diff --git a/crypto3/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/extended_with_a_minus_1/element_g1.hpp b/crypto3/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/extended_with_a_minus_1/element_g1.hpp index 6a22198e39..e963914b47 100644 --- a/crypto3/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/extended_with_a_minus_1/element_g1.hpp +++ b/crypto3/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/extended_with_a_minus_1/element_g1.hpp @@ -221,13 +221,11 @@ namespace nil { /************************* Arithmetic operations ***********************************/ - constexpr curve_element operator=(const curve_element &other) { - // handle special cases having to do with O + constexpr curve_element& operator=(curve_element const &other) { this->X = other.X; this->Y = other.Y; - this->T = other.T; - this->Z = other.Z; - + this->T = other.X*other.Y; + this->Z = field_value_type::one(); return *this; } @@ -235,7 +233,6 @@ namespace nil { return curve_element(other.X, other.Y, other.X*other.Y, field_value_type::one()); } - template constexpr const curve_element& operator=( diff --git a/crypto3/libs/blueprint/include/nil/blueprint/zkevm/zkevm_operation.hpp b/crypto3/libs/blueprint/include/nil/blueprint/zkevm/zkevm_operation.hpp index 0d62fbf470..150bb2c922 100644 --- a/crypto3/libs/blueprint/include/nil/blueprint/zkevm/zkevm_operation.hpp +++ b/crypto3/libs/blueprint/include/nil/blueprint/zkevm/zkevm_operation.hpp @@ -69,7 +69,7 @@ namespace nil { // we expect that most of the operations would only use MIDDLE_OP virtual std::map> generate_gates(zkevm_circuit_type &zkevm_circuit) = 0; - virtual void generate_assignments(zkevm_circuit_type &zkevm_circuit, zkevm_machine_interface &machine); + virtual void generate_assignments(zkevm_circuit_type &zkevm_circuit, zkevm_machine_interface &machine) = 0; // should return the same rows amount for everyс operation right now // here in case we would make it dynamic in the future virtual std::size_t rows_amount() = 0; diff --git a/crypto3/libs/blueprint/test/zkevm/opcodes/div.cpp b/crypto3/libs/blueprint/test/zkevm/opcodes/div.cpp index f23b43c28f..66839fe656 100644 --- a/crypto3/libs/blueprint/test/zkevm/opcodes/div.cpp +++ b/crypto3/libs/blueprint/test/zkevm/opcodes/div.cpp @@ -35,7 +35,7 @@ #include #include "../opcode_tester.hpp" -#include +#include using namespace nil::blueprint; using namespace nil::crypto3::algebra; diff --git a/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/babyjubjub.hpp b/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/babyjubjub.hpp index 76e3ce76db..85975b54a9 100644 --- a/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/babyjubjub.hpp +++ b/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/babyjubjub.hpp @@ -51,11 +51,14 @@ namespace nil { namespace marshalling { namespace processing { - // Encoding of babyjubjub curve as described in Nocturne: + // Encoding of babyjubjub curve as described in Nocturne (endianness not specified) // https://nocturne-xyz.gitbook.io/nocturne/protocol-details/encodings // Only Y coordinate is encoded, plus 's' - the "sign" of X coordinate // uint256(signBit) << 254 | y - // TODO: update reference or invent our own rules + // + // Similar encoding is used here: + // https://zkkit.pse.dev/functions/_zk_kit_baby_jubjub.packPoint.html + // with implicit little-endian template struct curve_element_writer< @@ -132,9 +135,6 @@ namespace nil { nil::marshalling::status_type>::type process(group_value_type &point, TIter &iter) { - - // somehow add size check of container pointed by iter - // assert(TSize == std::distance(first, last)); using base_field_type = typename group_type::field_type; using base_integral_type = typename base_field_type::integral_type; using group_affine_value_type = @@ -156,9 +156,6 @@ namespace nil { return decoded_point_affine.error(); } - // TODO: remove hard-coded call for type conversion, implement type conversion between - // coordinates - // through operator point = decoded_point_affine.value(); return nil::marshalling::status_type::success; } diff --git a/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/curve_element.hpp b/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/curve_element.hpp index 12d3a0b045..7b0e7c8b15 100644 --- a/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/curve_element.hpp +++ b/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/curve_element.hpp @@ -28,10 +28,6 @@ #define CRYPTO3_MARSHALLING_PROCESSING_CURVE_ELEMENT_HPP #include -#include -#include -#include -#include #include #include @@ -46,8 +42,7 @@ namespace nil { namespace crypto3 { namespace marshalling { namespace processing { - // TODO: add marshalling algorithm specification template parameter and specialize parameters depending - // on the algorithm and curve group if needed + template struct curve_element_marshalling_params { using group_type = Group; @@ -78,13 +73,9 @@ namespace nil { }; - // TODO: do not specify marshalling algorithm by curve group, instead specify marshalling procedure only - // by form, coordinates and specification policy template struct curve_element_writer; - // TODO: do not specify marshalling algorithm by curve group, instead specify marshalling procedure only - // by form, coordinates and specification policy template struct curve_element_reader; diff --git a/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/detail/curve_element.hpp b/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/detail/curve_element.hpp index 4b89b339e8..8d08c49a50 100644 --- a/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/detail/curve_element.hpp +++ b/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/detail/curve_element.hpp @@ -79,8 +79,6 @@ namespace nil { if (compression) { result |= C_bit; } - // TODO: check condition of infinite point - // TODO: did not work as affine point should be fixed for zero-point if (point.is_zero()) { result |= I_bit; } else if (compression && sign_gf_p(point.to_affine().Y)) { diff --git a/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/ed25519.hpp b/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/ed25519.hpp index 7937e7138c..415d68a5a2 100644 --- a/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/ed25519.hpp +++ b/crypto3/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/ed25519.hpp @@ -126,8 +126,6 @@ namespace nil { process(group_value_type &point, TIter &iter) { - // somehow add size check of container pointed by iter - // assert(TSize == std::distance(first, last)); using base_field_type = typename group_type::field_type; using base_integral_type = typename base_field_type::integral_type; using group_affine_value_type = @@ -149,10 +147,7 @@ namespace nil { return decoded_point_affine.error(); } - // TODO: remove hard-coded call for type conversion, implement type conversion between - // coordinates - // through operator - point = decoded_point_affine.value().to_extended_with_a_minus_1(); + point = decoded_point_affine.value(); return nil::marshalling::status_type::success; } }; diff --git a/crypto3/libs/marshalling/algebra/test/curve_element.cpp b/crypto3/libs/marshalling/algebra/test/curve_element.cpp index 46ced05cb1..437be6ab9e 100644 --- a/crypto3/libs/marshalling/algebra/test/curve_element.cpp +++ b/crypto3/libs/marshalling/algebra/test/curve_element.cpp @@ -90,9 +90,6 @@ void test_group_element(T val) { using unit_type = unsigned char; - // TODO: add incorrect blobs - // TODO: add bits container checks - // static_assert(nil::marshalling::is_compatible::value); nil::marshalling::status_type status; diff --git a/crypto3/libs/marshalling/containers/include/nil/crypto3/marshalling/containers/types/merkle_proof.hpp b/crypto3/libs/marshalling/containers/include/nil/crypto3/marshalling/containers/types/merkle_proof.hpp index f58653d8d1..60f5bc2b70 100644 --- a/crypto3/libs/marshalling/containers/include/nil/crypto3/marshalling/containers/types/merkle_proof.hpp +++ b/crypto3/libs/marshalling/containers/include/nil/crypto3/marshalling/containers/types/merkle_proof.hpp @@ -67,7 +67,7 @@ namespace nil { TTypeBase, // path_element_t typename merkle_proof_path_element::type, - // TODO: use nil::marshalling::option::fixed_size_storage + // layer nil::marshalling::option::sequence_size_field_prefix< nil::marshalling::types::integral>>; }; diff --git a/crypto3/libs/marshalling/zk/CMakeLists.txt b/crypto3/libs/marshalling/zk/CMakeLists.txt index 6c8b48581e..9c183ce874 100644 --- a/crypto3/libs/marshalling/zk/CMakeLists.txt +++ b/crypto3/libs/marshalling/zk/CMakeLists.txt @@ -44,10 +44,6 @@ target_link_libraries(${CMAKE_WORKSPACE_NAME}_${CURRENT_PROJECT_NAME} INTERFACE cm_add_test_subdirectory(test) -if(BUILD_EXAMPLES) - add_subdirectory(example) -endif() - if((CMAKE_COMPILER_IS_GNUCC) OR ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "Clang")) set(extra_flags_list -Wall -Wextra -Wcast-align -Wcast-qual -Wctor-dtor-privacy -Wmissing-include-dirs -Woverloaded-virtual diff --git a/crypto3/libs/marshalling/zk/example/CMakeLists.txt b/crypto3/libs/marshalling/zk/example/CMakeLists.txt deleted file mode 100644 index 34c6f58674..0000000000 --- a/crypto3/libs/marshalling/zk/example/CMakeLists.txt +++ /dev/null @@ -1,39 +0,0 @@ -#---------------------------------------------------------------------------# -# Copyright (c) 2018-2021 Mikhail Komarov -# Copyright (c) 2020-2021 Nikita Kaskov -# -# Distributed under the Boost Software License, Version 1.0 -# See accompanying file LICENSE_1_0.txt or copy at -# http://www.boost.org/LICENSE_1_0.txt -#---------------------------------------------------------------------------# - -cm_find_package(CM) -include(CMDeploy) -include(CMSetupVersion) - -macro(define_marshalling_example name) - add_executable(marshalling_${name}_example ${name}.cpp) - - target_link_libraries(marshalling_${name}_example PRIVATE - crypto3::multiprecision - crypto3::algebra - crypto3::zk - ${CMAKE_WORKSPACE_NAME}::marshalling-multiprecision - ${CMAKE_WORKSPACE_NAME}::marshalling-algebra - Boost::container) - - target_include_directories(marshalling_${name}_example PRIVATE - "$" - "$" - - ${Boost_INCLUDE_DIRS}) - - set_target_properties(marshalling_${name}_example PROPERTIES CXX_STANDARD 17 CXX_STANDARD_REQUIRED TRUE) -endmacro() - -set(EXAMPLES_NAMES - "r1cs_gg_ppzksnark") - -foreach(EXAMPLE_NAME ${EXAMPLES_NAMES}) - define_marshalling_example(${EXAMPLE_NAME}) -endforeach() diff --git a/crypto3/libs/marshalling/zk/example/detail/r1cs_examples.hpp b/crypto3/libs/marshalling/zk/example/detail/r1cs_examples.hpp deleted file mode 100644 index 9a5be35f58..0000000000 --- a/crypto3/libs/marshalling/zk/example/detail/r1cs_examples.hpp +++ /dev/null @@ -1,216 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2018-2020 Mikhail Komarov -// Copyright (c) 2020 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// -// @file Declaration of interfaces for a R1CS example, as well as functions to sample -// R1CS examples with prescribed parameters (according to some distribution). -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_R1CS_TVM_EXAMPLES_HPP -#define CRYPTO3_R1CS_TVM_EXAMPLES_HPP - -#include - -#include - -namespace nil { - namespace crypto3 { - namespace zk { - namespace snark { - - using namespace nil::crypto3::algebra; - - /** - * A R1CS example comprises a R1CS constraint system, R1CS input, and R1CS witness. - */ - template - struct r1cs_example { - r1cs_constraint_system constraint_system; - r1cs_primary_input primary_input; - r1cs_auxiliary_input auxiliary_input; - - r1cs_example() = default; - r1cs_example(const r1cs_example &other) = default; - r1cs_example(const r1cs_constraint_system &constraint_system, - const r1cs_primary_input &primary_input, - const r1cs_auxiliary_input &auxiliary_input) : - constraint_system(constraint_system), - primary_input(primary_input), auxiliary_input(auxiliary_input) {}; - r1cs_example(r1cs_constraint_system &&constraint_system, - r1cs_primary_input &&primary_input, - r1cs_auxiliary_input &&auxiliary_input) : - constraint_system(std::move(constraint_system)), - primary_input(std::move(primary_input)), auxiliary_input(std::move(auxiliary_input)) {}; - }; - - /** - * Generate a R1CS example such that: - * - the number of constraints of the R1CS constraint system is num_constraints; - * - the number of variables of the R1CS constraint system is (approximately) num_constraints; - * - the number of inputs of the R1CS constraint system is num_inputs; - * - the R1CS input consists of ``full'' field elements (typically require the whole log|Field| bits to - * represent). - */ - template - r1cs_example generate_r1cs_example_with_field_input(std::size_t num_constraints, - std::size_t num_inputs) { - - assert(num_inputs <= num_constraints + 2); - - r1cs_constraint_system cs; - cs.primary_input_size = num_inputs; - cs.auxiliary_input_size = 2 + num_constraints - num_inputs; // TODO: explain this - - r1cs_variable_assignment full_variable_assignment; - typename FieldType::value_type a = algebra::random_element(); - typename FieldType::value_type b = algebra::random_element(); - full_variable_assignment.push_back(a); - full_variable_assignment.push_back(b); - - for (std::size_t i = 0; i < num_constraints - 1; ++i) { - linear_combination A, B, C; - - if (i % 2) { - // a * b = c - A.add_term(i + 1, 1); - B.add_term(i + 2, 1); - C.add_term(i + 3, 1); - typename FieldType::value_type tmp = a * b; - full_variable_assignment.push_back(tmp); - a = b; - b = tmp; - } else { - // a + b = c - B.add_term(0, 1); - A.add_term(i + 1, 1); - A.add_term(i + 2, 1); - C.add_term(i + 3, 1); - typename FieldType::value_type tmp = a + b; - full_variable_assignment.push_back(tmp); - a = b; - b = tmp; - } - - cs.add_constraint(r1cs_constraint(A, B, C)); - } - - linear_combination A, B, C; - typename FieldType::value_type fin = FieldType::value_type::zero(); - for (std::size_t i = 1; i < cs.num_variables(); ++i) { - A.add_term(i, 1); - B.add_term(i, 1); - fin = fin + full_variable_assignment[i - 1]; - } - C.add_term(cs.num_variables(), 1); - cs.add_constraint(r1cs_constraint(A, B, C)); - full_variable_assignment.push_back(fin.squared()); - - /* split variable assignment */ - r1cs_primary_input primary_input(full_variable_assignment.begin(), - full_variable_assignment.begin() + num_inputs); - r1cs_primary_input auxiliary_input(full_variable_assignment.begin() + num_inputs, - full_variable_assignment.end()); - - /* sanity checks */ - assert(cs.num_variables() == full_variable_assignment.size()); - assert(cs.num_variables() >= num_inputs); - assert(cs.num_inputs() == num_inputs); - assert(cs.num_constraints() == num_constraints); - assert(cs.is_satisfied(primary_input, auxiliary_input)); - - r1cs_example re(std::move(cs), std::move(primary_input), std::move(auxiliary_input)); - - return re; - } - - /** - * Generate a R1CS example such that: - * - the number of constraints of the R1CS constraint system is num_constraints; - * - the number of variables of the R1CS constraint system is (approximately) num_constraints; - * - the number of inputs of the R1CS constraint system is num_inputs; - * - the R1CS input consists of binary values (as opposed to ``full'' field elements). - */ - template - r1cs_example generate_r1cs_example_with_binary_input(std::size_t num_constraints, - std::size_t num_inputs) { - assert(num_inputs >= 1); - - r1cs_constraint_system cs; - cs.primary_input_size = num_inputs; - cs.auxiliary_input_size = num_constraints; /* we will add one auxiliary variable per constraint */ - - r1cs_variable_assignment full_variable_assignment; - for (std::size_t i = 0; i < num_inputs; ++i) { - full_variable_assignment.push_back(typename FieldType::value_type(std::rand() % 2)); - } - - std::size_t lastvar = num_inputs - 1; - for (std::size_t i = 0; i < num_constraints; ++i) { - ++lastvar; - const std::size_t u = (i == 0 ? std::rand() % num_inputs : std::rand() % i); - const std::size_t v = (i == 0 ? std::rand() % num_inputs : std::rand() % i); - - /* chose two random bits and XOR them together: - res = u + v - 2 * u * v - 2 * u * v = u + v - res - */ - linear_combination A, B, C; - A.add_term(u + 1, 2); - B.add_term(v + 1, 1); - if (u == v) { - C.add_term(u + 1, 2); - } else { - C.add_term(u + 1, 1); - C.add_term(v + 1, 1); - } - C.add_term(lastvar + 1, -FieldType::value_type::one()); - - cs.add_constraint(r1cs_constraint(A, B, C)); - full_variable_assignment.push_back(full_variable_assignment[u] + full_variable_assignment[v] - - full_variable_assignment[u] * full_variable_assignment[v] - - full_variable_assignment[u] * full_variable_assignment[v]); - } - - /* split variable assignment */ - r1cs_primary_input primary_input(full_variable_assignment.begin(), - full_variable_assignment.begin() + num_inputs); - r1cs_primary_input auxiliary_input(full_variable_assignment.begin() + num_inputs, - full_variable_assignment.end()); - - /* sanity checks */ - assert(cs.num_variables() == full_variable_assignment.size()); - assert(cs.num_variables() >= num_inputs); - assert(cs.num_inputs() == num_inputs); - assert(cs.num_constraints() == num_constraints); - assert(cs.is_satisfied(primary_input, auxiliary_input)); - - r1cs_example re = - r1cs_example(std::move(cs), std::move(primary_input), std::move(auxiliary_input)); - return re; - } - } // namespace snark - } // namespace zk - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_R1CS_TVM_EXAMPLES_HPP diff --git a/crypto3/libs/marshalling/zk/example/r1cs_gg_ppzksnark.cpp b/crypto3/libs/marshalling/zk/example/r1cs_gg_ppzksnark.cpp deleted file mode 100644 index 9bfd1fdfe3..0000000000 --- a/crypto3/libs/marshalling/zk/example/r1cs_gg_ppzksnark.cpp +++ /dev/null @@ -1,248 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2018-2021 Mikhail Komarov -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -//---------------------------------------------------------------------------// - -#include - -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include -#include - -#include -#include -#include - -#include -#include -#include - -using namespace nil::crypto3; -using namespace nil::crypto3::marshalling; -using namespace nil::crypto3::zk; - -template -components::blueprint test_disjunction_component(size_t w) { - - using field_type = FieldType; - - std::size_t n = std::log2(w) + - ((w > (1ul << std::size_t(std::log2(w))))? 1 : 0); - - components::blueprint bp; - components::blueprint_variable output; - output.allocate(bp); - - bp.set_input_sizes(1); - - components::blueprint_variable_vector inputs; - inputs.allocate(bp, n); - - components::disjunction d(bp, inputs, output); - d.generate_r1cs_constraints(); - - for (std::size_t j = 0; j < n; ++j) { - bp.val(inputs[j]) = typename field_type::value_type((w & (1ul << j)) ? 1 : 0); - } - - d.generate_r1cs_witness(); - - assert(bp.val(output) == (w ? field_type::value_type::one() : field_type::value_type::zero())); - assert(bp.is_satisfied()); - - return bp; -} - -int main(int argc, char *argv[]) { - - typedef algebra::curves::bls12<381> curve_type; - typedef typename curve_type::scalar_field_type scalar_field_type; - using Endianness = nil::marshalling::option::big_endian; - - typedef zk::snark::r1cs_gg_ppzksnark scheme_type; - - std::size_t num_constraints = 1000, input_size = 100; - - boost::filesystem::path pout, pkout, vkout, piout, viout; - boost::program_options::options_description options( - "R1CS Generic Group PreProcessing Zero-Knowledge Succinct Non-interactive ARgument of Knowledge " - "(https://eprint.iacr.org/2016/260.pdf) CLI Proof Generator"); - // clang-format off - options.add_options()("help,h", "Display help message") - ("version,v", "Display version") - ("generate", "Generate proofs and/or keys") - ("verify", "verify proofs and/or keys") - ("proof-output,po", boost::program_options::value(&pout)->default_value("proof")) - ("primary-input-output,pio", boost::program_options::value(&piout)->default_value -("pinput")) - ("proving-key-output,pko", boost::program_options::value(&pkout)->default_value("pkey")) - ("verifying-key-output,vko", boost::program_options::value(&vkout)->default_value("vkey")) - ("verifier-input-output,vio", boost::program_options::value(&viout)->default_value("vio")); - // clang-format on - - boost::program_options::variables_map vm; - boost::program_options::store(boost::program_options::command_line_parser(argc, argv).options(options).run(), vm); - boost::program_options::notify(vm); - - if (vm.count("help") || argc < 2) { - std::cout << options << std::endl; - return 0; - } - - std::cout << "Blueprint generation started." << std::endl; - - components::blueprint bp = test_disjunction_component(10); - - std::cout << "Blueprint generation finished." << std::endl; - - std::cout << "R1CS generation started." << std::endl; - - std::cout << "R1CS generation finished." << std::endl; - - std::cout << "Starting generator" << std::endl; - - typename scheme_type::keypair_type keypair = zk::snark::generate(bp.get_constraint_system()); - - std::cout << "Starting prover" << std::endl; - - const typename scheme_type::proof_type proof = - zk::snark::prove(keypair.first, bp.primary_input(), bp.auxiliary_input()); - - using verification_key_marshalling_type = types::r1cs_gg_ppzksnark_verification_key< - nil::marshalling::field_type< - Endianness>, - typename scheme_type::verification_key_type>; - - verification_key_marshalling_type filled_verification_key_val = - types::fill_r1cs_gg_ppzksnark_verification_key< - typename scheme_type::verification_key_type, - Endianness>(keypair.second); - - using proof_marshalling_type = types::r1cs_gg_ppzksnark_proof< - nil::marshalling::field_type< - Endianness>, - typename scheme_type::proof_type>; - - proof_marshalling_type filled_proof_val = - types::fill_r1cs_gg_ppzksnark_proof< - typename scheme_type::proof_type, - Endianness>(proof); - - using primary_input_marshalling_type = types::r1cs_gg_ppzksnark_primary_input< - nil::marshalling::field_type< - Endianness>, - typename scheme_type::primary_input_type>; - - primary_input_marshalling_type filled_primary_input_val = - types::fill_r1cs_gg_ppzksnark_primary_input< - typename scheme_type::primary_input_type, - Endianness>(bp.primary_input()); - - std::cout << "Marshalling types filled." << std::endl; - - using unit_type = unsigned char; - - std::vector verification_key_byteblob; - verification_key_byteblob.resize(filled_verification_key_val.length(), 0x00); - auto write_iter = verification_key_byteblob.begin(); - - typename nil::marshalling::status_type status = - filled_verification_key_val.write(write_iter, - verification_key_byteblob.size()); - - std::vector proof_byteblob; - proof_byteblob.resize(filled_proof_val.length(), 0x00); - write_iter = proof_byteblob.begin(); - - status = filled_proof_val.write(write_iter, - proof_byteblob.size()); - - std::vector primary_input_byteblob; - - primary_input_byteblob.resize(filled_primary_input_val.length(), 0x00); - auto primary_input_write_iter = primary_input_byteblob.begin(); - - status = filled_primary_input_val.write(primary_input_write_iter, - primary_input_byteblob.size()); - - std::cout << "Byteblobs filled." << std::endl; - - if (vm.count("verifying-key-output")) { - boost::filesystem::ofstream out(vkout); - for (const auto &v : verification_key_byteblob) { - out << v; - } - out.close(); - } - - if (vm.count("proof-output")) { - boost::filesystem::ofstream out(pout); - for (const auto &v : proof_byteblob) { - out << v; - } - out.close(); - } - - if (vm.count("primary-input-output")) { - boost::filesystem::ofstream out(piout); - for (const auto &v : primary_input_byteblob) { - out << v; - } - out.close(); - } - - // nil::marshalling::status_type provingProcessingStatus = nil::marshalling::status_type::success; - // typename scheme_type::proving_key_type other = - // nil::marshalling::verifier_input_deserializer_tvm::proving_key_process( - // proving_key_byteblob.cbegin(), - // proving_key_byteblob.cend(), - // provingProcessingStatus); - - // assert(keypair.first == other); - - if (vm.count("verifier-input-output")) { - std::vector verifier_input_output_byteblob(proof_byteblob.begin(), proof_byteblob.end()); - - verifier_input_output_byteblob.insert(verifier_input_output_byteblob.end(), primary_input_byteblob.begin(), - primary_input_byteblob.end()); - verifier_input_output_byteblob.insert(verifier_input_output_byteblob.end(), verification_key_byteblob.begin(), - verification_key_byteblob.end()); - - boost::filesystem::ofstream poutf(viout); - for (const auto &v : verifier_input_output_byteblob) { - poutf << v; - } - poutf.close(); - } - - return 0; -} \ No newline at end of file diff --git a/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/commitments/fri.hpp b/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/commitments/fri.hpp index 43af54811c..9cfd452e5a 100644 --- a/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/commitments/fri.hpp +++ b/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/commitments/fri.hpp @@ -387,8 +387,8 @@ namespace nil { // May be different size, because real degree may be less than before. So put int in the end typename polynomial::type, - // proof of work. TODO: how to do it optional? - nil::marshalling::types::integral //proof of work*/ + // proof of work. + nil::marshalling::types::integral > >; }; diff --git a/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/commitments/lpc.hpp b/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/commitments/lpc.hpp index d408da5c17..74c4574242 100644 --- a/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/commitments/lpc.hpp +++ b/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/commitments/lpc.hpp @@ -51,8 +51,11 @@ #include #include +#include #include +namespace outcome = BOOST_OUTCOME_V2_NAMESPACE; + namespace nil { namespace crypto3 { namespace marshalling { @@ -368,7 +371,8 @@ namespace nil { } template - LPCScheme make_commitment_scheme( + outcome::result + make_commitment_scheme( typename commitment_scheme_state< nil::marshalling::field_type, LPCScheme, std::enable_if_t>>::type& filled_commitment_scheme @@ -376,11 +380,12 @@ namespace nil { using TTypeBase = typename nil::marshalling::field_type; std::map trees; - // TODO(martun): this check must be made in release mode as well, maybe we need to start returning statuses - // from make_ functions. const auto& filled_tree_keys = std::get<0>(filled_commitment_scheme.value()).value(); const auto& filled_tree_values = std::get<1>(filled_commitment_scheme.value()).value(); - BOOST_ASSERT(filled_tree_keys.size() == filled_tree_values.size()); + + if (filled_tree_keys.size() != filled_tree_values.size()) { + return nil::marshalling::status_type::invalid_msg_data; + } for (std::size_t i = 0; i < filled_tree_keys.size(); i++) { trees[std::size_t(filled_tree_keys[i].value())] = @@ -395,7 +400,10 @@ namespace nil { std::map batch_fixed; const auto& batch_fixed_keys = std::get<4>(filled_commitment_scheme.value()).value(); const auto& batch_fixed_values = std::get<5>(filled_commitment_scheme.value()).value(); - BOOST_ASSERT(batch_fixed_keys.size() == batch_fixed_values.size()); + if (batch_fixed_keys.size() != batch_fixed_values.size()) { + return nil::marshalling::status_type::invalid_msg_data; + } + for (std::size_t i = 0; i < batch_fixed_keys.size(); i++) { // Here we convert the value from type size_t back into a 'bool', which is not good. diff --git a/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/placeholder/transcript_initialization_context.hpp b/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/placeholder/transcript_initialization_context.hpp index 917508f219..6fdc85c67d 100644 --- a/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/placeholder/transcript_initialization_context.hpp +++ b/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/placeholder/transcript_initialization_context.hpp @@ -103,14 +103,6 @@ namespace nil { )); } - // TODO(martun): We don't need the opposite conversion for now, only for testing purposes. - // template - // TranscriptInitializationContextType - // make_transcript_initialization_context( - // const transcript_initialization_context, TranscriptInitializationContextType> &filled_init_context - // ) { - // } - } // namespace types } // namespace marshalling } // namespace crypto3 diff --git a/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/plonk/assignment_table.hpp b/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/plonk/assignment_table.hpp index d963248321..1e7d923ca9 100644 --- a/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/plonk/assignment_table.hpp +++ b/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/plonk/assignment_table.hpp @@ -47,7 +47,8 @@ namespace nil { ///////// Marshalling the assignment table description. ///////////////////////////////////////////////////////////////////////////////////////////////////////////// - // TODO(we may consider to use this construct when marshalling the assignment table.) + // Table description is marshalled separately, so it can be used in + // other parts of system (e.g. DFRI). template using plonk_assignment_table_description = nil::marshalling::types::bundle< TTypeBase, std::tuple< diff --git a/crypto3/libs/marshalling/zk/test/CMakeLists.txt b/crypto3/libs/marshalling/zk/test/CMakeLists.txt index f5fa15e7b2..40785a9bca 100644 --- a/crypto3/libs/marshalling/zk/test/CMakeLists.txt +++ b/crypto3/libs/marshalling/zk/test/CMakeLists.txt @@ -50,16 +50,11 @@ macro(define_marshalling_test test) endmacro() -# r1cs tests are failing compilation, turning them off for now. set(TESTS_NAMES "merkle_proof" "merkle_tree" "accumulation_vector" "sparse_vector" -# "r1cs_gg_ppzksnark_primary_input" -# "r1cs_gg_ppzksnark_proof" -# "r1cs_gg_ppzksnark_verification_key" -# "r1cs_gg_ppzksnark" "kzg_commitment" "fri_commitment" "lpc_commitment" diff --git a/crypto3/libs/marshalling/zk/test/detail/r1cs_examples.hpp b/crypto3/libs/marshalling/zk/test/detail/r1cs_examples.hpp deleted file mode 100644 index 0278d73e97..0000000000 --- a/crypto3/libs/marshalling/zk/test/detail/r1cs_examples.hpp +++ /dev/null @@ -1,216 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2018-2020 Mikhail Komarov -// Copyright (c) 2020 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// -// @file Declaration of interfaces for a R1CS example, as well as functions to sample -// R1CS examples with prescribed parameters (according to some distribution). -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_MARSHALLING_R1CS_GG_PPZKSNARK_EXAMPLES_HPP -#define CRYPTO3_MARSHALLING_R1CS_GG_PPZKSNARK_EXAMPLES_HPP - -#include - -#include - -namespace nil { - namespace crypto3 { - namespace zk { - namespace snark { - - using namespace nil::crypto3::algebra; - - /** - * A R1CS example comprises a R1CS constraint system, R1CS input, and R1CS witness. - */ - template - struct r1cs_example { - r1cs_constraint_system constraint_system; - r1cs_primary_input primary_input; - r1cs_auxiliary_input auxiliary_input; - - r1cs_example() = default; - r1cs_example(const r1cs_example &other) = default; - r1cs_example(const r1cs_constraint_system &constraint_system, - const r1cs_primary_input &primary_input, - const r1cs_auxiliary_input &auxiliary_input) : - constraint_system(constraint_system), - primary_input(primary_input), auxiliary_input(auxiliary_input) {}; - r1cs_example(r1cs_constraint_system &&constraint_system, - r1cs_primary_input &&primary_input, - r1cs_auxiliary_input &&auxiliary_input) : - constraint_system(std::move(constraint_system)), - primary_input(std::move(primary_input)), auxiliary_input(std::move(auxiliary_input)) {}; - }; - - /** - * Generate a R1CS example such that: - * - the number of constraints of the R1CS constraint system is num_constraints; - * - the number of variables of the R1CS constraint system is (approximately) num_constraints; - * - the number of inputs of the R1CS constraint system is num_inputs; - * - the R1CS input consists of ``full'' field elements (typically require the whole log|Field| bits to - * represent). - */ - template - r1cs_example generate_r1cs_example_with_field_input(std::size_t num_constraints, - std::size_t num_inputs) { - - assert(num_inputs <= num_constraints + 2); - - r1cs_constraint_system cs; - cs.primary_input_size = num_inputs; - cs.auxiliary_input_size = 2 + num_constraints - num_inputs; // TODO: explain this - - r1cs_variable_assignment full_variable_assignment; - typename FieldType::value_type a = algebra::random_element(); - typename FieldType::value_type b = algebra::random_element(); - full_variable_assignment.push_back(a); - full_variable_assignment.push_back(b); - - for (std::size_t i = 0; i < num_constraints - 1; ++i) { - linear_combination A, B, C; - - if (i % 2) { - // a * b = c - A.add_term(i + 1, 1); - B.add_term(i + 2, 1); - C.add_term(i + 3, 1); - typename FieldType::value_type tmp = a * b; - full_variable_assignment.push_back(tmp); - a = b; - b = tmp; - } else { - // a + b = c - B.add_term(0, 1); - A.add_term(i + 1, 1); - A.add_term(i + 2, 1); - C.add_term(i + 3, 1); - typename FieldType::value_type tmp = a + b; - full_variable_assignment.push_back(tmp); - a = b; - b = tmp; - } - - cs.add_constraint(r1cs_constraint(A, B, C)); - } - - linear_combination A, B, C; - typename FieldType::value_type fin = FieldType::value_type::zero(); - for (std::size_t i = 1; i < cs.num_variables(); ++i) { - A.add_term(i, 1); - B.add_term(i, 1); - fin = fin + full_variable_assignment[i - 1]; - } - C.add_term(cs.num_variables(), 1); - cs.add_constraint(r1cs_constraint(A, B, C)); - full_variable_assignment.push_back(fin.squared()); - - /* split variable assignment */ - r1cs_primary_input primary_input(full_variable_assignment.begin(), - full_variable_assignment.begin() + num_inputs); - r1cs_primary_input auxiliary_input(full_variable_assignment.begin() + num_inputs, - full_variable_assignment.end()); - - /* sanity checks */ - assert(cs.num_variables() == full_variable_assignment.size()); - assert(cs.num_variables() >= num_inputs); - assert(cs.num_inputs() == num_inputs); - assert(cs.num_constraints() == num_constraints); - assert(cs.is_satisfied(primary_input, auxiliary_input)); - - r1cs_example re(std::move(cs), std::move(primary_input), std::move(auxiliary_input)); - - return re; - } - - /** - * Generate a R1CS example such that: - * - the number of constraints of the R1CS constraint system is num_constraints; - * - the number of variables of the R1CS constraint system is (approximately) num_constraints; - * - the number of inputs of the R1CS constraint system is num_inputs; - * - the R1CS input consists of binary values (as opposed to ``full'' field elements). - */ - template - r1cs_example generate_r1cs_example_with_binary_input(std::size_t num_constraints, - std::size_t num_inputs) { - assert(num_inputs >= 1); - - r1cs_constraint_system cs; - cs.primary_input_size = num_inputs; - cs.auxiliary_input_size = num_constraints; /* we will add one auxiliary variable per constraint */ - - r1cs_variable_assignment full_variable_assignment; - for (std::size_t i = 0; i < num_inputs; ++i) { - full_variable_assignment.push_back(typename FieldType::value_type(std::rand() % 2)); - } - - std::size_t lastvar = num_inputs - 1; - for (std::size_t i = 0; i < num_constraints; ++i) { - ++lastvar; - const std::size_t u = (i == 0 ? std::rand() % num_inputs : std::rand() % i); - const std::size_t v = (i == 0 ? std::rand() % num_inputs : std::rand() % i); - - /* chose two random bits and XOR them together: - res = u + v - 2 * u * v - 2 * u * v = u + v - res - */ - linear_combination A, B, C; - A.add_term(u + 1, 2); - B.add_term(v + 1, 1); - if (u == v) { - C.add_term(u + 1, 2); - } else { - C.add_term(u + 1, 1); - C.add_term(v + 1, 1); - } - C.add_term(lastvar + 1, -FieldType::value_type::one()); - - cs.add_constraint(r1cs_constraint(A, B, C)); - full_variable_assignment.push_back(full_variable_assignment[u] + full_variable_assignment[v] - - full_variable_assignment[u] * full_variable_assignment[v] - - full_variable_assignment[u] * full_variable_assignment[v]); - } - - /* split variable assignment */ - r1cs_primary_input primary_input(full_variable_assignment.begin(), - full_variable_assignment.begin() + num_inputs); - r1cs_primary_input auxiliary_input(full_variable_assignment.begin() + num_inputs, - full_variable_assignment.end()); - - /* sanity checks */ - assert(cs.num_variables() == full_variable_assignment.size()); - assert(cs.num_variables() >= num_inputs); - assert(cs.num_inputs() == num_inputs); - assert(cs.num_constraints() == num_constraints); - assert(cs.is_satisfied(primary_input, auxiliary_input)); - - r1cs_example re = - r1cs_example(std::move(cs), std::move(primary_input), std::move(auxiliary_input)); - return re; - } - } // namespace snark - } // namespace zk - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_MARSHALLING_R1CS_GG_PPZKSNARK_EXAMPLES_HPP diff --git a/crypto3/libs/marshalling/zk/test/lpc_commitment.cpp b/crypto3/libs/marshalling/zk/test/lpc_commitment.cpp index 94d75ae836..3236b657cc 100644 --- a/crypto3/libs/marshalling/zk/test/lpc_commitment.cpp +++ b/crypto3/libs/marshalling/zk/test/lpc_commitment.cpp @@ -132,7 +132,8 @@ void test_lpc_state_recovery(const LPC& lpc_commitment_scheme) { auto filled_lpc_scheme = nil::crypto3::marshalling::types::fill_commitment_scheme(lpc_commitment_scheme); auto _lpc_commitment_scheme = nil::crypto3::marshalling::types::make_commitment_scheme(filled_lpc_scheme); - BOOST_CHECK(lpc_commitment_scheme == _lpc_commitment_scheme); + BOOST_CHECK(_lpc_commitment_scheme.has_value()); + BOOST_CHECK(lpc_commitment_scheme == _lpc_commitment_scheme.value()); std::vector cv; cv.resize(filled_lpc_scheme.length(), 0x00); @@ -144,9 +145,10 @@ void test_lpc_state_recovery(const LPC& lpc_commitment_scheme) { auto read_iter = cv.begin(); test_val_read.read(read_iter, cv.size()); BOOST_CHECK(status == nil::marshalling::status_type::success); - LPC constructed_val_read = + auto constructed_val_read = nil::crypto3::marshalling::types::make_commitment_scheme(test_val_read); - BOOST_CHECK(lpc_commitment_scheme == constructed_val_read); + BOOST_CHECK(constructed_val_read.has_value()); + BOOST_CHECK(lpc_commitment_scheme == constructed_val_read.value()); } BOOST_AUTO_TEST_SUITE(marshalling_random) diff --git a/crypto3/libs/marshalling/zk/test/placeholder_common_data.cpp b/crypto3/libs/marshalling/zk/test/placeholder_common_data.cpp index f972641a5a..a3f623b21e 100644 --- a/crypto3/libs/marshalling/zk/test/placeholder_common_data.cpp +++ b/crypto3/libs/marshalling/zk/test/placeholder_common_data.cpp @@ -837,69 +837,3 @@ struct placeholder_kzg_test_fixture_v2 : public test_tools::random_test_initiali plonk_table_description desc; }; -/* -BOOST_AUTO_TEST_SUITE(placeholder_circuit2_kzg_v2) - - using TestFixtures = boost::mpl::list< - // placeholder_kzg_test_fixture_v2< - // algebra::curves::bls12_381, - // hashes::keccak_1600<256>, - // hashes::keccak_1600<256>, - // witness_columns_t, - // public_columns_t, - // constant_columns_t, - // selector_columns_t, - // usable_rows_t, - // permutation_t, true>, - placeholder_kzg_test_fixture_v2< - algebra::curves::alt_bn128_254, - hashes::keccak_1600<256>, - hashes::keccak_1600<256>, - witness_columns_t, - public_columns_t, - constant_columns_t, - selector_columns_t, - usable_rows_t, - 4, true> -// , placeholder_kzg_test_fixture_v2< -// algebra::curves::mnt4_298, -// hashes::keccak_1600<256>, -// hashes::keccak_1600<256>, -// witness_columns_t, -// public_columns_t, -// constant_columns_t, -// selector_columns_t, -// usable_rows_t, -// permutation_t, true> -// , placeholder_kzg_test_fixture_v2< -// algebra::curves::mnt6_298, -// hashes::keccak_1600<256>, -// hashes::keccak_1600<256>, -// witness_columns_t, -// public_columns_t, -// constant_columns_t, -// selector_columns_t, -// usable_rows_t, -// permutation_t, true> - // *, -- Not yet implemented - // placeholder_kzg_test_fixture< - // algebra::curves::mnt6_298, - // hashes::poseidon>, - // hashes::poseidon>, - // witness_columns_t, - // public_columns_t, - // constant_columns_t, - // selector_columns_t, - //usable_rows_t, - // 4, - // true> - // - >; - -BOOST_AUTO_TEST_CASE_TEMPLATE(prover_test, F, TestFixtures) { - F fixture; - BOOST_CHECK(fixture.run_test()); -} - -BOOST_AUTO_TEST_SUITE_END() -*/ diff --git a/crypto3/libs/marshalling/zk/test/placeholder_proof.cpp b/crypto3/libs/marshalling/zk/test/placeholder_proof.cpp index f051c8a0ff..26577de3b4 100644 --- a/crypto3/libs/marshalling/zk/test/placeholder_proof.cpp +++ b/crypto3/libs/marshalling/zk/test/placeholder_proof.cpp @@ -1269,7 +1269,6 @@ template< std::size_t usable_rows_amount, bool UseGrinding = false> struct placeholder_kzg_test_fixture_v2 : public test_tools::random_test_initializer { - // TODO: move to common file using field_type = typename curve_type::scalar_field_type; struct placeholder_test_params { diff --git a/crypto3/libs/marshalling/zk/test/r1cs_gg_ppzksnark.cpp b/crypto3/libs/marshalling/zk/test/r1cs_gg_ppzksnark.cpp deleted file mode 100644 index b9b082ee96..0000000000 --- a/crypto3/libs/marshalling/zk/test/r1cs_gg_ppzksnark.cpp +++ /dev/null @@ -1,183 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2018-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// Copyright (c) 2021 Ilias Khairullin -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#define BOOST_TEST_MODULE crypto3_marshalling_r1cs_gg_ppzksnark_test - -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -//#include -//#include -#include -#include -#include -#include - -#include -#include -#include -#include - -#include "detail/r1cs_examples.hpp" - -using namespace nil::crypto3; -using namespace nil::crypto3::marshalling; -using namespace nil::crypto3::zk; - -template -bool test_r1cs_gg_ppzksnark() { - - std::size_t num_constraints = 1000, input_size = 100; - - typedef CurveType curve_type; - typedef typename curve_type::scalar_field_type scalar_field_type; - typedef zk::snark::r1cs_gg_ppzksnark scheme_type; - - std::cout << "R1CS generation started." << std::endl; - - zk::snark::r1cs_example example = - zk::snark::generate_r1cs_example_with_binary_input(num_constraints, input_size); - - std::cout << "R1CS generation finished." << std::endl; - - std::cout << "Starting generator" << std::endl; - - typename scheme_type::keypair_type keypair = zk::generate(example.constraint_system); - - std::cout << "Starting prover" << std::endl; - - const typename scheme_type::proof_type proof = - zk::prove(keypair.first, example.primary_input, example.auxiliary_input); - - using verification_key_marshalling_type = - types::r1cs_gg_ppzksnark_verification_key, - typename scheme_type::verification_key_type>; - - verification_key_marshalling_type filled_verification_key_val = - types::fill_r1cs_gg_ppzksnark_verification_key( - keypair.second); - - using proof_marshalling_type = - types::r1cs_gg_ppzksnark_proof, typename scheme_type::proof_type>; - - proof_marshalling_type filled_proof_val = - types::fill_r1cs_gg_ppzksnark_proof(proof); - - using primary_input_marshalling_type = - types::r1cs_gg_ppzksnark_primary_input, - typename scheme_type::primary_input_type>; - - primary_input_marshalling_type filled_primary_input_val = - types::fill_r1cs_gg_ppzksnark_primary_input( - example.primary_input); - - std::cout << "Marshalling types filled." << std::endl; - - using unit_type = unsigned char; - - std::vector verification_key_byteblob; - verification_key_byteblob.resize(filled_verification_key_val.length(), 0x00); - auto write_iter = verification_key_byteblob.begin(); - - typename nil::marshalling::status_type status = - filled_verification_key_val.write(write_iter, verification_key_byteblob.size()); - - std::vector proof_byteblob; - proof_byteblob.resize(filled_proof_val.length(), 0x00); - write_iter = proof_byteblob.begin(); - - status = filled_proof_val.write(write_iter, proof_byteblob.size()); - - std::vector primary_input_byteblob; - - primary_input_byteblob.resize(filled_primary_input_val.length(), 0x00); - auto primary_input_write_iter = primary_input_byteblob.begin(); - - status = filled_primary_input_val.write(primary_input_write_iter, primary_input_byteblob.size()); - - std::cout << "Byteblobs filled." << std::endl; - - verification_key_marshalling_type val_verification_key_read; - - auto read_iter = verification_key_byteblob.begin(); - status = val_verification_key_read.read(read_iter, verification_key_byteblob.size()); - - typename scheme_type::verification_key_type constructed_val_verification_key_read = - types::make_r1cs_gg_ppzksnark_verification_key( - val_verification_key_read); - - proof_marshalling_type val_proof_read; - - read_iter = proof_byteblob.begin(); - status = val_proof_read.read(read_iter, proof_byteblob.size()); - - typename scheme_type::proof_type constructed_val_proof_read = - types::make_r1cs_gg_ppzksnark_proof(val_proof_read); - - primary_input_marshalling_type val_primary_input_read; - - read_iter = primary_input_byteblob.begin(); - status = val_primary_input_read.read(read_iter, primary_input_byteblob.size()); - - typename scheme_type::primary_input_type constructed_val_primary_input_read = - types::make_r1cs_gg_ppzksnark_primary_input( - val_primary_input_read); - - bool ans = zk::verify(constructed_val_verification_key_read, constructed_val_primary_input_read, - constructed_val_proof_read); - - return ans; -} - -BOOST_AUTO_TEST_SUITE(r1cs_gg_ppzksnark_test_suite) - - BOOST_AUTO_TEST_CASE(r1cs_gg_ppzksnark_bls12_381_be) { - std::cout << "BLS12-381 r1cs_gg_ppzksnark big-endian test started" << std::endl; - bool res = - test_r1cs_gg_ppzksnark, nil::marshalling::option::big_endian>(); - BOOST_CHECK(res); - std::cout << "BLS12-381 r1cs_gg_ppzksnark big-endian test finished" << std::endl; - } - -// BOOST_AUTO_TEST_CASE(proof_bls12_381_le) { -// std::cout << "BLS12-381 r1cs_gg_ppzksnark proof little-endian test started" << std::endl; -// test_proof>, -// nil::marshalling::option::little_endian>(); -// std::cout << "BLS12-381 r1cs_gg_ppzksnark proof little-endian test finished" << std::endl; -// } - -BOOST_AUTO_TEST_SUITE_END() \ No newline at end of file diff --git a/crypto3/libs/marshalling/zk/test/r1cs_gg_ppzksnark_primary_input.cpp b/crypto3/libs/marshalling/zk/test/r1cs_gg_ppzksnark_primary_input.cpp deleted file mode 100644 index 349af1b9c2..0000000000 --- a/crypto3/libs/marshalling/zk/test/r1cs_gg_ppzksnark_primary_input.cpp +++ /dev/null @@ -1,147 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2018-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// Copyright (c) 2021 Ilias Khairullin -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#define BOOST_TEST_MODULE crypto3_marshalling_r1cs_gg_ppzksnark_primary_input_test - -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include - -#include - -template -void print_byteblob(TIter iter_begin, TIter iter_end) { - for (TIter it = iter_begin; it != iter_end; it++) { - std::cout << std::hex << int(*it) << std::endl; - } -} - -template -void print_fp_curve_group_element(FpCurveGroupElement e) { - std::cout << e.X.data << " " << e.Y.data << " " << e.Z.data << std::endl; -} - -template -void print_fp2_curve_group_element(Fp2CurveGroupElement e) { - std::cout << "(" << e.X.data[0].data << " " << e.X.data[1].data << ") (" << e.Y.data[0].data << " " - << e.Y.data[1].data << ") (" << e.Z.data[0].data << " " << e.Z.data[1].data << ")" << std::endl; -} - -template -void test_primary_input(typename SchemeType::primary_input_type val) { - - using namespace nil::crypto3::marshalling; - - using unit_type = unsigned char; - using primary_input_type = types::r1cs_gg_ppzksnark_primary_input, - typename SchemeType::primary_input_type>; - - primary_input_type filled_val = - types::fill_r1cs_gg_ppzksnark_primary_input(val); - - typename SchemeType::primary_input_type constructed_val = - types::make_r1cs_gg_ppzksnark_primary_input( - filled_val); - BOOST_CHECK(val == constructed_val); - - std::size_t unitblob_size = filled_val.length(); - - std::vector cv; - cv.resize(unitblob_size, 0x00); - - auto write_iter = cv.begin(); - - nil::marshalling::status_type status = filled_val.write(write_iter, cv.size()); - BOOST_CHECK(status == nil::marshalling::status_type::success); - - primary_input_type test_val_read; - - auto read_iter = cv.begin(); - status = test_val_read.read(read_iter, cv.size()); - BOOST_CHECK(status == nil::marshalling::status_type::success); - - typename SchemeType::primary_input_type constructed_val_read = - types::make_r1cs_gg_ppzksnark_primary_input( - test_val_read); - - BOOST_CHECK(val == constructed_val_read); -} - -template -void test_primary_input() { - std::cout << std::hex; - std::cerr << std::hex; - for (unsigned i = 0; i < 128 * 16; ++i) { - std::vector val_container; - if (!(i % (16 * 16)) && i) { - std::cout << std::dec << i << " tested" << std::endl; - } - for (std::size_t i = 0; i < TSize; i++) { - val_container.push_back(nil::crypto3::algebra::random_element< - typename SchemeType::primary_input_type::value_type::field_type>()); - } - test_primary_input(val_container); - } -} - -BOOST_AUTO_TEST_SUITE(r1cs_gg_ppzksnark_primary_input_test_suite) - - BOOST_AUTO_TEST_CASE(r1cs_gg_ppzksnark_primary_input_bls12_381_be) { - std::cout << "BLS12-381 r1cs_gg_ppzksnark primary input big-endian test started" << std::endl; - test_primary_input>, - nil::marshalling::option::big_endian, - 100>(); - std::cout << "BLS12-381 r1cs_gg_ppzksnark primary input big-endian test finished" << std::endl; - } - - BOOST_AUTO_TEST_CASE(r1cs_gg_ppzksnark_primary_input_bls12_381_le) { - std::cout << "BLS12-381 r1cs_gg_ppzksnark primary input little-endian test started" << std::endl; - test_primary_input>, - nil::marshalling::option::little_endian, - 100>(); - std::cout << "BLS12-381 r1cs_gg_ppzksnark primary input little-endian test finished" << std::endl; - } - -BOOST_AUTO_TEST_SUITE_END() diff --git a/crypto3/libs/marshalling/zk/test/r1cs_gg_ppzksnark_proof.cpp b/crypto3/libs/marshalling/zk/test/r1cs_gg_ppzksnark_proof.cpp deleted file mode 100644 index a0a046cae0..0000000000 --- a/crypto3/libs/marshalling/zk/test/r1cs_gg_ppzksnark_proof.cpp +++ /dev/null @@ -1,143 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2018-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// Copyright (c) 2021 Ilias Khairullin -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#define BOOST_TEST_MODULE crypto3_marshalling_r1cs_gg_ppzksnark_proof_test - -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include - -#include - -template -void print_byteblob(TIter iter_begin, TIter iter_end) { - for (TIter it = iter_begin; it != iter_end; it++) { - std::cout << std::hex << int(*it) << std::endl; - } -} - -template -void print_fp_curve_group_element(FpCurveGroupElement e) { - std::cout << e.X.data << " " << e.Y.data << " " << e.Z.data << std::endl; -} - -template -void print_fp2_curve_group_element(Fp2CurveGroupElement e) { - std::cout << "(" << e.X.data[0].data << " " << e.X.data[1].data << ") (" << e.Y.data[0].data << " " - << e.Y.data[1].data << ") (" << e.Z.data[0].data << " " << e.Z.data[1].data << ")" << std::endl; -} - -template -void test_proof(typename SchemeType::proof_type val) { - - using namespace nil::crypto3::marshalling; - - using unit_type = unsigned char; - using proof_type = - types::r1cs_gg_ppzksnark_proof, typename SchemeType::proof_type>; - - proof_type filled_val = types::fill_r1cs_gg_ppzksnark_proof(val); - - typename SchemeType::proof_type constructed_val = - types::make_r1cs_gg_ppzksnark_proof(filled_val); - BOOST_CHECK(val == constructed_val); - - std::size_t unitblob_size = filled_val.length(); - - std::vector cv; - cv.resize(unitblob_size, 0x00); - - auto write_iter = cv.begin(); - - nil::marshalling::status_type status = filled_val.write(write_iter, cv.size()); - BOOST_CHECK(status == nil::marshalling::status_type::success); - proof_type test_val_read; - - auto read_iter = cv.begin(); - status = test_val_read.read(read_iter, cv.size()); - BOOST_CHECK(status == nil::marshalling::status_type::success); - - typename SchemeType::proof_type constructed_val_read = - types::make_r1cs_gg_ppzksnark_proof(test_val_read); - - BOOST_CHECK(val == constructed_val_read); -} - -template -void test_proof() { - std::cout << std::hex; - std::cerr << std::hex; - for (unsigned i = 0; i < 128; ++i) { - if (!(i % (16)) && i) { - std::cout << std::dec << i << " tested" << std::endl; - } - - test_proof(typename SchemeType::proof_type( - std::move(nil::crypto3::algebra::random_element< - typename SchemeType::proof_type::curve_type::template g1_type<>>()), - std::move(nil::crypto3::algebra::random_element< - typename SchemeType::proof_type::curve_type::template g2_type<>>()), - std::move(nil::crypto3::algebra::random_element< - typename SchemeType::proof_type::curve_type::template g1_type<>>()))); - } -} - -BOOST_AUTO_TEST_SUITE(proof_test_suite) - - BOOST_AUTO_TEST_CASE(proof_bls12_381_be) { - std::cout << "BLS12-381 r1cs_gg_ppzksnark proof big-endian test started" << std::endl; - test_proof>, - nil::marshalling::option::big_endian>(); - std::cout << "BLS12-381 r1cs_gg_ppzksnark proof big-endian test finished" << std::endl; - } - -// BOOST_AUTO_TEST_CASE(proof_bls12_381_le) { -// std::cout << "BLS12-381 r1cs_gg_ppzksnark proof little-endian test started" << std::endl; -// test_proof>, -// nil::marshalling::option::little_endian>(); -// std::cout << "BLS12-381 r1cs_gg_ppzksnark proof little-endian test finished" << std::endl; -// } - -BOOST_AUTO_TEST_SUITE_END() diff --git a/crypto3/libs/marshalling/zk/test/r1cs_gg_ppzksnark_verification_key.cpp b/crypto3/libs/marshalling/zk/test/r1cs_gg_ppzksnark_verification_key.cpp deleted file mode 100644 index 9d3259ec68..0000000000 --- a/crypto3/libs/marshalling/zk/test/r1cs_gg_ppzksnark_verification_key.cpp +++ /dev/null @@ -1,328 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2018-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// Copyright (c) 2021 Ilias Khairullin -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#define BOOST_TEST_MODULE crypto3_marshalling_r1cs_gg_ppzksnark_verification_key_test - -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include -#include - -#include -#include - -template -void print_byteblob(TIter iter_begin, TIter iter_end) { - for (TIter it = iter_begin; it != iter_end; it++) { - std::cout << std::hex << int(*it) << std::endl; - } -} - -template -void print_fp_curve_group_element(FpCurveGroupElement e) { - std::cout << e.X.data << " " << e.Y.data << " " << e.Z.data << std::endl; -} - -template -void print_fp2_curve_group_element(Fp2CurveGroupElement e) { - std::cout << "(" << e.X.data[0].data << " " << e.X.data[1].data << ") (" << e.Y.data[0].data << " " - << e.Y.data[1].data << ") (" << e.Z.data[0].data << " " << e.Z.data[1].data << ")" << std::endl; -} - -template -void test_verification_key(const VerificationKey &val) { - - using namespace nil::crypto3::marshalling; - - using unit_type = unsigned char; - using verification_key_marshalling_type = VerificationKeyMarshalling; - - verification_key_marshalling_type filled_val = - types::fill_r1cs_gg_ppzksnark_verification_key(val); - - VerificationKey constructed_val = - types::make_r1cs_gg_ppzksnark_verification_key(filled_val); - BOOST_CHECK(val == constructed_val); - - std::size_t unitblob_size = filled_val.length(); - - std::vector cv; - cv.resize(unitblob_size, 0x00); - - auto write_iter = cv.begin(); - - nil::marshalling::status_type status = filled_val.write(write_iter, cv.size()); - BOOST_CHECK(status == nil::marshalling::status_type::success); - verification_key_marshalling_type test_val_read; - - auto read_iter = cv.begin(); - status = test_val_read.read(read_iter, cv.size()); - BOOST_CHECK(status == nil::marshalling::status_type::success); - - VerificationKey constructed_val_read = - types::make_r1cs_gg_ppzksnark_verification_key(test_val_read); - - BOOST_CHECK(val == constructed_val_read); -} - -// TODO: move to pubkey marshling -template -void test_pubkey(const Key &val) { - - using namespace nil::crypto3::marshalling; - - using unit_type = unsigned char; - using key_marshalling_type = KeyMarshalling; - - key_marshalling_type filled_val = types::fill_public_key(val); - - Key constructed_val = types::make_public_key(filled_val); - BOOST_CHECK(val == constructed_val); - - std::size_t unitblob_size = filled_val.length(); - - std::vector cv; - cv.resize(unitblob_size, 0x00); - - auto write_iter = cv.begin(); - - nil::marshalling::status_type status = filled_val.write(write_iter, cv.size()); - BOOST_CHECK(status == nil::marshalling::status_type::success); - key_marshalling_type test_val_read; - - auto read_iter = cv.begin(); - status = test_val_read.read(read_iter, cv.size()); - BOOST_CHECK(status == nil::marshalling::status_type::success); - - Key constructed_val_read = types::make_public_key(test_val_read); - - BOOST_CHECK(val == constructed_val_read); -} - -template -typename std::enable_if< - std::is_same, VerificationKey>::value>::type -test_verification_key() { - using g1_type = typename CurveType::template g1_type<>; - using g2_type = typename CurveType::template g2_type<>; - using gt_type = typename CurveType::gt_type; - - std::cout << std::hex; - std::cerr << std::hex; - for (unsigned i = 0; i < 128; ++i) { - if (!(i % 16) && i) { - std::cout << std::dec << i << " tested" << std::endl; - } - typename g1_type::value_type first = nil::crypto3::algebra::random_element(); - std::vector rest; - for (std::size_t i = 0; i < TSize; i++) { - rest.push_back(nil::crypto3::algebra::random_element()); - } - test_verification_key(VerificationKey( - nil::crypto3::algebra::random_element(), - nil::crypto3::algebra::random_element(), - nil::crypto3::algebra::random_element(), - std::move(nil::crypto3::container::accumulation_vector(std::move(first), std::move(rest))))); - } -} - -template -typename std::enable_if, - VerificationKey>::value>::type -test_verification_key() { - using g1_type = typename CurveType::template g1_type<>; - using g2_type = typename CurveType::template g2_type<>; - using gt_type = typename CurveType::gt_type; - - std::cout << std::hex; - std::cerr << std::hex; - for (unsigned i = 0; i < 128; ++i) { - if (!(i % 16) && i) { - std::cout << std::dec << i << " tested" << std::endl; - } - typename g1_type::value_type first = nil::crypto3::algebra::random_element(); - std::vector rest; - for (std::size_t i = 0; i < TSize; i++) { - rest.push_back(nil::crypto3::algebra::random_element()); - } - test_verification_key(VerificationKey( - nil::crypto3::algebra::random_element(), - nil::crypto3::algebra::random_element(), - nil::crypto3::algebra::random_element(), - nil::crypto3::algebra::random_element(), - std::move(nil::crypto3::container::accumulation_vector(std::move(first), std::move(rest))), - nil::crypto3::algebra::random_element())); - } -} - -// TODO: move to pubkey marshling -template -typename std::enable_if< - std::is_same>, - PublicKey>::value>::type -test_pubkey() { - using g1_type = typename PublicKey::g1_type; - using g2_type = typename PublicKey::g2_type; - - std::cout << std::hex; - std::cerr << std::hex; - for (unsigned i = 0; i < 128; ++i) { - if (!(i % 16) && i) { - std::cout << std::dec << i << " tested" << std::endl; - } - std::vector delta_s_g1; - std::vector t_g1; - std::vector t_g2; - for (std::size_t i = 0; i < TSize; i++) { - delta_s_g1.push_back(nil::crypto3::algebra::random_element()); - t_g1.push_back(nil::crypto3::algebra::random_element()); - t_g2.push_back(nil::crypto3::algebra::random_element()); - } - t_g2.push_back(nil::crypto3::algebra::random_element()); - test_pubkey(PublicKey( - nil::crypto3::algebra::random_element(), std::move(delta_s_g1), std::move(t_g1), - std::move(t_g2), - nil::crypto3::algebra::random_element(), nil::crypto3::algebra::random_element())); - } -} - -BOOST_AUTO_TEST_SUITE(verification_key_test_suite) - - BOOST_AUTO_TEST_CASE(r1cs_gg_ppzksnark_verification_key_bls12_381_be) { - using endianness = nil::marshalling::option::big_endian; - using key_type = - nil::crypto3::zk::snark::r1cs_gg_ppzksnark_verification_key>; - using key_marshalling_type = - nil::crypto3::marshalling::types::r1cs_gg_ppzksnark_verification_key, - key_type>; - std::cout << "BLS12-381 r1cs_gg_ppzksnark verification key big-endian test started" << std::endl; - test_verification_key(); - std::cout << "BLS12-381 r1cs_gg_ppzksnark verification key big-endian test finished" << std::endl; - } - - BOOST_AUTO_TEST_CASE(r1cs_gg_ppzksnark_extended_verification_key_bls12_381_be) { - using endianness = nil::marshalling::option::big_endian; - using key_type = - nil::crypto3::zk::snark::r1cs_gg_ppzksnark_extended_verification_key>; - using key_marshalling_type = nil::crypto3::marshalling::types::r1cs_gg_ppzksnark_extended_verification_key< - nil::marshalling::field_type, key_type>; - std::cout << "BLS12-381 r1cs_gg_ppzksnark extended verification key big-endian test started" << std::endl; - test_verification_key(); - std::cout << "BLS12-381 r1cs_gg_ppzksnark extended verification key big-endian test finished" << std::endl; - } - -// TODO: move to pubkey marshling - BOOST_AUTO_TEST_CASE(elgamal_verifiable_public_key_bls12_381_be) { - using endianness = nil::marshalling::option::big_endian; - using key_type = nil::crypto3::pubkey::public_key< - nil::crypto3::pubkey::elgamal_verifiable>>; - using key_marshalling_type = - nil::crypto3::marshalling::types::elgamal_verifiable_public_key, - key_type>; - std::cout << "BLS12-381 r1cs_gg_ppzksnark extended verification key big-endian test started" << std::endl; - test_pubkey(); - std::cout << "BLS12-381 r1cs_gg_ppzksnark extended verification key big-endian test finished" << std::endl; - } - - BOOST_AUTO_TEST_CASE(r1cs_gg_ppzksnark_extended_verification_key_bls12_381_be_error_length) { - using endianness = nil::marshalling::option::big_endian; - using curve_type = nil::crypto3::algebra::curves::bls12<381>; - - using g1_type = typename curve_type::template g1_type<>; - using g2_type = typename curve_type::template g2_type<>; - using gt_type = typename curve_type::gt_type; - - using gt_marshalling_type = - nil::crypto3::marshalling::types::field_element, typename gt_type::value_type>; - using g2_marshalling_type = - nil::crypto3::marshalling::types::curve_element, g2_type>; - using g1_marshalling_type = - nil::crypto3::marshalling::types::curve_element, g1_type>; - using accumulation_vector_marshalling_type = - nil::crypto3::marshalling::types::accumulation_vector, - nil::crypto3::container::accumulation_vector>; - gt_marshalling_type filled_gt(nil::crypto3::algebra::random_element()); - std::cout << "Ok only after initialization: " << filled_gt.length() << std::endl; - - g2_marshalling_type g2_marshalling; - std::cout << "Ok: " << g2_marshalling.length() << std::endl; - - g1_marshalling_type g1_marshalling; - std::cout << "Ok: " << g1_marshalling.length() << std::endl; - - accumulation_vector_marshalling_type accumulation_vector_marshalling; - std::cout << "Seems ok, full information about size should be available after initialization: " - << accumulation_vector_marshalling.length() << std::endl; - typename g1_type::value_type first = nil::crypto3::algebra::random_element(); - std::vector rest; - for (std::size_t i = 0; i < 5; i++) { - rest.push_back(nil::crypto3::algebra::random_element()); - } - nil::crypto3::container::accumulation_vector acc_vec(std::move(first), std::move(rest)); - accumulation_vector_marshalling_type filled_acc_vec = nil::crypto3::marshalling::types::fill_accumulation_vector< - nil::crypto3::container::accumulation_vector, endianness>(acc_vec); - std::cout << "Ok: " << filled_acc_vec.length() << std::endl; - - // key_type key(nil::crypto3::algebra::random_element(), - // nil::crypto3::algebra::random_element(), - // nil::crypto3::algebra::random_element(), - // nil::crypto3::algebra::random_element(), - // std::move(zk::snark::accumulation_vector(std::move(first), std::move(rest))), - // nil::crypto3::algebra::random_element()); - } - -// BOOST_AUTO_TEST_CASE(sparse_vector_bls12_381_le) { -// std::cout << "BLS12-381 r1cs_gg_ppzksnark verification key little-endian test started" << std::endl; -// test_verification_key, nil::marshalling::option::little_endian, 5>(); -// std::cout << "BLS12-381 r1cs_gg_ppzksnark verification key little-endian test finished" << std::endl; -// } - -BOOST_AUTO_TEST_SUITE_END() diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/lookup_table_definition.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/lookup_table_definition.hpp index 757007d45b..b2369b0028 100644 --- a/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/lookup_table_definition.hpp +++ b/crypto3/libs/zk/include/nil/crypto3/zk/snark/arithmetization/plonk/lookup_table_definition.hpp @@ -76,7 +76,7 @@ namespace nil { plonk_lookup_table lookup_table; std::string name; - dynamic_table_definition(std::string _name): name(_name), defined(false) {} + dynamic_table_definition(std::string _name): defined(false), name(_name) {} void define(const plonk_lookup_table &table){ BOOST_ASSERT(!defined); diff --git a/proof-producer/bin/proof-producer/include/nil/proof-generator/prover.hpp b/proof-producer/bin/proof-producer/include/nil/proof-generator/prover.hpp index 314e7a293d..cf510c6c7c 100644 --- a/proof-producer/bin/proof-producer/include/nil/proof-generator/prover.hpp +++ b/proof-producer/bin/proof-producer/include/nil/proof-generator/prover.hpp @@ -167,11 +167,10 @@ namespace nil { std::size_t expand_factor, std::size_t max_q_chunks, std::size_t grind - ) - : lambda_(lambda) - , expand_factor_(expand_factor) - , max_quotient_chunks_(max_q_chunks) - , grind_(grind) { + ) : expand_factor_(expand_factor), + max_quotient_chunks_(max_q_chunks), + lambda_(lambda), + grind_(grind) { } // The caller must call the preprocessor or load the preprocessed data before calling this function. @@ -448,10 +447,18 @@ namespace nil { auto marshalled_value = detail::decode_marshalling_from_file( commitment_scheme_state_file); + if (!marshalled_value) { return false; } - lpc_scheme_.emplace(make_commitment_scheme(*marshalled_value)); + + auto commitment_scheme = make_commitment_scheme(*marshalled_value); + if (!commitment_scheme) { + BOOST_LOG_TRIVIAL(error) << "Error decoding commitment scheme"; + return false; + } + + lpc_scheme_.emplace(commitment_scheme.value()); return true; }