feat(prover): switch compression to fflonk

Cargo.toml

@@ -1,84 +1,84 @@
 [workspace]
 members = [
-  # Binaries
-  "core/bin/block_reverter",
-  "core/bin/contract-verifier",
-  "core/bin/external_node",
-  "core/bin/merkle_tree_consistency_checker",
-  "core/bin/snapshots_creator",
-  "core/bin/selector_generator",
-  "core/bin/system-constants-generator",
-  "core/bin/verified_sources_fetcher",
-  "core/bin/zksync_server",
-  "core/bin/genesis_generator",
-  "core/bin/zksync_tee_prover",
-  # Node services
-  "core/node/node_framework",
-  "core/node/proof_data_handler",
-  "core/node/block_reverter",
-  "core/node/commitment_generator",
-  "core/node/house_keeper",
-  "core/node/genesis",
-  "core/node/shared_metrics",
-  "core/node/db_pruner",
-  "core/node/fee_model",
-  "core/node/da_dispatcher",
-  "core/node/eth_sender",
-  "core/node/vm_runner",
-  "core/node/test_utils",
-  "core/node/state_keeper",
-  "core/node/reorg_detector",
-  "core/node/consistency_checker",
-  "core/node/metadata_calculator",
-  "core/node/node_sync",
-  "core/node/node_storage_init",
-  "core/node/consensus",
-  "core/node/contract_verification_server",
-  "core/node/api_server",
-  "core/node/base_token_adjuster",
-  "core/node/external_proof_integration_api",
-  "core/node/logs_bloom_backfill",
-  "core/node/da_clients",
-  # Libraries
-  "core/lib/db_connection",
-  "core/lib/zksync_core_leftovers",
-  "core/lib/basic_types",
-  "core/lib/config",
-  "core/lib/constants",
-  "core/lib/contract_verifier",
-  "core/lib/contracts",
-  "core/lib/circuit_breaker",
-  "core/lib/dal",
-  "core/lib/env_config",
-  "core/lib/da_client",
-  "core/lib/eth_client",
-  "core/lib/eth_signer",
-  "core/lib/l1_contract_interface",
-  "core/lib/mempool",
-  "core/lib/merkle_tree",
-  "core/lib/mini_merkle_tree",
-  "core/lib/node_framework_derive",
-  "core/lib/object_store",
-  "core/lib/prover_interface",
-  "core/lib/queued_job_processor",
-  "core/lib/state",
-  "core/lib/storage",
-  "core/lib/tee_verifier",
-  "core/lib/types",
-  "core/lib/protobuf_config",
-  "core/lib/utils",
-  "core/lib/vlog",
-  "core/lib/multivm",
-  "core/lib/vm_interface",
-  "core/lib/vm_executor",
-  "core/lib/web3_decl",
-  "core/lib/snapshots_applier",
-  "core/lib/crypto_primitives",
-  "core/lib/external_price_api",
-  # Test infrastructure
-  "core/tests/test_account",
-  "core/tests/loadnext",
-  "core/tests/vm-benchmark",
+    # Binaries
+    "core/bin/block_reverter",
+    "core/bin/contract-verifier",
+    "core/bin/external_node",
+    "core/bin/merkle_tree_consistency_checker",
+    "core/bin/snapshots_creator",
+    "core/bin/selector_generator",
+    "core/bin/system-constants-generator",
+    "core/bin/verified_sources_fetcher",
+    "core/bin/zksync_server",
+    "core/bin/genesis_generator",
+    "core/bin/zksync_tee_prover",
+    # Node services
+    "core/node/node_framework",
+    "core/node/proof_data_handler",
+    "core/node/block_reverter",
+    "core/node/commitment_generator",
+    "core/node/house_keeper",
+    "core/node/genesis",
+    "core/node/shared_metrics",
+    "core/node/db_pruner",
+    "core/node/fee_model",
+    "core/node/da_dispatcher",
+    "core/node/eth_sender",
+    "core/node/vm_runner",
+    "core/node/test_utils",
+    "core/node/state_keeper",
+    "core/node/reorg_detector",
+    "core/node/consistency_checker",
+    "core/node/metadata_calculator",
+    "core/node/node_sync",
+    "core/node/node_storage_init",
+    "core/node/consensus",
+    "core/node/contract_verification_server",
+    "core/node/api_server",
+    "core/node/base_token_adjuster",
+    "core/node/external_proof_integration_api",
+    "core/node/logs_bloom_backfill",
+    "core/node/da_clients",
+    # Libraries
+    "core/lib/db_connection",
+    "core/lib/zksync_core_leftovers",
+    "core/lib/basic_types",
+    "core/lib/config",
+    "core/lib/constants",
+    "core/lib/contract_verifier",
+    "core/lib/contracts",
+    "core/lib/circuit_breaker",
+    "core/lib/dal",
+    "core/lib/env_config",
+    "core/lib/da_client",
+    "core/lib/eth_client",
+    "core/lib/eth_signer",
+    "core/lib/l1_contract_interface",
+    "core/lib/mempool",
+    "core/lib/merkle_tree",
+    "core/lib/mini_merkle_tree",
+    "core/lib/node_framework_derive",
+    "core/lib/object_store",
+    "core/lib/prover_interface",
+    "core/lib/queued_job_processor",
+    "core/lib/state",
+    "core/lib/storage",
+    "core/lib/tee_verifier",
+    "core/lib/types",
+    "core/lib/protobuf_config",
+    "core/lib/utils",
+    "core/lib/vlog",
+    "core/lib/multivm",
+    "core/lib/vm_interface",
+    "core/lib/vm_executor",
+    "core/lib/web3_decl",
+    "core/lib/snapshots_applier",
+    "core/lib/crypto_primitives",
+    "core/lib/external_price_api",
+    # Test infrastructure
+    "core/tests/test_account",
+    "core/tests/loadnext",
+    "core/tests/vm-benchmark",
 ]
 resolver = "2"
 
@@ -229,15 +229,17 @@ circuit_sequencer_api_1_3_3 = { package = "circuit_sequencer_api", version = "0.
 circuit_sequencer_api_1_4_0 = { package = "circuit_sequencer_api", version = "0.140" }
 circuit_sequencer_api_1_4_1 = { package = "circuit_sequencer_api", version = "0.141" }
 circuit_sequencer_api_1_4_2 = { package = "circuit_sequencer_api", version = "0.142" }
-circuit_sequencer_api_1_5_0 = { package = "circuit_sequencer_api", version = "=0.150.7" }
-crypto_codegen = { package = "zksync_solidity_vk_codegen", version = "=0.30.1" }
-kzg = { package = "zksync_kzg", version = "=0.150.7" }
+circuit_sequencer_api_1_5_0 = { package = "circuit_sequencer_api", version = "=0.150.11" }
+circuit_definitions = "0.150.11"
+crypto_codegen = { package = "zksync_solidity_vk_codegen", version = "=0.30.6" }
+kzg = { package = "zksync_kzg", version = "=0.150.11" }
 zk_evm = { version = "=0.133.0" }
 zk_evm_1_3_1 = { package = "zk_evm", version = "0.131.0-rc.2" }
 zk_evm_1_3_3 = { package = "zk_evm", version = "0.133" }
 zk_evm_1_4_0 = { package = "zk_evm", version = "0.140" }
 zk_evm_1_4_1 = { package = "zk_evm", version = "0.141" }
-zk_evm_1_5_0 = { package = "zk_evm", version = "=0.150.7" }
+zk_evm_1_5_0 = { package = "zk_evm", version = "=0.150.11" }
+fflonk = { package = "fflonk", version = "=0.30.6" }
 
 # New VM; pinned to a specific commit because of instability
 zksync_vm2 = { git = "https://github.com/matter-labs/vm2.git", rev = "df5bec3d04d64d434f9b0ccb285ba4681008f7b3" }

core/lib/l1_contract_interface/Cargo.toml

@@ -18,6 +18,8 @@ zksync_prover_interface.workspace = true
 crypto_codegen.workspace = true
 # Used to calculate the kzg commitment and proofs
 kzg.workspace = true
+fflonk.workspace = true
+circuit_definitions.workspace = true
 
 anyhow.workspace = true
 sha2.workspace = true

core/lib/l1_contract_interface/src/i_executor/methods/prove_batches.rs

@@ -1,4 +1,13 @@
+use circuit_definitions::circuit_definitions::aux_layer::ZkSyncSnarkWrapperCircuitNoLookupCustomGate;
 use crypto_codegen::serialize_proof;
+use fflonk::{
+    bellman::{
+        bn256,
+        bn256::{Bn256, Fr},
+        CurveAffine, Engine, PrimeField, PrimeFieldRepr,
+    },
+    FflonkProof,
+};
 use zksync_prover_interface::outputs::L1BatchProofForL1;
 use zksync_types::{commitment::L1BatchWithMetadata, ethabi::Token, U256};
 
@@ -28,13 +37,18 @@ impl Tokenize for &ProveBatches {
             assert_eq!(self.proofs.len(), 1);
             assert_eq!(self.l1_batches.len(), 1);
 
-            let L1BatchProofForL1 {
-                aggregation_result_coords,
-                scheduler_proof,
-                ..
-            } = self.proofs.first().unwrap();
+            let (proof, aggregation_result_coords) = match self.proofs.first().unwrap() {
+                L1BatchProofForL1::Fflonk(proof) => {
+                    let scheduler_proof = proof.scheduler_proof.clone();
 
-            let (_, proof) = serialize_proof(scheduler_proof);
+                    let serialized_proof = serialize_evm(&scheduler_proof);
+                    (serialized_proof, proof.aggregation_result_coords)
+                }
+                L1BatchProofForL1::Plonk(proof) => {
+                    let (_, serialized_proof) = serialize_proof(&proof.scheduler_proof);
+                    (serialized_proof, proof.aggregation_result_coords)
+                }
+            };
 
             let aggregation_result_coords = if self.l1_batches[0]
                 .header
@@ -66,3 +80,56 @@ impl Tokenize for &ProveBatches {
         }
     }
 }
+
+fn serialize_fe_for_ethereum(field_element: &Fr) -> U256 {
+    let mut be_bytes = [0u8; 32];
+    field_element
+        .into_repr()
+        .write_be(&mut be_bytes[..])
+        .expect("get new root BE bytes");
+    U256::from_big_endian(&be_bytes[..])
+}
+
+fn serialize_g1_for_ethereum(point: &<bn256::Bn256 as Engine>::G1Affine) -> (U256, U256) {
+    if <<bn256::Bn256 as Engine>::G1Affine as CurveAffine>::is_zero(point) {
+        return (U256::zero(), U256::zero());
+    }
+
+    let (x, y) = <<bn256::Bn256 as Engine>::G1Affine as CurveAffine>::into_xy_unchecked(*point);
+    let _ = <<bn256::Bn256 as Engine>::G1Affine as CurveAffine>::from_xy_checked(x, y).unwrap();
+
+    let mut buffer = [0u8; 32];
+    x.into_repr().write_be(&mut buffer[..]).unwrap();
+    let x = U256::from_big_endian(&buffer);
+
+    let mut buffer = [0u8; 32];
+    y.into_repr().write_be(&mut buffer[..]).unwrap();
+    let y = U256::from_big_endian(&buffer);
+
+    (x, y)
+}
+
+fn serialize_evm(
+    proof: &FflonkProof<Bn256, ZkSyncSnarkWrapperCircuitNoLookupCustomGate>,
+) -> Vec<U256> {
+    let mut serialized_proof = vec![];
+    for input in proof.inputs.iter() {
+        serialized_proof.push(serialize_fe_for_ethereum(input));
+    }
+
+    for c in proof.commitments.iter() {
+        let (x, y) = serialize_g1_for_ethereum(c);
+        serialized_proof.push(x);
+        serialized_proof.push(y);
+    }
+
+    for el in proof.evaluations.iter() {
+        serialized_proof.push(serialize_fe_for_ethereum(el));
+    }
+
+    for el in proof.lagrange_basis_inverses.iter() {
+        serialized_proof.push(serialize_fe_for_ethereum(el));
+    }
+
+    serialized_proof
+}

core/lib/prover_interface/Cargo.toml

@@ -17,6 +17,8 @@ zksync_types.workspace = true
 
 # We can use the newest api to send proofs to L1.
 circuit_sequencer_api_1_5_0.workspace = true
+circuit_definitions.workspace = true
+fflonk.workspace = true
 
 serde.workspace = true
 strum = { workspace = true, features = ["derive"] }

core/lib/prover_interface/src/outputs.rs

@@ -1,14 +1,30 @@
 use core::fmt;
 
-use circuit_sequencer_api_1_5_0::proof::FinalProof;
+use circuit_definitions::circuit_definitions::aux_layer::ZkSyncSnarkWrapperCircuitNoLookupCustomGate;
+use circuit_sequencer_api_1_5_0::{boojum::pairing::bn256::Bn256, proof::FinalProof};
+use fflonk::FflonkProof;
 use serde::{Deserialize, Serialize};
 use serde_with::{hex::Hex, serde_as};
 use zksync_object_store::{serialize_using_bincode, Bucket, StoredObject};
 use zksync_types::{protocol_version::ProtocolSemanticVersion, tee_types::TeeType, L1BatchNumber};
 
 /// A "final" ZK proof that can be sent to the L1 contract.
 #[derive(Clone, Serialize, Deserialize)]
-pub struct L1BatchProofForL1 {
+#[allow(clippy::large_enum_variant)]
+pub enum L1BatchProofForL1 {
+    Fflonk(FflonkL1BatchProofForL1),
+    Plonk(PlonkL1BatchProofForL1),
+}
+
+#[derive(Clone, Serialize, Deserialize)]
+pub struct FflonkL1BatchProofForL1 {
+    pub aggregation_result_coords: [[u8; 32]; 4],
+    pub scheduler_proof: FflonkProof<Bn256, ZkSyncSnarkWrapperCircuitNoLookupCustomGate>,
+    pub protocol_version: ProtocolSemanticVersion,
+}
+
+#[derive(Clone, Serialize, Deserialize)]
+pub struct PlonkL1BatchProofForL1 {
     pub aggregation_result_coords: [[u8; 32]; 4],
     pub scheduler_proof: FinalProof,
     pub protocol_version: ProtocolSemanticVersion,
@@ -36,6 +52,23 @@ impl fmt::Debug for L1BatchProofForL1 {
     fn fmt(&self, formatter: &mut fmt::Formatter<'_>) -> fmt::Result {
         formatter
             .debug_struct("L1BatchProofForL1")
+            .finish_non_exhaustive()
+    }
+}
+
+impl fmt::Debug for PlonkL1BatchProofForL1 {
+    fn fmt(&self, formatter: &mut fmt::Formatter<'_>) -> fmt::Result {
+        formatter
+            .debug_struct("PplonkL1BatchProofForL1")
+            .field("aggregation_result_coords", &self.aggregation_result_coords)
+            .finish_non_exhaustive()
+    }
+}
+
+impl fmt::Debug for FflonkL1BatchProofForL1 {
+    fn fmt(&self, formatter: &mut fmt::Formatter<'_>) -> fmt::Result {
+        formatter
+            .debug_struct("FflonkL1BatchProofForL1")
             .field("aggregation_result_coords", &self.aggregation_result_coords)
             .finish_non_exhaustive()
     }