Merge pull request #34 from pluto/refactor/reduce-circuit-public-io

refactor: reduce circuit public io

builds/target_1024b/aes_gctr_nivc_1024b.circom

@@ -2,5 +2,4 @@ pragma circom 2.1.9;
 
 include "../../circuits/aes-gcm/nivc/aes-gctr-nivc.circom";
 
-// the circomkit tests become unhappy when there is a main.
-component main { public [step_in] } = AESGCTRFOLD(1024, 10);
+component main { public [step_in] } = AESGCTRFOLD(1024);

builds/target_1024b/http_body_mask_1024b.circom

@@ -2,5 +2,5 @@ pragma circom 2.1.9;
 
 include "../../circuits/http/nivc/body_mask.circom";
 
-component main { public [step_in] } = HTTPMaskBodyNIVC(1024, 10);
+component main { public [step_in] } = HTTPMaskBodyNIVC(1024);
 

builds/target_1024b/http_lock_header_1024b.circom

@@ -2,4 +2,4 @@ pragma circom 2.1.9;
 
 include "../../circuits/http/nivc/lock_header.circom";
 
-component main { public [step_in] } = LockHeader(1024, 10, 50, 100);
+component main { public [step_in] } = LockHeader(1024, 50, 100);

builds/target_1024b/http_parse_and_lock_start_line_1024b.circom

@@ -2,4 +2,4 @@ pragma circom 2.1.9;
 
 include "../../circuits/http/nivc/parse_and_lock_start_line.circom";
 
-component main { public [step_in] } = ParseAndLockStartLine(1024, 10, 50, 200, 50);
+component main { public [step_in] } = ParseAndLockStartLine(1024, 50, 200, 50);

builds/target_1024b/json_extract_value_1024b.circom

@@ -2,4 +2,4 @@ pragma circom 2.1.9;
 
 include "../../circuits/json/nivc/extractor.circom";
 
-component main { public [step_in] } = MaskExtractFinal(1024, 10, 50);
+component main { public [step_in] } = MaskExtractFinal(1024, 50);

builds/target_512b/aes_gctr_nivc_512b.circom

@@ -2,5 +2,4 @@ pragma circom 2.1.9;
 
 include "../../circuits/aes-gcm/nivc/aes-gctr-nivc.circom";
 
-// the circomkit tests become unhappy when there is a main.
-component main { public [step_in] } = AESGCTRFOLD(512, 10);
+component main { public [step_in] } = AESGCTRFOLD(512);

builds/target_512b/http_body_mask_512b.circom

@@ -2,5 +2,5 @@ pragma circom 2.1.9;
 
 include "../../circuits/http/nivc/body_mask.circom";
 
-component main { public [step_in] } = HTTPMaskBodyNIVC(512, 10);
+component main { public [step_in] } = HTTPMaskBodyNIVC(512);
 

builds/target_512b/http_lock_header_512b.circom

@@ -2,4 +2,4 @@ pragma circom 2.1.9;
 
 include "../../circuits/http/nivc/lock_header.circom";
 
-component main { public [step_in] } = LockHeader(512, 10, 50, 100);
+component main { public [step_in] } = LockHeader(512, 50, 100);

builds/target_512b/http_parse_and_lock_start_line_512b.circom

@@ -2,4 +2,4 @@ pragma circom 2.1.9;
 
 include "../../circuits/http/nivc/parse_and_lock_start_line.circom";
 
-component main { public [step_in] } = ParseAndLockStartLine(512, 10, 50, 200, 50);
+component main { public [step_in] } = ParseAndLockStartLine(512, 50, 200, 50);

builds/target_512b/json_extract_value_512b.circom

@@ -2,4 +2,4 @@ pragma circom 2.1.9;
 
 include "../../circuits/json/nivc/extractor.circom";
 
-component main { public [step_in] } = MaskExtractFinal(512, 10, 50);
+component main { public [step_in] } = MaskExtractFinal(512, 50);

circuits/aes-gcm/nivc/aes-gctr-nivc.circom

@@ -5,13 +5,12 @@ include "../../utils/array.circom";
 
 
 // Compute AES-GCTR
-template AESGCTRFOLD(DATA_BYTES, MAX_STACK_HEIGHT) {
+template AESGCTRFOLD(DATA_BYTES) {
     // ------------------------------------------------------------------------------------------------------------------ //
     // ~~ Set sizes at compile time ~~
     assert(DATA_BYTES % 16 == 0);
-    // Total number of variables in the parser for each byte of data
-    var PER_ITERATION_DATA_LENGTH = MAX_STACK_HEIGHT * 2 + 2;
-    var TOTAL_BYTES_ACROSS_NIVC   = DATA_BYTES * (PER_ITERATION_DATA_LENGTH + 1) + 1;
+    // Value for accumulating both plaintext and ciphertext as well as counter
+    var TOTAL_BYTES_ACROSS_NIVC = 2 * DATA_BYTES + 4; 
     // ------------------------------------------------------------------------------------------------------------------ //
 
 
@@ -75,8 +74,6 @@ template AESGCTRFOLD(DATA_BYTES, MAX_STACK_HEIGHT) {
             step_out[i] <== nextTexts.outSecond[i - DATA_BYTES];
         } else if(i < 2 * DATA_BYTES + 4) {
             step_out[i] <== aes.counter[i - (2 * DATA_BYTES)];
-        } else {
-            step_out[i] <== 0;
         }
     }
 }

circuits/http/nivc/body_mask.circom

@@ -1,13 +1,10 @@
 pragma circom 2.1.9;
 
-include "../interpreter.circom";
+include "../parser/machine.circom";
 
-template HTTPMaskBodyNIVC(DATA_BYTES, MAX_STACK_HEIGHT) {
+template HTTPMaskBodyNIVC(DATA_BYTES) {
     // ------------------------------------------------------------------------------------------------------------------ //
-    // ~~ Set sizes at compile time ~~
-    // Total number of variables in the parser for each byte of data
-    var PER_ITERATION_DATA_LENGTH = MAX_STACK_HEIGHT * 2 + 2;
-    var TOTAL_BYTES_ACROSS_NIVC   = DATA_BYTES * (PER_ITERATION_DATA_LENGTH + 1) + 1;
+    var TOTAL_BYTES_ACROSS_NIVC   = DATA_BYTES * 2 + 4; // aes ct/pt + ctr
     // ------------------------------------------------------------------------------------------------------------------ //
 
     // ------------------------------------------------------------------------------------------------------------------ //
@@ -17,20 +14,45 @@ template HTTPMaskBodyNIVC(DATA_BYTES, MAX_STACK_HEIGHT) {
     signal output step_out[TOTAL_BYTES_ACROSS_NIVC];
 
     signal data[DATA_BYTES];
-    signal parsing_body[DATA_BYTES];
+    // signal parsing_body[DATA_BYTES];
     for (var i = 0 ; i < DATA_BYTES ; i++) {
         data[i]         <== step_in[i];
-        parsing_body[i] <== step_in[DATA_BYTES + i * 5 + 4]; // `parsing_body` stored in every 5th slot of step_in/out
+        // parsing_body[i] <== step_in[DATA_BYTES + i * 5 + 4]; // `parsing_body` stored in every 5th slot of step_in/out
     }
 
     // ------------------------------------------------------------------------------------------------------------------ //
-    // ~ Write out to next NIVC step
-    for (var i = 0 ; i < DATA_BYTES ; i++) {
-        step_out[i] <== data[i] * parsing_body[i];
+    // PARSE
+    // Initialze the parser
+    component State[DATA_BYTES];
+    State[0]                     = HttpStateUpdate();
+    State[0].byte                <== data[0];
+    State[0].parsing_start       <== 1;
+    State[0].parsing_header      <== 0;
+    State[0].parsing_field_name  <== 0;
+    State[0].parsing_field_value <== 0;
+    State[0].parsing_body        <== 0;
+    State[0].line_status         <== 0;
+
+    for(var data_idx = 1; data_idx < DATA_BYTES; data_idx++) {
+        State[data_idx]                     = HttpStateUpdate();
+        State[data_idx].byte                <== data[data_idx];
+        State[data_idx].parsing_start       <== State[data_idx - 1].next_parsing_start;
+        State[data_idx].parsing_header      <== State[data_idx - 1].next_parsing_header;
+        State[data_idx].parsing_field_name  <== State[data_idx - 1].next_parsing_field_name;
+        State[data_idx].parsing_field_value <== State[data_idx - 1].next_parsing_field_value;
+        State[data_idx].parsing_body        <== State[data_idx - 1].next_parsing_body;
+        State[data_idx].line_status         <== State[data_idx - 1].next_line_status;
     }
-    // Write out padded with zeros
-    for (var i = DATA_BYTES ; i < TOTAL_BYTES_ACROSS_NIVC ; i++) {
-        step_out[i] <== 0;
+    // ------------------------------------------------------------------------------------------------------------------ //
+
+    // ------------------------------------------------------------------------------------------------------------------ //
+    // ~ Write out to next NIVC step
+    for (var i = 0 ; i < TOTAL_BYTES_ACROSS_NIVC ; i++) {
+        if(i < DATA_BYTES) {
+            step_out[i] <== data[i] * State[i].next_parsing_body;
+        } else {
+            step_out[i] <== 0;
+        }
     }
 }
 

circuits/http/nivc/lock_header.circom

@@ -1,41 +1,70 @@
 pragma circom 2.1.9;
 
+include "../parser/machine.circom";
 include "../interpreter.circom";
 include "../../utils/array.circom";
 include "circomlib/circuits/comparators.circom";
 
 // TODO: should use a MAX_HEADER_NAME_LENGTH and a MAX_HEADER_VALUE_LENGTH
-template LockHeader(DATA_BYTES, MAX_STACK_HEIGHT, MAX_HEADER_NAME_LENGTH, MAX_HEADER_VALUE_LENGTH) {
+template LockHeader(DATA_BYTES, MAX_HEADER_NAME_LENGTH, MAX_HEADER_VALUE_LENGTH) {
     // ------------------------------------------------------------------------------------------------------------------ //
-    // ~~ Set sizes at compile time ~~
-    // Total number of variables in the parser for each byte of data
-    /* 5 is for the variables:
-        next_parsing_start
-        next_parsing_header
-        next_parsing_field_name
-        next_parsing_field_value
-        State[i].next_parsing_body
-    */
-    var TOTAL_BYTES_HTTP_STATE    = DATA_BYTES * (5 + 1); // data + parser vars
-    var PER_ITERATION_DATA_LENGTH = MAX_STACK_HEIGHT * 2 + 2;
-    var TOTAL_BYTES_ACROSS_NIVC   = DATA_BYTES * (PER_ITERATION_DATA_LENGTH + 1) + 1;
+    var TOTAL_BYTES_ACROSS_NIVC   = DATA_BYTES * 2 + 4; // aes pt/ct + ctr
     // ------------------------------------------------------------------------------------------------------------------ //
 
     // ------------------------------------------------------------------------------------------------------------------ //
-    // ~ Unravel from previous NIVC step ~
-    // Read in from previous NIVC step (HttpParseAndLockStartLine or HTTPLockHeader)
     signal input step_in[TOTAL_BYTES_ACROSS_NIVC];
     signal output step_out[TOTAL_BYTES_ACROSS_NIVC];
 
+    // get the plaintext
     signal data[DATA_BYTES];
     for (var i = 0 ; i < DATA_BYTES ; i++) {
         data[i] <== step_in[i];
     }
+
+    // ------------------------------------------------------------------------------------------------------------------ //
+    // PARSE
+    // Initialze the parser
+    component State[DATA_BYTES];
+    State[0]                     = HttpStateUpdate();
+    State[0].byte                <== data[0];
+    State[0].parsing_start       <== 1;
+    State[0].parsing_header      <== 0;
+    State[0].parsing_field_name  <== 0;
+    State[0].parsing_field_value <== 0;
+    State[0].parsing_body        <== 0;
+    State[0].line_status         <== 0;
+
+    // TODO (autoparallel): Redundant as fuck, but I'm doing this quickly sorry. I don't think this actually adds constraints
     signal httpParserState[DATA_BYTES * 5];
-    for (var i = 0 ; i < DATA_BYTES * 5 ; i++) {
-        httpParserState[i] <== step_in[DATA_BYTES + i];
+
+
+    var middle_start_counter = 1;
+    var middle_end_counter = 1;
+    var final_end_counter = 1;
+    for(var data_idx = 1; data_idx < DATA_BYTES; data_idx++) {
+        State[data_idx]                     = HttpStateUpdate();
+        State[data_idx].byte                <== data[data_idx];
+        State[data_idx].parsing_start       <== State[data_idx - 1].next_parsing_start;
+        State[data_idx].parsing_header      <== State[data_idx - 1].next_parsing_header;
+        State[data_idx].parsing_field_name  <== State[data_idx - 1].next_parsing_field_name;
+        State[data_idx].parsing_field_value <== State[data_idx - 1].next_parsing_field_value;
+        State[data_idx].parsing_body        <== State[data_idx - 1].next_parsing_body;
+        State[data_idx].line_status         <== State[data_idx - 1].next_line_status;
+    }
+    // ------------------------------------------------------------------------------------------------------------------ //
+
+
+    // TODO (autoparallel): again bad
+    // Get those redundant variables
+    for(var i = 0 ; i < DATA_BYTES ; i++) {
+        httpParserState[i * 5]     <== State[i].next_parsing_start;
+        httpParserState[i * 5 + 1] <== State[i].next_parsing_header;
+        httpParserState[i * 5 + 2] <== State[i].next_parsing_field_name;
+        httpParserState[i * 5 + 3] <== State[i].next_parsing_field_value;
+        httpParserState[i * 5 + 4] <== State[i].next_parsing_body;
     }
 
+
     // TODO: Better naming for these variables
     signal input header[MAX_HEADER_NAME_LENGTH];
     signal input headerNameLength;
@@ -55,22 +84,16 @@ template LockHeader(DATA_BYTES, MAX_STACK_HEIGHT, MAX_HEADER_NAME_LENGTH, MAX_HE
     parsingHeader === 1;
 
     // ------------------------------------------------------------------------------------------------------------------ //
-    // ~ Write out to next NIVC step
-    for (var i = 0 ; i < DATA_BYTES ; i++) {
-        // add plaintext http input to step_out
-        step_out[i] <== step_in[i];
-
-        // add parser state
-        step_out[DATA_BYTES + i * 5]     <== step_in[DATA_BYTES + i * 5];
-        step_out[DATA_BYTES + i * 5 + 1] <== step_in[DATA_BYTES + i * 5 + 1];
-        step_out[DATA_BYTES + i * 5 + 2] <== step_in[DATA_BYTES + i * 5 + 2];
-        step_out[DATA_BYTES + i * 5 + 3] <== step_in[DATA_BYTES + i * 5 + 3];
-        step_out[DATA_BYTES + i * 5 + 4] <== step_in[DATA_BYTES + i * 5 + 4];
-    }
-    // Pad remaining with zeros
-    for (var i = TOTAL_BYTES_HTTP_STATE ; i < TOTAL_BYTES_ACROSS_NIVC ; i++ ) {
-        step_out[i] <== 0;
+    // write out the pt again
+    for (var i = 0 ; i < TOTAL_BYTES_ACROSS_NIVC ; i++) {
+        // add plaintext http input to step_out and ignore the ciphertext
+        if(i < DATA_BYTES) {
+            step_out[i] <== step_in[i];
+        } else {
+            step_out[i] <== 0;
+        }
     }
+
 }
 
 // TODO: Handrolled template that I haven't tested YOLO.