Skip to content

Commit

Permalink
feat!: Noir development branch (serialization changes) (AztecProtocol…
Browse files Browse the repository at this point in the history
…#3858)

The report gates diff workflow relies on a compiled from source version
of Noir which uses a released version of bb. If any changes are made to
bb, it is not reflected in the compiled version of Noir. This can lead
to failures if the serialization is changed for example.

Since report-gates-diff is a github actions workflow, it doesn't have
access the compiled bb binary in CCI. We don't want to recompile it on
bb as that would take upwards of half an hour.

So that we don't block Noir related PRs that have been reviewed, this
branch will be used to merge in the breaking changes to serialization
until the issue with reports gate diff has been fixed.


# Checklist:
Remove the checklist to signal you've completed it. Enable auto-merge if
the PR is ready to merge.
- [ ] If the pull request requires a cryptography review (e.g.
cryptographic algorithm implementations) I have added the 'crypto' tag.
- [ ] I have reviewed my diff in github, line by line and removed
unexpected formatting changes, testing logs, or commented-out code.
- [ ] Every change is related to the PR description.
- [ ] I have
[linked](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue)
this pull request to relevant issues (if any exist).

---------

Co-authored-by: guipublic <guipublic@gmail.com>
Co-authored-by: guipublic <47281315+guipublic@users.noreply.github.com>
Co-authored-by: Tom French <15848336+TomAFrench@users.noreply.github.com>
  • Loading branch information
4 people authored Jan 8, 2024
1 parent 8ca541f commit 5a686dd
Show file tree
Hide file tree
Showing 35 changed files with 913 additions and 9 deletions.
2 changes: 1 addition & 1 deletion barretenberg/cpp/src/barretenberg/bb/main.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -397,7 +397,7 @@ void acvm_info(const std::string& output_path)
"width" : 3
},
"opcodes_supported" : ["arithmetic", "directive", "brillig", "memory_init", "memory_op"],
"black_box_functions_supported" : ["and", "xor", "range", "sha256", "blake2s", "keccak256", "schnorr_verify", "pedersen", "pedersen_hash", "ecdsa_secp256k1", "ecdsa_secp256r1", "fixed_base_scalar_mul", "recursive_aggregation"]
"black_box_functions_supported" : ["and", "xor", "range", "sha256", "blake2s", "keccak256", "keccak_f1600", "schnorr_verify", "pedersen", "pedersen_hash", "ecdsa_secp256k1", "ecdsa_secp256r1", "fixed_base_scalar_mul", "recursive_aggregation"]
})";

size_t length = strlen(jsonData);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -119,13 +119,21 @@ void build_constraints(Builder& builder, acir_format const& constraint_system, b
create_blake2s_constraints(builder, constraint);
}

// Add blake3 constraints
for (const auto& constraint : constraint_system.blake3_constraints) {
create_blake3_constraints(builder, constraint);
}

// Add keccak constraints
for (const auto& constraint : constraint_system.keccak_constraints) {
create_keccak_constraints(builder, constraint);
}
for (const auto& constraint : constraint_system.keccak_var_constraints) {
create_keccak_var_constraints(builder, constraint);
}
for (const auto& constraint : constraint_system.keccak_permutations) {
create_keccak_permutations(builder, constraint);
}

// Add pedersen constraints
for (const auto& constraint : constraint_system.pedersen_constraints) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
#include "barretenberg/dsl/types.hpp"
#include "barretenberg/serialize/msgpack.hpp"
#include "blake2s_constraint.hpp"
#include "blake3_constraint.hpp"
#include "block_constraint.hpp"
#include "ecdsa_secp256k1.hpp"
#include "ecdsa_secp256r1.hpp"
Expand Down Expand Up @@ -30,8 +31,10 @@ struct acir_format {
std::vector<EcdsaSecp256k1Constraint> ecdsa_k1_constraints;
std::vector<EcdsaSecp256r1Constraint> ecdsa_r1_constraints;
std::vector<Blake2sConstraint> blake2s_constraints;
std::vector<Blake3Constraint> blake3_constraints;
std::vector<KeccakConstraint> keccak_constraints;
std::vector<KeccakVarConstraint> keccak_var_constraints;
std::vector<Keccakf1600> keccak_permutations;
std::vector<PedersenConstraint> pedersen_constraints;
std::vector<PedersenHashConstraint> pedersen_hash_constraints;
std::vector<FixedBaseScalarMul> fixed_base_scalar_mul_constraints;
Expand All @@ -55,8 +58,10 @@ struct acir_format {
ecdsa_k1_constraints,
ecdsa_r1_constraints,
blake2s_constraints,
blake3_constraints,
keccak_constraints,
keccak_var_constraints,
keccak_permutations,
pedersen_constraints,
pedersen_hash_constraints,
fixed_base_scalar_mul_constraints,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,10 @@ TEST_F(AcirFormatTests, TestASingleConstraintNoPubInputs)
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand Down Expand Up @@ -143,8 +145,10 @@ TEST_F(AcirFormatTests, TestLogicGateFromNoirCircuit)
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand Down Expand Up @@ -207,8 +211,10 @@ TEST_F(AcirFormatTests, TestSchnorrVerifyPass)
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand Down Expand Up @@ -294,8 +300,10 @@ TEST_F(AcirFormatTests, TestSchnorrVerifySmallRange)
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand Down Expand Up @@ -400,8 +408,10 @@ TEST_F(AcirFormatTests, TestVarKeccak)
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = { keccak },
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand All @@ -419,4 +429,48 @@ TEST_F(AcirFormatTests, TestVarKeccak)
EXPECT_EQ(verifier.verify_proof(proof), true);
}

TEST_F(AcirFormatTests, TestKeccakPermutation)
{
Keccakf1600
keccak_permutation{
.state = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25 },
.result = { 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38,
39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50 },
};

acir_format constraint_system{ .varnum = 51,
.public_inputs = {},
.logic_constraints = {},
.range_constraints = {},
.sha256_constraints = {},
.schnorr_constraints = {},
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = { keccak_permutation },
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
.recursion_constraints = {},
.constraints = {},
.block_constraints = {} };

WitnessVector witness{ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17,
18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34,
35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50 };

auto builder = create_circuit_with_witness(constraint_system, witness);

auto composer = Composer();
auto prover = composer.create_ultra_with_keccak_prover(builder);
auto proof = prover.construct_proof();

auto verifier = composer.create_ultra_with_keccak_verifier(builder);

EXPECT_EQ(verifier.verify_proof(proof), true);
}

} // namespace acir_format::tests
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
#include "barretenberg/common/container.hpp"
#include "barretenberg/common/throw_or_abort.hpp"
#include "barretenberg/dsl/acir_format/blake2s_constraint.hpp"
#include "barretenberg/dsl/acir_format/blake3_constraint.hpp"
#include "barretenberg/dsl/acir_format/block_constraint.hpp"
#include "barretenberg/dsl/acir_format/ecdsa_secp256k1.hpp"
#include "barretenberg/dsl/acir_format/keccak_constraint.hpp"
Expand Down Expand Up @@ -113,6 +114,17 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, aci
}),
.result = map(arg.outputs, [](auto& e) { return e.value; }),
});
} else if constexpr (std::is_same_v<T, Circuit::BlackBoxFuncCall::Blake3>) {
af.blake3_constraints.push_back(Blake3Constraint{
.inputs = map(arg.inputs,
[](auto& e) {
return Blake3Input{
.witness = e.witness.value,
.num_bits = e.num_bits,
};
}),
.result = map(arg.outputs, [](auto& e) { return e.value; }),
});
} else if constexpr (std::is_same_v<T, Circuit::BlackBoxFuncCall::SchnorrVerify>) {
af.schnorr_constraints.push_back(SchnorrConstraint{
.message = map(arg.message, [](auto& e) { return e.witness.value; }),
Expand Down Expand Up @@ -180,6 +192,11 @@ void handle_blackbox_func_call(Circuit::Opcode::BlackBoxFuncCall const& arg, aci
.result = map(arg.outputs, [](auto& e) { return e.value; }),
.var_message_size = arg.var_message_size.witness.value,
});
} else if constexpr (std::is_same_v<T, Circuit::BlackBoxFuncCall::Keccakf1600>) {
af.keccak_permutations.push_back(Keccakf1600{
.state = map(arg.inputs, [](auto& e) { return e.witness.value; }),
.result = map(arg.outputs, [](auto& e) { return e.value; }),
});
} else if constexpr (std::is_same_v<T, Circuit::BlackBoxFuncCall::RecursiveAggregation>) {
auto c = RecursionConstraint{
.key = map(arg.verification_key, [](auto& e) { return e.witness.value; }),
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
#include "blake3_constraint.hpp"
#include "round.hpp"

namespace acir_format {

template <typename Builder> void create_blake3_constraints(Builder& builder, const Blake3Constraint& constraint)
{
using byte_array_ct = proof_system::plonk::stdlib::byte_array<Builder>;
using field_ct = proof_system::plonk::stdlib::field_t<Builder>;

// Create byte array struct
byte_array_ct arr(&builder);

// Get the witness assignment for each witness index
// Write the witness assignment to the byte_array
for (const auto& witness_index_num_bits : constraint.inputs) {
auto witness_index = witness_index_num_bits.witness;
auto num_bits = witness_index_num_bits.num_bits;

// XXX: The implementation requires us to truncate the element to the nearest byte and not bit
auto num_bytes = round_to_nearest_byte(num_bits);

field_ct element = field_ct::from_witness_index(&builder, witness_index);
byte_array_ct element_bytes(element, num_bytes);

arr.write(element_bytes);
}

byte_array_ct output_bytes = proof_system::plonk::stdlib::blake3s<Builder>(arr);

// Convert byte array to vector of field_t
auto bytes = output_bytes.bytes();

for (size_t i = 0; i < bytes.size(); ++i) {
builder.assert_equal(bytes[i].normalize().witness_index, constraint.result[i]);
}
}

template void create_blake3_constraints<UltraCircuitBuilder>(UltraCircuitBuilder& builder,
const Blake3Constraint& constraint);
template void create_blake3_constraints<GoblinUltraCircuitBuilder>(GoblinUltraCircuitBuilder& builder,
const Blake3Constraint& constraint);

} // namespace acir_format
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
#pragma once
#include "barretenberg/dsl/types.hpp"
#include "barretenberg/serialize/msgpack.hpp"
#include <cstdint>
#include <vector>

namespace acir_format {

struct Blake3Input {
uint32_t witness;
uint32_t num_bits;

// For serialization, update with any new fields
MSGPACK_FIELDS(witness, num_bits);
friend bool operator==(Blake3Input const& lhs, Blake3Input const& rhs) = default;
};

struct Blake3Constraint {
std::vector<Blake3Input> inputs;
std::vector<uint32_t> result;

// For serialization, update with any new fields
MSGPACK_FIELDS(inputs, result);
friend bool operator==(Blake3Constraint const& lhs, Blake3Constraint const& rhs) = default;
};

template <typename Builder> void create_blake3_constraints(Builder& builder, const Blake3Constraint& constraint);

} // namespace acir_format
Original file line number Diff line number Diff line change
Expand Up @@ -118,8 +118,10 @@ TEST_F(UltraPlonkRAM, TestBlockConstraint)
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -97,8 +97,10 @@ TEST_F(ECDSASecp256k1, TestECDSAConstraintSucceed)
.ecdsa_k1_constraints = { ecdsa_k1_constraint },
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand Down Expand Up @@ -137,8 +139,10 @@ TEST_F(ECDSASecp256k1, TestECDSACompilesForVerifier)
.ecdsa_k1_constraints = { ecdsa_k1_constraint },
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand Down Expand Up @@ -172,8 +176,10 @@ TEST_F(ECDSASecp256k1, TestECDSAConstraintFail)
.ecdsa_k1_constraints = { ecdsa_k1_constraint },
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -131,8 +131,10 @@ TEST(ECDSASecp256r1, test_hardcoded)
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = { ecdsa_r1_constraint },
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand Down Expand Up @@ -172,8 +174,10 @@ TEST(ECDSASecp256r1, TestECDSAConstraintSucceed)
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = { ecdsa_r1_constraint },
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand Down Expand Up @@ -211,8 +215,10 @@ TEST(ECDSASecp256r1, TestECDSACompilesForVerifier)
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = { ecdsa_r1_constraint },
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand Down Expand Up @@ -245,8 +251,10 @@ TEST(ECDSASecp256r1, TestECDSAConstraintFail)
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = { ecdsa_r1_constraint },
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_constraints = {},
.keccak_var_constraints = {},
.keccak_permutations = {},
.pedersen_constraints = {},
.pedersen_hash_constraints = {},
.fixed_base_scalar_mul_constraints = {},
Expand Down
Loading

0 comments on commit 5a686dd

Please sign in to comment.