova/src/proof.rs b/nova/src/proof.rs
@@ -3,8 +3,9 @@ use crate::{
     RelaxedR1cs,
 };
 
-use r1cs::{CircuitDriver, DenseVectors, R1cs};
+use zkstd::circuit::prelude::{CircuitDriver, R1cs};
 use zkstd::common::{Group, Ring};
+use zkstd::matrix::DenseVectors;
 
 #[allow(clippy::type_complexity)]
 pub struct RecursiveProof<C: CircuitDriver> {

diff --git a/nova/src/prover.rs b/nova/src/prover.rs
@@ -4,8 +4,9 @@ use crate::{
 };
 
 use crate::hash::{MimcRO, MIMC_ROUNDS};
-use r1cs::{CircuitDriver, DenseVectors, R1cs};
+use zkstd::circuit::prelude::{CircuitDriver, R1cs};
 use zkstd::common::{Ring, RngCore};
+use zkstd::matrix::DenseVectors;
 
 pub struct Prover<C: CircuitDriver> {
     // public parameters
@@ -88,8 +89,9 @@ impl<C: CircuitDriver> Prover<C> {
 pub(crate) mod tests {
     use super::{Prover, RelaxedR1cs};
 
-    use r1cs::{test::example_r1cs, GrumpkinDriver};
+    use grumpkin::driver::GrumpkinDriver;
     use zkstd::common::OsRng;
+    use zkstd::r1cs::test::example_r1cs;
 
     pub(crate) fn example_prover() -> Prover<GrumpkinDriver> {
         let r1cs = example_r1cs(0);
-Original file line number
+Diff line change
@@ Expand Up / @@ -4,7 +4,6 @@ members = [ @@
         "groth16",
         "grumpkin",
         "nova",
-        "r1cs",
         "zkstd",
     ]
@@ Expand Down @@