Skip to content

Commit

Permalink
46 check values in etha point (#55)
Browse files Browse the repository at this point in the history
* Commitents is in input file #39

* Placeholder verifier random values generation #39

* Recursive verifier template and basic generator added #39

* Basic placeholder verifier done #39

* U and V #39

* Lookups #39

* Pow operation optimized #39

* Merkle proofs #39

* Some changes for actor-zk-compatibility #39

* Pow operation optimized #39

* Pow function updated. Specialized pow functions for small degrees hardcoded #39

* Work with eta points updated and commented #39

* prepare_U_and_V optimized #39

* Optimize row count for combinedQ computation #39

* Bug in pow2 function #39

* remove utils.sol if no helper functions generated #45 NilFoundation/evm-placeholder-verification#81

* Added check values for eta points #46

* Reworked checking values to keccak of blob #46

* Correct keccak computation #46

* Code cleanup #46

* Removed recursive tests

* Tests are now working #46

---------

Co-authored-by: e.tatuzova <e.tatuzova@nil.foundation>
  • Loading branch information
vo-nil and ETatuzova authored Dec 7, 2023
1 parent df7bc3f commit e32cdd5
Show file tree
Hide file tree
Showing 8 changed files with 2,650 additions and 376 deletions.
104 changes: 72 additions & 32 deletions include/nil/blueprint/transpiler/evm_verifier_gen.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
#include <filesystem>
#include <unordered_set>

#include <boost/algorithm/string.hpp>
#include <boost/algorithm/string.hpp>
#include <nil/blueprint/transpiler/templates/modular_verifier.hpp>
#include <nil/blueprint/transpiler/templates/gate_argument.hpp>
#include <nil/blueprint/transpiler/templates/permutation_argument.hpp>
Expand All @@ -44,12 +44,16 @@
#include <nil/blueprint/transpiler/lpc_scheme_gen.hpp>
#include <nil/blueprint/transpiler/util.hpp>

#include <nil/crypto3/hash/keccak.hpp>
#include <nil/crypto3/hash/algorithm/hash.hpp>
#include <nil/crypto3/detail/digest.hpp>

namespace nil {
namespace blueprint {
template <typename PlaceholderParams>
class evm_verifier_printer{
using common_data_type = typename nil::crypto3::zk::snark::placeholder_public_preprocessor<
typename PlaceholderParams::field_type,
typename PlaceholderParams::field_type,
PlaceholderParams
>::preprocessed_data_type::common_data_type;

Expand Down Expand Up @@ -153,7 +157,7 @@ namespace nil {
std::size_t term_is_power(crypto3::math::term<variable_type> const& term) {
const auto &vars = term.get_vars();
auto var = std::cbegin(vars);

if (var == std::cend(vars))
return 0;

Expand Down Expand Up @@ -287,7 +291,7 @@ namespace nil {
std::size_t lookups_library_size_threshold = 1000,
std::size_t lookups_contract_size_threshold = 1000,
bool deduce_horner = true,
bool optimize_powers = true
bool optimize_powers = true
) :
_constraint_system(constraint_system),
_common_data(common_data),
Expand Down Expand Up @@ -447,7 +451,7 @@ namespace nil {
}

/** @brief Split items into buckets, each bucket is limited
* to max_bucket_size, minimizes number of buckets.
* to max_bucket_size, minimizes number of buckets.
* items must be sorted
* @param[in] items (item_id, item_size)
* @param[in] max_bucket_size
Expand Down Expand Up @@ -561,7 +565,7 @@ namespace nil {
std::unordered_map<std::size_t, std::string> gate_codes;
std::vector<std::pair<std::size_t, std::size_t>> gate_costs(gates_count);
std::vector<std::size_t> gate_ids(gates_count);

std::vector<constraint_info> constraints;
std::size_t total_cost = 0;

Expand All @@ -584,8 +588,6 @@ namespace nil {


std::size_t gate_modules_count = 0;


std::size_t current_selector = 0;
if (total_cost <= _gates_contract_size_threshold) {
auto it = constraints.begin();
Expand All @@ -594,8 +596,10 @@ namespace nil {
gate_argument_str << "\t\tuint256 gate;" << std::endl;
gate_argument_str << print_constraint_series(it, constraints.end());
} else {
std::cout << "I am here!" << std::endl;
auto it = constraints.begin();
while (it != constraints.end()) {
std::cout << "Gates modules count" << gate_modules_count << std::endl;
std::string code = print_constraint_series(it, constraints.end());

std::string result = modular_external_gate_library_template;
Expand All @@ -615,6 +619,7 @@ namespace nil {
++gate_modules_count;
}
}
std::cout << "Finished" << std::endl;

if (_term_powers.size() > 0) {
std::stringstream power_functions;
Expand Down Expand Up @@ -752,23 +757,23 @@ namespace nil {
lookup_str << "\t\t\tstate.shifted_selector_value = basic_marshalling.get_uint256_be(blob, " << _var_indices.at(shifted_sel_var) * 0x20 << ");" << std::endl;

for( const auto &option: table.lookup_options ){
lookup_str <<
lookup_str <<
"\t\t\tl = mulmod( " << table_index << ", state.selector_value, modulus);" << std::endl;
lookup_str <<
lookup_str <<
"\t\t\tstate.l_shifted = mulmod( " << table_index << ", state.shifted_selector_value, modulus);" << std::endl;
lookup_str << "\t\t\tstate.theta_acc=state.theta;" << std::endl;
for( const auto &var: option ){
lookup_str <<
lookup_str <<
"\t\t\tl = addmod( l, mulmod(state.selector_value, mulmod( state.theta_acc, basic_marshalling.get_uint256_be(blob, " << _var_indices.at(var) * 0x20 << "), modulus), modulus), modulus);" << std::endl;
variable_type shifted_var = var;
shifted_var.rotation = 1;
lookup_str <<
lookup_str <<
"\t\t\tstate.l_shifted = addmod( state.l_shifted, mulmod(state.shifted_selector_value, mulmod( state.theta_acc, basic_marshalling.get_uint256_be(blob, " << _var_indices.at(shifted_var) * 0x20 << "), modulus), modulus), modulus);" << std::endl;
lookup_str << "\t\t\tstate.theta_acc = mulmod(state.theta_acc, state.theta, modulus);" << std::endl;
}
lookup_str <<
lookup_str <<
"\t\t\tl = mulmod( l, state.mask, modulus);" << std::endl;
lookup_str <<
lookup_str <<
"\t\t\tstate.l_shifted = mulmod( state.l_shifted, state.shifted_mask, modulus);" << std::endl;
lookup_str << "\t\t\tstate.g = mulmod(state.g, addmod( state.factor, addmod(l, mulmod(state.beta, state.l_shifted, modulus), modulus), modulus), modulus);" << std::endl;
j++;
Expand All @@ -783,63 +788,98 @@ namespace nil {
std::string eta_point_verification_code() {
std::stringstream result;
auto fixed_poly_values = _common_data.commitment_scheme_data;

std::size_t poly_points = 2;

using eta_hash = crypto3::hashes::keccak_1600<256>;
using field_element_type = nil::crypto3::marshalling::types::field_element<
nil::marshalling::field_type<nil::marshalling::option::big_endian>,
typename PlaceholderParams::field_type::value_type>;

if (fixed_poly_values.size() == 0)
return "";


std::vector<std::uint8_t> eta_buf;

std::size_t poly_points = 2*_permutation_size;
/* special_selectors */
poly_points += 2;
poly_points += PlaceholderParams::arithmetization_params::constant_columns;
poly_points += PlaceholderParams::arithmetization_params::selector_columns;
eta_buf.resize( 32*poly_points );

std::array<std::uint8_t, 0> empty;
auto writer = eta_buf.begin();

result << "\t\t/* eta points check */" << std::endl;
result << "\t\t{" << std::endl;
result << "\t\t\tuint256 poly_at_eta;" << std::endl;
result << "\t\t\tuint256[" << poly_points << "] memory points;" << std::endl;

result << "\t\t\t/* 1 - 2*permutation_size */" << std::endl;
std::size_t i = 0, j = 0;
std::size_t point_offset = 8;


result << std::showbase << std::hex;

result << "\t\t\t/* 1. 2*permutation_size */" << std::endl;
poly_points = 2;

while (j < 2*_permutation_size) {
result << "\t\t\tpoly_at_eta = basic_marshalling.get_uint256_be(blob, " << point_offset+(poly_points-1)*32 << ");" << "// " << i << std::endl;
result << "\t\t\tif(poly_at_eta != " << std::showbase<< std::hex << fixed_poly_values[0][i] << ") return false;" << std::endl;
result << "\t\t\tpoints[" << i << "] = basic_marshalling.get_uint256_be(blob,";
result << point_offset + (poly_points-1)*32 << ");" << std::endl;
field_element_type value(fixed_poly_values[0][i]);
value.write(writer, 32);
point_offset += 32*poly_points;
++i;
++j;
}

result << "\t\t\t/* 2 - special selectors */" << std::endl;
result << "\t\t\t/* 2. special selectors */" << std::endl;
poly_points = 3;

j = 0;
while (j < 2) {
result << "\t\t\tpoly_at_eta = basic_marshalling.get_uint256_be(blob, " << point_offset+(poly_points-1)*32 << ");" << "// " << i << std::endl;
result << "\t\t\tif(poly_at_eta != " << std::showbase<< std::hex << fixed_poly_values[0][i] << ") return false;" << std::endl;
result << "\t\t\tpoints[" << i << "] = basic_marshalling.get_uint256_be(blob,";
result << point_offset + (poly_points-1)*32 << ");" << std::endl;
field_element_type value(fixed_poly_values[0][i]);
value.write(writer, 32);
point_offset += 32*poly_points;
++i;
++j;
}

result << "\t\t\t/* 3. constant columns */" << std::endl;
std::size_t column_rotation_offset = PlaceholderParams::witness_columns + PlaceholderParams::public_input_columns;
result << "\t\t\t/* 3 - constant columns */" << std::endl;
j = 0;
while (j < PlaceholderParams::arithmetization_params::constant_columns) {
poly_points = _common_data.columns_rotations[column_rotation_offset + j].size()+1;
result << "\t\t\tpoly_at_eta = basic_marshalling.get_uint256_be(blob, " << point_offset+(poly_points-1)*32 << ");" << "// " << i << std::endl;
result << "\t\t\tif(poly_at_eta != " << std::showbase<< std::hex << fixed_poly_values[0][i] << ") return false;" << std::endl;
result << "\t\t\tpoints[" << i << "] = basic_marshalling.get_uint256_be(blob,";
result << point_offset + (poly_points-1)*32 << ");" << std::endl;
field_element_type value(fixed_poly_values[0][i]);
value.write(writer, 32);
point_offset += 32*poly_points;
++i;
++j;
}

result << "\t\t\t/* 4 - selector columns */" << std::endl;
column_rotation_offset = PlaceholderParams::witness_columns + PlaceholderParams::public_input_columns + PlaceholderParams::constant_columns;
result << "\t\t\t/* 4. selector columns */" << std::endl;
column_rotation_offset += PlaceholderParams::constant_columns;
j = 0;
while (j < PlaceholderParams::arithmetization_params::selector_columns) {
poly_points = _common_data.columns_rotations[column_rotation_offset + j].size()+1;
result << "\t\t\tpoly_at_eta = basic_marshalling.get_uint256_be(blob, " << point_offset+(poly_points-1)*32 << ");" << "// " << i << std::endl;
result << "\t\t\tif(poly_at_eta != " << std::showbase<< std::hex << fixed_poly_values[0][i] << ") return false;" << std::endl;
result << "\t\t\tpoints[" << i << "] = basic_marshalling.get_uint256_be(blob,";
result << point_offset + (poly_points-1)*32 << ");" << std::endl;
field_element_type value(fixed_poly_values[0][i]);
value.write(writer, 32);
point_offset += 32*(poly_points);
++i;
++j;
}

eta_hash::digest_type hash_result = crypto3::hash<eta_hash>(eta_buf);
result << "\t\t\t/* Check keccak(points) */" << std::endl;
result << "\t\t\tif ( bytes32(0x" << std::to_string(hash_result).data() << ") != keccak256(abi.encode(points))) {" << std::endl;
result << "\t\t\t\treturn false;" << std::endl;
result << "\t\t\t}" << std::endl;
result << "\t\t}" << std::endl;

return result.str();
}

Expand Down
16 changes: 8 additions & 8 deletions include/nil/blueprint/transpiler/lpc_scheme_gen.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
#include <sstream>
#include <filesystem>

#include <boost/algorithm/string.hpp>
#include <boost/algorithm/string.hpp>
#include <nil/blueprint/transpiler/util.hpp>
#include <nil/blueprint/transpiler/templates/commitment_scheme.hpp>
#include <nil/crypto3/zk/snark/systems/plonk/placeholder/preprocessor.hpp>
Expand All @@ -40,21 +40,21 @@ namespace nil {
namespace blueprint {
template <typename PlaceholderParams>
using common_data_type = typename nil::crypto3::zk::snark::placeholder_public_preprocessor<
typename PlaceholderParams::field_type,
typename PlaceholderParams::field_type,
PlaceholderParams
>::preprocessed_data_type::common_data_type;

std::string rot_string (int j){
if(j == 0) return "xi"; else
if(j == 1 ) return "mulmod(xi, omega, modulus)"; else
if(j == -1) return "mulmod(xi, inversed_omega, modulus)"; else
if(j == 0) return "xi"; else
if(j == 1 ) return "mulmod(xi, omega, modulus)"; else
if(j == -1) return "mulmod(xi, inversed_omega, modulus)"; else
if(j > 0) return "mulmod(xi, field.pow_small(omega, " + to_string(j) + ", modulus), modulus)"; else
if(j < 0) return "mulmod(xi, field.pow_small(inversed_omega, " + to_string(-j) + ", modulus), modulus)";
return "";
}


template<typename PlaceholderParams>
template<typename PlaceholderParams>
void commitment_scheme_replaces(
transpiler_replacements& replacements,
const common_data_type<PlaceholderParams> &common_data,
Expand Down Expand Up @@ -160,7 +160,7 @@ namespace nil {
transcript(common_data.vk.constraint_system_hash);
transcript(common_data.vk.fixed_values_commitment);
auto etha = transcript.template challenge<typename PlaceholderParams::field_type>();

auto fri_params = lpc_scheme.get_fri_params();
replacements["$R$"] = to_string(fri_params.r);
replacements["$LAMBDA$"] = to_string(PlaceholderParams::commitment_scheme_type::fri_type::lambda);
Expand Down
Loading

0 comments on commit e32cdd5

Please sign in to comment.