Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

This does not contain any provable code yet #1

Open
mitschabaude opened this issue Dec 4, 2023 · 4 comments
Open

This does not contain any provable code yet #1

mitschabaude opened this issue Dec 4, 2023 · 4 comments
Assignees
Labels
bug Something isn't working

Comments

@mitschabaude
Copy link

The current pattern of using o1js' Gadgets.ForeignField is wrong: you're converting Field3 to/from bigint in every operation. This will fail in provable code -- bigint operations are not provable, and you can't read out JS values of provable types like Field3 in a circuit.

To make an operation provable, you need to build a circuit, not just do normal JS operations. We have a lot of methods for building circuits, like Gadgets.ForeignField.{add(),mul()} and of course all the lower-level methods on Field to operate on the individual limbs of a Field3.

image

@onurinanc onurinanc self-assigned this Dec 4, 2023
@onurinanc onurinanc added the bug Something isn't working label Dec 4, 2023
@onurinanc
Copy link
Owner

onurinanc commented Dec 4, 2023

What about the following pattern:

const bn254_prime = Field3.from(21888242871839275222246405745257275088696311157297823662689037894645226208583n);

export default class Fq{
    value: Field3;
    modulus: Field3;

    constructor(value: Field3) {
        this.modulus = bn254_prime;
        this.value = value;
    }

    add(x: Fq) {
        return new Fq(
            ForeignField.add(this.value, x.value, Field3.toBigint(this.modulus))
        );
    }

    sub(x: Fq) {
        return new Fq(
            ForeignField.sub(this.value, x.value, Field3.toBigint(this.modulus))
        );
    }

Now, I'm aiming to use toBigInt operation inside the ForeignField arithmetic which is required inside the Gadget.ForeingField

Is it provable inside o1js now?

@mitschabaude
Copy link
Author

I wouldn't say so!

  • If this.modulus is variable, then you can't convert it to a bigint in the circuit
  • If it's a constant, then this works, but on the other hand in that case why not represent it as bigint all the time

@onurinanc
Copy link
Owner

Got it.

So, this is going to work:

const bn254_prime = 21888242871839275222246405745257275088696311157297823662689037894645226208583n;

export default class Fq{
    value: Field3;

    constructor(value: Field3) {
        this.value = value;
    }

    add(x: Fq) {
        return new Fq(
            ForeignField.add(this.value, x.value, bn254_prime)
        );
    }

    sub(x: Fq) {
        return new Fq(
            ForeignField.sub(this.value, x.value, bn254_prime)
        );
    }

@mitschabaude
Copy link
Author

yes 👍🏻

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants