Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Plonk: Add solidity verifier #1249

Open
wants to merge 25 commits into
base: add-bellman-plonk-backend
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 15 commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
9de7966
Add matter-labs Plonk solidity verifier
georgwiese Nov 23, 2022
7c27642
Write basic code to return static verifier
georgwiese Nov 23, 2022
b95f98e
Update solidity version, format, add dummy verifyTx()
georgwiese Nov 23, 2022
d7adaf7
Get dummy proof working
georgwiese Nov 23, 2022
f351605
Move inputs outside of proof struct, run actual verification
georgwiese Nov 23, 2022
98d432b
Pass correct proof
georgwiese Nov 23, 2022
037ec0a
Replace plonk verifier template with one from solidity_plonk_verifier…
georgwiese Nov 25, 2022
ff999c5
Update solidity version
georgwiese Nov 25, 2022
d8df138
Rename verifier
georgwiese Nov 25, 2022
f44ff73
Plonk solidity verifier: Move inputs outside prove, add verifyTx() fu…
georgwiese Nov 25, 2022
c06a21c
Add solidity renderer
georgwiese Nov 25, 2022
ff4736d
Beginn moving plonk proving scheme
georgwiese Nov 25, 2022
35fcbe7
Implement Plonk proving scheme in zokrates_bellamn, fix verifier temp…
georgwiese Nov 30, 2022
77afc6d
Enable more tests
georgwiese Nov 30, 2022
8517c29
Clean up integration test
georgwiese Nov 30, 2022
944429e
Clean up
georgwiese Nov 30, 2022
28c0029
Clean up
georgwiese Nov 30, 2022
fdf2132
Clean up
georgwiese Nov 30, 2022
9dfd51c
Refactor solidity renderer to not depend on bellman
georgwiese Nov 30, 2022
195f9af
Move Plonk proving system to zokrates_proof_systems
georgwiese Nov 30, 2022
58e248a
Add zokrates_proof_system files
georgwiese Nov 30, 2022
254dbf6
Remove unused imports
georgwiese Nov 30, 2022
d09d5db
Cleanup
georgwiese Nov 30, 2022
092b4e3
Review feedback
georgwiese Dec 21, 2022
759a4a0
Add universal setup for marlin
georgwiese Dec 21, 2022
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
605 changes: 556 additions & 49 deletions Cargo.lock

Large diffs are not rendered by default.

7 changes: 7 additions & 0 deletions zokrates_bellman/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,13 @@ rand_0_4 = { version = "0.4", package = "rand" }#
getrandom = { version = "0.2", features = ["js", "wasm-bindgen"] }
hex = "0.4.2"

# Used by solidity renderer
serde = { version = "1.0", features = ["derive"] }
handlebars = "3.*"
serde_json = "1.*"
web3 = {version = "0.8.*", default_features = false }
ethabi = "17.0.0"

[dev-dependencies]
zokrates_interpreter = { version = "0.1", path = "../zokrates_interpreter", features = ["bellman"] }

Expand Down
2 changes: 2 additions & 0 deletions zokrates_bellman/src/lib.rs
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
pub mod groth16;
pub mod plonk;
pub mod solidity_renderer;
pub mod plonk_proving_scheme;

extern crate bellman_ce as bellman;

Expand Down
6 changes: 3 additions & 3 deletions zokrates_bellman/src/plonk.rs
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,13 @@ use zokrates_field::BellmanFieldExtensions;
use zokrates_field::Field;
use zokrates_proof_systems::{Backend, Proof, SetupKeypair, UniversalBackend};

use crate::plonk_proving_scheme::{Plonk, ProofPoints, VerificationKey};
use crate::Computation;
use crate::{parse_fr, serialization, Bellman};
use crate::{parse_g1, parse_g2};
use std::io::Cursor;
use std::marker::PhantomData;
use zokrates_ast::ir::{ProgIterator, Statement, Witness};
use zokrates_proof_systems::plonk::{Plonk, ProofPoints, VerificationKey};
use zokrates_proof_systems::Scheme;

impl<T: Field + BellmanFieldExtensions> UniversalBackend<T, Plonk> for Bellman {
Expand Down Expand Up @@ -131,7 +131,7 @@ impl<T: Field + BellmanFieldExtensions> Backend<T, Plonk> for Bellman {
}
}

fn deserialize_vk<T: Field + BellmanFieldExtensions>(
pub fn deserialize_vk<T: Field + BellmanFieldExtensions>(
vk: <Plonk as Scheme<T>>::VerificationKey,
) -> BellmanVerificationKey<T::BellmanEngine, PlonkCsWidth4WithNextStepParams> {
BellmanVerificationKey {
Expand Down Expand Up @@ -198,7 +198,7 @@ fn serialize_vk<T: Field + BellmanFieldExtensions>(
}
}

fn deserialize_proof<T: Field + BellmanFieldExtensions>(
pub fn deserialize_proof<T: Field + BellmanFieldExtensions>(
proof: Proof<T, Plonk>,
) -> BellmanProof<T::BellmanEngine, PlonkCsWidth4WithNextStepParams> {
let inputs = proof.inputs;
Expand Down
147 changes: 147 additions & 0 deletions zokrates_bellman/src/plonk_proving_scheme.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,147 @@
use ethabi::Token;

use zokrates_proof_systems::scheme::Scheme;
use zokrates_proof_systems::to_token::{encode_fr_element_as_tuple, encode_g1_element, ToToken};
use zokrates_proof_systems::{
Fr, G1Affine, G2Affine, SolidityCompatibleField, SolidityCompatibleScheme, UniversalScheme,
};
// use regex::Regex;
use serde::{Deserialize, Serialize};
use zokrates_field::{BellmanFieldExtensions, Bn128Field, Field};

use crate::plonk::deserialize_vk;
use crate::solidity_renderer::render_verification_key;

#[derive(Serialize, Debug, Clone, PartialEq)]
pub struct Plonk;

#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct VerificationKey<G1, G2> {
pub n: u32,
pub num_inputs: u32,
pub selector_commitments: Vec<G1>,
pub next_step_selector_commitments: Vec<G1>,
pub permutation_commitments: Vec<G1>,
pub non_residues: Vec<Fr>,
pub g2_elements: [G2; 2],
}

#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub struct ProofPoints<G1> {
pub num_inputs: u32,
pub n: u32,
pub wire_commitments: Vec<G1>,
pub grand_product_commitment: G1,
pub quotient_poly_commitments: Vec<G1>,
pub wire_values_at_z: Vec<Fr>,
pub wire_values_at_z_omega: Vec<Fr>,
pub grand_product_at_z_omega: Fr,
pub quotient_polynomial_at_z: Fr,
pub linearization_polynomial_at_z: Fr,
pub permutation_polynomials_at_z: Vec<Fr>,
pub opening_at_z_proof: G1,
pub opening_at_z_omega_proof: G1,
}

impl<T: Field> Scheme<T> for Plonk {
const NAME: &'static str = "plonk";

type VerificationKey = VerificationKey<G1Affine, G2Affine>;
type ProofPoints = ProofPoints<G1Affine>;
}

impl<T: Field> UniversalScheme<T> for Plonk {}

impl SolidityCompatibleScheme<Bn128Field> for Plonk {
type Proof = Self::ProofPoints;

fn export_solidity_verifier(vk: Self::VerificationKey) -> String {
// TODO: Do this to compile the template into the binary
georgwiese marked this conversation as resolved.
Show resolved Hide resolved
// String::from(include_str!("../../solidity_templates/PlonkVerifier.sol"))
// read_to_string("/Users/georg/coding/zoKrates-georg/zokrates_proof_systems/solidity_templates/PlonkVerifier.sol").unwrap()

render_verification_key(&deserialize_vk::<Bn128Field>(vk))
}
}

impl ToToken<Bn128Field> for Plonk {
fn to_token(proof: Self::Proof) -> ethabi::Token {
let wire_commitments = Token::FixedArray(
proof
.wire_commitments
.iter()
.map(|x| encode_g1_element(x))
.collect(),
);

let grand_product_commitment = encode_g1_element(&proof.grand_product_commitment);

let quotient_poly_commitments = Token::FixedArray(
proof
.quotient_poly_commitments
.iter()
.map(|x| encode_g1_element(x))
.collect(),
);

let wire_values_at_z = Token::FixedArray(
proof
.wire_values_at_z
.iter()
.map(|x| encode_fr_element_as_tuple(x))
.collect(),
);

let wire_values_at_z_omega = Token::FixedArray(
proof
.wire_values_at_z_omega
.iter()
.map(|x| encode_fr_element_as_tuple(x))
.collect(),
);

let grand_product_at_z_omega = encode_fr_element_as_tuple(&proof.grand_product_at_z_omega);

let quotient_polynomial_at_z = encode_fr_element_as_tuple(&proof.quotient_polynomial_at_z);

let linearization_polynomial_at_z =
encode_fr_element_as_tuple(&proof.linearization_polynomial_at_z);

let permutation_polynomials_at_z = Token::FixedArray(
proof
.permutation_polynomials_at_z
.iter()
.map(|x| encode_fr_element_as_tuple(x))
.collect(),
);

let opening_at_z_proof = encode_g1_element(&proof.opening_at_z_proof);

let opening_at_z_omega_proof = encode_g1_element(&proof.opening_at_z_omega_proof);

let proof_tokens = vec![
wire_commitments,
grand_product_commitment,
quotient_poly_commitments,
wire_values_at_z,
wire_values_at_z_omega,
grand_product_at_z_omega,
quotient_polynomial_at_z,
linearization_polynomial_at_z,
permutation_polynomials_at_z,
opening_at_z_proof,
opening_at_z_omega_proof,
];
for t in &proof_tokens {
georgwiese marked this conversation as resolved.
Show resolved Hide resolved
println!("{:?}", t);
}

Token::Tuple(proof_tokens)
}

fn modify(mut proof: Self::Proof) -> Self::Proof {
proof.opening_at_z_omega_proof.x =
"0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa".into();
proof
}
}
Loading