From f5a0011137b83cccc036cbf573d437462fdf0723 Mon Sep 17 00:00:00 2001 From: Iluvmagick Date: Thu, 3 Oct 2024 14:51:53 +0400 Subject: [PATCH] Json export for aggregated proof (#39) * Moved marshalling zk test generation to exported files. * Added test data generation from zk. * Added aggregated proof json export. * Fixed naming error. * More replace changes. * Added saving merkle hashes and one saving of path. --- .../detail}/random_test_data_generation.hpp | 6 +- .../marshalling/zk/types/commitments/lpc.hpp | 6 +- .../marshalling/zk/test/fri_commitment.cpp | 4 +- .../marshalling/zk/test/lpc_commitment.cpp | 2 +- .../zk/test/placeholder_common_data.cpp | 2 +- .../placeholder_preprocessed_public_data.cpp | 4 +- .../marshalling/zk/test/placeholder_proof.cpp | 4 +- .../zk/test/plonk_assignment_table.cpp | 12 +- .../zk/test/plonk_constraint_system.cpp | 2 +- .../marshalling/zk/test/polys_evaluator.cpp | 2 +- .../crypto3/zk/commitments/polynomial/lpc.hpp | 8 +- .../zk/detail}/random_test_initializer.hpp | 0 .../placeholder/placeholder_circuits.cpp | 2 +- .../plonk/placeholder/placeholder_curves.cpp | 2 +- .../placeholder/placeholder_gate_argument.cpp | 2 +- .../placeholder/placeholder_goldilocks.cpp | 2 +- .../plonk/placeholder/placeholder_hashes.cpp | 2 +- .../plonk/placeholder/placeholder_kzg.cpp | 2 +- .../placeholder_lookup_argument.cpp | 2 +- .../placeholder_permutation_argument.cpp | 2 +- ...placeholder_quotient_polynomial_chunks.cpp | 2 +- .../crypto3/zk/commitments/polynomial/lpc.hpp | 8 +- .../placeholder/placeholder_circuits.cpp | 2 +- .../plonk/placeholder/placeholder_curves.cpp | 2 +- .../placeholder/placeholder_gate_argument.cpp | 2 +- .../placeholder/placeholder_goldilocks.cpp | 2 +- .../plonk/placeholder/placeholder_hashes.cpp | 2 +- .../plonk/placeholder/placeholder_kzg.cpp | 2 +- .../placeholder_lookup_argument.cpp | 2 +- .../placeholder_permutation_argument.cpp | 2 +- ...placeholder_quotient_polynomial_chunks.cpp | 2 +- .../include/nil/proof-generator/prover.hpp | 22 +- .../aggregated_verifier_generator.hpp | 314 ++++++++++++++++++ .../recursive_verifier_generator.hpp | 10 +- transpiler/test/transpiler.cpp | 76 +++++ 35 files changed, 453 insertions(+), 65 deletions(-) rename crypto3/libs/marshalling/zk/{test => include/nil/crypto3/marshalling/zk/detail}/random_test_data_generation.hpp (98%) rename crypto3/libs/zk/{test/include/nil/crypto3/zk/test_tools => include/nil/crypto3/zk/detail}/random_test_initializer.hpp (100%) create mode 100644 transpiler/include/nil/blueprint/transpiler/aggregated_verifier_generator.hpp diff --git a/crypto3/libs/marshalling/zk/test/random_test_data_generation.hpp b/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/detail/random_test_data_generation.hpp similarity index 98% rename from crypto3/libs/marshalling/zk/test/random_test_data_generation.hpp rename to crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/detail/random_test_data_generation.hpp index 5301742098..101bc7bd62 100644 --- a/crypto3/libs/marshalling/zk/test/random_test_data_generation.hpp +++ b/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/detail/random_test_data_generation.hpp @@ -67,7 +67,7 @@ #include #include -#include +#include using namespace nil::crypto3; @@ -415,9 +415,9 @@ typename LPC::aggregated_proof_type generate_random_lpc_aggregated_proof( res.fri_proof = generate_random_lpc_intial_fri_proof( d, max_batch_size, step_list, lambda, use_grinding, alg_rnd, rnd); - res.intial_proofs_per_prover.resize(lambda); + res.initial_proofs_per_prover.resize(lambda); for (std::size_t i = 0; i < lambda; i++) { - res.intial_proofs_per_prover[i] = generate_random_lpc_inital_proof( + res.initial_proofs_per_prover[i] = generate_random_lpc_inital_proof( d, max_batch_size, step_list, lambda, use_grinding, alg_rnd, rnd); } diff --git a/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/commitments/lpc.hpp b/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/commitments/lpc.hpp index 1cb4bb5915..d408da5c17 100644 --- a/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/commitments/lpc.hpp +++ b/crypto3/libs/marshalling/zk/include/nil/crypto3/marshalling/zk/types/commitments/lpc.hpp @@ -524,7 +524,7 @@ namespace nil { std::tuple< // fri_proof_type fri_proof; initial_fri_proof_type, - // std::vector intial_proofs_per_prover; + // std::vector initial_proofs_per_prover; nil::marshalling::types::standard_array_list< TTypeBase, inital_eval_proof @@ -552,7 +552,7 @@ namespace nil { TTypeBase, inital_eval_proof > filled_initial_proofs; - for (const auto &initial_proof : proof.intial_proofs_per_prover) { + for (const auto &initial_proof : proof.initial_proofs_per_prover) { filled_initial_proofs.value().push_back( fill_initial_eval_proof( initial_proof @@ -582,7 +582,7 @@ namespace nil { std::get<0>(filled_proof.value())); for (const auto &filled_initial_proof : std::get<1>(filled_proof.value()).value()) { - proof.intial_proofs_per_prover.push_back( + proof.initial_proofs_per_prover.push_back( make_initial_eval_proof( filled_initial_proof ) diff --git a/crypto3/libs/marshalling/zk/test/fri_commitment.cpp b/crypto3/libs/marshalling/zk/test/fri_commitment.cpp index 027f3100b8..2d604e80ea 100644 --- a/crypto3/libs/marshalling/zk/test/fri_commitment.cpp +++ b/crypto3/libs/marshalling/zk/test/fri_commitment.cpp @@ -67,10 +67,10 @@ #include #include -#include +#include #include -#include "random_test_data_generation.hpp" +#include using namespace nil::crypto3; diff --git a/crypto3/libs/marshalling/zk/test/lpc_commitment.cpp b/crypto3/libs/marshalling/zk/test/lpc_commitment.cpp index 01fe347716..776cd85991 100644 --- a/crypto3/libs/marshalling/zk/test/lpc_commitment.cpp +++ b/crypto3/libs/marshalling/zk/test/lpc_commitment.cpp @@ -65,7 +65,7 @@ #include #include -#include "random_test_data_generation.hpp" +#include using namespace nil::crypto3; diff --git a/crypto3/libs/marshalling/zk/test/placeholder_common_data.cpp b/crypto3/libs/marshalling/zk/test/placeholder_common_data.cpp index 5615616f39..feadacc7f3 100644 --- a/crypto3/libs/marshalling/zk/test/placeholder_common_data.cpp +++ b/crypto3/libs/marshalling/zk/test/placeholder_common_data.cpp @@ -53,7 +53,7 @@ #include #include #include -#include +#include #include #include diff --git a/crypto3/libs/marshalling/zk/test/placeholder_preprocessed_public_data.cpp b/crypto3/libs/marshalling/zk/test/placeholder_preprocessed_public_data.cpp index 11ea97d8c8..39ecd601d5 100644 --- a/crypto3/libs/marshalling/zk/test/placeholder_preprocessed_public_data.cpp +++ b/crypto3/libs/marshalling/zk/test/placeholder_preprocessed_public_data.cpp @@ -49,7 +49,7 @@ #include #include #include -#include +#include #include #include @@ -59,8 +59,8 @@ #include #include #include +#include #include "./detail/circuits.hpp" -#include "random_test_data_generation.hpp" using namespace nil::crypto3; diff --git a/crypto3/libs/marshalling/zk/test/placeholder_proof.cpp b/crypto3/libs/marshalling/zk/test/placeholder_proof.cpp index cafb311f26..344ad6c88d 100644 --- a/crypto3/libs/marshalling/zk/test/placeholder_proof.cpp +++ b/crypto3/libs/marshalling/zk/test/placeholder_proof.cpp @@ -82,7 +82,7 @@ #include #include #include -#include +#include #include #include @@ -94,7 +94,7 @@ #include #include "./detail/circuits.hpp" -#include "random_test_data_generation.hpp" +#include using namespace nil; using namespace nil::crypto3; diff --git a/crypto3/libs/marshalling/zk/test/plonk_assignment_table.cpp b/crypto3/libs/marshalling/zk/test/plonk_assignment_table.cpp index 353d779b8f..42ecb32e41 100644 --- a/crypto3/libs/marshalling/zk/test/plonk_assignment_table.cpp +++ b/crypto3/libs/marshalling/zk/test/plonk_assignment_table.cpp @@ -26,7 +26,7 @@ #include #include #include -#include +#include #include #include @@ -236,7 +236,7 @@ BOOST_FIXTURE_TEST_CASE(assignment_table_marshalling_test, test_tools::random_te test_assignment_table(desc.usable_rows_amount, assignments, "circuit2"); else test_assignment_table(desc.usable_rows_amount, assignments); - + test_assignment_table_description>(desc); } BOOST_AUTO_TEST_SUITE_END() @@ -295,7 +295,7 @@ BOOST_FIXTURE_TEST_CASE(assignment_table_marshalling_test, test_tools::random_te test_assignment_table(desc.usable_rows_amount, assignments, "circuit3"); else test_assignment_table(desc.usable_rows_amount, assignments); - + test_assignment_table_description>(desc); } BOOST_AUTO_TEST_SUITE_END() @@ -356,7 +356,7 @@ BOOST_FIXTURE_TEST_CASE(assignment_table_marshalling_test, test_tools::random_te test_assignment_table(desc.usable_rows_amount, assignments, "circuit4"); else test_assignment_table(desc.usable_rows_amount, assignments); - + test_assignment_table_description>(desc); } BOOST_AUTO_TEST_SUITE_END() @@ -477,7 +477,7 @@ BOOST_FIXTURE_TEST_CASE(assignment_table_marshalling_test, test_tools::random_te test_assignment_table(desc.usable_rows_amount, assignments, "circuit6"); else test_assignment_table(desc.usable_rows_amount, assignments); - + test_assignment_table_description>(desc); } BOOST_AUTO_TEST_SUITE_END() @@ -535,7 +535,7 @@ BOOST_FIXTURE_TEST_CASE(assignment_table_marshalling_test, test_tools::random_te test_assignment_table(desc.usable_rows_amount, assignments, "circuit7"); else test_assignment_table(desc.usable_rows_amount, assignments); - + test_assignment_table_description>(desc); } BOOST_AUTO_TEST_SUITE_END() diff --git a/crypto3/libs/marshalling/zk/test/plonk_constraint_system.cpp b/crypto3/libs/marshalling/zk/test/plonk_constraint_system.cpp index 3d36ceadc1..6b2c3e0049 100644 --- a/crypto3/libs/marshalling/zk/test/plonk_constraint_system.cpp +++ b/crypto3/libs/marshalling/zk/test/plonk_constraint_system.cpp @@ -32,7 +32,7 @@ #include #include #include -#include +#include #include #include diff --git a/crypto3/libs/marshalling/zk/test/polys_evaluator.cpp b/crypto3/libs/marshalling/zk/test/polys_evaluator.cpp index 52d61f795e..f1c5aa9ede 100644 --- a/crypto3/libs/marshalling/zk/test/polys_evaluator.cpp +++ b/crypto3/libs/marshalling/zk/test/polys_evaluator.cpp @@ -70,7 +70,7 @@ #include #include #include // contains class polys_evaluator -#include "random_test_data_generation.hpp" +#include using namespace nil::crypto3; diff --git a/crypto3/libs/zk/include/nil/crypto3/zk/commitments/polynomial/lpc.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/commitments/polynomial/lpc.hpp index d22db35917..c88964f43a 100644 --- a/crypto3/libs/zk/include/nil/crypto3/zk/commitments/polynomial/lpc.hpp +++ b/crypto3/libs/zk/include/nil/crypto3/zk/commitments/polynomial/lpc.hpp @@ -172,9 +172,9 @@ namespace nil { } } - /** This function must be called for the cases where we want to skip the + /** This function must be called for the cases where we want to skip the * round proof for FRI. Must be called once per instance of prover for the aggregated FRI. - * \param[in] combined_Q - Polynomial combined_Q was already computed by the current + * \param[in] combined_Q - Polynomial combined_Q was already computed by the current prover in the previous step of the aggregated FRI protocol. * \param[in] challenges - These challenges were sent from the "Main" prover, on which the round proof was created for the polynomial F(x) = Sum(combined_Q). @@ -601,7 +601,7 @@ namespace nil { struct aggregated_proof_type { bool operator==(const aggregated_proof_type &rhs) const { return fri_proof == rhs.fri_proof && - intial_proofs_per_prover == rhs.intial_proofs_per_prover && + initial_proofs_per_prover == rhs.initial_proofs_per_prover && proof_of_work == rhs.proof_of_work; } @@ -613,7 +613,7 @@ namespace nil { fri_proof_type fri_proof; // For each prover we have an initial proof. - std::vector intial_proofs_per_prover; + std::vector initial_proofs_per_prover; typename LPCParams::grinding_type::output_type proof_of_work; }; diff --git a/crypto3/libs/zk/test/include/nil/crypto3/zk/test_tools/random_test_initializer.hpp b/crypto3/libs/zk/include/nil/crypto3/zk/detail/random_test_initializer.hpp similarity index 100% rename from crypto3/libs/zk/test/include/nil/crypto3/zk/test_tools/random_test_initializer.hpp rename to crypto3/libs/zk/include/nil/crypto3/zk/detail/random_test_initializer.hpp diff --git a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_circuits.cpp b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_circuits.cpp index fa36662651..fdffd550bd 100644 --- a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_circuits.cpp +++ b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_circuits.cpp @@ -38,7 +38,7 @@ #include #include -#include +#include #include "circuits.hpp" #include "placeholder_test_runner.hpp" diff --git a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_curves.cpp b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_curves.cpp index 494bd5e871..744d08ef38 100644 --- a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_curves.cpp +++ b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_curves.cpp @@ -53,7 +53,7 @@ #include #include -#include +#include #include "circuits.hpp" #include "placeholder_test_runner.hpp" diff --git a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_gate_argument.cpp b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_gate_argument.cpp index e6d00985ef..5578c3f0d6 100644 --- a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_gate_argument.cpp +++ b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_gate_argument.cpp @@ -50,7 +50,7 @@ #include #include #include -#include +#include #include "circuits.hpp" diff --git a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_goldilocks.cpp b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_goldilocks.cpp index 5aba05528c..a2ad6fbf58 100644 --- a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_goldilocks.cpp +++ b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_goldilocks.cpp @@ -39,7 +39,7 @@ #include #include -#include +#include #include "circuits.hpp" #include "placeholder_test_runner.hpp" diff --git a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_hashes.cpp b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_hashes.cpp index 45d17d2d3f..2c34838e17 100644 --- a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_hashes.cpp +++ b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_hashes.cpp @@ -44,7 +44,7 @@ #include #include -#include +#include #include "circuits.hpp" #include "placeholder_test_runner.hpp" diff --git a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_kzg.cpp b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_kzg.cpp index 66ef6c6f73..52e87b38c5 100644 --- a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_kzg.cpp +++ b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_kzg.cpp @@ -62,7 +62,7 @@ #include #include #include -#include +#include #include "circuits.hpp" #include "placeholder_test_runner.hpp" diff --git a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_lookup_argument.cpp b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_lookup_argument.cpp index dcf7e2427f..059dd61b82 100644 --- a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_lookup_argument.cpp +++ b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_lookup_argument.cpp @@ -62,7 +62,7 @@ #include #include -#include +#include #include "circuits.hpp" diff --git a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_permutation_argument.cpp b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_permutation_argument.cpp index 7a5afba270..e8b1e88a09 100644 --- a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_permutation_argument.cpp +++ b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_permutation_argument.cpp @@ -61,7 +61,7 @@ #include #include #include -#include +#include #include "circuits.hpp" diff --git a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_quotient_polynomial_chunks.cpp b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_quotient_polynomial_chunks.cpp index 2e7b5354a2..ae12452758 100644 --- a/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_quotient_polynomial_chunks.cpp +++ b/crypto3/libs/zk/test/systems/plonk/placeholder/placeholder_quotient_polynomial_chunks.cpp @@ -39,7 +39,7 @@ #include #include -#include +#include #include "circuits.hpp" #include "placeholder_test_runner.hpp" diff --git a/parallel-crypto3/libs/parallel-zk/include/nil/crypto3/zk/commitments/polynomial/lpc.hpp b/parallel-crypto3/libs/parallel-zk/include/nil/crypto3/zk/commitments/polynomial/lpc.hpp index e30c8337e4..02c6a2f6c5 100644 --- a/parallel-crypto3/libs/parallel-zk/include/nil/crypto3/zk/commitments/polynomial/lpc.hpp +++ b/parallel-crypto3/libs/parallel-zk/include/nil/crypto3/zk/commitments/polynomial/lpc.hpp @@ -173,9 +173,9 @@ namespace nil { } } - /** This function must be called for the cases where we want to skip the + /** This function must be called for the cases where we want to skip the * round proof for FRI. Must be called once per instance of prover for the aggregated FRI. - * \param[in] combined_Q - Polynomial combined_Q was already computed by the current + * \param[in] combined_Q - Polynomial combined_Q was already computed by the current prover in the previous step of the aggregated FRI protocol. * \param[in] challenges - These challenges were sent from the "Main" prover, on which the round proof was created for the polynomial F(x) = Sum(combined_Q). @@ -679,7 +679,7 @@ namespace nil { struct aggregated_proof_type { bool operator==(const aggregated_proof_type &rhs) const { return fri_proof == rhs.fri_proof && - intial_proofs_per_prover == rhs.intial_proofs_per_prover && + initial_proofs_per_prover == rhs.initial_proofs_per_prover && proof_of_work == rhs.proof_of_work; } @@ -691,7 +691,7 @@ namespace nil { fri_proof_type fri_proof; // For each prover we have an initial proof. - std::vector intial_proofs_per_prover; + std::vector initial_proofs_per_prover; typename LPCParams::grinding_type::output_type proof_of_work; }; diff --git a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_circuits.cpp b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_circuits.cpp index fa36662651..fdffd550bd 100644 --- a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_circuits.cpp +++ b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_circuits.cpp @@ -38,7 +38,7 @@ #include #include -#include +#include #include "circuits.hpp" #include "placeholder_test_runner.hpp" diff --git a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_curves.cpp b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_curves.cpp index 494bd5e871..744d08ef38 100644 --- a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_curves.cpp +++ b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_curves.cpp @@ -53,7 +53,7 @@ #include #include -#include +#include #include "circuits.hpp" #include "placeholder_test_runner.hpp" diff --git a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_gate_argument.cpp b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_gate_argument.cpp index e6d00985ef..5578c3f0d6 100644 --- a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_gate_argument.cpp +++ b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_gate_argument.cpp @@ -50,7 +50,7 @@ #include #include #include -#include +#include #include "circuits.hpp" diff --git a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_goldilocks.cpp b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_goldilocks.cpp index 5aba05528c..a2ad6fbf58 100644 --- a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_goldilocks.cpp +++ b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_goldilocks.cpp @@ -39,7 +39,7 @@ #include #include -#include +#include #include "circuits.hpp" #include "placeholder_test_runner.hpp" diff --git a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_hashes.cpp b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_hashes.cpp index 45d17d2d3f..2c34838e17 100644 --- a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_hashes.cpp +++ b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_hashes.cpp @@ -44,7 +44,7 @@ #include #include -#include +#include #include "circuits.hpp" #include "placeholder_test_runner.hpp" diff --git a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_kzg.cpp b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_kzg.cpp index 66ef6c6f73..52e87b38c5 100644 --- a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_kzg.cpp +++ b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_kzg.cpp @@ -62,7 +62,7 @@ #include #include #include -#include +#include #include "circuits.hpp" #include "placeholder_test_runner.hpp" diff --git a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_lookup_argument.cpp b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_lookup_argument.cpp index dcf7e2427f..059dd61b82 100644 --- a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_lookup_argument.cpp +++ b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_lookup_argument.cpp @@ -62,7 +62,7 @@ #include #include -#include +#include #include "circuits.hpp" diff --git a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_permutation_argument.cpp b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_permutation_argument.cpp index 7a5afba270..e8b1e88a09 100644 --- a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_permutation_argument.cpp +++ b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_permutation_argument.cpp @@ -61,7 +61,7 @@ #include #include #include -#include +#include #include "circuits.hpp" diff --git a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_quotient_polynomial_chunks.cpp b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_quotient_polynomial_chunks.cpp index 2e7b5354a2..ae12452758 100644 --- a/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_quotient_polynomial_chunks.cpp +++ b/parallel-crypto3/libs/parallel-zk/test/systems/plonk/placeholder/placeholder_quotient_polynomial_chunks.cpp @@ -39,7 +39,7 @@ #include #include -#include +#include #include "circuits.hpp" #include "placeholder_test_runner.hpp" diff --git a/proof-producer/bin/proof-producer/include/nil/proof-generator/prover.hpp b/proof-producer/bin/proof-producer/include/nil/proof-generator/prover.hpp index 252a7d3eec..314e7a293d 100644 --- a/proof-producer/bin/proof-producer/include/nil/proof-generator/prover.hpp +++ b/proof-producer/bin/proof-producer/include/nil/proof-generator/prover.hpp @@ -721,7 +721,7 @@ namespace nil { } polynomial_type combined_Q = lpc_scheme_->prepare_combined_Q( challenge.value(), starting_power); - return save_poly_to_file(combined_Q, output_combined_Q_file); + return save_poly_to_file(combined_Q, output_combined_Q_file); } bool merge_proofs( @@ -782,7 +782,7 @@ namespace nil { BOOST_LOG_TRIVIAL(error) << "Error reading lpc_consistency_proof from \"" << initial_proof_file << "\""; } - merged_proof.aggregated_proof.intial_proofs_per_prover.emplace_back( + merged_proof.aggregated_proof.initial_proofs_per_prover.emplace_back( nil::crypto3::marshalling::types::make_initial_eval_proof(*initial_proof) ); } @@ -822,7 +822,7 @@ namespace nil { } bool save_proof_of_work( - const typename FriType::grinding_type::output_type &proof_of_work, + const typename FriType::grinding_type::output_type &proof_of_work, const boost::filesystem::path &output_file) { using POW_marshalling_type = nil::marshalling::types::integral; BOOST_LOG_TRIVIAL(info) << "Writing proof of work to " << output_file; @@ -842,7 +842,7 @@ namespace nil { BOOST_LOG_TRIVIAL(info) << "Writing challenges to " << consistency_checks_challenges_output_file; - challenge_vector_marshalling_type marshalled_challenges = + challenge_vector_marshalling_type marshalled_challenges = nil::crypto3::marshalling::types::fill_field_element_vector( challenges); @@ -873,10 +873,10 @@ namespace nil { } bool generate_aggregated_FRI_proof_to_file( - const boost::filesystem::path &aggregated_challenge_file, + const boost::filesystem::path &aggregated_challenge_file, const std::vector& input_combined_Q_polynomial_files, - const boost::filesystem::path& aggregated_fri_proof_output_file, - const boost::filesystem::path& proof_of_work_output_file, + const boost::filesystem::path& aggregated_fri_proof_output_file, + const boost::filesystem::path& proof_of_work_output_file, const boost::filesystem::path& consistency_checks_challenges_output_file) { std::optional aggregated_challenge = read_challenge( @@ -910,7 +910,7 @@ namespace nil { return save_fri_proof_to_file(fri_proof, aggregated_fri_proof_output_file) && save_proof_of_work(proof_of_work, proof_of_work_output_file) && - save_challenge_vector_to_file(challenges, consistency_checks_challenges_output_file); + save_challenge_vector_to_file(challenges, consistency_checks_challenges_output_file); } bool save_lpc_consistency_proof_to_file( @@ -932,18 +932,18 @@ namespace nil { const boost::filesystem::path& combined_Q_file, const boost::filesystem::path& consistency_checks_challenges_output_file, const boost::filesystem::path& output_proof_file) { - + std::optional> challenges = read_challenge_vector_from_file( consistency_checks_challenges_output_file); if (!challenges) - return false; + return false; std::optional combined_Q = read_poly_from_file(combined_Q_file); if (!combined_Q) return false; typename LpcScheme::lpc_proof_type proof = lpc_scheme_->proof_eval_lpc_proof( - combined_Q.value(), challenges.value()); + combined_Q.value(), challenges.value()); return save_lpc_consistency_proof_to_file(proof, output_proof_file); } diff --git a/transpiler/include/nil/blueprint/transpiler/aggregated_verifier_generator.hpp b/transpiler/include/nil/blueprint/transpiler/aggregated_verifier_generator.hpp new file mode 100644 index 0000000000..aee4cc1f8e --- /dev/null +++ b/transpiler/include/nil/blueprint/transpiler/aggregated_verifier_generator.hpp @@ -0,0 +1,314 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2023 Elena Tatuzova +// Copyright (c) 2024 Dmitrii Tabalin +// +// MIT License +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in all +// copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +// SOFTWARE. +//---------------------------------------------------------------------------// + +#pragma once + +#include +#include + +#include +#include + +#include +#include +#include + +#include +#include + +#include +#include +#include + +#include +#include + +#include + +namespace nil { + namespace blueprint { + template + struct aggregated_verifier_generator { + using field_type = typename PlaceholderParams::field_type; + using proof_type = AggregatedProofType; + using commitment_scheme_type = typename PlaceholderParams::commitment_scheme_type; + using constraint_system_type = typename PlaceholderParams::constraint_system_type; + using columns_rotations_type = std::vector>; + using variable_type = typename constraint_system_type::variable_type; + using variable_indices_type = std::map; + using degree_visitor_type = typename constraint_system_type::degree_visitor_type; + using expression_type = typename constraint_system_type::expression_type; + using term_type = typename constraint_system_type::term_type; + using binary_operation_type = typename constraint_system_type::binary_operation_type; + using pow_operation_type = typename constraint_system_type::pow_operation_type; + using assignment_table_type = typename PlaceholderParams::assignment_table_type; + + static std::string generate_field_array2_from_64_hex_string(std::string str){ + BOOST_ASSERT_MSG(str.size() == 64, "input string must be 64 hex characters long"); + std::string first_half = str.substr(0, 32); + std::string second_half = str.substr(32, 32); + return "{\"vector\": [{\"field\": \"0x" + first_half + "\"},{\"field\": \"0x" + second_half + "\"}]}"; + } + + template + static inline std::string generate_hash(typename HashType::digest_type hashed_data){ + if constexpr(std::is_same>::value){ + std::stringstream out; + out << hashed_data; + return generate_field_array2_from_64_hex_string(out.str()); + } else if constexpr(std::is_same>::value){ + std::stringstream out; + out << hashed_data; + return generate_field_array2_from_64_hex_string(out.str()); + } else { + std::stringstream out; + out << "{\"field\": \"" << hashed_data << "\"}"; + return out.str(); + } + BOOST_ASSERT_MSG(false, "unsupported merkle hash type"); + return "unsupported merkle hash type"; + } + + template + static inline std::string generate_commitment(typename CommitmentSchemeType::commitment_type commitment) { + return generate_hash(commitment); + } + + inline std::string generate_input( + const typename assignment_table_type::public_input_container_type &public_inputs, + const proof_type &proof, + const std::vector public_input_sizes + ){ + BOOST_ASSERT(public_input_sizes.size() == desc.public_input_columns); + std::stringstream out; + out << "[" << std::endl; + // public inputs + if (desc.public_input_columns != 0) { + out << "\t{\"array\":[" << std::endl; + bool after_first = 0; + for (std::size_t i = 0; i < desc.public_input_columns; i++) { + std::size_t max_non_zero = 0; + for (auto rit = public_inputs[i].rbegin(); rit != public_inputs[i].rend(); ++rit) { + if (*rit != 0) { [[unlikely]] + max_non_zero = std::distance(rit, public_inputs[i].rend()) - 1; + break; + } + } + if (max_non_zero + 1 > public_input_sizes[i]) { + std::cout << "Public input size is larger than reserved. Real size = " + << max_non_zero + 1 << " reserved = " << public_input_sizes[i] << std::endl; + exit(1); + } + BOOST_ASSERT(max_non_zero <= public_input_sizes[i]); + std::size_t j = 0; + for (; j < public_inputs[i].size(); j++, after_first = true) { + if (after_first) [[likely]] out << "," << std::endl; + out << "\t\t{\"field\": \"" << public_inputs[i][j] << "\"}"; + } + for (; j < public_input_sizes[i]; j++, after_first = true) { + if (after_first) [[likely]] out << "," << std::endl; + out << "\t\t{\"field\": \"" << typename field_type::value_type(0) << "\"}"; + } + } + out << std::endl << "\t]}," << std::endl; + } + // commitments for each partial proof + // aka std::vector> partial_proofs; + for (auto const &partial_proof : proof.partial_proofs) { + out << "\t{\"struct\":[" << std::endl; + out << "\t\t{\"array\":[" << std::endl; + bool after_first = false; + for (const auto &[index, commitment]: partial_proof.commitments) { + if (after_first) [[likely]] out << "," << std::endl; + out << "\t\t\t" + << generate_commitment(commitment); + after_first = true; + } + out << "\t\t]}]}," << std::endl; + } + // aggregated proof type + const auto &aggregated_proof = proof.aggregated_proof; + out << "\t{\"struct\":[" << std::endl; + // single fri proof checking that F(x) is low degree + + // basic_fri::round_proofs_batch_type fri_round_proof + const auto &fri_round_proof = aggregated_proof.fri_proof; + // which is in essence std::vector> round_proofs; + out << "\t\t{\"array\":[" << std::endl; + bool after_first = false; + for (const auto &outer_proof_vector : fri_round_proof.fri_round_proof.round_proofs) { + if (after_first) [[likely]] out << "," << std::endl; + out << "\t\t\t{\"array\":[" << std::endl; + bool after_first_inner = false; + for (const auto &round_proof : outer_proof_vector) { + if (after_first_inner) [[likely]] out << "," << std::endl; + BOOST_ASSERT_MSG(round_proof.y.size() == 1, "Unsupported step_list value"); + out << "\t\t\t\t{\"array\":[" << std::endl; + out << "\t\t\t\t\t{\"field\":\"" << round_proof.y[0][0] << "\"}," << std::endl; + out << "\t\t\t\t\t{\"field\":\"" << round_proof.y[0][1] << "\"}"; + out << std::endl << "\t\t\t\t]}"; + after_first_inner = true; + } + out << "\t\t\t]}," << std::endl; + // serialize only hashes, as all paths are the same + const auto &merkle_proof_path = outer_proof_vector.begin()->p.path(); + out << "\t\t\t{\"array\":[" << std::endl; + bool path_after_first = false; + for (const auto &path_elem : merkle_proof_path) { + if (path_after_first) [[likely]] out << "," << std::endl; + out << "\t\t\t\t" << generate_hash( + path_elem[0].hash() + ); + path_after_first = true; + } + out << std::endl << "\t\t\t]}"; + after_first = true; + } + out << "\t]}]}," << std::endl; + // typename basic_fri::commitments_part_of_proof fri_commitments_proof_part; + // consisting of std::vector fri_roots; + auto &fri_commitments_proof_part = fri_round_proof.fri_commitments_proof_part; + out << "\t\t{\"array\":[" << std::endl; + after_first = false; + for (const auto &fri_root : fri_commitments_proof_part.fri_roots) { + if (after_first) [[likely]] out << "," << std::endl; + out << "\t\t\t" << generate_commitment( + fri_root); + after_first = true; + } + out << std::endl << "\t\t]}," << std::endl; + // and math::polynomial final_polynomial; + after_first = false; + const auto &final_polynomial = fri_commitments_proof_part.final_polynomial; + out << "\t\t{\"array\":[" << std::endl; + for (std::size_t i = 0; i < final_polynomial.size(); i++) { + if (after_first) [[likely]] out << "," << std::endl; + out << "\t\t\t{\"field\": \"" << final_polynomial[i] << "\"}"; + after_first = true; + } + out << std::endl << "\t\t]}," << std::endl; + + // std::vector initial_proofs_per_prover; + out << "\t\t{\"array\":[" << std::endl; + after_first = false; + for (const auto &lpc_proof : aggregated_proof.initial_proofs_per_prover) { + if (after_first) [[likely]] out << "," << std::endl; + // eval_storage_type z; + out << "\t\t\t{\"array\":[" << std::endl; + const auto &eval_storage = lpc_proof.z; + const auto &batch_info = eval_storage.get_batch_info(); + std::size_t sum = 0; + for (const auto& [k, v] : batch_info) { + for (std::size_t i = 0; i < v; i++) { + BOOST_ASSERT(eval_storage.get_poly_points_number(k, i) != 0); + for(std::size_t j = 0; j < eval_storage.get_poly_points_number(k, i); j++){ + if( sum != 0 ) out << "," << std::endl; + out << "\t\t\t\t{\"field\":\"" << eval_storage.get(k, i, j) << "\"}"; + sum++; + } + } + } + out << std::endl << "\t\t]}," << std::endl; + // and basic_fri::initial_proofs_batch_type initial_fri_proofs; + // which is std::vector> initial_proofs; + const auto &initial_proofs = lpc_proof.initial_fri_proofs.initial_proofs; + out << "\t\t{\"array\":[" << std::endl; + bool map_after_first = false; + for (const auto &initial_proofs_map : initial_proofs) { + if (map_after_first) [[likely]] out << "," << std::endl; + out << "\t\t\t{\"struct\":[" << std::endl; + bool inner_after_first = false; + for (const auto &[index, value] : initial_proofs_map) { + if (inner_after_first) [[likely]] out << "," << std::endl; + // each initial proof is polynomials_values_type values; + // which is std::vector>> + // and merkle_proof_type p; + const auto &values = value.values; + for (const auto &outer_vector : values) { + out << "\t\t\t\t{\"array\":[" << std::endl; + bool core_after_first = false; + for (const auto &inner_vector : outer_vector) { + if (core_after_first) [[likely]] out << "," << std::endl; + out << "\t\t\t\t\t{\"array\":[" << std::endl; + bool array_after_first = false; + for (const auto &elem : inner_vector) { + if (array_after_first) [[likely]] out << "," << std::endl; + out << "\t\t\t\t\t\t{\"field\":\"" << elem << "\"}"; + array_after_first = true; + } + out << std::endl << "\t\t\t\t\t]}"; + core_after_first = true; + } + out << std::endl << "\t\t\t\t]},"; + } + // serialize only hashes, as all paths are the same + const auto &merkle_proof_path = initial_proofs_map.begin()->second.p.path(); + out << "\t\t\t\t{\"array\":[" << std::endl; + bool path_after_first = false; + for (const auto &path_elem : merkle_proof_path) { + if (path_after_first) [[likely]] out << "," << std::endl; + out << "\t\t\t\t\t" << generate_hash( + path_elem[0].hash() + ); + path_after_first = true; + } + out << std::endl << "\t\t\t\t]}"; + inner_after_first = true; + } + out << "\t\t\t]}" << std::endl; + map_after_first = true; + } + out << "\t\t]}" << std::endl; + after_first = true; + } + out << "\t\t]}," << std::endl; + // and now serialize one of the merkle proof paths + // all of them should be the same + const auto &merkle_proof_path = + aggregated_proof.initial_proofs_per_prover.begin()->initial_fri_proofs.initial_proofs.begin()->begin()->second.p.path(); + out << "\t\t{\"array\":[" << std::endl; + after_first = false; + for (const auto &path_elem : merkle_proof_path) { + if (after_first) [[likely]] out << "," << std::endl; + out << "\t\t\t\t" << generate_hash( + path_elem[0].position() + ); + after_first = true; + } + out << std::endl << "\t\t]}," << std::endl; + // typename LPCParams::grinding_type::output_type proof_of_work; + out << "\t{\"field\":\"" << aggregated_proof.proof_of_work << "\"}" << std::endl; + out << "]" << std::endl; + return out.str(); + } + + aggregated_verifier_generator( + zk::snark::plonk_table_description _desc) : desc(_desc) {} + + private: + const zk::snark::plonk_table_description desc; + }; + } // namespace blueprint +} // namespace nil \ No newline at end of file diff --git a/transpiler/include/nil/blueprint/transpiler/recursive_verifier_generator.hpp b/transpiler/include/nil/blueprint/transpiler/recursive_verifier_generator.hpp index 67eacae36f..ff3b8d0489 100644 --- a/transpiler/include/nil/blueprint/transpiler/recursive_verifier_generator.hpp +++ b/transpiler/include/nil/blueprint/transpiler/recursive_verifier_generator.hpp @@ -207,10 +207,8 @@ namespace nil { out << "\t\t{\"array\":[" << std::endl; auto batch_info = eval_proof.z.get_batch_info(); std::size_t sum = 0; - std::size_t poly_num = 0; for(const auto& [k, v]: batch_info){ for(std::size_t i = 0; i < v; i++){ - poly_num++; BOOST_ASSERT(eval_proof.z.get_poly_points_number(k, i) != 0); for(std::size_t j = 0; j < eval_proof.z.get_poly_points_number(k, i); j++){ if( sum != 0 ) out << "," << std::endl; @@ -486,10 +484,10 @@ namespace nil { }; static inline std::string rot_string (int j){ - if(j == 0) return "xi"; else - if(j == 1 ) return "xi*omega"; else - if(j == -1) return "xi/omega"; else - if(j > 0) return "xi*pow<" + to_string(j) + ">(omega)"; else + if(j == 0) return "xi"; + if(j == 1 ) return "xi*omega"; + if(j == -1) return "xi/omega"; + if(j > 0) return "xi*pow<" + to_string(j) + ">(omega)"; if(j < 0) return "xi/pow<" + to_string(-j) + ">(omega)"; return ""; } diff --git a/transpiler/test/transpiler.cpp b/transpiler/test/transpiler.cpp index d0683f921f..5d43063f89 100644 --- a/transpiler/test/transpiler.cpp +++ b/transpiler/test/transpiler.cpp @@ -71,6 +71,8 @@ #include #include +#include +#include #include "./detail/circuits.hpp" @@ -900,6 +902,80 @@ BOOST_FIXTURE_TEST_CASE(transpiler_test, test_initializer) { output_file.close(); } } + +BOOST_FIXTURE_TEST_CASE(aggregated_proof_sanity_test, test_initializer) { + auto circuit = circuit_test_1( + test_global_alg_rnd_engine, test_global_rnd_engine + ); + plonk_table_description desc( + placeholder_test_params::witness_columns, + placeholder_test_params::public_input_columns, + placeholder_test_params::constant_columns, + placeholder_test_params::selector_columns + ); + using batch_lpc_type = commitments::list_polynomial_commitment; + using batch_lpc_scheme_type = typename commitments::lpc_commitment_scheme; + using batch_lpc_placeholder_params_type = + nil::crypto3::zk::snark::placeholder_params; + + desc.rows_amount = circuit.table_rows; + desc.usable_rows_amount = circuit.usable_rows; + std::size_t table_rows_log = std::log2(circuit.table_rows); + + typename policy_type::constraint_system_type constraint_system( + circuit.gates, + circuit.copy_constraints, + circuit.lookup_gates, + circuit.lookup_tables + ); + typename policy_type::variable_assignment_type assignments = circuit.table; + + typename batch_lpc_type::fri_type::params_type fri_params( + 1, table_rows_log, placeholder_test_params::lambda, 4 + ); + batch_lpc_scheme_type lpc_scheme(fri_params); + + typename placeholder_public_preprocessor::preprocessed_data_type + preprocessed_public_data = placeholder_public_preprocessor::process( + constraint_system, assignments.public_table(), desc, lpc_scheme, 10 + ); + + typename placeholder_private_preprocessor::preprocessed_data_type + preprocessed_private_data = placeholder_private_preprocessor::process( + constraint_system, assignments.private_table(), desc); + + auto proof = placeholder_prover::process( + preprocessed_public_data, preprocessed_private_data, desc, constraint_system, lpc_scheme + ); + // now we get a vector of partial proofs + std::vector> partial_proofs; + for (std::size_t i = 0; i < 5; i++) { + partial_proofs.push_back(proof); + } + // and lpc aggregated proof + auto lpc_proof = generate_random_lpc_aggregated_proof( + 7, 5, + fri_params.step_list, + 2, + false, + test_global_alg_rnd_engine, test_global_rnd_engine + ); + + using aggregated_proof_type = nil::crypto3::zk::snark::placeholder_aggregated_proof< + field_type, batch_lpc_placeholder_params_type>; + aggregated_proof_type aggregated_proof; + aggregated_proof.partial_proofs = partial_proofs; + aggregated_proof.aggregated_proof = lpc_proof; + nil::blueprint::aggregated_verifier_generator + verifier_generator(desc); + auto json = verifier_generator.generate_input( + assignments.public_inputs(), aggregated_proof, {desc.usable_rows_amount + 1} + ); + boost::property_tree::ptree ptree; + auto json_stream = std::istringstream(json); + boost::property_tree::read_json(json_stream, ptree); +} + BOOST_AUTO_TEST_SUITE_END() BOOST_AUTO_TEST_SUITE(recursive_circuit2)