Merge pull request #50 from NilFoundation/mina-circuits

Mina circuits

.github/workflows/run_tests.yml

@@ -74,6 +74,44 @@ jobs:
             blueprint_non_native_plonk_complete_addition_test,
             blueprint_non_native_plonk_var_base_mul_per_bit_test,
             blueprint_non_native_plonk_variable_base_multiplication_test,
+            blueprint_algebra_fields_plonk_field_operations_test,
+            blueprint_algebra_fields_plonk_sqrt_test,
+            blueprint_algebra_fields_plonk_exponentiation_test,
+            blueprint_algebra_curves_plonk_variable_base_scalar_mul_test,
+            blueprint_algebra_curves_plonk_unified_addition_test,
+            blueprint_algebra_curves_plonk_variable_base_endo_scalar_mul_test,
+            blueprint_algebra_curves_plonk_endo_scalar_test,
+            blueprint_algebra_curves_plonk_multi_scalar_multiplication_test,
+            blueprint_hashes_plonk_poseidon_test,
+            blueprint_verifiers_kimchi_base_field_test,
+            blueprint_verifiers_kimchi_prepare_batch_scalar_test,
+            blueprint_verifiers_kimchi_verify_scalar_test,
+            blueprint_verifiers_kimchi_oracles_scalar_test,
+            blueprint_verifiers_kimchi_batch_verify_base_field_test,
+            blueprint_verifiers_kimchi_batch_verify_scalar_field_test,
+            blueprint_verifiers_kimchi_detail_lagrange_denominators_test,
+            blueprint_verifiers_kimchi_detail_b_poly_test,
+            blueprint_verifiers_kimchi_detail_b_poly_coefficients_test,
+            blueprint_verifiers_kimchi_detail_to_group_test,
+            blueprint_verifiers_kimchi_detail_public_evaluations_test,
+            blueprint_verifiers_kimchi_detail_prev_chal_evals_test,
+            blueprint_verifiers_kimchi_detail_ft_eval_test,
+            blueprint_verifiers_kimchi_detail_combine_proof_evals_test,
+            blueprint_verifiers_kimchi_detail__constraints_index_terms_scalars_test,
+            blueprint_verifiers_kimchi_detail_constraints_rpn_expression_test,
+            blueprint_verifiers_kimchi_detail_constraints_vanishes_on_last_4_rows_test,
+            blueprint_verifiers_kimchi_detail_constraints_unnormalized_lagrange_basis_test,
+            blueprint_verifiers_kimchi_detail_constraints_perm_scalars_test,
+            blueprint_verifiers_kimchi_detail_constraints_generic_scalars_test,
+            blueprint_verifiers_kimchi_detail_oracles_cip_test,
+            blueprint_verifiers_kimchi_detail_zk_w3_test,
+            blueprint_verifiers_kimchi_detail_zkpm_evaluate_test,
+            blueprint_verifiers_kimchi_detail_prepare_scalars_test,
+            blueprint_verifiers_kimchi_sponge_compare_test,
+            blueprint_verifiers_kimchi_sponge_transcript_fr_test,
+            blueprint_verifiers_kimchi_sponge_transcript_fq_test,
+            blueprint_verifiers_kimchi_sponge_sponge_test,
+            blueprint_verifiers_kimchi_sponge_oracles_test
           ]  # Tests to execute
     steps:
       - name: Cleanup # TODO - move to scripts on runner

include/nil/crypto3/zk/components/algebra/curves/pasta/plonk/decomposed_variable_base_scalar_mul_15_wires.hpp

@@ -0,0 +1,183 @@
+//---------------------------------------------------------------------------//
+// Copyright (c) 2021 Mikhail Komarov <[email protected]>
+// Copyright (c) 2021 Nikita Kaskov <[email protected]>
+// Copyright (c) 2022 Alisa Cherniaeva <[email protected]>
+// Copyright (c) 2022 Ilia Shirobokov <[email protected]>
+//
+// MIT License
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+// SOFTWARE.
+//---------------------------------------------------------------------------//
+
+#ifndef CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_DECOMPOSED_VARIABLE_BASE_SCALAR_MUL_COMPONENT_15_WIRES_HPP
+#define CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_DECOMPOSED_VARIABLE_BASE_SCALAR_MUL_COMPONENT_15_WIRES_HPP
+
+#include <nil/marshalling/algorithms/pack.hpp>
+
+#include <nil/crypto3/zk/snark/arithmetization/plonk/constraint_system.hpp>
+
+#include <nil/crypto3/zk/blueprint/plonk.hpp>
+#include <nil/crypto3/zk/assignment/plonk.hpp>
+#include <nil/crypto3/zk/algorithms/generate_circuit.hpp>
+
+#include <nil/crypto3/zk/components/algebra/curves/pasta/plonk/unified_addition.hpp>
+#include <nil/crypto3/zk/components/algebra/curves/pasta/plonk/decomposed_variable_base_scalar_mul_15_wires.hpp>
+#include <nil/crypto3/zk/components/algebra/fields/plonk/field_operations.hpp>
+
+namespace nil {
+    namespace crypto3 {
+        namespace zk {
+            namespace components {
+
+                template<typename ArithmetizationType, typename CurveType, std::size_t... WireIndexes>
+                class curve_element_decomposed_variable_base_scalar_mul;
+
+                template<typename BlueprintFieldType, typename ArithmetizationParams, typename CurveType,
+                         std::size_t W0, std::size_t W1, std::size_t W2, std::size_t W3, std::size_t W4, std::size_t W5,
+                         std::size_t W6, std::size_t W7, std::size_t W8, std::size_t W9, std::size_t W10,
+                         std::size_t W11, std::size_t W12, std::size_t W13, std::size_t W14>
+                class curve_element_decomposed_variable_base_scalar_mul<
+                    snark::plonk_constraint_system<BlueprintFieldType, ArithmetizationParams>, CurveType, W0, W1, W2,
+                    W3, W4, W5, W6, W7, W8, W9, W10, W11, W12, W13, W14> {
+
+                    typedef snark::plonk_constraint_system<BlueprintFieldType, ArithmetizationParams>
+                        ArithmetizationType;
+
+                    using var = snark::plonk_variable<BlueprintFieldType>;
+                    using add_component =
+                        zk::components::curve_element_unified_addition<ArithmetizationType, CurveType, W0, W1, W2, W3,
+                                                                       W4, W5, W6, W7, W8, W9, W10>;
+                    using mul_component =
+                        zk::components::curve_element_variable_base_scalar_mul<ArithmetizationType, CurveType,
+                                                             W0, W1, W2, W3,
+                                                                       W4, W5, W6, W7, W8, W9, W10, W11, W12, W13, W14>;
+                    using mul_field_component = zk::components::multiplication<ArithmetizationType, W0, W1, W2>;
+
+                public:
+                    constexpr static const std::size_t selector_seed = 0x0f45;
+                    constexpr static const std::size_t rows_amount = 2*mul_component::rows_amount + add_component::rows_amount + 2*mul_field_component::rows_amount;
+                    constexpr static const std::size_t gates_amount = 0;
+
+                    struct params_type {
+                        struct var_ec_point {
+                            var x;
+                            var y;
+                        };
+
+                        var_ec_point T;
+                        var b1;
+                        var b2;
+                    };
+
+                    struct result_type {
+                        var X;
+                        var Y;
+                        result_type(std::size_t start_row_index) {
+                            auto res = (typename add_component::result_type(start_row_index +
+                             2*mul_component::rows_amount + 2*mul_field_component::rows_amount)).output;
+                            X = res.X;
+                            Y = res.Y;
+                        }
+                    };
+
+                    static result_type generate_assignments(blueprint_assignment_table<ArithmetizationType> &assignment,
+                                                            const params_type params,
+                                                            const std::size_t start_row_index) {
+
+
+                        std::size_t row = start_row_index;
+                        auto mul_res = mul_component::generate_assignments(
+                            assignment, {{params.T.x, params.T.y}, params.b1}, row).output;
+                        row += mul_component::rows_amount;
+                        auto const_mul_res = mul_component::generate_assignments(
+                            assignment, {{params.T.x, params.T.y}, var(0, start_row_index + 1, false, var::column_type::constant)}, row).output;
+                        row += mul_component::rows_amount;
+
+                        auto x = mul_field_component::generate_assignments(
+                            assignment, {const_mul_res.x, params.b2}, row).output;
+                        row += mul_field_component::rows_amount;
+                        auto y = mul_field_component::generate_assignments(
+                            assignment, {const_mul_res.y, params.b2}, row).output;
+                        row += mul_field_component::rows_amount;
+
+                        add_component::generate_assignments(
+                            assignment, {{x, y}, {mul_res.x, mul_res.y}}, row).output;
+
+
+                        return result_type(start_row_index);
+                    }
+
+                    static result_type
+                        generate_circuit(blueprint<ArithmetizationType> &bp,
+                                         blueprint_public_assignment_table<ArithmetizationType> &assignment,
+                                         const params_type &params,
+                                         const std::size_t start_row_index) {
+
+                        std::size_t row = start_row_index;
+                        auto mul_res = mul_component::generate_circuit(bp, 
+                            assignment, {{params.T.x, params.T.y}, params.b1}, row).output;
+                        row += mul_component::rows_amount;
+                        auto const_mul_res = mul_component::generate_circuit(bp, 
+                            assignment, {{params.T.x, params.T.y}, var(0, start_row_index + 1, false, var::column_type::constant)}, row).output;
+                        row += mul_component::rows_amount;
+
+                        auto x = zk::components::generate_circuit<mul_field_component>(
+                            assignment, {const_mul_res.x, params.b2}, row).output;
+                        row += mul_field_component::rows_amount;
+                        auto y = zk::components::generate_circuit<mul_field_component>(
+                            assignment, {const_mul_res.y, params.b2}, row).output;
+                        row += mul_field_component::rows_amount;
+
+                        add_component::generate_circuit( bp, 
+                            assignment, {{x, y}, {mul_res.x, mul_res.y}}, row).output;
+
+                        return result_type(start_row_index);
+                    }
+
+                private:
+                    static void generate_gates(blueprint<ArithmetizationType> &bp,
+                                               blueprint_public_assignment_table<ArithmetizationType> &assignment,
+                                               const params_type params,
+                                               const std::size_t first_selector_index) {
+                    }
+
+                    static void
+                        generate_copy_constraints(blueprint<ArithmetizationType> &bp,
+                                                  blueprint_public_assignment_table<ArithmetizationType> &assignment,
+                                                  const params_type params,
+                                                  const std::size_t start_row_index) {
+
+                    }
+
+                    static void
+                    generate_assignments_constant(blueprint<ArithmetizationType> &bp,
+                                                blueprint_public_assignment_table<ArithmetizationType> &assignment,
+                                                const params_type &params,
+                                                std::size_t component_start_row) {
+                        std::size_t row = component_start_row;
+                        typename BlueprintFieldType::integral_type one = 1;
+                        assignment.constant(0)[row + 1] = (one << 254);
+                    }
+                };
+            }    // namespace components
+        }        // namespace zk
+    }            // namespace crypto3
+}    // namespace nil
+
+#endif    // CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_VARIABLE_BASE_SCALAR_MUL_COMPONENT_15_WIRES_HPP

include/nil/crypto3/zk/components/algebra/curves/pasta/plonk/endo_scalar.hpp

@@ -126,7 +126,8 @@ namespace nil {
                     constexpr static const std::size_t rows_amount = 8;
                     constexpr static const std::size_t gates_amount = 2;
 
-                    constexpr static const typename BlueprintFieldType::value_type endo_factor = endo_params::endo_r;
+                    constexpr static const typename BlueprintFieldType::value_type endo_r = endo_params::endo_r;
+                    constexpr static const typename CurveType::base_field_type::value_type endo_q = endo_params::endo_q;
 
                     struct params_type {
                         var scalar;
@@ -221,7 +222,7 @@ namespace nil {
                             assignment.witness(W5)[row] = b;
                             row++;
                         }
-                        auto res = a * endo_factor + b;
+                        auto res = a * endo_r + b;
                         assignment.witness(W6)[row - 1] = res;
                         return result_type(params, start_row_index);
                     }
@@ -275,7 +276,7 @@ namespace nil {
                                           (1 << 10) * var(W9, 0) + (1 << 8) * var(W10, 0) + (1 << 6) * var(W11, 0) +
                                           (1 << 4) * var(W12, 0) + (1 << 2) * var(W13, 0) + var(W14, 0)));
 
-                        auto constraint_12 = bp.add_constraint(var(W6, 0) - (endo_factor * var(W4, 0) + var(W5, 0)));
+                        auto constraint_12 = bp.add_constraint(var(W6, 0) - (endo_r * var(W4, 0) + var(W5, 0)));
 
                         bp.add_gate(selector_index_2, {constraint_12});
 

include/nil/crypto3/zk/components/algebra/curves/pasta/plonk/multi_scalar_mul_15_wires.hpp

@@ -83,11 +83,6 @@ namespace nil {
                     };
 
                     struct result_type {
-                        struct var_ec_point {
-                            var X;
-                            var Y;
-                        };
-
                         var_ec_point sum;
 
                         result_type(const params_type &params, std::size_t start_row_index) {

include/nil/crypto3/zk/components/algebra/fields/plonk/element_powers.hpp

@@ -34,7 +34,7 @@
 #include <nil/crypto3/zk/blueprint/plonk.hpp>
 #include <nil/crypto3/zk/component.hpp>
 
-#include <nil/crypto3/zk/components/systems/snark/plonk/kimchi/detail/proof.hpp>
+#include <nil/crypto3/zk/components/systems/snark/plonk/kimchi/types/proof.hpp>
 
 #include <nil/crypto3/zk/components/algebra/fields/plonk/field_operations.hpp>