From 8573758ca067a5f5628da916ab66396fd68e34e4 Mon Sep 17 00:00:00 2001 From: Kristin Kirkov Date: Mon, 12 Jun 2023 11:12:32 +0300 Subject: [PATCH 1/5] feat(circom): Pass K as argument in circuits and remove unused ouputs --- .../circom/circuits/aggregate_bitmask.circom | 3 +- .../circom/circuits/hash_to_field.circom | 3 +- .../circom/circuits/is_supermajority.circom | 3 -- .../circuits/is_valid_merkle_branch.circom | 39 +++++++++++++++++++ .../circom/circuits/light_client.circom | 4 +- .../aggregate_bitmask.circom | 2 +- .../hash_to_field/hash_to_field.circom | 2 +- .../test/aggregate_bitmask_N1/circuit.circom | 2 +- .../test/aggregate_bitmask_N3/circuit.circom | 2 +- .../circom/test/hash_to_field/circuit.circom | 2 +- 10 files changed, 48 insertions(+), 14 deletions(-) diff --git a/beacon-light-client/circom/circuits/aggregate_bitmask.circom b/beacon-light-client/circom/circuits/aggregate_bitmask.circom index b72c3a76e..b9500c629 100644 --- a/beacon-light-client/circom/circuits/aggregate_bitmask.circom +++ b/beacon-light-client/circom/circuits/aggregate_bitmask.circom @@ -2,9 +2,8 @@ pragma circom 2.0.3; include "../../../vendor/circom-pairing/circuits/curve.circom"; -template AggregateKeysBitmask(N) { +template AggregateKeysBitmask(N,K) { var J = 2; - var K = 7; signal input points[N][J][K]; signal input bitmask[N]; diff --git a/beacon-light-client/circom/circuits/hash_to_field.circom b/beacon-light-client/circom/circuits/hash_to_field.circom index 337b095e0..e6de3f9a5 100644 --- a/beacon-light-client/circom/circuits/hash_to_field.circom +++ b/beacon-light-client/circom/circuits/hash_to_field.circom @@ -3,8 +3,7 @@ pragma circom 2.0.3; include "expand_message.circom"; include "../../../vendor/circom-pairing/circuits/bigint.circom"; -template HashToField() { - var K = 7; +template HashToField(K) { signal input in[256]; signal output out[2][2][K]; diff --git a/beacon-light-client/circom/circuits/is_supermajority.circom b/beacon-light-client/circom/circuits/is_supermajority.circom index 680101e7e..53d21c08c 100644 --- a/beacon-light-client/circom/circuits/is_supermajority.circom +++ b/beacon-light-client/circom/circuits/is_supermajority.circom @@ -5,10 +5,7 @@ include "../../../node_modules/circomlib/circuits/comparators.circom"; template IsSuperMajority(N) { signal input bitmask[N]; - signal output out; - var sum = 0; - component lessThan[N]; //count the number of 1s in the bitmask for(var i = 0; i < N; i++) { sum += bitmask[i]; diff --git a/beacon-light-client/circom/circuits/is_valid_merkle_branch.circom b/beacon-light-client/circom/circuits/is_valid_merkle_branch.circom index 2d6740408..5ec353025 100644 --- a/beacon-light-client/circom/circuits/is_valid_merkle_branch.circom +++ b/beacon-light-client/circom/circuits/is_valid_merkle_branch.circom @@ -10,7 +10,46 @@ template IsValidMerkleBranch(N) { signal input root[256]; signal input index; +<<<<<<< HEAD signal isValidBalanceBranchOut <== IsValidMerkleBranchOut(N)(branch, leaf, root, index); isValidBalanceBranchOut === 1; +======= + component hashers[N]; + component isZero[N]; + + for(var i = 0; i < N; i++) { + hashers[i] = HashTwo(); + isZero[i] = IsZero(); + + isZero[i].in <-- (index \ (2**i)) % 2; + + var current[256]; + + for(var j = 0; j < 256; j++) { + current[j] = i == 0 ? leaf[j] : hashers[i - 1].out[j]; + } + + for(var j = 0; j < 256; j++) { + hashers[i].in[0][j] <== (current[j] - branch[i][j]) * isZero[i].out + branch[i][j]; + hashers[i].in[1][j] <== (branch[i][j] - current[j]) * isZero[i].out + current[j]; + } + } + + var counter = 0; + component isEqual[N+1]; + for(var i = 0; i < N; i++) { + isEqual[i] = IsEqual(); + isEqual[i].in[0] <== root[i]; + isEqual[i].in[1] <== hashers[N-1].out[i]; + counter += isEqual[i].out; + } + + isEqual[N] = IsEqual(); + + isEqual[N].in[0] <== N; + isEqual[N].in[1] <== counter; + + isEqual[N].out === 1; +>>>>>>> d933f94 (feat(circom): Pass K as argument in circuits and remove unused ouputs) } diff --git a/beacon-light-client/circom/circuits/light_client.circom b/beacon-light-client/circom/circuits/light_client.circom index 413bb7ba7..4a8fd56aa 100644 --- a/beacon-light-client/circom/circuits/light_client.circom +++ b/beacon-light-client/circom/circuits/light_client.circom @@ -181,7 +181,7 @@ template LightClient(N) { computeSigningRoot.domain[i] <== computeDomain.domain[i]; } - component hashToField = HashToField(); + component hashToField = HashToField(K); for(var i = 0; i < 256; i++) { hashToField.in[i] <== computeSigningRoot.signing_root[i]; @@ -275,7 +275,7 @@ template LightClient(N) { isValidMerkleBranchSyncCommittee.index <== 55 - arePeriodsEqual.out; - component aggregateKeys = AggregateKeysBitmask(N); + component aggregateKeys = AggregateKeysBitmask(N,K); for(var i = 0; i < N; i++) { for(var j = 0; j < 2; j++) { diff --git a/beacon-light-client/circom/scripts/aggregate_bitmask/aggregate_bitmask.circom b/beacon-light-client/circom/scripts/aggregate_bitmask/aggregate_bitmask.circom index 07aa1ceab..76e3536c2 100644 --- a/beacon-light-client/circom/scripts/aggregate_bitmask/aggregate_bitmask.circom +++ b/beacon-light-client/circom/scripts/aggregate_bitmask/aggregate_bitmask.circom @@ -2,5 +2,5 @@ pragma circom 2.0.3; include "../../circuits/aggregate_bitmask.circom"; -component main = AggregateKeysBitmask(512); +component main = AggregateKeysBitmask(512,7); diff --git a/beacon-light-client/circom/scripts/hash_to_field/hash_to_field.circom b/beacon-light-client/circom/scripts/hash_to_field/hash_to_field.circom index 6f48e9d4b..90399ec43 100644 --- a/beacon-light-client/circom/scripts/hash_to_field/hash_to_field.circom +++ b/beacon-light-client/circom/scripts/hash_to_field/hash_to_field.circom @@ -2,4 +2,4 @@ pragma circom 2.0.3; include "../../circuits/hash_to_field.circom"; -component main = HashToField(); +component main = HashToField(7); diff --git a/beacon-light-client/circom/test/aggregate_bitmask_N1/circuit.circom b/beacon-light-client/circom/test/aggregate_bitmask_N1/circuit.circom index 9e5775c4f..c6d995aa3 100644 --- a/beacon-light-client/circom/test/aggregate_bitmask_N1/circuit.circom +++ b/beacon-light-client/circom/test/aggregate_bitmask_N1/circuit.circom @@ -2,4 +2,4 @@ pragma circom 2.0.3; include "../../circuits/aggregate_bitmask.circom"; -component main = AggregateKeysBitmask(1); +component main = AggregateKeysBitmask(1,7); diff --git a/beacon-light-client/circom/test/aggregate_bitmask_N3/circuit.circom b/beacon-light-client/circom/test/aggregate_bitmask_N3/circuit.circom index bedf90d67..11d4c27e7 100644 --- a/beacon-light-client/circom/test/aggregate_bitmask_N3/circuit.circom +++ b/beacon-light-client/circom/test/aggregate_bitmask_N3/circuit.circom @@ -2,4 +2,4 @@ pragma circom 2.0.3; include "../../circuits/aggregate_bitmask.circom"; -component main = AggregateKeysBitmask(3); +component main = AggregateKeysBitmask(3,7); diff --git a/beacon-light-client/circom/test/hash_to_field/circuit.circom b/beacon-light-client/circom/test/hash_to_field/circuit.circom index 6f48e9d4b..90399ec43 100644 --- a/beacon-light-client/circom/test/hash_to_field/circuit.circom +++ b/beacon-light-client/circom/test/hash_to_field/circuit.circom @@ -2,4 +2,4 @@ pragma circom 2.0.3; include "../../circuits/hash_to_field.circom"; -component main = HashToField(); +component main = HashToField(7); From 9b88284ebef9d8b9896e20bdfb09bbd0627f5e66 Mon Sep 17 00:00:00 2001 From: Kristin Kirkov Date: Mon, 12 Jun 2023 11:24:49 +0300 Subject: [PATCH 2/5] feat(circom): Update scripts to circom 2.1.5 --- .../circom/scripts/aggregate_bitmask/aggregate_bitmask.circom | 2 +- beacon-light-client/circom/scripts/compress/compress.circom | 2 +- .../circom/scripts/compute_domain/compute_domain.circom | 2 +- .../scripts/compute_signing_root/compute_signing_root.circom | 2 +- .../circom/scripts/expand_message/expand_message.circom | 2 +- .../circom/scripts/hash_to_field/hash_to_field.circom | 3 ++- .../circom/scripts/hash_tree_root/hash_tree_root.circom | 2 +- .../hash_tree_root_beacon_header.circom | 2 +- .../circom/scripts/is_supermajority/is_supermajority.circom | 2 +- .../is_valid_merkle_branch/is_valid_merkle_branch.circom | 2 +- .../circom/scripts/light_client/light_client.circom | 2 +- .../light_client_recursive/light_client_recursive.circom | 2 +- .../circom/scripts/proof_efficient/proof_efficient.circom | 2 +- .../scripts/proof_more_efficient/proof_more_efficient.circom | 2 +- beacon-light-client/circom/scripts/test/test.circom | 2 +- 15 files changed, 16 insertions(+), 15 deletions(-) diff --git a/beacon-light-client/circom/scripts/aggregate_bitmask/aggregate_bitmask.circom b/beacon-light-client/circom/scripts/aggregate_bitmask/aggregate_bitmask.circom index 76e3536c2..5d4dfa877 100644 --- a/beacon-light-client/circom/scripts/aggregate_bitmask/aggregate_bitmask.circom +++ b/beacon-light-client/circom/scripts/aggregate_bitmask/aggregate_bitmask.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/aggregate_bitmask.circom"; diff --git a/beacon-light-client/circom/scripts/compress/compress.circom b/beacon-light-client/circom/scripts/compress/compress.circom index 091796b06..a205e39b0 100644 --- a/beacon-light-client/circom/scripts/compress/compress.circom +++ b/beacon-light-client/circom/scripts/compress/compress.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/compress.circom"; diff --git a/beacon-light-client/circom/scripts/compute_domain/compute_domain.circom b/beacon-light-client/circom/scripts/compute_domain/compute_domain.circom index b0406d4d4..956781407 100644 --- a/beacon-light-client/circom/scripts/compute_domain/compute_domain.circom +++ b/beacon-light-client/circom/scripts/compute_domain/compute_domain.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/compute_domain.circom"; diff --git a/beacon-light-client/circom/scripts/compute_signing_root/compute_signing_root.circom b/beacon-light-client/circom/scripts/compute_signing_root/compute_signing_root.circom index f2d7f7f1c..f436a05cf 100644 --- a/beacon-light-client/circom/scripts/compute_signing_root/compute_signing_root.circom +++ b/beacon-light-client/circom/scripts/compute_signing_root/compute_signing_root.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/compute_signing_root.circom"; diff --git a/beacon-light-client/circom/scripts/expand_message/expand_message.circom b/beacon-light-client/circom/scripts/expand_message/expand_message.circom index 949c274af..b167ae240 100644 --- a/beacon-light-client/circom/scripts/expand_message/expand_message.circom +++ b/beacon-light-client/circom/scripts/expand_message/expand_message.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/expand_message.circom"; diff --git a/beacon-light-client/circom/scripts/hash_to_field/hash_to_field.circom b/beacon-light-client/circom/scripts/hash_to_field/hash_to_field.circom index 90399ec43..db4163ea4 100644 --- a/beacon-light-client/circom/scripts/hash_to_field/hash_to_field.circom +++ b/beacon-light-client/circom/scripts/hash_to_field/hash_to_field.circom @@ -1,4 +1,5 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; + include "../../circuits/hash_to_field.circom"; diff --git a/beacon-light-client/circom/scripts/hash_tree_root/hash_tree_root.circom b/beacon-light-client/circom/scripts/hash_tree_root/hash_tree_root.circom index 58f2104f7..16aa75c3c 100644 --- a/beacon-light-client/circom/scripts/hash_tree_root/hash_tree_root.circom +++ b/beacon-light-client/circom/scripts/hash_tree_root/hash_tree_root.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/hash_tree_root.circom"; diff --git a/beacon-light-client/circom/scripts/hash_tree_root_beacon_header/hash_tree_root_beacon_header.circom b/beacon-light-client/circom/scripts/hash_tree_root_beacon_header/hash_tree_root_beacon_header.circom index 5a7034d1b..db0c47156 100644 --- a/beacon-light-client/circom/scripts/hash_tree_root_beacon_header/hash_tree_root_beacon_header.circom +++ b/beacon-light-client/circom/scripts/hash_tree_root_beacon_header/hash_tree_root_beacon_header.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/hash_tree_root_beacon_header.circom"; diff --git a/beacon-light-client/circom/scripts/is_supermajority/is_supermajority.circom b/beacon-light-client/circom/scripts/is_supermajority/is_supermajority.circom index 7a65605ab..86361af2e 100644 --- a/beacon-light-client/circom/scripts/is_supermajority/is_supermajority.circom +++ b/beacon-light-client/circom/scripts/is_supermajority/is_supermajority.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/is_supermajority.circom"; diff --git a/beacon-light-client/circom/scripts/is_valid_merkle_branch/is_valid_merkle_branch.circom b/beacon-light-client/circom/scripts/is_valid_merkle_branch/is_valid_merkle_branch.circom index 0d6a90183..08b644da1 100644 --- a/beacon-light-client/circom/scripts/is_valid_merkle_branch/is_valid_merkle_branch.circom +++ b/beacon-light-client/circom/scripts/is_valid_merkle_branch/is_valid_merkle_branch.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/is_valid_merkle_branch.circom"; diff --git a/beacon-light-client/circom/scripts/light_client/light_client.circom b/beacon-light-client/circom/scripts/light_client/light_client.circom index 1920040ee..1cd428996 100644 --- a/beacon-light-client/circom/scripts/light_client/light_client.circom +++ b/beacon-light-client/circom/scripts/light_client/light_client.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/light_client.circom"; diff --git a/beacon-light-client/circom/scripts/light_client_recursive/light_client_recursive.circom b/beacon-light-client/circom/scripts/light_client_recursive/light_client_recursive.circom index df24c6ac9..3b5a39ee6 100644 --- a/beacon-light-client/circom/scripts/light_client_recursive/light_client_recursive.circom +++ b/beacon-light-client/circom/scripts/light_client_recursive/light_client_recursive.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/light_client_recursive.circom"; diff --git a/beacon-light-client/circom/scripts/proof_efficient/proof_efficient.circom b/beacon-light-client/circom/scripts/proof_efficient/proof_efficient.circom index 42c4e1288..37bb9c463 100644 --- a/beacon-light-client/circom/scripts/proof_efficient/proof_efficient.circom +++ b/beacon-light-client/circom/scripts/proof_efficient/proof_efficient.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/proof_efficient.circom"; diff --git a/beacon-light-client/circom/scripts/proof_more_efficient/proof_more_efficient.circom b/beacon-light-client/circom/scripts/proof_more_efficient/proof_more_efficient.circom index 6fce355e0..2df5bded3 100644 --- a/beacon-light-client/circom/scripts/proof_more_efficient/proof_more_efficient.circom +++ b/beacon-light-client/circom/scripts/proof_more_efficient/proof_more_efficient.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/proof_more_efficient.circom"; diff --git a/beacon-light-client/circom/scripts/test/test.circom b/beacon-light-client/circom/scripts/test/test.circom index 4f5764c7f..ad398f21e 100644 --- a/beacon-light-client/circom/scripts/test/test.circom +++ b/beacon-light-client/circom/scripts/test/test.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../../node_modules/circomlib/circuits/gates.circom"; include "../../../../vendor/circom-pairing/circuits/bn254/groth16.circom"; From f39bfdd4b41db6f20f2e45a76cbe83d6bf235f23 Mon Sep 17 00:00:00 2001 From: Kristin Kirkov Date: Mon, 12 Jun 2023 11:26:08 +0300 Subject: [PATCH 3/5] feat(circom): Update tests to circom 2.1.5 --- .../circom/test/aggregate_bitmask_N1/circuit.circom | 2 +- .../circom/test/aggregate_bitmask_N3/circuit.circom | 2 +- beacon-light-client/circom/test/compress/circuit.circom | 2 +- beacon-light-client/circom/test/compute_domain/circuit.circom | 2 +- .../circom/test/compute_signing_root/circuit.circom | 2 +- beacon-light-client/circom/test/expand_message/circuit.circom | 2 +- beacon-light-client/circom/test/hash_to_field/circuit.circom | 2 +- beacon-light-client/circom/test/hash_tree_root/circuit.circom | 2 +- .../circom/test/hash_tree_root_beacon_header/circuit.circom | 2 +- beacon-light-client/circom/test/hash_two/circuit.circom | 2 +- beacon-light-client/circom/test/is_first/circuit.circom | 2 +- beacon-light-client/circom/test/is_supermajority/circuit.circom | 2 +- .../circom/test/is_valid_merkle_branch/circuit.circom | 2 +- beacon-light-client/circom/test/numbersTo256Bits/circuit.circom | 2 +- beacon-light-client/circom/test/ssz_num/circuit.circom | 2 +- .../circom/test/sync_commitee_hash_tree_root/circuit.circom | 2 +- 16 files changed, 16 insertions(+), 16 deletions(-) diff --git a/beacon-light-client/circom/test/aggregate_bitmask_N1/circuit.circom b/beacon-light-client/circom/test/aggregate_bitmask_N1/circuit.circom index c6d995aa3..519ab5b57 100644 --- a/beacon-light-client/circom/test/aggregate_bitmask_N1/circuit.circom +++ b/beacon-light-client/circom/test/aggregate_bitmask_N1/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/aggregate_bitmask.circom"; diff --git a/beacon-light-client/circom/test/aggregate_bitmask_N3/circuit.circom b/beacon-light-client/circom/test/aggregate_bitmask_N3/circuit.circom index 11d4c27e7..aa8305b69 100644 --- a/beacon-light-client/circom/test/aggregate_bitmask_N3/circuit.circom +++ b/beacon-light-client/circom/test/aggregate_bitmask_N3/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/aggregate_bitmask.circom"; diff --git a/beacon-light-client/circom/test/compress/circuit.circom b/beacon-light-client/circom/test/compress/circuit.circom index c1d185939..a55a1339d 100644 --- a/beacon-light-client/circom/test/compress/circuit.circom +++ b/beacon-light-client/circom/test/compress/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/compress.circom"; diff --git a/beacon-light-client/circom/test/compute_domain/circuit.circom b/beacon-light-client/circom/test/compute_domain/circuit.circom index b0406d4d4..956781407 100644 --- a/beacon-light-client/circom/test/compute_domain/circuit.circom +++ b/beacon-light-client/circom/test/compute_domain/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/compute_domain.circom"; diff --git a/beacon-light-client/circom/test/compute_signing_root/circuit.circom b/beacon-light-client/circom/test/compute_signing_root/circuit.circom index f2d7f7f1c..f436a05cf 100644 --- a/beacon-light-client/circom/test/compute_signing_root/circuit.circom +++ b/beacon-light-client/circom/test/compute_signing_root/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/compute_signing_root.circom"; diff --git a/beacon-light-client/circom/test/expand_message/circuit.circom b/beacon-light-client/circom/test/expand_message/circuit.circom index 949c274af..b167ae240 100644 --- a/beacon-light-client/circom/test/expand_message/circuit.circom +++ b/beacon-light-client/circom/test/expand_message/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/expand_message.circom"; diff --git a/beacon-light-client/circom/test/hash_to_field/circuit.circom b/beacon-light-client/circom/test/hash_to_field/circuit.circom index 90399ec43..9bca49e82 100644 --- a/beacon-light-client/circom/test/hash_to_field/circuit.circom +++ b/beacon-light-client/circom/test/hash_to_field/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/hash_to_field.circom"; diff --git a/beacon-light-client/circom/test/hash_tree_root/circuit.circom b/beacon-light-client/circom/test/hash_tree_root/circuit.circom index e4900392e..979572362 100644 --- a/beacon-light-client/circom/test/hash_tree_root/circuit.circom +++ b/beacon-light-client/circom/test/hash_tree_root/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/hash_tree_root.circom"; diff --git a/beacon-light-client/circom/test/hash_tree_root_beacon_header/circuit.circom b/beacon-light-client/circom/test/hash_tree_root_beacon_header/circuit.circom index de3b873c9..1d1a89be9 100644 --- a/beacon-light-client/circom/test/hash_tree_root_beacon_header/circuit.circom +++ b/beacon-light-client/circom/test/hash_tree_root_beacon_header/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/hash_tree_root_beacon_header.circom"; diff --git a/beacon-light-client/circom/test/hash_two/circuit.circom b/beacon-light-client/circom/test/hash_two/circuit.circom index 8e5dafd5d..653f5afbb 100644 --- a/beacon-light-client/circom/test/hash_two/circuit.circom +++ b/beacon-light-client/circom/test/hash_two/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/hash_two.circom"; diff --git a/beacon-light-client/circom/test/is_first/circuit.circom b/beacon-light-client/circom/test/is_first/circuit.circom index 69b51e417..a3cc6e343 100644 --- a/beacon-light-client/circom/test/is_first/circuit.circom +++ b/beacon-light-client/circom/test/is_first/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../../node_modules/circomlib/circuits/gates.circom"; include "../../circuits/is_first.circom"; diff --git a/beacon-light-client/circom/test/is_supermajority/circuit.circom b/beacon-light-client/circom/test/is_supermajority/circuit.circom index b185373c0..45545ed8f 100644 --- a/beacon-light-client/circom/test/is_supermajority/circuit.circom +++ b/beacon-light-client/circom/test/is_supermajority/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/is_supermajority.circom"; diff --git a/beacon-light-client/circom/test/is_valid_merkle_branch/circuit.circom b/beacon-light-client/circom/test/is_valid_merkle_branch/circuit.circom index b3f153185..2f7be3c6a 100644 --- a/beacon-light-client/circom/test/is_valid_merkle_branch/circuit.circom +++ b/beacon-light-client/circom/test/is_valid_merkle_branch/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/is_valid_merkle_branch.circom"; diff --git a/beacon-light-client/circom/test/numbersTo256Bits/circuit.circom b/beacon-light-client/circom/test/numbersTo256Bits/circuit.circom index 1a570b911..5614b6367 100644 --- a/beacon-light-client/circom/test/numbersTo256Bits/circuit.circom +++ b/beacon-light-client/circom/test/numbersTo256Bits/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/numbersTo256Bits.circom"; diff --git a/beacon-light-client/circom/test/ssz_num/circuit.circom b/beacon-light-client/circom/test/ssz_num/circuit.circom index 326cfa423..16d101899 100644 --- a/beacon-light-client/circom/test/ssz_num/circuit.circom +++ b/beacon-light-client/circom/test/ssz_num/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/ssz_num.circom"; diff --git a/beacon-light-client/circom/test/sync_commitee_hash_tree_root/circuit.circom b/beacon-light-client/circom/test/sync_commitee_hash_tree_root/circuit.circom index 7fcee3e49..c5323cb7f 100644 --- a/beacon-light-client/circom/test/sync_commitee_hash_tree_root/circuit.circom +++ b/beacon-light-client/circom/test/sync_commitee_hash_tree_root/circuit.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../circuits/sync_commitee_hash_tree_root.circom"; include "../../circuits/hash_tree_root.circom"; From 18b8ab1b052cced2478921f118d0a1fbe83110a9 Mon Sep 17 00:00:00 2001 From: Kristin Kirkov Date: Mon, 12 Jun 2023 11:29:26 +0300 Subject: [PATCH 4/5] feat(circom): Add new circuit to hash a 384bit Key --- .../circuits/hash_aggregated_key.circom | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 beacon-light-client/circom/circuits/hash_aggregated_key.circom diff --git a/beacon-light-client/circom/circuits/hash_aggregated_key.circom b/beacon-light-client/circom/circuits/hash_aggregated_key.circom new file mode 100644 index 000000000..cd8ddd5d7 --- /dev/null +++ b/beacon-light-client/circom/circuits/hash_aggregated_key.circom @@ -0,0 +1,26 @@ +pragma circom 2.1.5; + +include "../../../node_modules/circomlib/circuits/sha256/sha256.circom"; + +template hashAggregatedKey(){ + signal input aggregatedKey[384]; + signal output out[256]; + + component hash = Sha256(512); + + for(var i = 0; i < 384; i++) { + hash.in[i] <== aggregatedKey[i]; + } + + for(var i = 384; i < 512; i++) { + hash.in[i] <== 0; + } + + for(var i = 0; i < 256; i++) { + out[i] <== hash.out[i]; + } + + +} + +component main = hashAggregatedKey(); From b8a0a658fe801e2d0cd3b76d7c7f59961ca7b338 Mon Sep 17 00:00:00 2001 From: Kristin Kirkov Date: Mon, 12 Jun 2023 11:32:07 +0300 Subject: [PATCH 5/5] feat(circom): Update circuits for circom 2.1.5 --- .../circom/circuits/aggregate_bitmask.circom | 2 +- .../bitmask_contains_only_bools.circom | 2 +- .../circom/circuits/compress.circom | 11 +- .../circom/circuits/compute_domain.circom | 15 +- .../circuits/compute_signing_root.circom | 17 +- .../circom/circuits/expand_message.circom | 9 +- .../circuits/hash_aggregated_key.circom | 2 - .../circom/circuits/hash_to_field.circom | 21 +- .../circom/circuits/hash_tree_root.circom | 18 +- .../hash_tree_root_beacon_header.circom | 35 +-- .../circom/circuits/hash_two.circom | 15 +- .../circom/circuits/is_first.circom | 18 +- .../circom/circuits/is_supermajority.circom | 8 +- .../circuits/is_valid_merkle_branch.circom | 40 +-- .../circom/circuits/light_client.circom | 245 +++--------------- .../circuits/light_client_recursive.circom | 2 +- .../circom/circuits/numbersTo256Bits.circom | 12 +- .../circom/circuits/ssz_num.circom | 7 +- .../sync_commitee_hash_tree_root.circom | 34 +-- .../circuits/verify_finalized_header.circom | 2 +- 20 files changed, 107 insertions(+), 408 deletions(-) diff --git a/beacon-light-client/circom/circuits/aggregate_bitmask.circom b/beacon-light-client/circom/circuits/aggregate_bitmask.circom index b9500c629..f977350d0 100644 --- a/beacon-light-client/circom/circuits/aggregate_bitmask.circom +++ b/beacon-light-client/circom/circuits/aggregate_bitmask.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../vendor/circom-pairing/circuits/curve.circom"; diff --git a/beacon-light-client/circom/circuits/bitmask_contains_only_bools.circom b/beacon-light-client/circom/circuits/bitmask_contains_only_bools.circom index 8fced5315..9d168c205 100644 --- a/beacon-light-client/circom/circuits/bitmask_contains_only_bools.circom +++ b/beacon-light-client/circom/circuits/bitmask_contains_only_bools.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../node_modules/circomlib/circuits/comparators.circom"; diff --git a/beacon-light-client/circom/circuits/compress.circom b/beacon-light-client/circom/circuits/compress.circom index 312ec5f28..09a0a32a6 100644 --- a/beacon-light-client/circom/circuits/compress.circom +++ b/beacon-light-client/circom/circuits/compress.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../vendor/circom-pairing/circuits/bigint.circom"; @@ -10,12 +10,7 @@ template Compress() { // CURVE.P / 2 var prime[7] = [35888059530597717, 36027359614205881, 18556878317960535, 21977360498475850, 26290126778424359, 29735955799434292, 914940731273212]; - component lessThan = BigLessThan(55, 7); - - for(var i = 0; i < 7; i++) { - lessThan.b[i] <== point[1][i]; - lessThan.a[i] <== prime[i]; - } + signal lessThan <== BigLessThan(55, 7)(prime, point[1]); component num2Bits[7]; @@ -30,5 +25,5 @@ template Compress() { bits[0] <== 1; bits[1] <== 0; - bits[2] <== lessThan.out; + bits[2] <== lessThan; } diff --git a/beacon-light-client/circom/circuits/compute_domain.circom b/beacon-light-client/circom/circuits/compute_domain.circom index f36f9bef6..37489de30 100644 --- a/beacon-light-client/circom/circuits/compute_domain.circom +++ b/beacon-light-client/circom/circuits/compute_domain.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "hash_two.circom"; @@ -9,25 +9,22 @@ template ComputeDomain() { signal input GENESIS_VALIDATORS_ROOT[256]; signal input DOMAIN_SYNC_COMMITTEE[32]; - component hashTwo = HashTwo(); + signal concated_fork_version[256]; for(var i = 0; i < 32; i++) { - hashTwo.in[0][i] <== fork_version[i]; + concated_fork_version[i] <== fork_version[i]; } - for(var i = 32; i < 256; i++) { - hashTwo.in[0][i] <== 0; + concated_fork_version[i] <== 0; } - for(var i = 0; i < 256; i++) { - hashTwo.in[1][i] <== GENESIS_VALIDATORS_ROOT[i]; - } + signal hashTwo[256] <== HashTwo()([concated_fork_version,GENESIS_VALIDATORS_ROOT]); for(var i = 0; i < 32; i++) { domain[i] <== DOMAIN_SYNC_COMMITTEE[i]; } for(var i = 32; i < 256; i++) { - domain[i] <== hashTwo.out[i - 32]; + domain[i] <== hashTwo[i - 32]; } } diff --git a/beacon-light-client/circom/circuits/compute_signing_root.circom b/beacon-light-client/circom/circuits/compute_signing_root.circom index c0393d706..9eb6ffad1 100644 --- a/beacon-light-client/circom/circuits/compute_signing_root.circom +++ b/beacon-light-client/circom/circuits/compute_signing_root.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "compute_domain.circom"; @@ -10,18 +10,7 @@ template ComputeSigningRoot() { signal output signing_root[256]; - component hashTwo = HashTwo(); + signal hashTwo[256] <== HashTwo()([headerHash,domain]); - for(var i = 0; i < 256; i++) { - hashTwo.in[0][i] <== headerHash[i]; - } - - for(var i = 0; i < 256; i++) { - hashTwo.in[1][i] <== domain[i]; - } - - - for(var i = 0; i < 256; i++) { - signing_root[i] <== hashTwo.out[i]; - } + signing_root <== hashTwo; } diff --git a/beacon-light-client/circom/circuits/expand_message.circom b/beacon-light-client/circom/circuits/expand_message.circom index 9b8ad792b..70ba249b6 100644 --- a/beacon-light-client/circom/circuits/expand_message.circom +++ b/beacon-light-client/circom/circuits/expand_message.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../node_modules/circomlib/circuits/sha256/sha256.circom"; include "../../../node_modules/circomlib/circuits/bitify.circom"; @@ -31,12 +31,7 @@ template ExpandMessage() { b_0Sha.in[i] <== BIG_SIG_DST[i - 792]; } - - var b_0[256]; - - for(var i = 0; i < 256; i++) { - b_0[i] = b_0Sha.out[i]; - } + var b_0[256] = b_0Sha.out; component prevSha256[8]; diff --git a/beacon-light-client/circom/circuits/hash_aggregated_key.circom b/beacon-light-client/circom/circuits/hash_aggregated_key.circom index cd8ddd5d7..b3be206b5 100644 --- a/beacon-light-client/circom/circuits/hash_aggregated_key.circom +++ b/beacon-light-client/circom/circuits/hash_aggregated_key.circom @@ -22,5 +22,3 @@ template hashAggregatedKey(){ } - -component main = hashAggregatedKey(); diff --git a/beacon-light-client/circom/circuits/hash_to_field.circom b/beacon-light-client/circom/circuits/hash_to_field.circom index e6de3f9a5..6da5746ad 100644 --- a/beacon-light-client/circom/circuits/hash_to_field.circom +++ b/beacon-light-client/circom/circuits/hash_to_field.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "expand_message.circom"; include "../../../vendor/circom-pairing/circuits/bigint.circom"; @@ -7,11 +7,7 @@ template HashToField(K) { signal input in[256]; signal output out[2][2][K]; - component expand_message = ExpandMessage(); - - for(var i = 0; i < 256; i++) { - expand_message.in[i] <== in[i]; - } + signal expand_message[2048] <== ExpandMessage()(in); component bigInts[2][2][10]; @@ -19,7 +15,7 @@ template HashToField(K) { for(var j = 0; j < 2; j++) { bigInts[i][j][9] = Bits2Num(55); for(var i1=0; i1 < 17; i1++) { - bigInts[i][j][9].in[16 - i1] <== expand_message.out[i * 1024 + j * 512 + i1]; + bigInts[i][j][9].in[16 - i1] <== expand_message[i * 1024 + j * 512 + i1]; } for(var i1 = 17; i1 < 55; i1++) { @@ -29,7 +25,7 @@ template HashToField(K) { for(var k = 8; k >= 0; k--) { bigInts[i][j][k] = Bits2Num(55); for(var i1 = 0; i1 < 55; i1++) { - bigInts[i][j][k].in[54 - i1] <== expand_message.out[i * 1024 + j * 512 + (8-k) * 55 + i1 + 17]; + bigInts[i][j][k].in[54 - i1] <== expand_message[i * 1024 + j * 512 + (8-k) * 55 + i1 + 17]; } } } @@ -51,17 +47,14 @@ template HashToField(K) { bigMod[i][j].a[k] <== 0; } - for(var k = 0; k < 7; k++) { - bigMod[i][j].b[k] <== p[k]; - } + bigMod[i][j].b <== p; + } } for(var i = 0; i < 2; i++) { for(var j = 0; j < 2; j++) { - for(var k = 0; k < 7; k++) { - out[i][j][k] <== bigMod[i][j].mod[k]; - } + out[i][j] <== bigMod[i][j].mod; } } } diff --git a/beacon-light-client/circom/circuits/hash_tree_root.circom b/beacon-light-client/circom/circuits/hash_tree_root.circom index eda937478..7ebf07493 100644 --- a/beacon-light-client/circom/circuits/hash_tree_root.circom +++ b/beacon-light-client/circom/circuits/hash_tree_root.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../node_modules/circomlib/circuits/sha256/sha256.circom"; include "hash_two.circom"; @@ -15,24 +15,18 @@ template HashTreeRoot(N) { } for(var i = 0; i < N / 2; i++) { - for(var j = 0; j < 256; j++) { - hashers[i].in[0][j] <== leaves[i * 2][j]; - hashers[i].in[1][j] <== leaves[i * 2 + 1][j]; - } + hashers[i].in[0] <== leaves[i * 2]; + hashers[i].in[1] <== leaves[i * 2 + 1]; } var k = 0; for(var i = N / 2; i < N - 1; i++) { - for(var j = 0; j < 256; j++) { - hashers[i].in[0][j] <== hashers[k * 2].out[j]; - hashers[i].in[1][j] <== hashers[k * 2 + 1].out[j]; - } + hashers[i].in[0] <== hashers[k * 2].out; + hashers[i].in[1] <== hashers[k * 2 + 1].out; k++; } - for(var i = 0; i < 256; i++) { - out[i] <== hashers[N - 2].out[i]; - } + out <== hashers[N - 2].out; } diff --git a/beacon-light-client/circom/circuits/hash_tree_root_beacon_header.circom b/beacon-light-client/circom/circuits/hash_tree_root_beacon_header.circom index 3a629aa67..72615161b 100644 --- a/beacon-light-client/circom/circuits/hash_tree_root_beacon_header.circom +++ b/beacon-light-client/circom/circuits/hash_tree_root_beacon_header.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "hash_two.circom"; include "hash_tree_root.circom"; @@ -12,35 +12,16 @@ template HashTreeRootBeaconHeader() { signal output out[256]; - component hashTreeRoot = HashTreeRoot(8); + signal zerosArr[3][256]; - for(var i = 0; i < 256; i++) { - hashTreeRoot.leaves[0][i] <== slot[i]; - } - - for(var i = 0; i < 256; i++) { - hashTreeRoot.leaves[1][i] <== proposer_index[i]; - } - - for(var i = 0; i < 256; i++) { - hashTreeRoot.leaves[2][i] <== parent_root[i]; - } - - for(var i = 0; i < 256; i++) { - hashTreeRoot.leaves[3][i] <== state_root[i]; - } - - for(var i = 0; i < 256; i++) { - hashTreeRoot.leaves[4][i] <== body_root[i]; - } - - for(var i = 5; i < 8; i++) { + for(var i = 0; i < 3; i++) { for(var j = 0; j < 256; j++) { - hashTreeRoot.leaves[i][j] <== 0; + zerosArr[i][j] <== 0; } } - for(var i = 0; i < 256; i++) { - out[i] <== hashTreeRoot.out[i]; - } + signal hashTreeRoot[256] <== HashTreeRoot(8)([slot, proposer_index, + parent_root, state_root, body_root, zerosArr[0], zerosArr[1], zerosArr[2]]); + + out <== hashTreeRoot; } diff --git a/beacon-light-client/circom/circuits/hash_two.circom b/beacon-light-client/circom/circuits/hash_two.circom index 2eab63ead..1cf2bc793 100644 --- a/beacon-light-client/circom/circuits/hash_two.circom +++ b/beacon-light-client/circom/circuits/hash_two.circom @@ -1,6 +1,5 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; -include "hash_two.circom"; include "../../../node_modules/circomlib/circuits/sha256/sha256.circom"; template HashTwo() { @@ -8,17 +7,17 @@ template HashTwo() { signal output out[256]; - component sha256 = Sha256(512); + signal concateneted[512]; for(var i = 0; i < 256; i++) { - sha256.in[i] <== in[0][i]; + concateneted[i] <== in[0][i]; } for(var i = 256; i < 512; i++) { - sha256.in[i] <== in[1][i - 256]; + concateneted[i] <== in[1][i - 256]; } - for(var i = 0; i < 256; i++) { - out[i] <== sha256.out[i]; - } + signal sha256[256] <== Sha256(512)(concateneted); + + out <== sha256; } diff --git a/beacon-light-client/circom/circuits/is_first.circom b/beacon-light-client/circom/circuits/is_first.circom index e9437212b..4fa754b02 100644 --- a/beacon-light-client/circom/circuits/is_first.circom +++ b/beacon-light-client/circom/circuits/is_first.circom @@ -1,6 +1,7 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../node_modules/circomlib/circuits/comparators.circom"; +// include "../../../node_modules/circomlib/circuits/gates.circom"; template IsFirst() { signal input firstHash[2]; @@ -8,18 +9,11 @@ template IsFirst() { signal output out; - component isEqual1 = IsEqual(); - isEqual1.in[0] <== firstHash[0]; - isEqual1.in[1] <== secondHash[0]; + signal isEqual1 <== IsEqual()([firstHash[0],secondHash[0]]); - component isEqual2 = IsEqual(); - isEqual2.in[0] <== firstHash[1]; - isEqual2.in[1] <== secondHash[1]; + signal isEqual2 <== IsEqual()([firstHash[1],secondHash[1]]); - component and = AND(); + signal and <== AND()(isEqual1,isEqual2); - and.a <== isEqual1.out; - and.b <== isEqual2.out; - - out <== and.out; + out <== and; } diff --git a/beacon-light-client/circom/circuits/is_supermajority.circom b/beacon-light-client/circom/circuits/is_supermajority.circom index 53d21c08c..5303fb479 100644 --- a/beacon-light-client/circom/circuits/is_supermajority.circom +++ b/beacon-light-client/circom/circuits/is_supermajority.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../node_modules/circomlib/circuits/comparators.circom"; @@ -11,9 +11,7 @@ template IsSuperMajority(N) { sum += bitmask[i]; } // check if 1s are more then 2/3 of the bitmask - component greaterThan = GreaterEqThan(252); - greaterThan.in[0] <== sum * 3; - greaterThan.in[1] <== 2 * N; + signal greaterThan <== GreaterEqThan(252)([sum * 3, 2 * N]); - greaterThan.out === 1; + greaterThan === 1; } diff --git a/beacon-light-client/circom/circuits/is_valid_merkle_branch.circom b/beacon-light-client/circom/circuits/is_valid_merkle_branch.circom index 5ec353025..80ee27b04 100644 --- a/beacon-light-client/circom/circuits/is_valid_merkle_branch.circom +++ b/beacon-light-client/circom/circuits/is_valid_merkle_branch.circom @@ -10,46 +10,8 @@ template IsValidMerkleBranch(N) { signal input root[256]; signal input index; -<<<<<<< HEAD signal isValidBalanceBranchOut <== IsValidMerkleBranchOut(N)(branch, leaf, root, index); isValidBalanceBranchOut === 1; -======= - component hashers[N]; - component isZero[N]; - - for(var i = 0; i < N; i++) { - hashers[i] = HashTwo(); - isZero[i] = IsZero(); - - isZero[i].in <-- (index \ (2**i)) % 2; - - var current[256]; - - for(var j = 0; j < 256; j++) { - current[j] = i == 0 ? leaf[j] : hashers[i - 1].out[j]; - } - - for(var j = 0; j < 256; j++) { - hashers[i].in[0][j] <== (current[j] - branch[i][j]) * isZero[i].out + branch[i][j]; - hashers[i].in[1][j] <== (branch[i][j] - current[j]) * isZero[i].out + current[j]; - } - } - - var counter = 0; - component isEqual[N+1]; - for(var i = 0; i < N; i++) { - isEqual[i] = IsEqual(); - isEqual[i].in[0] <== root[i]; - isEqual[i].in[1] <== hashers[N-1].out[i]; - counter += isEqual[i].out; - } - - isEqual[N] = IsEqual(); - - isEqual[N].in[0] <== N; - isEqual[N].in[1] <== counter; - - isEqual[N].out === 1; ->>>>>>> d933f94 (feat(circom): Pass K as argument in circuits and remove unused ouputs) } + diff --git a/beacon-light-client/circom/circuits/light_client.circom b/beacon-light-client/circom/circuits/light_client.circom index 4a8fd56aa..ecb9354e9 100644 --- a/beacon-light-client/circom/circuits/light_client.circom +++ b/beacon-light-client/circom/circuits/light_client.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "sync_commitee_hash_tree_root.circom"; include "compress.circom"; @@ -55,137 +55,47 @@ template LightClient(N) { signal output output_commitment[2]; - component signatureSlotGreaterThanNext = GreaterThan(64); - signatureSlotGreaterThanNext.in[0] <== signatureSlot; - signatureSlotGreaterThanNext.in[1] <== nextHeaderSlot; - signatureSlotGreaterThanNext.out === 1; + signal signatureSlotGreaterThanNext <== GreaterThan(64)([signatureSlot,nextHeaderSlot]); + signatureSlotGreaterThanNext === 1; - component nextHeaderSlotGreaterThanPrevFinalized = GreaterThan(64); - nextHeaderSlotGreaterThanPrevFinalized.in[0] <== nextHeaderSlot; - nextHeaderSlotGreaterThanPrevFinalized.in[1] <== prevHeaderFinalizedSlot; - nextHeaderSlotGreaterThanPrevFinalized.out === 1; + signal nextHeaderSlotGreaterThanPrevFinalized <== GreaterThan(64)([nextHeaderSlot,prevHeaderFinalizedSlot]); + nextHeaderSlotGreaterThanPrevFinalized === 1; - component signatureSlotSyncCommitteePeriodLessThan = LessEqThan(64); - signatureSlotSyncCommitteePeriodLessThan.in[0] <== signatureSlotSyncCommitteePeriod * 8192; - signatureSlotSyncCommitteePeriodLessThan.in[1] <== signatureSlot; - signatureSlotSyncCommitteePeriodLessThan.out === 1; + signal signatureSlotSyncCommitteePeriodLessThan <== LessEqThan(64)([signatureSlotSyncCommitteePeriod * 8192,signatureSlot]); + signatureSlotSyncCommitteePeriodLessThan === 1; - component signatureSlotSyncCommitteePeriodGreaterThan = GreaterEqThan(64); - signatureSlotSyncCommitteePeriodGreaterThan.in[0] <== signatureSlotSyncCommitteePeriod * 8192; - signatureSlotSyncCommitteePeriodGreaterThan.in[1] <== signatureSlot - 8192; - signatureSlotSyncCommitteePeriodGreaterThan.out === 1; + signal signatureSlotSyncCommitteePeriodGreaterThan <== GreaterEqThan(64)([signatureSlotSyncCommitteePeriod * 8192,signatureSlot - 8192]); + signatureSlotSyncCommitteePeriodGreaterThan === 1; - component finalizedHeaderSlotSyncCommitteePeriodLessThan = LessEqThan(64); - finalizedHeaderSlotSyncCommitteePeriodLessThan.in[0] <== finalizedHeaderSlotSyncCommitteePeriod * 8192; - finalizedHeaderSlotSyncCommitteePeriodLessThan.in[1] <== prevHeaderFinalizedSlot; - finalizedHeaderSlotSyncCommitteePeriodLessThan.out === 1; + signal finalizedHeaderSlotSyncCommitteePeriodLessThan <== LessEqThan(64)([finalizedHeaderSlotSyncCommitteePeriod * 8192,prevHeaderFinalizedSlot]); + finalizedHeaderSlotSyncCommitteePeriodLessThan === 1; - component finalizedHeaderSlotSyncCommitteePeriodGreaterThan = GreaterEqThan(64); - finalizedHeaderSlotSyncCommitteePeriodGreaterThan.in[0] <== finalizedHeaderSlotSyncCommitteePeriod * 8192; - finalizedHeaderSlotSyncCommitteePeriodGreaterThan.in[1] <== prevHeaderFinalizedSlot - 8192; - finalizedHeaderSlotSyncCommitteePeriodGreaterThan.out === 1; + signal finalizedHeaderSlotSyncCommitteePeriodGreaterThan <== GreaterEqThan(64)([finalizedHeaderSlotSyncCommitteePeriod * 8192,prevHeaderFinalizedSlot - 8192]); + finalizedHeaderSlotSyncCommitteePeriodGreaterThan === 1; - component signaturePeriodNotMoreThanOnePeriodAboveFinalizedPeriod = GreaterEqThan(64); - signaturePeriodNotMoreThanOnePeriodAboveFinalizedPeriod.in[0] <== finalizedHeaderSlotSyncCommitteePeriod + 1; - signaturePeriodNotMoreThanOnePeriodAboveFinalizedPeriod.in[1] <== signatureSlotSyncCommitteePeriod; - signaturePeriodNotMoreThanOnePeriodAboveFinalizedPeriod.out === 1; + signal signaturePeriodNotMoreThanOnePeriodAboveFinalizedPeriod <== GreaterEqThan(64)([finalizedHeaderSlotSyncCommitteePeriod+1,signatureSlotSyncCommitteePeriod]); + signaturePeriodNotMoreThanOnePeriodAboveFinalizedPeriod === 1; - component prevHeaderFinalizedSlotSSZ = SSZNum(64); - prevHeaderFinalizedSlotSSZ.in <== prevHeaderFinalizedSlot; + signal prevHeaderFinalizedSlotSSZ[256] <== SSZNum(64)(prevHeaderFinalizedSlot); - component nextHeaderSlotSSZ = SSZNum(64); - nextHeaderSlotSSZ.in <== nextHeaderSlot; + signal nextHeaderSlotSSZ[256] <== SSZNum(64)(nextHeaderSlot); - component isValidMerkleBranchPrevHeaderSlot = IsValidMerkleBranch(3); + IsValidMerkleBranch(3)(prevHeaderFinalizedSlotBranch,prevHeaderFinalizedSlotSSZ,prevFinalizedHeaderRoot,8); - for(var i = 0; i < 256; i++) { - isValidMerkleBranchPrevHeaderSlot.leaf[i] <== prevHeaderFinalizedSlotSSZ.out[i]; - isValidMerkleBranchPrevHeaderSlot.root[i] <== prevFinalizedHeaderRoot[i]; - } - - for(var i = 0; i < 3; i++) { - for(var j = 0; j < 256; j++) { - isValidMerkleBranchPrevHeaderSlot.branch[i][j] <== prevHeaderFinalizedSlotBranch[i][j]; - } - } - - isValidMerkleBranchPrevHeaderSlot.index <== 8; - - component isValidMerkleBranchPrevHeaderFinalizedStateRoot = IsValidMerkleBranch(3); - - for(var i = 0; i < 256; i++) { - isValidMerkleBranchPrevHeaderFinalizedStateRoot.leaf[i] <== prevHeaderFinalizedStateRoot[i]; - isValidMerkleBranchPrevHeaderFinalizedStateRoot.root[i] <== prevFinalizedHeaderRoot[i]; - } - - for(var i = 0; i < 3; i++) { - for(var j = 0; j < 256; j++) { - isValidMerkleBranchPrevHeaderFinalizedStateRoot.branch[i][j] <== prevHeaderFinalizedStateRootBranch[i][j]; - } - } - - isValidMerkleBranchPrevHeaderFinalizedStateRoot.index <== 11; - - - component isValidMerkleBranchNextHeaderSlot = IsValidMerkleBranch(3); - - for(var i = 0; i < 256; i++) { - isValidMerkleBranchNextHeaderSlot.leaf[i] <== nextHeaderSlotSSZ.out[i]; - isValidMerkleBranchNextHeaderSlot.root[i] <== nextHeaderHash[i]; - } - - for(var i = 0; i < 3; i++) { - for(var j = 0; j < 256; j++) { - isValidMerkleBranchNextHeaderSlot.branch[i][j] <== nextHeaderSlotBranch[i][j]; - } - } + IsValidMerkleBranch(3)(prevHeaderFinalizedStateRootBranch,prevHeaderFinalizedStateRoot,prevFinalizedHeaderRoot,11); - isValidMerkleBranchNextHeaderSlot.index <== 8; + IsValidMerkleBranch(3)(nextHeaderSlotBranch,nextHeaderSlotSSZ,nextHeaderHash,8); - - component bitmaskContainsOnlyBools = BitmaskContainsOnlyBools(N); - - for(var i = 0; i < N; i++) { - bitmaskContainsOnlyBools.bitmask[i] <== bitmask[i]; - } + BitmaskContainsOnlyBools(N)(bitmask); // Check if there is a supermajority in the bitmask - component isSuperMajority = IsSuperMajority(N); - - for(var i = 0; i < N; i++) { - isSuperMajority.bitmask[i] <== bitmask[i]; - } - - component computeDomain = ComputeDomain(); - - for(var i = 0; i < 32; i++) { - computeDomain.fork_version[i] <== fork_version[i]; - } - - for (var i = 0; i < 256; i++) { - computeDomain.GENESIS_VALIDATORS_ROOT[i] <== GENESIS_VALIDATORS_ROOT[i]; - } + IsSuperMajority(N)(bitmask); - for (var i = 0; i < 32; i++) { - computeDomain.DOMAIN_SYNC_COMMITTEE[i] <== DOMAIN_SYNC_COMMITTEE[i]; - } - - component computeSigningRoot = ComputeSigningRoot(); - - for(var i = 0; i < 256; i++) { - computeSigningRoot.headerHash[i] <== nextHeaderHash[i]; - } - - //out of computeDomain -> input of computeSigningRoot - for(var i = 0; i < 256; i++) { - computeSigningRoot.domain[i] <== computeDomain.domain[i]; - } + signal computeDomain[256] <== ComputeDomain()(fork_version,GENESIS_VALIDATORS_ROOT,DOMAIN_SYNC_COMMITTEE); - component hashToField = HashToField(K); + signal computeSigningRoot[256] <== ComputeSigningRoot()(nextHeaderHash,computeDomain); - for(var i = 0; i < 256; i++) { - hashToField.in[i] <== computeSigningRoot.signing_root[i]; - } + signal hashToField[2][2][K] <== HashToField(K)(computeSigningRoot); component hasher = SyncCommiteeHashTreeRoot(N); component compress[N]; @@ -208,104 +118,20 @@ template LightClient(N) { hasher.aggregatedKey[i] <== aggregatedKey[i]; } - component isValidMerkleBranchPrevFinality = IsValidMerkleBranch(9); + IsValidMerkleBranch(9)(prevFinalizedHeaderRootBranch, prevFinalizedHeaderRoot, prevHeaderHash, 745); - for(var i = 0; i < 9; i++) { - for(var j = 0; j < 256; j++) { - isValidMerkleBranchPrevFinality.branch[i][j] <== prevFinalizedHeaderRootBranch[i][j]; - } - } + IsValidMerkleBranch(9)(finalizedHeaderBranch, finalizedHeaderRoot, nextHeaderHash, 745); - for(var i = 0; i < 256; i++) { - isValidMerkleBranchPrevFinality.leaf[i] <== prevFinalizedHeaderRoot[i]; - isValidMerkleBranchPrevFinality.root[i] <== prevHeaderHash[i]; - } - - isValidMerkleBranchPrevFinality.index <== 745; - - component isValidMerkleBranchFinality = IsValidMerkleBranch(9); - - for(var i = 0; i < 9; i++) { - for(var j = 0; j < 256; j++) { - isValidMerkleBranchFinality.branch[i][j] <== finalizedHeaderBranch[i][j]; - } - } - - for(var i = 0; i < 256; i++) { - isValidMerkleBranchFinality.leaf[i] <== finalizedHeaderRoot[i]; - isValidMerkleBranchFinality.root[i] <== nextHeaderHash[i]; - } - - isValidMerkleBranchFinality.index <== 745; - - component isValidMerkleBranchExecution = IsValidMerkleBranch(11); - - for(var i = 0; i < 256; i++) { - isValidMerkleBranchExecution.leaf[i] <== execution_state_root[i]; - isValidMerkleBranchExecution.root[i] <== finalizedHeaderRoot[i]; - } - - for(var i = 0; i < 11; i++) { - for(var j = 0; j < 256; j++) { - isValidMerkleBranchExecution.branch[i][j] <== execution_state_root_branch[i][j]; - } - } - - isValidMerkleBranchExecution.index <== 3218; - - component isValidMerkleBranchSyncCommittee = IsValidMerkleBranch(5); - - for(var i = 0; i < 5; i++) { - for(var j = 0; j < 256; j++) { - isValidMerkleBranchSyncCommittee.branch[i][j] <== syncCommitteeBranch[i][j]; - } - } - - for(var i = 0; i < 256; i++) { - isValidMerkleBranchSyncCommittee.leaf[i] <== hasher.out[i]; - } - - for(var i = 0; i < 256; i++) { - isValidMerkleBranchSyncCommittee.root[i] <== prevHeaderFinalizedStateRoot[i]; - } - - component arePeriodsEqual = IsEqual(); - arePeriodsEqual.in[0] <== signatureSlotSyncCommitteePeriod; - arePeriodsEqual.in[1] <== finalizedHeaderSlotSyncCommitteePeriod; + IsValidMerkleBranch(11)(execution_state_root_branch, execution_state_root, finalizedHeaderRoot, 3218); - isValidMerkleBranchSyncCommittee.index <== 55 - arePeriodsEqual.out; + signal arePeriodsEqual <== IsEqual()([signatureSlotSyncCommitteePeriod,finalizedHeaderSlotSyncCommitteePeriod]); - component aggregateKeys = AggregateKeysBitmask(N,K); - - for(var i = 0; i < N; i++) { - for(var j = 0; j < 2; j++) { - for(var k = 0; k < K; k++) { - aggregateKeys.points[i][j][k] <== points[i][j][k]; - } - } - } + IsValidMerkleBranch(5)(syncCommitteeBranch,hasher.out,prevHeaderFinalizedStateRoot,55-arePeriodsEqual); - for(var i = 0; i < N; i++) { - aggregateKeys.bitmask[i] <== bitmask[i]; - } + signal aggregateKeys[2][K] <== AggregateKeysBitmask(N,K)(points,bitmask); // bls.Verify - component verify = CoreVerifyPubkeyG1(55, K); - - for(var j = 0; j < 2; j++) { - for(var k = 0; k < K; k++) { - verify.pubkey[j][k] <== aggregateKeys.out[j][k]; - } - } - - for(var i = 0; i < 2; i++) { - for(var j = 0; j < 2; j++) { - for(var k = 0; k < K; k++) { - verify.signature[i][j][k] <== signature[i][j][k]; - verify.hash[i][j][k] <== hashToField.out[i][j][k]; - } - } - } + CoreVerifyPubkeyG1(55, K)(aggregateKeys, signature, hashToField); component commitment = Sha256(1536); @@ -329,15 +155,14 @@ template LightClient(N) { commitment.in[1024 + i] <== 0; } - component nextHeaderSlotBits = Num2Bits(64); - nextHeaderSlotBits.in <== nextHeaderSlot; + signal nextHeaderSlotBits[64] <== Num2Bits(64)(nextHeaderSlot); for(var i = 192; i < 256; i++) { - commitment.in[1024 + i] <== nextHeaderSlotBits.out[255 - i]; + commitment.in[1024 + i] <== nextHeaderSlotBits[255 - i]; } for(var i = 0; i < 256; i++) { - commitment.in[1280 + i] <== computeDomain.domain[i]; + commitment.in[1280 + i] <== computeDomain[i]; } component bits2num1 = Bits2Num(253); diff --git a/beacon-light-client/circom/circuits/light_client_recursive.circom b/beacon-light-client/circom/circuits/light_client_recursive.circom index c29b62790..dd71ebe3b 100644 --- a/beacon-light-client/circom/circuits/light_client_recursive.circom +++ b/beacon-light-client/circom/circuits/light_client_recursive.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "hash_tree_root.circom"; include "compress.circom"; diff --git a/beacon-light-client/circom/circuits/numbersTo256Bits.circom b/beacon-light-client/circom/circuits/numbersTo256Bits.circom index 7003db511..32447d91d 100644 --- a/beacon-light-client/circom/circuits/numbersTo256Bits.circom +++ b/beacon-light-client/circom/circuits/numbersTo256Bits.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../node_modules/circomlib/circuits/bitify.circom"; @@ -8,17 +8,15 @@ template NumbersTo256Bits() { signal output out[256]; - component num2bits1 = Num2Bits(253); - num2bits1.in <== first; + signal num2bits1[253] <== Num2Bits(253)(first); - component num2bits2 = Num2Bits(3); - num2bits2.in <== second; + signal num2bits2[3] <== Num2Bits(3)(second); for(var i = 0; i < 253; i++) { - out[i] <== num2bits1.out[252 - i]; + out[i] <== num2bits1[252 - i]; } for(var i = 253; i < 256; i++) { - out[i] <== num2bits2.out[255 - i]; + out[i] <== num2bits2[255 - i]; } } diff --git a/beacon-light-client/circom/circuits/ssz_num.circom b/beacon-light-client/circom/circuits/ssz_num.circom index e82bad238..2aefb245d 100644 --- a/beacon-light-client/circom/circuits/ssz_num.circom +++ b/beacon-light-client/circom/circuits/ssz_num.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../node_modules/circomlib/circuits/bitify.circom"; @@ -7,13 +7,12 @@ template SSZNum(N) { signal output out[256]; - component num2bits = Num2Bits(N); - num2bits.in <== in; + signal num2bits[N] <== Num2Bits(N)(in); var idx = N - 1; for(var i = N - 8; i >= 0; i -= 8) { for(var j = 0; j < 8; j++) { - out[idx] <== num2bits.out[i + j]; + out[idx] <== num2bits[i + j]; idx--; } } diff --git a/beacon-light-client/circom/circuits/sync_commitee_hash_tree_root.circom b/beacon-light-client/circom/circuits/sync_commitee_hash_tree_root.circom index b1dc3f97d..e764df43b 100644 --- a/beacon-light-client/circom/circuits/sync_commitee_hash_tree_root.circom +++ b/beacon-light-client/circom/circuits/sync_commitee_hash_tree_root.circom @@ -1,7 +1,8 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../node_modules/circomlib/circuits/sha256/sha256.circom"; include "hash_tree_root.circom"; +include "hash_aggregated_key.circom"; template SyncCommiteeHashTreeRoot(N) { signal input points[N][384]; @@ -10,9 +11,9 @@ template SyncCommiteeHashTreeRoot(N) { signal output out[256]; component leaves[N]; + signal hashTreeRootInput[N][256]; for(var i = 0; i < N; i++) { - // SSZ pubkey leaves[i] = Sha256(512); for(var j = 0; j < 384; j++) { leaves[i].in[j] <== points[i][j]; @@ -21,35 +22,16 @@ template SyncCommiteeHashTreeRoot(N) { for(var j = 384; j < 512; j++) { leaves[i].in[j] <== 0; } - } - - component hashTreeRoot = HashTreeRoot(N); - for(var i = 0; i < N; i++) { for(var j = 0; j < 256; j++) { - hashTreeRoot.leaves[i][j] <== leaves[i].out[j]; + hashTreeRootInput[i][j] <== leaves[i].out[j]; } } - // SSZ pubkey - component hash = Sha256(512); - - for(var i = 0; i < 384; i++) { - hash.in[i] <== aggregatedKey[i]; - } - - for(var i = 384; i < 512; i++) { - hash.in[i] <== 0; - } + signal hashTreeRoot[256] <== HashTreeRoot(N)(hashTreeRootInput); + signal hashKey[256] <== hashAggregatedKey()(aggregatedKey); - component hasher = HashTwo(); + signal hasher[256] <== HashTwo()([hashTreeRoot,hashKey]); - for(var i = 0; i < 256; i++) { - hasher.in[0][i] <== hashTreeRoot.out[i]; - hasher.in[1][i] <== hash.out[i]; - } - - for(var i = 0; i < 256; i++) { - out[i] <== hasher.out[i]; - } + out <== hasher; } diff --git a/beacon-light-client/circom/circuits/verify_finalized_header.circom b/beacon-light-client/circom/circuits/verify_finalized_header.circom index 0fbbb7b4e..bf1c5d5c2 100644 --- a/beacon-light-client/circom/circuits/verify_finalized_header.circom +++ b/beacon-light-client/circom/circuits/verify_finalized_header.circom @@ -1,4 +1,4 @@ -pragma circom 2.0.3; +pragma circom 2.1.5; include "../../../node_modules/circomlib/circuits/comparators.circom";